From d0fc78a0bf1cefc326f5042fc067da576db03abb Mon Sep 17 00:00:00 2001
From: Kaden Emley <104032811+kemley76@users.noreply.github.com>
Date: Wed, 31 Jul 2024 11:52:58 -0400
Subject: [PATCH] Checklist metadata validation and checklist mapper severities
 (#2750)

* input validation for checklist metadata

Signed-off-by: kemley76 <kemley@mitre.org>

* use hdf-converters in hdf2ckl

Signed-off-by: kemley76 <kemley@mitre.org>

* updated hdf2ckl tests

Signed-off-by: kemley76 <kemley@mitre.org>

* update tests based on changes to ckl mapper

Signed-off-by: Kaden Emley <kemley@mitre.org>

* update ckl metadata validation to use hdf-converters helper function

Signed-off-by: Kaden Emley <kemley@mitre.org>

* added ability to use local install of inspecjs

Signed-off-by: Kaden Emley <kemley@mitre.org>

* update checklist commands and tests

Signed-off-by: Kaden Emley <kemley@mitre.org>

* ensure threshold counts stay based off impact

Signed-off-by: Kaden Emley <kemley@mitre.org>

* added tests to ensure that converting with invalid metadata display an error message

Signed-off-by: Kaden Emley <kemley@mitre.org>

* use checklist types from hdf-converters

Signed-off-by: Kaden Emley <kemley@mitre.org>

* remove redundant code in hdf2ckl command

Signed-off-by: Kaden Emley <kemley@mitre.org>

* use inspecJS to convert impact to severity

Signed-off-by: Kaden Emley <kemley@mitre.org>

* use checklist types from hdf-converters

Signed-off-by: Kaden Emley <kemley@mitre.org>

* fix test data

Signed-off-by: Kaden Emley <kemley@mitre.org>

* enforce enum matching for user input in generate ckl_metadata command

Signed-off-by: Kaden Emley <kemley@mitre.org>

* add backwards compatibility for old checklist metadata format

Signed-off-by: Kaden Emley <kemley@mitre.org>

* remove debug statement

Signed-off-by: Kaden Emley <kemley@mitre.org>

* fix code smells

Signed-off-by: Kaden Emley <kemley@mitre.org>

* linting

Signed-off-by: Kaden Emley <kemley@mitre.org>

* format every output json file with 2 space indent

Signed-off-by: Kaden Emley <kemley@mitre.org>

* add flags for all metadata fields on hdf2ckl command

Signed-off-by: Kaden Emley <kemley@mitre.org>

* clarify instructions on ckl metadata generation

Signed-off-by: Kaden Emley <kemley@mitre.org>

* change formating from 4 to 2 space indent

Signed-off-by: Kaden Emley <kemley@mitre.org>

* make version and release number optional in checklist metadata generation

Signed-off-by: Kaden Emley <kemley@mitre.org>

* update tests to reflect better formatted error messages

Signed-off-by: Kaden Emley <kemley@mitre.org>

* update markdown summary table to include row for severity: none

Signed-off-by: Kaden Emley <kemley@mitre.org>

* update code and tests to count N/A controls with severity other than none

Signed-off-by: Kaden Emley <kemley@mitre.org>

* fix code smells

Signed-off-by: Kaden Emley <kemley@mitre.org>

* revert addition of severity-none row to markdown summary table

Signed-off-by: Kaden Emley <kemley@mitre.org>

* remove heimdall version when running checklist tests

Signed-off-by: Kaden Emley <kemley@mitre.org>

* change return type of string | undefined to string | null

Signed-off-by: Kaden Emley <kemley@mitre.org>

---------

Signed-off-by: kemley76 <kemley@mitre.org>
Signed-off-by: Kaden Emley <kemley@mitre.org>
Co-authored-by: Amndeep Singh Mann <amann@mitre.org>
---
 README.md                                     |     47 +-
 pack-inspecjs.bat                             |     56 +
 pack-inspecjs.sh                              |     40 +
 package.json                                  |      5 +-
 src/commands/convert/asff2hdf.ts              |      2 +-
 src/commands/convert/aws_config2hdf.ts        |      2 +-
 src/commands/convert/burpsuite2hdf.ts         |      2 +-
 src/commands/convert/ckl2hdf.ts               |      8 +-
 src/commands/convert/conveyor2hdf.ts          |      2 +-
 src/commands/convert/dbprotect2hdf.ts         |      2 +-
 src/commands/convert/fortify2hdf.ts           |      2 +-
 src/commands/convert/gosec2hdf.ts             |      2 +-
 src/commands/convert/hdf2asff.ts              |      4 +-
 src/commands/convert/hdf2ckl.ts               |    165 +-
 src/commands/convert/hdf2condensed.ts         |      2 +-
 src/commands/convert/index.ts                 |     38 +-
 src/commands/convert/ionchannel2hdf.ts        |      4 +-
 src/commands/convert/jfrog_xray2hdf.ts        |      2 +-
 src/commands/convert/nessus2hdf.ts            |      4 +-
 src/commands/convert/netsparker2hdf.ts        |      2 +-
 src/commands/convert/nikto2hdf.ts             |      2 +-
 src/commands/convert/prisma2hdf.ts            |      2 +-
 src/commands/convert/prowler2hdf.ts           |      2 +-
 src/commands/convert/sarif2hdf.ts             |      2 +-
 src/commands/convert/scoutsuite2hdf.ts        |      2 +-
 src/commands/convert/snyk2hdf.ts              |      4 +-
 src/commands/convert/sonarqube2hdf.ts         |      2 +-
 src/commands/convert/trivy2hdf.ts             |      2 +-
 src/commands/convert/twistlock2hdf.ts         |      2 +-
 src/commands/convert/veracode2hdf.ts          |      2 +-
 src/commands/convert/xccdf_results2hdf.ts     |      2 +-
 src/commands/convert/zap2hdf.ts               |      2 +-
 src/commands/generate/ckl_metadata.ts         |     92 +-
 src/commands/generate/inspec_metadata.ts      |      2 +-
 src/resources/files.json                      |      4 -
 src/types/checklist.d.ts                      |     46 -
 src/utils/checklist.ts                        |     90 -
 src/utils/ohdf/types.ts                       |      4 +-
 src/utils/threshold.ts                        |     21 +-
 test/commands/convert/ckl2hdf.test.ts         |     29 +
 test/commands/convert/hdf2ckl.test.ts         |     60 +-
 test/commands/utils.ts                        |      3 +-
 test/commands/validate/threshold.test.ts      |     43 +
 .../HDF/input/RHEL7_overrides_hdf.json        |    289 +
 .../HDF/input/rhel-8_hardened.json            |  27721 +++-
 .../HDF/input/vSphere8_report.json            |  22000 +++-
 .../summary/rhel-8_hardened_output.json       |      6 +-
 .../output/summary/rhel-8_hardened_output.md  |      4 +-
 .../output/summary/rhel-8_hardened_output.yml |      6 +-
 .../checklist/checklist-RHEL8V1R3-hdf.json    |    385 +-
 .../checklist/converted-rhel7_overrides.ckl   |    591 +
 test/sample_data/checklist/metadata.json      |     20 +-
 test/sample_data/checklist/red_hat_good.ckl   |  66133 +++++-----
 .../checklist/red_hat_good_metadata.ckl       |  66133 +++++-----
 .../ckl_with_invalid_metadata.ckl             |    505 +
 .../sample_input_report/invalid_metadata.json |     19 +
 .../small_ckl_overrides.ckl                   |   1592 +
 .../checklist/small_overrides_hdf.json        |    907 +
 .../checklist/three_stig_checklist-hdf.json   |    890 +-
 .../sample_data/checklist/vSphere8_report.ckl |  45126 ++++---
 .../dbprotect-check-hdf-withraw.json          |  91127 ++++++++++++-
 .../dbprotect/dbprotect-check-hdf.json        |  26178 +++-
 .../dbprotect-findings-hdf-withraw.json       | 101555 ++++++++++++++-
 .../dbprotect/dbprotect-findings-hdf.json     |  27849 +++-
 .../thresholds/red_hat_good.counts.good.yml   |      8 +
 ...hel-8_hardened.counts.bad.noimpactHigh.yml |     59 +
 .../rhel-8_hardened.counts.good.exact.yml     |     81 +
 .../calculateSeverityCounts.sample            |      6 +-
 .../calculateSummariesForExecJSONs.sample     |     43 +-
 .../calculations/calculateTotalCounts.sample  |      6 +-
 .../calculateTotalCountsForSummaries.sample   |     41 +-
 71 files changed, 388745 insertions(+), 91346 deletions(-)
 create mode 100644 pack-inspecjs.bat
 create mode 100755 pack-inspecjs.sh
 delete mode 100644 src/types/checklist.d.ts
 delete mode 100644 src/utils/checklist.ts
 create mode 100644 test/sample_data/HDF/input/RHEL7_overrides_hdf.json
 create mode 100644 test/sample_data/checklist/converted-rhel7_overrides.ckl
 create mode 100644 test/sample_data/checklist/sample_input_report/ckl_with_invalid_metadata.ckl
 create mode 100644 test/sample_data/checklist/sample_input_report/invalid_metadata.json
 create mode 100644 test/sample_data/checklist/sample_input_report/small_ckl_overrides.ckl
 create mode 100644 test/sample_data/checklist/small_overrides_hdf.json
 create mode 100644 test/sample_data/thresholds/rhel-8_hardened.counts.bad.noimpactHigh.yml
 create mode 100644 test/sample_data/thresholds/rhel-8_hardened.counts.good.exact.yml

diff --git a/README.md b/README.md
index 998ffa222..f202530e6 100644
--- a/README.md
+++ b/README.md
@@ -383,20 +383,47 @@ convert hdf2ckl               Translate a Heimdall Data Format JSON file into a
                               DISA checklist file
 
   USAGE
-    $ saf convert hdf2ckl -i <hdf-scan-results-json> -o <output-ckl> [-h] [-m <metadata>] [-H <hostname>] [-F <fqdn>] [-M <mac-address>] [-I <ip-address>]
+    $ saf convert hdf2ckl saf convert hdf2ckl -i <hdf-scan-results-json> -o <output-ckl> [-h] [-m <metadata>] [--profilename <value>] [--profiletitle <value>] [--version <value>] [--releasenumber <value>] [--releasedate <value>] [--marking <value>] [-H <value>] [-I <value>] [-M <value>] [-F <value>] [--targetcomment <value>] [--role Domain Controller|Member Server|None|Workstation] [--assettype Computing|Non-Computing] [--techarea |Application Review|Boundary Security|CDS Admin Review|CDS Technical Review|Database Review|Domain Name System (DNS)|Exchange Server|Host Based System Security (HBSS)|Internal Network|Mobility|Other Review|Releasable Networks (REL)|Releaseable Networks (REL)|Traditional Security|UNIX OS|VVOIP Review|Web Review|Windows OS] [--stigguid <value>] [--targetkey <value>] [--webdbsite <value> --webordatabase] [--webdbinstance <value> ] [--vulidmapping gid|id]
 
   FLAGS
-    -F, --fqdn=<fqdn>                       FQDN for CKL metadata
-    -H, --hostname=<hostname>               Hostname for CKL metadata
-    -I, --ip=<ip-address>                   IP address for CKL metadata
-    -M, --mac=<mac-address>                 MAC address for CKL metadata
-    -h, --help                              Show CLI help.
-    -i, --input=<hdf-scan-results-json>     (required) Input HDF file
-    -m, --metadata=<metadata>               Metadata JSON file, generate one with "saf generate ckl_metadata"
-    -o, --output=<output-ckl>               (required) Output CKL file
+    -h, --help            Show CLI help.
+    -i, --input=<value>   (required) Input HDF file
+    -o, --output=<value>  (required) Output CKL file
+
+  CHECKLIST METADATA FLAGS
+    -F, --fqdn=<value>           Fully Qualified Domain Name
+    -H, --hostname=<value>       The name assigned to the asset within the network
+    -I, --ip=<value>             IP address
+    -M, --mac=<value>            MAC address
+    -m, --metadata=<value>       Metadata JSON file, generate one with "saf generate ckl_metadata"
+        --assettype=<option>     The category or classification of the asset
+                                <options: Computing|Non-Computing>
+        --marking=<value>        A security classification or designation of the asset, indicating its sensitivity level
+        --profilename=<value>    Profile name
+        --profiletitle=<value>   Profile title
+        --releasedate=<value>    Profile release date
+        --releasenumber=<value>  Profile release number
+        --role=<option>          The primary function or role of the asset within the network or organization
+                                <options: Domain Controller|Member Server|None|Workstation>
+        --stigguid=<value>       A unique identifier associated with the STIG for the asset
+        --targetcomment=<value>  Additional comments or notes about the asset
+        --targetkey=<value>      A unique key or identifier for the asset within the checklist or inventory system
+        --techarea=<option>      The technical area or domain to which the asset belongs
+                                <options: |Application Review|Boundary Security|CDS Admin Review|CDS Technical Review|Database Review|Domain Name System (DNS)|Exchange Server|Host Based System Security (HBSS)|Internal Network|Mobility|Other Review|Releasable Networks (REL)|Releaseable Networks (REL)|Traditional Security|UNIX OS|VVOIP Review|Web Review|Windows OS>
+        --version=<value>        Profile version number
+        --vulidmapping=<option>  Which type of control identifier to map to the checklist ID
+                                <options: gid|id>
+        --webdbinstance=<value>  The specific instance of the web application or database running on the server
+        --webdbsite=<value>      The specific site or application hosted on the web or database server
+        --webordatabase          Indicates whether the STIG is primarily for either a web or database server
+
+  DESCRIPTION
+    Translate a Heimdall Data Format JSON file into a DISA checklist file
 
   EXAMPLES
-    $ saf convert hdf2ckl -i rhel7-results.json -o rhel7.ckl --fqdn reverseproxy.example.org --hostname reverseproxy --ip 10.0.0.3 --mac 12:34:56:78:90
+    $ saf convert hdf2ckl -i rhel7-results.json -o rhel7.ckl --fqdn reverseproxy.example.org --hostname reverseproxy --ip 10.0.0.3 --mac 12:34:56:78:90:AB
+
+    $ saf convert hdf2ckl -i rhel8-results.json -o rhel8.ckl -m rhel8-metadata.json
 ```
 [top](#convert-hdf-to-other-formats)
 #### HDF to CSV
diff --git a/pack-inspecjs.bat b/pack-inspecjs.bat
new file mode 100644
index 000000000..792e4d3d7
--- /dev/null
+++ b/pack-inspecjs.bat
@@ -0,0 +1,56 @@
+ECHO OFF
+
+SET CYPRESS_INSTALL_BINARY=0
+SET PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
+
+SET original_dir=%cd%
+ECHO %original_dir%
+
+IF DEFINED npm_config_heimdall (
+  CD %npm_config_heimdall%/libs/inspecjs/
+) ELSE (
+  CD ../heimdall2/libs/inspecjs/
+)
+
+IF DEFINED npm_config_branch (
+  CALL git switch %npm_config_branch% || EXIT /B %ERRORLEVEL%
+) ELSE (
+  CALL git switch master || EXIT /B %ERRORLEVEL%
+)
+
+ECHO Executing - git fetch ...
+CALL git fetch || EXIT /B %ERRORLEVEL%
+
+ECHO Executing - git pull ...
+CALL git pull || EXIT /B %ERRORLEVEL%
+
+ECHO Executing - yarn install ...
+CALL yarn install || EXIT /B %ERRORLEVEL%
+
+ECHO Executing - yarn pack ...
+CALL yarn pack || EXIT /B %ERRORLEVEL%
+
+ECHO Finished generating the tarball
+
+CD %original_dir%
+
+ECHO Executing - npm install remote ...
+CALL npm i || EXIT /B %ERRORLEVEL%
+
+ECHO Executing - npm install local ...
+
+IF DEFINED npm_config_heimdall (
+  FOR /f "tokens=*" %%a IN ('dir /b %npm_config_heimdall%\libs\inspecjs\inspecjs-v*.tgz') DO (
+    SET THIS_TAR_ZIP=%npm_config_heimdall%\libs\inspecjs\%%a
+  )
+) ELSE (
+  FOR /f "tokens=*" %%a IN ('dir /b ..\heimdall2\libs\inspecjs\inspecjs-v*.tgz') DO (
+    SET THIS_TAR_ZIP=..\heimdall2\libs\inspecjs\%%a
+  )
+)
+CALL npm i %THIS_TAR_ZIP% || EXIT /B %ERRORLEVEL%
+
+ECHO Executing - npm run prepack ...
+CALL npm run prepack || EXIT /B %ERRORLEVEL%
+
+ECHO Install of local inspecjs complete.
diff --git a/pack-inspecjs.sh b/pack-inspecjs.sh
new file mode 100755
index 000000000..70fe3ac06
--- /dev/null
+++ b/pack-inspecjs.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+set -o errexit   # abort on nonzero exitstatus
+set -o nounset   # abort on unbound variable
+set -o pipefail  # don't hide errors within pipes
+
+ORIGINAL=$PWD
+echo $ORIGINAL
+
+cd "${npm_config_heimdall:-../heimdall2}"
+cd libs/inspecjs
+
+git switch "${npm_config_branch:-master}"
+
+echo "Executing - git fetch ..."
+git fetch
+
+echo "Executing - git pull ..."
+git pull
+
+echo "Executing - yarn install ..."
+CYPRESS_INSTALL_BINARY=0 PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true yarn install
+
+echo "Executing - yarn pack ..."
+yarn pack
+
+echo "Finished generating the tarball"
+
+cd "$ORIGINAL"
+
+echo "Executing - npm install remote ..."
+npm i
+
+echo "Executing - npm install local ..."
+npm i "${npm_config_heimdall:-../heimdall2}/libs/inspecjs/inspecjs-v"*".tgz"
+
+echo "Executing - npm run prepack ..."
+npm run prepack
+
+echo "Install of local inspecjs complete."
diff --git a/package.json b/package.json
index 0068bd9d6..b7054807e 100644
--- a/package.json
+++ b/package.json
@@ -196,7 +196,10 @@
     "prepack:darwin:linux": "rm -rf lib && tsc",
     "pack-hdf-converters": "run-script-os",
     "pack-hdf-converters:win32": "pack-hdf-converters.bat",
-    "pack-hdf-converters:darwin:linux": "./pack-hdf-converters.sh"
+    "pack-hdf-converters:darwin:linux": "./pack-hdf-converters.sh",
+    "pack-inspecjs": "run-script-os",
+    "pack-inspecjs:win32": "pack-inspecjs.bat",
+    "pack-inspecjs:darwin:linux": "./pack-inspecjs.sh"
   },
   "types": "lib/index.d.ts",
   "jest": {
diff --git a/src/commands/convert/asff2hdf.ts b/src/commands/convert/asff2hdf.ts
index e391a2b30..39a11b7be 100644
--- a/src/commands/convert/asff2hdf.ts
+++ b/src/commands/convert/asff2hdf.ts
@@ -196,7 +196,7 @@ export default class ASFF2HDF extends Command {
     _.forOwn(results, (result, filename) => {
       fs.writeFileSync(
         path.join(flags.output, checkSuffix(filename)),
-        JSON.stringify(result),
+        JSON.stringify(result, null, 2),
       )
     })
   }
diff --git a/src/commands/convert/aws_config2hdf.ts b/src/commands/convert/aws_config2hdf.ts
index 6f8f5645b..b6a4221b7 100644
--- a/src/commands/convert/aws_config2hdf.ts
+++ b/src/commands/convert/aws_config2hdf.ts
@@ -57,6 +57,6 @@ export default class AWSConfig2HDF extends Command {
       region: flags.region,
     }, !flags.insecure, flags.certificate ? fs.readFileSync(flags.certificate, 'utf8') : undefined) : new Mapper({region: flags.region}, !flags.insecure, flags.certificate ? fs.readFileSync(flags.certificate, 'utf8') : undefined)
 
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(this.ensureRefs(await converter.toHdf())))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(this.ensureRefs(await converter.toHdf()), null, 2))
   }
 }
diff --git a/src/commands/convert/burpsuite2hdf.ts b/src/commands/convert/burpsuite2hdf.ts
index b9d45b586..8b50316a2 100644
--- a/src/commands/convert/burpsuite2hdf.ts
+++ b/src/commands/convert/burpsuite2hdf.ts
@@ -25,6 +25,6 @@ export default class Burpsuite2HDF extends Command {
     checkInput({data, filename: flags.input}, 'burp', 'BurpSuite Pro XML')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/ckl2hdf.ts b/src/commands/convert/ckl2hdf.ts
index 1851673fb..28d174e35 100644
--- a/src/commands/convert/ckl2hdf.ts
+++ b/src/commands/convert/ckl2hdf.ts
@@ -23,7 +23,11 @@ export default class CKL2HDF extends Command {
     const data = fs.readFileSync(flags.input, 'utf8')
     checkInput({data, filename: flags.input}, 'checklist', 'DISA Checklist')
 
-    const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    try {
+      const converter = new Mapper(data, flags['with-raw'])
+      fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
+    } catch (error) {
+      console.error(`Error converting to hdf:\n${error}`)
+    }
   }
 }
diff --git a/src/commands/convert/conveyor2hdf.ts b/src/commands/convert/conveyor2hdf.ts
index 657e9d618..77922ba82 100644
--- a/src/commands/convert/conveyor2hdf.ts
+++ b/src/commands/convert/conveyor2hdf.ts
@@ -29,7 +29,7 @@ export default class Conveyor2HDF extends Command {
     for (const [filename, result] of Object.entries(results)) {
       fs.writeFileSync(
         path.join(flags.output, checkSuffix(filename)),
-        JSON.stringify(result),
+        JSON.stringify(result, null, 2),
       )
     }
   }
diff --git a/src/commands/convert/dbprotect2hdf.ts b/src/commands/convert/dbprotect2hdf.ts
index cc0f84cd9..e2f607fb8 100644
--- a/src/commands/convert/dbprotect2hdf.ts
+++ b/src/commands/convert/dbprotect2hdf.ts
@@ -25,6 +25,6 @@ export default class DBProtect2HDF extends Command {
     checkInput({data, filename: flags.input}, 'dbProtect', 'DBProtect report in "Check Results Details" XML format')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/fortify2hdf.ts b/src/commands/convert/fortify2hdf.ts
index 8f5576d84..ab6968795 100644
--- a/src/commands/convert/fortify2hdf.ts
+++ b/src/commands/convert/fortify2hdf.ts
@@ -25,6 +25,6 @@ export default class Fortify2HDF extends Command {
     checkInput({data, filename: flags.input}, 'fortify', 'Fortify results FVDL file')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/gosec2hdf.ts b/src/commands/convert/gosec2hdf.ts
index 7eb4e88e0..536afd447 100644
--- a/src/commands/convert/gosec2hdf.ts
+++ b/src/commands/convert/gosec2hdf.ts
@@ -25,6 +25,6 @@ export default class Gosec2HDF extends Command {
     checkInput({data, filename: flags.input}, 'gosec', 'gosec results JSON')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/hdf2asff.ts b/src/commands/convert/hdf2asff.ts
index 72c695b39..2f45f7bb5 100644
--- a/src/commands/convert/hdf2asff.ts
+++ b/src/commands/convert/hdf2asff.ts
@@ -45,11 +45,11 @@ export default class HDF2ASFF extends Command {
       fs.mkdirSync(outputFolder)
       if (convertedSlices.length === 1) {
         const outfilePath = path.join(outputFolder, convertFullPathToFilename(checkSuffix(flags.output)))
-        fs.writeFileSync(outfilePath, JSON.stringify(convertedSlices[0]))
+        fs.writeFileSync(outfilePath, JSON.stringify(convertedSlices[0], null, 2))
       } else {
         convertedSlices.forEach((slice, index) => {
           const outfilePath = path.join(outputFolder, `${convertFullPathToFilename(checkSuffix(flags.output || '')).replace('.json', '')}.p${index}.json`)
-          fs.writeFileSync(outfilePath, JSON.stringify(slice))
+          fs.writeFileSync(outfilePath, JSON.stringify(slice, null, 2))
         })
       }
     }
diff --git a/src/commands/convert/hdf2ckl.ts b/src/commands/convert/hdf2ckl.ts
index 5c74fef7e..ebcf285a2 100644
--- a/src/commands/convert/hdf2ckl.ts
+++ b/src/commands/convert/hdf2ckl.ts
@@ -1,78 +1,139 @@
 import {Command, Flags} from '@oclif/core'
-import {contextualizeEvaluation} from 'inspecjs'
 import _ from 'lodash'
 import fs from 'fs'
-import {v4} from 'uuid'
-import {default as files} from '../../resources/files.json'
-import Mustache from 'mustache'
-import {CKLMetadata} from '../../types/checklist'
-import {convertFullPathToFilename, getProfileInfo} from '../../utils/global'
-import {getDetails} from '../../utils/checklist'
+import {Assettype, ChecklistMetadata, ChecklistResults as Mapper, Role, Techarea, validateChecklistMetadata} from '@mitre/hdf-converters'
 
 export default class HDF2CKL extends Command {
-  static usage = 'convert hdf2ckl -i <hdf-scan-results-json> -o <output-ckl> [-h] [-m <metadata>] [-H <hostname>] [-F <fqdn>] [-M <mac-address>] [-I <ip-address>]'
+  static readonly usage = 'saf convert hdf2ckl -i <hdf-scan-results-json> -o <output-ckl> [-h] [-m <metadata>] [--profilename <value>] [--profiletitle <value>] [--version <value>] [--releasenumber <value>] [--releasedate <value>] [--marking <value>] [-H <value>] [-I <value>] [-M <value>] [-F <value>] [--targetcomment <value>] [--role Domain Controller|Member Server|None|Workstation] [--assettype Computing|Non-Computing] [--techarea |Application Review|Boundary Security|CDS Admin Review|CDS Technical Review|Database Review|Domain Name System (DNS)|Exchange Server|Host Based System Security (HBSS)|Internal Network|Mobility|Other Review|Releasable Networks (REL)|Releaseable Networks (REL)|Traditional Security|UNIX OS|VVOIP Review|Web Review|Windows OS] [--stigguid <value>] [--targetkey <value>] [--webdbsite <value> --webordatabase] [--webdbinstance <value> ] [--vulidmapping gid|id]'
 
   static description = 'Translate a Heimdall Data Format JSON file into a DISA checklist file'
 
   static flags = {
     help: Flags.help({char: 'h'}),
     input: Flags.string({char: 'i', required: true, description: 'Input HDF file'}),
-    metadata: Flags.string({char: 'm', required: false, description: 'Metadata JSON file, generate one with "saf generate ckl_metadata"'}),
     output: Flags.string({char: 'o', required: true, description: 'Output CKL file'}),
-    hostname: Flags.string({char: 'H', required: false, description: 'Hostname for CKL metadata'}),
-    fqdn: Flags.string({char: 'F', required: false, description: 'FQDN for CKL metadata'}),
-    mac: Flags.string({char: 'M', required: false, description: 'MAC address for CKL metadata'}),
-    ip: Flags.string({char: 'I', required: false, description: 'IP address for CKL metadata'}),
+    metadata: Flags.string({char: 'm', required: false, description: 'Metadata JSON file, generate one with "saf generate ckl_metadata"',
+      // either a metadata file or a metadata flags can be passed in. Not both.
+      relationships: [
+        {type: 'none', flags: ['profilename', 'profiletitle', 'version', 'releasenumber', 'releasedate', 'marking', 'marking', 'hostname', 'ip', 'mac', 'fqdn', 'targetcomment', 'role', 'assettype', 'techarea', 'stigguid', 'targetkey', 'webordatabase', 'webdbsite', 'webdbinstance', 'vulidmapping']},
+      ], helpGroup: 'Checklist Metadata'}),
+    profilename: Flags.string({required: false, description: 'Profile name', helpGroup: 'Checklist Metadata'}),
+    profiletitle: Flags.string({required: false, description: 'Profile title', helpGroup: 'Checklist Metadata'}),
+    version: Flags.integer({required: false, description: 'Profile version number', min: 0, helpGroup: 'Checklist Metadata'}),
+    releasenumber: Flags.integer({required: false, description: 'Profile release number', min: 0, helpGroup: 'Checklist Metadata'}),
+    releasedate: Flags.string({required: false, description: 'Profile release date', helpGroup: 'Checklist Metadata'}),
+    marking: Flags.string({required: false, description: 'A security classification or designation of the asset, indicating its sensitivity level', helpGroup: 'Checklist Metadata'}),
+    hostname: Flags.string({char: 'H', required: false, description: 'The name assigned to the asset within the network', helpGroup: 'Checklist Metadata'}),
+    ip: Flags.string({char: 'I', required: false, description: 'IP address', helpGroup: 'Checklist Metadata'}),
+    mac: Flags.string({char: 'M', required: false, description: 'MAC address', helpGroup: 'Checklist Metadata'}),
+    fqdn: Flags.string({char: 'F', required: false, description: 'Fully Qualified Domain Name', helpGroup: 'Checklist Metadata'}),
+    targetcomment: Flags.string({required: false, description: 'Additional comments or notes about the asset', helpGroup: 'Checklist Metadata'}),
+    role: Flags.string({required: false, description: 'The primary function or role of the asset within the network or organization', options: Object.values(Role), helpGroup: 'Checklist Metadata'}),
+    assettype: Flags.string({required: false, description: 'The category or classification of the asset', options: Object.values(Assettype), helpGroup: 'Checklist Metadata'}),
+    techarea: Flags.string({required: false, description: 'The technical area or domain to which the asset belongs', options: Object.values(Techarea), helpGroup: 'Checklist Metadata'}),
+    stigguid: Flags.string({required: false, description: 'A unique identifier associated with the STIG for the asset', helpGroup: 'Checklist Metadata'}),
+    targetkey: Flags.string({required: false, description: 'A unique key or identifier for the asset within the checklist or inventory system', helpGroup: 'Checklist Metadata'}),
+    webordatabase: Flags.boolean({required: false, description: 'Indicates whether the STIG is primarily for either a web or database server', helpGroup: 'Checklist Metadata'}),
+    webdbsite: Flags.string({required: false, description: 'The specific site or application hosted on the web or database server', dependsOn: ['webordatabase'], helpGroup: 'Checklist Metadata'}),
+    webdbinstance: Flags.string({required: false, description: 'The specific instance of the web application or database running on the server', dependsOn: ['webordatabase'], helpGroup: 'Checklist Metadata'}),
+    vulidmapping: Flags.string({required: false, description: 'Which type of control identifier to map to the checklist ID', options: ['gid', 'id'], helpGroup: 'Checklist Metadata'}),
   }
 
-  static examples = ['saf convert hdf2ckl -i rhel7-results.json -o rhel7.ckl --fqdn reverseproxy.example.org --hostname reverseproxy --ip 10.0.0.3 --mac 12:34:56:78:90']
+  static readonly examples = ['saf convert hdf2ckl -i rhel7-results.json -o rhel7.ckl --fqdn reverseproxy.example.org --hostname reverseproxy --ip 10.0.0.3 --mac 12:34:56:78:90:AB',
+    'saf convert hdf2ckl -i rhel8-results.json -o rhel8.ckl -m rhel8-metadata.json']
+
+  static readonly oldMetadataFormatMapping = {
+    'profiles[0].name': 'benchmark.title',
+    'profiles[0].title': 'benchmark.title',
+    stigguid: 'stigid',
+    role: 'role',
+    assettype: 'type',
+    hostname: 'hostname',
+    hostip: 'ip',
+    hostmac: 'mac',
+    techarea: 'tech_area',
+    targetkey: 'target_key',
+    webdbsite: 'web_db_site',
+    webdbinstance: 'web_db_site',
+  }
 
   async run() {
     const {flags} = await this.parse(HDF2CKL)
-    const contextualizedEvaluation = contextualizeEvaluation(JSON.parse(fs.readFileSync(flags.input, 'utf8')))
-    const profileName = contextualizedEvaluation.data.profiles[0].name
-    const controls = contextualizedEvaluation.contains.flatMap(profile => profile.contains) || []
-    const rootControls = _.uniqBy(controls, control =>
-      _.get(control, 'root.hdf.wraps.id'),
-    ).map(({root}) => root)
-    let cklData = {}
-    const cklMetadata: CKLMetadata = {
-      fileName: convertFullPathToFilename(flags.input),
-      benchmark: {
-        title: profileName || null,
-        version: '1',
-        plaintext: null,
-      },
-      stigid: profileName || null,
-      role: 'None',
-      type: 'Computing',
-      hostname: flags.hostname || _.get(contextualizedEvaluation, 'evaluation.data.passthrough.hostname') || null,
-      ip: flags.ip || _.get(contextualizedEvaluation, 'evaluation.data.passthrough.ip') || null,
-      mac: flags.mac || _.get(contextualizedEvaluation, 'evaluation.data.passthrough.mac') || null,
-      fqdn: flags.fqdn || _.get(contextualizedEvaluation, 'evaluation.data.passthrough.fqdn') || null,
-      tech_area: null,
-      target_key: '0',
-      web_or_database: 'false',
-      web_db_site: null,
-      web_db_instance: null,
+
+    /* Order of precedence for checklist metadata:
+      command flags (hostname, ip, etc.) or metadata file (-m flag)
+      input hdf file passthrough.metadata
+      input hdf file passthrough.checklist.asset */
+
+    const defaultMetadata: ChecklistMetadata = {
+      role: Role.None, assettype: Assettype.Computing, webordatabase: 'false', profiles: [],
+      hostfqdn: '', hostip: '', hostmac: '', marking: '', techarea: Techarea.Empty, vulidmapping: 'id',
+      hostname: '', targetcomment: '', webdbinstance: '', webdbsite: '',
     }
+    const inputHDF = JSON.parse(fs.readFileSync(flags.input, 'utf8'))
+    let flagMetadata
+    flagMetadata = flags.metadata ?
+      JSON.parse(fs.readFileSync(flags.metadata, 'utf8')) :
+      {
+        profiles: [{
+          name: flags.profilename,
+          title: flags.profiletitle,
+          version: flags.version,
+          releasenumber: flags.releasenumber,
+          releasedate: flags.releasedate,
+        }],
+        marking: flags.marking,
+        hostname: flags.hostname,
+        hostip: flags.ip,
+        hostmac: flags.mac,
+        hostfqdn: flags.fqdn,
+        targetcomment: flags.targetcomment,
+        role: flags.role,
+        assettype: flags.assettype,
+        techarea: flags.techarea,
+        targetkey: flags.targetkey,
+        webordatabase: flags.webordatabase,
+        webdbsite: flags.webdbsite,
+        webdbinstance: flags.webdbinstance,
+        vulidmapping: flags.vulidmapping,
+      }
+
+    // to preserve backwards compatibility with old metadata format
+    if (flags.metadata && _.has(flagMetadata, 'benchmark')) {
+      let profile
+      if (_.has(flagMetadata, 'benchmark.version')) {
+        const version: string = _.get(flagMetadata, 'benchmark.version')
 
-    if (flags.metadata) {
-      const cklMetadataInput: CKLMetadata = JSON.parse(fs.readFileSync(flags.metadata, 'utf8'))
-      for (const field in cklMetadataInput) {
-        if (typeof cklMetadata[field] === 'string' || typeof cklMetadata[field] === 'object') {
-          cklMetadata[field] = cklMetadataInput[field]
+        // get sections of numbers in version string
+        const parsedVersion = version.split(/\D+/)
+          .filter(Boolean)
+          .map(s => Number.parseInt(s, 10))
+        profile = {version: parsedVersion[0], releasenumber: parsedVersion[1]}
+      } else {
+        profile = {}
+      }
+
+      const newFlagMetadata = {profiles: [profile]}
+
+      for (const [newKey, oldKey] of Object.entries(HDF2CKL.oldMetadataFormatMapping)) {
+        const oldValue = _.get(flagMetadata, oldKey)
+        if (oldValue) {
+          _.set(newFlagMetadata, newKey, oldValue)
         }
       }
+
+      flagMetadata = newFlagMetadata
     }
 
-    cklData = {
-      releaseInfo: cklMetadata.benchmark.plaintext,
-      ...cklMetadata,
-      profileInfo: getProfileInfo(contextualizedEvaluation, cklMetadata.fileName),
-      uuid: v4(),
-      controls: rootControls.map(control => getDetails(control, profileName)),
+    const hdfMetadata = _.get(inputHDF, 'passthrough.metadata', _.get(inputHDF, 'passthrough.checklist.asset', {}))
+    const metadata = _.merge(defaultMetadata, hdfMetadata, flagMetadata)
+    _.set(inputHDF, 'passthrough.metadata', metadata)
+
+    const validationResults = validateChecklistMetadata(metadata)
+    if (validationResults.ok) {
+      fs.writeFileSync(flags.output, new Mapper(inputHDF).toCkl())
+    } else {
+      console.error(`Error creating checklist:\n${validationResults.error.message}`)
     }
-    fs.writeFileSync(flags.output, Mustache.render(files['cklExport.ckl'].data, cklData).replaceAll(/[^\x00-\x7F]/g, ''))
   }
 }
diff --git a/src/commands/convert/hdf2condensed.ts b/src/commands/convert/hdf2condensed.ts
index ddbcd2d20..afedccf86 100644
--- a/src/commands/convert/hdf2condensed.ts
+++ b/src/commands/convert/hdf2condensed.ts
@@ -51,6 +51,6 @@ export default class HDF2Condensed extends Command {
       buckets: extractControlSummariesBySeverity(parsedProfile),
       status: thresholds,
     }
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(result))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(result, null, 2))
   }
 }
diff --git a/src/commands/convert/index.ts b/src/commands/convert/index.ts
index aa521766a..86139dca3 100644
--- a/src/commands/convert/index.ts
+++ b/src/commands/convert/index.ts
@@ -86,7 +86,7 @@ export default class Convert extends Command {
         _.forOwn(results, (result, filename) => {
           fs.writeFileSync(
             path.join(flags.output, checkSuffix(filename)),
-            JSON.stringify(result),
+            JSON.stringify(result, null, 2),
           )
         })
         break
@@ -94,7 +94,7 @@ export default class Convert extends Command {
 
       case 'burp': {
         converter = new BurpSuiteMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
@@ -106,7 +106,7 @@ export default class Convert extends Command {
         for (const [filename, result]  of Object.entries(results)) {
           fs.writeFileSync(
             path.join(flags.output, checkSuffix(filename as string)),
-            JSON.stringify(result),
+            JSON.stringify(result, null, 2),
           )
         }
 
@@ -115,25 +115,25 @@ export default class Convert extends Command {
 
       case 'checklist': {
         converter = new ChecklistResults(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'dbProtect': {
         converter = new DBProtectMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'fortify': {
         converter = new FortifyMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'jfrog': {
         converter = new JfrogXrayMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
@@ -142,10 +142,10 @@ export default class Convert extends Command {
         const result = converter.toHdf()
         if (Array.isArray(result)) {
           for (const element of result) {
-            fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element))
+            fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element, null, 2))
           }
         } else {
-          fs.writeFileSync(`${checkSuffix(flags.output)}`, JSON.stringify(result))
+          fs.writeFileSync(`${checkSuffix(flags.output)}`, JSON.stringify(result, null, 2))
         }
 
         break
@@ -153,13 +153,13 @@ export default class Convert extends Command {
 
       case 'netsparker': {
         converter = new NetsparkerMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'nikto': {
         converter = new NiktoMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
@@ -173,7 +173,7 @@ export default class Convert extends Command {
         _.forOwn(results, result => {
           fs.writeFileSync(
             path.join(flags.output, `${_.get(result, 'platform.target_id')}.json`),
-            JSON.stringify(result),
+            JSON.stringify(result, null, 2),
           )
         })
         break
@@ -181,13 +181,13 @@ export default class Convert extends Command {
 
       case 'sarif': {
         converter = new SarifMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'scoutsuite': {
         converter = new ScoutsuiteMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
@@ -196,10 +196,10 @@ export default class Convert extends Command {
         const result = converter.toHdf()
         if (Array.isArray(result)) {
           for (const element of result) {
-            fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element))
+            fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element, null, 2))
           }
         } else {
-          fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(result))
+          fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(result, null, 2))
         }
 
         break
@@ -207,19 +207,19 @@ export default class Convert extends Command {
 
       case 'twistlock': {
         converter = new TwistlockResults(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'xccdf': {
         converter = new XCCDFResultsMapper(fs.readFileSync(flags.input, 'utf8'))
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
       case 'zap': {
         converter = new ZapMapper(fs.readFileSync(flags.input, 'utf8'), _.get(flags, 'name') as string)
-        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+        fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
         break
       }
 
diff --git a/src/commands/convert/ionchannel2hdf.ts b/src/commands/convert/ionchannel2hdf.ts
index 0f16790c2..a0cfd6382 100644
--- a/src/commands/convert/ionchannel2hdf.ts
+++ b/src/commands/convert/ionchannel2hdf.ts
@@ -88,7 +88,7 @@ export default class IonChannel2HDF extends Command {
           json = await apiClient.toHdf()
         }
 
-        fs.writeFileSync(path.join(flags.output, filename), JSON.stringify(json))
+        fs.writeFileSync(path.join(flags.output, filename), JSON.stringify(json, null, 2))
       }
     } else if (flags.apiKey && flags.teamName && Array.isArray(flags.project)) {
       logger.debug('Creating Ion Channel API Client')
@@ -112,7 +112,7 @@ export default class IonChannel2HDF extends Command {
           json = await apiClient.toHdf()
         }
 
-        fs.writeFileSync(path.join(flags.output, filename), JSON.stringify(json))
+        fs.writeFileSync(path.join(flags.output, filename), JSON.stringify(json, null, 2))
       }
     } else if (Array.isArray(flags.input)) {
       logger.debug('Processing input files')
diff --git a/src/commands/convert/jfrog_xray2hdf.ts b/src/commands/convert/jfrog_xray2hdf.ts
index ac685d4c4..f6c35341e 100644
--- a/src/commands/convert/jfrog_xray2hdf.ts
+++ b/src/commands/convert/jfrog_xray2hdf.ts
@@ -25,6 +25,6 @@ export default class JfrogXray2HDF extends Command {
     checkInput({data, filename: flags.input}, 'jfrog', 'JFrog Xray results JSON')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/nessus2hdf.ts b/src/commands/convert/nessus2hdf.ts
index 508e69b84..2cd4f3f41 100644
--- a/src/commands/convert/nessus2hdf.ts
+++ b/src/commands/convert/nessus2hdf.ts
@@ -29,10 +29,10 @@ export default class Nessus2HDF extends Command {
     const result = converter.toHdf()
     if (Array.isArray(result)) {
       for (const element of result) {
-        fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element))
+        fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element, null, 2))
       }
     } else {
-      fs.writeFileSync(`${checkSuffix(flags.output)}`, JSON.stringify(result))
+      fs.writeFileSync(`${checkSuffix(flags.output)}`, JSON.stringify(result, null, 2))
     }
   }
 }
diff --git a/src/commands/convert/netsparker2hdf.ts b/src/commands/convert/netsparker2hdf.ts
index bd7f7d17f..1ce72b0fb 100644
--- a/src/commands/convert/netsparker2hdf.ts
+++ b/src/commands/convert/netsparker2hdf.ts
@@ -25,6 +25,6 @@ export default class Netsparker2HDF extends Command {
     checkInput({data, filename: flags.input}, 'netsparker', 'Netsparker XML results file')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/nikto2hdf.ts b/src/commands/convert/nikto2hdf.ts
index f11044c21..c1844e6d0 100644
--- a/src/commands/convert/nikto2hdf.ts
+++ b/src/commands/convert/nikto2hdf.ts
@@ -25,6 +25,6 @@ export default class Nikto2HDF extends Command {
     checkInput({data, filename: flags.input}, 'nikto', 'Nikto results JSON')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/prisma2hdf.ts b/src/commands/convert/prisma2hdf.ts
index 99bd5c9cc..f6e46ea9b 100644
--- a/src/commands/convert/prisma2hdf.ts
+++ b/src/commands/convert/prisma2hdf.ts
@@ -32,7 +32,7 @@ export default class Prisma2HDF extends Command {
     _.forOwn(results, result => {
       fs.writeFileSync(
         path.join(flags.output, `${_.get(result, 'platform.target_id')}.json`),
-        JSON.stringify(result),
+        JSON.stringify(result, null, 2),
       )
     })
   }
diff --git a/src/commands/convert/prowler2hdf.ts b/src/commands/convert/prowler2hdf.ts
index c481147df..35d892260 100644
--- a/src/commands/convert/prowler2hdf.ts
+++ b/src/commands/convert/prowler2hdf.ts
@@ -33,7 +33,7 @@ export default class Prowler2HDF extends Command {
     _.forOwn(results, (result, filename) => {
       fs.writeFileSync(
         path.join(flags.output, checkSuffix(filename)),
-        JSON.stringify(result),
+        JSON.stringify(result, null, 2),
       )
     })
   }
diff --git a/src/commands/convert/sarif2hdf.ts b/src/commands/convert/sarif2hdf.ts
index 9300c5290..286e7427f 100644
--- a/src/commands/convert/sarif2hdf.ts
+++ b/src/commands/convert/sarif2hdf.ts
@@ -25,6 +25,6 @@ export default class Sarif2HDF extends Command {
     checkInput({data, filename: flags.input}, 'sarif', 'SARIF JSON')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/scoutsuite2hdf.ts b/src/commands/convert/scoutsuite2hdf.ts
index f9feeea99..de8b9d23a 100644
--- a/src/commands/convert/scoutsuite2hdf.ts
+++ b/src/commands/convert/scoutsuite2hdf.ts
@@ -25,6 +25,6 @@ export default class Scoutsuite2HDF extends Command {
     checkInput({data, filename: flags.input}, 'scoutsuite', 'ScoutSuite results from a Javascript object')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/snyk2hdf.ts b/src/commands/convert/snyk2hdf.ts
index 496f644d8..3a3465932 100644
--- a/src/commands/convert/snyk2hdf.ts
+++ b/src/commands/convert/snyk2hdf.ts
@@ -28,10 +28,10 @@ export default class Snyk2HDF extends Command {
     const result = converter.toHdf()
     if (Array.isArray(result)) {
       for (const element of result) {
-        fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element))
+        fs.writeFileSync(`${flags.output.replaceAll(/\.json/gi, '')}-${_.get(element, 'platform.target_id')}.json`, JSON.stringify(element, null, 2))
       }
     } else {
-      fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(result))
+      fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(result, null, 2))
     }
   }
 }
diff --git a/src/commands/convert/sonarqube2hdf.ts b/src/commands/convert/sonarqube2hdf.ts
index 13f33f678..e962b116b 100644
--- a/src/commands/convert/sonarqube2hdf.ts
+++ b/src/commands/convert/sonarqube2hdf.ts
@@ -23,6 +23,6 @@ export default class Sonarqube2HDF extends Command {
   async run() {
     const {flags} = await this.parse(Sonarqube2HDF)
     const converter = new Mapper(flags.url, flags.projectKey, flags.auth, flags.branch, flags.pullRequestID)
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(await converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(await converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/trivy2hdf.ts b/src/commands/convert/trivy2hdf.ts
index b1a0deed4..d93963eba 100644
--- a/src/commands/convert/trivy2hdf.ts
+++ b/src/commands/convert/trivy2hdf.ts
@@ -38,7 +38,7 @@ export default class Trivy2HDF extends Command {
     _.forOwn(results, (result, filename) => {
       fs.writeFileSync(
         path.join(flags.output, checkSuffix(filename)),
-        JSON.stringify(result),
+        JSON.stringify(result, null, 2),
       )
     })
   }
diff --git a/src/commands/convert/twistlock2hdf.ts b/src/commands/convert/twistlock2hdf.ts
index dc15d3dc4..f185cb94c 100644
--- a/src/commands/convert/twistlock2hdf.ts
+++ b/src/commands/convert/twistlock2hdf.ts
@@ -25,7 +25,7 @@ export default class Twistlock2HDF extends Command {
     checkInput({data, filename: flags.input}, 'twistlock', 'Twistlock CLI output file')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
 
diff --git a/src/commands/convert/veracode2hdf.ts b/src/commands/convert/veracode2hdf.ts
index 6b35e0285..0a61efa23 100644
--- a/src/commands/convert/veracode2hdf.ts
+++ b/src/commands/convert/veracode2hdf.ts
@@ -24,6 +24,6 @@ export default class Veracode2HDF extends Command {
     checkInput({data, filename: flags.input}, 'veracode', 'Veracode XML')
 
     const converter = new Mapper(data)
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/xccdf_results2hdf.ts b/src/commands/convert/xccdf_results2hdf.ts
index 51173084f..3db8ad89e 100644
--- a/src/commands/convert/xccdf_results2hdf.ts
+++ b/src/commands/convert/xccdf_results2hdf.ts
@@ -25,6 +25,6 @@ export default class XCCDFResults2HDF extends Command {
     checkInput({data, filename: flags.input}, 'xccdf', 'SCAP client XCCDF-Results XML report')
 
     const converter = new Mapper(data, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/convert/zap2hdf.ts b/src/commands/convert/zap2hdf.ts
index f5c890afe..71f50a17a 100644
--- a/src/commands/convert/zap2hdf.ts
+++ b/src/commands/convert/zap2hdf.ts
@@ -26,6 +26,6 @@ export default class Zap2HDF extends Command {
     checkInput({data, filename: flags.input}, 'zap', 'OWASP ZAP results JSON')
 
     const converter = new Mapper(fs.readFileSync(flags.input, 'utf8'), flags.name, flags['with-raw'])
-    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf()))
+    fs.writeFileSync(checkSuffix(flags.output), JSON.stringify(converter.toHdf(), null, 2))
   }
 }
diff --git a/src/commands/generate/ckl_metadata.ts b/src/commands/generate/ckl_metadata.ts
index 3ca468fba..3f88a3609 100644
--- a/src/commands/generate/ckl_metadata.ts
+++ b/src/commands/generate/ckl_metadata.ts
@@ -1,10 +1,50 @@
 import {Command, Flags} from '@oclif/core'
 import fs from 'fs'
 import promptSync from 'prompt-sync'
-import _ from 'lodash'
+import {Assettype, ChecklistMetadata, Role, Techarea, validateChecklistMetadata} from '@mitre/hdf-converters'
+import path from 'path'
 
 const prompt = promptSync()
 
+// Ensures that no empty strings are passed into the metadata
+// by returning undefined instead
+function enforceNonEmptyString(ask: string) : string | null {
+  const response = prompt({ask})
+  if (response)
+    return response
+  return null
+}
+
+function enforceInteger(ask: string): number | null {
+  let response = prompt({ask})
+  let intRep = Number.parseInt(response, 10)
+  let floatRep = Number.parseFloat(response)
+  while (!(intRep === floatRep && intRep >= 0 && !Number.isNaN(intRep))) {
+    if (!response)
+      return null
+    console.log(`${response} is not a valid non-negative integer. Please try again`)
+    response = prompt({ask})
+    intRep = Number.parseInt(response, 10)
+    floatRep = Number.parseFloat(response)
+  }
+
+  return intRep
+}
+
+function enforceEnum(ask: string, options: string[]): string | null {
+  // format prompt to show valid options (removes empty string options)
+  ask = `${ask} (${options.filter(Boolean).join('/')}) `
+  let response = prompt({ask})
+  while (!options.includes(response)) {
+    if (!response)
+      return null
+    console.log(`${response} is not a valid option. Spelling and letter casing matters. Please try again.`)
+    response = prompt({ask})
+  }
+
+  return response
+}
+
 export default class GenerateCKLMetadata extends Command {
   static usage = 'generate ckl_metadata -o <json-file> [-h]'
 
@@ -21,23 +61,39 @@ export default class GenerateCKLMetadata extends Command {
     const {flags} = await this.parse(GenerateCKLMetadata)
     console.log('Please fill in the following fields to the best of your ability, if you do not have a value, please leave the field empty.')
     const cklMetadata = {
-      benchmark: {
-        title: prompt({ask: 'What is the benchmark title? '}) || null,
-        version: prompt({ask: 'What is the benchmark version? '}) || null,
-        plaintext: prompt({ask: 'What is the notes for release info? '}) || null,
-      },
-      stigid: prompt({ask: 'What is the STIG ID? '}) || null,
-      role: prompt({ask: 'What is the computing role? (None/Workstation/Member Server/Domain Controller) '}) || null,
-      type: _.capitalize(prompt({ask: 'What is the asset type? (Computing/Non-Computing) '})) || null,
-      hostname: prompt({ask: 'What is the asset hostname? '}) || null,
-      ip: prompt({ask: 'What is the asset IP address? '}) || null,
-      mac: prompt({ask: 'What is the asset MAC address? '}) || null,
-      tech_area: prompt({ask: 'What is the tech area? (Application Review/Boundary Security/CDS Admin Review/CDS Technical Review/Database Review/Domain Name System (DNS)/Exchange Server/Host Based System Security (HBSS)/Internal Network/Mobility/Releasable Networks (REL)/Releaseable Networks (REL)/Traditional Security/UNIX OS/VVOIP Review/Web Review/Windows OS/Other Review) '}) || null, // Yes, these typos really are how the enumerations are defined in STIG viewer's source code
-      target_key: prompt({ask: 'What is the target key? '}) || null,
-      web_or_database: prompt({ask: 'Is the target a web or database? (y/n) '}).toLowerCase() === 'y',
-      web_db_site: prompt({ask: 'What is the Web or DB site? '}) || null,
-      web_db_instance: prompt({ask: 'What is the Web or DB instance? '}) || null,
+      profiles: [
+        {
+          name: enforceNonEmptyString('What is the benchmark name? (Must match with profile name listed in HDF) ') || undefined,
+          title: enforceNonEmptyString('What is the benchmark title? ') || undefined,
+          version: enforceInteger('What is the benchmark version? ') || undefined,
+          releasenumber: enforceInteger('What is the benchmark release number? ') || undefined,
+          releasedate: enforceNonEmptyString('What is the benchmark release date (YYYY/MM/DD)? ') || undefined,
+          showCalendar: true,
+        },
+      ],
+      marking: enforceNonEmptyString('What is the marking? ') || undefined,
+      hostname: enforceNonEmptyString('What is the asset hostname? ') || undefined,
+      hostip: enforceNonEmptyString('What is the asset IP address? ') || undefined,
+      hostmac: enforceNonEmptyString('What is the asset MAC address? ') || undefined,
+      hostfqdn: enforceNonEmptyString('What is the asset FQDN? ') || undefined,
+      targetcomment: enforceNonEmptyString('What are the target comments? ') || undefined,
+      role: enforceEnum('What is the computing role?', Object.values(Role)) || undefined,
+      assettype: enforceEnum('What is the asset type?', Object.values(Assettype)) || undefined,
+      // Resulting techarea options have typos. Yes, these typos really are how the enumerations are defined in STIG viewer's source code
+      techarea: enforceEnum('What is the tech area? ', Object.values(Techarea)) || undefined,
+      stigguid: enforceNonEmptyString('What is the STIG ID? ') || undefined,
+      targetkey: enforceNonEmptyString('What is the target key? ') || undefined,
+      webordatabase: String(enforceEnum('Is the target a web or database?', ['y', 'n']) === 'y'),
+      webdbsite: enforceNonEmptyString('What is the Web or DB site? ') || undefined,
+      webdbinstance: enforceNonEmptyString('What is the Web or DB instance? ') || undefined,
+      vulidmapping: enforceEnum('Use gid or id for vuln number?', ['gid', 'id']) || undefined,
+    }
+    const validationResults = validateChecklistMetadata(cklMetadata as ChecklistMetadata)
+    if (validationResults.ok) {
+      fs.writeFileSync(flags.output, JSON.stringify(cklMetadata, null, 2))
+      console.log(`Checklist metadata file written at: ${path.resolve(flags.output)}`)
+    } else {
+      console.error(`Unable to generate checklist metadata:\n${validationResults.error.message}`)
     }
-    fs.writeFileSync(flags.output, JSON.stringify(cklMetadata))
   }
 }
diff --git a/src/commands/generate/inspec_metadata.ts b/src/commands/generate/inspec_metadata.ts
index 7c0652419..902931546 100644
--- a/src/commands/generate/inspec_metadata.ts
+++ b/src/commands/generate/inspec_metadata.ts
@@ -26,6 +26,6 @@ export default class GenerateInSpecMetadata extends Command {
       license: prompt({ask: 'What is the license of the profile? '}),
       version: prompt({ask: 'What is the version of the profile? '}),
     }
-    fs.writeFileSync(flags.output, JSON.stringify(inspecMetadata))
+    fs.writeFileSync(flags.output, JSON.stringify(inspecMetadata, null, 2))
   }
 }
diff --git a/src/resources/files.json b/src/resources/files.json
index 98b5b8f15..46c027abd 100644
--- a/src/resources/files.json
+++ b/src/resources/files.json
@@ -11,10 +11,6 @@
         "type": "string",
         "data": "<Benchmark xmlns=\"http://checklists.nist.gov/xccdf/1.2\"\r\n    xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n    xsi:schemaLocation=\"http://checklists.nist.gov/xccdf/1.2 https://csrc.nist.gov/schema/xccdf/1.2/xccdf_1.2.xsd\" id=\"xccdf_mitre.hdf-converters.xccdf_benchmark_hdf2xccdf\">\n    <status date=\"{{Benchmark.date}}\">draft</status>\n    <title>{{Benchmark.title}}</title>\n    <description>HDF Results Set converted Into XCCDF Benchmark</description>\n    <notice id=\"terms-of-use\" xml:lang=\"en\"></notice>\n    <front-matter xml:lang=\"en\">{{Benchmark.passthrough}}</front-matter>\n    <rear-matter xml:lang=\"en\"></rear-matter>\n    <version>{{Benchmark.version}}</version>\n    <metadata xmlns:xhtml=\"http://www.w3.org/1999/xhtml\">\n        <dc:publisher xmlns:dc=\"http://purl.org/dc/elements/1.1/\">{{Benchmark.metadata.copyright}}</dc:publisher>\n        <dc:creator xmlns:dc=\"http://purl.org/dc/elements/1.1/\">{{Benchmark.metadata.maintainer}}</dc:creator>\n    </metadata>\n    {{#Benchmark.Profile}}\n    <Profile id=\"{{id}}\">\n        <status>draft</status>\n        <version>{{version}}</version>\n        <title xmlns:xhtml=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en-US\" override=\"true\">{{title}}</title>\n        {{#select}}\n        <select idref=\"{{.}}\" selected=\"true\"/>\n        {{/select}}\n    </Profile>\n    {{/Benchmark.Profile}}\n    \n    {{#Benchmark.Rule}}\n    <Group id=\"{{groupId}}\">\n        <title>{{title}}</title>\n        <description>{{description}}</description>\n        <Rule id=\"{{id}}\" severity=\"{{severity}}\">\n            <version>{{version}}</version>\n            <title>{{title}}</title>\n            <description>&lt;VulnDiscussion&gt;{{description}}&lt;/VulnDiscussion&gt;&lt;FalsePositives&gt;&lt;/FalsePositives&gt;&lt;FalseNegatives&gt;&lt;/FalseNegatives&gt;&lt;Documentable&gt;{{documentable}}&lt;/Documentable&gt;&lt;Mitigations&gt;&lt;/Mitigations&gt;&lt;SeverityOverrideGuidance&gt;{{waiver}}&lt;/SeverityOverrideGuidance&gt;&lt;PotentialImpacts&gt;&lt;/PotentialImpacts&gt;&lt;ThirdPartyTools&gt;&lt;/ThirdPartyTools&gt;&lt;MitigationControl&gt;&lt;/MitigationControl&gt;&lt;Responsibility&gt;&lt;/Responsibility&gt;&lt;IAControls&gt;&lt;/IAControls&gt;</description>\n            {{#descriptions}}\n            <description>{{.}}</description>\n            {{/descriptions}}\n            {{#tags}}\n            <description>{{.}}</description>\n            {{/tags}}\n            {{#ccis}}\n            <ident system=\"http://iase.disa.mil/cci\">{{.}}</ident>\n            {{/ccis}}\n            <fixtext {{#fixid}} fixref=\"{{fixid}}\" {{/fixid}}>{{fix}}</fixtext>\n            {{#fixid}}\n            <fix id=\"{{fixid}}\" />\n            {{/fixid}}\n            <check system=\"http://www.w3.org/1999/xhtml\">\n                <check-content>{{checkContent}}</check-content>\n            </check>\n        </Rule>\n    </Group>\n    {{/Benchmark.Rule}}\n    <TestResult id=\"xccdf_mitre.hdf-converters.xccdf_testresult_hdf2xccdf\" end-time=\"{{Benchmark.TestResult.endTime}}\">\n        <target>Original Target</target>\n        {{#Benchmark.TestResult.hasAttributes}}\n        <target-facts>\n            {{#Benchmark.TestResult.attributes}}\n            <fact name=\"hdf:attribute:fact:input:{{name}}\">{{options.value}}</fact>\n            {{/Benchmark.TestResult.attributes}}\n        </target-facts>\n        {{/Benchmark.TestResult.hasAttributes}}\n        {{#Benchmark.TestResult.results}}\n        <rule-result idref=\"{{idref}}\">\n            <result>{{result}}</result>\n            <message severity=\"{{messageType}}\">{{message}}</message>\n            <check system=\"\">\n                <check-content>{{code}}</check-content>\n            </check>\n        </rule-result>\n        {{/Benchmark.TestResult.results}}\n        <score system=\"urn:xccdf:scoring:absolute\" maximum=\"1\">0</score>\n    </TestResult>\n</Benchmark>\n"
     },
-    "cklExport.ckl": {
-        "type": "string",
-        "data": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n<!--DISA STIG Viewer :: 2.14-->\r\n<CHECKLIST>\r\n\t<ASSET>\r\n\t\t<ROLE>{{role}}<\/ROLE>\r\n\t\t<ASSET_TYPE>{{type}}<\/ASSET_TYPE>\r\n\t\t<HOST_NAME>{{hostname}}<\/HOST_NAME>\r\n\t\t<HOST_IP>{{ip}}<\/HOST_IP>\r\n\t\t<HOST_MAC>{{mac}}<\/HOST_MAC>\r\n\t\t<HOST_FQDN>{{fqdn}}<\/HOST_FQDN>\r\n\t\t<TARGET_COMMENT><\/TARGET_COMMENT>\r\n\t\t<TECH_AREA>{{tech_area}}<\/TECH_AREA>\r\n\t\t<TARGET_KEY>{{target_key}}<\/TARGET_KEY>\r\n\t\t<WEB_OR_DATABASE>{{web_or_database}}<\/WEB_OR_DATABASE>\r\n\t\t<WEB_DB_SITE>{{web_db_site}}<\/WEB_DB_SITE>\r\n\t\t<WEB_DB_INSTANCE>{{web_db_instance}}<\/WEB_DB_INSTANCE>\r\n\t<\/ASSET>\r\n\t<STIGS>\r\n\t\t<iSTIG>\r\n\t\t\t<STIG_INFO>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>version<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{benchmark.version}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>classification<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>UNCLASSIFIED<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>customname<\/SID_NAME>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>stigid<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{stigid}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>description<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{profileInfo}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>filename<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{fileName}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>releaseinfo<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{benchmark.plaintext}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>title<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{benchmark.title}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>uuid<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>{{uuid}}<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>notice<\/SID_NAME>\r\n\t\t\t\t\t<SID_DATA>terms-of-use<\/SID_DATA>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t\t<SI_DATA>\r\n\t\t\t\t\t<SID_NAME>source<\/SID_NAME>\r\n\t\t\t\t<\/SI_DATA>\r\n\t\t\t<\/STIG_INFO>\r\n\t\t\t{{#controls}}\r\n\t\t\t<VULN>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Vuln_Num<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{vid}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Severity<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{severity}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Group_Title<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{gtitle}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Rule_ID<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{rid}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Rule_Ver<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{ruleVersion}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Rule_Title<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{title}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Vuln_Discuss<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{description}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>IA_Controls<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Check_Content<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{checkText}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Fix_Text<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{fixText}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>False_Positives<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>False_Negatives<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Documentable<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>false<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Mitigations<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Potential_Impact<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Third_Party_Tools<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Mitigation_Control<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Responsibility<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Security_Override_Guidance<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Check_Content_Ref<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>M<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Weight<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>10.0<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>Class<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{classification}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>STIGRef<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{profileName}} {{startTime}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>TargetKey<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{target_key}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>STIG_UUID<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{uuidV4}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>LEGACY_ID<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>LEGACY_ID<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA><\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t{{#ccis}}\r\n\t\t\t\t<STIG_DATA>\r\n\t\t\t\t\t<VULN_ATTRIBUTE>CCI_REF<\/VULN_ATTRIBUTE>\r\n\t\t\t\t\t<ATTRIBUTE_DATA>{{.}}<\/ATTRIBUTE_DATA>\r\n\t\t\t\t<\/STIG_DATA>\r\n\t\t\t\t{{\/ccis}}\r\n\t\t\t\t<STATUS>{{status}}<\/STATUS>\r\n\t\t\t\t<FINDING_DETAILS>{{results}}<\/FINDING_DETAILS>\r\n\t\t\t\t<COMMENTS><\/COMMENTS>\r\n\t\t\t\t<SEVERITY_OVERRIDE><\/SEVERITY_OVERRIDE>\r\n\t\t\t\t<SEVERITY_JUSTIFICATION><\/SEVERITY_JUSTIFICATION>\r\n\t\t\t<\/VULN>\r\n\t\t\t{{\/controls}}\r\n\t\t<\/iSTIG>\r\n\t<\/STIGS>\r\n<\/CHECKLIST>"
-    },
     "AttestationTemplate": {
         "type": "b64file",
         "data": "data:@file/vnd.openxmlformats-officedocument.spreadsheetml.sheet;base64,UEsDBBQABgAIAAAAIQBi7p1oXgEAAJAEAAATAAgCW0NvbnRlbnRfVHlwZXNdLnhtbCCiBAIooAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACslMtOwzAQRfdI/EPkLUrcskAINe2CxxIqUT7AxJPGqmNbnmlp/56J+xBCoRVqN7ESz9x7MvHNaLJubbaCiMa7UgyLgcjAVV4bNy/Fx+wlvxcZknJaWe+gFBtAMRlfX41mmwCYcbfDUjRE4UFKrBpoFRY+gOOd2sdWEd/GuQyqWqg5yNvB4E5W3hE4yqnTEOPRE9RqaSl7XvPjLUkEiyJ73BZ2XqVQIVhTKWJSuXL6l0u+cyi4M9VgYwLeMIaQvQ7dzt8Gu743Hk00GrKpivSqWsaQayu/fFx8er8ojov0UPq6NhVoXy1bnkCBIYLS2ABQa4u0Fq0ybs99xD8Vo0zL8MIg3fsl4RMcxN8bZLqej5BkThgibSzgpceeRE85NyqCfqfIybg4wE/tYxx8bqbRB+QERfj/FPYR6brzwEIQycAhJH2H7eDI6Tt77NDlW4Pu8ZbpfzL+BgAA//8DAFBLAwQUAAYACAAAACEAtVUwI/QAAABMAgAACwAIAl9yZWxzLy5yZWxzIKIEAiigAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKySTU/DMAyG70j8h8j31d2QEEJLd0FIuyFUfoBJ3A+1jaMkG92/JxwQVBqDA0d/vX78ytvdPI3qyCH24jSsixIUOyO2d62Gl/pxdQcqJnKWRnGs4cQRdtX11faZR0p5KHa9jyqruKihS8nfI0bT8USxEM8uVxoJE6UchhY9mYFaxk1Z3mL4rgHVQlPtrYawtzeg6pPPm3/XlqbpDT+IOUzs0pkVyHNiZ9mufMhsIfX5GlVTaDlpsGKecjoieV9kbMDzRJu/E/18LU6cyFIiNBL4Ms9HxyWg9X9atDTxy515xDcJw6vI8MmCix+o3gEAAP//AwBQSwMEFAAGAAgAAAAhAIE+lJfzAAAAugIAABoACAF4bC9fcmVscy93b3JrYm9vay54bWwucmVscyCiBAEooAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKxSTUvEMBC9C/6HMHebdhUR2XQvIuxV6w8IybQp2yYhM3703xsqul1Y1ksvA2+Gee/Nx3b3NQ7iAxP1wSuoihIEehNs7zsFb83zzQMIYu2tHoJHBRMS7Orrq+0LDppzE7k+ksgsnhQ45vgoJRmHo6YiRPS50oY0as4wdTJqc9Adyk1Z3su05ID6hFPsrYK0t7cgmilm5f+5Q9v2Bp+CeR/R8xkJSTwNeQDR6NQhK/jBRfYI8rz8Zk15zmvBo/oM5RyrSx6qNT18hnQgh8hHH38pknPlopm7Ve/hdEL7yim/2/Isy/TvZuTJx9XfAAAA//8DAFBLAwQUAAYACAAAACEAfjwwDJECAAALBgAADwAAAHhsL3dvcmtib29rLnhtbKRUXW+bMBR9n7T/YPmdGlIgFJVUHVm0SNtUbf14nBzjBCtgM9s0qar+911DSJvmpWtRYmNfc3yO7/E9v9jWFbrn2gglMxyc+BhxyVQh5CrDN9czL8HIWCoLWinJM/zADb6YfP50vlF6vVBqjQBAmgyX1jYpIYaVvKbmRDVcQmSpdE0tDPWKmEZzWpiSc1tXZOT7MampkLhHSPVbMNRyKRifKtbWXNoeRPOKWqBvStGYAa1mb4GrqV63jcdU3QDEQlTCPnSgGNUsna+k0nRRgextEKGthl8M/8CHZjTsBKGjrWrBtDJqaU8AmvSkj/QHPgmCgyPYHp/B25BCovm9cDncs9LxO1nFe6z4GSzwP4wWgLU6r6RweO9Ei/bcRnhyvhQVv+2ti2jT/KS1y1SFUUWN/VoIy4sMj2GoNvxgQrfNl1ZUEA38aORjMtnb+Uqjgi9pW9lrMPIADwvj+GwUuZVgjMvKci2p5bmSFny40/VRz3XYeanA4egX/9sKzeFigb9AK7SUpXRhrqgtUaurDJMbA+IJq5WCbsrN2qqGvLAlPb4D/2FMypxaAnJ7Sv37a+nATKeD+a6sRvA+n36HBPym95AOSHqxu61zOO/kz2M+niXT/Cz38mjse7Mk/OJdRmHg+bPTMMrzaT5LTp9AhY5Tpmhry12KHWaGQ8jnUegH3Q6RwE9bUTzv/+jvHs/1r5oh9uSUumJ2K/jGPJvBDdH2TshCbTI8Gieg5mEYjsE4aNPF7kRhS1iQ+OF+7hsXqxIIB+PQTYLnHbEMHxCa9oRm8HiuOSBEXjDqqiYw63okO6dTa8HWfemDIu3qqjviACOdup30vAi6FA4fM1ox8Lfr3MLO92So45N/AAAA//8DAFBLAwQUAAYACAAAACEA2efnWY4IAAD9QQAADQAAAHhsL3N0eWxlcy54bWzEXG1z4jYQ/t6Z/gePZ/qR8zvgFLgGErc3c01v5tJpP9wXYxvixi+MbVJop/+9K9lYqwSCSAy6zN1hYz272n20K62sjD5u0kR5iooyzrOxanzQVSXKgjyMs+VY/f3e6w1Vpaz8LPSTPIvG6jYq1Y+T778bldU2ib4+RFGlAERWjtWHqlpdaVoZPESpX37IV1EG3yzyIvUruCyWWrkqIj8sSaM00Uxd72upH2dqjXCVBiIgqV88rle9IE9XfhXP4ySuthRLVdLg6tMyywt/noCqG8P2A2Vj9AtT2RQ7IfTuCzlpHBR5mS+qD4Cr5YtFHEQv1XU1V/MDhgTIb0MyHE03ub5vijci2VoRPcXEfepklK1TL61KJcjXWQXubG8p9TefQrjZt1Wl9sosD4lL4c+3Xpp+64Xhjz+p2mSkNTiT0SLPEBxwgZrv6jHL/8488l0thDw2GZX/KE9+AndMAhLkSV4oFZABZBjkTuanUf3EzE/ieRGTmws/jZNtfZu2o/xpnktj8CbVqJYgSc7wRX+svf1RPsfLh+p4r/y/9vRqDsZoLegISnyjBTlZtC+ct/b3rgtZlAfnk7WPgcVyPlY9D4KNoevnpmEjzJ3pIO9iwpzBxXpmeZY36LRnHBdR5GhMSQRaXpemPCLQux7cXMyc3Qs71LsmEF9qBJAB160VYxwfX/Jk4JGfS/DkwimtI49pNJVDvo2TpJ0gWBbMEMidyQgmU1VUZB5cKM3n++0KUncG8746BdPnjjy9LPytYdL0pdWPHmlQ5kkcEi2WMzphaIb9rH/rzW6pXKQZTE3eA+p5s8EZQG+n7qx7TWeu2zWo6cFPx6DXDvnpvPvgqs5s2gxYuyslWzylisk0W/8wcF13aPSHw6FrW4ZtUyPPG0bHWRhtIph59zsz00sNHNDAtYZu3wRFdHtIRV1UAwsUGDjO0DFc04a/dKp3fg26tqmjyvYq0kCSV5EGkrxKZ5haB5G/GSl96V5FGkjyKtJAklcHHUfggXSvIg0keRVpIMmrtDrS4ViFKpPkvIo0kORVpIEkr3Y2+WwisCvdq0gDSV5FGrzbq3QhVE5G87wIoXzflnx1WEvV9yajJFpUsGouSFUS/q/yFfw7z6sKatyTURj7yzzzE1Lw3bUQaAnbAVD5H6vVQxw8gjCumlfPsWsR55LQRgebzLrtga0PbMfs1wubjkSnURiv05e9a2Xv9R+Ykdj2eMeRDUnZvjZhs/JlhQyN+K9xn2AL6mrqacEGwIkdJQRbdNFHVtQT7SNqIdZH1ECwj6hFRywK8zXsRD13sOcNdZ2ujk7my37A1615tM1Lex5tsseiR9t0wZupSX7oLFJwbKAWYrxBDQR5g1q8jTd7Bx5XtDhub+7x19RoQj1kjiBKkq8klv+5aNMHVC4mo80CbRfChjCpHJKdQ/IRaoDNxzpV1BeQQg41Mg82UvzVKtnerdN5VHh0l5iKoHdJGZJdTWmOY9fXSbzM0ojWXtQa5kuRV1FQ0V1sWjE9pI91QB+jARLR5z3yyebrPiOCnYTt8R75sLbfKx/sIlU+kEsKH2BVvLMHuACT+jV9umQkrOB2GoATZGgAq42dBkBPGRrAzHinARCUaQDqvMKK94wDA0Uz4AATCfLPJRJizK6XnMgz9vJQ+AX5FxnuBoq3QHRmZrg4l5kPhVhZIQa5HUYaMwFcvOYDyLrdpDzjUMyXZhAUdEEHZhEIA5dhJYq5IFNGxEOkIKFItgqgjmwVJKVfA3GBRCvZZpCUgTEfuRT8epDociKEVeDy4wVVwGTg8pUcM3D5Qo4K8uOjKSs+IjLAdrbsyGDKCpBohSQ/Ppqy4iMmg/wAacoKkIgM8uOjKSs+YjLID5CW/AmkJT8+WmeOjxoumNblU1Q5fVvhVNks9ldQm1Maxwqvbft966Z6j4FoDXqiei9f7W17pZDzGWPV1H9Qesp1EEB9FZxaK2gQkq/jBDbmib6EcMG6hL2uaX2zOeHxGhZ4p8YySRJBWBDQT8UChAaLxCCEBfHgVCwQX2NRCjMsKIWfjAV5ocEiGQJhQbQ+VS9o0mDxtncEbW/v8yOdSiF7gYNF9MJYzI8kEyMs6PKpWMyPJJAjLOjyqVjMjyQOINuDkFOxmB9JmkVYQLdTsVo/2iRKMyxH0Pb9vX4k4RbZS5CrGIv5keeqJchVjMX8yHOVdFnEXhiL+ZGPE7ZgnMBYzI98nLAF4wTGYn7kbe8I2v55ROUZbwoyvkZhvuO5Du/zC9m7RmFe41luCbK8RmH+4vltC/K7RmGe4qOKLRhVahQWM3nr2oLWnfrhLuryhDEFTQIHG4N1AudS4TjmLnXydCGrOJEhMXuIgkdlBsm7BeLHA0mjIkC3m1XiZ36VF1vlPtpULRzvdEcQ7uc8b23EI5AliYhCv8AZYDherLSTC57Dxokw7VjgzUPKeqdo0w4Gnn+GYKTYdaodDXxQJfMnEW0+Zat16yE+lpLULQLxOc4eo5BnDm9hsoQWQbqL1lXht/x7FrAEDXNHdvZbDD5E0I3653PGO9jIbzn6zIqCJvhtXSEz0vI6y5WkkiPS+/u4gnd3doOYS7dkQ0UIIq9Y1wkhUcqGM1JCGH/4RUZGCzd0n3H0QI/YggVm/+GGveVB7V6RU/L0/Y92PQDmDaOFv06q+/bLsco+/0rfigMyNU99iZ/yikKMVfaZHoKGUQwvhUC4+VzCK2zwv7Iu4rH67+104N7cemZvqE+HPduKnJ7rTG96jj2b3tx4rm7qs//QWf13nNSnv1oAXkwx7KsygfP8RdPZRvmv7N5YRRe1+vQdI1Ab6+6aff3aMfSeZ+lGz+77w96wbzk9zzHMm749vXU8B+nuvPFEv64ZRv27AYjyzlUVp1ESZztf7TyE74KT4PKVTmg7T2js9zZM/gcAAP//AwBQSwMEFAAGAAgAAAAhAMEXEL5OBwAAxiAAABMAAAB4bC90aGVtZS90aGVtZTEueG1s7FnNixs3FL8X+j8Mc3f8NeOPJd7gz2yT3SRknZQctbbsUVYzMpK8GxMCJTn1UiikpZdCbz2U0kADDb30jwkktOkf0SfN2COt5SSbbEpadg2LR/69p6f3nn5683Tx0r2YekeYC8KSll++UPI9nIzYmCTTln9rOCg0fE9IlIwRZQlu+Qss/Evbn35yEW3JCMfYA/lEbKGWH0k52yoWxQiGkbjAZjiB3yaMx0jCI58Wxxwdg96YFiulUq0YI5L4XoJiUHt9MiEj7A2VSn97qbxP4TGRQg2MKN9XqrElobHjw7JCiIXoUu4dIdryYZ4xOx7ie9L3KBISfmj5Jf3nF7cvFtFWJkTlBllDbqD/MrlMYHxY0XPy6cFq0iAIg1p7pV8DqFzH9ev9Wr+20qcBaDSClaa22DrrlW6QYQ1Q+tWhu1fvVcsW3tBfXbO5HaqPhdegVH+whh8MuuBFC69BKT5cw4edZqdn69egFF9bw9dL7V5Qt/RrUERJcriGLoW1ane52hVkwuiOE94Mg0G9kinPUZANq+xSU0xYIjflWozuMj4AgAJSJEniycUMT9AIsriLKDngxNsl0wgSb4YSJmC4VCkNSlX4rz6B/qYjirYwMqSVXWCJWBtS9nhixMlMtvwroNU3IC+ePXv+8Onzh789f/To+cNfsrm1KktuByVTU+7Vj1///f0X3l+//vDq8Tfp1CfxwsS//PnLl7//8Tr1sOLcFS++ffLy6ZMX333150+PHdrbHB2Y8CGJsfCu4WPvJothgQ778QE/ncQwQsSSQBHodqjuy8gCXlsg6sJ1sO3C2xxYxgW8PL9r2bof8bkkjpmvRrEF3GOMdhh3OuCqmsvw8HCeTN2T87mJu4nQkWvuLkqsAPfnM6BX4lLZjbBl5g2KEommOMHSU7+xQ4wdq7tDiOXXPTLiTLCJ9O4Qr4OI0yVDcmAlUi60Q2KIy8JlIITa8s3eba/DqGvVPXxkI2FbIOowfoip5cbLaC5R7FI5RDE1Hb6LZOQycn/BRyauLyREeoop8/pjLIRL5jqH9RpBvwoM4w77Hl3ENpJLcujSuYsYM5E9dtiNUDxz2kySyMR+Jg4hRZF3g0kXfI/ZO0Q9QxxQsjHctwm2wv1mIrgF5GqalCeI+mXOHbG8jJm9Hxd0grCLZdo8tti1zYkzOzrzqZXauxhTdIzGGHu3PnNY0GEzy+e50VciYJUd7EqsK8jOVfWcYAFlkqpr1ilylwgrZffxlG2wZ29xgngWKIkR36T5GkTdSl045ZxUep2ODk3gNQLlH+SL0ynXBegwkru/SeuNCFlnl3oW7nxdcCt+b7PHYF/ePe2+BBl8ahkg9rf2zRBRa4I8YYYICgwX3YKIFf5cRJ2rWmzulJvYmzYPAxRGVr0Tk+SNxc+Jsif8d8oedwFzBgWPW/H7lDqbKGXnRIGzCfcfLGt6aJ7cwHCSrHPWeVVzXtX4//uqZtNePq9lzmuZ81rG9fb1QWqZvHyByibv8uieT7yx5TMhlO7LBcW7Qnd9BLzRjAcwqNtRuie5agHOIviaNZgs3JQjLeNxJj8nMtqP0AxaQ2XdwJyKTPVUeDMmoGOkh3UrFZ/QrftO83iPjdNOZ7msupqpCwWS+XgpXI1Dl0qm6Fo9796t1Ot+6FR3WZcGKNnTGGFMZhtRdRhRXw5CFF5nhF7ZmVjRdFjRUOqXoVpGceUKMG0VFXjl9uBFveWHQdpBhmYclOdjFae0mbyMrgrOmUZ6kzOpmQFQYi8zII90U9m6cXlqdWmqvUWkLSOMdLONMNIwghfhLDvNlvtZxrqZh9QyT7liuRtyM+qNDxFrRSInuIEmJlPQxDtu+bVqCLcqIzRr+RPoGMPXeAa5I9RbF6JTuHYZSZ5u+HdhlhkXsodElDpck07KBjGRmHuUxC1fLX+VDTTRHKJtK1eAED5a45pAKx+bcRB0O8h4MsEjaYbdGFGeTh+B4VOucP6qxd8drCTZHMK9H42PvQM65zcRpFhYLysHjomAi4Ny6s0xgZuwFZHl+XfiYMpo17yK0jmUjiM6i1B2ophknsI1ia7M0U8rHxhP2ZrBoesuPJiqA/a9T903H9XKcwZp5memxSrq1HST6Yc75A2r8kPUsiqlbv1OLXKuay65DhLVeUq84dR9iwPBMC2fzDJNWbxOw4qzs1HbtDMsCAxP1Db4bXVGOD3xric/yJ3MWnVALOtKnfj6yty81WYHd4E8enB/OKdS6FBCb5cjKPrSG8iUNmCL3JNZjQjfvDknLf9+KWwH3UrYLZQaYb8QVINSoRG2q4V2GFbL/bBc6nUqD+BgkVFcDtPr+gFcYdBFdmmvx9cu7uPlLc2FEYuLTF/MF7Xh+uK+XNl8ce8RIJ37tcqgWW12aoVmtT0oBL1Oo9Ds1jqFXq1b7w163bDRHDzwvSMNDtrVblDrNwq1crdbCGolZX6jWagHlUo7qLcb/aD9ICtjYOUpfWS+APdqu7b/AQAA//8DAFBLAwQUAAYACAAAACEA9/xWeQIDAACQBwAAGAAAAHhsL3dvcmtzaGVldHMvc2hlZXQxLnhtbJyT24rbMBCG7wv7DkL3sXzYTRsTZ1l2Cd270uO1LI9jEclyJeVE6bt35ENSCCxhg6OxZf/fPyONlo9HrcgerJOmLWgSxZRAK0wl201Bf3xfzz5R4jxvK65MCwU9gaOPq7sPy4OxW9cAeIKE1hW08b7LGXOiAc1dZDpo8U1trOYeH+2Guc4Cr3qRViyN4znTXLZ0IOT2FoapayngxYidhtYPEAuKe8zfNbJzE02LW3Ca2+2umwmjO0SUUkl/6qGUaJG/blpjeamw7mNyzwU5WrxS/GeTTT9/5aSlsMaZ2kdIZkPO1+Uv2IJxcSZd138TJrlnFvYybOAFlb4vpeThzEovsOydsPkZFpbL5jtZFfRPPP5mGJMwxJdheveXrpaVxB0OVRELdUGfknz9kbLVsu+fnxIO7r974nn5DRQID+iRUBLaszRmGz58xakYia7/IBC58HIPz6AUgrFS93vwSEcPdjZZLS/3k+G67+kvlpTcwbNRv2TlG3TFs1NBzXfKfzWHzyA3jcfZOdYemievTi/gBHYtZhOloRRhFDJxJFqG04dNx49D+gMyRaTYOW/05DHKBgFm3gswHgbBfEFJCc6vZbB+U4x70osxjuIEOTeKH0YxxkkcR/jg/CmcFnS+EYSr02eBcQJlUZalcZakyHubwvoF/AcAAP//AAAA//+UkkEOgyAQRa9C5gBFEDUxSNJWew9CSbqyjRBtb9+xaRTCRnbAmxfmZ0a6h7W+114rOT0XMnXAgLiXHh2e2hrImwlt2vunt87Y0XdQnDgoadbSM9bii8P7rApJZyWp+bNLyFjMriHjMetDVsZsWHv7dbj9KuKKW2hXG6OYbQvIjwccOFDMFNplhl0mtsiwRWJXGXaV2DjMo4Md6sRuMuxmt+m+YF8AAAD//wAAAP//silITE/1TSxKz8wrVshJTSuxVTLQMzdVUijKTM+Ac0ryC2yVDJUUkvJLSvJzwcyM1MSU1CKQaqDitPz8EhhH385Gvzy/KLs4IzW1xA4AAAD//wMAUEsDBBQABgAIAAAAIQB/pFmDygAAADUBAAAUAAAAeGwvc2hhcmVkU3RyaW5ncy54bWx0j01LQzEQRfeC/yHM3ubpoogkKdgPcK1dl/Ay9gWSSczMk/bfGxFBHri853AvM2ZzyUl9YuNYyML9agCFNJYQ6Wzh+Ha4ewTF4in4VAgtXJFh425vDLOo3iW2MInUJ615nDB7XpWK1M17adlLj+2suTb0gSdEyUk/DMNaZx8J1FhmEgtrUDPFjxm3v9kZjs6I2xaSVtLpZWe0OKO/6Y/ZX2ry5KUfvlSHhn2LxutSvIqXmZf0WIMXDP/g0/OfGd3fdl8AAAD//wMAUEsDBBQABgAIAAAAIQC62Q4nUgEAAHsCAAARAAgBZG9jUHJvcHMvY29yZS54bWwgogQBKKAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8kl9PgzAUxd9N/A6k71DK/mgaYImaPbloIovGt6a9bI3QkraK+/YW2BAz9bE95/56zk3T1WddBR9grNQqQySKUQCKayHVLkPbYh1eo8A6pgSrtIIMHcCiVX55kfKGcm3g0egGjJNgA09SlvImQ3vnGoqx5XuomY28Q3mx1KZmzh/NDjeMv7Ed4CSOl7gGxwRzDHfAsBmJ6IgUfEQ276bqAYJjqKAG5SwmEcHfXgemtr8O9MrEWUt3aHynY9wpW/BBHN2fVo7Gtm2jdtbH8PkJftncP/VVQ6m6XXFAeSo45QaY0ybfSG601aULHspScgi2FkyKJ45umxWzbuMXX0oQN4e/hs6N/qW+2PAciMBHpUOxk/I8u70r1ihP4oSE8TyMlwUhlMwpWbx2OX7Md9GHi/qY5n9i4nFhPCvIFV3MabycEE+APMVn3yX/AgAA//8DAFBLAwQUAAYACAAAACEAn51PeJIBAAAhAwAAEAAIAWRvY1Byb3BzL2FwcC54bWwgogQBKKAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACckk1v2zAMhu8D9h8M3Rs57VAMgaxiSDv0sGIBkrZnTqZjobZkiKyR7NePttHUWXfajR8vXj6iaG4ObZP1mMjHUKjlIlcZBhdLH/aFetx9v/iqMmIIJTQxYKGOSOrGfv5kNil2mNgjZWIRqFA1c7fSmlyNLdBC2kE6VUwtsKRpr2NVeYe30b22GFhf5vm1xgNjKLG86E6GanJc9fy/pmV0Ax897Y6dAFvzresa74DllfbBuxQpVpw9gPOBI9XZ3cFhY/RcZoRzi+41eT7a3Oh5arYOGlzLCFtBQ2j0e8HcIwzr24BPZE3Pqx4dx5SR/y0LvFTZLyAcwArVQ/IQWAAH2ZSMcdMRJ/sc0wvViExGi2AqjuFcO4/9F7scBRKcCweDCUQa54g7zw3Sz2oDif9BvJwTjwwT74QDzCgHMmz2I+X4cJn314R1bDsIR2mcoh8+vNBjt4u3wPi21POi2daQsJR/OC39VDD3ss/UDCbrGsIeyzfNx8ZwDE/Txdvl9SK/yuV3ZzWj32/b/gEAAP//AwBQSwECLQAUAAYACAAAACEAYu6daF4BAACQBAAAEwAAAAAAAAAAAAAAAAAAAAAAW0NvbnRlbnRfVHlwZXNdLnhtbFBLAQItABQABgAIAAAAIQC1VTAj9AAAAEwCAAALAAAAAAAAAAAAAAAAAJcDAABfcmVscy8ucmVsc1BLAQItABQABgAIAAAAIQCBPpSX8wAAALoCAAAaAAAAAAAAAAAAAAAAALwGAAB4bC9fcmVscy93b3JrYm9vay54bWwucmVsc1BLAQItABQABgAIAAAAIQB+PDAMkQIAAAsGAAAPAAAAAAAAAAAAAAAAAO8IAAB4bC93b3JrYm9vay54bWxQSwECLQAUAAYACAAAACEA2efnWY4IAAD9QQAADQAAAAAAAAAAAAAAAACtCwAAeGwvc3R5bGVzLnhtbFBLAQItABQABgAIAAAAIQDBFxC+TgcAAMYgAAATAAAAAAAAAAAAAAAAAGYUAAB4bC90aGVtZS90aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAPf8VnkCAwAAkAcAABgAAAAAAAAAAAAAAAAA5RsAAHhsL3dvcmtzaGVldHMvc2hlZXQxLnhtbFBLAQItABQABgAIAAAAIQB/pFmDygAAADUBAAAUAAAAAAAAAAAAAAAAAB0fAAB4bC9zaGFyZWRTdHJpbmdzLnhtbFBLAQItABQABgAIAAAAIQC62Q4nUgEAAHsCAAARAAAAAAAAAAAAAAAAABkgAABkb2NQcm9wcy9jb3JlLnhtbFBLAQItABQABgAIAAAAIQCfnU94kgEAACEDAAAQAAAAAAAAAAAAAAAAAKIiAABkb2NQcm9wcy9hcHAueG1sUEsFBgAAAAAKAAoAgAIAAGolAAAAAA=="
diff --git a/src/types/checklist.d.ts b/src/types/checklist.d.ts
deleted file mode 100644
index 996363c61..000000000
--- a/src/types/checklist.d.ts
+++ /dev/null
@@ -1,46 +0,0 @@
-import {ContextualizedEvaluation} from 'inspecjs'
-
-export interface ChecklistControl {
-  vid: string;
-  rid: string;
-  ruleVersion: string;
-  gtitle: string;
-  severity: string;
-  title: string;
-  description: string;
-  checkText: string;
-  fixText: string;
-  profileName: string;
-  startTime: string;
-  targetKey: number;
-  uuidV4: string;
-  ccis: string[];
-  status: string;
-  results: string;
-}
-
-export interface CKLMetadata {
-    fileName: string;
-    benchmark: {
-      title: string | null;
-      version: string | null;
-      plaintext: string | null;
-    };
-    stigid: string | null;
-    role: string | null;
-    type: string | null;
-    hostname: string | null;
-    ip: string | null;
-    mac: string | null;
-    fqdn: string | null;
-    tech_area: string | null;
-    target_key: string | null;
-    web_or_database: string | null;
-    web_db_site: string | null;
-    web_db_instance: string | null;
-    [key: string]: string | null | Record<string, string | null>;
-}
-
-type ExtendedEvaluationFile = {
-  evaluation: ContextualizedEvaluation;
-};
diff --git a/src/utils/checklist.ts b/src/utils/checklist.ts
deleted file mode 100644
index c5facddfc..000000000
--- a/src/utils/checklist.ts
+++ /dev/null
@@ -1,90 +0,0 @@
-import {ContextualizedControl, ControlStatus, HDFControlSegment, Severity} from 'inspecjs'
-import {ChecklistControl} from '../types/checklist'
-import {v4} from 'uuid'
-import _ from 'lodash'
-
-export function cklSeverity(severity: Severity): 'low' | 'medium' | 'high' {
-  switch (severity) {
-    case 'critical':
-    case 'high': {
-      return 'high'
-    }
-
-    case 'medium': {
-      return 'medium'
-    }
-
-    case 'low':
-    case 'none': {
-      return 'low'
-    }
-
-    default: {
-      return 'high'
-    }
-  }
-}
-
-export function cklStatus(status: ControlStatus): string {
-  switch (status) {
-    case 'Not Applicable':
-    case 'From Profile': {
-      return 'Not_Applicable'
-    }
-
-    case 'Profile Error':
-    case 'Not Reviewed': {
-      return 'Not_Reviewed'
-    }
-
-    case 'Passed': {
-      return 'NotAFinding'
-    }
-
-    default: {
-      return 'Open'
-    }
-  }
-}
-
-// Get segments/results as strings
-export function cklResults(segments?: HDFControlSegment[]): string {
-  if (segments === undefined) {
-    return ''
-  }
-
-  return segments
-    .map(segment => {
-      if (segment.message) {
-        return `${segment.status}\n${segment.code_desc}\n${segment.message}`
-      }
-
-      if (segment.skip_message) {
-        return `${segment.status}\n${segment.code_desc}\n${segment.skip_message}`
-      }
-
-      return `${segment.status}\n${segment.code_desc}`
-    })
-    .join('\n--------------------------------\n')
-}
-
-export function getDetails(control: ContextualizedControl, profileName: string): ChecklistControl {
-  return {
-    vid: control.data.tags.gid || control.data.id,
-    rid: control.data.tags.rid || control.data.id,
-    ruleVersion: control.data.tags.stig_id || control.data.id,
-    gtitle: control.data.tags.gtitle || control.data.id,
-    severity: cklSeverity(control.root.hdf.severity),
-    title: control.data.title || '',
-    description: control.data.desc || '',
-    checkText: control.hdf.descriptions.check || control.data.tags.check,
-    fixText: control.hdf.descriptions.fix || control.data.tags.fix,
-    profileName,
-    startTime: _.get(control, 'hdf.segments![0].start_time', ''),
-    targetKey: 0,
-    uuidV4: v4(),
-    ccis: control.data.tags.cci,
-    status: cklStatus(control.hdf.status),
-    results: cklResults(control.hdf.segments),
-  }
-}
diff --git a/src/utils/ohdf/types.ts b/src/utils/ohdf/types.ts
index 8b4c35845..aa05a7603 100644
--- a/src/utils/ohdf/types.ts
+++ b/src/utils/ohdf/types.ts
@@ -45,9 +45,9 @@ export type DataOrArray = Data | Data[] | PrintableSummary | PrintableSummary[];
 
 /**
  * Represents the possible values for the row names in the generated Markdown table.
- * The possible values are 'Total', 'Critical', 'High', 'Medium', 'Low', and 'Not Applicable'.
+ * The possible values are 'Total', 'Critical', 'High', 'Medium', 'Low'.
  */
-export type RowType = 'total' | 'critical' | 'high' | 'medium' | 'low' | 'Not Applicable';
+export type RowType = 'total' | 'critical' | 'high' | 'medium' | 'low';
 
 /**
  * Represents the possible values for the column names in the generated Markdown table.
diff --git a/src/utils/threshold.ts b/src/utils/threshold.ts
index 6818a8d78..c2f8d77d4 100644
--- a/src/utils/threshold.ts
+++ b/src/utils/threshold.ts
@@ -4,10 +4,10 @@ import _ from 'lodash'
 import {ControlDescription} from 'inspecjs/lib/generated_parsers/v_1_0/exec-json'
 
 export const severityTargetsObject = {
-  critical: ['passed.critical.min', 'passed.critical.max', 'failed.critical.min', 'failed.critical.max', 'skipped.critical.min', 'skipped.critical.max', 'error.critical.min', 'error.critical.max'],
-  high: ['passed.high.min', 'passed.high.max', 'failed.high.min', 'failed.high.max', 'skipped.high.min', 'skipped.high.max', 'error.high.min',  'error.high.max'],
-  medium: ['passed.medium.min', 'passed.medium.max', 'failed.medium.min', 'failed.medium.max', 'skipped.medium.min', 'skipped.medium.max', 'error.medium.min', 'error.medium.max'],
-  low: ['passed.low.min', 'passed.low.max', 'failed.low.min', 'failed.low.max', 'skipped.low.min', 'skipped.low.max', 'error.low.min', 'error.low.max'],
+  critical: ['passed.critical.min', 'passed.critical.max', 'failed.critical.min', 'failed.critical.max', 'skipped.critical.min', 'skipped.critical.max', 'error.critical.min', 'error.critical.max', 'no_impact.critical.min', 'no_impact.critical.max'],
+  high: ['passed.high.min', 'passed.high.max', 'failed.high.min', 'failed.high.max', 'skipped.high.min', 'skipped.high.max', 'error.high.min',  'error.high.max', 'no_impact.high.min', 'no_impact.high.max'],
+  medium: ['passed.medium.min', 'passed.medium.max', 'failed.medium.min', 'failed.medium.max', 'skipped.medium.min', 'skipped.medium.max', 'error.medium.min', 'error.medium.max', 'no_impact.medium.min', 'no_impact.medium.max'],
+  low: ['passed.low.min', 'passed.low.max', 'failed.low.min', 'failed.low.max', 'skipped.low.min', 'skipped.low.max', 'error.low.min', 'error.low.max', 'no_impact.low.min', 'no_impact.low.max'],
   none: ['no_impact.none.min', 'no_impact.none.max'],
 }
 
@@ -15,10 +15,10 @@ export const totalMin = ['passed.total.min', 'failed.total.min', 'skipped.total.
 export const totalMax = ['passed.total.max', 'failed.total.max', 'skipped.total.max', 'error.total.max']
 
 export const statusSeverityPaths = {
-  critical: ['passed.critical.controls', 'failed.critical.controls', 'skipped.critical.controls', 'error.critical.controls'],
-  high: ['passed.high.controls', 'failed.high.controls', 'skipped.high.controls', 'error.high.controls'],
-  medium: ['passed.medium.controls', 'failed.medium.controls', 'skipped.medium.controls', 'error.medium.controls'],
-  low: ['passed.low.controls', 'failed.low.controls', 'skipped.low.controls', 'error.low.controls'],
+  critical: ['passed.critical.controls', 'failed.critical.controls', 'skipped.critical.controls', 'error.critical.controls', 'no_impact.critical.controls'],
+  high: ['passed.high.controls', 'failed.high.controls', 'skipped.high.controls', 'error.high.controls', 'no_impact.high.controls'],
+  medium: ['passed.medium.controls', 'failed.medium.controls', 'skipped.medium.controls', 'error.medium.controls', 'no_impact.medium.controls'],
+  low: ['passed.low.controls', 'failed.low.controls', 'skipped.low.controls', 'error.low.controls', 'no_impact.low.controls'],
   none: ['no_impact.none.controls'],
 }
 
@@ -42,6 +42,10 @@ export const emptyStatusAndSeverityCounts = {
     low: [],
   },
   no_impact: {
+    critical: [],
+    high: [],
+    medium: [],
+    low: [],
     none: [],
   },
   error: {
@@ -70,6 +74,7 @@ export function extractStatusCounts(profile: ContextualizedProfile, severity?: s
     const control = c.root
     const status: ControlStatus = control.hdf.status
     const controlSeverity: Severity = control.hdf.severity
+
     if (!severity || (controlSeverity === severity)) {
       ++hash[status]
       if (status === 'Passed') {
diff --git a/test/commands/convert/ckl2hdf.test.ts b/test/commands/convert/ckl2hdf.test.ts
index de70a80bc..fddad1f1c 100644
--- a/test/commands/convert/ckl2hdf.test.ts
+++ b/test/commands/convert/ckl2hdf.test.ts
@@ -42,3 +42,32 @@ describe('Test ckl2hdf Three Stig Checklist example', () => {
       expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
     })
 })
+
+describe('Test ckl2hdf Small Checklist Overrides examples', () => {
+  const tmpobj = tmp.dirSync({unsafeCleanup: true})
+
+  test
+    .stdout()
+    .command(['convert ckl2hdf', '-i', path.resolve('./test/sample_data/checklist/sample_input_report/small_ckl_overrides.ckl'), '-o', `${tmpobj.name}/smallchecklistoverrides.json`])
+    .it('hdf-converter output test', () => {
+      const test = JSON.parse(fs.readFileSync(`${tmpobj.name}/smallchecklistoverrides.json`, 'utf8'))
+      const sample = JSON.parse(fs.readFileSync(path.resolve('./test/sample_data/checklist/small_overrides_hdf.json'), 'utf8'))
+      expect(omitHDFChangingFields(test)).to.eql(omitHDFChangingFields(sample))
+    })
+})
+
+describe('Test invalid checklist metadata example', () => {
+  const tmpobj = tmp.dirSync({unsafeCleanup: true})
+
+  test
+    .stdout()
+    .stderr()
+    .command(['convert ckl2hdf', '-i', path.resolve('./test/sample_data/checklist/sample_input_report/ckl_with_invalid_metadata.ckl'), '-o', `${tmpobj.name}/invalid_output.json`])
+    .it(
+      'hdf-converter output test - throws error when using invalid checklist metadata',
+      ctx => {
+        expect(ctx.stderr).to.equal('Error converting to hdf:\nError: Invalid checklist metadata fields:\n\tHost FQDN (invalid)\n\tHost IP (invalid)\n\tHost MAC (invalid)\n')
+      },
+    )
+
+})
\ No newline at end of file
diff --git a/test/commands/convert/hdf2ckl.test.ts b/test/commands/convert/hdf2ckl.test.ts
index 3c31c6864..9d27c49bd 100644
--- a/test/commands/convert/hdf2ckl.test.ts
+++ b/test/commands/convert/hdf2ckl.test.ts
@@ -9,28 +9,74 @@ describe('Test hdf2checklist', () => {
 
   test
     .stdout()
-    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), '-o', `${tmpobj.name}/hdf2ckl_test.json`])
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), '-o', `${tmpobj.name}/hdf2ckl_test.ckl`])
     .it('hdf-converter output test - defaults', () => {
-      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_test.json`, 'utf8')
+      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_test.ckl`, 'utf8')
       const sample = fs.readFileSync(path.resolve('./test/sample_data/checklist/red_hat_good.ckl'), 'utf8')
       expect(omitChecklistChangingFields(test)).to.eql(omitChecklistChangingFields(sample))
     })
 
   test
     .stdout()
-    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/vSphere8_report.json'), '-o', `${tmpobj.name}/hdf2ckl_test.json`])
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/vSphere8_report.json'), '-o', `${tmpobj.name}/hdf2ckl_test.ckl`])
     .it('hdf-converter output test - inspec results from profile with dependent profiles', () => {
-      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_test.json`, 'utf8')
+      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_test.ckl`, 'utf8')
       const sample = fs.readFileSync(path.resolve('./test/sample_data/checklist/vSphere8_report.ckl'), 'utf8')
       expect(omitChecklistChangingFields(test)).to.eql(omitChecklistChangingFields(sample))
     })
 
   test
     .stdout()
-    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), '-o', `${tmpobj.name}/hdf2ckl_metadata_test.json`, '-m', path.resolve('./test/sample_data/checklist/metadata.json')])
-    .it('hdf-converter output test - with metadata', () => {
-      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_metadata_test.json`, 'utf8')
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), '-o', `${tmpobj.name}/hdf2ckl_metadata_test.ckl`, '-m', path.resolve('./test/sample_data/checklist/metadata.json')])
+    .it('hdf-converter output test - with metadata file', () => {
+      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_metadata_test.ckl`, 'utf8')
       const sample = fs.readFileSync(path.resolve('./test/sample_data/checklist/red_hat_good_metadata.ckl'), 'utf8')
       expect(omitChecklistChangingFields(test)).to.eql(omitChecklistChangingFields(sample))
     })
+
+  test
+    .stdout()
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), 
+      '-o', `${tmpobj.name}/hdf2ckl_metadata_test.ckl`, 
+      '--profilename', 'Red Hat Enterprise Linux 7 STIG', '--version', '2', 
+      '--releasenumber', '6', '--releasedate', '2024/06/08', 
+      '--marking', 'CUI', '--hostname', 'localhost', 
+      '--ip', '127.0.0.1', '--role', 'Domain Controller', 
+      '--assettype', 'Computing', '--techarea', 'Other Review'])
+    .it('hdf-converter output test - with metadata flags', () => {
+      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_metadata_test.ckl`, 'utf8')
+      const sample = fs.readFileSync(path.resolve('./test/sample_data/checklist/red_hat_good_metadata.ckl'), 'utf8')
+      expect(omitChecklistChangingFields(test)).to.eql(omitChecklistChangingFields(sample))
+    })
+
+  test
+    .stdout()
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/RHEL7_overrides_hdf.json'), '-o', `${tmpobj.name}/hdf2ckl_overrides_test.ckl`])
+    .it('hdf-converter output test - with severity overrides', () => {
+      const test = fs.readFileSync(`${tmpobj.name}/hdf2ckl_overrides_test.ckl`, 'utf8')
+      const sample = fs.readFileSync(path.resolve('./test/sample_data/checklist/converted-rhel7_overrides.ckl'), 'utf8')
+      expect(omitChecklistChangingFields(test)).to.eql(omitChecklistChangingFields(sample))
+    })
+
+  test
+    .stdout()
+    .stderr()
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), '-o', `${tmpobj.name}/hdf2ckl_metadata_error_test.json`, '-m', path.resolve('test/sample_data/checklist/sample_input_report/invalid_metadata.json')])
+    .it(
+      'hdf-converter output test - throws error when using invalid checklist metadata',
+      ctx => {
+        expect(ctx.stderr).to.equal('Error creating checklist:\nInvalid checklist metadata fields:\n\tHost IP (invalid)\n\tAsset Type (Not a real assettype)\n')
+      },
+    )
+
+  test
+    .stdout()
+    .stderr()
+    .command(['convert hdf2ckl', '-i', path.resolve('./test/sample_data/HDF/input/red_hat_good.json'), '-o', `${tmpobj.name}/hdf2ckl_metadata_error_test.json`, '--ip', 'bad ip address'])
+    .it(
+      'hdf-converter output test - throws error when using invalid checklist metadata',
+      ctx => {
+        expect(ctx.stderr).to.equal('Error creating checklist:\nInvalid checklist metadata fields:\n\tHost IP (bad ip address)\n')
+      },
+    )
 })
diff --git a/test/commands/utils.ts b/test/commands/utils.ts
index e0552bc83..7ef224985 100644
--- a/test/commands/utils.ts
+++ b/test/commands/utils.ts
@@ -29,6 +29,7 @@ export function omitHDFChangingFields(
 }
 
 export function omitChecklistChangingFields(input: string) {
-  // remove UUIDs
+  // remove UUIDs and the heimdall version
   return input.replaceAll(/[0-9a-fA-F]{8}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{4}\b-[0-9a-fA-F]{12}/gm, '')
+    .replace(/<!--Heimdall Version :: \S+-->/, '')
 }
diff --git a/test/commands/validate/threshold.test.ts b/test/commands/validate/threshold.test.ts
index 5c8551346..6bc33c10c 100644
--- a/test/commands/validate/threshold.test.ts
+++ b/test/commands/validate/threshold.test.ts
@@ -81,4 +81,47 @@ describe('Test validate threshold', () => {
       expect(error.message).to.equal('passed.total.max: Threshold not met. Number of received total passed controls (19) is greater than your set threshold for the number of passed controls (18)')
     })
     .it('Validate threshold minMaxTotal - Triple Overlay Compliance')
+
+    test
+      .stdout()
+      .stderr()
+      .command([
+        'validate threshold',
+        '-i',
+        path.resolve(
+          './test/sample_data/HDF/input/rhel-8_hardened.json',
+        ),
+        '--templateFile',
+        path.resolve(
+          './test/sample_data/thresholds/rhel-8_hardened.counts.good.exact.yml',
+        ),
+      ])
+      .it('Validate threshold test - RHEL-8 Hardened Valid Exact Counts', ctx => {
+        expect(ctx.stdout).to.equal('All validation tests passed\n')
+        expect(ctx.stderr).to.equal('')
+      })
+
+    test
+      .stdout()
+      .stderr()
+      .command([
+        'validate threshold',
+        '-i',
+        path.resolve(
+          './test/sample_data/HDF/input/rhel-8_hardened.json',
+        ),
+        '--templateFile',
+        path.resolve(
+          './test/sample_data/thresholds/rhel-8_hardened.counts.bad.noimpactHigh.yml',
+        ),
+      ])
+      .catch(error => {
+        expect(error.message).to.equal('no_impact.high.max: Threshold not met. Number of received total no_impact controls (3) is greater than your set threshold for the number of no_impact controls (2)')
+      })
+      .it(
+        'Validate threshold test - RHEL-8 Hardened Invalid Total Counts',
+        ctx => {
+          expect(ctx.stdout).to.equal('')
+        },
+      )
 })
diff --git a/test/sample_data/HDF/input/RHEL7_overrides_hdf.json b/test/sample_data/HDF/input/RHEL7_overrides_hdf.json
new file mode 100644
index 000000000..246d4abbe
--- /dev/null
+++ b/test/sample_data/HDF/input/RHEL7_overrides_hdf.json
@@ -0,0 +1,289 @@
+{
+  "platform": {
+    "name": "centos",
+    "release": "7.6.1810"
+  },
+  "profiles": [
+    {
+      "attributes": [],
+      "controls": [
+        {
+          "code": "not important",
+          "desc": "Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.",
+          "descriptions": [
+            {
+              "data": "Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.",
+              "label": "default"
+            },
+            {
+              "data": "Verify the file permissions, ownership, and group membership of\nsystem files and commands match the vendor values.\n\nCheck the file permissions, ownership, and group membership of system files and\ncommands with the following command:\n\n# rpm -Va | grep '^.M'\n\nIf there is any output from the command indicating that the ownership or group\nof a system file or command, or a system file, has permissions less restrictive\nthan the default, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Run the following command to determine which package owns the\nfile:\n\n# rpm -qf <filename>\n\nReset the permissions of files within a package with the following command:\n\n#rpm --setperms <packagename>\n\nReset the user and group ownership of files within a package with the following\ncommand:\n\n#rpm --setugids <packagename>",
+              "label": "fix"
+            }
+          ],
+          "id": "V-71849",
+          "impact": 0.3,
+          "refs": [],
+          "results": [
+            {
+              "code_desc": "not important",
+              "message": "not important",
+              "run_time": 0.00056624,
+              "start_time": "2019-11-04T16:17:07-05:00",
+              "status": "failed"
+            }
+          ],
+          "source_location": {
+            "line": 16,
+            "ref": "inspec-profile-disa_stig-el7-master/controls/V-71849.rb"
+          },
+          "tags": {
+            "gtitle": "SRG-OS-000257-GPOS-00098",
+            "satisfies": [
+              "SRG-OS-000257-GPOS-00098",
+              "SRG-OS-000278-GPOS-00108"
+            ],
+            "gid": "V-71849",
+            "rid": "SV-86473r2_rule",
+            "stig_id": "RHEL-07-010010",
+            "cci": [
+              "CCI-001494",
+              "CCI-001496"
+            ],
+            "documentable": false,
+            "nist": [
+              "AU-9",
+              "AU-9 (3)",
+              "Rev_4"
+            ],
+            "subsystems": [
+              "permissions",
+              "package",
+              "rpm"
+            ],
+            "fix_id": "F-78201r3_fix",
+            "severity": "critical"
+          },
+          "title": "The file permissions, ownership, and group membership of system files and commands must match the vendor values."
+        },
+        {
+          "code": "not important",
+          "desc": "not important",
+          "descriptions": [
+            {
+              "data": "not important",
+              "label": "default"
+            },
+            {
+              "data": "Verify the cryptographic hash of system files and commands\nmatch the vendor values.\n\nCheck the cryptographic hash of system files and commands with the following\ncommand:\n\nNote: System configuration files (indicated by a \"c\" in the second column)\nare expected to change over time. Unusual modifications should be investigated\nthrough the system audit log.\n\n# rpm -Va | grep '^..5'\n\nIf there is any output from the command for system binaries, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Run the following command to determine which package owns the\nfile:\n\n# rpm -qf <filename>\n\nThe package can be reinstalled from a yum repository using the command:\n\n# sudo yum reinstall <packagename>\n\nAlternatively, the package can be reinstalled from trusted media using the\ncommand:\n\n# sudo rpm -Uvh <packagename>",
+              "label": "fix"
+            }
+          ],
+          "id": "V-71855",
+          "impact": 0.7,
+          "refs": [],
+          "results": [
+            {
+              "code_desc": "[] should all be in",
+              "run_time": 0.000103517,
+              "start_time": "2019-11-04T16:17:07-05:00",
+              "status": "skipped"
+            }
+          ],
+          "source_location": {
+            "line": 15,
+            "ref": "inspec-profile-disa_stig-el7-master/controls/V-71855.rb"
+          },
+          "tags": {
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-71855",
+            "rid": "SV-86479r2_rule",
+            "stig_id": "RHEL-07-010020",
+            "cci": [
+              "CCI-000663"
+            ],
+            "documentable": false,
+            "nist": [
+              "SA-7",
+              "Rev_4"
+            ],
+            "subsystems": [
+              "rpm",
+              "package"
+            ],
+            "fix_id": "F-78207r1_fix",
+            "severity": "low",
+            "severityoverride": "medium",
+            "severityjustification": "This system is not important"
+          },
+          "title": "The cryptographic hash of system files and commands must match vendor\nvalues."
+        },
+        {
+          "code": "not important",
+          "desc": "not important",
+          "descriptions": [
+            {
+              "data": "not important",
+              "label": "default"
+            },
+            {
+              "data": "not important",
+              "label": "check"
+            },
+            {
+              "data": "not important",
+              "label": "fix"
+            }
+          ],
+          "id": "V-71859",
+          "impact": 0.95,
+          "refs": [],
+          "results": [
+            {
+              "code_desc": "Command: `dconf read /org/gnome/login-screen/banner-message-enable` stdout.strip should cmp == \"true\"",
+              "message": "\nexpected: \"true\"\n     got: \"\"\n\n(compared using `cmp` matcher)\n",
+              "run_time": 0.017205426,
+              "start_time": "2019-11-04T16:17:07-05:00",
+              "status": "failed"
+            }
+          ],
+          "source_location": {
+            "line": 14,
+            "ref": "inspec-profile-disa_stig-el7-master/controls/V-71859.rb"
+          },
+          "tags": {
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "satisfies": [
+              "SRG-OS-000023-GPOS-00006",
+              "SRG-OS-000024-GPOS-00007",
+              "SRG-OS-000228-GPOS-00088"
+            ],
+            "gid": "V-71859",
+            "rid": "SV-86483r3_rule",
+            "stig_id": "RHEL-07-010030",
+            "cci": [
+              "CCI-000048"
+            ],
+            "documentable": false,
+            "nist": [
+              "AC-8 a",
+              "Rev_4"
+            ],
+            "subsystem": [
+              "gdm"
+            ],
+            "fix_id": "F-78211r4_fix"
+          },
+          "title": "The operating system must display the Standard Mandatory DoD Notice\nand Consent Banner before granting local or remote access to the system via a\ngraphical user logon."
+        },
+        {
+          "code": "not important",
+          "desc": "not important",
+          "descriptions": [
+            {
+              "data": "not important",
+              "label": "default"
+            },
+            {
+              "data": "not important",
+              "label": "check"
+            },
+            {
+              "data": "not important",
+              "label": "fix"
+            }
+          ],
+          "id": "V-71861",
+          "impact": 0.5,
+          "refs": [],
+          "results": [
+            {
+              "code_desc": "If no files specify the banner text then this is a finding should equal false",
+              "message": "\nexpected false\n     got true\n",
+              "run_time": 0.001565842,
+              "start_time": "2019-11-04T16:17:07-05:00",
+              "status": "failed"
+            }
+          ],
+          "source_location": {
+            "line": 29,
+            "ref": "inspec-profile-disa_stig-el7-master/controls/V-71861.rb"
+          },
+          "tags": {
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "satisfies": [
+              "SRG-OS-000023-GPOS-00006",
+              "SRG-OS-000024-GPOS-00007",
+              "SRG-OS-000228-GPOS-00088"
+            ],
+            "gid": "V-71861",
+            "rid": "SV-86485r3_rule",
+            "stig_id": "RHEL-07-010040",
+            "cci": [
+              "CCI-000048"
+            ],
+            "documentable": false,
+            "nist": [
+              "AC-8 a",
+              "Rev_4"
+            ],
+            "subsystems": [
+              "gdm"
+            ],
+            "fix_id": "F-78213r5_fix",
+            "severity": "none"
+          },
+          "title": "The operating system must display the approved Standard Mandatory DoD\nNotice and Consent Banner before granting local or remote access to the system\nvia a graphical user logon."
+        }
+      ],
+      "copyright": "SIMP Team",
+      "copyright_email": "simp-dev@googlegroups.com",
+      "groups": [
+        {
+          "controls": [
+            "V-71849"
+          ],
+          "id": "controls/V-71849.rb"
+        },
+        {
+          "controls": [
+            "V-71855"
+          ],
+          "id": "controls/V-71855.rb"
+        },
+        {
+          "controls": [
+            "V-71859"
+          ],
+          "id": "controls/V-71859.rb"
+        },
+        {
+          "controls": [
+            "V-71861"
+          ],
+          "id": "controls/V-71861.rb"
+        }
+      ],
+      "license": "Apache-2.0",
+      "maintainer": "SIMP Team",
+      "name": "disa_stig-el7",
+      "sha256": "d4ecb3e201285a383a4aa6af8d9028e8311cb1975af2b380f098a21c895246ff",
+      "status": "loaded",
+      "summary": "The `disa_stig-el7` inspec profile helps scan your system aginst the DISA RHEL7 STIG",
+      "supports": [],
+      "title": "DISA RedHat Enterprise Linux 7 STIG - v1r4",
+      "version": "0.2.0"
+    }
+  ],
+  "statistics": {
+    "duration": 10.681128104
+  },
+  "version": "4.16.0"
+}
\ No newline at end of file
diff --git a/test/sample_data/HDF/input/rhel-8_hardened.json b/test/sample_data/HDF/input/rhel-8_hardened.json
index acd6fd75e..01eb06a13 100644
--- a/test/sample_data/HDF/input/rhel-8_hardened.json
+++ b/test/sample_data/HDF/input/rhel-8_hardened.json
@@ -1 +1,27720 @@
-{"platform":{"name":"redhat","release":"8.9","target_id":"7cc1d93b-bfd7-5824-a240-129577555e24"},"profiles":[{"name":"redhat-enterprise-linux-8-stig-baseline","version":"1.12.0","sha256":"7f77220de1c9d7f701dc4fbb3d0a9b2c0389c216e8d53585eec0031ecf6ed36e","title":"redhat-enterprise-linux-8-stig-baseline","maintainer":"MITRE SAF Team","summary":"This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.","license":"Apache-2.0","copyright":"MITRE","supports":[],"attributes":[{"name":"sudoers_config_files","options":{"type":"Array","value":["/etc/sudoers","/etc/sudoers.d/*"]}},{"name":"sshd_config_values","options":{"type":"Hash","value":{"GSSAPIAuthentication":"no","ClientAliveInterval":"600"}}},{"name":"alert_method","options":{"type":"String","value":"email"}},{"name":"peripherals_package","options":{"type":"String","value":"usbguard"}},{"name":"peripherals_service","options":{"type":"String","value":"usbguard"}},{"name":"allow_container_openssh_server","options":{"type":"Boolean","value":false}},{"name":"maxclassrepeat","options":{"type":"Numeric","value":4}},{"name":"maxrepeat","options":{"type":"Numeric","value":3}},{"name":"minclass","options":{"type":"Numeric","value":4}},{"name":"difok","options":{"type":"Numeric","value":8}},{"name":"pass_min_days","options":{"type":"Numeric","value":1}},{"name":"pass_max_days","options":{"type":"Numeric","value":60}},{"name":"seperate_filesystem_exempt","options":{"type":"Boolean","value":"Input 'seperate_filesystem_exempt' does not have a value. Skipping test."}},{"name":"disable_slow_controls","options":{"type":"Boolean","value":false}},{"name":"disconnected_system","options":{"type":"Boolean","value":false}},{"name":"use_fips","options":{"type":"Boolean","value":true}},{"name":"data_at_rest_exempt","options":{"type":"Boolean","value":false}},{"name":"container_host","options":{"type":"Boolean","value":false}},{"name":"min_reuse_generations","options":{"type":"Numeric","value":5}},{"name":"min_retry","options":{"type":"Numeric","value":3}},{"name":"pass_min_len","options":{"type":"Numeric","value":15}},{"name":"faillock_tally","options":{"type":"String","value":"faillog_t"}},{"name":"network_router","options":{"type":"Boolean","value":false}},{"name":"sysctl_conf_files","options":{"type":"Array","value":["/etc/sysctl.d/*.conf","/run/sysctl.d/*.conf","/usr/local/lib/sysctl.d/*.conf","/usr/lib/sysctl.d/*.conf","/lib/sysctl.d/*.conf","/etc/sysctl.conf"]}},{"name":"grub_uefi_main_cfg","options":{"type":"String","value":"/boot/efi/EFI/redhat/grub.cfg"}},{"name":"grub_uefi_user_boot_files","options":{"type":"Array","value":["/boot/efi/EFI/redhat/user.cfg"]}},{"name":"exempt_home_users","options":{"type":"Array","value":["root","vagrant","ec2-user"]}},{"name":"non_interactive_shells","options":{"type":"Array","value":["/sbin/nologin","/sbin/halt","/sbin/shutdown","/bin/false","/bin/sync","/bin/true"]}},{"name":"user_accounts","options":{"type":"Array","value":["vagrant"]}},{"name":"grub_main_cfg","options":{"type":"String","value":"/boot/grub2/grub.cfg"}},{"name":"grub_user_boot_files","options":{"type":"Array","value":["/boot/grub2/user.cfg"]}},{"name":"ipv4_enabled","options":{"type":"Boolean","value":true}},{"name":"unsuccessful_attempts","options":{"type":"Numeric","value":3}},{"name":"central_account_management","options":{"type":"Boolean","value":false}},{"name":"ipv6_enabled","options":{"type":"Boolean","value":true}},{"name":"camera_installed","options":{"type":"Boolean","value":true}},{"name":"bluetooth_installed","options":{"type":"Boolean","value":true}},{"name":"known_system_accounts","options":{"type":"Array","value":["adm","bin","chrony","daemon","dbus","halt","lp","mail","nobody","ntp","operator","polkitd","postfix","root","shutdown","sshd","sssd","sync","systemd-bus-proxy","systemd-network"]}},{"name":"smart_card_enabled","options":{"type":"Boolean","value":false}},{"name":"file_integrity_tool","options":{"type":"String","value":"aide"}},{"name":"authoritative_timeserver","options":{"type":"String","value":"0.us.pool.ntp.mil"}},{"name":"non_removable_media_fs","options":{"type":"Array","value":["/","/tmp","none","/home"]}},{"name":"private_key_files","options":{"type":"Array","value":[]}},{"name":"openssh_server_required_algorithms","options":{"type":"Array","value":["hmac-sha2-512","hmac-sha2-256","hmac-sha2-512-etm@openssh.com","hmac-sha2-256-etm@openssh.com"]}},{"name":"root_ca_file","options":{"type":"String","value":"/etc/sssd/pki/sssd_auth_ca_db.pem"}},{"name":"system_inactivity_timeout","options":{"type":"Numeric","value":900}},{"name":"max_retry","options":{"type":"Numeric","value":3}},{"name":"days_of_inactivity","options":{"type":"Numeric","value":35}},{"name":"temporary_accounts","options":{"type":"Array","value":[]}},{"name":"banner_message_text_cli","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_ral","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_gui","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"maxlogins_limit","options":{"type":"Numeric","value":10}},{"name":"fail_interval","options":{"type":"Numeric","value":900}},{"name":"lockout_time","options":{"type":"Numeric","value":604800}},{"name":"log_directory","options":{"type":"String","value":"/var/log/faillock"}},{"name":"sshd_client_alive_count_max","options":{"type":"Numeric","value":1}},{"name":"linux_threat_prevention_package","options":{"type":"String","value":"mcafeetp"}},{"name":"linux_threat_prevention_service","options":{"type":"String","value":"mfetpd"}},{"name":"remove_xorg_x11_server_packages","options":{"type":"Array","value":["xorg-x11-server-common","xorg-x11-server-Xorg","xorg-x11-server-utils","xorg-x11-server-Xwayland"]}},{"name":"gui_required","options":{"type":"Boolean","value":false}},{"name":"disk_error_action","options":{"type":"Array","value":["SYSLOG","SINGLE","HALT"]}},{"name":"disk_full_action","options":{"type":"Array","value":["SYSLOG","SINGLE","HALT"]}},{"name":"permit_root_login","options":{"type":"String","value":"no"}},{"name":"permissions_for_shells","options":{"type":"Hash","value":{"default_umask":"077","bashrc_umask":"077","cshrc_umask":"077"}}},{"name":"permissions_for_libs","options":{"type":"String","value":"0755"}},{"name":"system_libraries","options":{"type":"Array","value":["/lib","/lib64","/usr/lib","/usr/lib64"]}},{"name":"system_command_dirs","options":{"type":"Array","value":["/bin","/sbin","/usr/bin","/usr/sbin","/usr/local/bin","/usr/local/sbin"]}},{"name":"required_system_accounts","options":{"type":"Array","value":["root"]}},{"name":"var_log_messages_group","options":{"type":"Array","value":["root"]}},{"name":"sssd_certificate_verification","options":{"type":"String","value":"ocsp_dgst=sha1"}},{"name":"sssd_conf_path","options":{"type":"String","value":"/etc/sssd/sssd.conf"}},{"name":"var_log_audit_group","options":{"type":"Array","value":["root"]}},{"name":"use_fapolicyd","options":{"type":"Boolean","value":true}},{"name":"audit_passwd_key","options":{"type":"String","value":"identity"}},{"name":"audit_group_key","options":{"type":"String","value":"identity"}},{"name":"pam_auth_files","options":{"type":"Hash","value":{"system-auth":"/etc/pam.d/system-auth","password-auth":"/etc/pam.d/password-auth","smartcard-auth":"/etc/pam.d/smartcard-auth"}}},{"name":"security_faillock_conf","options":{"type":"String","value":"/etc/security/faillock.conf"}},{"name":"external_firewall","options":{"type":"Boolean","value":false}},{"name":"firewalld_properties","options":{"type":"Hash","value":{"default_zone":"public","ports":[],"protocols":[],"services":["cockpit","dhcpv6-client","ssh"]}}},{"name":"skip_mount_tmp","options":{"type":"Hash","value":{"nodev":true,"nosuid":true,"noexec":true}}},{"name":"skip_password_privilege_escalation","options":{"type":"Boolean","value":false}},{"name":"skip_endpoint_security_tool","options":{"type":"Boolean","value":false}},{"name":"non_default_tally_dir","options":{"type":"String","value":"/var/log/faillock"}},{"name":"users_allowed_blank_passwords","options":{"type":"Array","value":[]}},{"name":"mail_package","options":{"type":"String","value":"mailx"}},{"name":"rpm_gpg_file","options":{"type":"String","value":"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"}},{"name":"rpm_gpg_keys","options":{"type":"Hash","value":{"release key 2":"567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51","auxiliary key":"6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792"}}},{"name":"administrator_users","options":{"type":"Array","value":["root"]}},{"name":"allowed_admin_selinux_roles","options":{"type":"Array","value":["sysadm_u","staff_u"]}},{"name":"allowed_non_admin_selinux_roles","options":{"type":"Array","value":["user_u"]}},{"name":"stop_idle_session_sec","options":{"type":"Numeric","value":900}},{"name":"sha_crypt_min_rounds","options":{"type":"Numeric","value":5000}},{"name":"sha_crypt_max_rounds","options":{"type":"Numeric","value":5000}},{"name":"unapproved_ssl_tls_versions","options":{"value":"Input 'unapproved_ssl_tls_versions' does not have a value. Skipping test."}}],"groups":[{"id":"controls/SV-230221.rb","controls":["SV-230221"]},{"id":"controls/SV-230222.rb","controls":["SV-230222"]},{"id":"controls/SV-230223.rb","controls":["SV-230223"]},{"id":"controls/SV-230224.rb","controls":["SV-230224"]},{"id":"controls/SV-230225.rb","controls":["SV-230225"]},{"id":"controls/SV-230226.rb","controls":["SV-230226"]},{"id":"controls/SV-230227.rb","controls":["SV-230227"]},{"id":"controls/SV-230228.rb","controls":["SV-230228"]},{"id":"controls/SV-230229.rb","controls":["SV-230229"]},{"id":"controls/SV-230230.rb","controls":["SV-230230"]},{"id":"controls/SV-230231.rb","controls":["SV-230231"]},{"id":"controls/SV-230232.rb","controls":["SV-230232"]},{"id":"controls/SV-230233.rb","controls":["SV-230233"]},{"id":"controls/SV-230234.rb","controls":["SV-230234"]},{"id":"controls/SV-230235.rb","controls":["SV-230235"]},{"id":"controls/SV-230236.rb","controls":["SV-230236"]},{"id":"controls/SV-230237.rb","controls":["SV-230237"]},{"id":"controls/SV-230238.rb","controls":["SV-230238"]},{"id":"controls/SV-230239.rb","controls":["SV-230239"]},{"id":"controls/SV-230240.rb","controls":["SV-230240"]},{"id":"controls/SV-230241.rb","controls":["SV-230241"]},{"id":"controls/SV-230243.rb","controls":["SV-230243"]},{"id":"controls/SV-230244.rb","controls":["SV-230244"]},{"id":"controls/SV-230245.rb","controls":["SV-230245"]},{"id":"controls/SV-230246.rb","controls":["SV-230246"]},{"id":"controls/SV-230247.rb","controls":["SV-230247"]},{"id":"controls/SV-230248.rb","controls":["SV-230248"]},{"id":"controls/SV-230249.rb","controls":["SV-230249"]},{"id":"controls/SV-230250.rb","controls":["SV-230250"]},{"id":"controls/SV-230251.rb","controls":["SV-230251"]},{"id":"controls/SV-230252.rb","controls":["SV-230252"]},{"id":"controls/SV-230253.rb","controls":["SV-230253"]},{"id":"controls/SV-230254.rb","controls":["SV-230254"]},{"id":"controls/SV-230255.rb","controls":["SV-230255"]},{"id":"controls/SV-230256.rb","controls":["SV-230256"]},{"id":"controls/SV-230257.rb","controls":["SV-230257"]},{"id":"controls/SV-230258.rb","controls":["SV-230258"]},{"id":"controls/SV-230259.rb","controls":["SV-230259"]},{"id":"controls/SV-230260.rb","controls":["SV-230260"]},{"id":"controls/SV-230261.rb","controls":["SV-230261"]},{"id":"controls/SV-230262.rb","controls":["SV-230262"]},{"id":"controls/SV-230263.rb","controls":["SV-230263"]},{"id":"controls/SV-230264.rb","controls":["SV-230264"]},{"id":"controls/SV-230265.rb","controls":["SV-230265"]},{"id":"controls/SV-230266.rb","controls":["SV-230266"]},{"id":"controls/SV-230267.rb","controls":["SV-230267"]},{"id":"controls/SV-230268.rb","controls":["SV-230268"]},{"id":"controls/SV-230269.rb","controls":["SV-230269"]},{"id":"controls/SV-230270.rb","controls":["SV-230270"]},{"id":"controls/SV-230271.rb","controls":["SV-230271"]},{"id":"controls/SV-230272.rb","controls":["SV-230272"]},{"id":"controls/SV-230273.rb","controls":["SV-230273"]},{"id":"controls/SV-230274.rb","controls":["SV-230274"]},{"id":"controls/SV-230275.rb","controls":["SV-230275"]},{"id":"controls/SV-230276.rb","controls":["SV-230276"]},{"id":"controls/SV-230277.rb","controls":["SV-230277"]},{"id":"controls/SV-230278.rb","controls":["SV-230278"]},{"id":"controls/SV-230279.rb","controls":["SV-230279"]},{"id":"controls/SV-230280.rb","controls":["SV-230280"]},{"id":"controls/SV-230281.rb","controls":["SV-230281"]},{"id":"controls/SV-230282.rb","controls":["SV-230282"]},{"id":"controls/SV-230283.rb","controls":["SV-230283"]},{"id":"controls/SV-230284.rb","controls":["SV-230284"]},{"id":"controls/SV-230285.rb","controls":["SV-230285"]},{"id":"controls/SV-230286.rb","controls":["SV-230286"]},{"id":"controls/SV-230287.rb","controls":["SV-230287"]},{"id":"controls/SV-230288.rb","controls":["SV-230288"]},{"id":"controls/SV-230290.rb","controls":["SV-230290"]},{"id":"controls/SV-230291.rb","controls":["SV-230291"]},{"id":"controls/SV-230292.rb","controls":["SV-230292"]},{"id":"controls/SV-230293.rb","controls":["SV-230293"]},{"id":"controls/SV-230294.rb","controls":["SV-230294"]},{"id":"controls/SV-230295.rb","controls":["SV-230295"]},{"id":"controls/SV-230296.rb","controls":["SV-230296"]},{"id":"controls/SV-230298.rb","controls":["SV-230298"]},{"id":"controls/SV-230299.rb","controls":["SV-230299"]},{"id":"controls/SV-230300.rb","controls":["SV-230300"]},{"id":"controls/SV-230301.rb","controls":["SV-230301"]},{"id":"controls/SV-230302.rb","controls":["SV-230302"]},{"id":"controls/SV-230303.rb","controls":["SV-230303"]},{"id":"controls/SV-230304.rb","controls":["SV-230304"]},{"id":"controls/SV-230305.rb","controls":["SV-230305"]},{"id":"controls/SV-230306.rb","controls":["SV-230306"]},{"id":"controls/SV-230307.rb","controls":["SV-230307"]},{"id":"controls/SV-230308.rb","controls":["SV-230308"]},{"id":"controls/SV-230309.rb","controls":["SV-230309"]},{"id":"controls/SV-230310.rb","controls":["SV-230310"]},{"id":"controls/SV-230311.rb","controls":["SV-230311"]},{"id":"controls/SV-230312.rb","controls":["SV-230312"]},{"id":"controls/SV-230313.rb","controls":["SV-230313"]},{"id":"controls/SV-230314.rb","controls":["SV-230314"]},{"id":"controls/SV-230315.rb","controls":["SV-230315"]},{"id":"controls/SV-230316.rb","controls":["SV-230316"]},{"id":"controls/SV-230317.rb","controls":["SV-230317"]},{"id":"controls/SV-230318.rb","controls":["SV-230318"]},{"id":"controls/SV-230319.rb","controls":["SV-230319"]},{"id":"controls/SV-230320.rb","controls":["SV-230320"]},{"id":"controls/SV-230321.rb","controls":["SV-230321"]},{"id":"controls/SV-230322.rb","controls":["SV-230322"]},{"id":"controls/SV-230323.rb","controls":["SV-230323"]},{"id":"controls/SV-230324.rb","controls":["SV-230324"]},{"id":"controls/SV-230325.rb","controls":["SV-230325"]},{"id":"controls/SV-230326.rb","controls":["SV-230326"]},{"id":"controls/SV-230327.rb","controls":["SV-230327"]},{"id":"controls/SV-230328.rb","controls":["SV-230328"]},{"id":"controls/SV-230329.rb","controls":["SV-230329"]},{"id":"controls/SV-230330.rb","controls":["SV-230330"]},{"id":"controls/SV-230331.rb","controls":["SV-230331"]},{"id":"controls/SV-230332.rb","controls":["SV-230332"]},{"id":"controls/SV-230333.rb","controls":["SV-230333"]},{"id":"controls/SV-230334.rb","controls":["SV-230334"]},{"id":"controls/SV-230335.rb","controls":["SV-230335"]},{"id":"controls/SV-230336.rb","controls":["SV-230336"]},{"id":"controls/SV-230337.rb","controls":["SV-230337"]},{"id":"controls/SV-230338.rb","controls":["SV-230338"]},{"id":"controls/SV-230339.rb","controls":["SV-230339"]},{"id":"controls/SV-230340.rb","controls":["SV-230340"]},{"id":"controls/SV-230341.rb","controls":["SV-230341"]},{"id":"controls/SV-230342.rb","controls":["SV-230342"]},{"id":"controls/SV-230343.rb","controls":["SV-230343"]},{"id":"controls/SV-230344.rb","controls":["SV-230344"]},{"id":"controls/SV-230345.rb","controls":["SV-230345"]},{"id":"controls/SV-230346.rb","controls":["SV-230346"]},{"id":"controls/SV-230347.rb","controls":["SV-230347"]},{"id":"controls/SV-230348.rb","controls":["SV-230348"]},{"id":"controls/SV-230349.rb","controls":["SV-230349"]},{"id":"controls/SV-230350.rb","controls":["SV-230350"]},{"id":"controls/SV-230351.rb","controls":["SV-230351"]},{"id":"controls/SV-230352.rb","controls":["SV-230352"]},{"id":"controls/SV-230353.rb","controls":["SV-230353"]},{"id":"controls/SV-230354.rb","controls":["SV-230354"]},{"id":"controls/SV-230355.rb","controls":["SV-230355"]},{"id":"controls/SV-230356.rb","controls":["SV-230356"]},{"id":"controls/SV-230357.rb","controls":["SV-230357"]},{"id":"controls/SV-230358.rb","controls":["SV-230358"]},{"id":"controls/SV-230359.rb","controls":["SV-230359"]},{"id":"controls/SV-230360.rb","controls":["SV-230360"]},{"id":"controls/SV-230361.rb","controls":["SV-230361"]},{"id":"controls/SV-230362.rb","controls":["SV-230362"]},{"id":"controls/SV-230363.rb","controls":["SV-230363"]},{"id":"controls/SV-230364.rb","controls":["SV-230364"]},{"id":"controls/SV-230365.rb","controls":["SV-230365"]},{"id":"controls/SV-230366.rb","controls":["SV-230366"]},{"id":"controls/SV-230367.rb","controls":["SV-230367"]},{"id":"controls/SV-230368.rb","controls":["SV-230368"]},{"id":"controls/SV-230369.rb","controls":["SV-230369"]},{"id":"controls/SV-230370.rb","controls":["SV-230370"]},{"id":"controls/SV-230371.rb","controls":["SV-230371"]},{"id":"controls/SV-230372.rb","controls":["SV-230372"]},{"id":"controls/SV-230373.rb","controls":["SV-230373"]},{"id":"controls/SV-230374.rb","controls":["SV-230374"]},{"id":"controls/SV-230375.rb","controls":["SV-230375"]},{"id":"controls/SV-230376.rb","controls":["SV-230376"]},{"id":"controls/SV-230377.rb","controls":["SV-230377"]},{"id":"controls/SV-230378.rb","controls":["SV-230378"]},{"id":"controls/SV-230379.rb","controls":["SV-230379"]},{"id":"controls/SV-230380.rb","controls":["SV-230380"]},{"id":"controls/SV-230381.rb","controls":["SV-230381"]},{"id":"controls/SV-230382.rb","controls":["SV-230382"]},{"id":"controls/SV-230383.rb","controls":["SV-230383"]},{"id":"controls/SV-230384.rb","controls":["SV-230384"]},{"id":"controls/SV-230385.rb","controls":["SV-230385"]},{"id":"controls/SV-230386.rb","controls":["SV-230386"]},{"id":"controls/SV-230387.rb","controls":["SV-230387"]},{"id":"controls/SV-230388.rb","controls":["SV-230388"]},{"id":"controls/SV-230389.rb","controls":["SV-230389"]},{"id":"controls/SV-230390.rb","controls":["SV-230390"]},{"id":"controls/SV-230392.rb","controls":["SV-230392"]},{"id":"controls/SV-230393.rb","controls":["SV-230393"]},{"id":"controls/SV-230394.rb","controls":["SV-230394"]},{"id":"controls/SV-230395.rb","controls":["SV-230395"]},{"id":"controls/SV-230396.rb","controls":["SV-230396"]},{"id":"controls/SV-230397.rb","controls":["SV-230397"]},{"id":"controls/SV-230398.rb","controls":["SV-230398"]},{"id":"controls/SV-230399.rb","controls":["SV-230399"]},{"id":"controls/SV-230400.rb","controls":["SV-230400"]},{"id":"controls/SV-230401.rb","controls":["SV-230401"]},{"id":"controls/SV-230402.rb","controls":["SV-230402"]},{"id":"controls/SV-230403.rb","controls":["SV-230403"]},{"id":"controls/SV-230404.rb","controls":["SV-230404"]},{"id":"controls/SV-230405.rb","controls":["SV-230405"]},{"id":"controls/SV-230406.rb","controls":["SV-230406"]},{"id":"controls/SV-230407.rb","controls":["SV-230407"]},{"id":"controls/SV-230408.rb","controls":["SV-230408"]},{"id":"controls/SV-230409.rb","controls":["SV-230409"]},{"id":"controls/SV-230410.rb","controls":["SV-230410"]},{"id":"controls/SV-230411.rb","controls":["SV-230411"]},{"id":"controls/SV-230412.rb","controls":["SV-230412"]},{"id":"controls/SV-230413.rb","controls":["SV-230413"]},{"id":"controls/SV-230418.rb","controls":["SV-230418"]},{"id":"controls/SV-230419.rb","controls":["SV-230419"]},{"id":"controls/SV-230421.rb","controls":["SV-230421"]},{"id":"controls/SV-230422.rb","controls":["SV-230422"]},{"id":"controls/SV-230423.rb","controls":["SV-230423"]},{"id":"controls/SV-230424.rb","controls":["SV-230424"]},{"id":"controls/SV-230425.rb","controls":["SV-230425"]},{"id":"controls/SV-230426.rb","controls":["SV-230426"]},{"id":"controls/SV-230427.rb","controls":["SV-230427"]},{"id":"controls/SV-230428.rb","controls":["SV-230428"]},{"id":"controls/SV-230429.rb","controls":["SV-230429"]},{"id":"controls/SV-230430.rb","controls":["SV-230430"]},{"id":"controls/SV-230431.rb","controls":["SV-230431"]},{"id":"controls/SV-230432.rb","controls":["SV-230432"]},{"id":"controls/SV-230433.rb","controls":["SV-230433"]},{"id":"controls/SV-230434.rb","controls":["SV-230434"]},{"id":"controls/SV-230435.rb","controls":["SV-230435"]},{"id":"controls/SV-230436.rb","controls":["SV-230436"]},{"id":"controls/SV-230437.rb","controls":["SV-230437"]},{"id":"controls/SV-230438.rb","controls":["SV-230438"]},{"id":"controls/SV-230439.rb","controls":["SV-230439"]},{"id":"controls/SV-230444.rb","controls":["SV-230444"]},{"id":"controls/SV-230446.rb","controls":["SV-230446"]},{"id":"controls/SV-230447.rb","controls":["SV-230447"]},{"id":"controls/SV-230448.rb","controls":["SV-230448"]},{"id":"controls/SV-230449.rb","controls":["SV-230449"]},{"id":"controls/SV-230455.rb","controls":["SV-230455"]},{"id":"controls/SV-230456.rb","controls":["SV-230456"]},{"id":"controls/SV-230462.rb","controls":["SV-230462"]},{"id":"controls/SV-230463.rb","controls":["SV-230463"]},{"id":"controls/SV-230464.rb","controls":["SV-230464"]},{"id":"controls/SV-230465.rb","controls":["SV-230465"]},{"id":"controls/SV-230466.rb","controls":["SV-230466"]},{"id":"controls/SV-230467.rb","controls":["SV-230467"]},{"id":"controls/SV-230468.rb","controls":["SV-230468"]},{"id":"controls/SV-230469.rb","controls":["SV-230469"]},{"id":"controls/SV-230470.rb","controls":["SV-230470"]},{"id":"controls/SV-230471.rb","controls":["SV-230471"]},{"id":"controls/SV-230472.rb","controls":["SV-230472"]},{"id":"controls/SV-230473.rb","controls":["SV-230473"]},{"id":"controls/SV-230474.rb","controls":["SV-230474"]},{"id":"controls/SV-230475.rb","controls":["SV-230475"]},{"id":"controls/SV-230476.rb","controls":["SV-230476"]},{"id":"controls/SV-230477.rb","controls":["SV-230477"]},{"id":"controls/SV-230478.rb","controls":["SV-230478"]},{"id":"controls/SV-230479.rb","controls":["SV-230479"]},{"id":"controls/SV-230480.rb","controls":["SV-230480"]},{"id":"controls/SV-230481.rb","controls":["SV-230481"]},{"id":"controls/SV-230482.rb","controls":["SV-230482"]},{"id":"controls/SV-230483.rb","controls":["SV-230483"]},{"id":"controls/SV-230484.rb","controls":["SV-230484"]},{"id":"controls/SV-230485.rb","controls":["SV-230485"]},{"id":"controls/SV-230486.rb","controls":["SV-230486"]},{"id":"controls/SV-230487.rb","controls":["SV-230487"]},{"id":"controls/SV-230488.rb","controls":["SV-230488"]},{"id":"controls/SV-230489.rb","controls":["SV-230489"]},{"id":"controls/SV-230491.rb","controls":["SV-230491"]},{"id":"controls/SV-230492.rb","controls":["SV-230492"]},{"id":"controls/SV-230493.rb","controls":["SV-230493"]},{"id":"controls/SV-230494.rb","controls":["SV-230494"]},{"id":"controls/SV-230495.rb","controls":["SV-230495"]},{"id":"controls/SV-230496.rb","controls":["SV-230496"]},{"id":"controls/SV-230497.rb","controls":["SV-230497"]},{"id":"controls/SV-230498.rb","controls":["SV-230498"]},{"id":"controls/SV-230499.rb","controls":["SV-230499"]},{"id":"controls/SV-230500.rb","controls":["SV-230500"]},{"id":"controls/SV-230502.rb","controls":["SV-230502"]},{"id":"controls/SV-230503.rb","controls":["SV-230503"]},{"id":"controls/SV-230504.rb","controls":["SV-230504"]},{"id":"controls/SV-230505.rb","controls":["SV-230505"]},{"id":"controls/SV-230506.rb","controls":["SV-230506"]},{"id":"controls/SV-230507.rb","controls":["SV-230507"]},{"id":"controls/SV-230508.rb","controls":["SV-230508"]},{"id":"controls/SV-230509.rb","controls":["SV-230509"]},{"id":"controls/SV-230510.rb","controls":["SV-230510"]},{"id":"controls/SV-230511.rb","controls":["SV-230511"]},{"id":"controls/SV-230512.rb","controls":["SV-230512"]},{"id":"controls/SV-230513.rb","controls":["SV-230513"]},{"id":"controls/SV-230514.rb","controls":["SV-230514"]},{"id":"controls/SV-230515.rb","controls":["SV-230515"]},{"id":"controls/SV-230516.rb","controls":["SV-230516"]},{"id":"controls/SV-230517.rb","controls":["SV-230517"]},{"id":"controls/SV-230518.rb","controls":["SV-230518"]},{"id":"controls/SV-230519.rb","controls":["SV-230519"]},{"id":"controls/SV-230520.rb","controls":["SV-230520"]},{"id":"controls/SV-230521.rb","controls":["SV-230521"]},{"id":"controls/SV-230522.rb","controls":["SV-230522"]},{"id":"controls/SV-230523.rb","controls":["SV-230523"]},{"id":"controls/SV-230524.rb","controls":["SV-230524"]},{"id":"controls/SV-230525.rb","controls":["SV-230525"]},{"id":"controls/SV-230526.rb","controls":["SV-230526"]},{"id":"controls/SV-230527.rb","controls":["SV-230527"]},{"id":"controls/SV-230529.rb","controls":["SV-230529"]},{"id":"controls/SV-230530.rb","controls":["SV-230530"]},{"id":"controls/SV-230531.rb","controls":["SV-230531"]},{"id":"controls/SV-230532.rb","controls":["SV-230532"]},{"id":"controls/SV-230533.rb","controls":["SV-230533"]},{"id":"controls/SV-230534.rb","controls":["SV-230534"]},{"id":"controls/SV-230535.rb","controls":["SV-230535"]},{"id":"controls/SV-230536.rb","controls":["SV-230536"]},{"id":"controls/SV-230537.rb","controls":["SV-230537"]},{"id":"controls/SV-230538.rb","controls":["SV-230538"]},{"id":"controls/SV-230539.rb","controls":["SV-230539"]},{"id":"controls/SV-230540.rb","controls":["SV-230540"]},{"id":"controls/SV-230541.rb","controls":["SV-230541"]},{"id":"controls/SV-230542.rb","controls":["SV-230542"]},{"id":"controls/SV-230543.rb","controls":["SV-230543"]},{"id":"controls/SV-230544.rb","controls":["SV-230544"]},{"id":"controls/SV-230545.rb","controls":["SV-230545"]},{"id":"controls/SV-230546.rb","controls":["SV-230546"]},{"id":"controls/SV-230547.rb","controls":["SV-230547"]},{"id":"controls/SV-230548.rb","controls":["SV-230548"]},{"id":"controls/SV-230549.rb","controls":["SV-230549"]},{"id":"controls/SV-230550.rb","controls":["SV-230550"]},{"id":"controls/SV-230551.rb","controls":["SV-230551"]},{"id":"controls/SV-230552.rb","controls":["SV-230552"]},{"id":"controls/SV-230553.rb","controls":["SV-230553"]},{"id":"controls/SV-230554.rb","controls":["SV-230554"]},{"id":"controls/SV-230555.rb","controls":["SV-230555"]},{"id":"controls/SV-230556.rb","controls":["SV-230556"]},{"id":"controls/SV-230557.rb","controls":["SV-230557"]},{"id":"controls/SV-230558.rb","controls":["SV-230558"]},{"id":"controls/SV-230559.rb","controls":["SV-230559"]},{"id":"controls/SV-230560.rb","controls":["SV-230560"]},{"id":"controls/SV-230561.rb","controls":["SV-230561"]},{"id":"controls/SV-237640.rb","controls":["SV-237640"]},{"id":"controls/SV-237641.rb","controls":["SV-237641"]},{"id":"controls/SV-237642.rb","controls":["SV-237642"]},{"id":"controls/SV-237643.rb","controls":["SV-237643"]},{"id":"controls/SV-244519.rb","controls":["SV-244519"]},{"id":"controls/SV-244521.rb","controls":["SV-244521"]},{"id":"controls/SV-244522.rb","controls":["SV-244522"]},{"id":"controls/SV-244523.rb","controls":["SV-244523"]},{"id":"controls/SV-244524.rb","controls":["SV-244524"]},{"id":"controls/SV-244525.rb","controls":["SV-244525"]},{"id":"controls/SV-244526.rb","controls":["SV-244526"]},{"id":"controls/SV-244527.rb","controls":["SV-244527"]},{"id":"controls/SV-244528.rb","controls":["SV-244528"]},{"id":"controls/SV-244529.rb","controls":["SV-244529"]},{"id":"controls/SV-244530.rb","controls":["SV-244530"]},{"id":"controls/SV-244531.rb","controls":["SV-244531"]},{"id":"controls/SV-244532.rb","controls":["SV-244532"]},{"id":"controls/SV-244533.rb","controls":["SV-244533"]},{"id":"controls/SV-244534.rb","controls":["SV-244534"]},{"id":"controls/SV-244535.rb","controls":["SV-244535"]},{"id":"controls/SV-244536.rb","controls":["SV-244536"]},{"id":"controls/SV-244537.rb","controls":["SV-244537"]},{"id":"controls/SV-244538.rb","controls":["SV-244538"]},{"id":"controls/SV-244539.rb","controls":["SV-244539"]},{"id":"controls/SV-244540.rb","controls":["SV-244540"]},{"id":"controls/SV-244541.rb","controls":["SV-244541"]},{"id":"controls/SV-244542.rb","controls":["SV-244542"]},{"id":"controls/SV-244543.rb","controls":["SV-244543"]},{"id":"controls/SV-244544.rb","controls":["SV-244544"]},{"id":"controls/SV-244545.rb","controls":["SV-244545"]},{"id":"controls/SV-244546.rb","controls":["SV-244546"]},{"id":"controls/SV-244547.rb","controls":["SV-244547"]},{"id":"controls/SV-244548.rb","controls":["SV-244548"]},{"id":"controls/SV-244549.rb","controls":["SV-244549"]},{"id":"controls/SV-244550.rb","controls":["SV-244550"]},{"id":"controls/SV-244551.rb","controls":["SV-244551"]},{"id":"controls/SV-244552.rb","controls":["SV-244552"]},{"id":"controls/SV-244553.rb","controls":["SV-244553"]},{"id":"controls/SV-244554.rb","controls":["SV-244554"]},{"id":"controls/SV-245540.rb","controls":["SV-245540"]},{"id":"controls/SV-250315.rb","controls":["SV-250315"]},{"id":"controls/SV-250316.rb","controls":["SV-250316"]},{"id":"controls/SV-250317.rb","controls":["SV-250317"]},{"id":"controls/SV-251706.rb","controls":["SV-251706"]},{"id":"controls/SV-251707.rb","controls":["SV-251707"]},{"id":"controls/SV-251708.rb","controls":["SV-251708"]},{"id":"controls/SV-251709.rb","controls":["SV-251709"]},{"id":"controls/SV-251710.rb","controls":["SV-251710"]},{"id":"controls/SV-251711.rb","controls":["SV-251711"]},{"id":"controls/SV-251712.rb","controls":["SV-251712"]},{"id":"controls/SV-251713.rb","controls":["SV-251713"]},{"id":"controls/SV-251714.rb","controls":["SV-251714"]},{"id":"controls/SV-251715.rb","controls":["SV-251715"]},{"id":"controls/SV-251716.rb","controls":["SV-251716"]},{"id":"controls/SV-251717.rb","controls":["SV-251717"]},{"id":"controls/SV-251718.rb","controls":["SV-251718"]},{"id":"controls/SV-254520.rb","controls":["SV-254520"]},{"id":"controls/SV-255924.rb","controls":["SV-255924"]},{"id":"controls/SV-256973.rb","controls":["SV-256973"]},{"id":"controls/SV-256974.rb","controls":["SV-256974"]},{"id":"controls/SV-257258.rb","controls":["SV-257258"]}],"controls":[{"id":"SV-230221","title":"RHEL 8 must be a vendor-supported release.","desc":"An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\n  Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. The RHEL 8 minor releases eligible for EUS are 8.1, 8.2, 8.4, 8.6, and 8.8. Each RHEL 8 EUS stream is available for 24 months from the availability of the minor release. RHEL 8.10 will be the final minor release overall. For more details on the Red Hat Enterprise Linux Life Cycle  visit https://access.redhat.com/support/policy/updates/errata/.\n\n  Note: The life-cycle time spans and dates are subject to adjustment.","descriptions":[{"label":"default","data":"An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\n  Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. The RHEL 8 minor releases eligible for EUS are 8.1, 8.2, 8.4, 8.6, and 8.8. Each RHEL 8 EUS stream is available for 24 months from the availability of the minor release. RHEL 8.10 will be the final minor release overall. For more details on the Red Hat Enterprise Linux Life Cycle  visit https://access.redhat.com/support/policy/updates/errata/.\n\n  Note: The life-cycle time spans and dates are subject to adjustment."},{"label":"check","data":"Verify the version of the operating system is vendor supported.\n\n  Note: The lifecycle time spans and dates are subject to adjustment.\n\n  Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n    $ sudo cat /etc/redhat-release\n\n    Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n\n  Current End of Extended Update Support for RHEL 8.4 is 31 May 2023.\n\n  Current End of Maintenance Support for RHEL 8.5 is 31 May 2022.\n\n  Current End of Extended Update Support for RHEL 8.6 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.7 is 31 May 2023.\n\n  Current End of Extended Update Support for RHEL 8.8 is 31 May 2025.\n\n  Current End of Maintenance Support for RHEL 8.9 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.10 is 31 May 2029.\n\n  If the release is not supported by the vendor, this is a finding."},{"label":"fix","data":"Upgrade to a supported version of RHEL 8."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230221","rid":"SV-230221r858734_rule","stig_id":"RHEL-08-010000","fix_id":"F-32865r567410_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-230221' do\n  title 'RHEL 8 must be a vendor-supported release.'\n  desc 'An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\n  Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. The RHEL 8 minor releases eligible for EUS are 8.1, 8.2, 8.4, 8.6, and 8.8. Each RHEL 8 EUS stream is available for 24 months from the availability of the minor release. RHEL 8.10 will be the final minor release overall. For more details on the Red Hat Enterprise Linux Life Cycle  visit https://access.redhat.com/support/policy/updates/errata/.\n\n  Note: The life-cycle time spans and dates are subject to adjustment.'\n  desc 'check', 'Verify the version of the operating system is vendor supported.\n\n  Note: The lifecycle time spans and dates are subject to adjustment.\n\n  Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n    $ sudo cat /etc/redhat-release\n\n    Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n\n  Current End of Extended Update Support for RHEL 8.4 is 31 May 2023.\n\n  Current End of Maintenance Support for RHEL 8.5 is 31 May 2022.\n\n  Current End of Extended Update Support for RHEL 8.6 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.7 is 31 May 2023.\n\n  Current End of Extended Update Support for RHEL 8.8 is 31 May 2025.\n\n  Current End of Maintenance Support for RHEL 8.9 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.10 is 31 May 2029.\n\n  If the release is not supported by the vendor, this is a finding.'\n  desc 'fix', 'Upgrade to a supported version of RHEL 8.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230221'\n  tag rid: 'SV-230221r858734_rule'\n  tag stig_id: 'RHEL-08-010000'\n  tag fix_id: 'F-32865r567410_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  release = os.release\n\n  EOMS_DATE = {\n    /^8\\.1/ => '30 November 2021',\n    /^8\\.2/ => '30 April 2022',\n    /^8\\.3/ => '30 April 2021',\n    /^8\\.4/ => '30 April 2023',\n    /^8\\.5/ => '30 April 2022',\n    /^8\\.6/ => '30 April 2024',\n    /^8\\.7/ => '30 April 2023',\n    /^8\\.8/ => '30 April 2025',\n    /^8\\.9/ => '30 April 2024',\n    /^8\\.10/ => '31 May 2029'\n  }.find { |k, _v| k.match(release) }&.last\n\n  describe \"The release \\\"#{release}\\\" is still be within the support window\" do\n    it \"ending on #{EOMS_DATE}\" do\n      expect(Date.today).to be <= Date.parse(EOMS_DATE)\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230221.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The release \"8.9\" is still be within the support window ending on 30 April 2024","run_time":0.000136,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The release \"8.9\" is still be within the support window"}]},{"id":"SV-230222","title":"RHEL 8 vendor packaged system security patches and updates must be installed and up to date.","desc":"Timely patching is critical for maintaining the operational\n    availability, confidentiality, and integrity of information technology (IT)\n    systems. However, failure to keep operating system and application software\n    patched is a common mistake made by IT professionals. New patches are released\n    daily, and it is often difficult for even experienced System Administrators to\n    keep abreast of all the new patches. When new weaknesses in an operating system\n    exist, patches are usually made available by the vendor to resolve the\n    problems. If the most recent security patches and updates are not installed,\n    unauthorized users may take advantage of weaknesses in the unpatched software.\n    The lack of prompt attention to patching could result in a system compromise.","descriptions":[{"label":"default","data":"Timely patching is critical for maintaining the operational\n    availability, confidentiality, and integrity of information technology (IT)\n    systems. However, failure to keep operating system and application software\n    patched is a common mistake made by IT professionals. New patches are released\n    daily, and it is often difficult for even experienced System Administrators to\n    keep abreast of all the new patches. When new weaknesses in an operating system\n    exist, patches are usually made available by the vendor to resolve the\n    problems. If the most recent security patches and updates are not installed,\n    unauthorized users may take advantage of weaknesses in the unpatched software.\n    The lack of prompt attention to patching could result in a system compromise."},{"label":"check","data":"Verify the operating system security patches and updates are installed and\n    up to date. Updates are required to be applied with a frequency determined by\n    the site or Program Management Office (PMO).\n\n    Obtain the list of available package security updates from Red Hat. The URL\n    for updates is https://rhn.redhat.com/errata/. It is important to note that\n    updates provided by Red Hat may not be present on the system if the underlying\n    packages are not installed.\n\n    Check that the available package security updates have been installed on\n    the system with the following command:\n\n        $ sudo yum history list | more\n\n        Loaded plugins: langpacks, product-id, subscription-manager\n        ID | Command line | Date and time | Action(s) | Altered\n\n    -------------------------------------------------------------------------------\n        70 | install aide | 2020-03-05 10:58 | Install | 1\n        69 | update -y | 2020-03-04 14:34 | Update | 18 EE\n        68 | install vlc | 2020-02-21 17:12 | Install | 21\n        67 | update -y | 2020-02-21 17:04 | Update | 7 EE\n\n    If package updates have not been performed on the system within the\n    timeframe the site/program documentation requires, this is a finding.\n\n    Typical update frequency may be overridden by Information Assurance\n    Vulnerability Alert (IAVA) notifications from CYBERCOM.\n\n    If the operating system is in non-compliance with the Information Assurance\n    Vulnerability Management (IAVM) process, this is a finding."},{"label":"fix","data":"Install the operating system patches or updated packages\n    available from Red Hat within 30 days or sooner as local policy dictates."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230222","rid":"SV-230222r627750_rule","stig_id":"RHEL-08-010010","fix_id":"F-32866r567413_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-230222' do\n  title 'RHEL 8 vendor packaged system security patches and updates must be installed and up to date.'\n  desc 'Timely patching is critical for maintaining the operational\n    availability, confidentiality, and integrity of information technology (IT)\n    systems. However, failure to keep operating system and application software\n    patched is a common mistake made by IT professionals. New patches are released\n    daily, and it is often difficult for even experienced System Administrators to\n    keep abreast of all the new patches. When new weaknesses in an operating system\n    exist, patches are usually made available by the vendor to resolve the\n    problems. If the most recent security patches and updates are not installed,\n    unauthorized users may take advantage of weaknesses in the unpatched software.\n    The lack of prompt attention to patching could result in a system compromise.'\n  desc 'check', 'Verify the operating system security patches and updates are installed and\n    up to date. Updates are required to be applied with a frequency determined by\n    the site or Program Management Office (PMO).\n\n    Obtain the list of available package security updates from Red Hat. The URL\n    for updates is https://rhn.redhat.com/errata/. It is important to note that\n    updates provided by Red Hat may not be present on the system if the underlying\n    packages are not installed.\n\n    Check that the available package security updates have been installed on\n    the system with the following command:\n\n        $ sudo yum history list | more\n\n        Loaded plugins: langpacks, product-id, subscription-manager\n        ID | Command line | Date and time | Action(s) | Altered\n\n    -------------------------------------------------------------------------------\n        70 | install aide | 2020-03-05 10:58 | Install | 1\n        69 | update -y | 2020-03-04 14:34 | Update | 18 EE\n        68 | install vlc | 2020-02-21 17:12 | Install | 21\n        67 | update -y | 2020-02-21 17:04 | Update | 7 EE\n\n    If package updates have not been performed on the system within the\n    timeframe the site/program documentation requires, this is a finding.\n\n    Typical update frequency may be overridden by Information Assurance\n    Vulnerability Alert (IAVA) notifications from CYBERCOM.\n\n    If the operating system is in non-compliance with the Information Assurance\n    Vulnerability Management (IAVM) process, this is a finding.'\n  desc 'fix', 'Install the operating system patches or updated packages\n    available from Red Hat within 30 days or sooner as local policy dictates.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230222'\n  tag rid: 'SV-230222r627750_rule'\n  tag stig_id: 'RHEL-08-010010'\n  tag fix_id: 'F-32866r567413_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  only_if(\"This control takes a long time to execute so it has been disabled through 'slow_controls'\") {\n    !input('disable_slow_controls')\n  }\n\n  if input('disconnected_system')\n    describe 'The system is set to a `disconnected` state and you must validate the state of the system packages manually' do\n      skip 'The system is set to a `disconnected` state and you must validate the state of the system packages manually'\n    end\n  else\n    updates = linux_update.updates\n    package_names = updates.map { |h| h['name'] }\n\n    describe.one do\n      describe 'List of out-of-date packages' do\n        subject { package_names }\n        it { should be_empty }\n      end\n      updates.each do |update|\n        describe package(update['name']) do\n          its('version') { should eq update['version'] }\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230222.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"List of out-of-date packages is expected to be empty","run_time":6.4e-05,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"List of out-of-date packages"}]},{"id":"SV-230223","title":"RHEL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.","desc":"Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.\n\nRHEL 8 utilizes GRUB 2 as the default bootloader. Note that GRUB 2 command-line parameters are defined in the \"kernelopts\" variable of the /boot/grub2/grubenv file for all kernel boot entries. The command \"fips-mode-setup\" modifies the \"kernelopts\" variable, which in turn updates all kernel boot entries.\n\nThe fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users must also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended amount of keystrokes is 256 and more. Less than 256 keystrokes may generate a nonunique key.","descriptions":[{"label":"default","data":"Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.\n\nRHEL 8 utilizes GRUB 2 as the default bootloader. Note that GRUB 2 command-line parameters are defined in the \"kernelopts\" variable of the /boot/grub2/grubenv file for all kernel boot entries. The command \"fips-mode-setup\" modifies the \"kernelopts\" variable, which in turn updates all kernel boot entries.\n\nThe fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users must also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended amount of keystrokes is 256 and more. Less than 256 keystrokes may generate a nonunique key."},{"label":"check","data":"Verify the operating system implements DOD-approved encryption to protect the confidentiality of remote access sessions.\n\nCheck to see if FIPS mode is enabled with the following command:\n\n     $ fips-mode-setup --check\n     FIPS mode is enabled\n\nIf FIPS mode is \"enabled\", check to see if the kernel boot parameter is configured for FIPS mode with the following command:\n\n     $ sudo grub2-editenv list | grep fips\n     kernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the kernel boot parameter is configured to use FIPS mode, check to see if the system is in FIPS mode with the following command:\n\n     $ sudo cat /proc/sys/crypto/fips_enabled\n     1\n\nIf FIPS mode is not \"on\", the kernel boot parameter is not configured for FIPS mode, or the system does not have a value of \"1\" for \"fips_enabled\" in \"/proc/sys/crypto\", this is a finding."},{"label":"fix","data":"Configure the operating system to implement DOD-approved encryption by following the steps below:\n\nTo enable strict FIPS compliance, the fips=1 kernel option needs to be added to the kernel boot parameters during system installation so key generation is done with FIPS-approved algorithms and continuous monitoring tests in place.\n\nEnable FIPS mode after installation (not strict FIPS-compliant) with the following command:\n\n     $ sudo fips-mode-setup --enable\n\nReboot the system for the changes to take effect."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000033-GPOS-00014","satisfies":["SRG-OS-000033-GPOS-00014","SRG-OS-000125-GPOS-00065","SRG-OS-000396-GPOS-00176","SRG-OS-000423-GPOS-00187","SRG-OS-000478-GPOS-00223"],"gid":"V-230223","rid":"SV-230223r928585_rule","stig_id":"RHEL-08-010020","fix_id":"F-32867r928584_fix","cci":["CCI-000068"],"nist":["AC-17 (2)"],"host":null},"code":"control 'SV-230223' do\n  title 'RHEL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.'\n  desc 'Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.\n\nRHEL 8 utilizes GRUB 2 as the default bootloader. Note that GRUB 2 command-line parameters are defined in the \"kernelopts\" variable of the /boot/grub2/grubenv file for all kernel boot entries. The command \"fips-mode-setup\" modifies the \"kernelopts\" variable, which in turn updates all kernel boot entries.\n\nThe fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users must also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended amount of keystrokes is 256 and more. Less than 256 keystrokes may generate a nonunique key.'\n  desc 'check', 'Verify the operating system implements DOD-approved encryption to protect the confidentiality of remote access sessions.\n\nCheck to see if FIPS mode is enabled with the following command:\n\n     $ fips-mode-setup --check\n     FIPS mode is enabled\n\nIf FIPS mode is \"enabled\", check to see if the kernel boot parameter is configured for FIPS mode with the following command:\n\n     $ sudo grub2-editenv list | grep fips\n     kernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the kernel boot parameter is configured to use FIPS mode, check to see if the system is in FIPS mode with the following command:\n\n     $ sudo cat /proc/sys/crypto/fips_enabled\n     1\n\nIf FIPS mode is not \"on\", the kernel boot parameter is not configured for FIPS mode, or the system does not have a value of \"1\" for \"fips_enabled\" in \"/proc/sys/crypto\", this is a finding.'\n  desc 'fix', 'Configure the operating system to implement DOD-approved encryption by following the steps below:\n\nTo enable strict FIPS compliance, the fips=1 kernel option needs to be added to the kernel boot parameters during system installation so key generation is done with FIPS-approved algorithms and continuous monitoring tests in place.\n\nEnable FIPS mode after installation (not strict FIPS-compliant) with the following command:\n\n     $ sudo fips-mode-setup --enable\n\nReboot the system for the changes to take effect.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-GPOS-00014'\n  tag satisfies: ['SRG-OS-000033-GPOS-00014', 'SRG-OS-000125-GPOS-00065', 'SRG-OS-000396-GPOS-00176', 'SRG-OS-000423-GPOS-00187', 'SRG-OS-000478-GPOS-00223']\n  tag gid: 'V-230223'\n  tag rid: 'SV-230223r928585_rule'\n  tag stig_id: 'RHEL-08-010020'\n  tag fix_id: 'F-32867r928584_fix'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n  tag 'host'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable in a container' do\n      skip 'The host OS controls the FIPS mode settings. The host OS should also be scanned with the applicable OS validation profile.'\n    end\n  elsif input('use_fips') == false\n    impact 0.0\n    describe 'This control is Not Applicable as FIPS is not required for this system' do\n      skip 'This control is Not Applicable as FIPS is not required for this system'\n    end\n  else\n    describe command('fips-mode-setup --check') do\n      its('stdout.strip') { should match(/FIPS mode is enabled/) }\n    end\n\n    grub_config = command('grub2-editenv - list').stdout\n\n    describe parse_config(grub_config) do\n      its('kernelopts') { should match(/fips=1/) }\n    end\n\n    describe file('/proc/sys/crypto/fips_enabled') do\n      its('content.strip') { should cmp '1' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230223.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Command: `fips-mode-setup --check` stdout.strip is expected to match /FIPS mode is enabled/","run_time":0.079698,"start_time":"2024-01-09T19:40:38-05:00","message":"expected \"Installation of FIPS modules is not completed.\\nFIPS mode is disabled.\" to match /FIPS mode is enabled/","resource_class":"command","resource_params":"[\"fips-mode-setup --check\"]","resource_id":"Command: `fips-mode-setup --check`"},{"status":"failed","code_desc":"Parse Config  kernelopts is expected to match /fips=1/","run_time":0.000909,"start_time":"2024-01-09T19:40:38-05:00","message":"expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /fips=1/","resource_class":"parse_config","resource_params":"[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]","resource_id":"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"},{"status":"failed","code_desc":"File /proc/sys/crypto/fips_enabled content.strip is expected to cmp == \"1\"","run_time":0.211785,"start_time":"2024-01-09T19:40:38-05:00","message":"\nexpected: 1\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"file","resource_params":"[\"/proc/sys/crypto/fips_enabled\"]","resource_id":"/proc/sys/crypto/fips_enabled"}]},{"id":"SV-230224","title":"All RHEL 8 local disk partitions must implement disk encryption","desc":"RHEL 8 systems handling data requiring \"data at rest\" protections\n    must employ cryptographic mechanisms to prevent unauthorized disclosure and\n    modification of the information at rest.\n\n    Selection of a cryptographic mechanism is based on the need to protect the\nintegrity of organizational information. The strength of the mechanism is\ncommensurate with the security category and/or classification of the\ninformation. Organizations have the flexibility to either encrypt all\ninformation on storage devices (i.e., full disk encryption) or encrypt specific\ndata structures (e.g., files, records, or fields).","descriptions":[{"label":"default","data":"RHEL 8 systems handling data requiring \"data at rest\" protections\n    must employ cryptographic mechanisms to prevent unauthorized disclosure and\n    modification of the information at rest.\n\n    Selection of a cryptographic mechanism is based on the need to protect the\nintegrity of organizational information. The strength of the mechanism is\ncommensurate with the security category and/or classification of the\ninformation. Organizations have the flexibility to either encrypt all\ninformation on storage devices (i.e., full disk encryption) or encrypt specific\ndata structures (e.g., files, records, or fields)."},{"label":"check","data":"Verify RHEL 8 prevents unauthorized disclosure or modification of all information requiring at-rest protection by using disk encryption.\n\nIf there is a documented and approved reason for not having data-at-rest encryption at the operating system level, such as encryption provided by a hypervisor or a disk storage array in a virtualized environment, this requirement is not applicable.\n\nVerify all system partitions are encrypted with the following command:\n\n     $ sudo blkid\n\n     /dev/mapper/rhel-root:  UUID=\"67b7d7fe-de60-6fd0-befb-e6748cf97743\" TYPE=\"crypto_LUKS\"\n\nEvery persistent disk partition present must be of type \"crypto_LUKS\". If any partitions other than the boot partition or pseudo file systems (such as /proc or /sys) are not type \"crypto_LUKS\", ask the administrator to indicate how the partitions are encrypted.\n\nIf there is no evidence that these partitions are encrypted, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent unauthorized modification of all information at\nrest by using disk encryption.\n\n    Encrypting a partition in an already installed system is more difficult,\n    because existing partitions will need to be resized and changed. To encrypt an\n    entire partition, dedicate a partition for encryption in the partition layout."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000185-GPOS-00079","satisfies":["SRG-OS-000185-GPOS-00079","SRG-OS-000404-GPOS-00183","SRG-OS-000405-GPOS-00184"],"gid":"V-230224","rid":"SV-230224r917864_rule","stig_id":"RHEL-08-010030","fix_id":"F-32868r567419_fix","cci":["CCI-001199"],"nist":["SC-28"],"host":null},"code":"control 'SV-230224' do\n  title 'All RHEL 8 local disk partitions must implement disk encryption'\n  desc 'RHEL 8 systems handling data requiring \"data at rest\" protections\n    must employ cryptographic mechanisms to prevent unauthorized disclosure and\n    modification of the information at rest.\n\n    Selection of a cryptographic mechanism is based on the need to protect the\nintegrity of organizational information. The strength of the mechanism is\ncommensurate with the security category and/or classification of the\ninformation. Organizations have the flexibility to either encrypt all\ninformation on storage devices (i.e., full disk encryption) or encrypt specific\ndata structures (e.g., files, records, or fields).'\n  desc 'check', 'Verify RHEL 8 prevents unauthorized disclosure or modification of all information requiring at-rest protection by using disk encryption.\n\nIf there is a documented and approved reason for not having data-at-rest encryption at the operating system level, such as encryption provided by a hypervisor or a disk storage array in a virtualized environment, this requirement is not applicable.\n\nVerify all system partitions are encrypted with the following command:\n\n     $ sudo blkid\n\n     /dev/mapper/rhel-root:  UUID=\"67b7d7fe-de60-6fd0-befb-e6748cf97743\" TYPE=\"crypto_LUKS\"\n\nEvery persistent disk partition present must be of type \"crypto_LUKS\". If any partitions other than the boot partition or pseudo file systems (such as /proc or /sys) are not type \"crypto_LUKS\", ask the administrator to indicate how the partitions are encrypted.\n\nIf there is no evidence that these partitions are encrypted, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent unauthorized modification of all information at\nrest by using disk encryption.\n\n    Encrypting a partition in an already installed system is more difficult,\n    because existing partitions will need to be resized and changed. To encrypt an\n    entire partition, dedicate a partition for encryption in the partition layout.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000185-GPOS-00079'\n  tag satisfies: ['SRG-OS-000185-GPOS-00079', 'SRG-OS-000404-GPOS-00183', 'SRG-OS-000405-GPOS-00184']\n  tag gid: 'V-230224'\n  tag rid: 'SV-230224r917864_rule'\n  tag stig_id: 'RHEL-08-010030'\n  tag fix_id: 'F-32868r567419_fix'\n  tag cci: ['CCI-001199']\n  tag nist: ['SC-28']\n  tag 'host'\n\n  all_args = command('blkid').stdout.strip.split(\"\\n\").map { |s| s.sub(/^\"(.*)\"$/, '\\1') }\n\n  def describe_and_skip(message)\n    describe message do\n      skip message\n    end\n  end\n\n  # TODO: This should really have a resource\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe_and_skip('Disk Encryption and Data At Rest Implementation is handled on the Container Host')\n  elsif input('data_at_rest_exempt') == true\n    impact 0.0\n    describe_and_skip('Data At Rest Requirements have been set to Not Applicabe by the `data_at_rest_exempt` input.')\n  elsif all_args.empty?\n    # TODO: Determine if this is an NA vs and NR or even a pass\n    describe_and_skip('Command blkid did not return and non-psuedo block devices.')\n  else\n    all_args.each do |args|\n      describe args do\n        it { should match(/\\bcrypto_LUKS\\b/) }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230224.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"/dev/xvda2: LABEL=\"root\" UUID=\"c6ce06eb-ddf1-4629-ad3f-d74d344e36b3\" BLOCK_SIZE=\"512\" TYPE=\"xfs\" PARTUUID=\"6264d520-3fb9-423f-8ab8-7a0a8e3d3562\" is expected to match /\\bcrypto_LUKS\\b/","run_time":0.005469,"start_time":"2024-01-09T19:40:38-05:00","message":"expected \"/dev/xvda2: LABEL=\\\"root\\\" UUID=\\\"c6ce06eb-ddf1-4629-ad3f-d74d344e36b3\\\" BLOCK_SIZE=\\\"512\\\" TYPE=\\\"xfs\\\" PARTUUID=\\\"6264d520-3fb9-423f-8ab8-7a0a8e3d3562\\\"\" to match /\\bcrypto_LUKS\\b/","resource_class":"Object","resource_params":"[]","resource_id":"/dev/xvda2: LABEL=\"root\" UUID=\"c6ce06eb-ddf1-4629-ad3f-d74d344e36b3\" BLOCK_SIZE=\"512\" TYPE=\"xfs\" PARTUUID=\"6264d520-3fb9-423f-8ab8-7a0a8e3d3562\""},{"status":"failed","code_desc":"/dev/xvda1: PARTUUID=\"fac7f1fb-3e8d-4137-a512-961de09a5549\" is expected to match /\\bcrypto_LUKS\\b/","run_time":0.003284,"start_time":"2024-01-09T19:40:38-05:00","message":"expected \"/dev/xvda1: PARTUUID=\\\"fac7f1fb-3e8d-4137-a512-961de09a5549\\\"\" to match /\\bcrypto_LUKS\\b/","resource_class":"Object","resource_params":"[]","resource_id":"/dev/xvda1: PARTUUID=\"fac7f1fb-3e8d-4137-a512-961de09a5549\""}]},{"id":"SV-230225","title":"RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a ssh logon.","desc":"Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DoD policy. Use the following verbiage for operating systems that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read & consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DoD policy. Use the following verbiage for operating systems that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read & consent to terms in IS user agreem't.\""},{"label":"check","data":"Verify any publicly accessible connection to the operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nCheck for the location of the banner file being used with the following command:\n\n$ sudo grep -ir banner /etc/ssh/sshd_config*\n\nbanner /etc/issue\n\nThis command will return the banner keyword and the name of the file that contains the ssh banner (in this case \"/etc/issue\").\n\nIf the line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.\n\nView the file specified by the banner keyword to check that it matches the text of the Standard Mandatory DoD Notice and Consent Banner:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nIf the system does not display a graphical logon banner or the banner does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding.\n\nIf the text in the file does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding."},{"label":"fix","data":"Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the ssh.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment the banner keyword and\nconfigure it to point to a file that will contain the logon banner (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor). An example configuration line is:\n\n    banner /etc/issue\n\n    Either create the file containing the banner or replace the text in the\nfile with the Standard Mandatory DoD Notice and Consent Banner. The\nDoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"\n\n    The SSH service must be restarted for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-GPOS-00006","satisfies":["SRG-OS-000023-GPOS-00006","SRG-OS-000228-GPOS-00088"],"gid":"V-230225","rid":"SV-230225r858694_rule","stig_id":"RHEL-08-010040","fix_id":"F-32869r567422_fix","cci":["CCI-000048"],"nist":["AC-8 a"],"host":null,"container-conditional":null},"code":"control 'SV-230225' do\n  title 'RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a ssh logon.'\n  desc %q(Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DoD policy. Use the following verbiage for operating systems that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read & consent to terms in IS user agreem't.\")\n  desc 'check', 'Verify any publicly accessible connection to the operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nCheck for the location of the banner file being used with the following command:\n\n$ sudo grep -ir banner /etc/ssh/sshd_config*\n\nbanner /etc/issue\n\nThis command will return the banner keyword and the name of the file that contains the ssh banner (in this case \"/etc/issue\").\n\nIf the line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.\n\nView the file specified by the banner keyword to check that it matches the text of the Standard Mandatory DoD Notice and Consent Banner:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nIf the system does not display a graphical logon banner or the banner does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding.\n\nIf the text in the file does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding.'\n  desc 'fix', 'Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the ssh.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment the banner keyword and\nconfigure it to point to a file that will contain the logon banner (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor). An example configuration line is:\n\n    banner /etc/issue\n\n    Either create the file containing the banner or replace the text in the\nfile with the Standard Mandatory DoD Notice and Consent Banner. The\nDoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"\n\n    The SSH service must be restarted for changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-230225'\n  tag rid: 'SV-230225r858694_rule'\n  tag stig_id: 'RHEL-08-010040'\n  tag fix_id: 'F-32869r567422_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable - SSH is not installed within containerized RHEL', impact: 0.0) {\n    !virtualization.system.eql?('docker') || file('/etc/ssh/sshd_config').exist?\n  }\n\n  # When Banner is commented, not found, disabled, or the specified file does not exist, this is a finding.\n  banner_file = sshd_config.banner\n\n  # Banner property is commented out.\n  if banner_file.nil?\n    describe 'The SSHD Banner is not set' do\n      subject { banner_file.nil? }\n      it { should be false }\n    end\n  end\n\n  # Banner property is set to \"none\"\n  if !banner_file.nil? && !banner_file.match(/none/i).nil?\n    describe 'The SSHD Banner is disabled' do\n      subject { banner_file.match(/none/i).nil? }\n      it { should be true }\n    end\n  end\n\n  # Banner property provides a path to a file, however, it does not exist.\n  if !banner_file.nil? && banner_file.match(/none/i).nil? && !file(banner_file).exist?\n    describe 'The SSHD Banner is set, but, the file does not exist' do\n      subject { file(banner_file).exist? }\n      it { should be true }\n    end\n  end\n\n  # Banner property provides a path to a file and it exists.\n  next unless !banner_file.nil? && banner_file.match(/none/i).nil? && file(banner_file).exist?\n\n  banner = file(banner_file).content.gsub(/[\\r\\n\\s]/, '')\n  expected_banner = input('banner_message_text_ral').gsub(/[\\r\\n\\s]/, '')\n\n  describe 'The SSHD Banner' do\n    it 'is set to the standard banner and has the correct text' do\n      expect(banner).to eq(expected_banner), 'Banner does not match expected text'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230225.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The SSHD Banner is set to the standard banner and has the correct text","run_time":0.000521,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The SSHD Banner"}]},{"id":"SV-230226","title":"RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a graphical\nuser logon.","desc":"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\""},{"label":"check","data":"Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the operating system via a graphical user logon.\n\nNote: This requirement assumes the use of the RHEL 8 default graphical user interface, Gnome Shell. If the system does not have any graphical user interface installed, this requirement is Not Applicable.\n\nCheck that the operating system displays the exact Standard Mandatory DoD Notice and Consent Banner text with the command:\n\n$ sudo grep banner-message-text /etc/dconf/db/local.d/*\n\nbanner-message-text=\n'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nIf the banner does not match the Standard Mandatory DoD Notice and Consent Banner exactly, this is a finding."},{"label":"fix","data":"Configure the operating system to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nNote: If the system does not have a graphical user interface installed, this requirement is Not Applicable.\n\nAdd the following lines to the [org/gnome/login-screen] section of the \"/etc/dconf/db/local.d/01-banner-message\":\n\nbanner-message-text='You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nRun the following command to update the database:\n\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-GPOS-00006","satisfies":["SRG-OS-000023-GPOS-00006","SRG-OS-000228-GPOS-00088"],"gid":"V-230226","rid":"SV-230226r743916_rule","stig_id":"RHEL-08-010050","fix_id":"F-32870r743915_fix","cci":["CCI-000048"],"nist":["AC-8 a"],"host":null,"container":null},"code":"control 'SV-230226' do\n  title 'RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a graphical\nuser logon.'\n  desc 'Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"'\n  desc 'check', %q(Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the operating system via a graphical user logon.\n\nNote: This requirement assumes the use of the RHEL 8 default graphical user interface, Gnome Shell. If the system does not have any graphical user interface installed, this requirement is Not Applicable.\n\nCheck that the operating system displays the exact Standard Mandatory DoD Notice and Consent Banner text with the command:\n\n$ sudo grep banner-message-text /etc/dconf/db/local.d/*\n\nbanner-message-text=\n'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nIf the banner does not match the Standard Mandatory DoD Notice and Consent Banner exactly, this is a finding.)\n  desc 'fix', %q(Configure the operating system to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nNote: If the system does not have a graphical user interface installed, this requirement is Not Applicable.\n\nAdd the following lines to the [org/gnome/login-screen] section of the \"/etc/dconf/db/local.d/01-banner-message\":\n\nbanner-message-text='You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nRun the following command to update the database:\n\n    $ sudo dconf update)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-230226'\n  tag rid: 'SV-230226r743916_rule'\n  tag stig_id: 'RHEL-08-010050'\n  tag fix_id: 'F-32870r743915_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host', 'container'\n\n  only_if(\"The system does not have GNOME installed; this requirement is Not\n        Applicable.\", impact: 0.0) { package('gnome-desktop3').installed? }\n\n  banner = command('grep ^banner-message-text /etc/dconf/db/local.d/*').stdout.gsub(/[\\r\\n\\s]/, '')\n  expected_banner = input('banner_message_text_gui').gsub(/[\\r\\n\\s]/, '')\n\n  describe 'The GUI Banner ' do\n    it 'is set to the standard banner and has the correct text' do\n      expect(banner).to eq(expected_banner), 'Banner does not match expected text'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230226.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":4.7e-05,"start_time":"2024-01-09T19:40:38-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: The system does not have GNOME installed; this requirement is Not\n        Applicable.","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-230227","title":"RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a command line\nuser logon.","desc":"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\""},{"label":"check","data":"Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner\nbefore granting access to the operating system via a command line user logon.\n\n    Check that RHEL 8 displays a banner at the command line login screen with\nthe following command:\n\n    $ sudo cat /etc/issue\n\n    If the banner is set correctly it will return the following text:\n\n    “You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.”\n\n    If the banner text does not match the Standard Mandatory DoD Notice and\nConsent Banner exactly, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to display the Standard Mandatory DoD Notice and Consent\nBanner before granting access to the system via command line logon.\n\n    Edit the \"/etc/issue\" file to replace the default text with the Standard\nMandatory DoD Notice and Consent Banner. The DoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests -- not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-GPOS-00006","satisfies":["SRG-OS-000023-GPOS-00006","SRG-OS-000228-GPOS-00088"],"gid":"V-230227","rid":"SV-230227r627750_rule","stig_id":"RHEL-08-010060","fix_id":"F-32871r567428_fix","cci":["CCI-000048"],"nist":["AC-8 a"],"host":null},"code":"control 'SV-230227' do\n  title 'RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a command line\nuser logon.'\n  desc 'Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"'\n  desc 'check', 'Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner\nbefore granting access to the operating system via a command line user logon.\n\n    Check that RHEL 8 displays a banner at the command line login screen with\nthe following command:\n\n    $ sudo cat /etc/issue\n\n    If the banner is set correctly it will return the following text:\n\n    “You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.”\n\n    If the banner text does not match the Standard Mandatory DoD Notice and\nConsent Banner exactly, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to display the Standard Mandatory DoD Notice and Consent\nBanner before granting access to the system via command line logon.\n\n    Edit the \"/etc/issue\" file to replace the default text with the Standard\nMandatory DoD Notice and Consent Banner. The DoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests -- not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-230227'\n  tag rid: 'SV-230227r627750_rule'\n  tag stig_id: 'RHEL-08-010060'\n  tag fix_id: 'F-32871r567428_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  banner_file = file('/etc/issue')\n\n  describe banner_file do\n    it { should exist }\n  end\n\n  if banner_file.exist?\n\n    banner = banner_file.content.gsub(/[\\r\\n\\s]/, '')\n    expected_banner = input('banner_message_text_cli').gsub(/[\\r\\n\\s]/, '')\n\n    describe 'The CLI Login Banner ' do\n      it 'is set to the standard banner and has the correct text' do\n        expect(banner).to eq(expected_banner), 'Banner does not match expected text'\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230227.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /etc/issue is expected to exist","run_time":0.008627,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"file","resource_params":"[\"/etc/issue\"]","resource_id":"/etc/issue"},{"status":"passed","code_desc":"The CLI Login Banner  is set to the standard banner and has the correct text","run_time":9.1e-05,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The CLI Login Banner"}]},{"id":"SV-230228","title":"All RHEL 8 remote access methods must be monitored.","desc":"Remote access services, such as those providing remote access to\nnetwork devices and information systems, which lack automated monitoring\ncapabilities, increase risk and make remote user access management difficult at\nbest.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    Automated monitoring of remote access sessions allows organizations to\ndetect cyber attacks and ensure ongoing compliance with remote access policies\nby auditing connection activities of remote access capabilities, such as Remote\nDesktop Protocol (RDP), on a variety of information system components (e.g.,\nservers, workstations, notebook computers, smartphones, and tablets).","descriptions":[{"label":"default","data":"Remote access services, such as those providing remote access to\nnetwork devices and information systems, which lack automated monitoring\ncapabilities, increase risk and make remote user access management difficult at\nbest.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    Automated monitoring of remote access sessions allows organizations to\ndetect cyber attacks and ensure ongoing compliance with remote access policies\nby auditing connection activities of remote access capabilities, such as Remote\nDesktop Protocol (RDP), on a variety of information system components (e.g.,\nservers, workstations, notebook computers, smartphones, and tablets)."},{"label":"check","data":"Verify that RHEL 8 monitors all remote access methods.\n\n    Check that remote access methods are being logged by running the following\ncommand:\n\n    $ sudo grep -E '(auth.*|authpriv.*|daemon.*)' /etc/rsyslog.conf\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    If \"auth.*\", \"authpriv.*\" or \"daemon.*\" are not configured to be\nlogged, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to monitor all remote access methods by installing rsyslog\nwith the following command:\n\n    $ sudo yum install rsyslog\n\n    Then add or update the following lines to the \"/etc/rsyslog.conf\" file:\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    The \"rsyslog\" service must be restarted for the changes to take effect.\nTo restart the \"rsyslog\" service, run the following command:\n\n    $ sudo systemctl restart rsyslog.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000032-GPOS-00013","gid":"V-230228","rid":"SV-230228r627750_rule","stig_id":"RHEL-08-010070","fix_id":"F-32872r567431_fix","cci":["CCI-000067"],"nist":["AC-17 (1)"],"host":null,"container-conditional":null},"code":"control 'SV-230228' do\n  title 'All RHEL 8 remote access methods must be monitored.'\n  desc 'Remote access services, such as those providing remote access to\nnetwork devices and information systems, which lack automated monitoring\ncapabilities, increase risk and make remote user access management difficult at\nbest.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    Automated monitoring of remote access sessions allows organizations to\ndetect cyber attacks and ensure ongoing compliance with remote access policies\nby auditing connection activities of remote access capabilities, such as Remote\nDesktop Protocol (RDP), on a variety of information system components (e.g.,\nservers, workstations, notebook computers, smartphones, and tablets).'\n  desc 'check', %q(Verify that RHEL 8 monitors all remote access methods.\n\n    Check that remote access methods are being logged by running the following\ncommand:\n\n    $ sudo grep -E '(auth.*|authpriv.*|daemon.*)' /etc/rsyslog.conf\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    If \"auth.*\", \"authpriv.*\" or \"daemon.*\" are not configured to be\nlogged, this is a finding.)\n  desc 'fix', 'Configure RHEL 8 to monitor all remote access methods by installing rsyslog\nwith the following command:\n\n    $ sudo yum install rsyslog\n\n    Then add or update the following lines to the \"/etc/rsyslog.conf\" file:\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    The \"rsyslog\" service must be restarted for the changes to take effect.\nTo restart the \"rsyslog\" service, run the following command:\n\n    $ sudo systemctl restart rsyslog.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000032-GPOS-00013'\n  tag gid: 'V-230228'\n  tag rid: 'SV-230228r627750_rule'\n  tag stig_id: 'RHEL-08-010070'\n  tag fix_id: 'F-32872r567431_fix'\n  tag cci: ['CCI-000067']\n  tag nist: ['AC-17 (1)']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable; remote access not configured within containerized RHEL', impact: 0.0) {\n    !(virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?)\n  }\n\n  rsyslog = file('/etc/rsyslog.conf')\n\n  describe rsyslog do\n    it { should exist }\n  end\n\n  if rsyslog.exist?\n\n    auth_pattern = %r{^\\s*[a-z.;*]*auth(,[a-z,]+)*\\.\\*\\s*/*}\n    authpriv_pattern = %r{^\\s*[a-z.;*]*authpriv(,[a-z,]+)*\\.\\*\\s*/*}\n    daemon_pattern = %r{^\\s*[a-z.;*]*daemon(,[a-z,]+)*\\.\\*\\s*/*}\n\n    rsyslog_conf = command('grep -E \\'(auth.*|authpriv.*|daemon.*)\\' /etc/rsyslog.conf')\n\n    describe 'Logged remote access methods' do\n      it 'should include auth.*' do\n        expect(rsyslog_conf.stdout).to match(auth_pattern), 'auth.* not configured for logging'\n      end\n      it 'should include authpriv.*' do\n        expect(rsyslog_conf.stdout).to match(authpriv_pattern), 'authpriv.* not configured for logging'\n      end\n      it 'should include daemon.*' do\n        expect(rsyslog_conf.stdout).to match(daemon_pattern), 'daemon.* not configured for logging'\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230228.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /etc/rsyslog.conf is expected to exist","run_time":6.1e-05,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"file","resource_params":"[\"/etc/rsyslog.conf\"]","resource_id":"/etc/rsyslog.conf"},{"status":"passed","code_desc":"Logged remote access methods should include auth.*","run_time":0.103051,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Logged remote access methods"},{"status":"passed","code_desc":"Logged remote access methods should include authpriv.*","run_time":0.000145,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Logged remote access methods"},{"status":"passed","code_desc":"Logged remote access methods should include daemon.*","run_time":8.8e-05,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Logged remote access methods"}]},{"id":"SV-230229","title":"RHEL 8, for PKI-based authentication, must validate certificates by\nconstructing a certification path (which includes status information) to an\naccepted trust anchor.","desc":"Without path validation, an informed trust decision by the relying\nparty cannot be made when presented with any certificate not already explicitly\ntrusted.\n\n  A trust anchor is an authoritative entity represented via a public key and\nassociated data. It is used in the context of public key infrastructures, X.509\ndigital certificates, and DNSSEC.\n\n  When there is a chain of trust, usually the top entity to be trusted\nbecomes the trust anchor; it can be, for example, a Certification Authority\n(CA). A certification path starts with the subject certificate and proceeds\nthrough a number of intermediate certificates up to a trusted root certificate,\ntypically issued by a trusted CA.\n\n    This requirement verifies that a certification path to an accepted trust\nanchor is used for certificate validation and that the path includes status\ninformation. Path validation is necessary for a relying party to make an\ninformed trust decision when presented with any certificate not already\nexplicitly trusted. Status information for certification paths includes\ncertificate revocation lists or online certificate status protocol responses.\nValidation of the certificate status information is out of scope for this\nrequirement.","descriptions":[{"label":"default","data":"Without path validation, an informed trust decision by the relying\nparty cannot be made when presented with any certificate not already explicitly\ntrusted.\n\n  A trust anchor is an authoritative entity represented via a public key and\nassociated data. It is used in the context of public key infrastructures, X.509\ndigital certificates, and DNSSEC.\n\n  When there is a chain of trust, usually the top entity to be trusted\nbecomes the trust anchor; it can be, for example, a Certification Authority\n(CA). A certification path starts with the subject certificate and proceeds\nthrough a number of intermediate certificates up to a trusted root certificate,\ntypically issued by a trusted CA.\n\n    This requirement verifies that a certification path to an accepted trust\nanchor is used for certificate validation and that the path includes status\ninformation. Path validation is necessary for a relying party to make an\ninformed trust decision when presented with any certificate not already\nexplicitly trusted. Status information for certification paths includes\ncertificate revocation lists or online certificate status protocol responses.\nValidation of the certificate status information is out of scope for this\nrequirement."},{"label":"check","data":"Verify RHEL 8 for PKI-based authentication has valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck that the system has a valid DoD root CA installed with the following command:\n\n$ sudo openssl x509 -text -in /etc/sssd/pki/sssd_auth_ca_db.pem\n\nCertificate:\n   Data:\n      Version: 3 (0x2)\n      Serial Number: 1 (0x1)\n      Signature Algorithm: sha256WithRSAEncryption\n      Issuer: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Validity\n         Not Before: Mar 20 18:46:41 2012 GMT\n         Not After   : Dec 30 18:46:41 2029 GMT\n      Subject: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Subject Public Key Info:\n         Public Key Algorithm: rsaEncryption\n\nIf the root ca file is not a DoD-issued certificate with a valid date and installed in the /etc/sssd/pki/sssd_auth_ca_db.pem location, this is a finding."},{"label":"fix","data":"Configure RHEL 8, for PKI-based authentication, to validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nObtain a valid copy of the DoD root CA file from the PKI CA certificate bundle at cyber.mil and copy into the following file:\n\n/etc/sssd/pki/sssd_auth_ca_db.pem"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000066-GPOS-00034","satisfies":["SRG-OS-000066-GPOS-00034","SRG-OS-000384-GPOS-00167"],"gid":"V-230229","rid":"SV-230229r858739_rule","stig_id":"RHEL-08-010090","fix_id":"F-32873r809269_fix","cci":["CCI-000185"],"nist":["IA-5 (2) (a)","IA-5 (2) (b) (1)"],"host":null,"container":null},"code":"control 'SV-230229' do\n  title 'RHEL 8, for PKI-based authentication, must validate certificates by\nconstructing a certification path (which includes status information) to an\naccepted trust anchor.'\n  desc 'Without path validation, an informed trust decision by the relying\nparty cannot be made when presented with any certificate not already explicitly\ntrusted.\n\n  A trust anchor is an authoritative entity represented via a public key and\nassociated data. It is used in the context of public key infrastructures, X.509\ndigital certificates, and DNSSEC.\n\n  When there is a chain of trust, usually the top entity to be trusted\nbecomes the trust anchor; it can be, for example, a Certification Authority\n(CA). A certification path starts with the subject certificate and proceeds\nthrough a number of intermediate certificates up to a trusted root certificate,\ntypically issued by a trusted CA.\n\n    This requirement verifies that a certification path to an accepted trust\nanchor is used for certificate validation and that the path includes status\ninformation. Path validation is necessary for a relying party to make an\ninformed trust decision when presented with any certificate not already\nexplicitly trusted. Status information for certification paths includes\ncertificate revocation lists or online certificate status protocol responses.\nValidation of the certificate status information is out of scope for this\nrequirement.'\n  desc 'check', 'Verify RHEL 8 for PKI-based authentication has valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck that the system has a valid DoD root CA installed with the following command:\n\n$ sudo openssl x509 -text -in /etc/sssd/pki/sssd_auth_ca_db.pem\n\nCertificate:\n   Data:\n      Version: 3 (0x2)\n      Serial Number: 1 (0x1)\n      Signature Algorithm: sha256WithRSAEncryption\n      Issuer: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Validity\n         Not Before: Mar 20 18:46:41 2012 GMT\n         Not After   : Dec 30 18:46:41 2029 GMT\n      Subject: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Subject Public Key Info:\n         Public Key Algorithm: rsaEncryption\n\nIf the root ca file is not a DoD-issued certificate with a valid date and installed in the /etc/sssd/pki/sssd_auth_ca_db.pem location, this is a finding.'\n  desc 'fix', 'Configure RHEL 8, for PKI-based authentication, to validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nObtain a valid copy of the DoD root CA file from the PKI CA certificate bundle at cyber.mil and copy into the following file:\n\n/etc/sssd/pki/sssd_auth_ca_db.pem'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000066-GPOS-00034'\n  tag satisfies: ['SRG-OS-000066-GPOS-00034', 'SRG-OS-000384-GPOS-00167']\n  tag gid: 'V-230229'\n  tag rid: 'SV-230229r858739_rule'\n  tag stig_id: 'RHEL-08-010090'\n  tag fix_id: 'F-32873r809269_fix'\n  tag cci: ['CCI-000185']\n  tag nist: ['IA-5 (2) (a)', 'IA-5 (2) (b) (1)']\n  tag 'host', 'container'\n\n  only_if('If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.', impact: 0.0) {\n    !input('smart_card_enabled')\n  }\n\n  root_ca_file = input('root_ca_file')\n  describe file(root_ca_file) do\n    it { should exist }\n  end\n\n  describe 'Ensure the RootCA is a DoD-issued certificate with a valid date' do\n    if file(root_ca_file).exist?\n      subject { x509_certificate(root_ca_file) }\n      it 'has the correct issuer_dn' do\n        expect(subject.issuer_dn).to match('/C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DoD Root CA 3')\n      end\n      it 'has the correct subject_dn' do\n        expect(subject.subject_dn).to match('/C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DoD Root CA 3')\n      end\n      it 'is valid' do\n        expect(subject.validity_in_days).to be > 0\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230229.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File /etc/sssd/pki/sssd_auth_ca_db.pem is expected to exist","run_time":0.000463,"start_time":"2024-01-09T19:40:38-05:00","message":"expected File /etc/sssd/pki/sssd_auth_ca_db.pem to exist","resource_class":"file","resource_params":"[\"/etc/sssd/pki/sssd_auth_ca_db.pem\"]","resource_id":"/etc/sssd/pki/sssd_auth_ca_db.pem"}]},{"id":"SV-230230","title":"RHEL 8, for certificate-based authentication, must enforce authorized\naccess to the corresponding private key.","desc":"If an unauthorized user obtains access to a private key without a\npasscode, that user would have unauthorized access to any system where the\nassociated public key has been installed.","descriptions":[{"label":"default","data":"If an unauthorized user obtains access to a private key without a\npasscode, that user would have unauthorized access to any system where the\nassociated public key has been installed."},{"label":"check","data":"Verify the SSH private key files have a passcode.\n\nFor each private key stored on the system, use the following command:\n\n$ sudo ssh-keygen -y -f /path/to/file\n\nIf the contents of the key are displayed, this is a finding."},{"label":"fix","data":"Create a new private and public key pair that utilizes a passcode with the\nfollowing command:\n\n    $ sudo ssh-keygen -n [passphrase]"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000067-GPOS-00035","gid":"V-230230","rid":"SV-230230r627750_rule","stig_id":"RHEL-08-010100","fix_id":"F-32874r567437_fix","cci":["CCI-000186"],"nist":["IA-5 (2) (b)","IA-5 (2) (a) (1)"],"host":null},"code":"control 'SV-230230' do\n  title 'RHEL 8, for certificate-based authentication, must enforce authorized\naccess to the corresponding private key.'\n  desc 'If an unauthorized user obtains access to a private key without a\npasscode, that user would have unauthorized access to any system where the\nassociated public key has been installed.'\n  desc 'check', 'Verify the SSH private key files have a passcode.\n\nFor each private key stored on the system, use the following command:\n\n$ sudo ssh-keygen -y -f /path/to/file\n\nIf the contents of the key are displayed, this is a finding.'\n  desc 'fix', 'Create a new private and public key pair that utilizes a passcode with the\nfollowing command:\n\n    $ sudo ssh-keygen -n [passphrase]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000067-GPOS-00035'\n  tag gid: 'V-230230'\n  tag rid: 'SV-230230r627750_rule'\n  tag stig_id: 'RHEL-08-010100'\n  tag fix_id: 'F-32874r567437_fix'\n  tag cci: ['CCI-000186']\n  tag nist: ['IA-5 (2) (b)', 'IA-5 (2) (a) (1)']\n  tag 'host'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'N/A' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('private_key_files').empty?\n    impact 0.0\n    describe 'N/A' do\n      skip 'No private key files were given in the input, this control is Not Applicable'\n    end\n  elsif input('private_key_files').map { |kf| file(kf).exist? }.uniq.first == false\n    describe 'no files found' do\n      skip 'No private key files given in the input were found on the system; please check the input accurately lists all private keys on this system'\n    end\n  else\n    passwordless_keys = input('private_key_files').select { |kf|\n      file(kf).exist? &&\n        !inspec.command(\"ssh-keygen -y -P '' -f #{kf}\").stderr.match('incorrect passphrase supplied to decrypt private key')\n    }\n    describe 'Private key files' do\n      it 'should all have passwords set' do\n        expect(passwordless_keys).to be_empty, \"Passwordless key files:\\n\\t- #{passwordless_keys.join(\"\\n\\t- \")}\"\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230230.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"N/A","run_time":1.0e-05,"start_time":"2024-01-09T19:40:38-05:00","resource":"","skip_message":"No private key files were given in the input, this control is Not Applicable","resource_class":"Object","resource_params":"[]","resource_id":"N/A"}]},{"id":"SV-230231","title":"RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved\ncryptographic hashing algorithm.","desc":"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised.\n\n    Unapproved mechanisms that are used for authentication to the cryptographic\nmodule are not verified and therefore cannot be relied upon to provide\nconfidentiality or integrity, and DoD data may be compromised.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD requirements.","descriptions":[{"label":"default","data":"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised.\n\n    Unapproved mechanisms that are used for authentication to the cryptographic\nmodule are not verified and therefore cannot be relied upon to provide\nconfidentiality or integrity, and DoD data may be compromised.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD requirements."},{"label":"check","data":"Verify that the shadow password suite configuration is set to encrypt\npassword with a FIPS 140-2 approved cryptographic hashing algorithm.\n\n    Check the hashing algorithm that is being used to hash passwords with the\nfollowing command:\n\n    $ sudo grep -i crypt /etc/login.defs\n\n    ENCRYPT_METHOD SHA512\n\n    If \"ENCRYPT_METHOD\" does not equal SHA512 or greater, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to encrypt all stored passwords.\n\n    Edit/Modify the following line in the \"/etc/login.defs\" file and set\n\"[ENCRYPT_METHOD]\" to SHA512.\n\n    ENCRYPT_METHOD SHA512"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000073-GPOS-00041","gid":"V-230231","rid":"SV-230231r877397_rule","stig_id":"RHEL-08-010110","fix_id":"F-32875r567440_fix","cci":["CCI-000196"],"nist":["IA-5 (1) (c)"],"host":null,"container":null},"code":"control 'SV-230231' do\n  title 'RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved\ncryptographic hashing algorithm.'\n  desc 'Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised.\n\n    Unapproved mechanisms that are used for authentication to the cryptographic\nmodule are not verified and therefore cannot be relied upon to provide\nconfidentiality or integrity, and DoD data may be compromised.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD requirements.'\n  desc 'check', 'Verify that the shadow password suite configuration is set to encrypt\npassword with a FIPS 140-2 approved cryptographic hashing algorithm.\n\n    Check the hashing algorithm that is being used to hash passwords with the\nfollowing command:\n\n    $ sudo grep -i crypt /etc/login.defs\n\n    ENCRYPT_METHOD SHA512\n\n    If \"ENCRYPT_METHOD\" does not equal SHA512 or greater, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to encrypt all stored passwords.\n\n    Edit/Modify the following line in the \"/etc/login.defs\" file and set\n\"[ENCRYPT_METHOD]\" to SHA512.\n\n    ENCRYPT_METHOD SHA512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000073-GPOS-00041'\n  tag gid: 'V-230231'\n  tag rid: 'SV-230231r877397_rule'\n  tag stig_id: 'RHEL-08-010110'\n  tag fix_id: 'F-32875r567440_fix'\n  tag cci: ['CCI-000196']\n  tag nist: ['IA-5 (1) (c)']\n  tag 'host', 'container'\n\n  describe login_defs do\n    its('ENCRYPT_METHOD') { should cmp 'SHA512' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230231.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"login.defs ENCRYPT_METHOD is expected to cmp == \"SHA512\"","run_time":0.000623,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"login_defs","resource_params":"[]","resource_id":"/etc/login.defs"}]},{"id":"SV-230232","title":"RHEL 8 must employ FIPS 140-2 approved cryptographic hashing\nalgorithms for all stored passwords.","desc":"The system must use a strong hashing algorithm to store the password.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.","descriptions":[{"label":"default","data":"The system must use a strong hashing algorithm to store the password.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised."},{"label":"check","data":"Confirm that the interactive user account passwords are using a strong\npassword hash with the following command:\n\n    $ sudo cut -d: -f2 /etc/shadow\n\n\n$6$kcOnRq/5$NUEYPuyL.wghQwWssXRcLRFiiru7f5JPV6GaJhNC2aK5F3PZpE/BCCtwrxRc/AInKMNX3CdMw11m9STiql12f/\n\n    Password hashes \"!\" or \"*\" indicate inactive accounts not available for\nlogon and are not evaluated. If any interactive user password hash does not\nbegin with \"$6$\", this is a finding."},{"label":"fix","data":"Lock all interactive user accounts not using SHA-512 hashing\nuntil the passwords can be regenerated with SHA-512."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000073-GPOS-00041","gid":"V-230232","rid":"SV-230232r877397_rule","stig_id":"RHEL-08-010120","fix_id":"F-32876r567443_fix","cci":["CCI-000196"],"nist":["IA-5 (1) (c)"],"host":null,"container":null},"code":"control 'SV-230232' do\n  title 'RHEL 8 must employ FIPS 140-2 approved cryptographic hashing\nalgorithms for all stored passwords.'\n  desc 'The system must use a strong hashing algorithm to store the password.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.'\n  desc 'check', 'Confirm that the interactive user account passwords are using a strong\npassword hash with the following command:\n\n    $ sudo cut -d: -f2 /etc/shadow\n\n\n$6$kcOnRq/5$NUEYPuyL.wghQwWssXRcLRFiiru7f5JPV6GaJhNC2aK5F3PZpE/BCCtwrxRc/AInKMNX3CdMw11m9STiql12f/\n\n    Password hashes \"!\" or \"*\" indicate inactive accounts not available for\nlogon and are not evaluated. If any interactive user password hash does not\nbegin with \"$6$\", this is a finding.'\n  desc 'fix', 'Lock all interactive user accounts not using SHA-512 hashing\nuntil the passwords can be regenerated with SHA-512.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000073-GPOS-00041'\n  tag gid: 'V-230232'\n  tag rid: 'SV-230232r877397_rule'\n  tag stig_id: 'RHEL-08-010120'\n  tag fix_id: 'F-32876r567443_fix'\n  tag cci: ['CCI-000196']\n  tag nist: ['IA-5 (1) (c)']\n  tag 'host', 'container'\n\n  weak_pw_hash_users = inspec.shadow.where { password !~ /^[*!]{1,2}.*$|^\\$6\\$.*$|^$/ }.users\n\n  describe 'All stored passwords' do\n    it 'should only be hashed with the SHA512 algorithm' do\n      message = \"Users without SHA512 hashes:\\n\\t- #{weak_pw_hash_users.join(\"\\n\\t- \")}\"\n      expect(weak_pw_hash_users).to be_empty, message\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230232.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"All stored passwords should only be hashed with the SHA512 algorithm","run_time":0.013428,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All stored passwords"}]},{"id":"SV-230233","title":"The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.","desc":"The system must use a strong hashing algorithm to store the password.\nThe system must use a sufficient number of hashing rounds to ensure the\nrequired level of entropy.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.","descriptions":[{"label":"default","data":"The system must use a strong hashing algorithm to store the password.\nThe system must use a sufficient number of hashing rounds to ensure the\nrequired level of entropy.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised."},{"label":"check","data":"Check that a minimum number of hash rounds is configured by running the following command:\n\n     $ sudo grep -E \"^SHA_CRYPT_\" /etc/login.defs\n\nIf only one of \"SHA_CRYPT_MIN_ROUNDS\" or \"SHA_CRYPT_MAX_ROUNDS\" is set, and this value is below \"5000\", this is a finding.\n\nIf both \"SHA_CRYPT_MIN_ROUNDS\" and \"SHA_CRYPT_MAX_ROUNDS\" are set, and the highest value for either is below \"5000\", this is a finding."},{"label":"fix","data":"Configure RHEL 8 to encrypt all stored passwords with a strong cryptographic hash.\n\nEdit/modify the following line in the \"/etc/login.defs\" file and set \"SHA_CRYPT_MIN_ROUNDS\" to a value no lower than \"5000\":\n\nSHA_CRYPT_MIN_ROUNDS 5000"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000073-GPOS-00041","gid":"V-230233","rid":"SV-230233r880705_rule","stig_id":"RHEL-08-010130","fix_id":"F-32877r809272_fix","cci":["CCI-000196"],"nist":["IA-5 (1) (c)"],"host":null,"container":null},"code":"control 'SV-230233' do\n  title 'The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.'\n  desc 'The system must use a strong hashing algorithm to store the password.\nThe system must use a sufficient number of hashing rounds to ensure the\nrequired level of entropy.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.'\n  desc 'check', 'Check that a minimum number of hash rounds is configured by running the following command:\n\n     $ sudo grep -E \"^SHA_CRYPT_\" /etc/login.defs\n\nIf only one of \"SHA_CRYPT_MIN_ROUNDS\" or \"SHA_CRYPT_MAX_ROUNDS\" is set, and this value is below \"5000\", this is a finding.\n\nIf both \"SHA_CRYPT_MIN_ROUNDS\" and \"SHA_CRYPT_MAX_ROUNDS\" are set, and the highest value for either is below \"5000\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to encrypt all stored passwords with a strong cryptographic hash.\n\nEdit/modify the following line in the \"/etc/login.defs\" file and set \"SHA_CRYPT_MIN_ROUNDS\" to a value no lower than \"5000\":\n\nSHA_CRYPT_MIN_ROUNDS 5000'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000073-GPOS-00041'\n  tag gid: 'V-230233'\n  tag rid: 'SV-230233r880705_rule'\n  tag stig_id: 'RHEL-08-010130'\n  tag fix_id: 'F-32877r809272_fix'\n  tag cci: ['CCI-000196']\n  tag nist: ['IA-5 (1) (c)']\n  tag 'host', 'container'\n\n  describe login_defs do\n    its('SHA_CRYPT_MIN_ROUNDS') { should cmp >= input('sha_crypt_min_rounds') }\n    its('SHA_CRYPT_MAX_ROUNDS') { should cmp >= input('sha_crypt_max_rounds') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230233.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"login.defs SHA_CRYPT_MIN_ROUNDS is expected to cmp >= 5000","run_time":0.000797,"start_time":"2024-01-09T19:40:38-05:00","message":"\nexpected it to be >= 5000\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"login_defs","resource_params":"[]","resource_id":"/etc/login.defs"},{"status":"failed","code_desc":"login.defs SHA_CRYPT_MAX_ROUNDS is expected to cmp >= 5000","run_time":0.00022,"start_time":"2024-01-09T19:40:38-05:00","message":"\nexpected it to be >= 5000\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"login_defs","resource_params":"[]","resource_id":"/etc/login.defs"}]},{"id":"SV-230234","title":"RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require authentication upon booting into single-user mode\nand maintenance.","desc":"If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.","descriptions":[{"label":"default","data":"If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu."},{"label":"check","data":"For systems that use BIOS, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use UEFI, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding."},{"label":"fix","data":"Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/efi/EFI/redhat/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:"}],"impact":0.0,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000080-GPOS-00048","gid":"V-230234","rid":"SV-230234r743922_rule","stig_id":"RHEL-08-010140","fix_id":"F-32878r743921_fix","cci":["CCI-000213"],"nist":["AC-3"],"host":null},"code":"control 'SV-230234' do\n  title 'RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require authentication upon booting into single-user mode\nand maintenance.'\n  desc 'If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.'\n  desc 'check', 'For systems that use BIOS, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use UEFI, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding.'\n  desc 'fix', 'Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/efi/EFI/redhat/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-230234'\n  tag rid: 'SV-230234r743922_rule'\n  tag stig_id: 'RHEL-08-010140'\n  tag fix_id: 'F-32878r743921_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if file('/sys/firmware/efi').exist?\n    input('grub_uefi_user_boot_files').each do |grub_user_file|\n      describe parse_config_file(grub_user_file) do\n        its('GRUB2_PASSWORD') { should include 'grub.pbkdf2.sha512' }\n      end\n    end\n  else\n    impact 0.0\n    describe 'System running BIOS' do\n      skip 'The System is running BIOS, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230234.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"System running BIOS","run_time":8.0e-06,"start_time":"2024-01-09T19:40:38-05:00","resource":"","skip_message":"The System is running BIOS, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"System running BIOS"}]},{"id":"SV-230235","title":"RHEL 8 operating systems booted with a BIOS must require\nauthentication upon booting into single-user and maintenance modes.","desc":"If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.","descriptions":[{"label":"default","data":"If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu."},{"label":"check","data":"For systems that use UEFI, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use a BIOS, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/grub2/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding."},{"label":"fix","data":"Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/grub2/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000080-GPOS-00048","gid":"V-230235","rid":"SV-230235r743925_rule","stig_id":"RHEL-08-010150","fix_id":"F-32879r743924_fix","cci":["CCI-000213"],"nist":["AC-3"],"host":null},"code":"control 'SV-230235' do\n  title 'RHEL 8 operating systems booted with a BIOS must require\nauthentication upon booting into single-user and maintenance modes.'\n  desc 'If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.'\n  desc 'check', 'For systems that use UEFI, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use a BIOS, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/grub2/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding.'\n  desc 'fix', 'Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/grub2/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-230235'\n  tag rid: 'SV-230235r743925_rule'\n  tag stig_id: 'RHEL-08-010150'\n  tag fix_id: 'F-32879r743924_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe 'System running UEFI' do\n      skip 'The System is running UEFI, this control is Not Applicable.'\n    end\n  else\n    input('grub_user_boot_files').each do |grub_user_file|\n      describe parse_config_file(grub_user_file) do\n        its('GRUB2_PASSWORD') { should include 'grub.pbkdf2.sha512' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230235.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"Parse Config File /boot/grub2/user.cfg","run_time":6.0e-06,"start_time":"2024-01-09T19:40:38-05:00","resource":"Parse Config File /boot/grub2/user.cfg","skip_message":"Can't find file: /boot/grub2/user.cfg","resource_class":"parse_config_file","resource_params":"[\"/boot/grub2/user.cfg\"]","resource_id":"/boot/grub2/user.cfg"}]},{"id":"SV-230236","title":"RHEL 8 operating systems must require authentication upon booting into\nrescue mode.","desc":"If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.","descriptions":[{"label":"default","data":"If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system."},{"label":"check","data":"Check to see if the system requires authentication for rescue mode with the\nfollowing command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/rescue.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell rescue\", commented out, or missing,\nthis is a finding."},{"label":"fix","data":"Configure the system to require authentication upon booting into rescue\nmode by adding the following line to the\n\"/usr/lib/systemd/system/rescue.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000080-GPOS-00048","gid":"V-230236","rid":"SV-230236r743928_rule","stig_id":"RHEL-08-010151","fix_id":"F-32880r743927_fix","cci":["CCI-000213"],"nist":["AC-3"],"host":null},"code":"control 'SV-230236' do\n  title 'RHEL 8 operating systems must require authentication upon booting into\nrescue mode.'\n  desc 'If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.'\n  desc 'check', 'Check to see if the system requires authentication for rescue mode with the\nfollowing command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/rescue.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell rescue\", commented out, or missing,\nthis is a finding.'\n  desc 'fix', 'Configure the system to require authentication upon booting into rescue\nmode by adding the following line to the\n\"/usr/lib/systemd/system/rescue.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-230236'\n  tag rid: 'SV-230236r743928_rule'\n  tag stig_id: 'RHEL-08-010151'\n  tag fix_id: 'F-32880r743927_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n  describe service('rescue') do\n    its('params.ExecStart') { should include '/usr/lib/systemd/systemd-sulogin-shell rescue' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230236.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Service rescue params.ExecStart is expected to include \"/usr/lib/systemd/systemd-sulogin-shell rescue\"","run_time":0.435689,"start_time":"2024-01-09T19:40:38-05:00","resource_class":"service","resource_params":"[\"rescue\"]","resource_id":"rescue"}]},{"id":"SV-230237","title":"The RHEL 8 pam_unix.so module must be configured in the password-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.","desc":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.","descriptions":[{"label":"default","data":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."},{"label":"check","data":"Verify that the pam_unix.so module is configured to use sha512.\n\nCheck that the pam_unix.so module is configured to use sha512 in /etc/pam.d/password-auth with the following command:\n\n$ sudo grep password /etc/pam.d/password-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/password-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000120-GPOS-00061","gid":"V-230237","rid":"SV-230237r809276_rule","stig_id":"RHEL-08-010160","fix_id":"F-32881r809275_fix","cci":["CCI-000803"],"nist":["IA-7"],"host":null,"container":null},"code":"control 'SV-230237' do\n  title 'The RHEL 8 pam_unix.so module must be configured in the password-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify that the pam_unix.so module is configured to use sha512.\n\nCheck that the pam_unix.so module is configured to use sha512 in /etc/pam.d/password-auth with the following command:\n\n$ sudo grep password /etc/pam.d/password-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/password-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-230237'\n  tag rid: 'SV-230237r809276_rule'\n  tag stig_id: 'RHEL-08-010160'\n  tag fix_id: 'F-32881r809275_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') { should match_pam_rule('.* .* pam_unix.so sha512') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230237.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include .* .* pam_unix.so sha512","run_time":0.003098,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""}]},{"id":"SV-230238","title":"RHEL 8 must prevent system daemons from using Kerberos for\nauthentication.","desc":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    The key derivation function (KDF) in Kerberos is not FIPS compatible.\nEnsuring the system does not have any keytab files present prevents system\ndaemons from using Kerberos for authentication.  A keytab is a file containing\npairs of Kerberos principals and encrypted keys.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.","descriptions":[{"label":"default","data":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    The key derivation function (KDF) in Kerberos is not FIPS compatible.\nEnsuring the system does not have any keytab files present prevents system\ndaemons from using Kerberos for authentication.  A keytab is a file containing\npairs of Kerberos principals and encrypted keys.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."},{"label":"check","data":"Verify that RHEL 8 prevents system daemons from using Kerberos for\nauthentication.\n\n    If the system is a server utilizing krb5-server-1.17-18.el8.x86_64 or\nnewer, this requirement is not applicable.\n    If the system is a workstation utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this requirement is not\napplicable.\n\n    Check if there are available keytabs with the following command:\n\n    $ sudo ls -al /etc/*.keytab\n\n    If this command produces any file(s), this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent system daemons from using Kerberos for\nauthentication.\n\n    Remove any files with the .keytab extension from the operating system."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000120-GPOS-00061","gid":"V-230238","rid":"SV-230238r646862_rule","stig_id":"RHEL-08-010161","fix_id":"F-32882r567461_fix","cci":["CCI-000803"],"nist":["IA-7"],"host":null,"container":null},"code":"control 'SV-230238' do\n  title 'RHEL 8 must prevent system daemons from using Kerberos for\nauthentication.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    The key derivation function (KDF) in Kerberos is not FIPS compatible.\nEnsuring the system does not have any keytab files present prevents system\ndaemons from using Kerberos for authentication.  A keytab is a file containing\npairs of Kerberos principals and encrypted keys.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify that RHEL 8 prevents system daemons from using Kerberos for\nauthentication.\n\n    If the system is a server utilizing krb5-server-1.17-18.el8.x86_64 or\nnewer, this requirement is not applicable.\n    If the system is a workstation utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this requirement is not\napplicable.\n\n    Check if there are available keytabs with the following command:\n\n    $ sudo ls -al /etc/*.keytab\n\n    If this command produces any file(s), this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent system daemons from using Kerberos for\nauthentication.\n\n    Remove any files with the .keytab extension from the operating system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-230238'\n  tag rid: 'SV-230238r646862_rule'\n  tag stig_id: 'RHEL-08-010161'\n  tag fix_id: 'F-32882r567461_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  krb5_server = package('krb5-server')\n  krb5_workstation = package('krb5-workstation')\n\n  if (krb5_server.installed? && krb5_server.version >= '1.17-18.el8') || (krb5_workstation.installed? && krb5_workstation.version >= '1.17-18.el8')\n    impact 0.0\n    describe 'The system has krb5-workstation and server version 1.17-18 or higher' do\n      skip 'The system has krb5-workstation and server version 1.17-18 or higner, this requirement is Not Applicable.'\n    end\n  else\n    keytabs = command('ls /etc/*.keytab').stdout.split\n    describe 'The system' do\n      it 'should not have keytab files for Kerberos' do\n        expect(keytabs).to be_empty, \"Keytab files:\\n\\t- #{keytabs.join(\"\\n\\t- \")}\"\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230238.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The system should not have keytab files for Kerberos","run_time":0.012336,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The system"}]},{"id":"SV-230239","title":"The krb5-workstation package must not be installed on RHEL 8.","desc":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.","descriptions":[{"label":"default","data":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."},{"label":"check","data":"Verify the krb5-workstation package has not been installed on the system\nwith the following commands:\n\n    If the system is a server or is utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this is Not Applicable.\n\n    $ sudo yum list installed krb5-workstation\n\n    krb5-workstation.x86_64\n1.17-9.el8                                                  repository\n\n    If the krb5-workstation package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."},{"label":"fix","data":"Document the krb5-workstation package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-workstation"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000120-GPOS-00061","gid":"V-230239","rid":"SV-230239r646864_rule","stig_id":"RHEL-08-010162","fix_id":"F-32883r567464_fix","cci":["CCI-000803"],"nist":["IA-7"],"host":null,"container":null},"code":"control 'SV-230239' do\n  title 'The krb5-workstation package must not be installed on RHEL 8.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify the krb5-workstation package has not been installed on the system\nwith the following commands:\n\n    If the system is a server or is utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this is Not Applicable.\n\n    $ sudo yum list installed krb5-workstation\n\n    krb5-workstation.x86_64\n1.17-9.el8                                                  repository\n\n    If the krb5-workstation package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the krb5-workstation package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-workstation'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-230239'\n  tag rid: 'SV-230239r646864_rule'\n  tag stig_id: 'RHEL-08-010162'\n  tag fix_id: 'F-32883r567464_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  krb5_workstation = package('krb5-workstation')\n\n  if krb5_workstation.installed? && krb5_workstation.version >= '1.17-18.el8'\n    impact 0.0\n    describe 'N/A' do\n      skip 'Kerberos installation is at version 1.17-18.el8 or greater; this control is Not Applicable'\n    end\n  else\n    describe krb5_workstation do\n      it { should_not be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230239.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package krb5-workstation is expected not to be installed","run_time":0.000456,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"package","resource_params":"[\"krb5-workstation\"]","resource_id":"krb5-workstation"}]},{"id":"SV-230240","title":"RHEL 8 must use a Linux Security Module configured to enforce limits\non system services.","desc":"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.","descriptions":[{"label":"default","data":"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality."},{"label":"check","data":"Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and in \"Enforcing\" mode with the following\ncommand:\n\n    $ sudo getenforce\n    Enforcing\n\n    If \"SELinux\" is not active and not in \"Enforcing\" mode, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinux\" status and the \"Enforcing\" mode by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUX=enforcing\n\n    A reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000134-GPOS-00068","gid":"V-230240","rid":"SV-230240r627750_rule","stig_id":"RHEL-08-010170","fix_id":"F-32884r567467_fix","cci":["CCI-001084"],"nist":["SC-3"],"host":null},"code":"control 'SV-230240' do\n  title 'RHEL 8 must use a Linux Security Module configured to enforce limits\non system services.'\n  desc 'Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.'\n  desc 'check', 'Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and in \"Enforcing\" mode with the following\ncommand:\n\n    $ sudo getenforce\n    Enforcing\n\n    If \"SELinux\" is not active and not in \"Enforcing\" mode, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinux\" status and the \"Enforcing\" mode by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUX=enforcing\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag gid: 'V-230240'\n  tag rid: 'SV-230240r627750_rule'\n  tag stig_id: 'RHEL-08-010170'\n  tag fix_id: 'F-32884r567467_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  describe selinux do\n    it { should be_enforcing }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230240.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SELinux is expected to be enforcing","run_time":0.010591,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"selinux","resource_params":"[]","resource_id":""}]},{"id":"SV-230241","title":"RHEL 8 must have policycoreutils package installed.","desc":"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    Policycoreutils contains the policy core utilities that are required for\nbasic operation of an SELinux-enabled system. These utilities include\nload_policy to load SELinux policies, setfile to label filesystems, newrole to\nswitch roles, and run_init to run /etc/init.d scripts in the proper context.","descriptions":[{"label":"default","data":"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    Policycoreutils contains the policy core utilities that are required for\nbasic operation of an SELinux-enabled system. These utilities include\nload_policy to load SELinux policies, setfile to label filesystems, newrole to\nswitch roles, and run_init to run /etc/init.d scripts in the proper context."},{"label":"check","data":"Verify the operating system has the policycoreutils package installed with\nthe following command:\n\n    $ sudo yum list installed policycoreutils\n\n    policycoreutils.x86_64\n2.9-3.el8                                                  @anaconda\n\n    If the policycoreutils package is not installed, this is a finding."},{"label":"fix","data":"Configure the operating system to have the policycoreutils package\ninstalled with the following command:\n\n    $ sudo yum install policycoreutils"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000134-GPOS-00068","gid":"V-230241","rid":"SV-230241r627750_rule","stig_id":"RHEL-08-010171","fix_id":"F-32885r567470_fix","cci":["CCI-001084"],"nist":["SC-3"],"host":null},"code":"control 'SV-230241' do\n  title 'RHEL 8 must have policycoreutils package installed.'\n  desc 'Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    Policycoreutils contains the policy core utilities that are required for\nbasic operation of an SELinux-enabled system. These utilities include\nload_policy to load SELinux policies, setfile to label filesystems, newrole to\nswitch roles, and run_init to run /etc/init.d scripts in the proper context.'\n  desc 'check', 'Verify the operating system has the policycoreutils package installed with\nthe following command:\n\n    $ sudo yum list installed policycoreutils\n\n    policycoreutils.x86_64\n2.9-3.el8                                                  @anaconda\n\n    If the policycoreutils package is not installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to have the policycoreutils package\ninstalled with the following command:\n\n    $ sudo yum install policycoreutils'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag gid: 'V-230241'\n  tag rid: 'SV-230241r627750_rule'\n  tag stig_id: 'RHEL-08-010171'\n  tag fix_id: 'F-32885r567470_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  describe package('policycoreutils') do\n    it { should be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230241.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package policycoreutils is expected to be installed","run_time":0.093149,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"package","resource_params":"[\"policycoreutils\"]","resource_id":"policycoreutils"}]},{"id":"SV-230243","title":"A sticky bit must be set on all RHEL 8 public directories to prevent\nunauthorized and unintended information transferred via shared system\nresources.","desc":"Preventing unauthorized information transfers mitigates the risk of\ninformation, including encrypted representations of information, produced by\nthe actions of prior users/roles (or the actions of processes acting on behalf\nof prior users/roles) from being available to any current users/roles (or\ncurrent processes) that obtain access to shared system resources (e.g.,\nregisters, main memory, hard disks) after those resources have been released\nback to information systems. The control of information in shared resources is\nalso commonly referred to as object reuse and residual information protection.\n\n    This requirement generally applies to the design of an information\ntechnology product, but it can also apply to the configuration of particular\ninformation system components that are, or use, such products. This can be\nverified by acceptance/validation processes in DoD or other government agencies.\n\n    There may be shared resources with configurable protections (e.g., files in\nstorage) that may be assessed on specific information system components.","descriptions":[{"label":"default","data":"Preventing unauthorized information transfers mitigates the risk of\ninformation, including encrypted representations of information, produced by\nthe actions of prior users/roles (or the actions of processes acting on behalf\nof prior users/roles) from being available to any current users/roles (or\ncurrent processes) that obtain access to shared system resources (e.g.,\nregisters, main memory, hard disks) after those resources have been released\nback to information systems. The control of information in shared resources is\nalso commonly referred to as object reuse and residual information protection.\n\n    This requirement generally applies to the design of an information\ntechnology product, but it can also apply to the configuration of particular\ninformation system components that are, or use, such products. This can be\nverified by acceptance/validation processes in DoD or other government agencies.\n\n    There may be shared resources with configurable protections (e.g., files in\nstorage) that may be assessed on specific information system components."},{"label":"check","data":"Verify that all world-writable directories have the sticky bit set.\n\nCheck to see that all world-writable directories have the sticky bit set by running the following command:\n\n$ sudo find / -type d \\( -perm -0002 -a ! -perm -1000 \\) -print 2>/dev/null\n\ndrwxrwxrwt 7 root root 4096 Jul 26 11:19 /tmp\n\nIf any of the returned directories are world-writable and do not have the sticky bit set, this is a finding."},{"label":"fix","data":"Configure all world-writable directories to have the sticky bit set to\nprevent unauthorized and unintended information transferred via shared system\nresources.\n\n    Set the sticky bit on all world-writable directories using the command,\nreplace \"[World-Writable Directory]\" with any directory path missing the\nsticky bit:\n\n    $ sudo chmod 1777 [World-Writable Directory]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000138-GPOS-00069","gid":"V-230243","rid":"SV-230243r792857_rule","stig_id":"RHEL-08-010190","fix_id":"F-32887r567476_fix","cci":["CCI-001090"],"nist":["SC-4"]},"code":"control 'SV-230243' do\n  title 'A sticky bit must be set on all RHEL 8 public directories to prevent\nunauthorized and unintended information transferred via shared system\nresources.'\n  desc 'Preventing unauthorized information transfers mitigates the risk of\ninformation, including encrypted representations of information, produced by\nthe actions of prior users/roles (or the actions of processes acting on behalf\nof prior users/roles) from being available to any current users/roles (or\ncurrent processes) that obtain access to shared system resources (e.g.,\nregisters, main memory, hard disks) after those resources have been released\nback to information systems. The control of information in shared resources is\nalso commonly referred to as object reuse and residual information protection.\n\n    This requirement generally applies to the design of an information\ntechnology product, but it can also apply to the configuration of particular\ninformation system components that are, or use, such products. This can be\nverified by acceptance/validation processes in DoD or other government agencies.\n\n    There may be shared resources with configurable protections (e.g., files in\nstorage) that may be assessed on specific information system components.'\n  desc 'check', 'Verify that all world-writable directories have the sticky bit set.\n\nCheck to see that all world-writable directories have the sticky bit set by running the following command:\n\n$ sudo find / -type d \\\\( -perm -0002 -a ! -perm -1000 \\\\) -print 2>/dev/null\n\ndrwxrwxrwt 7 root root 4096 Jul 26 11:19 /tmp\n\nIf any of the returned directories are world-writable and do not have the sticky bit set, this is a finding.'\n  desc 'fix', 'Configure all world-writable directories to have the sticky bit set to\nprevent unauthorized and unintended information transferred via shared system\nresources.\n\n    Set the sticky bit on all world-writable directories using the command,\nreplace \"[World-Writable Directory]\" with any directory path missing the\nsticky bit:\n\n    $ sudo chmod 1777 [World-Writable Directory]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000138-GPOS-00069'\n  tag gid: 'V-230243'\n  tag rid: 'SV-230243r792857_rule'\n  tag stig_id: 'RHEL-08-010190'\n  tag fix_id: 'F-32887r567476_fix'\n  tag cci: ['CCI-001090']\n  tag nist: ['SC-4']\n\n  ww_dirs = command('find / -type d \\\\( -perm -0002 -a ! -perm -1000 \\\\) -print 2>/dev/null').stdout.split(\"\\n\")\n\n  if ww_dirs.empty?\n    describe 'List of world-writable directories on the target' do\n      subject { ww_dirs }\n      it { should be_empty }\n    end\n  else\n    non_sticky_ww_dirs = ww_dirs.reject { |dir| file(dir).sticky? }\n    describe 'All public directories' do\n      it 'should have the sticky bit set' do\n        fail_msg = \"Public directories without sticky bit:\\n\\t- #{non_sticky_ww_dirs.join(\"\\n\\t- \")}\"\n        expect(non_sticky_ww_dirs).to be_empty, fail_msg\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230243.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"List of world-writable directories on the target is expected to be empty","run_time":0.012684,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"Object","resource_params":"[]","resource_id":"List of world-writable directories on the target"}]},{"id":"SV-230244","title":"RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.","desc":"Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\n        Terminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\n        RHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.","descriptions":[{"label":"default","data":"Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\n        Terminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\n        RHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages."},{"label":"check","data":"Verify the SSH server automatically terminates a user session after the SSH client has become unresponsive.\n\n        Check that the \"ClientAliveCountMax\" is set to \"1\" by performing the following command:\n\n            $ sudo grep -ir clientalivecountmax /etc/ssh/sshd_config*\n\n            ClientAliveCountMax 1\n\n        If \"ClientAliveCountMax\" do not exist, is not set to a value of \"1\" in \"/etc/ssh/sshd_config\", or is commented out, this is a finding.\n\n        If conflicting results are returned, this is a finding."},{"label":"fix","data":"Note: This setting must be applied in conjunction with RHEL-08-010201 to function correctly.\n\n        Configure the SSH server to terminate a user session automatically after the SSH client has become unresponsive.\n\n        Modify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n            ClientAliveCountMax 1\n\n        For the changes to take effect, the SSH daemon must be restarted:\n\n            $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-GPOS-00072","satisfies":["SRG-OS-000163-GPOS-00072","SRG-OS-000126-GPOS-00066","SRG-OS-000279-GPOS-00109"],"gid":"V-230244","rid":"SV-230244r917867_rule","stig_id":"RHEL-08-010200","fix_id":"F-32888r917866_fix","cci":["CCI-001133"],"nist":["SC-10"],"host":null,"container-conditional":null},"code":"control 'SV-230244' do\n  title 'RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.'\n  desc 'Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\n        Terminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\n        RHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.'\n  desc 'check', 'Verify the SSH server automatically terminates a user session after the SSH client has become unresponsive.\n\n        Check that the \"ClientAliveCountMax\" is set to \"1\" by performing the following command:\n\n            $ sudo grep -ir clientalivecountmax /etc/ssh/sshd_config*\n\n            ClientAliveCountMax 1\n\n        If \"ClientAliveCountMax\" do not exist, is not set to a value of \"1\" in \"/etc/ssh/sshd_config\", or is commented out, this is a finding.\n\n        If conflicting results are returned, this is a finding.'\n  desc 'fix', 'Note: This setting must be applied in conjunction with RHEL-08-010201 to function correctly.\n\n        Configure the SSH server to terminate a user session automatically after the SSH client has become unresponsive.\n\n        Modify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n            ClientAliveCountMax 1\n\n        For the changes to take effect, the SSH daemon must be restarted:\n\n            $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-GPOS-00072'\n  tag satisfies: ['SRG-OS-000163-GPOS-00072', 'SRG-OS-000126-GPOS-00066', 'SRG-OS-000279-GPOS-00109']\n  tag gid: 'V-230244'\n  tag rid: 'SV-230244r917867_rule'\n  tag stig_id: 'RHEL-08-010200'\n  tag fix_id: 'F-32888r917866_fix'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n  tag 'host', 'container-conditional'\n\n  only_if('SSH is not installed on the system this requirement is Not Applicable', impact: 0.0) {\n    (service('sshd').enabled? || package('openssh-server').installed?)\n  }\n\n  client_alive_count = input('sshd_client_alive_count_max')\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'skip' do\n      skip 'SSH configuration does not apply inside containers. This control is Not Applicable.'\n    end\n  else\n    describe 'SSH ClientAliveCountMax configuration' do\n      it \"should be set to #{client_alive_count}\" do\n        expect(sshd_config.ClientAliveCountMax).to(cmp(client_alive_count), \"SSH ClientAliveCountMax is commented out or not set to the expected value (#{client_alive_count})\")\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230244.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSH ClientAliveCountMax configuration should be set to 1","run_time":0.002174,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"Object","resource_params":"[]","resource_id":"SSH ClientAliveCountMax configuration"}]},{"id":"SV-230245","title":"The RHEL 8 /var/log/messages file must have mode 0640 or less\npermissive.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify that the \"/var/log/messages\" file has mode \"0640\" or less\npermissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/messages\n\n    640 /var/log/messages\n\n    If a value of \"0640\" or less permissive is not returned, this is a\nfinding."},{"label":"fix","data":"Change the permissions of the file \"/var/log/messages\" to \"0640\" by\nrunning the following command:\n\n    $ sudo chmod 0640 /var/log/messages"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000206-GPOS-00084","gid":"V-230245","rid":"SV-230245r627750_rule","stig_id":"RHEL-08-010210","fix_id":"F-32889r567482_fix","cci":["CCI-001314"],"nist":["SI-11 b"],"host":null,"container":null},"code":"control 'SV-230245' do\n  title 'The RHEL 8 /var/log/messages file must have mode 0640 or less\npermissive.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify that the \"/var/log/messages\" file has mode \"0640\" or less\npermissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/messages\n\n    640 /var/log/messages\n\n    If a value of \"0640\" or less permissive is not returned, this is a\nfinding.'\n  desc 'fix', 'Change the permissions of the file \"/var/log/messages\" to \"0640\" by\nrunning the following command:\n\n    $ sudo chmod 0640 /var/log/messages'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230245'\n  tag rid: 'SV-230245r627750_rule'\n  tag stig_id: 'RHEL-08-010210'\n  tag fix_id: 'F-32889r567482_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe file('/var/log/messages') do\n    it { should_not be_more_permissive_than('0640') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230245.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/messages is expected not to be more permissive than \"0640\"","run_time":0.316252,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"file","resource_params":"[\"/var/log/messages\"]","resource_id":"/var/log/messages"}]},{"id":"SV-230246","title":"The RHEL 8 /var/log/messages file must be owned by root.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify that the /var/log/messages file is owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%U\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding."},{"label":"fix","data":"Change the owner of the file /var/log/messages to root by running the\nfollowing command:\n\n    $ sudo chown root /var/log/messages"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000206-GPOS-00084","gid":"V-230246","rid":"SV-230246r627750_rule","stig_id":"RHEL-08-010220","fix_id":"F-32890r567485_fix","cci":["CCI-001314"],"nist":["SI-11 b"],"host":null,"container":null},"code":"control 'SV-230246' do\n  title 'The RHEL 8 /var/log/messages file must be owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify that the /var/log/messages file is owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%U\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the owner of the file /var/log/messages to root by running the\nfollowing command:\n\n    $ sudo chown root /var/log/messages'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230246'\n  tag rid: 'SV-230246r627750_rule'\n  tag stig_id: 'RHEL-08-010220'\n  tag fix_id: 'F-32890r567485_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe file('/var/log/messages') do\n    it { should be_owned_by 'root' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230246.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/messages is expected to be owned by \"root\"","run_time":0.01233,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"file","resource_params":"[\"/var/log/messages\"]","resource_id":"/var/log/messages"}]},{"id":"SV-230247","title":"The RHEL 8 /var/log/messages file must be group-owned by root.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify the \"/var/log/messages\" file is group-owned by root with the\nfollowing command:\n\n    $ sudo stat -c \"%G\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding."},{"label":"fix","data":"Change the group of the file \"/var/log/messages\" to \"root\" by running\nthe following command:\n\n    $ sudo chgrp root /var/log/messages"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000206-GPOS-00084","gid":"V-230247","rid":"SV-230247r627750_rule","stig_id":"RHEL-08-010230","fix_id":"F-32891r567488_fix","cci":["CCI-001314"],"nist":["SI-11 b"],"host":null,"container":null},"code":"control 'SV-230247' do\n  title 'The RHEL 8 /var/log/messages file must be group-owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the \"/var/log/messages\" file is group-owned by root with the\nfollowing command:\n\n    $ sudo stat -c \"%G\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the group of the file \"/var/log/messages\" to \"root\" by running\nthe following command:\n\n    $ sudo chgrp root /var/log/messages'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230247'\n  tag rid: 'SV-230247r627750_rule'\n  tag stig_id: 'RHEL-08-010230'\n  tag fix_id: 'F-32891r567488_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe file('/var/log/messages') do\n    its('group') { should be_in input('var_log_messages_group') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230247.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/messages group is expected to be in \"root\"","run_time":0.000395,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"file","resource_params":"[\"/var/log/messages\"]","resource_id":"/var/log/messages"}]},{"id":"SV-230248","title":"The RHEL 8 /var/log directory must have mode 0755 or less permissive.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify that the \"/var/log\" directory has a mode of \"0755\" or less with\nthe following command:\n\n    $ sudo stat -c \"%a %n\" /var/log\n\n    755\n\n    If a value of \"0755\" or less permissive is not returned, this is a\nfinding."},{"label":"fix","data":"Change the permissions of the directory \"/var/log\" to \"0755\" by running\nthe following command:\n\n    $ sudo chmod 0755 /var/log"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000206-GPOS-00084","gid":"V-230248","rid":"SV-230248r627750_rule","stig_id":"RHEL-08-010240","fix_id":"F-32892r567491_fix","cci":["CCI-001314"],"nist":["SI-11 b"],"host":null,"container":null},"code":"control 'SV-230248' do\n  title 'The RHEL 8 /var/log directory must have mode 0755 or less permissive.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify that the \"/var/log\" directory has a mode of \"0755\" or less with\nthe following command:\n\n    $ sudo stat -c \"%a %n\" /var/log\n\n    755\n\n    If a value of \"0755\" or less permissive is not returned, this is a\nfinding.'\n  desc 'fix', 'Change the permissions of the directory \"/var/log\" to \"0755\" by running\nthe following command:\n\n    $ sudo chmod 0755 /var/log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230248'\n  tag rid: 'SV-230248r627750_rule'\n  tag stig_id: 'RHEL-08-010240'\n  tag fix_id: 'F-32892r567491_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe directory('/var/log') do\n    it { should_not be_more_permissive_than('0755') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230248.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /var/log is expected not to be more permissive than \"0755\"","run_time":0.226139,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"directory","resource_params":"[\"/var/log\"]","resource_id":"/var/log"}]},{"id":"SV-230249","title":"The RHEL 8 /var/log directory must be owned by root.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify the /var/log directory is owned by root with the following command:\n\n$ sudo stat -c \"%U\" /var/log\n\nroot\n\nIf \"root\" is not returned as a result, this is a finding."},{"label":"fix","data":"Change the owner of the directory /var/log to root by running the following\ncommand:\n\n    $ sudo chown root /var/log"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000206-GPOS-00084","gid":"V-230249","rid":"SV-230249r627750_rule","stig_id":"RHEL-08-010250","fix_id":"F-32893r567494_fix","cci":["CCI-001314"],"nist":["SI-11 b"],"host":null,"container":null},"code":"control 'SV-230249' do\n  title 'The RHEL 8 /var/log directory must be owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the /var/log directory is owned by root with the following command:\n\n$ sudo stat -c \"%U\" /var/log\n\nroot\n\nIf \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the owner of the directory /var/log to root by running the following\ncommand:\n\n    $ sudo chown root /var/log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230249'\n  tag rid: 'SV-230249r627750_rule'\n  tag stig_id: 'RHEL-08-010250'\n  tag fix_id: 'F-32893r567494_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe directory('/var/log') do\n    it { should be_owned_by 'root' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230249.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /var/log is expected to be owned by \"root\"","run_time":0.015979,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"directory","resource_params":"[\"/var/log\"]","resource_id":"/var/log"}]},{"id":"SV-230250","title":"The RHEL 8 /var/log directory must be group-owned by root.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify the \"/var/log\" directory is group-owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%G\" /var/log\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding."},{"label":"fix","data":"Change the group of the directory \"/var/log\" to \"root\" by running the\nfollowing command:\n\n    $ sudo chgrp root /var/log"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000206-GPOS-00084","gid":"V-230250","rid":"SV-230250r627750_rule","stig_id":"RHEL-08-010260","fix_id":"F-32894r567497_fix","cci":["CCI-001314"],"nist":["SI-11 b"],"host":null,"container":null},"code":"control 'SV-230250' do\n  title 'The RHEL 8 /var/log directory must be group-owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the \"/var/log\" directory is group-owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%G\" /var/log\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the group of the directory \"/var/log\" to \"root\" by running the\nfollowing command:\n\n    $ sudo chgrp root /var/log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230250'\n  tag rid: 'SV-230250r627750_rule'\n  tag stig_id: 'RHEL-08-010260'\n  tag fix_id: 'F-32894r567497_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe directory('/var/log') do\n    its('group') { should eq 'root' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230250.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /var/log group is expected to eq \"root\"","run_time":0.000461,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"directory","resource_params":"[\"/var/log\"]","resource_id":"/var/log"}]},{"id":"SV-230251","title":"The RHEL 8 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.","desc":"Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. RHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file. The system will attempt to use the first hash presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest hash available to secure the SSH connection.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. RHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file. The system will attempt to use the first hash presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest hash available to secure the SSH connection."},{"label":"check","data":"Verify the SSH server is configured to use only MACs employing FIPS 140-2-approved algorithms with the following command:\n\n    $ sudo grep -i macs /etc/crypto-policies/back-ends/opensshserver.config\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\nIf the MACs entries in the \"opensshserver.config\" file have any hashes other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding."},{"label":"fix","data":"Configure the RHEL 8 SSH server to use only MACs employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\n    A reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000250-GPOS-00093","satisfies":["SRG-OS-000250-GPOS-00093","SRG-OS-000393-GPOS-00173","SRG-OS-000394-GPOS-00174","SRG-OS-000125-GPOS-00065"],"gid":"V-230251","rid":"SV-230251r917870_rule","stig_id":"RHEL-08-010290","fix_id":"F-32895r917869_fix","cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container-conditional":null},"code":"control 'SV-230251' do\n  title 'The RHEL 8 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.'\n  desc 'Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. RHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file. The system will attempt to use the first hash presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest hash available to secure the SSH connection.'\n  desc 'check', 'Verify the SSH server is configured to use only MACs employing FIPS 140-2-approved algorithms with the following command:\n\n    $ sudo grep -i macs /etc/crypto-policies/back-ends/opensshserver.config\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\nIf the MACs entries in the \"opensshserver.config\" file have any hashes other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding.'\n  desc 'fix', 'Configure the RHEL 8 SSH server to use only MACs employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230251'\n  tag rid: 'SV-230251r917870_rule'\n  tag stig_id: 'RHEL-08-010290'\n  tag fix_id: 'F-32895r917869_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  # Check if SSH is installed within containerized RHEL\n  only_if('SSH is not installed within containerized RHEL. Therefore, this requirement is not applicable.', impact: 0.0) do\n    !(virtualization.system.eql?('docker') && !file('/etc/sysconfig/sshd').exist?)\n  end\n\n  # Define the required algorithms\n  required_algorithms = input('openssh_server_required_algorithms')\n\n  # TODO: make a simple resource for this based off 'login_defs' or 'yum' as a model\n\n  # Parse the configuration file to get the value of \"CRYPTO_POLICY\"\n  crypto_policy = parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config')['CRYPTO_POLICY']\n\n  # Parse the CRYPTO_POLICY string into a hash of configuration options\n  config_options = crypto_policy.scan(/-o(\\w+)=([\\w\\-,@]+)/).to_h\n\n  # Split each configuration option's values into an array\n  config_options.transform_values! { |v| v.split(',') }\n\n  # Define the path to the crypto policy file\n  crypto_policy_file = '/etc/crypto-policies/back-ends/opensshserver.config'\n\n  # Test that the crypto policy file is configured with the required algorithms\n  describe \"The crypto policy file #{crypto_policy_file}\" do\n    it 'is configured with the required algorithms' do\n      expect(crypto_policy).not_to be_nil, \"The crypto policy file #{crypto_policy_file} \\ndoes not contain the required algorithms\\n\\n\\t#{required_algorithms}.\"\n    end\n  end\n\n  # Test that the MACS option in the crypto policy file contains the required algorithms in the correct order\n  describe 'The MACs option in the crypto policy file' do\n    it 'contains the required algorithms in the correct order' do\n      expect(config_options['MACS']).to eq(required_algorithms), \"The MACS option in the crypto policy file does not contain the required algorithms in the *exact order*:\\n\\n\\texpected: #{required_algorithms}\\n\\tgot:#{config_options['MACS']}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230251.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The crypto policy file /etc/crypto-policies/back-ends/opensshserver.config is configured with the required algorithms","run_time":0.000161,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The crypto policy file /etc/crypto-policies/back-ends/opensshserver.config"},{"status":"failed","code_desc":"The MACs option in the crypto policy file contains the required algorithms in the correct order","run_time":0.000169,"start_time":"2024-01-09T19:40:39-05:00","message":"The MACS option in the crypto policy file does not contain the required algorithms in the *exact order*:\n\n\texpected: [\"hmac-sha2-512\", \"hmac-sha2-256\", \"hmac-sha2-512-etm@openssh.com\", \"hmac-sha2-256-etm@openssh.com\"]\n\tgot:","resource_class":"Object","resource_params":"[]","resource_id":"The MACs option in the crypto policy file"}]},{"id":"SV-230252","title":"The RHEL 8 operating system must implement DoD-approved encryption to\nprotect the confidentiality of SSH server connections.","desc":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\n    The system will attempt to use the first hash presented by the client that\nmatches the server list. Listing the values \"strongest to weakest\" is a\nmethod to ensure the use of the strongest hash available to secure the SSH\nconnection.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\n    The system will attempt to use the first hash presented by the client that\nmatches the server list. Listing the values \"strongest to weakest\" is a\nmethod to ensure the use of the strongest hash available to secure the SSH\nconnection."},{"label":"check","data":"Verify the SSH server is configured to use only ciphers employing FIPS 140-2-approved algorithms with the following command:\n\n     $ sudo grep -i ciphers /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com'\n\nIf the cipher entries in the \"opensshserver.config\" file have any ciphers other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding."},{"label":"fix","data":"Configure the RHEL 8 SSH server to use only ciphers employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\n\nA reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000250-GPOS-00093","satisfies":["SRG-OS-000250-GPOS-00093","SRG-OS-000393-GPOS-00173","SRG-OS-000394-GPOS-00174","SRG-OS-000125-GPOS-00065"],"gid":"V-230252","rid":"SV-230252r917873_rule","stig_id":"RHEL-08-010291","fix_id":"F-32896r917872_fix","cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container-conditional":null},"code":"control 'SV-230252' do\n  title 'The RHEL 8 operating system must implement DoD-approved encryption to\nprotect the confidentiality of SSH server connections.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\n    The system will attempt to use the first hash presented by the client that\nmatches the server list. Listing the values \"strongest to weakest\" is a\nmethod to ensure the use of the strongest hash available to secure the SSH\nconnection.'\n  desc 'check', %q(Verify the SSH server is configured to use only ciphers employing FIPS 140-2-approved algorithms with the following command:\n\n     $ sudo grep -i ciphers /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com'\n\nIf the cipher entries in the \"opensshserver.config\" file have any ciphers other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding.)\n  desc 'fix', 'Configure the RHEL 8 SSH server to use only ciphers employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230252'\n  tag rid: 'SV-230252r917873_rule'\n  tag stig_id: 'RHEL-08-010291'\n  tag fix_id: 'F-32896r917872_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable - SSH is not installed within containerized RHEL', impact: 0.0) {\n    !(virtualization.system.eql?('docker') && !file('/etc/sysconfig/sshd').exist?)\n  }\n\n  describe parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config') do\n    its('CRYPTO_POLICY') { should_not be_nil }\n  end\n\n  crypto_policy = parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config')['CRYPTO_POLICY']\n\n  unless crypto_policy.nil?\n    describe parse_config(crypto_policy.gsub(/\\s|'/, \"\\n\")) do\n      its('-oCiphers') { should cmp 'aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230252.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/crypto-policies/back-ends/opensshserver.config CRYPTO_POLICY is expected not to be nil","run_time":0.000178,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/crypto-policies/back-ends/opensshserver.config\"]","resource_id":"/etc/crypto-policies/back-ends/opensshserver.config"},{"status":"failed","code_desc":"Parse Config  -oCiphers is expected to cmp == \"aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\"","run_time":0.000362,"start_time":"2024-01-09T19:40:39-05:00","message":"\nexpected: aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\n     got: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc\n\n(compared using `cmp` matcher)\n","resource_class":"parse_config","resource_params":"[\"\\n-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc\\n-oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512\\n-oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-\\n-oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1\\n-oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\\n-oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\\n-oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa\\n\"]","resource_id":"\n-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc\n-oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512\n-oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-\n-oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1\n-oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\n-oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\n-oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa\n"}]},{"id":"SV-230253","title":"RHEL 8 must ensure the SSH server uses strong entropy.","desc":"The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The SSH implementation in RHEL8 uses the OPENSSL library, which does not\nuse high-entropy sources by default.  By using the SSH_USE_STRONG_RNG\nenvironment variable the OPENSSL random generator is reseeded from /dev/random.\n This setting is not recommended on computers without the hardware random\ngenerator because insufficient entropy causes the connection to be blocked\nuntil enough entropy is available.","descriptions":[{"label":"default","data":"The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The SSH implementation in RHEL8 uses the OPENSSL library, which does not\nuse high-entropy sources by default.  By using the SSH_USE_STRONG_RNG\nenvironment variable the OPENSSL random generator is reseeded from /dev/random.\n This setting is not recommended on computers without the hardware random\ngenerator because insufficient entropy causes the connection to be blocked\nuntil enough entropy is available."},{"label":"check","data":"Verify the operating system SSH server uses strong entropy with the\nfollowing command:\n\n    Note: If the operating system is RHEL versions 8.0 or 8.1, this requirement\nis not applicable.\n\n    $ sudo grep -i ssh_use_strong_rng /etc/sysconfig/sshd\n\n    SSH_USE_STRONG_RNG=32\n\n    If the \"SSH_USE_STRONG_RNG\" line does not equal \"32\", is commented out\nor missing, this is a finding."},{"label":"fix","data":"Configure the operating system SSH server to use strong entropy.\n\nAdd or modify the following line in the \"/etc/sysconfig/sshd\" file.\n\nSSH_USE_STRONG_RNG=32\n\nThe SSH service must be restarted for changes to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230253","rid":"SV-230253r627750_rule","stig_id":"RHEL-08-010292","fix_id":"F-32897r567506_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container-conditional":null},"code":"control 'SV-230253' do\n  title 'RHEL 8 must ensure the SSH server uses strong entropy.'\n  desc 'The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The SSH implementation in RHEL8 uses the OPENSSL library, which does not\nuse high-entropy sources by default.  By using the SSH_USE_STRONG_RNG\nenvironment variable the OPENSSL random generator is reseeded from /dev/random.\n This setting is not recommended on computers without the hardware random\ngenerator because insufficient entropy causes the connection to be blocked\nuntil enough entropy is available.'\n  desc 'check', 'Verify the operating system SSH server uses strong entropy with the\nfollowing command:\n\n    Note: If the operating system is RHEL versions 8.0 or 8.1, this requirement\nis not applicable.\n\n    $ sudo grep -i ssh_use_strong_rng /etc/sysconfig/sshd\n\n    SSH_USE_STRONG_RNG=32\n\n    If the \"SSH_USE_STRONG_RNG\" line does not equal \"32\", is commented out\nor missing, this is a finding.'\n  desc 'fix', 'Configure the operating system SSH server to use strong entropy.\n\nAdd or modify the following line in the \"/etc/sysconfig/sshd\" file.\n\nSSH_USE_STRONG_RNG=32\n\nThe SSH service must be restarted for changes to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230253'\n  tag rid: 'SV-230253r627750_rule'\n  tag stig_id: 'RHEL-08-010292'\n  tag fix_id: 'F-32897r567506_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable - SSH is not installed within containerized RHEL', impact: 0.0) {\n    !(virtualization.system.eql?('docker') && !file('/etc/sysconfig/sshd').exist?)\n  }\n\n  describe parse_config_file('/etc/sysconfig/sshd') do\n    its('SSH_USE_STRONG_RNG') { should cmp 32 }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230253.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/sysconfig/sshd SSH_USE_STRONG_RNG is expected to cmp == 32","run_time":0.000631,"start_time":"2024-01-09T19:40:39-05:00","message":"\nexpected: 32\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"parse_config_file","resource_params":"[\"/etc/sysconfig/sshd\"]","resource_id":"/etc/sysconfig/sshd"}]},{"id":"SV-230254","title":"The RHEL 8 operating system must implement DoD-approved encryption in\nthe OpenSSL package.","desc":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile."},{"label":"check","data":"Verify the OpenSSL library is configured to use only ciphers employing FIPS\n140-2-approved algorithms:\n\n    Verify that system-wide crypto policies are in effect:\n\n    $ sudo grep -i opensslcnf.config /etc/pki/tls/openssl.cnf\n\n    .include /etc/crypto-policies/back-ends/opensslcnf.config\n\n    If the \"opensslcnf.config\" is not defined in the\n\"/etc/pki/tls/openssl.cnf\" file, this is a finding.\n\n    Verify which system-wide crypto policy is in use:\n\n    $ sudo update-crypto-policies --show\n\n    FIPS\n\n    If the system-wide crypto policy is set to anything other than \"FIPS\",\nthis is a finding."},{"label":"fix","data":"Configure the RHEL 8 OpenSSL library to use only ciphers employing FIPS\n140-2-approved algorithms with the following command:\n\n    $ sudo fips-mode-setup --enable\n\n    A reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000250-GPOS-00093","satisfies":["SRG-OS-000250-GPOS-00093","SRG-OS-000393-GPOS-00173","SRG-OS-000394-GPOS-00174","SRG-OS-000125-GPOS-00065"],"gid":"V-230254","rid":"SV-230254r877394_rule","stig_id":"RHEL-08-010293","fix_id":"F-32898r567509_fix","cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container-conditional":null},"code":"control 'SV-230254' do\n  title 'The RHEL 8 operating system must implement DoD-approved encryption in\nthe OpenSSL package.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.'\n  desc 'check', 'Verify the OpenSSL library is configured to use only ciphers employing FIPS\n140-2-approved algorithms:\n\n    Verify that system-wide crypto policies are in effect:\n\n    $ sudo grep -i opensslcnf.config /etc/pki/tls/openssl.cnf\n\n    .include /etc/crypto-policies/back-ends/opensslcnf.config\n\n    If the \"opensslcnf.config\" is not defined in the\n\"/etc/pki/tls/openssl.cnf\" file, this is a finding.\n\n    Verify which system-wide crypto policy is in use:\n\n    $ sudo update-crypto-policies --show\n\n    FIPS\n\n    If the system-wide crypto policy is set to anything other than \"FIPS\",\nthis is a finding.'\n  desc 'fix', 'Configure the RHEL 8 OpenSSL library to use only ciphers employing FIPS\n140-2-approved algorithms with the following command:\n\n    $ sudo fips-mode-setup --enable\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230254'\n  tag rid: 'SV-230254r877394_rule'\n  tag stig_id: 'RHEL-08-010293'\n  tag fix_id: 'F-32898r567509_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  only_if(\"Checking the host's FIPS compliance can't be done within the container and should be reveiwed manually.\") {\n    !(virtualization.system.eql?('docker') && !file('/etc/pki/tls/openssl.cnf').exist?)\n  }\n\n  describe 'A line in the OpenSSL config file' do\n    subject { command('grep -i opensslcnf.config /etc/pki/tls/openssl.cnf').stdout.strip }\n    it { should match(/^\\.include.*opensslcnf.config$/) }\n  end\n\n  describe 'System-wide crypto policy' do\n    subject { command('update-crypto-policies --show').stdout.strip }\n    it { should eq 'FIPS' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230254.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"A line in the OpenSSL config file is expected to match /^\\.include.*opensslcnf.config$/","run_time":0.108262,"start_time":"2024-01-09T19:40:39-05:00","resource_class":"Object","resource_params":"[]","resource_id":"A line in the OpenSSL config file"},{"status":"failed","code_desc":"System-wide crypto policy is expected to eq \"FIPS\"","run_time":0.239907,"start_time":"2024-01-09T19:40:39-05:00","message":"\nexpected: \"FIPS\"\n     got: \"DEFAULT\"\n\n(compared using ==)\n","resource_class":"Object","resource_params":"[]","resource_id":"System-wide crypto policy"}]},{"id":"SV-230255","title":"The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the OpenSSL package.","desc":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile."},{"label":"check","data":"Verify the OpenSSL library is configured to use only DoD-approved TLS encryption:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nMinProtocol = TLSv1.2\n\nIf the \"MinProtocol\" is set to anything older than \"TLSv1.2\", this is a finding.\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\n\nIf the \"TLS.MinProtocol\" is set to anything older than \"TLSv1.2\" or the \"DTLS.MinProtocol\" is set to anything older than DTLSv1.2, this is a finding."},{"label":"fix","data":"Configure the RHEL 8 OpenSSL library to use only DoD-approved TLS encryption by editing the following line in the \"/etc/crypto-policies/back-ends/opensslcnf.config\" file:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\nMinProtocol = TLSv1.2\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\nA reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000250-GPOS-00093","satisfies":["SRG-OS-000250-GPOS-00093","SRG-OS-000393-GPOS-00173","SRG-OS-000394-GPOS-00174","SRG-OS-000125-GPOS-00065"],"gid":"V-230255","rid":"SV-230255r877394_rule","stig_id":"RHEL-08-010294","fix_id":"F-32899r809381_fix","cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container":null},"code":"control 'SV-230255' do\n  title 'The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the OpenSSL package.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.'\n  desc 'check', 'Verify the OpenSSL library is configured to use only DoD-approved TLS encryption:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nMinProtocol = TLSv1.2\n\nIf the \"MinProtocol\" is set to anything older than \"TLSv1.2\", this is a finding.\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\n\nIf the \"TLS.MinProtocol\" is set to anything older than \"TLSv1.2\" or the \"DTLS.MinProtocol\" is set to anything older than DTLSv1.2, this is a finding.'\n  desc 'fix', 'Configure the RHEL 8 OpenSSL library to use only DoD-approved TLS encryption by editing the following line in the \"/etc/crypto-policies/back-ends/opensslcnf.config\" file:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\nMinProtocol = TLSv1.2\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230255'\n  tag rid: 'SV-230255r877394_rule'\n  tag stig_id: 'RHEL-08-010294'\n  tag fix_id: 'F-32899r809381_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container'\n\n  crypto_policies = package('crypto-policies')\n\n  if crypto_policies.version < '20210617-1.gitc776d3e.el8.noarch'\n    describe parse_config_file('/etc/crypto-policies/back-ends/opensslcnf.config') do\n      its('MinProtocol') { should be_in ['TLSv1.2', 'TLSv1.3'] }\n    end\n  else\n    describe parse_config_file('/etc/crypto-policies/back-ends/opensslcnf.config') do\n      its(['TLS.MinProtocol']) { should be_in ['TLSv1.2', 'TLSv1.3'] }\n      its(['DTLS.MinProtocol']) { should be_in ['DTLSv1.2', 'DTLSv1.3'] }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230255.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/crypto-policies/back-ends/opensslcnf.config [\"TLS.MinProtocol\"] is expected to be in \"TLSv1.2\" and \"TLSv1.3\"","run_time":0.000275,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/crypto-policies/back-ends/opensslcnf.config\"]","resource_id":"/etc/crypto-policies/back-ends/opensslcnf.config"},{"status":"passed","code_desc":"Parse Config File /etc/crypto-policies/back-ends/opensslcnf.config [\"DTLS.MinProtocol\"] is expected to be in \"DTLSv1.2\" and \"DTLSv1.3\"","run_time":0.000236,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/crypto-policies/back-ends/opensslcnf.config\"]","resource_id":"/etc/crypto-policies/back-ends/opensslcnf.config"}]},{"id":"SV-230256","title":"The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the GnuTLS package.","desc":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Transport Layer Security (TLS) encryption is a required security setting as\na number of known vulnerabilities have been reported against Secure Sockets\nLayer (SSL) and earlier versions of TLS. Encryption of private information is\nessential to ensuring data confidentiality. If private information is not\nencrypted, it can be intercepted and easily read by an unauthorized party. SQL\nServer must use a minimum of FIPS 140-2-approved TLS version 1.2, and all\nnon-FIPS-approved SSL and TLS versions must be disabled. NIST SP 800-52\nspecifies the preferred configurations for government systems.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    The GnuTLS library offers an API to access secure communications protocols.\n SSLv2 is not available in the GnuTLS library.  The RHEL 8 system-wide crypto\npolicy defines employed algorithms in the\n/etc/crypto-policies/back-ends/gnutls.config file.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Transport Layer Security (TLS) encryption is a required security setting as\na number of known vulnerabilities have been reported against Secure Sockets\nLayer (SSL) and earlier versions of TLS. Encryption of private information is\nessential to ensuring data confidentiality. If private information is not\nencrypted, it can be intercepted and easily read by an unauthorized party. SQL\nServer must use a minimum of FIPS 140-2-approved TLS version 1.2, and all\nnon-FIPS-approved SSL and TLS versions must be disabled. NIST SP 800-52\nspecifies the preferred configurations for government systems.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    The GnuTLS library offers an API to access secure communications protocols.\n SSLv2 is not available in the GnuTLS library.  The RHEL 8 system-wide crypto\npolicy defines employed algorithms in the\n/etc/crypto-policies/back-ends/gnutls.config file."},{"label":"check","data":"Verify the GnuTLS library is configured to only allow DoD-approved SSL/TLS Versions:\n\n$ sudo grep -io +vers.*  /etc/crypto-policies/back-ends/gnutls.config\n\n+VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:+COMP-NULL:%PROFILE_MEDIUM\n\nIf the \"gnutls.config\" does not list \"-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\" to disable unapproved SSL/TLS versions, this is a finding."},{"label":"fix","data":"Configure the RHEL 8 GnuTLS library to use only DoD-approved encryption by\nadding the following line to \"/etc/crypto-policies/back-ends/gnutls.config\":\n\n    +VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\n\n    A reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000250-GPOS-00093","satisfies":["SRG-OS-000250-GPOS-00093","SRG-OS-000423-GPOS-00187"],"gid":"V-230256","rid":"SV-230256r877394_rule","stig_id":"RHEL-08-010295","fix_id":"F-32900r567515_fix","cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container":null},"code":"control 'SV-230256' do\n  title 'The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the GnuTLS package.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Transport Layer Security (TLS) encryption is a required security setting as\na number of known vulnerabilities have been reported against Secure Sockets\nLayer (SSL) and earlier versions of TLS. Encryption of private information is\nessential to ensuring data confidentiality. If private information is not\nencrypted, it can be intercepted and easily read by an unauthorized party. SQL\nServer must use a minimum of FIPS 140-2-approved TLS version 1.2, and all\nnon-FIPS-approved SSL and TLS versions must be disabled. NIST SP 800-52\nspecifies the preferred configurations for government systems.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    The GnuTLS library offers an API to access secure communications protocols.\n SSLv2 is not available in the GnuTLS library.  The RHEL 8 system-wide crypto\npolicy defines employed algorithms in the\n/etc/crypto-policies/back-ends/gnutls.config file.'\n  desc 'check', 'Verify the GnuTLS library is configured to only allow DoD-approved SSL/TLS Versions:\n\n$ sudo grep -io +vers.*  /etc/crypto-policies/back-ends/gnutls.config\n\n+VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:+COMP-NULL:%PROFILE_MEDIUM\n\nIf the \"gnutls.config\" does not list \"-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\" to disable unapproved SSL/TLS versions, this is a finding.'\n  desc 'fix', 'Configure the RHEL 8 GnuTLS library to use only DoD-approved encryption by\nadding the following line to \"/etc/crypto-policies/back-ends/gnutls.config\":\n\n    +VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000423-GPOS-00187']\n  tag gid: 'V-230256'\n  tag rid: 'SV-230256r877394_rule'\n  tag stig_id: 'RHEL-08-010295'\n  tag fix_id: 'F-32900r567515_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container'\n\n  gnutls = file('/etc/crypto-policies/back-ends/gnutls.config').content.strip.split(':')\n  unapproved_versions = input('unapproved_ssl_tls_versions') # \"-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\".split(':')\n  failing_versions = unapproved_versions - gnutls\n\n  describe 'GnuTLS' do\n    it 'should disable unapproved SSL/TLS versions' do\n      expect(failing_versions).to be_empty, \"GnuTLS should not allow:\\n\\t- #{failing_versions.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230256.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"GnuTLS should disable unapproved SSL/TLS versions","run_time":0.013339,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"Object","resource_params":"[]","resource_id":"GnuTLS"}]},{"id":"SV-230257","title":"RHEL 8 system commands must have mode 755 or less permissive.","desc":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."},{"label":"check","data":"Verify the system commands contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -exec ls -l {} \\;\n\nIf any system commands are found to be group-writable or world-writable, this is a finding."},{"label":"fix","data":"Configure the system commands to be protected from unauthorized access.\n\nRun the following command, replacing \"[FILE]\" with any system command with a mode more permissive than \"755\".\n\n$ sudo chmod 755 [FILE]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-230257","rid":"SV-230257r792862_rule","stig_id":"RHEL-08-010300","fix_id":"F-32901r792861_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-230257' do\n  title 'RHEL 8 system commands must have mode 755 or less permissive.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system commands contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -exec ls -l {} \\\\;\n\nIf any system commands are found to be group-writable or world-writable, this is a finding.'\n  desc 'fix', 'Configure the system commands to be protected from unauthorized access.\n\nRun the following command, replacing \"[FILE]\" with any system command with a mode more permissive than \"755\".\n\n$ sudo chmod 755 [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230257'\n  tag rid: 'SV-230257r792862_rule'\n  tag stig_id: 'RHEL-08-010300'\n  tag fix_id: 'F-32901r792861_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_command_dirs').join(' ')} -perm /0022 -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System commands' do\n    it \"should have mode '0755' or less permissive\" do\n      expect(failing_files).to be_empty, \"Files with excessive permissions:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230257.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System commands should have mode '0755' or less permissive","run_time":0.00874,"start_time":"2024-01-09T19:40:40-05:00","message":"Files with excessive permissions:\n\t- /bin/miniterm-3.6.py\n\t- /bin/easy_install-3\n\t- /usr/bin/miniterm-3.6.py\n\t- /usr/bin/easy_install-3","resource_class":"Object","resource_params":"[]","resource_id":"System commands"}]},{"id":"SV-230258","title":"RHEL 8 system commands must be owned by root.","desc":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."},{"label":"check","data":"Verify the system commands contained in the following directories are owned\nby \"root\" with the following command:\n\n    $ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin\n! -user root -exec ls -l {} \\;\n\n    If any system commands are returned, this is a finding."},{"label":"fix","data":"Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not owned by \"root\".\n\n    $ sudo chown root [FILE]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-230258","rid":"SV-230258r627750_rule","stig_id":"RHEL-08-010310","fix_id":"F-32902r567521_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-230258' do\n  title 'RHEL 8 system commands must be owned by root.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system commands contained in the following directories are owned\nby \"root\" with the following command:\n\n    $ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin\n! -user root -exec ls -l {} \\\\;\n\n    If any system commands are returned, this is a finding.'\n  desc 'fix', 'Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not owned by \"root\".\n\n    $ sudo chown root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230258'\n  tag rid: 'SV-230258r627750_rule'\n  tag stig_id: 'RHEL-08-010310'\n  tag fix_id: 'F-32902r567521_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_command_dirs').join(' ')} ! -user root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System commands' do\n    it 'should be owned by root' do\n      expect(failing_files).to be_empty, \"Files not owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230258.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System commands should be owned by root","run_time":0.003811,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"Object","resource_params":"[]","resource_id":"System commands"}]},{"id":"SV-230259","title":"RHEL 8 system commands must be group-owned by root or a system\naccount.","desc":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."},{"label":"check","data":"Verify the system commands contained in the following directories are group-owned by \"root\", or a required system account, with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -exec ls -l {} \\;\n\nIf any system commands are returned and is not group-owned by a required system account, this is a finding."},{"label":"fix","data":"Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not group-owned by \"root\" or a required system account.\n\n    $ sudo chgrp root [FILE]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-230259","rid":"SV-230259r792864_rule","stig_id":"RHEL-08-010320","fix_id":"F-32903r567524_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-230259' do\n  title 'RHEL 8 system commands must be group-owned by root or a system\naccount.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system commands contained in the following directories are group-owned by \"root\", or a required system account, with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -exec ls -l {} \\\\;\n\nIf any system commands are returned and is not group-owned by a required system account, this is a finding.'\n  desc 'fix', 'Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not group-owned by \"root\" or a required system account.\n\n    $ sudo chgrp root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230259'\n  tag rid: 'SV-230259r792864_rule'\n  tag stig_id: 'RHEL-08-010320'\n  tag fix_id: 'F-32903r567524_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_command_dirs').join(' ')} ! -group root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System commands' do\n    it 'should be group-owned by root' do\n      expect(failing_files).to be_empty, \"Files not group-owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230259.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System commands should be group-owned by root","run_time":0.003572,"start_time":"2024-01-09T19:40:40-05:00","message":"Files not group-owned by root:\n\t- /bin/write\n\t- /sbin/postqueue\n\t- /sbin/postdrop\n\t- /usr/bin/write\n\t- /usr/sbin/postqueue\n\t- /usr/sbin/postdrop","resource_class":"Object","resource_params":"[]","resource_id":"System commands"}]},{"id":"SV-230260","title":"RHEL 8 library files must have mode 755 or less permissive.","desc":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."},{"label":"check","data":"Verify the system-wide shared library files contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec ls -l {} \\;\n\nIf any system-wide shared library file is found to be group-writable or world-writable, this is a finding."},{"label":"fix","data":"Configure the library files to be protected from unauthorized access. Run the following command, replacing \"[FILE]\" with any library file with a mode more permissive than 755.\n\n$ sudo chmod 755 [FILE]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-230260","rid":"SV-230260r792867_rule","stig_id":"RHEL-08-010330","fix_id":"F-32904r792866_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-230260' do\n  title 'RHEL 8 library files must have mode 755 or less permissive.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system-wide shared library files contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec ls -l {} \\\\;\n\nIf any system-wide shared library file is found to be group-writable or world-writable, this is a finding.'\n  desc 'fix', 'Configure the library files to be protected from unauthorized access. Run the following command, replacing \"[FILE]\" with any library file with a mode more permissive than 755.\n\n$ sudo chmod 755 [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230260'\n  tag rid: 'SV-230260r792867_rule'\n  tag stig_id: 'RHEL-08-010330'\n  tag fix_id: 'F-32904r792866_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_libraries').join(' ')} -perm /0022 -type f -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System libraries' do\n    it \"should have mode '0755' or less permissive\" do\n      expect(failing_files).to be_empty, \"Files with excessive permissions:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230260.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System libraries should have mode '0755' or less permissive","run_time":0.002791,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"Object","resource_params":"[]","resource_id":"System libraries"}]},{"id":"SV-230261","title":"RHEL 8 library files must be owned by root.","desc":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."},{"label":"check","data":"Verify the system-wide shared library files are owned by \"root\" with the\nfollowing command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -user root -exec ls -l {}\n\\;\n\n    If any system wide shared library file is returned, this is a finding."},{"label":"fix","data":"Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\nowned by \"root\".\n\n    $ sudo chown root [FILE]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-230261","rid":"SV-230261r627750_rule","stig_id":"RHEL-08-010340","fix_id":"F-32905r567530_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-230261' do\n  title 'RHEL 8 library files must be owned by root.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system-wide shared library files are owned by \"root\" with the\nfollowing command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -user root -exec ls -l {}\n\\\\;\n\n    If any system wide shared library file is returned, this is a finding.'\n  desc 'fix', 'Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\nowned by \"root\".\n\n    $ sudo chown root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230261'\n  tag rid: 'SV-230261r627750_rule'\n  tag stig_id: 'RHEL-08-010340'\n  tag fix_id: 'F-32905r567530_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_libraries').join(' ')} ! -user root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System libraries' do\n    it 'should be owned by root' do\n      expect(failing_files).to be_empty, \"Files not owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230261.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System libraries should be owned by root","run_time":0.002932,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"Object","resource_params":"[]","resource_id":"System libraries"}]},{"id":"SV-230262","title":"RHEL 8 library files must be group-owned by root or a system account.","desc":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."},{"label":"check","data":"Verify the system-wide shared library files are group-owned by \"root\"\nwith the following command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -group root -exec ls -l {}\n\\;\n\n    If any system wide shared library file is returned and is not group-owned\nby a required system account, this is a finding."},{"label":"fix","data":"Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\ngroup-owned by \"root\".\n\n    $ sudo chgrp root [FILE]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-230262","rid":"SV-230262r627750_rule","stig_id":"RHEL-08-010350","fix_id":"F-32906r567533_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-230262' do\n  title 'RHEL 8 library files must be group-owned by root or a system account.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system-wide shared library files are group-owned by \"root\"\nwith the following command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -group root -exec ls -l {}\n\\\\;\n\n    If any system wide shared library file is returned and is not group-owned\nby a required system account, this is a finding.'\n  desc 'fix', 'Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\ngroup-owned by \"root\".\n\n    $ sudo chgrp root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230262'\n  tag rid: 'SV-230262r627750_rule'\n  tag stig_id: 'RHEL-08-010350'\n  tag fix_id: 'F-32906r567533_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_libraries').join(' ')} ! -group root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System libraries' do\n    it 'should be group-owned by root' do\n      expect(failing_files).to be_empty, \"Files not group-owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230262.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System libraries should be group-owned by root","run_time":0.002898,"start_time":"2024-01-09T19:40:40-05:00","message":"Files not group-owned by root:\n\t- /lib/.build-id/d9/244f8e130254fbcf33792728fc3ad35401f338\n\t- /lib/.build-id/eb/c1b3659ff640f84f3db168e72867ca6871c718\n\t- /lib/.build-id/91/24b78265f3d396f1a919676ff64958d07d9d95\n\t- /lib/.build-id/e4/f3a1395752122633cfc6c760e84d1d28056884\n\t- /lib/.build-id/93/ee3aada1c5729008aa17ada443ea7bf50a0a04\n\t- /lib/.build-id/17/d904ce8506673ae7259126bd92fe0b90b6bdd5\n\t- /usr/lib/.build-id/d9/244f8e130254fbcf33792728fc3ad35401f338\n\t- /usr/lib/.build-id/eb/c1b3659ff640f84f3db168e72867ca6871c718\n\t- /usr/lib/.build-id/91/24b78265f3d396f1a919676ff64958d07d9d95\n\t- /usr/lib/.build-id/e4/f3a1395752122633cfc6c760e84d1d28056884\n\t- /usr/lib/.build-id/93/ee3aada1c5729008aa17ada443ea7bf50a0a04\n\t- /usr/lib/.build-id/17/d904ce8506673ae7259126bd92fe0b90b6bdd5","resource_class":"Object","resource_params":"[]","resource_id":"System libraries"}]},{"id":"SV-230263","title":"The RHEL 8 file integrity tool must notify the system administrator\nwhen changes to the baseline configuration or anomalies in the operation of any\nsecurity functions are discovered within an organizationally defined frequency.","desc":"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information System Security Manager (ISSM)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\n\nNotifications provided by information systems include messages to local computer consoles, and/or hardware indications, such as lights.\n\nThis capability must take into account operational requirements for availability for selecting an appropriate response. The organization may choose to shut down or restart the information system upon security function anomaly detection.\n\nRHEL 8 comes with many optional software packages. A file integrity tool called Advanced Intrusion Detection Environment (AIDE) is one of those optional packages. This requirement assumes the use of AIDE; however, a different tool may be used if the requirements are met. Note that AIDE does not have a configuration that will send a notification, so a cron job is recommended that uses the mail application on the system to email the results of the file integrity check.","descriptions":[{"label":"default","data":"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information System Security Manager (ISSM)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\n\nNotifications provided by information systems include messages to local computer consoles, and/or hardware indications, such as lights.\n\nThis capability must take into account operational requirements for availability for selecting an appropriate response. The organization may choose to shut down or restart the information system upon security function anomaly detection.\n\nRHEL 8 comes with many optional software packages. A file integrity tool called Advanced Intrusion Detection Environment (AIDE) is one of those optional packages. This requirement assumes the use of AIDE; however, a different tool may be used if the requirements are met. Note that AIDE does not have a configuration that will send a notification, so a cron job is recommended that uses the mail application on the system to email the results of the file integrity check."},{"label":"check","data":"Verify the operating system routinely checks the baseline configuration for unauthorized changes and notifies the system administrator when anomalies in the operation of any security functions are discovered.\n\nCheck that RHEL 8 routinely executes a file integrity scan for changes to the system baseline. The command used in the example will use a daily occurrence.\n\nCheck the cron directories for scripts controlling the execution and notification of results of the file integrity application. For example, if AIDE is installed on the system, use the following commands:\n\n     $ sudo ls -al /etc/cron.* | grep aide\n\n     -rwxr-xr-x 1 root root 29 Nov 22 2015 aide\n\n     $ sudo grep aide /etc/crontab /var/spool/cron/root\n\n     /etc/crontab: 30 04 * * * root /usr/sbin/aide\n     /var/spool/cron/root: 30 04 * * * root /usr/sbin/aide\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nIf the file integrity application does not exist, or a script file controlling the execution of the file integrity application does not exist, or the file integrity application does not notify designated personnel of changes, this is a finding."},{"label":"fix","data":"Configure the file integrity tool to run automatically on the system at least weekly and to notify designated personnel if baseline configurations are changed in an unauthorized manner. The AIDE tool can be configured to email designated personnel with the use of the cron system.\n\nThe following example output is generic. It will set cron to run AIDE daily and to send email at the completion of the analysis.\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nNote: Per requirement RHEL-08-010358, the \"mailx\" package must be installed on the system to enable email functionality."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000363-GPOS-00150","satisfies":["SRG-OS-000363-GPOS-00150","SRG-OS-000446-GPOS-00200","SRG-OS-000447-GPOS-00201"],"gid":"V-230263","rid":"SV-230263r902716_rule","stig_id":"RHEL-08-010360","fix_id":"F-32907r902715_fix","cci":["CCI-001744"],"nist":["CM-3 (5)"]},"code":"control 'SV-230263' do\n  title 'The RHEL 8 file integrity tool must notify the system administrator\nwhen changes to the baseline configuration or anomalies in the operation of any\nsecurity functions are discovered within an organizationally defined frequency.'\n  desc \"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information System Security Manager (ISSM)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\n\nNotifications provided by information systems include messages to local computer consoles, and/or hardware indications, such as lights.\n\nThis capability must take into account operational requirements for availability for selecting an appropriate response. The organization may choose to shut down or restart the information system upon security function anomaly detection.\n\nRHEL 8 comes with many optional software packages. A file integrity tool called Advanced Intrusion Detection Environment (AIDE) is one of those optional packages. This requirement assumes the use of AIDE; however, a different tool may be used if the requirements are met. Note that AIDE does not have a configuration that will send a notification, so a cron job is recommended that uses the mail application on the system to email the results of the file integrity check.\"\n  desc 'check', 'Verify the operating system routinely checks the baseline configuration for unauthorized changes and notifies the system administrator when anomalies in the operation of any security functions are discovered.\n\nCheck that RHEL 8 routinely executes a file integrity scan for changes to the system baseline. The command used in the example will use a daily occurrence.\n\nCheck the cron directories for scripts controlling the execution and notification of results of the file integrity application. For example, if AIDE is installed on the system, use the following commands:\n\n     $ sudo ls -al /etc/cron.* | grep aide\n\n     -rwxr-xr-x 1 root root 29 Nov 22 2015 aide\n\n     $ sudo grep aide /etc/crontab /var/spool/cron/root\n\n     /etc/crontab: 30 04 * * * root /usr/sbin/aide\n     /var/spool/cron/root: 30 04 * * * root /usr/sbin/aide\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nIf the file integrity application does not exist, or a script file controlling the execution of the file integrity application does not exist, or the file integrity application does not notify designated personnel of changes, this is a finding.'\n  desc 'fix', 'Configure the file integrity tool to run automatically on the system at least weekly and to notify designated personnel if baseline configurations are changed in an unauthorized manner. The AIDE tool can be configured to email designated personnel with the use of the cron system.\n\nThe following example output is generic. It will set cron to run AIDE daily and to send email at the completion of the analysis.\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nNote: Per requirement RHEL-08-010358, the \"mailx\" package must be installed on the system to enable email functionality.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000363-GPOS-00150'\n  tag satisfies: ['SRG-OS-000363-GPOS-00150', 'SRG-OS-000446-GPOS-00200', 'SRG-OS-000447-GPOS-00201']\n  tag gid: 'V-230263'\n  tag rid: 'SV-230263r902716_rule'\n  tag stig_id: 'RHEL-08-010360'\n  tag fix_id: 'F-32907r902715_fix'\n  tag cci: ['CCI-001744']\n  tag nist: ['CM-3 (5)']\n\n  file_integrity_tool = input('file_integrity_tool')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package(file_integrity_tool) do\n      it { should be_installed }\n    end\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        its('content') { should match %r{/bin/mail} }\n      end\n      describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n        its('content') { should match %r{/bin/mail} }\n      end\n      describe crontab('root').where { command =~ /#{file_integrity_tool}/ } do\n        its('commands.flatten') { should include(match %r{/bin/mail}) }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('commands') { should include(match %r{/bin/mail}) }\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230263.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System Package aide is expected to be installed","run_time":0.000168,"start_time":"2024-01-09T19:40:40-05:00","message":"expected that `System Package aide` is installed","resource_class":"package","resource_params":"[\"aide\"]","resource_id":"aide"},{"status":"failed","code_desc":"File /etc/cron.daily/aide content is expected to match /\\/bin\\/mail/","run_time":0.000121,"start_time":"2024-01-09T19:40:40-05:00","message":"expected nil to match /\\/bin\\/mail/","exception":"RSpec::Core::MultipleExceptionError","resource_class":"file","resource_params":"[\"/etc/cron.daily/aide\"]","resource_id":"/etc/cron.daily/aide"},{"status":"failed","code_desc":"File /etc/cron.weekly/aide content is expected to match /\\/bin\\/mail/","run_time":6.7e-05,"start_time":"2024-01-09T19:40:40-05:00","message":"expected nil to match /\\/bin\\/mail/","exception":"RSpec::Core::MultipleExceptionError","resource_class":"file","resource_params":"[\"/etc/cron.weekly/aide\"]","resource_id":"/etc/cron.weekly/aide"},{"status":"failed","code_desc":"crontab for user root with command =~ /aide/ commands.flatten is expected to include (match /\\/bin\\/mail/)","run_time":0.001665,"start_time":"2024-01-09T19:40:40-05:00","message":"expected [] to include (match /\\/bin\\/mail/)","exception":"RSpec::Core::MultipleExceptionError","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230264","title":"RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components from a repository without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.","desc":"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.","descriptions":[{"label":"default","data":"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA."},{"label":"check","data":"Verify the operating system prevents the installation of patches, service packs, device drivers, or operating system components from a repository without verification that they have been digitally signed using a certificate that is recognized and approved by the organization.\n\nCheck that YUM verifies the signature of packages from a repository prior to install with the following command:\n\n     $ sudo grep -E '^\\[.*\\]|gpgcheck' /etc/yum.repos.d/*.repo\n\n     /etc/yum.repos.d/appstream.repo:[appstream]\n     /etc/yum.repos.d/appstream.repo:gpgcheck=1\n     /etc/yum.repos.d/baseos.repo:[baseos]\n     /etc/yum.repos.d/baseos.repo:gpgcheck=1\n\nIf \"gpgcheck\" is not set to \"1\", or if options are missing or commented out, ask the System Administrator how the certificates for patches and other operating system components are verified.\n\nIf there is no process to validate certificates that is approved by the organization, this is a finding."},{"label":"fix","data":"Configure the operating system to verify the signature of packages from a\nrepository prior to install by setting the following option in the\n\"/etc/yum.repos.d/[your_repo_name].repo\" file:\n\n    gpgcheck=1"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000366-GPOS-00153","gid":"V-230264","rid":"SV-230264r880711_rule","stig_id":"RHEL-08-010370","fix_id":"F-32908r880710_fix","cci":["CCI-001749"],"nist":["CM-5 (3)"]},"code":"control 'SV-230264' do\n  title 'RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components from a repository without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.'\n  desc 'Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.'\n  desc 'check', %q(Verify the operating system prevents the installation of patches, service packs, device drivers, or operating system components from a repository without verification that they have been digitally signed using a certificate that is recognized and approved by the organization.\n\nCheck that YUM verifies the signature of packages from a repository prior to install with the following command:\n\n     $ sudo grep -E '^\\[.*\\]|gpgcheck' /etc/yum.repos.d/*.repo\n\n     /etc/yum.repos.d/appstream.repo:[appstream]\n     /etc/yum.repos.d/appstream.repo:gpgcheck=1\n     /etc/yum.repos.d/baseos.repo:[baseos]\n     /etc/yum.repos.d/baseos.repo:gpgcheck=1\n\nIf \"gpgcheck\" is not set to \"1\", or if options are missing or commented out, ask the System Administrator how the certificates for patches and other operating system components are verified.\n\nIf there is no process to validate certificates that is approved by the organization, this is a finding.)\n  desc 'fix', 'Configure the operating system to verify the signature of packages from a\nrepository prior to install by setting the following option in the\n\"/etc/yum.repos.d/[your_repo_name].repo\" file:\n\n    gpgcheck=1'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag gid: 'V-230264'\n  tag rid: 'SV-230264r880711_rule'\n  tag stig_id: 'RHEL-08-010370'\n  tag fix_id: 'F-32908r880710_fix'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n\n  gpgcheck_entry_list = command('ls /etc/yum.repos.d/*.repo').stdout.split(\"\\n\")\n\n  gpgcheck_entry_list.each do |gpgcheck_entry|\n    describe \"Repo file #{gpgcheck_entry}\" do\n      subject { file(gpgcheck_entry) }\n      its('content') { should match(/gpgcheck\\s*=\\s*1/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230264.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Repo file /etc/yum.repos.d/redhat-rhui-client-config.repo content is expected to match /gpgcheck\\s*=\\s*1/","run_time":0.090087,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"Object","resource_params":"[]","resource_id":"content"},{"status":"passed","code_desc":"Repo file /etc/yum.repos.d/redhat-rhui.repo content is expected to match /gpgcheck\\s*=\\s*1/","run_time":0.13123,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"Object","resource_params":"[]","resource_id":"content"}]},{"id":"SV-230265","title":"RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components of local packages without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.","desc":"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.","descriptions":[{"label":"default","data":"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA."},{"label":"check","data":"Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components from a repository without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check if YUM is configured to perform a signature check on local packages\nwith the following command:\n\n    $ sudo grep -i localpkg_gpgcheck /etc/dnf/dnf.conf\n\n    localpkg_gpgcheck =True\n\n    If \"localpkg_gpgcheck\" is not set to either \"1\", \"True\", or \"yes\",\ncommented out, or is missing from \"/etc/dnf/dnf.conf\", this is a finding."},{"label":"fix","data":"Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"localpkg_gpgcheck\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    localpkg_gpgcheck=True"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000366-GPOS-00153","gid":"V-230265","rid":"SV-230265r877463_rule","stig_id":"RHEL-08-010371","fix_id":"F-32909r567542_fix","cci":["CCI-001749"],"nist":["CM-5 (3)"]},"code":"control 'SV-230265' do\n  title 'RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components of local packages without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.'\n  desc 'Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.'\n  desc 'check', 'Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components from a repository without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check if YUM is configured to perform a signature check on local packages\nwith the following command:\n\n    $ sudo grep -i localpkg_gpgcheck /etc/dnf/dnf.conf\n\n    localpkg_gpgcheck =True\n\n    If \"localpkg_gpgcheck\" is not set to either \"1\", \"True\", or \"yes\",\ncommented out, or is missing from \"/etc/dnf/dnf.conf\", this is a finding.'\n  desc 'fix', 'Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"localpkg_gpgcheck\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    localpkg_gpgcheck=True'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag gid: 'V-230265'\n  tag rid: 'SV-230265r877463_rule'\n  tag stig_id: 'RHEL-08-010371'\n  tag fix_id: 'F-32909r567542_fix'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n\n  describe.one do\n    describe parse_config_file('/etc/dnf/dnf.conf') do\n      its('main.localpkg_gpgcheck') { should cmp 'True' }\n    end\n    describe parse_config_file('/etc/dnf/dnf.conf') do\n      its('main.localpkg_gpgcheck') { should cmp 1 }\n    end\n    describe parse_config_file('/etc/dnf/dnf.conf') do\n      its('main.localpkg_gpgcheck') { should cmp 'yes' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230265.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/dnf/dnf.conf main.localpkg_gpgcheck is expected to cmp == 1","run_time":0.000474,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/dnf/dnf.conf\"]","resource_id":"/etc/dnf/dnf.conf"}]},{"id":"SV-230266","title":"RHEL 8 must prevent the loading of a new kernel for later execution.","desc":"Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.\n\nDisabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.\n\nDisabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify the operating system is configured to disable kernel image loading with the following commands:\n\nCheck the status of the kernel.kexec_load_disabled kernel parameter.\n\n$ sudo sysctl kernel.kexec_load_disabled\n\nkernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.kexec_load_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to disable kernel image loading.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.kexec_load_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000366-GPOS-00153","gid":"V-230266","rid":"SV-230266r877463_rule","stig_id":"RHEL-08-010372","fix_id":"F-32910r858747_fix","cci":["CCI-001749"],"nist":["CM-5 (3)"]},"code":"control 'SV-230266' do\n  title 'RHEL 8 must prevent the loading of a new kernel for later execution.'\n  desc 'Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.\n\nDisabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to disable kernel image loading with the following commands:\n\nCheck the status of the kernel.kexec_load_disabled kernel parameter.\n\n$ sudo sysctl kernel.kexec_load_disabled\n\nkernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.kexec_load_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable kernel image loading.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.kexec_load_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag gid: 'V-230266'\n  tag rid: 'SV-230266r877463_rule'\n  tag stig_id: 'RHEL-08-010372'\n  tag fix_id: 'F-32910r858747_fix'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.kexec_load_disabled') do\n      its('value') { should eq 1 }\n    end\n\n    describe command('grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf') do\n      its('stdout') { should match(/kernel.kexec_load_disabled(\\s+)?=(\\s+)?1$/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230266.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.kexec_load_disabled value is expected to eq 1","run_time":0.191072,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.kexec_load_disabled\"]","resource_id":"kernel.kexec_load_disabled"},{"status":"passed","code_desc":"Command: `grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf` stdout is expected to match /kernel.kexec_load_disabled(\\s+)?=(\\s+)?1$/","run_time":0.140818,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"command","resource_params":"[\"grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf\"]","resource_id":"Command: `grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf`"}]},{"id":"SV-230267","title":"RHEL 8 must enable kernel parameters to enforce discretionary access\ncontrol on symlinks.","desc":"Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\nWhen discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\nBy enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the UID of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\nWhen discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\nBy enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the UID of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify the operating system is configured to enable DAC on symlinks with the following commands:\n\nCheck the status of the fs.protected_symlinks kernel parameter.\n\n$ sudo sysctl fs.protected_symlinks\n\nfs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r fs.protected_symlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:fs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to enable DAC on symlinks.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nfs.protected_symlinks = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000312-GPOS-00122","satisfies":["SRG-OS-000312-GPOS-00122","SRG-OS-000312-GPOS-00123","SRG-OS-000312-GPOS-00124","SRG-OS-000324-GPOS-00125"],"gid":"V-230267","rid":"SV-230267r858751_rule","stig_id":"RHEL-08-010373","fix_id":"F-32911r858750_fix","cci":["CCI-002165"],"nist":["AC-3 (4)"]},"code":"control 'SV-230267' do\n  title 'RHEL 8 must enable kernel parameters to enforce discretionary access\ncontrol on symlinks.'\n  desc %q(Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\nWhen discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\nBy enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the UID of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf)\n  desc 'check', 'Verify the operating system is configured to enable DAC on symlinks with the following commands:\n\nCheck the status of the fs.protected_symlinks kernel parameter.\n\n$ sudo sysctl fs.protected_symlinks\n\nfs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r fs.protected_symlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:fs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable DAC on symlinks.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nfs.protected_symlinks = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000312-GPOS-00122'\n  tag satisfies: ['SRG-OS-000312-GPOS-00122', 'SRG-OS-000312-GPOS-00123', 'SRG-OS-000312-GPOS-00124', 'SRG-OS-000324-GPOS-00125']\n  tag gid: 'V-230267'\n  tag rid: 'SV-230267r858751_rule'\n  tag stig_id: 'RHEL-08-010373'\n  tag fix_id: 'F-32911r858750_fix'\n  tag cci: ['CCI-002165']\n  tag nist: ['AC-3 (4)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('fs.protected_symlinks') do\n      its('value') { should cmp 1 }\n    end\n\n    describe command('grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf') do\n      its('stdout') { should match(/fs.protected_symlinks(\\s+)=(\\s+)1$/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230267.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter fs.protected_symlinks value is expected to cmp == 1","run_time":0.12895,"start_time":"2024-01-09T19:40:40-05:00","resource_class":"kernel_parameter","resource_params":"[\"fs.protected_symlinks\"]","resource_id":"fs.protected_symlinks"},{"status":"failed","code_desc":"Command: `grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf` stdout is expected to match /fs.protected_symlinks(\\s+)=(\\s+)1$/","run_time":0.171813,"start_time":"2024-01-09T19:40:40-05:00","message":"expected \"/etc/sysctl.conf:fs.protected_symlinks=1\\n/etc/sysctl.d/99-sysctl.conf:fs.protected_symlinks=1\\n\" to match /fs.protected_symlinks(\\s+)=(\\s+)1$/","resource_class":"command","resource_params":"[\"grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf\"]","resource_id":"Command: `grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf`"}]},{"id":"SV-230268","title":"RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.","desc":"Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\n    When discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\n    By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\n    The sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf","descriptions":[{"label":"default","data":"Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\n    When discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\n    By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\n    The sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf"},{"label":"check","data":"Verify the operating system is configured to enable DAC on hardlinks with the following commands:\n\n  Check the status of the fs.protected_hardlinks kernel parameter.\n\n  $ sudo sysctl fs.protected_hardlinks\n\n  fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\" or is missing, this is a finding.\n\n  Check that the configuration files are present to enable this kernel parameter.\n\n  $ sudo grep -r fs.protected_hardlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n  /etc/sysctl.d/99-sysctl.conf:fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\n  If conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to enable DAC on hardlinks.\n\n  Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n  fs.protected_hardlinks = 1\n\n  Remove any configurations that conflict with the above from the following locations:\n  /run/sysctl.d/*.conf\n  /usr/local/lib/sysctl.d/*.conf\n  /usr/lib/sysctl.d/*.conf\n  /lib/sysctl.d/*.conf\n  /etc/sysctl.conf\n  /etc/sysctl.d/*.conf\n\n  Load settings from all system configuration files with the following command:\n\n  $ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000312-GPOS-00122","satisfies":["SRG-OS-000312-GPOS-00122","SRG-OS-000312-GPOS-00123","SRG-OS-000312-GPOS-00124","SRG-OS-000324-GPOS-00125"],"gid":"V-230268","rid":"SV-230268r858754_rule","stig_id":"RHEL-08-010374","fix_id":"F-32912r858753_fix","cci":["CCI-002165"],"nist":["AC-3 (4)"]},"code":"control 'SV-230268' do\n  title 'RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.'\n  desc 'Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\n    When discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\n    By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\n    The sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to enable DAC on hardlinks with the following commands:\n\n  Check the status of the fs.protected_hardlinks kernel parameter.\n\n  $ sudo sysctl fs.protected_hardlinks\n\n  fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\" or is missing, this is a finding.\n\n  Check that the configuration files are present to enable this kernel parameter.\n\n  $ sudo grep -r fs.protected_hardlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n  /etc/sysctl.d/99-sysctl.conf:fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\n  If conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable DAC on hardlinks.\n\n  Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n  fs.protected_hardlinks = 1\n\n  Remove any configurations that conflict with the above from the following locations:\n  /run/sysctl.d/*.conf\n  /usr/local/lib/sysctl.d/*.conf\n  /usr/lib/sysctl.d/*.conf\n  /lib/sysctl.d/*.conf\n  /etc/sysctl.conf\n  /etc/sysctl.d/*.conf\n\n  Load settings from all system configuration files with the following command:\n\n  $ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000312-GPOS-00122'\n  tag satisfies: ['SRG-OS-000312-GPOS-00122', 'SRG-OS-000312-GPOS-00123', 'SRG-OS-000312-GPOS-00124', 'SRG-OS-000324-GPOS-00125']\n  tag gid: 'V-230268'\n  tag rid: 'SV-230268r858754_rule'\n  tag stig_id: 'RHEL-08-010374'\n  tag fix_id: 'F-32912r858753_fix'\n  tag cci: ['CCI-002165']\n  tag nist: ['AC-3 (4)']\n\n  # Define the kernel parameter to be checked\n  parameter = 'fs.protected_hardlinks'\n  action = 'enforce discretionary access control on hardlinks'\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe action.to_s do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp 0\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=0` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'have a single unique entry' do\n            expect(config_values.values.flatten.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it \"do not have more then one #{action} value\" do\n            expect(config_values.values.flatten.all? { |v| v == '0' }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230268.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"enforce discretionary access control on hardlinks is disabled in sysctl -a","run_time":0.138785,"start_time":"2024-01-09T19:40:41-05:00","message":"\nexpected: 0\n     got: 1\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"enforce discretionary access control on hardlinks"},{"status":"failed","code_desc":"Configuration files for enforce discretionary access control on hardlinks have a single unique entry","run_time":0.000179,"start_time":"2024-01-09T19:40:41-05:00","message":"Expected one unique configuration, but got {\"/etc/sysctl.d/99-sysctl.conf\"=>[\"1\"], \"/usr/lib/sysctl.d/50-default.conf\"=>[\" 1\"], \"/lib/sysctl.d/50-default.conf\"=>[\" 1\"], \"/etc/sysctl.conf\"=>[\"1\"]}","resource_class":"Object","resource_params":"[]","resource_id":"for enforce discretionary access control on hardlinks"},{"status":"failed","code_desc":"Configuration files for enforce discretionary access control on hardlinks do not have more then one enforce discretionary access control on hardlinks value","run_time":0.002782,"start_time":"2024-01-09T19:40:41-05:00","message":"\nexpected true\n     got false\n","resource_class":"Object","resource_params":"[]","resource_id":"for enforce discretionary access control on hardlinks"}]},{"id":"SV-230269","title":"RHEL 8 must restrict access to the kernel message buffer.","desc":"Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nRestricting access to the kernel message buffer limits access to only root. This prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nRestricting access to the kernel message buffer limits access to only root. This prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:\n\nCheck the status of the kernel.dmesg_restrict kernel parameter.\n\n$ sudo sysctl kernel.dmesg_restrict\n\nkernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.dmesg_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to restrict access to the kernel message buffer.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.dmesg_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000138-GPOS-00069","gid":"V-230269","rid":"SV-230269r858756_rule","stig_id":"RHEL-08-010375","fix_id":"F-32913r858755_fix","cci":["CCI-001090"],"nist":["SC-4"]},"code":"control 'SV-230269' do\n  title 'RHEL 8 must restrict access to the kernel message buffer.'\n  desc 'Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nRestricting access to the kernel message buffer limits access to only root. This prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:\n\nCheck the status of the kernel.dmesg_restrict kernel parameter.\n\n$ sudo sysctl kernel.dmesg_restrict\n\nkernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.dmesg_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to restrict access to the kernel message buffer.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.dmesg_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000138-GPOS-00069'\n  tag gid: 'V-230269'\n  tag rid: 'SV-230269r858756_rule'\n  tag stig_id: 'RHEL-08-010375'\n  tag fix_id: 'F-32913r858755_fix'\n  tag cci: ['CCI-001090']\n  tag nist: ['SC-4']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.dmesg_restrict') do\n      its('value') { should eq 1 }\n    end\n\n    describe parse_config(command('grep -rh ^kernel.dmesg_restrict /etc/sysctl.conf /etc/sysctl.d/*.conf').stdout.strip) do\n      its(['kernel.dmesg_restrict']) { should cmp 1 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230269.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.dmesg_restrict value is expected to eq 1","run_time":0.129519,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.dmesg_restrict\"]","resource_id":"kernel.dmesg_restrict"},{"status":"passed","code_desc":"Parse Config  [\"kernel.dmesg_restrict\"] is expected to cmp == 1","run_time":0.000371,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"parse_config","resource_params":"[\"kernel.dmesg_restrict=1\\nkernel.dmesg_restrict=1\"]","resource_id":"kernel.dmesg_restrict=1\nkernel.dmesg_restrict=1"}]},{"id":"SV-230270","title":"RHEL 8 must prevent kernel profiling by unprivileged users.","desc":"Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nSetting the kernel.perf_event_paranoid kernel parameter to \"2\" prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nSetting the kernel.perf_event_paranoid kernel parameter to \"2\" prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify the operating system is configured to prevent kernel profiling by unprivileged users with the following commands:\n\nCheck the status of the kernel.perf_event_paranoid kernel parameter.\n\n$ sudo sysctl kernel.perf_event_paranoid\n\nkernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.perf_event_paranoid /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to prevent kernel profiling by unprivileged users.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.perf_event_paranoid = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000138-GPOS-00069","gid":"V-230270","rid":"SV-230270r858758_rule","stig_id":"RHEL-08-010376","fix_id":"F-32914r858757_fix","cci":["CCI-001090"],"nist":["SC-4"]},"code":"control 'SV-230270' do\n  title 'RHEL 8 must prevent kernel profiling by unprivileged users.'\n  desc 'Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nSetting the kernel.perf_event_paranoid kernel parameter to \"2\" prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to prevent kernel profiling by unprivileged users with the following commands:\n\nCheck the status of the kernel.perf_event_paranoid kernel parameter.\n\n$ sudo sysctl kernel.perf_event_paranoid\n\nkernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.perf_event_paranoid /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to prevent kernel profiling by unprivileged users.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.perf_event_paranoid = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000138-GPOS-00069'\n  tag gid: 'V-230270'\n  tag rid: 'SV-230270r858758_rule'\n  tag stig_id: 'RHEL-08-010376'\n  tag fix_id: 'F-32914r858757_fix'\n  tag cci: ['CCI-001090']\n  tag nist: ['SC-4']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.perf_event_paranoid') do\n      its('value') { should eq 2 }\n    end\n\n    describe parse_config(command('grep -rh ^kernel.perf_event_paranoid /etc/sysctl.conf /etc/sysctl.d/*.conf').stdout.strip) do\n      its(['kernel.perf_event_paranoid']) { should cmp 2 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230270.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.perf_event_paranoid value is expected to eq 2","run_time":0.138308,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.perf_event_paranoid\"]","resource_id":"kernel.perf_event_paranoid"},{"status":"passed","code_desc":"Parse Config  [\"kernel.perf_event_paranoid\"] is expected to cmp == 2","run_time":0.000312,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"parse_config","resource_params":"[\"kernel.perf_event_paranoid=2\\nkernel.perf_event_paranoid=2\"]","resource_id":"kernel.perf_event_paranoid=2\nkernel.perf_event_paranoid=2"}]},{"id":"SV-230271","title":"RHEL 8 must require users to provide a password for privilege\nescalation.","desc":"Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.","descriptions":[{"label":"default","data":"Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate."},{"label":"check","data":"Verify that \"/etc/sudoers\" has no occurrences of \"NOPASSWD\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of \"NOPASSWD\" by\nrunning the following command:\n\n    $ sudo grep -i nopasswd /etc/sudoers /etc/sudoers.d/*\n\n    %admin ALL=(ALL) NOPASSWD: ALL\n\n    If any occurrences of \"NOPASSWD\" are returned from the command and have\nnot been documented with the ISSO as an organizationally defined administrative\ngroup utilizing MFA, this is a finding."},{"label":"fix","data":"Remove any occurrence of \"NOPASSWD\" found in \"/etc/sudoers\"\nfile or files in the \"/etc/sudoers.d\" directory."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000373-GPOS-00156","satisfies":["SRG-OS-000373-GPOS-00156","SRG-OS-000373-GPOS-00157","SRG-OS-000373-GPOS-00158"],"gid":"V-230271","rid":"SV-230271r854026_rule","stig_id":"RHEL-08-010380","fix_id":"F-32915r854025_fix","cci":["CCI-002038"],"nist":["IA-11"]},"code":"control 'SV-230271' do\n  title 'RHEL 8 must require users to provide a password for privilege\nescalation.'\n  desc 'Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.'\n  desc 'check', 'Verify that \"/etc/sudoers\" has no occurrences of \"NOPASSWD\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of \"NOPASSWD\" by\nrunning the following command:\n\n    $ sudo grep -i nopasswd /etc/sudoers /etc/sudoers.d/*\n\n    %admin ALL=(ALL) NOPASSWD: ALL\n\n    If any occurrences of \"NOPASSWD\" are returned from the command and have\nnot been documented with the ISSO as an organizationally defined administrative\ngroup utilizing MFA, this is a finding.'\n  desc 'fix', 'Remove any occurrence of \"NOPASSWD\" found in \"/etc/sudoers\"\nfile or files in the \"/etc/sudoers.d\" directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag satisfies: ['SRG-OS-000373-GPOS-00156', 'SRG-OS-000373-GPOS-00157', 'SRG-OS-000373-GPOS-00158']\n  tag gid: 'V-230271'\n  tag rid: 'SV-230271r854026_rule'\n  tag stig_id: 'RHEL-08-010380'\n  tag fix_id: 'F-32915r854025_fix'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe \"Control not applicable within a container & sudo doesn't exist\" do\n      skip \"Control not applicable within a container & sudo doesn't exist\"\n    end\n  elsif input('skip_password_privilege_escalation')\n    impact 0.0\n    describe 'Users are not required to provide a password for privilege escalation as agreed to by the approval authority. This requirement is not applicable.' do\n      skip 'Users are not required to provide a password for privilege escalation as agreed to by the approval authority. This requirement is not applicable.'\n    end\n  else\n    processed = []\n    to_process = ['/etc/sudoers', '/etc/sudoers.d']\n\n    until to_process.empty?\n      in_process = to_process.pop\n      next if processed.include? in_process\n\n      processed.push in_process\n\n      if file(in_process).directory?\n        to_process.concat(\n          command(\"find #{in_process} -maxdepth 1 -mindepth 1\")\n            .stdout.strip.split(\"\\n\")\n            .select { |f| file(f).file? }\n        )\n      elsif file(in_process).file?\n        to_process.concat(\n          command(\"grep -E '#include\\\\s+' #{in_process} | sed 's/.*#include[[:space:]]*//g'\")\n            .stdout.strip.split(\"\\n\")\n            .map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }\n            .select { |f| file(f).exist? }\n        )\n        to_process.concat(\n          command(\"grep -E '#includedir\\\\s+' #{in_process} | sed 's/.*#includedir[[:space:]]*//g'\")\n            .stdout.strip.split(\"\\n\")\n            .map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }\n            .select { |f| file(f).exist? }\n        )\n      end\n    end\n\n    sudoers = processed.select { |f| file(f).file? }\n\n    sudoers.each do |sudoer|\n      sudo_content = file(sudoer).content.strip.split(\"\\n\")\n      nopasswd_lines = sudo_content.select { |l| l.match?(/^[^#].*NOPASSWD/) }\n      describe \"#{sudoer} rules containing NOPASSWD\" do\n        subject { nopasswd_lines }\n        it { should be_empty }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230271.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"/etc/sudoers.d/90-cloud-init-users rules containing NOPASSWD is expected to be empty","run_time":0.009834,"start_time":"2024-01-09T19:40:41-05:00","message":"expected `[\"ec2-user ALL=(ALL) NOPASSWD:ALL\"].empty?` to be truthy, got false","resource_class":"Object","resource_params":"[]","resource_id":"/etc/sudoers.d/90-cloud-init-users rules containing NOPASSWD"},{"status":"passed","code_desc":"/etc/sudoers rules containing NOPASSWD is expected to be empty","run_time":0.012929,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"Object","resource_params":"[]","resource_id":"/etc/sudoers rules containing NOPASSWD"}]},{"id":"SV-230272","title":"RHEL 8 must require users to reauthenticate for privilege escalation.","desc":"Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.","descriptions":[{"label":"default","data":"Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate."},{"label":"check","data":"Verify that \"/etc/sudoers\" has no occurrences of \"!authenticate\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of\n\"!authenticate\" by running the following command:\n\n    $ sudo grep -i !authenticate /etc/sudoers /etc/sudoers.d/*\n\n    If any occurrences of \"!authenticate\" return from the command, this is a\nfinding."},{"label":"fix","data":"Remove any occurrence of \"!authenticate\" found in\n\"/etc/sudoers\" file or files in the \"/etc/sudoers.d\" directory."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000373-GPOS-00156","satisfies":["SRG-OS-000373-GPOS-00156","SRG-OS-000373-GPOS-00157","SRG-OS-000373-GPOS-00158"],"gid":"V-230272","rid":"SV-230272r854027_rule","stig_id":"RHEL-08-010381","fix_id":"F-32916r567563_fix","cci":["CCI-002038"],"nist":["IA-11"]},"code":"control 'SV-230272' do\n  title 'RHEL 8 must require users to reauthenticate for privilege escalation.'\n  desc 'Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.'\n  desc 'check', 'Verify that \"/etc/sudoers\" has no occurrences of \"!authenticate\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of\n\"!authenticate\" by running the following command:\n\n    $ sudo grep -i !authenticate /etc/sudoers /etc/sudoers.d/*\n\n    If any occurrences of \"!authenticate\" return from the command, this is a\nfinding.'\n  desc 'fix', 'Remove any occurrence of \"!authenticate\" found in\n\"/etc/sudoers\" file or files in the \"/etc/sudoers.d\" directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag satisfies: ['SRG-OS-000373-GPOS-00156', 'SRG-OS-000373-GPOS-00157', 'SRG-OS-000373-GPOS-00158']\n  tag gid: 'V-230272'\n  tag rid: 'SV-230272r854027_rule'\n  tag stig_id: 'RHEL-08-010381'\n  tag fix_id: 'F-32916r567563_fix'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -ir authenticate /etc/sudoers /etc/sudoers.d/*') do\n      its('stdout') { should_not match(/!authenticate/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230272.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep -ir authenticate /etc/sudoers /etc/sudoers.d/*` stdout is expected not to match /!authenticate/","run_time":0.152027,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"command","resource_params":"[\"grep -ir authenticate /etc/sudoers /etc/sudoers.d/*\"]","resource_id":"Command: `grep -ir authenticate /etc/sudoers /etc/sudoers.d/*`"}]},{"id":"SV-230273","title":"RHEL 8 must have the packages required for multifactor authentication\n    installed.","desc":"Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    A privileged account is defined as an information system account with\n    authorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\n    authorized user (or an information system) communicating through an external,\n    non-organization-controlled network. Remote access methods include, for\n    example, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\n    function of the device or has the concept of an organizational user (e.g., VPN,\n    proxy capability). This does not apply to authentication for the purpose of\n    configuring the device itself (management).","descriptions":[{"label":"default","data":"Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    A privileged account is defined as an information system account with\n    authorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\n    authorized user (or an information system) communicating through an external,\n    non-organization-controlled network. Remote access methods include, for\n    example, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\n    function of the device or has the concept of an organizational user (e.g., VPN,\n    proxy capability). This does not apply to authentication for the purpose of\n    configuring the device itself (management)."},{"label":"check","data":"Verify the operating system has the packages required for multifactor\n    authentication installed with the following commands:\n\n        $ sudo yum list installed openssl-pkcs11\n\n        openssl-pkcs11.x86_64          0.4.8-2.el8          @anaconda\n\n    If the \"openssl-pkcs11\" package is not installed, ask the administrator\n    to indicate what type of multifactor authentication is being utilized and what\n    packages are installed to support it.  If there is no evidence of multifactor\n    authentication being used, this is a finding."},{"label":"fix","data":"Configure the operating system to implement multifactor authentication by\n    installing the required package with the following command:\n\n        $ sudo yum install openssl-pkcs11"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000375-GPOS-00160","gid":"V-230273","rid":"SV-230273r854028_rule","stig_id":"RHEL-08-010390","fix_id":"F-32917r743942_fix","cci":["CCI-001948"],"nist":["IA-2 (11)"]},"code":"control 'SV-230273' do\n  title 'RHEL 8 must have the packages required for multifactor authentication\n    installed.'\n  desc 'Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    A privileged account is defined as an information system account with\n    authorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\n    authorized user (or an information system) communicating through an external,\n    non-organization-controlled network. Remote access methods include, for\n    example, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\n    function of the device or has the concept of an organizational user (e.g., VPN,\n    proxy capability). This does not apply to authentication for the purpose of\n    configuring the device itself (management).'\n  desc 'check', 'Verify the operating system has the packages required for multifactor\n    authentication installed with the following commands:\n\n        $ sudo yum list installed openssl-pkcs11\n\n        openssl-pkcs11.x86_64          0.4.8-2.el8          @anaconda\n\n    If the \"openssl-pkcs11\" package is not installed, ask the administrator\n    to indicate what type of multifactor authentication is being utilized and what\n    packages are installed to support it.  If there is no evidence of multifactor\n    authentication being used, this is a finding.'\n  desc 'fix', 'Configure the operating system to implement multifactor authentication by\n    installing the required package with the following command:\n\n        $ sudo yum install openssl-pkcs11'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000375-GPOS-00160'\n  tag gid: 'V-230273'\n  tag rid: 'SV-230273r854028_rule'\n  tag stig_id: 'RHEL-08-010390'\n  tag fix_id: 'F-32917r743942_fix'\n  tag cci: ['CCI-001948']\n  tag nist: ['IA-2 (11)']\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('smart_card_enabled')\n    describe package('openssl-pkcs11') do\n      it { should be_installed }\n    end\n  else\n    impact 0.0\n    describe 'The system is not smartcard enabled thus this control is Not Applicable' do\n      skip 'The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230273.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system is not smartcard enabled thus this control is Not Applicable","run_time":0.00023,"start_time":"2024-01-09T19:40:41-05:00","resource":"","skip_message":"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system is not smartcard enabled thus this control is Not Applicable"}]},{"id":"SV-230274","title":"RHEL 8 must implement certificate status checking for multifactor authentication.","desc":"Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    RHEL 8 includes multiple options for configuring certificate status\nchecking, but for this requirement focuses on the System Security Services\nDaemon (SSSD). By default, sssd performs Online Certificate Status Protocol\n(OCSP) checking and certificate verification using a sha256 digest function.","descriptions":[{"label":"default","data":"Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    RHEL 8 includes multiple options for configuring certificate status\nchecking, but for this requirement focuses on the System Security Services\nDaemon (SSSD). By default, sssd performs Online Certificate Status Protocol\n(OCSP) checking and certificate verification using a sha256 digest function."},{"label":"check","data":"Verify the operating system implements certificate status checking for multifactor authentication.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck to see if Online Certificate Status Protocol (OCSP) is enabled and using the proper digest value on the system with the following command:\n\n$ sudo grep certificate_verification /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf | grep -v \"^#\"\n\ncertificate_verification = ocsp_dgst=sha1\n\nIf the certificate_verification line is missing from the [sssd] section, or is missing \"ocsp_dgst=sha1\", ask the administrator to indicate what type of multifactor authentication is being utilized and how the system implements certificate status checking.  If there is no evidence of certificate status checking being used, this is a finding."},{"label":"fix","data":"Configure the operating system to implement certificate status checking for multifactor authentication.\n\nReview the \"/etc/sssd/sssd.conf\" file to determine if the system is configured to prevent OCSP or certificate verification.\n\nAdd the following line to the [sssd] section of the \"/etc/sssd/sssd.conf\" file:\n\ncertificate_verification = ocsp_dgst=sha1\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000375-GPOS-00160","satisfies":["SRG-OS-000375-GPOS-00160","SRG-OS-000377-GPOS-00162"],"gid":"V-230274","rid":"SV-230274r858741_rule","stig_id":"RHEL-08-010400","fix_id":"F-32918r809280_fix","cci":["CCI-001948"],"nist":["IA-2 (11)"]},"code":"control 'SV-230274' do\n  title 'RHEL 8 must implement certificate status checking for multifactor authentication.'\n  desc 'Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    RHEL 8 includes multiple options for configuring certificate status\nchecking, but for this requirement focuses on the System Security Services\nDaemon (SSSD). By default, sssd performs Online Certificate Status Protocol\n(OCSP) checking and certificate verification using a sha256 digest function.'\n  desc 'check', 'Verify the operating system implements certificate status checking for multifactor authentication.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck to see if Online Certificate Status Protocol (OCSP) is enabled and using the proper digest value on the system with the following command:\n\n$ sudo grep certificate_verification /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf | grep -v \"^#\"\n\ncertificate_verification = ocsp_dgst=sha1\n\nIf the certificate_verification line is missing from the [sssd] section, or is missing \"ocsp_dgst=sha1\", ask the administrator to indicate what type of multifactor authentication is being utilized and how the system implements certificate status checking.  If there is no evidence of certificate status checking being used, this is a finding.'\n  desc 'fix', 'Configure the operating system to implement certificate status checking for multifactor authentication.\n\nReview the \"/etc/sssd/sssd.conf\" file to determine if the system is configured to prevent OCSP or certificate verification.\n\nAdd the following line to the [sssd] section of the \"/etc/sssd/sssd.conf\" file:\n\ncertificate_verification = ocsp_dgst=sha1\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000375-GPOS-00160'\n  tag satisfies: ['SRG-OS-000375-GPOS-00160', 'SRG-OS-000377-GPOS-00162']\n  tag gid: 'V-230274'\n  tag rid: 'SV-230274r858741_rule'\n  tag stig_id: 'RHEL-08-010400'\n  tag fix_id: 'F-32918r809280_fix'\n  tag cci: ['CCI-001948']\n  tag nist: ['IA-2 (11)']\n\n  only_if('This requirement is Not Applicable inside the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe file('/etc/sssd/sssd.conf') do\n    it { should exist }\n  end\n\n  sssd_conf_file_contents = command('cat /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf').stdout.strip\n  sssd_certificate_verification = input('sssd_certificate_verification')\n\n  if sssd_conf_file_contents.empty?\n    describe 'Unable to verify the SSSD Configuration for OCSP MFA Validation' do\n      skip 'Unable to verify the SSSD Configuration for OCSP MFA Validation, please review this Requirement Manually'\n    end\n  else\n    describe ini({ command: 'cat /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf' }) do\n      its('sssd.certificate_verification') { should cmp sssd_certificate_verification }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230274.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File /etc/sssd/sssd.conf is expected to exist","run_time":0.133493,"start_time":"2024-01-09T19:40:41-05:00","message":"expected File /etc/sssd/sssd.conf to exist","resource_class":"file","resource_params":"[\"/etc/sssd/sssd.conf\"]","resource_id":"/etc/sssd/sssd.conf"},{"status":"skipped","code_desc":"Unable to verify the SSSD Configuration for OCSP MFA Validation","run_time":1.0e-05,"start_time":"2024-01-09T19:40:41-05:00","resource":"","skip_message":"Unable to verify the SSSD Configuration for OCSP MFA Validation, please review this Requirement Manually","resource_class":"Object","resource_params":"[]","resource_id":"Unable to verify the SSSD Configuration for OCSP MFA Validation"}]},{"id":"SV-230275","title":"RHEL 8 must accept Personal Identity Verification (PIV) credentials.","desc":"The use of PIV credentials facilitates standardization and reduces the\n    risk of unauthorized access.\n\n    The DoD has mandated the use of the Common Access Card (CAC) to support\n    identity management and personal authentication for systems covered under\n    Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a\n    primary component of layered protection for national security systems.","descriptions":[{"label":"default","data":"The use of PIV credentials facilitates standardization and reduces the\n    risk of unauthorized access.\n\n    The DoD has mandated the use of the Common Access Card (CAC) to support\n    identity management and personal authentication for systems covered under\n    Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a\n    primary component of layered protection for national security systems."},{"label":"check","data":"Verify RHEL 8 accepts PIV credentials.\n\n    Check that the \"opensc\" package is installed on the system with the\n    following command:\n\n        $ sudo yum list installed opensc\n\n        opensc.x86_64     0.19.0-5.el8     @anaconda\n\n    Check that \"opensc\" accepts PIV cards with the following command:\n\n        $ sudo opensc-tool --list-drivers | grep -i piv\n\n          PIV-II     Personal Identity Verification Card\n\n    If the \"opensc\" package is not installed and the \"opensc-tool\" driver\n    list does not include \"PIV-II\", this is a finding."},{"label":"fix","data":"Configure RHEL 8 to accept PIV credentials.\n\n    Install the \"opensc\" package using the following command:\n\n        $ sudo yum install opensc"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000376-GPOS-00161","gid":"V-230275","rid":"SV-230275r854030_rule","stig_id":"RHEL-08-010410","fix_id":"F-32919r567572_fix","cci":["CCI-001953"],"nist":["IA-2 (12)"]},"code":"control 'SV-230275' do\n  title 'RHEL 8 must accept Personal Identity Verification (PIV) credentials.'\n  desc 'The use of PIV credentials facilitates standardization and reduces the\n    risk of unauthorized access.\n\n    The DoD has mandated the use of the Common Access Card (CAC) to support\n    identity management and personal authentication for systems covered under\n    Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a\n    primary component of layered protection for national security systems.'\n  desc 'check', 'Verify RHEL 8 accepts PIV credentials.\n\n    Check that the \"opensc\" package is installed on the system with the\n    following command:\n\n        $ sudo yum list installed opensc\n\n        opensc.x86_64     0.19.0-5.el8     @anaconda\n\n    Check that \"opensc\" accepts PIV cards with the following command:\n\n        $ sudo opensc-tool --list-drivers | grep -i piv\n\n          PIV-II     Personal Identity Verification Card\n\n    If the \"opensc\" package is not installed and the \"opensc-tool\" driver\n    list does not include \"PIV-II\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to accept PIV credentials.\n\n    Install the \"opensc\" package using the following command:\n\n        $ sudo yum install opensc'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000376-GPOS-00161'\n  tag gid: 'V-230275'\n  tag rid: 'SV-230275r854030_rule'\n  tag stig_id: 'RHEL-08-010410'\n  tag fix_id: 'F-32919r567572_fix'\n  tag cci: ['CCI-001953']\n  tag nist: ['IA-2 (12)']\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('smart_card_enabled')\n    describe package('opensc') do\n      it { should be_installed }\n    end\n    describe command('opensc-tool --list-drivers | grep -i piv') do\n      its('stdout') { should match(/PIV-II/) }\n    end\n  else\n    impact 0.0\n    describe 'The system is not utilizing smart card authentication' do\n      skip 'The system is not utilizing smart card authentication, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230275.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system is not utilizing smart card authentication","run_time":5.0e-06,"start_time":"2024-01-09T19:40:41-05:00","resource":"","skip_message":"The system is not utilizing smart card authentication, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system is not utilizing smart card authentication"}]},{"id":"SV-230276","title":"RHEL 8 must implement non-executable data to protect its memory from\nunauthorized code execution.","desc":"Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Examples of attacks are buffer overflow attacks.","descriptions":[{"label":"default","data":"Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Examples of attacks are buffer overflow attacks."},{"label":"check","data":"Verify the NX (no-execution) bit flag is set on the system.\n\n    Check that the no-execution bit flag is set with the following commands:\n\n    $ sudo dmesg | grep NX\n\n    [ 0.000000] NX (Execute Disable) protection: active\n\n    If \"dmesg\" does not show \"NX (Execute Disable) protection\" active,\ncheck the cpuinfo settings with the following command:\n\n    $ sudo less /proc/cpuinfo | grep -i flags\n    flags : fpu vme de pse tsc ms nx rdtscp lm constant_tsc\n\n    If \"flags\" does not contain the \"nx\" flag, this is a finding."},{"label":"fix","data":"The NX bit execute protection must be enabled in the system\nBIOS."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000433-GPOS-00192","gid":"V-230276","rid":"SV-230276r854031_rule","stig_id":"RHEL-08-010420","fix_id":"F-32920r567575_fix","cci":["CCI-002824"],"nist":["SI-16"]},"code":"control 'SV-230276' do\n  title 'RHEL 8 must implement non-executable data to protect its memory from\nunauthorized code execution.'\n  desc 'Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Examples of attacks are buffer overflow attacks.'\n  desc 'check', 'Verify the NX (no-execution) bit flag is set on the system.\n\n    Check that the no-execution bit flag is set with the following commands:\n\n    $ sudo dmesg | grep NX\n\n    [ 0.000000] NX (Execute Disable) protection: active\n\n    If \"dmesg\" does not show \"NX (Execute Disable) protection\" active,\ncheck the cpuinfo settings with the following command:\n\n    $ sudo less /proc/cpuinfo | grep -i flags\n    flags : fpu vme de pse tsc ms nx rdtscp lm constant_tsc\n\n    If \"flags\" does not contain the \"nx\" flag, this is a finding.'\n  desc 'fix', 'The NX bit execute protection must be enabled in the system\nBIOS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000433-GPOS-00192'\n  tag gid: 'V-230276'\n  tag rid: 'SV-230276r854031_rule'\n  tag stig_id: 'RHEL-08-010420'\n  tag fix_id: 'F-32920r567575_fix'\n  tag cci: ['CCI-002824']\n  tag nist: ['SI-16']\n\n  options = {\n    assignment_regex: /^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/\n  }\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe command('dmesg | grep NX') do\n        it('stdout') { should match(/.+(NX \\(Execute Disable\\) protection: active)/) }\n      end\n      describe parse_config_file('/proc/cpuinfo', options) do\n        its('flags.split') { should include 'nx' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230276.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /proc/cpuinfo flags.split is expected to include \"nx\"","run_time":0.000287,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"parse_config_file","resource_params":"[\"/proc/cpuinfo\", {:assignment_regex=>/^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/}]","resource_id":"/proc/cpuinfo"}]},{"id":"SV-230277","title":"RHEL 8 must clear the page allocator to prevent use-after-free\nattacks.","desc":"Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.","descriptions":[{"label":"default","data":"Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory."},{"label":"check","data":"Verify that GRUB 2 is configured to enable page poisoning to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has page poisoning enabled:\n\n$ sudo grub2-editenv list | grep page_poison\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"page_poison\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that page poisoning is enabled by default to persist in kernel updates:\n\n$ sudo grep page_poison /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"page_poison=1\"\n\nIf \"page_poison\" is not set to \"1\", is missing or commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to enable page poisoning with the following commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"page_poison=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"page_poison=1\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000134-GPOS-00068","satisfies":["SRG-OS-000134-GPOS-00068","SRG-OS-000433-GPOS-00192"],"gid":"V-230277","rid":"SV-230277r792884_rule","stig_id":"RHEL-08-010421","fix_id":"F-32921r567578_fix","cci":["CCI-001084"],"nist":["SC-3"]},"code":"control 'SV-230277' do\n  title 'RHEL 8 must clear the page allocator to prevent use-after-free\nattacks.'\n  desc 'Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.'\n  desc 'check', 'Verify that GRUB 2 is configured to enable page poisoning to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has page poisoning enabled:\n\n$ sudo grub2-editenv list | grep page_poison\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"page_poison\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that page poisoning is enabled by default to persist in kernel updates:\n\n$ sudo grep page_poison /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"page_poison=1\"\n\nIf \"page_poison\" is not set to \"1\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable page poisoning with the following commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"page_poison=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"page_poison=1\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']\n  tag gid: 'V-230277'\n  tag rid: 'SV-230277r792884_rule'\n  tag stig_id: 'RHEL-08-010421'\n  tag fix_id: 'F-32921r567578_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/page_poison=1/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/page_poison=1/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230277.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config  kernelopts is expected to match /page_poison=1/","run_time":0.003445,"start_time":"2024-01-09T19:40:41-05:00","message":"expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /page_poison=1/","resource_class":"parse_config","resource_params":"[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]","resource_id":"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"},{"status":"failed","code_desc":"Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /page_poison=1/","run_time":0.002497,"start_time":"2024-01-09T19:40:41-05:00","message":"expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /page_poison=1/","resource_class":"parse_config_file","resource_params":"[\"/etc/default/grub\"]","resource_id":"/etc/default/grub"}]},{"id":"SV-230278","title":"RHEL 8 must disable virtual syscalls.","desc":"Syscalls are special routines in the Linux kernel, which userspace\napplications ask to do privileged tasks.  Invoking a system call is an\nexpensive operation because the processor must interrupt the currently\nexecuting task and switch context to kernel mode and then back to userspace\nafter the system call completes.  Virtual Syscalls map into user space a page\nthat contains some variables and the implementation of some system calls.  This\nallows the system calls to be executed in userspace to alleviate the context\nswitching expense.\n\n    Virtual Syscalls provide an opportunity of attack for a user who has\ncontrol of the return instruction pointer.  Disabling vsyscalls help to prevent\nreturn oriented programming (ROP) attacks via buffer overflows and overruns. If\nthe system intends to run containers based on RHEL 6 components, then virtual\nsyscalls will need enabled so the components function properly.","descriptions":[{"label":"default","data":"Syscalls are special routines in the Linux kernel, which userspace\napplications ask to do privileged tasks.  Invoking a system call is an\nexpensive operation because the processor must interrupt the currently\nexecuting task and switch context to kernel mode and then back to userspace\nafter the system call completes.  Virtual Syscalls map into user space a page\nthat contains some variables and the implementation of some system calls.  This\nallows the system calls to be executed in userspace to alleviate the context\nswitching expense.\n\n    Virtual Syscalls provide an opportunity of attack for a user who has\ncontrol of the return instruction pointer.  Disabling vsyscalls help to prevent\nreturn oriented programming (ROP) attacks via buffer overflows and overruns. If\nthe system intends to run containers based on RHEL 6 components, then virtual\nsyscalls will need enabled so the components function properly."},{"label":"check","data":"Verify that GRUB 2 is configured to disable vsyscalls with the following commands:\n\nCheck that the current GRUB 2 configuration disables vsyscalls:\n\n$ sudo grub2-editenv list | grep vsyscall\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"vsyscall\" is not set to \"none\" or is missing, this is a finding.\n\nCheck that vsyscalls are disabled by default to persist in kernel updates:\n\n$ sudo grep vsyscall /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"vsyscall=none\"\n\nIf \"vsyscall\" is not set to \"none\", is missing or commented out and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Document the use of vsyscalls with the ISSO as an operational requirement\nor disable them with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"vsyscall=none\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"vsyscall=none\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000134-GPOS-00068","satisfies":["SRG-OS-000134-GPOS-00068","SRG-OS-000433-GPOS-00192"],"gid":"V-230278","rid":"SV-230278r792886_rule","stig_id":"RHEL-08-010422","fix_id":"F-32922r743947_fix","cci":["CCI-001084"],"nist":["SC-3"]},"code":"control 'SV-230278' do\n  title 'RHEL 8 must disable virtual syscalls.'\n  desc 'Syscalls are special routines in the Linux kernel, which userspace\napplications ask to do privileged tasks.  Invoking a system call is an\nexpensive operation because the processor must interrupt the currently\nexecuting task and switch context to kernel mode and then back to userspace\nafter the system call completes.  Virtual Syscalls map into user space a page\nthat contains some variables and the implementation of some system calls.  This\nallows the system calls to be executed in userspace to alleviate the context\nswitching expense.\n\n    Virtual Syscalls provide an opportunity of attack for a user who has\ncontrol of the return instruction pointer.  Disabling vsyscalls help to prevent\nreturn oriented programming (ROP) attacks via buffer overflows and overruns. If\nthe system intends to run containers based on RHEL 6 components, then virtual\nsyscalls will need enabled so the components function properly.'\n  desc 'check', 'Verify that GRUB 2 is configured to disable vsyscalls with the following commands:\n\nCheck that the current GRUB 2 configuration disables vsyscalls:\n\n$ sudo grub2-editenv list | grep vsyscall\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"vsyscall\" is not set to \"none\" or is missing, this is a finding.\n\nCheck that vsyscalls are disabled by default to persist in kernel updates:\n\n$ sudo grep vsyscall /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"vsyscall=none\"\n\nIf \"vsyscall\" is not set to \"none\", is missing or commented out and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Document the use of vsyscalls with the ISSO as an operational requirement\nor disable them with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"vsyscall=none\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"vsyscall=none\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']\n  tag gid: 'V-230278'\n  tag rid: 'SV-230278r792886_rule'\n  tag stig_id: 'RHEL-08-010422'\n  tag fix_id: 'F-32922r743947_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/vsyscall=none/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/vsyscall=none/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230278.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config  kernelopts is expected to match /vsyscall=none/","run_time":0.002027,"start_time":"2024-01-09T19:40:41-05:00","message":"expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /vsyscall=none/","resource_class":"parse_config","resource_params":"[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]","resource_id":"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"},{"status":"failed","code_desc":"Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /vsyscall=none/","run_time":0.003203,"start_time":"2024-01-09T19:40:41-05:00","message":"expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /vsyscall=none/","resource_class":"parse_config_file","resource_params":"[\"/etc/default/grub\"]","resource_id":"/etc/default/grub"}]},{"id":"SV-230279","title":"RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.","desc":"Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.\n\n    SLAB objects are blocks of physically-contiguous memory.  SLUB is the\nunqueued SLAB allocator.","descriptions":[{"label":"default","data":"Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.\n\n    SLAB objects are blocks of physically-contiguous memory.  SLUB is the\nunqueued SLAB allocator."},{"label":"check","data":"Verify that GRUB 2 is configured to enable poisoning of SLUB/SLAB objects to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has poisoning of SLUB/SLAB objects enabled:\n\n$ sudo grub2-editenv list | grep slub_debug\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 slub_debug=P page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"slub_debug\" is not set to \"P\" or is missing, this is a finding.\n\nCheck that poisoning of SLUB/SLAB objects is enabled by default to persist in kernel updates:\n\n$ sudo grep slub_debug /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"slub_debug=P\"\n\nIf \"slub_debug\" is not set to \"P\", is missing or commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to enable poisoning of SLUB/SLAB objects with the\nfollowing commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"slub_debug=P\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"slub_debug=P\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000134-GPOS-00068","satisfies":["SRG-OS-000134-GPOS-00068","SRG-OS-000433-GPOS-00192"],"gid":"V-230279","rid":"SV-230279r792888_rule","stig_id":"RHEL-08-010423","fix_id":"F-32923r567584_fix","cci":["CCI-001084"],"nist":["SC-3"]},"code":"control 'SV-230279' do\n  title 'RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.'\n  desc 'Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.\n\n    SLAB objects are blocks of physically-contiguous memory.  SLUB is the\nunqueued SLAB allocator.'\n  desc 'check', 'Verify that GRUB 2 is configured to enable poisoning of SLUB/SLAB objects to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has poisoning of SLUB/SLAB objects enabled:\n\n$ sudo grub2-editenv list | grep slub_debug\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 slub_debug=P page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"slub_debug\" is not set to \"P\" or is missing, this is a finding.\n\nCheck that poisoning of SLUB/SLAB objects is enabled by default to persist in kernel updates:\n\n$ sudo grep slub_debug /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"slub_debug=P\"\n\nIf \"slub_debug\" is not set to \"P\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable poisoning of SLUB/SLAB objects with the\nfollowing commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"slub_debug=P\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"slub_debug=P\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']\n  tag gid: 'V-230279'\n  tag rid: 'SV-230279r792888_rule'\n  tag stig_id: 'RHEL-08-010423'\n  tag fix_id: 'F-32923r567584_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/slub_debug=P/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/slub_debug=P/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230279.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config  kernelopts is expected to match /slub_debug=P/","run_time":0.011754,"start_time":"2024-01-09T19:40:41-05:00","message":"expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /slub_debug=P/","resource_class":"parse_config","resource_params":"[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]","resource_id":"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"},{"status":"failed","code_desc":"Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /slub_debug=P/","run_time":0.001129,"start_time":"2024-01-09T19:40:41-05:00","message":"expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /slub_debug=P/","resource_class":"parse_config_file","resource_params":"[\"/etc/default/grub\"]","resource_id":"/etc/default/grub"}]},{"id":"SV-230280","title":"RHEL 8 must implement address space layout randomization (ASLR) to\nprotect its memory from unauthorized code execution.","desc":"Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.\n\nExamples of attacks are buffer overflow attacks.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.\n\nExamples of attacks are buffer overflow attacks.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 implements ASLR with the following command:\n\n$ sudo sysctl kernel.randomize_va_space\n\nkernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.randomize_va_space /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to implement virtual address space randomization.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.randomize_va_space=2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nIssue the following command to make the changes take effect:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000433-GPOS-00193","gid":"V-230280","rid":"SV-230280r858767_rule","stig_id":"RHEL-08-010430","fix_id":"F-32924r858766_fix","cci":["CCI-002824"],"nist":["SI-16"]},"code":"control 'SV-230280' do\n  title 'RHEL 8 must implement address space layout randomization (ASLR) to\nprotect its memory from unauthorized code execution.'\n  desc 'Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.\n\nExamples of attacks are buffer overflow attacks.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 implements ASLR with the following command:\n\n$ sudo sysctl kernel.randomize_va_space\n\nkernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.randomize_va_space /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to implement virtual address space randomization.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.randomize_va_space=2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nIssue the following command to make the changes take effect:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000433-GPOS-00193'\n  tag gid: 'V-230280'\n  tag rid: 'SV-230280r858767_rule'\n  tag stig_id: 'RHEL-08-010430'\n  tag fix_id: 'F-32924r858766_fix'\n  tag cci: ['CCI-002824']\n  tag nist: ['SI-16']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.randomize_va_space') do\n      its('value') { should eq 2 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230280.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.randomize_va_space value is expected to eq 2","run_time":0.095266,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.randomize_va_space\"]","resource_id":"kernel.randomize_va_space"}]},{"id":"SV-230281","title":"YUM must remove all software components after updated versions have\nbeen installed on RHEL 8.","desc":"Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system.","descriptions":[{"label":"default","data":"Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system."},{"label":"check","data":"Verify the operating system removes all software components after updated\nversions have been installed.\n\n    Check if YUM is configured to remove unneeded packages with the following\ncommand:\n\n    $ sudo grep -i clean_requirements_on_remove /etc/dnf/dnf.conf\n\n    clean_requirements_on_remove=True\n\n    If \"clean_requirements_on_remove\" is not set to either \"1\", \"True\",\nor \"yes\", commented out, or is missing from \"/etc/dnf/dnf.conf\", this is a\nfinding."},{"label":"fix","data":"Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"clean_requirements_on_remove\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    clean_requirements_on_remove=True"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000437-GPOS-00194","gid":"V-230281","rid":"SV-230281r854034_rule","stig_id":"RHEL-08-010440","fix_id":"F-32925r567590_fix","cci":["CCI-002617"],"nist":["SI-2 (6)"]},"code":"control 'SV-230281' do\n  title 'YUM must remove all software components after updated versions have\nbeen installed on RHEL 8.'\n  desc 'Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system.'\n  desc 'check', 'Verify the operating system removes all software components after updated\nversions have been installed.\n\n    Check if YUM is configured to remove unneeded packages with the following\ncommand:\n\n    $ sudo grep -i clean_requirements_on_remove /etc/dnf/dnf.conf\n\n    clean_requirements_on_remove=True\n\n    If \"clean_requirements_on_remove\" is not set to either \"1\", \"True\",\nor \"yes\", commented out, or is missing from \"/etc/dnf/dnf.conf\", this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"clean_requirements_on_remove\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    clean_requirements_on_remove=True'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000437-GPOS-00194'\n  tag gid: 'V-230281'\n  tag rid: 'SV-230281r854034_rule'\n  tag stig_id: 'RHEL-08-010440'\n  tag fix_id: 'F-32925r567590_fix'\n  tag cci: ['CCI-002617']\n  tag nist: ['SI-2 (6)']\n\n  describe parse_config_file('/etc/dnf/dnf.conf') do\n    its('main.clean_requirements_on_remove') { should match(/1|True|yes/i) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230281.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/dnf/dnf.conf main.clean_requirements_on_remove is expected to match /1|True|yes/i","run_time":0.002434,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/dnf/dnf.conf\"]","resource_id":"/etc/dnf/dnf.conf"}]},{"id":"SV-230282","title":"RHEL 8 must enable the SELinux targeted policy.","desc":"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.","descriptions":[{"label":"default","data":"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality."},{"label":"check","data":"Ensure the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and is enforcing the targeted policy with\nthe following command:\n\n    $ sudo sestatus\n\n    SELinux status: enabled\n    SELinuxfs mount: /sys/fs/selinux\n    SELinux root directory: /etc/selinux\n    Loaded policy name: targeted\n    Current mode: enforcing\n    Mode from config file: enforcing\n    Policy MLS status: enabled\n    Policy deny_unknown status: allowed\n    Memory protection checking: actual (secure)\n    Max kernel policy version: 31\n\n    If the \"Loaded policy name\" is not set to \"targeted\", this is a finding.\n\n    Verify that the /etc/selinux/config file is configured to the\n\"SELINUXTYPE\" to \"targeted\":\n\n    $ sudo grep -i \"selinuxtype\" /etc/selinux/config | grep -v '^#'\n\n    SELINUXTYPE = targeted\n\n    If no results are returned or \"SELINUXTYPE\" is not set to \"targeted\",\nthis is a finding."},{"label":"fix","data":"Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinuxtype\" to the \"targeted\" policy by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUXTYPE=targeted\n\n    A reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000445-GPOS-00199","gid":"V-230282","rid":"SV-230282r854035_rule","stig_id":"RHEL-08-010450","fix_id":"F-32926r567593_fix","cci":["CCI-002696"],"nist":["SI-6 a"]},"code":"control 'SV-230282' do\n  title 'RHEL 8 must enable the SELinux targeted policy.'\n  desc 'Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.'\n  desc 'check', %q(Ensure the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and is enforcing the targeted policy with\nthe following command:\n\n    $ sudo sestatus\n\n    SELinux status: enabled\n    SELinuxfs mount: /sys/fs/selinux\n    SELinux root directory: /etc/selinux\n    Loaded policy name: targeted\n    Current mode: enforcing\n    Mode from config file: enforcing\n    Policy MLS status: enabled\n    Policy deny_unknown status: allowed\n    Memory protection checking: actual (secure)\n    Max kernel policy version: 31\n\n    If the \"Loaded policy name\" is not set to \"targeted\", this is a finding.\n\n    Verify that the /etc/selinux/config file is configured to the\n\"SELINUXTYPE\" to \"targeted\":\n\n    $ sudo grep -i \"selinuxtype\" /etc/selinux/config | grep -v '^#'\n\n    SELINUXTYPE = targeted\n\n    If no results are returned or \"SELINUXTYPE\" is not set to \"targeted\",\nthis is a finding.)\n  desc 'fix', 'Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinuxtype\" to the \"targeted\" policy by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUXTYPE=targeted\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000445-GPOS-00199'\n  tag gid: 'V-230282'\n  tag rid: 'SV-230282r854035_rule'\n  tag stig_id: 'RHEL-08-010450'\n  tag fix_id: 'F-32926r567593_fix'\n  tag cci: ['CCI-002696']\n  tag nist: ['SI-6 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('sestatus') do\n      its('stdout') { should match(/^Loaded\\spolicy\\sname:\\s+targeted\\n?$/) }\n    end\n\n    describe parse_config_file('/etc/selinux/config') do\n      its('SELINUXTYPE') { should eq 'targeted' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230282.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `sestatus` stdout is expected to match /^Loaded\\spolicy\\sname:\\s+targeted\\n?$/","run_time":0.000541,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"command","resource_params":"[\"sestatus\"]","resource_id":"Command: `sestatus`"},{"status":"passed","code_desc":"Parse Config File /etc/selinux/config SELINUXTYPE is expected to eq \"targeted\"","run_time":0.000271,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/selinux/config\"]","resource_id":"/etc/selinux/config"}]},{"id":"SV-230283","title":"There must be no shosts.equiv files on the RHEL 8 operating system.","desc":"The \"shosts.equiv\" files are used to configure host-based\nauthentication for the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.","descriptions":[{"label":"default","data":"The \"shosts.equiv\" files are used to configure host-based\nauthentication for the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication."},{"label":"check","data":"Verify there are no \"shosts.equiv\" files on RHEL 8 with the following\ncommand:\n\n    $ sudo find / -name shosts.equiv\n\n    If a \"shosts.equiv\" file is found, this is a finding."},{"label":"fix","data":"Remove any found \"shosts.equiv\" files from the system.\n\n$ sudo rm /etc/ssh/shosts.equiv"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230283","rid":"SV-230283r627750_rule","stig_id":"RHEL-08-010460","fix_id":"F-32927r567596_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230283' do\n  title 'There must be no shosts.equiv files on the RHEL 8 operating system.'\n  desc 'The \"shosts.equiv\" files are used to configure host-based\nauthentication for the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.'\n  desc 'check', 'Verify there are no \"shosts.equiv\" files on RHEL 8 with the following\ncommand:\n\n    $ sudo find / -name shosts.equiv\n\n    If a \"shosts.equiv\" file is found, this is a finding.'\n  desc 'fix', 'Remove any found \"shosts.equiv\" files from the system.\n\n$ sudo rm /etc/ssh/shosts.equiv'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230283'\n  tag rid: 'SV-230283r627750_rule'\n  tag stig_id: 'RHEL-08-010460'\n  tag fix_id: 'F-32927r567596_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe command('find / -xdev -xautofs -name shosts.equiv') do\n    its('stdout') { should be_empty }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230283.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `find / -xdev -xautofs -name shosts.equiv` stdout is expected to be empty","run_time":0.576112,"start_time":"2024-01-09T19:40:41-05:00","resource_class":"command","resource_params":"[\"find / -xdev -xautofs -name shosts.equiv\"]","resource_id":"Command: `find / -xdev -xautofs -name shosts.equiv`"}]},{"id":"SV-230284","title":"There must be no .shosts files on the RHEL 8 operating system.","desc":"The \".shosts\" files are used to configure host-based authentication\nfor individual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.","descriptions":[{"label":"default","data":"The \".shosts\" files are used to configure host-based authentication\nfor individual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication."},{"label":"check","data":"Verify there are no \".shosts\" files on RHEL 8 with the following command:\n\n$ sudo find / -name '*.shosts'\n\nIf any \".shosts\" files are found, this is a finding."},{"label":"fix","data":"Remove any found \".shosts\" files from the system.\n\n$ sudo rm /[path]/[to]/[file]/.shosts"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230284","rid":"SV-230284r627750_rule","stig_id":"RHEL-08-010470","fix_id":"F-32928r567599_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230284' do\n  title 'There must be no .shosts files on the RHEL 8 operating system.'\n  desc 'The \".shosts\" files are used to configure host-based authentication\nfor individual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.'\n  desc 'check', %q(Verify there are no \".shosts\" files on RHEL 8 with the following command:\n\n$ sudo find / -name '*.shosts'\n\nIf any \".shosts\" files are found, this is a finding.)\n  desc 'fix', 'Remove any found \".shosts\" files from the system.\n\n$ sudo rm /[path]/[to]/[file]/.shosts'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230284'\n  tag rid: 'SV-230284r627750_rule'\n  tag stig_id: 'RHEL-08-010470'\n  tag fix_id: 'F-32928r567599_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe command('find / -xdev -xautofs -name .shosts') do\n    its('stdout') { should be_empty }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230284.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `find / -xdev -xautofs -name .shosts` stdout is expected to be empty","run_time":0.690886,"start_time":"2024-01-09T19:40:42-05:00","resource_class":"command","resource_params":"[\"find / -xdev -xautofs -name .shosts\"]","resource_id":"Command: `find / -xdev -xautofs -name .shosts`"}]},{"id":"SV-230285","title":"RHEL 8 must enable the hardware random number generator entropy\ngatherer service.","desc":"The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.\n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).","descriptions":[{"label":"default","data":"The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.\n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers)."},{"label":"check","data":"Note: For RHEL versions 8.4 and above running with kernel FIPS mode enabled as specified by RHEL-08-010020, this requirement is Not Applicable.\n\nCheck that  RHEL 8 has enabled the hardware random number generator entropy gatherer service.\n\nVerify the rngd service is enabled and active with the following commands:\n\n     $ sudo systemctl is-enabled rngd\n     enabled\n\n     $ sudo systemctl is-active rngd\n     active\n\nIf the service is not \"enabled\" and \"active\", this is a finding."},{"label":"fix","data":"Start the rngd service and enable the rngd service with the following commands:\n\n     $ sudo systemctl start rngd.service\n\n     $ sudo systemctl enable rngd.service"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230285","rid":"SV-230285r928587_rule","stig_id":"RHEL-08-010471","fix_id":"F-32929r917875_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230285' do\n  title 'RHEL 8 must enable the hardware random number generator entropy\ngatherer service.'\n  desc 'The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.\n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).'\n  desc 'check', 'Note: For RHEL versions 8.4 and above running with kernel FIPS mode enabled as specified by RHEL-08-010020, this requirement is Not Applicable.\n\nCheck that  RHEL 8 has enabled the hardware random number generator entropy gatherer service.\n\nVerify the rngd service is enabled and active with the following commands:\n\n     $ sudo systemctl is-enabled rngd\n     enabled\n\n     $ sudo systemctl is-active rngd\n     active\n\nIf the service is not \"enabled\" and \"active\", this is a finding.'\n  desc 'fix', 'Start the rngd service and enable the rngd service with the following commands:\n\n     $ sudo systemctl start rngd.service\n\n     $ sudo systemctl enable rngd.service'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230285'\n  tag rid: 'SV-230285r928587_rule'\n  tag stig_id: 'RHEL-08-010471'\n  tag fix_id: 'F-32929r917875_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe service('rngd') do\n      it { should be_enabled }\n      it { should be_running }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230285.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Service rngd is expected to be enabled","run_time":0.492748,"start_time":"2024-01-09T19:40:43-05:00","resource_class":"service","resource_params":"[\"rngd\"]","resource_id":"rngd"},{"status":"failed","code_desc":"Service rngd is expected to be running","run_time":0.00033,"start_time":"2024-01-09T19:40:43-05:00","message":"expected that `Service rngd` is running","resource_class":"service","resource_params":"[\"rngd\"]","resource_id":"rngd"}]},{"id":"SV-230286","title":"The RHEL 8 SSH public host key files must have mode 0644 or less\npermissive.","desc":"If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised.","descriptions":[{"label":"default","data":"If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised."},{"label":"check","data":"Verify the SSH public host key files have mode \"0644\" or less permissive\nwith the following command:\n\n    $ sudo ls -l /etc/ssh/*.pub\n\n    -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub\n    -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub\n    -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub\n\n    If any key.pub file has a mode more permissive than \"0644\", this is a\nfinding.\n\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation."},{"label":"fix","data":"Change the mode of public host key files under \"/etc/ssh\" to \"0644\"\nwith the following command:\n\n    $ sudo chmod 0644 /etc/ssh/*key.pub\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230286","rid":"SV-230286r627750_rule","stig_id":"RHEL-08-010480","fix_id":"F-32930r567605_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230286' do\n  title 'The RHEL 8 SSH public host key files must have mode 0644 or less\npermissive.'\n  desc 'If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised.'\n  desc 'check', 'Verify the SSH public host key files have mode \"0644\" or less permissive\nwith the following command:\n\n    $ sudo ls -l /etc/ssh/*.pub\n\n    -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub\n    -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub\n    -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub\n\n    If any key.pub file has a mode more permissive than \"0644\", this is a\nfinding.\n\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation.'\n  desc 'fix', 'Change the mode of public host key files under \"/etc/ssh\" to \"0644\"\nwith the following command:\n\n    $ sudo chmod 0644 /etc/ssh/*key.pub\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230286'\n  tag rid: 'SV-230286r627750_rule'\n  tag stig_id: 'RHEL-08-010480'\n  tag fix_id: 'F-32930r567605_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !directory('/etc/ssh').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    pub_files = command(\"find /etc/ssh -xdev -name '*.pub' -perm /133\").stdout.split(\"\\n\")\n    if !pub_files.nil? && !pub_files.empty?\n      pub_files.each do |pubfile|\n        describe file(pubfile) do\n          it { should_not be_more_permissive_than('0644') }\n        end\n      end\n    else\n      describe 'No files have a more permissive mode.' do\n        subject { pub_files.nil? || pub_files.empty? }\n        it { should eq true }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230286.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"No files have a more permissive mode. is expected to eq true","run_time":0.000225,"start_time":"2024-01-09T19:40:43-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No files have a more permissive mode."}]},{"id":"SV-230287","title":"The RHEL 8 SSH private host key files must have mode 0640 or less permissive.","desc":"If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated.","descriptions":[{"label":"default","data":"If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated."},{"label":"check","data":"Verify the SSH private host key files have mode \"0640\" or less permissive with the following command:\n\n     $ sudo ls -l /etc/ssh/ssh_host*key\n\n     -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key\n     -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key\n     -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key\n\nIf any private host key file has a mode more permissive than \"0640\", this is a finding."},{"label":"fix","data":"Configure the mode of SSH private host key files under \"/etc/ssh\" to \"0640\" with the following command:\n\n     $ sudo chmod 0640 /etc/ssh/ssh_host*key\n\nThe SSH daemon must be restarted for the changes to take effect. To restart the SSH daemon, run the following command:\n\n     $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230287","rid":"SV-230287r880714_rule","stig_id":"RHEL-08-010490","fix_id":"F-32931r880713_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230287' do\n  title 'The RHEL 8 SSH private host key files must have mode 0640 or less permissive.'\n  desc 'If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated.'\n  desc 'check', 'Verify the SSH private host key files have mode \"0640\" or less permissive with the following command:\n\n     $ sudo ls -l /etc/ssh/ssh_host*key\n\n     -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key\n     -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key\n     -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key\n\nIf any private host key file has a mode more permissive than \"0640\", this is a finding.'\n  desc 'fix', 'Configure the mode of SSH private host key files under \"/etc/ssh\" to \"0640\" with the following command:\n\n     $ sudo chmod 0640 /etc/ssh/ssh_host*key\n\nThe SSH daemon must be restarted for the changes to take effect. To restart the SSH daemon, run the following command:\n\n     $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230287'\n  tag rid: 'SV-230287r880714_rule'\n  tag stig_id: 'RHEL-08-010490'\n  tag fix_id: 'F-32931r880713_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !directory('/etc/ssh').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    key_files = command(\"find /etc/ssh -xdev -name '*ssh_host*key'\").stdout.split(\"\\n\")\n    if !key_files.nil? && !key_files.empty?\n      key_files.each do |keyfile|\n        describe file(keyfile) do\n          it { should_not be_more_permissive_than('0640') }\n        end\n      end\n    else\n      describe 'No files have a more permissive mode.' do\n        subject { key_files.nil? || key_files.empty? }\n        it { should eq true }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230287.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /etc/ssh/ssh_host_rsa_key is expected not to be more permissive than \"0640\"","run_time":0.262204,"start_time":"2024-01-09T19:40:43-05:00","resource_class":"file","resource_params":"[\"/etc/ssh/ssh_host_rsa_key\"]","resource_id":"/etc/ssh/ssh_host_rsa_key"},{"status":"passed","code_desc":"File /etc/ssh/ssh_host_ecdsa_key is expected not to be more permissive than \"0640\"","run_time":0.319644,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"file","resource_params":"[\"/etc/ssh/ssh_host_ecdsa_key\"]","resource_id":"/etc/ssh/ssh_host_ecdsa_key"},{"status":"passed","code_desc":"File /etc/ssh/ssh_host_ed25519_key is expected not to be more permissive than \"0640\"","run_time":0.24319,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"file","resource_params":"[\"/etc/ssh/ssh_host_ed25519_key\"]","resource_id":"/etc/ssh/ssh_host_ed25519_key"}]},{"id":"SV-230288","title":"The RHEL 8 SSH daemon must perform strict mode checking of home\ndirectory configuration files.","desc":"If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user.","descriptions":[{"label":"default","data":"If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user."},{"label":"check","data":"Verify the SSH daemon performs strict mode checking of home directory configuration files with the following command:\n\n$ sudo grep -ir strictmodes /etc/ssh/sshd_config*\n\nStrictModes yes\n\nIf \"StrictModes\" is set to \"no\", is missing, or the returned line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure SSH to perform strict mode checking of home directory\nconfiguration files. Uncomment the \"StrictModes\" keyword in\n\"/etc/ssh/sshd_config\" and set the value to \"yes\":\n\n    StrictModes yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230288","rid":"SV-230288r858701_rule","stig_id":"RHEL-08-010500","fix_id":"F-32932r567611_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230288' do\n  title 'The RHEL 8 SSH daemon must perform strict mode checking of home\ndirectory configuration files.'\n  desc 'If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user.'\n  desc 'check', 'Verify the SSH daemon performs strict mode checking of home directory configuration files with the following command:\n\n$ sudo grep -ir strictmodes /etc/ssh/sshd_config*\n\nStrictModes yes\n\nIf \"StrictModes\" is set to \"no\", is missing, or the returned line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure SSH to perform strict mode checking of home directory\nconfiguration files. Uncomment the \"StrictModes\" keyword in\n\"/etc/ssh/sshd_config\" and set the value to \"yes\":\n\n    StrictModes yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230288'\n  tag rid: 'SV-230288r858701_rule'\n  tag stig_id: 'RHEL-08-010500'\n  tag fix_id: 'F-32932r567611_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('StrictModes') { should cmp 'yes' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230288.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration StrictModes is expected to cmp == \"yes\"","run_time":0.000665,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230290","title":"The RHEL 8 SSH daemon must not allow authentication using known host’s\nauthentication.","desc":"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.","descriptions":[{"label":"default","data":"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere."},{"label":"check","data":"Verify the SSH daemon does not allow authentication using known host’s authentication with the following command:\n\n$ sudo grep -ir IgnoreUserKnownHosts /etc/ssh/sshd_config*\n\nIgnoreUserKnownHosts yes\n\nIf the value is returned as \"no\", the returned line is commented out, or no output is returned, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the SSH daemon to not allow authentication using known host’s\nauthentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"yes\":\n\n    IgnoreUserKnownHosts yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230290","rid":"SV-230290r858705_rule","stig_id":"RHEL-08-010520","fix_id":"F-32934r567617_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230290' do\n  title 'The RHEL 8 SSH daemon must not allow authentication using known host’s\nauthentication.'\n  desc 'Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.'\n  desc 'check', 'Verify the SSH daemon does not allow authentication using known host’s authentication with the following command:\n\n$ sudo grep -ir IgnoreUserKnownHosts /etc/ssh/sshd_config*\n\nIgnoreUserKnownHosts yes\n\nIf the value is returned as \"no\", the returned line is commented out, or no output is returned, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to not allow authentication using known host’s\nauthentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"yes\":\n\n    IgnoreUserKnownHosts yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230290'\n  tag rid: 'SV-230290r858705_rule'\n  tag stig_id: 'RHEL-08-010520'\n  tag fix_id: 'F-32934r567617_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('IgnoreUserKnownHosts') { should cmp 'yes' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230290.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration IgnoreUserKnownHosts is expected to cmp == \"yes\"","run_time":0.000415,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230291","title":"The RHEL 8 SSH daemon must not allow Kerberos authentication, except\nto fulfill documented and validated mission requirements.","desc":"Configuring these settings for the SSH daemon provides additional\nassurance that remote logon via SSH will not use unused methods of\nauthentication, even in the event of misconfiguration elsewhere.","descriptions":[{"label":"default","data":"Configuring these settings for the SSH daemon provides additional\nassurance that remote logon via SSH will not use unused methods of\nauthentication, even in the event of misconfiguration elsewhere."},{"label":"check","data":"Verify the SSH daemon does not allow Kerberos authentication with the following command:\n\n$ sudo grep -ir KerberosAuthentication  /etc/ssh/sshd_config*\n\nKerberosAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the SSH daemon to not allow Kerberos authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    KerberosAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230291","rid":"SV-230291r858707_rule","stig_id":"RHEL-08-010521","fix_id":"F-32935r743956_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230291' do\n  title 'The RHEL 8 SSH daemon must not allow Kerberos authentication, except\nto fulfill documented and validated mission requirements.'\n  desc 'Configuring these settings for the SSH daemon provides additional\nassurance that remote logon via SSH will not use unused methods of\nauthentication, even in the event of misconfiguration elsewhere.'\n  desc 'check', 'Verify the SSH daemon does not allow Kerberos authentication with the following command:\n\n$ sudo grep -ir KerberosAuthentication  /etc/ssh/sshd_config*\n\nKerberosAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to not allow Kerberos authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    KerberosAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230291'\n  tag rid: 'SV-230291r858707_rule'\n  tag stig_id: 'RHEL-08-010521'\n  tag fix_id: 'F-32935r743956_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('KerberosAuthentication') { should cmp 'no' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230291.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration KerberosAuthentication is expected to cmp == \"no\"","run_time":0.000465,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230292","title":"RHEL 8 must use a separate file system for /var.","desc":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.","descriptions":[{"label":"default","data":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."},{"label":"check","data":"Verify that a separate file system has been created for \"/var\".\n\nCheck that a file system has been created for \"/var\" with the following command:\n\n     $ sudo grep /var /etc/fstab\n\n     /dev/mapper/...   /var   xfs   defaults,nodev 0 0\n\nIf a separate entry for \"/var\" is not in use, this is a finding."},{"label":"fix","data":"Migrate the \"/var\" path onto a separate file system."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230292","rid":"SV-230292r902718_rule","stig_id":"RHEL-08-010540","fix_id":"F-32936r567623_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230292' do\n  title 'RHEL 8 must use a separate file system for /var.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system has been created for \"/var\".\n\nCheck that a file system has been created for \"/var\" with the following command:\n\n     $ sudo grep /var /etc/fstab\n\n     /dev/mapper/...   /var   xfs   defaults,nodev 0 0\n\nIf a separate entry for \"/var\" is not in use, this is a finding.'\n  desc 'fix', 'Migrate the \"/var\" path onto a separate file system.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230292'\n  tag rid: 'SV-230292r902718_rule'\n  tag stig_id: 'RHEL-08-010540'\n  tag fix_id: 'F-32936r567623_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe mount('/var') do\n      it { should be_mounted }\n    end\n    describe etc_fstab.where { mount_point == '/var' } do\n      it { should exist }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230292.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Mount /var is expected to be mounted","run_time":0.124152,"start_time":"2024-01-09T19:40:44-05:00","message":"\nMount /var is not mounted\n","resource_class":"mount","resource_params":"[\"/var\"]","resource_id":"/var"},{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var\" is expected to exist","run_time":0.000644,"start_time":"2024-01-09T19:40:44-05:00","message":"expected File System Table File (fstab) with mount_point == \"/var\" to exist","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230293","title":"RHEL 8 must use a separate file system for /var/log.","desc":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.","descriptions":[{"label":"default","data":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."},{"label":"check","data":"Verify that a separate file system has been created for \"/var/log\".\n\nCheck that a file system has been created for \"/var/log\" with the following command:\n\n     $ sudo grep /var/log /etc/fstab\n\n     /dev/mapper/...   /var/log   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/log\" is not in use, this is a finding."},{"label":"fix","data":"Migrate the \"/var/log\" path onto a separate file system."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230293","rid":"SV-230293r902720_rule","stig_id":"RHEL-08-010541","fix_id":"F-32937r567626_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230293' do\n  title 'RHEL 8 must use a separate file system for /var/log.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system has been created for \"/var/log\".\n\nCheck that a file system has been created for \"/var/log\" with the following command:\n\n     $ sudo grep /var/log /etc/fstab\n\n     /dev/mapper/...   /var/log   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/log\" is not in use, this is a finding.'\n  desc 'fix', 'Migrate the \"/var/log\" path onto a separate file system.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230293'\n  tag rid: 'SV-230293r902720_rule'\n  tag stig_id: 'RHEL-08-010541'\n  tag fix_id: 'F-32937r567626_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      it { should exist }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230293.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log\" is expected to exist","run_time":0.000169,"start_time":"2024-01-09T19:40:44-05:00","message":"expected File System Table File (fstab) with mount_point == \"/var/log\" to exist","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230294","title":"RHEL 8 must use a separate file system for the system audit data path.","desc":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.","descriptions":[{"label":"default","data":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."},{"label":"check","data":"Verify that a separate file system/partition has been created for the\nsystem audit data path with the following command:\n\n    Note: /var/log/audit is used as the example as it is a common location.\n\n    $ sudo grep /var/log/audit /etc/fstab\n\n    UUID=3645951a /var/log/audit xfs defaults 1 2\n\n    If an entry for \"/var/log/audit\" does not exist, ask the System\nAdministrator if the system audit logs are being written to a different file\nsystem/partition on the system, then grep for that file system/partition.\n\n    If a separate file system/partition does not exist for the system audit\ndata path, this is a finding."},{"label":"fix","data":"Migrate the system audit data path onto a separate file system."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230294","rid":"SV-230294r627750_rule","stig_id":"RHEL-08-010542","fix_id":"F-32938r567629_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230294' do\n  title 'RHEL 8 must use a separate file system for the system audit data path.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system/partition has been created for the\nsystem audit data path with the following command:\n\n    Note: /var/log/audit is used as the example as it is a common location.\n\n    $ sudo grep /var/log/audit /etc/fstab\n\n    UUID=3645951a /var/log/audit xfs defaults 1 2\n\n    If an entry for \"/var/log/audit\" does not exist, ask the System\nAdministrator if the system audit logs are being written to a different file\nsystem/partition on the system, then grep for that file system/partition.\n\n    If a separate file system/partition does not exist for the system audit\ndata path, this is a finding.'\n  desc 'fix', 'Migrate the system audit data path onto a separate file system.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230294'\n  tag rid: 'SV-230294r627750_rule'\n  tag stig_id: 'RHEL-08-010542'\n  tag fix_id: 'F-32938r567629_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  audit_data_path = command(\"dirname #{auditd_conf.log_file}\").stdout.strip\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == audit_data_path } do\n      it { should exist }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230294.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log/audit\" is expected to exist","run_time":0.000201,"start_time":"2024-01-09T19:40:44-05:00","message":"expected File System Table File (fstab) with mount_point == \"/var/log/audit\" to exist","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230295","title":"A separate RHEL 8 filesystem must be used for the /tmp directory.","desc":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.","descriptions":[{"label":"default","data":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."},{"label":"check","data":"Verify that a separate file system/partition has been created for\nnon-privileged local interactive user home directories.\n\n    $ sudo grep /tmp /etc/fstab\n\n    /dev/mapper/rhel-tmp  /tmp  xfs   defaults,nodev,nosuid,noexec 0 0\n\n    If a separate entry for the file system/partition \"/tmp\" does not exist,\nthis is a finding."},{"label":"fix","data":"Migrate the \"/tmp\" directory onto a separate file\nsystem/partition."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230295","rid":"SV-230295r627750_rule","stig_id":"RHEL-08-010543","fix_id":"F-32939r567632_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230295' do\n  title 'A separate RHEL 8 filesystem must be used for the /tmp directory.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system/partition has been created for\nnon-privileged local interactive user home directories.\n\n    $ sudo grep /tmp /etc/fstab\n\n    /dev/mapper/rhel-tmp  /tmp  xfs   defaults,nodev,nosuid,noexec 0 0\n\n    If a separate entry for the file system/partition \"/tmp\" does not exist,\nthis is a finding.'\n  desc 'fix', 'Migrate the \"/tmp\" directory onto a separate file\nsystem/partition.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230295'\n  tag rid: 'SV-230295r627750_rule'\n  tag stig_id: 'RHEL-08-010543'\n  tag fix_id: 'F-32939r567632_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      it { should exist }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230295.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/tmp\" is expected to exist","run_time":0.000335,"start_time":"2024-01-09T19:40:44-05:00","message":"expected File System Table File (fstab) with mount_point == \"/tmp\" to exist","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230296","title":"RHEL 8 must not permit direct logons to the root account using remote\naccess via SSH.","desc":"Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system.","descriptions":[{"label":"default","data":"Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system."},{"label":"check","data":"Verify remote access using SSH prevents users from logging on directly as \"root\".\n\nCheck that SSH prevents users from logging on directly as \"root\" with the following command:\n\n$ sudo grep -ir PermitRootLogin /etc/ssh/sshd_config*\n\nPermitRootLogin no\n\nIf the \"PermitRootLogin\" keyword is set to \"yes\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to stop users from logging on remotely as the \"root\"\nuser via SSH.\n\n    Edit the appropriate \"/etc/ssh/sshd_config\" file to uncomment or add the\nline for the \"PermitRootLogin\" keyword and set its value to \"no\":\n\n    PermitRootLogin no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000109-GPOS-00056","gid":"V-230296","rid":"SV-230296r858711_rule","stig_id":"RHEL-08-010550","fix_id":"F-32940r567635_fix","cci":["CCI-000770"],"nist":["IA-2 (5)"]},"code":"control 'SV-230296' do\n  title 'RHEL 8 must not permit direct logons to the root account using remote\naccess via SSH.'\n  desc 'Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system.'\n  desc 'check', 'Verify remote access using SSH prevents users from logging on directly as \"root\".\n\nCheck that SSH prevents users from logging on directly as \"root\" with the following command:\n\n$ sudo grep -ir PermitRootLogin /etc/ssh/sshd_config*\n\nPermitRootLogin no\n\nIf the \"PermitRootLogin\" keyword is set to \"yes\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to stop users from logging on remotely as the \"root\"\nuser via SSH.\n\n    Edit the appropriate \"/etc/ssh/sshd_config\" file to uncomment or add the\nline for the \"PermitRootLogin\" keyword and set its value to \"no\":\n\n    PermitRootLogin no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000109-GPOS-00056'\n  tag gid: 'V-230296'\n  tag rid: 'SV-230296r858711_rule'\n  tag stig_id: 'RHEL-08-010550'\n  tag fix_id: 'F-32940r567635_fix'\n  tag cci: ['CCI-000770']\n  tag nist: ['IA-2 (5)']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config('/etc/ssh/sshd_config') do\n      its('PermitRootLogin') { should cmp input('permit_root_login') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230296.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration PermitRootLogin is expected to cmp == \"no\"","run_time":0.00179,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"sshd_config","resource_params":"[\"/etc/ssh/sshd_config\"]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230298","title":"The rsyslog service must be running in RHEL 8.","desc":"Configuring RHEL 8 to implement organization-wide security\nimplementation guides and security checklists ensures compliance with federal\nstandards and establishes a common security baseline across the DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example: registry\nsettings; account, file, directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.","descriptions":[{"label":"default","data":"Configuring RHEL 8 to implement organization-wide security\nimplementation guides and security checklists ensures compliance with federal\nstandards and establishes a common security baseline across the DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example: registry\nsettings; account, file, directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections."},{"label":"check","data":"Verify the rsyslog service is enabled and active with the following\ncommands:\n\n    $ sudo systemctl is-enabled rsyslog\n\n    enabled\n\n    $ sudo systemctl is-active rsyslog\n\n    active\n\n    If the service is not \"enabled\" and \"active\" this is a finding."},{"label":"fix","data":"Start the auditd service, and enable the rsyslog service with the following\ncommands:\n\n    $ sudo systemctl start rsyslog.service\n\n    $ sudo systemctl enable rsyslog.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230298","rid":"SV-230298r627750_rule","stig_id":"RHEL-08-010561","fix_id":"F-32942r567641_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230298' do\n  title 'The rsyslog service must be running in RHEL 8.'\n  desc 'Configuring RHEL 8 to implement organization-wide security\nimplementation guides and security checklists ensures compliance with federal\nstandards and establishes a common security baseline across the DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example: registry\nsettings; account, file, directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.'\n  desc 'check', 'Verify the rsyslog service is enabled and active with the following\ncommands:\n\n    $ sudo systemctl is-enabled rsyslog\n\n    enabled\n\n    $ sudo systemctl is-active rsyslog\n\n    active\n\n    If the service is not \"enabled\" and \"active\" this is a finding.'\n  desc 'fix', 'Start the auditd service, and enable the rsyslog service with the following\ncommands:\n\n    $ sudo systemctl start rsyslog.service\n\n    $ sudo systemctl enable rsyslog.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230298'\n  tag rid: 'SV-230298r627750_rule'\n  tag stig_id: 'RHEL-08-010561'\n  tag fix_id: 'F-32942r567641_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe service('rsyslog') do\n      it { should be_enabled }\n      it { should be_running }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230298.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Service rsyslog is expected to be enabled","run_time":0.467183,"start_time":"2024-01-09T19:40:44-05:00","resource_class":"service","resource_params":"[\"rsyslog\"]","resource_id":"rsyslog"},{"status":"passed","code_desc":"Service rsyslog is expected to be running","run_time":0.000127,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"service","resource_params":"[\"rsyslog\"]","resource_id":"rsyslog"}]},{"id":"SV-230299","title":"RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that contain user home directories.","desc":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify file systems that contain user home directories are mounted with the\n\"nosuid\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"nosuid\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home xfs\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"nosuid\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that contain user home directories for interactive users."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230299","rid":"SV-230299r627750_rule","stig_id":"RHEL-08-010570","fix_id":"F-32943r567644_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230299' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that contain user home directories.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', %q(Verify file systems that contain user home directories are mounted with the\n\"nosuid\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"nosuid\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home xfs\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"nosuid\" option set, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that contain user home directories for interactive users.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230299'\n  tag rid: 'SV-230299r627750_rule'\n  tag stig_id: 'RHEL-08-010570'\n  tag fix_id: 'F-32943r567644_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    home_dirs = []\n    iuser_entries = passwd.where { uid.to_i >= 1000 && shell !~ /nologin/ }\n    iuser_entries.entries.each do |ie|\n      username_size = ie.user.length\n      home_dirs.append(ie.home[0..ie.home.length - (username_size + 2)])\n    end\n    home_dirs.uniq.each do |home_dir|\n      describe 'User home directories should not be mounted under root' do\n        subject { home_dir }\n        it { should_not eq '/' }\n      end\n      describe etc_fstab.where { mount_point == home_dir } do\n        it { should be_configured }\n        its('mount_options.first') { should include 'nosuid' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230299.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"User home directories should not be mounted under root is expected not to eq \"/\"","run_time":9.0e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"User home directories should not be mounted under root"},{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/home\" is expected to be configured","run_time":0.003081,"start_time":"2024-01-09T19:40:45-05:00","message":"expected `File System Table File (fstab) with mount_point == \"/home\".configured?` to be truthy, got false","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/home\" mount_options.first is expected to include \"nosuid\"","run_time":0.00014,"start_time":"2024-01-09T19:40:45-05:00","message":"expected nil to include \"nosuid\", but it does not respond to `include?`","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230300","title":"RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot directory.","desc":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."},{"label":"check","data":"For systems that use UEFI, this is Not Applicable.\n\n    Verify the /boot directory is mounted with the \"nosuid\" option with the\nfollowing command:\n\n    $ sudo mount | grep '\\s/boot\\s'\n\n    /dev/sda1 on /boot type xfs\n(rw,nosuid,relatime,seclabe,attr2,inode64,noquota)\n\n    If the /boot file system does not have the \"nosuid\" option set, this is a\nfinding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot directory."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230300","rid":"SV-230300r743959_rule","stig_id":"RHEL-08-010571","fix_id":"F-32944r567647_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230300' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot directory.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', %q(For systems that use UEFI, this is Not Applicable.\n\n    Verify the /boot directory is mounted with the \"nosuid\" option with the\nfollowing command:\n\n    $ sudo mount | grep '\\s/boot\\s'\n\n    /dev/sda1 on /boot type xfs\n(rw,nosuid,relatime,seclabe,attr2,inode64,noquota)\n\n    If the /boot file system does not have the \"nosuid\" option set, this is a\nfinding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230300'\n  tag rid: 'SV-230300r743959_rule'\n  tag stig_id: 'RHEL-08-010571'\n  tag fix_id: 'F-32944r567647_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe 'System running UEFI' do\n      skip 'The System is running UEFI, this control is Not Applicable.'\n    end\n  else\n    describe mount('/boot') do\n      it { should be_mounted }\n      its('options') { should include 'nosuid' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230300.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Mount /boot is expected to be mounted","run_time":0.200747,"start_time":"2024-01-09T19:40:45-05:00","message":"\nMount /boot is not mounted\n","resource_class":"mount","resource_params":"[\"/boot\"]","resource_id":"/boot"},{"status":"failed","code_desc":"Mount /boot options is expected to include \"nosuid\"","run_time":0.000222,"start_time":"2024-01-09T19:40:45-05:00","message":"expected nil to include \"nosuid\", but it does not respond to `include?`","resource_class":"mount","resource_params":"[\"/boot\"]","resource_id":"/boot"}]},{"id":"SV-230301","title":"RHEL 8 must prevent special devices on non-root local partitions.","desc":"The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.  The only legitimate\nlocation for device files is the /dev directory located on the root partition.","descriptions":[{"label":"default","data":"The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.  The only legitimate\nlocation for device files is the /dev directory located on the root partition."},{"label":"check","data":"Verify all non-root local partitions are mounted with the \"nodev\" option\nwith the following command:\n\n    $ sudo mount | grep '^/dev\\S* on /\\S' | grep --invert-match 'nodev'\n\n    If any output is produced, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nodev\" option on all\nnon-root local partitions."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230301","rid":"SV-230301r627750_rule","stig_id":"RHEL-08-010580","fix_id":"F-32945r567650_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230301' do\n  title 'RHEL 8 must prevent special devices on non-root local partitions.'\n  desc 'The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.  The only legitimate\nlocation for device files is the /dev directory located on the root partition.'\n  desc 'check', %q(Verify all non-root local partitions are mounted with the \"nodev\" option\nwith the following command:\n\n    $ sudo mount | grep '^/dev\\S* on /\\S' | grep --invert-match 'nodev'\n\n    If any output is produced, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nodev\" option on all\nnon-root local partitions.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230301'\n  tag rid: 'SV-230301r627750_rule'\n  tag stig_id: 'RHEL-08-010580'\n  tag fix_id: 'F-32945r567650_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  mount_points = command(\"mount \\| grep '^/dev\\\\S* on /\\\\S' \\| grep --invert-match 'nodev'\").stdout\n\n  describe \"List of devices mounted without 'nodev' option outside root /dev directory\" do\n    subject { mount_points }\n    it { should be_empty }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230301.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"List of devices mounted without 'nodev' option outside root /dev directory is expected to be empty","run_time":0.003871,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"List of devices mounted without 'nodev' option outside root /dev directory"}]},{"id":"SV-230302","title":"RHEL 8 must prevent code from being executed on file systems that\ncontain user home directories.","desc":"The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access."},{"label":"check","data":"Verify file systems that contain user home directories are mounted with the\n\"noexec\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"noexec\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home ext4\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 2\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"noexec\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that contain user home directories for interactive users."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230302","rid":"SV-230302r627750_rule","stig_id":"RHEL-08-010590","fix_id":"F-32946r567653_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230302' do\n  title 'RHEL 8 must prevent code from being executed on file systems that\ncontain user home directories.'\n  desc 'The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.'\n  desc 'check', %q(Verify file systems that contain user home directories are mounted with the\n\"noexec\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"noexec\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home ext4\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 2\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"noexec\" option set, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that contain user home directories for interactive users.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230302'\n  tag rid: 'SV-230302r627750_rule'\n  tag stig_id: 'RHEL-08-010590'\n  tag fix_id: 'F-32946r567653_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    home_dirs = []\n    iuser_entries = passwd.where { uid.to_i >= 1000 && shell !~ /nologin/ }\n    iuser_entries.entries.each do |ie|\n      username_size = ie.user.length\n      home_dirs.append(ie.home[0..ie.home.length - (username_size + 2)])\n    end\n    home_dirs.uniq.each do |home_dir|\n      describe 'User home directories should not be mounted under root' do\n        subject { home_dir }\n        it { should_not eq '/' }\n      end\n      describe etc_fstab.where { mount_point == home_dir } do\n        it { should be_configured }\n        its('mount_options.first') { should include 'noexec' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230302.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"User home directories should not be mounted under root is expected not to eq \"/\"","run_time":7.0e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"User home directories should not be mounted under root"},{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/home\" is expected to be configured","run_time":0.003199,"start_time":"2024-01-09T19:40:45-05:00","message":"expected `File System Table File (fstab) with mount_point == \"/home\".configured?` to be truthy, got false","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/home\" mount_options.first is expected to include \"noexec\"","run_time":9.8e-05,"start_time":"2024-01-09T19:40:45-05:00","message":"expected nil to include \"noexec\", but it does not respond to `include?`","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230303","title":"RHEL 8 must prevent special devices on file systems that are used with\nremovable media.","desc":"The \"nodev\" mount option causes the system not to interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nodev\" mount option causes the system not to interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access."},{"label":"check","data":"Verify file systems that are used for removable media are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nodev\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are associated with removable media."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230303","rid":"SV-230303r627750_rule","stig_id":"RHEL-08-010600","fix_id":"F-32947r567656_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230303' do\n  title 'RHEL 8 must prevent special devices on file systems that are used with\nremovable media.'\n  desc 'The \"nodev\" mount option causes the system not to interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are used for removable media are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nodev\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are associated with removable media.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230303'\n  tag rid: 'SV-230303r627750_rule'\n  tag stig_id: 'RHEL-08-010600'\n  tag fix_id: 'F-32947r567656_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  file_systems = etc_fstab.params\n\n  if !file_systems.nil? && !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !input('non_removable_media_fs').include?(file_sys_line['mount_point'])\n        describe \"The mount point #{file_sys_line['mount_point']}\" do\n          subject { file_sys_line['mount_options'] }\n          it { should include 'nodev' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['mount_point']}\\\" does not correspond to removable media.\" do\n          subject { input('non_removable_media_fs').include?(file_sys_line['mount_point']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe 'No file systems were found.' do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230303.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File system \"/\" does not correspond to removable media. is expected to eq true","run_time":8.6e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"File system \"/\" does not correspond to removable media."}]},{"id":"SV-230304","title":"RHEL 8 must prevent code from being executed on file systems that are\nused with removable media.","desc":"The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access."},{"label":"check","data":"Verify file systems that are used for removable media are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"noexec\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are associated with removable media."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230304","rid":"SV-230304r627750_rule","stig_id":"RHEL-08-010610","fix_id":"F-32948r567659_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230304' do\n  title 'RHEL 8 must prevent code from being executed on file systems that are\nused with removable media.'\n  desc 'The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are used for removable media are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"noexec\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are associated with removable media.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230304'\n  tag rid: 'SV-230304r627750_rule'\n  tag stig_id: 'RHEL-08-010610'\n  tag fix_id: 'F-32948r567659_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  file_systems = etc_fstab.params\n\n  if !file_systems.nil? && !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !input('non_removable_media_fs').include?(file_sys_line['mount_point'])\n        describe \"The mount point #{file_sys_line['mount_point']}\" do\n          subject { file_sys_line['mount_options'] }\n          it { should include 'noexec' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['mount_point']}\\\" does not correspond to removable media.\" do\n          subject { input('non_removable_media_fs').include?(file_sys_line['mount_point']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe 'No file systems were found.' do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230304.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File system \"/\" does not correspond to removable media. is expected to eq true","run_time":6.2e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"File system \"/\" does not correspond to removable media."}]},{"id":"SV-230305","title":"RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are used with removable media.","desc":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify file systems that are used for removable media are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nosuid\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are associated with removable media."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230305","rid":"SV-230305r627750_rule","stig_id":"RHEL-08-010620","fix_id":"F-32949r567662_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230305' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are used with removable media.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are used for removable media are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nosuid\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are associated with removable media.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230305'\n  tag rid: 'SV-230305r627750_rule'\n  tag stig_id: 'RHEL-08-010620'\n  tag fix_id: 'F-32949r567662_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  file_systems = etc_fstab.params\n\n  if !file_systems.nil? && !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !input('non_removable_media_fs').include?(file_sys_line['mount_point'])\n        describe \"The mount point #{file_sys_line['mount_point']}\" do\n          subject { file_sys_line['mount_options'] }\n          it { should include 'nosuid' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['mount_point']}\\\" does not correspond to removable media.\" do\n          subject { input('non_removable_media_fs').include?(file_sys_line['mount_point']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe 'No file systems were found.' do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230305.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File system \"/\" does not correspond to removable media. is expected to eq true","run_time":5.4e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"File system \"/\" does not correspond to removable media."}]},{"id":"SV-230306","title":"RHEL 8 must prevent code from being executed on file systems that are\nimported via Network File System (NFS).","desc":"The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary as they may be incompatible. Executing files from untrusted\nfile systems increases the opportunity for unprivileged users to attain\nunauthorized administrative access.","descriptions":[{"label":"default","data":"The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary as they may be incompatible. Executing files from untrusted\nfile systems increases the opportunity for unprivileged users to attain\nunauthorized administrative access."},{"label":"check","data":"Verify that  file systems being imported via NFS are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep noexec\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"noexec\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are being imported via NFS."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230306","rid":"SV-230306r627750_rule","stig_id":"RHEL-08-010630","fix_id":"F-32950r567665_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230306' do\n  title 'RHEL 8 must prevent code from being executed on file systems that are\nimported via Network File System (NFS).'\n  desc 'The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary as they may be incompatible. Executing files from untrusted\nfile systems increases the opportunity for unprivileged users to attain\nunauthorized administrative access.'\n  desc 'check', 'Verify that  file systems being imported via NFS are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep noexec\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"noexec\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are being imported via NFS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230306'\n  tag rid: 'SV-230306r627750_rule'\n  tag stig_id: 'RHEL-08-010630'\n  tag fix_id: 'F-32950r567665_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n\n  if !nfs_systems.nil? && !nfs_systems.empty?\n    nfs_systems.each do |nfs_system|\n      describe \"Network File System mounted on #{nfs_system['mount_point']}\" do\n        subject { nfs_system }\n        its('mount_options') { should include 'noexec' }\n      end\n    end\n  else\n    describe 'No NFS file systems were found' do\n      subject { nfs_systems.nil? || nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230306.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"No NFS file systems were found is expected to eq true","run_time":4.5e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No NFS file systems were found"}]},{"id":"SV-230307","title":"RHEL 8 must prevent special devices on file systems that are imported\nvia Network File System (NFS).","desc":"The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access."},{"label":"check","data":"Verify file systems that are being NFS-imported are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nodev\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nodev\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are being imported via NFS."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230307","rid":"SV-230307r627750_rule","stig_id":"RHEL-08-010640","fix_id":"F-32951r567668_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230307' do\n  title 'RHEL 8 must prevent special devices on file systems that are imported\nvia Network File System (NFS).'\n  desc 'The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are being NFS-imported are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nodev\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nodev\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are being imported via NFS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230307'\n  tag rid: 'SV-230307r627750_rule'\n  tag stig_id: 'RHEL-08-010640'\n  tag fix_id: 'F-32951r567668_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n\n  if !nfs_systems.nil? && !nfs_systems.empty?\n    nfs_systems.each do |nfs_system|\n      describe \"Network File System mounted on #{nfs_system['mount_point']}\" do\n        subject { nfs_system }\n        its('mount_options') { should include 'nodev' }\n      end\n    end\n  else\n    describe 'No NFS file systems were found' do\n      subject { nfs_systems.nil? || nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230307.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"No NFS file systems were found is expected to eq true","run_time":4.3e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No NFS file systems were found"}]},{"id":"SV-230308","title":"RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are imported via Network File System (NFS).","desc":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify that file systems being imported via NFS are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nosuid\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nosuid\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are being imported via NFS."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230308","rid":"SV-230308r627750_rule","stig_id":"RHEL-08-010650","fix_id":"F-32952r567671_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230308' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are imported via Network File System (NFS).'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify that file systems being imported via NFS are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nosuid\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nosuid\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are being imported via NFS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230308'\n  tag rid: 'SV-230308r627750_rule'\n  tag stig_id: 'RHEL-08-010650'\n  tag fix_id: 'F-32952r567671_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n\n  if !nfs_systems.nil? && !nfs_systems.empty?\n    nfs_systems.each do |nfs_system|\n      describe \"Network File System mounted on #{nfs_system['mount_point']}\" do\n        subject { nfs_system }\n        its('mount_options') { should include 'nosuid' }\n      end\n    end\n  else\n    describe 'No NFS file systems were found' do\n      subject { nfs_systems.nil? || nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230308.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"No NFS file systems were found is expected to eq true","run_time":4.3e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No NFS file systems were found"}]},{"id":"SV-230309","title":"Local RHEL 8 initialization files must not execute world-writable\nprograms.","desc":"If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level.","descriptions":[{"label":"default","data":"If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level."},{"label":"check","data":"Verify that local initialization files do not execute world-writable\nprograms.\n\n    Check the system for world-writable files.\n\n    The following command will discover and print world-writable files. Run it\nonce for each local partition [PART]:\n\n    $ sudo find [PART] -xdev -type f -perm -0002 -print\n\n    For all files listed, check for their presence in the local initialization\nfiles with the following commands:\n\n    Note: The example will be for a system that is configured to create user\nhome directories in the \"/home\" directory.\n\n    $ sudo grep <file> /home/*/.*\n\n    If any local initialization files are found to reference world-writable\nfiles, this is a finding."},{"label":"fix","data":"Set the mode on files being executed by the local initialization files with\nthe following command:\n\n    $ sudo chmod 0755 <file>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230309","rid":"SV-230309r627750_rule","stig_id":"RHEL-08-010660","fix_id":"F-32953r567674_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230309' do\n  title 'Local RHEL 8 initialization files must not execute world-writable\nprograms.'\n  desc 'If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level.'\n  desc 'check', 'Verify that local initialization files do not execute world-writable\nprograms.\n\n    Check the system for world-writable files.\n\n    The following command will discover and print world-writable files. Run it\nonce for each local partition [PART]:\n\n    $ sudo find [PART] -xdev -type f -perm -0002 -print\n\n    For all files listed, check for their presence in the local initialization\nfiles with the following commands:\n\n    Note: The example will be for a system that is configured to create user\nhome directories in the \"/home\" directory.\n\n    $ sudo grep <file> /home/*/.*\n\n    If any local initialization files are found to reference world-writable\nfiles, this is a finding.'\n  desc 'fix', 'Set the mode on files being executed by the local initialization files with\nthe following command:\n\n    $ sudo chmod 0755 <file>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230309'\n  tag rid: 'SV-230309r627750_rule'\n  tag stig_id: 'RHEL-08-010660'\n  tag fix_id: 'F-32953r567674_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('disable_slow_controls')\n    describe 'This control consistently takes a long to run and has been disabled using the disable_slow_controls attribute.' do\n      skip 'This control consistently takes a long to run and has been disabled using the disable_slow_controls attribute. You must enable this control for a full accredidation for production.'\n    end\n  else\n    ignore_shells = input('non_interactive_shells').join('|')\n\n    # Get home directory for users with UID >= 1000 or UID == 0 and support interactive logins.\n    dotfiles = Set[]\n    u = users.where { !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries\n    # For each user, build and execute a find command that identifies initialization files\n    # in a user's home directory.\n    u.each do |user|\n      dotfiles += command(\"find #{user.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n    end\n    ww_files = command('find / -xdev -perm -002 -type f -exec ls {} \\;').stdout.lines\n\n    # To reduce the number of commands ran, we use a pattern file in the grep command below\n    # So we don't have too long of a grep command, we chunk the list of ww_files\n    # into strings not longer than PATTERN_FILE_MAX_LENGTH\n    # Based on MAX_ARG_STRLEN, /usr/include/linux/binfmts.h\n    # We cut off 100 to leave room for the rest of the arguments\n    PATTERN_FILE_MAX_LENGTH = command('getconf PAGE_SIZE').stdout.to_i * 32 - 100\n    ww_chunked = ['']\n    ww_files.each do |item|\n      item = item.strip\n      raise 'Single pattern is longer than PATTERN_FILE_MAX_LENGTH' if item.length + \"\\n\".length > PATTERN_FILE_MAX_LENGTH\n\n      ww_chunked.append('') if ww_chunked[-1].length + \"\\n\".length + item.length > PATTERN_FILE_MAX_LENGTH\n      ww_chunked[-1] += \"\\n#{item}\" # This will leave an extra newline at the beginning of chunks\n    end\n    ww_chunked = ww_chunked.map(&:strip) # This gets rid of the beginning newlines\n    if ww_chunked[0] == ''\n      ww_chunked = [] # If we didn't have any ww_files, this will prevent an empty grep pattern\n    end\n\n    # Check each dotfile for existence of each world-writeable file\n    findings = Set[]\n    dotfiles.each do |dotfile|\n      dotfile = dotfile.strip\n      ww_chunked.each do |ww_pattern_file|\n        count = command(\"grep -c -f <(echo \\\"#{ww_pattern_file}\\\") \\\"#{dotfile}\\\"\").stdout.strip.to_i\n        findings << dotfile if count.positive?\n      end\n    end\n    describe 'Local initialization files that are found to reference world-writable files' do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230309.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Local initialization files that are found to reference world-writable files is expected to be empty","run_time":0.003084,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Local initialization files that are found to reference world-writable files"}]},{"id":"SV-230310","title":"RHEL 8 must disable kernel dumps unless needed.","desc":"Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\n\n    RHEL 8 installation media presents the option to enable or disable the\nkdump service at the time of system installation.","descriptions":[{"label":"default","data":"Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\n\n    RHEL 8 installation media presents the option to enable or disable the\nkdump service at the time of system installation."},{"label":"check","data":"Verify that kernel core dumps are disabled unless needed with the following\ncommand:\n\n    $ sudo systemctl status kdump.service\n\n    kdump.service - Crash recovery kernel arming\n    Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled; vendor\npreset: enabled)\n    Active: active (exited) since Mon 2020-05-04 16:08:09 EDT; 3min ago\n    Main PID: 1130 (code=exited, status=0/SUCCESS)\n\n    If the \"kdump\" service is active, ask the System Administrator if the use\nof the service is required and documented with the Information System Security\nOfficer (ISSO).\n\n    If the service is active and is not documented, this is a finding."},{"label":"fix","data":"If kernel core dumps are not required, disable the \"kdump\" service with\nthe following command:\n\n    # systemctl disable kdump.service\n\n    If kernel core dumps are required, document the need with the ISSO."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230310","rid":"SV-230310r627750_rule","stig_id":"RHEL-08-010670","fix_id":"F-32954r567677_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230310' do\n  title 'RHEL 8 must disable kernel dumps unless needed.'\n  desc 'Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\n\n    RHEL 8 installation media presents the option to enable or disable the\nkdump service at the time of system installation.'\n  desc 'check', 'Verify that kernel core dumps are disabled unless needed with the following\ncommand:\n\n    $ sudo systemctl status kdump.service\n\n    kdump.service - Crash recovery kernel arming\n    Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled; vendor\npreset: enabled)\n    Active: active (exited) since Mon 2020-05-04 16:08:09 EDT; 3min ago\n    Main PID: 1130 (code=exited, status=0/SUCCESS)\n\n    If the \"kdump\" service is active, ask the System Administrator if the use\nof the service is required and documented with the Information System Security\nOfficer (ISSO).\n\n    If the service is active and is not documented, this is a finding.'\n  desc 'fix', 'If kernel core dumps are not required, disable the \"kdump\" service with\nthe following command:\n\n    # systemctl disable kdump.service\n\n    If kernel core dumps are required, document the need with the ISSO.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230310'\n  tag rid: 'SV-230310r627750_rule'\n  tag stig_id: 'RHEL-08-010670'\n  tag fix_id: 'F-32954r567677_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe systemd_service('kdump.service') do\n      it { should_not be_running }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230310.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Service kdump.service is expected not to be running","run_time":0.449392,"start_time":"2024-01-09T19:40:45-05:00","message":"expected Service kdump.service not to be running","resource_class":"systemd_service","resource_params":"[\"kdump.service\"]","resource_id":"kdump.service"}]},{"id":"SV-230311","title":"RHEL 8 must disable the kernel.core_pattern.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 disables storing core dumps with the following commands:\n\n$ sudo sysctl kernel.core_pattern\n\nkernel.core_pattern = |/bin/false\n\nIf the returned line does not have a value of \"|/bin/false\", or a line is not returned and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.core_pattern /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.core_pattern = |/bin/false\n\nIf \"kernel.core_pattern\" is not set to \"|/bin/false\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to disable storing core dumps.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.core_pattern = |/bin/false\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230311","rid":"SV-230311r858769_rule","stig_id":"RHEL-08-010671","fix_id":"F-32955r858768_fix","cci":["CCI-000366"],"legacy":[],"nist":["CM-6 b"]},"code":"control 'SV-230311' do\n  title 'RHEL 8 must disable the kernel.core_pattern.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 disables storing core dumps with the following commands:\n\n$ sudo sysctl kernel.core_pattern\n\nkernel.core_pattern = |/bin/false\n\nIf the returned line does not have a value of \"|/bin/false\", or a line is not returned and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.core_pattern /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.core_pattern = |/bin/false\n\nIf \"kernel.core_pattern\" is not set to \"|/bin/false\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to disable storing core dumps.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.core_pattern = |/bin/false\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230311'\n  tag rid: 'SV-230311r858769_rule'\n  tag stig_id: 'RHEL-08-010671'\n  tag fix_id: 'F-32955r858768_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.core_pattern') do\n      its('value') { should eq '|/bin/false' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230311.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.core_pattern value is expected to eq \"|/bin/false\"","run_time":0.117071,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.core_pattern\"]","resource_id":"kernel.core_pattern"}]},{"id":"SV-230312","title":"RHEL 8 must disable acquiring, saving, and processing core dumps.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.\n\n    When the kernel invokes systemd-coredumpt to handle a core dump, it runs in\nprivileged mode, and will connect to the socket created by the\nsystemd-coredump.socket unit. This, in turn,  will spawn an unprivileged\nsystemd-coredump@.service instance to process the core dump.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.\n\n    When the kernel invokes systemd-coredumpt to handle a core dump, it runs in\nprivileged mode, and will connect to the socket created by the\nsystemd-coredump.socket unit. This, in turn,  will spawn an unprivileged\nsystemd-coredump@.service instance to process the core dump."},{"label":"check","data":"Verify RHEL 8 is not configured to acquire, save, or process core dumps with the following command:\n\n$ sudo systemctl status systemd-coredump.socket\n\nsystemd-coredump.socket\nLoaded: masked (Reason: Unit systemd-coredump.socket is masked.)\nActive: inactive (dead)\n\nIf the \"systemd-coredump.socket\" is loaded and not masked and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the system to disable the systemd-coredump.socket with the following commands:\n\n$ sudo systemctl disable --now systemd-coredump.socket\n\n$ sudo systemctl mask systemd-coredump.socket\n\nCreated symlink /etc/systemd/system/systemd-coredump.socket -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230312","rid":"SV-230312r833308_rule","stig_id":"RHEL-08-010672","fix_id":"F-32956r833307_fix","cci":["CCI-000366"],"legacy":[],"nist":["CM-6 b"]},"code":"control 'SV-230312' do\n  title 'RHEL 8 must disable acquiring, saving, and processing core dumps.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.\n\n    When the kernel invokes systemd-coredumpt to handle a core dump, it runs in\nprivileged mode, and will connect to the socket created by the\nsystemd-coredump.socket unit. This, in turn,  will spawn an unprivileged\nsystemd-coredump@.service instance to process the core dump.'\n  desc 'check', 'Verify RHEL 8 is not configured to acquire, save, or process core dumps with the following command:\n\n$ sudo systemctl status systemd-coredump.socket\n\nsystemd-coredump.socket\nLoaded: masked (Reason: Unit systemd-coredump.socket is masked.)\nActive: inactive (dead)\n\nIf the \"systemd-coredump.socket\" is loaded and not masked and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the system to disable the systemd-coredump.socket with the following commands:\n\n$ sudo systemctl disable --now systemd-coredump.socket\n\n$ sudo systemctl mask systemd-coredump.socket\n\nCreated symlink /etc/systemd/system/systemd-coredump.socket -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230312'\n  tag rid: 'SV-230312r833308_rule'\n  tag stig_id: 'RHEL-08-010672'\n  tag fix_id: 'F-32956r833307_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  s = systemd_service('systemd-coredump.socket')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe s do\n        its('params.LoadState') { should eq 'masked' }\n      end\n      describe s do\n        its('params.LoadState') { should eq 'not-found' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230312.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Service systemd-coredump.socket params.LoadState is expected to eq \"masked\"","run_time":0.000823,"start_time":"2024-01-09T19:40:45-05:00","message":"\nexpected: \"masked\"\n     got: \"loaded\"\n\n(compared using ==)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"systemd_service","resource_params":"[\"systemd-coredump.socket\"]","resource_id":"systemd-coredump.socket"},{"status":"failed","code_desc":"Service systemd-coredump.socket params.LoadState is expected to eq \"not-found\"","run_time":0.000539,"start_time":"2024-01-09T19:40:45-05:00","message":"\nexpected: \"not-found\"\n     got: \"loaded\"\n\n(compared using ==)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"systemd_service","resource_params":"[\"systemd-coredump.socket\"]","resource_id":"systemd-coredump.socket"}]},{"id":"SV-230313","title":"RHEL 8 must disable core dumps for all users.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems."},{"label":"check","data":"Verify the operating system disables core dumps for all users by issuing\nthe following command:\n\n    $ sudo grep -r -s '^[^#].*core' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard core 0\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"core\" item is missing, commented out, or the value is anything\nother than \"0\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding."},{"label":"fix","data":"Configure the operating system to disable core dumps for all users.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard core 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230313","rid":"SV-230313r627750_rule","stig_id":"RHEL-08-010673","fix_id":"F-32957r619861_fix","cci":["CCI-000366"],"legacy":[],"nist":["CM-6 b"]},"code":"control 'SV-230313' do\n  title 'RHEL 8 must disable core dumps for all users.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.'\n  desc 'check', %q(Verify the operating system disables core dumps for all users by issuing\nthe following command:\n\n    $ sudo grep -r -s '^[^#].*core' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard core 0\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"core\" item is missing, commented out, or the value is anything\nother than \"0\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding.)\n  desc 'fix', 'Configure the operating system to disable core dumps for all users.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard core 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230313'\n  tag rid: 'SV-230313r627750_rule'\n  tag stig_id: 'RHEL-08-010673'\n  tag fix_id: 'F-32957r619861_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  limits_files = command('find /etc/security/limits.d/ -name *.conf').stdout.strip.split\n  limits_files.append('/etc/security/limits.conf')\n  describe.one do\n    limits_files.each do |lf|\n      describe limits_conf(lf) do\n        its('*') { should include %w[hard core 0] }\n      end\n    end\n  end\n  limits_files.each do |lf|\n    lines = limits_conf(lf).read_params.values.flatten(1)\n    lines.each do |line|\n      l = { type: line[0], item: line[1], value: line[2] }\n      next unless l[:item].eql?('core')\n\n      describe \"#{lf} entries\" do\n        subject { l }\n        its([:value]) { should cmp 0 }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230313.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"limits.conf * is expected to include [\"hard\", \"core\", \"0\"]","run_time":5.5e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"limits_conf","resource_params":"[\"/etc/security/limits.conf\"]","resource_id":"/etc/security/limits.conf"},{"status":"passed","code_desc":"/etc/security/limits.conf entries [:value] is expected to cmp == 0","run_time":0.000102,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"[:value]"}]},{"id":"SV-230314","title":"RHEL 8 must disable storing core dumps.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems."},{"label":"check","data":"Verify the operating system disables storing core dumps for all users by\nissuing the following command:\n\n    $ sudo grep -i storage /etc/systemd/coredump.conf\n\n    Storage=none\n\n    If the \"Storage\" item is missing, commented out, or the value is anything\nother than \"none\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding."},{"label":"fix","data":"Configure the operating system to disable storing core dumps for all users.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nStorage=none"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230314","rid":"SV-230314r627750_rule","stig_id":"RHEL-08-010674","fix_id":"F-32958r567689_fix","cci":["CCI-000366"],"legacy":[],"nist":["CM-6 b"]},"code":"control 'SV-230314' do\n  title 'RHEL 8 must disable storing core dumps.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.'\n  desc 'check', 'Verify the operating system disables storing core dumps for all users by\nissuing the following command:\n\n    $ sudo grep -i storage /etc/systemd/coredump.conf\n\n    Storage=none\n\n    If the \"Storage\" item is missing, commented out, or the value is anything\nother than \"none\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable storing core dumps for all users.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nStorage=none'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230314'\n  tag rid: 'SV-230314r627750_rule'\n  tag stig_id: 'RHEL-08-010674'\n  tag fix_id: 'F-32958r567689_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  describe parse_config_file('/etc/systemd/coredump.conf') do\n    its('Coredump.Storage') { should cmp 'none' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230314.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/systemd/coredump.conf Coredump.Storage is expected to cmp == \"none\"","run_time":7.2e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/systemd/coredump.conf\"]","resource_id":"/etc/systemd/coredump.conf"}]},{"id":"SV-230315","title":"RHEL 8 must disable core dump backtraces.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems."},{"label":"check","data":"Verify the operating system disables core dump backtraces by issuing the\nfollowing command:\n\n    $ sudo grep -i ProcessSizeMax /etc/systemd/coredump.conf\n\n    ProcessSizeMax=0\n\n    If the \"ProcessSizeMax\" item is missing, commented out, or the value is\nanything other than \"0\" and the need for core dumps is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement\nfor all domains that have the \"core\" item assigned, this is a finding."},{"label":"fix","data":"Configure the operating system to disable core dump backtraces.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nProcessSizeMax=0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230315","rid":"SV-230315r627750_rule","stig_id":"RHEL-08-010675","fix_id":"F-32959r567692_fix","cci":["CCI-000366"],"legacy":[],"nist":["CM-6 b"]},"code":"control 'SV-230315' do\n  title 'RHEL 8 must disable core dump backtraces.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.'\n  desc 'check', 'Verify the operating system disables core dump backtraces by issuing the\nfollowing command:\n\n    $ sudo grep -i ProcessSizeMax /etc/systemd/coredump.conf\n\n    ProcessSizeMax=0\n\n    If the \"ProcessSizeMax\" item is missing, commented out, or the value is\nanything other than \"0\" and the need for core dumps is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement\nfor all domains that have the \"core\" item assigned, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable core dump backtraces.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nProcessSizeMax=0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230315'\n  tag rid: 'SV-230315r627750_rule'\n  tag stig_id: 'RHEL-08-010675'\n  tag fix_id: 'F-32959r567692_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  describe parse_config_file('/etc/systemd/coredump.conf') do\n    its('Coredump.ProcessSizeMax') { should cmp '0' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230315.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/systemd/coredump.conf Coredump.ProcessSizeMax is expected to cmp == \"0\"","run_time":6.6e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/systemd/coredump.conf\"]","resource_id":"/etc/systemd/coredump.conf"}]},{"id":"SV-230316","title":"For RHEL 8 systems using Domain Name Servers (DNS) resolution, at\nleast two name servers must be configured.","desc":"To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging.","descriptions":[{"label":"default","data":"To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging."},{"label":"check","data":"Determine whether the system is using local or DNS name resolution with the\nfollowing command:\n\n    $ sudo grep hosts /etc/nsswitch.conf\n\n    hosts: files dns\n\n    If the DNS entry is missing from the host's line in the\n\"/etc/nsswitch.conf\" file, the \"/etc/resolv.conf\" file must be empty.\n\n    Verify the \"/etc/resolv.conf\" file is empty with the following command:\n\n    $ sudo ls -al /etc/resolv.conf\n\n    -rw-r--r-- 1 root root 0 Aug 19 08:31 resolv.conf\n\n    If local host authentication is being used and the \"/etc/resolv.conf\"\nfile is not empty, this is a finding.\n\n    If the DNS entry is found on the host's line of the \"/etc/nsswitch.conf\"\nfile, verify the operating system is configured to use two or more name servers\nfor DNS resolution.\n\n    Determine the name servers used by the system with the following command:\n\n    $ sudo grep nameserver /etc/resolv.conf\n\n    nameserver 192.168.1.2\n    nameserver 192.168.1.3\n\n    If less than two lines are returned that are not commented out, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to use two or more name servers for DNS\nresolution.\n\n    By default, \"NetworkManager\" on RHEL 8 dynamically updates the\n/etc/resolv.conf file with the DNS settings from active \"NetworkManager\"\nconnection profiles. However, this feature can be disabled to allow manual\nconfigurations.\n\n    If manually configuring DNS, edit the \"/etc/resolv.conf\" file to\nuncomment or add the two or more \"nameserver\" option lines with the IP\naddress of local authoritative name servers. If local host resolution is being\nperformed, the \"/etc/resolv.conf\" file must be empty. An empty\n\"/etc/resolv.conf\" file can be created as follows:\n\n    $ sudo echo -n > /etc/resolv.conf"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230316","rid":"SV-230316r627750_rule","stig_id":"RHEL-08-010680","fix_id":"F-32960r567695_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230316' do\n  title 'For RHEL 8 systems using Domain Name Servers (DNS) resolution, at\nleast two name servers must be configured.'\n  desc 'To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging.'\n  desc 'check', %q(Determine whether the system is using local or DNS name resolution with the\nfollowing command:\n\n    $ sudo grep hosts /etc/nsswitch.conf\n\n    hosts: files dns\n\n    If the DNS entry is missing from the host's line in the\n\"/etc/nsswitch.conf\" file, the \"/etc/resolv.conf\" file must be empty.\n\n    Verify the \"/etc/resolv.conf\" file is empty with the following command:\n\n    $ sudo ls -al /etc/resolv.conf\n\n    -rw-r--r-- 1 root root 0 Aug 19 08:31 resolv.conf\n\n    If local host authentication is being used and the \"/etc/resolv.conf\"\nfile is not empty, this is a finding.\n\n    If the DNS entry is found on the host's line of the \"/etc/nsswitch.conf\"\nfile, verify the operating system is configured to use two or more name servers\nfor DNS resolution.\n\n    Determine the name servers used by the system with the following command:\n\n    $ sudo grep nameserver /etc/resolv.conf\n\n    nameserver 192.168.1.2\n    nameserver 192.168.1.3\n\n    If less than two lines are returned that are not commented out, this is a\nfinding.)\n  desc 'fix', 'Configure the operating system to use two or more name servers for DNS\nresolution.\n\n    By default, \"NetworkManager\" on RHEL 8 dynamically updates the\n/etc/resolv.conf file with the DNS settings from active \"NetworkManager\"\nconnection profiles. However, this feature can be disabled to allow manual\nconfigurations.\n\n    If manually configuring DNS, edit the \"/etc/resolv.conf\" file to\nuncomment or add the two or more \"nameserver\" option lines with the IP\naddress of local authoritative name servers. If local host resolution is being\nperformed, the \"/etc/resolv.conf\" file must be empty. An empty\n\"/etc/resolv.conf\" file can be created as follows:\n\n    $ sudo echo -n > /etc/resolv.conf'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230316'\n  tag rid: 'SV-230316r627750_rule'\n  tag stig_id: 'RHEL-08-010680'\n  tag fix_id: 'F-32960r567695_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  dns_in_host_line = parse_config_file('/etc/nsswitch.conf',\n                                       comment_char: '#',\n                                       assignment_regex: /^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/).params['hosts'].include?('dns')\n\n  unless dns_in_host_line\n    describe 'If `local` resolution is being used, a `hosts` entry in /etc/nsswitch.conf having `dns`' do\n      subject { dns_in_host_line }\n      it { should be false }\n    end\n  end\n\n  unless dns_in_host_line\n    describe 'If `local` resoultion is being used, the /etc/resolv.conf file should' do\n      subject { parse_config_file('/etc/resolv.conf', comment_char: '#').params }\n      it { should be_empty }\n    end\n  end\n\n  nameservers = parse_config_file('/etc/resolv.conf',\n                                  comment_char: '#').params.keys.grep(/nameserver/)\n\n  if dns_in_host_line\n    describe \"The system's nameservers: #{nameservers}\" do\n      subject { nameservers }\n      it { should_not be nil }\n    end\n  end\n\n  if dns_in_host_line\n    describe 'The number of nameservers' do\n      subject { nameservers.count }\n      it { should cmp >= 2 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230316.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The system's nameservers: [\"nameserver 172.31.0.2\"] is expected not to equal nil","run_time":6.8e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The system's nameservers: [\"nameserver 172.31.0.2\"]"},{"status":"failed","code_desc":"The number of nameservers is expected to cmp >= 2","run_time":0.000122,"start_time":"2024-01-09T19:40:45-05:00","message":"\nexpected it to be >= 2\n     got: 1\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"The number of nameservers"}]},{"id":"SV-230317","title":"Executable search paths within the initialization files of all local\ninteractive RHEL 8 users must only contain paths that resolve to the system\ndefault or the users home directory.","desc":"The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO).","descriptions":[{"label":"default","data":"The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO)."},{"label":"check","data":"Verify that all local interactive user initialization file executable search path statements do not contain statements that will reference a working directory other than user home directories with the following commands:\n\n$ sudo grep -i path= /home/*/.*\n\n/home/[localinteractiveuser]/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin\n\nIf any local interactive user initialization files have executable search path statements that include directories outside of their home directory and is not documented with the ISSO as an operational requirement, this is a finding."},{"label":"fix","data":"Edit the local interactive user initialization files to change any PATH\nvariable statements that reference directories other than their home directory.\n\n    If a local interactive user requires path variables to reference a\ndirectory owned by the application, it must be documented with the ISSO."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230317","rid":"SV-230317r792896_rule","stig_id":"RHEL-08-010690","fix_id":"F-32961r567698_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230317' do\n  title 'Executable search paths within the initialization files of all local\ninteractive RHEL 8 users must only contain paths that resolve to the system\ndefault or the users home directory.'\n  desc \"The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO).\"\n  desc 'check', 'Verify that all local interactive user initialization file executable search path statements do not contain statements that will reference a working directory other than user home directories with the following commands:\n\n$ sudo grep -i path= /home/*/.*\n\n/home/[localinteractiveuser]/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin\n\nIf any local interactive user initialization files have executable search path statements that include directories outside of their home directory and is not documented with the ISSO as an operational requirement, this is a finding.'\n  desc 'fix', 'Edit the local interactive user initialization files to change any PATH\nvariable statements that reference directories other than their home directory.\n\n    If a local interactive user requires path variables to reference a\ndirectory owned by the application, it must be documented with the ISSO.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230317'\n  tag rid: 'SV-230317r792896_rule'\n  tag stig_id: 'RHEL-08-010690'\n  tag fix_id: 'F-32961r567698_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  findings = Set[]\n  users.where { !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    next if input('exempt_home_users').include?(user_info.username.to_s)\n\n    grep_results = command(\"grep -i path --exclude=\\\".bash_history\\\" #{user_info.home}/.*\").stdout.split('\\\\n')\n    grep_results.each do |result|\n      result.slice! 'PATH='\n      # Case when last value in exec search path is :\n      result += ' ' if result[-1] == ':'\n      result.slice! '$PATH:'\n      result.gsub! '$HOME', user_info.home.to_s\n      result.gsub! '~', user_info.home.to_s\n      line_arr = result.split(':')\n      line_arr.delete_at(0)\n      line_arr.each do |line|\n        # Don't run test on line that exports PATH and is not commented out\n        next unless !line.start_with?('export') && !line.start_with?('#')\n\n        # Case when :: found in exec search path or : found at beginning\n        if line.strip.empty?\n          curr_work_dir = command('pwd').stdout.delete(\"\\n\")\n          line = curr_work_dir if curr_work_dir.start_with?(user_info.home.to_s)\n        end\n        # This will fail if non-home directory found in path\n        findings.add(line) unless line.start_with?(user_info.home)\n      end\n    end\n  end\n  describe.one do\n    describe etc_fstab do\n      its('home_mount_options') { should include 'nosuid' }\n    end\n    describe 'Initialization files that include executable search paths that include directories outside their home directories' do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230317.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Initialization files that include executable search paths that include directories outside their home directories is expected to be empty","run_time":7.4e-05,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Initialization files that include executable search paths that include directories outside their home directories"}]},{"id":"SV-230318","title":"All RHEL 8 world-writable directories must be owned by root, sys, bin,\nor an application user.","desc":"If a world-writable directory is not owned by root, sys, bin, or an\napplication User Identifier (UID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.","descriptions":[{"label":"default","data":"If a world-writable directory is not owned by root, sys, bin, or an\napplication User Identifier (UID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access."},{"label":"check","data":"The following command will discover and print world-writable directories\nthat are not owned by a system account, given the assumption that only system\naccounts have a uid lower than 1000. Run it once for each local partition\n[PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -uid +999 -print\n\n    If there is output, this is a finding."},{"label":"fix","data":"All directories in local partitions which are world-writable\nshould be owned by root or another system account. If any world-writable\ndirectories are not owned by a system account, this should be investigated.\nFollowing this, the files should be deleted or assigned to an appropriate\ngroup."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230318","rid":"SV-230318r743960_rule","stig_id":"RHEL-08-010700","fix_id":"F-32962r567701_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230318' do\n  title 'All RHEL 8 world-writable directories must be owned by root, sys, bin,\nor an application user.'\n  desc 'If a world-writable directory is not owned by root, sys, bin, or an\napplication User Identifier (UID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.'\n  desc 'check', 'The following command will discover and print world-writable directories\nthat are not owned by a system account, given the assumption that only system\naccounts have a uid lower than 1000. Run it once for each local partition\n[PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -uid +999 -print\n\n    If there is output, this is a finding.'\n  desc 'fix', 'All directories in local partitions which are world-writable\nshould be owned by root or another system account. If any world-writable\ndirectories are not owned by a system account, this should be investigated.\nFollowing this, the files should be deleted or assigned to an appropriate\ngroup.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230318'\n  tag rid: 'SV-230318r743960_rule'\n  tag stig_id: 'RHEL-08-010700'\n  tag fix_id: 'F-32962r567701_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ww_dirs = Set[]\n  partitions = etc_fstab.params.map { |partition| partition['mount_point'] }.uniq\n  partitions.each do |part|\n    cmd = \"find #{part} -xdev -type d -perm -0002 -uid +999 -print\"\n    ww_dirs += command(cmd).stdout.split(\"\\n\")\n  end\n\n  describe 'List of world-writeable directories which are not owned by system accounts across all partitions' do\n    subject { ww_dirs.to_a }\n    it { should be_empty }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230318.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"List of world-writeable directories which are not owned by system accounts across all partitions is expected to be empty","run_time":0.002972,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"List of world-writeable directories which are not owned by system accounts across all partitions"}]},{"id":"SV-230319","title":"All RHEL 8 world-writable directories must be group-owned by root,\nsys, bin, or an application group.","desc":"If a world-writable directory is not group-owned by root, sys, bin, or\nan application Group Identifier (GID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.","descriptions":[{"label":"default","data":"If a world-writable directory is not group-owned by root, sys, bin, or\nan application Group Identifier (GID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access."},{"label":"check","data":"The following command will discover and print world-writable directories\nthat are not group-owned by a system account, given the assumption that only\nsystem accounts have a gid lower than 1000. Run it once for each local\npartition [PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -gid +999 -print\n\n    If there is output, this is a finding."},{"label":"fix","data":"All directories in local partitions which are world-writable\nmust be group-owned by root or another system account.  If any world-writable\ndirectories are not group-owned by a system account, this must be investigated.\n Following this, the directories must be deleted or assigned to an appropriate\ngroup."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230319","rid":"SV-230319r743961_rule","stig_id":"RHEL-08-010710","fix_id":"F-32963r567704_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230319' do\n  title 'All RHEL 8 world-writable directories must be group-owned by root,\nsys, bin, or an application group.'\n  desc 'If a world-writable directory is not group-owned by root, sys, bin, or\nan application Group Identifier (GID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.'\n  desc 'check', 'The following command will discover and print world-writable directories\nthat are not group-owned by a system account, given the assumption that only\nsystem accounts have a gid lower than 1000. Run it once for each local\npartition [PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -gid +999 -print\n\n    If there is output, this is a finding.'\n  desc 'fix', 'All directories in local partitions which are world-writable\nmust be group-owned by root or another system account.  If any world-writable\ndirectories are not group-owned by a system account, this must be investigated.\n Following this, the directories must be deleted or assigned to an appropriate\ngroup.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230319'\n  tag rid: 'SV-230319r743961_rule'\n  tag stig_id: 'RHEL-08-010710'\n  tag fix_id: 'F-32963r567704_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ww_dirs = Set[]\n  partitions = etc_fstab.params.map { |partition| partition['mount_point'] }.uniq\n  partitions.each do |part|\n    cmd = \"find #{part} -xdev -type d -perm -0002 -gid +999 -print\"\n    ww_dirs += command(cmd).stdout.split(\"\\n\")\n  end\n\n  ww_dirs = ww_dirs.to_a\n\n  describe 'World-writeable directories across all partitions' do\n    it 'should be group-owned by system accounts ' do\n      expect(ww_dirs).to be_empty, \"World-writeable directories non group-owned by system accounts:\\n\\t- #{ww_dirs.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230319.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"World-writeable directories across all partitions should be group-owned by system accounts ","run_time":0.002625,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"World-writeable directories across all partitions"}]},{"id":"SV-230320","title":"All RHEL 8 local interactive users must have a home directory assigned\nin the /etc/passwd file.","desc":"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.","descriptions":[{"label":"default","data":"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own."},{"label":"check","data":"Verify local interactive users on RHEL 8 have a home directory assigned\nwith the following command:\n\n    $ sudo pwck -r\n\n    user 'lp': directory '/var/spool/lpd' does not exist\n    user 'news': directory '/var/spool/news' does not exist\n    user 'uucp': directory '/var/spool/uucp' does not exist\n    user 'www-data': directory '/var/www' does not exist\n\n    Ask the System Administrator (SA) if any users found without home\ndirectories are local interactive users. If the SA is unable to provide a\nresponse, check for users with a User Identifier (UID) of 1000 or greater with\nthe following command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd\n\n    If any interactive users do not have a home directory assigned, this is a\nfinding."},{"label":"fix","data":"Assign home directories to all local interactive users on RHEL\n8 that currently do not have a home directory assigned."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230320","rid":"SV-230320r627750_rule","stig_id":"RHEL-08-010720","fix_id":"F-32964r567707_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230320' do\n  title 'All RHEL 8 local interactive users must have a home directory assigned\nin the /etc/passwd file.'\n  desc 'If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.'\n  desc 'check', \"Verify local interactive users on RHEL 8 have a home directory assigned\nwith the following command:\n\n    $ sudo pwck -r\n\n    user 'lp': directory '/var/spool/lpd' does not exist\n    user 'news': directory '/var/spool/news' does not exist\n    user 'uucp': directory '/var/spool/uucp' does not exist\n    user 'www-data': directory '/var/www' does not exist\n\n    Ask the System Administrator (SA) if any users found without home\ndirectories are local interactive users. If the SA is unable to provide a\nresponse, check for users with a User Identifier (UID) of 1000 or greater with\nthe following command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd\n\n    If any interactive users do not have a home directory assigned, this is a\nfinding.\"\n  desc 'fix', 'Assign home directories to all local interactive users on RHEL\n8 that currently do not have a home directory assigned.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230320'\n  tag rid: 'SV-230320r627750_rule'\n  tag stig_id: 'RHEL-08-010720'\n  tag fix_id: 'F-32964r567707_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  exempt_users = input('exempt_home_users')\n  ignore_shells = input('non_interactive_shells').join('|')\n  actvite_users_without_homedir = users.where { !shell.match(ignore_shells) && home.nil? }.entries\n\n  # only_if(\"This control is Not Applicable since no 'non-exempt' users were found\", impact: 0.0) { !active_home.empty? }\n\n  describe 'All non-exempt users' do\n    it 'have an assinded home directory that exists' do\n      failure_message = \"The following users do not have an assigned home directory: #{actvite_users_without_homedir.join(', ')}\"\n      expect(actvite_users_without_homedir).to be_empty, failure_message\n    end\n  end\n  describe 'Note: `exempt_home_users` skipped user' do\n    exempt_users.each do |u|\n      next if exempt_users.empty?\n\n      it u.to_s do\n        expect(user(u).username).to be_truthy.or be_nil\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230320.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"All non-exempt users have an assinded home directory that exists","run_time":0.002491,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All non-exempt users"},{"status":"passed","code_desc":"Note: `exempt_home_users` skipped user root","run_time":0.002771,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Note: `exempt_home_users` skipped user"},{"status":"passed","code_desc":"Note: `exempt_home_users` skipped user vagrant","run_time":0.103,"start_time":"2024-01-09T19:40:45-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Note: `exempt_home_users` skipped user"},{"status":"passed","code_desc":"Note: `exempt_home_users` skipped user ec2-user","run_time":0.000259,"start_time":"2024-01-09T19:40:46-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Note: `exempt_home_users` skipped user"}]},{"id":"SV-230321","title":"All RHEL 8 local interactive user home directories must have mode 0750\nor less permissive.","desc":"Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.","descriptions":[{"label":"default","data":"Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users."},{"label":"check","data":"Verify the assigned home directory of all local interactive users has a\nmode of \"0750\" or less permissive with the following command:\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    If home directories referenced in \"/etc/passwd\" do not have a mode of\n\"0750\" or less permissive, this is a finding."},{"label":"fix","data":"Change the mode of interactive user’s home directories to \"0750\". To\nchange the mode of a local interactive user’s home directory, use the following\ncommand:\n\n    Note: The example will be for the user \"smithj\".\n\n    $ sudo chmod 0750 /home/smithj"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230321","rid":"SV-230321r627750_rule","stig_id":"RHEL-08-010730","fix_id":"F-32965r567710_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230321' do\n  title 'All RHEL 8 local interactive user home directories must have mode 0750\nor less permissive.'\n  desc 'Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.'\n  desc 'check', %q(Verify the assigned home directory of all local interactive users has a\nmode of \"0750\" or less permissive with the following command:\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    If home directories referenced in \"/etc/passwd\" do not have a mode of\n\"0750\" or less permissive, this is a finding.)\n  desc 'fix', 'Change the mode of interactive user’s home directories to \"0750\". To\nchange the mode of a local interactive user’s home directory, use the following\ncommand:\n\n    Note: The example will be for the user \"smithj\".\n\n    $ sudo chmod 0750 /home/smithj'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230321'\n  tag rid: 'SV-230321r627750_rule'\n  tag stig_id: 'RHEL-08-010730'\n  tag fix_id: 'F-32965r567710_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  exempt_home_users = input('exempt_home_users')\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  iuser_entries = passwd.where { uid.to_i >= uid_min && shell !~ /nologin/ && !exempt_home_users.include?(user) }\n\n  if !iuser_entries.users.nil? && !iuser_entries.users.empty?\n    iuser_entries.homes.each do |home_dir|\n      describe file(home_dir) do\n        it { should_not be_more_permissive_than('0750') }\n      end\n    end\n  else\n    describe 'No non-exempt interactive user accounts were detected on the system' do\n      subject { true }\n      it { should be true }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230321.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"No non-exempt interactive user accounts were detected on the system is expected to equal true","run_time":0.000105,"start_time":"2024-01-09T19:40:46-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No non-exempt interactive user accounts were detected on the system"}]},{"id":"SV-230322","title":"All RHEL 8 local interactive user home directories must be group-owned\nby the home directory owner’s primary group.","desc":"If the Group Identifier (GID) of a local interactive user’s home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user’s files, and users that share the same group\nmay not be able to access files that they legitimately should.","descriptions":[{"label":"default","data":"If the Group Identifier (GID) of a local interactive user’s home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user’s files, and users that share the same group\nmay not be able to access files that they legitimately should."},{"label":"check","data":"Verify the assigned home directory of all local interactive users is group-owned by that user’s primary GID with the following command:\n\nNote: This may miss local interactive users that have been assigned a privileged UID. Evidence of interactive use may be obtained from a number of log files containing system logon information. The returned directory \"/home/smithj\" is used as an example.\n\n     $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)\n\n     drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\nCheck the user's primary group with the following command:\n\n     $ sudo grep $(grep smithj /etc/passwd | awk -F: '{print $4}') /etc/group\n\n     admin:x:250:smithj,jonesj,jacksons\n\nIf the user home directory referenced in \"/etc/passwd\" is not group-owned by that user’s primary GID, this is a finding."},{"label":"fix","data":"Change the group owner of a local interactive user’s home directory to the\ngroup found in \"/etc/passwd\". To change the group owner of a local\ninteractive user’s home directory, use the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\", and has a primary group of users.\n\n    $ sudo chgrp users /home/smithj"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230322","rid":"SV-230322r880717_rule","stig_id":"RHEL-08-010740","fix_id":"F-32966r880716_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230322' do\n  title 'All RHEL 8 local interactive user home directories must be group-owned\nby the home directory owner’s primary group.'\n  desc 'If the Group Identifier (GID) of a local interactive user’s home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user’s files, and users that share the same group\nmay not be able to access files that they legitimately should.'\n  desc 'check', %q(Verify the assigned home directory of all local interactive users is group-owned by that user’s primary GID with the following command:\n\nNote: This may miss local interactive users that have been assigned a privileged UID. Evidence of interactive use may be obtained from a number of log files containing system logon information. The returned directory \"/home/smithj\" is used as an example.\n\n     $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)\n\n     drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\nCheck the user's primary group with the following command:\n\n     $ sudo grep $(grep smithj /etc/passwd | awk -F: '{print $4}') /etc/group\n\n     admin:x:250:smithj,jonesj,jacksons\n\nIf the user home directory referenced in \"/etc/passwd\" is not group-owned by that user’s primary GID, this is a finding.)\n  desc 'fix', 'Change the group owner of a local interactive user’s home directory to the\ngroup found in \"/etc/passwd\". To change the group owner of a local\ninteractive user’s home directory, use the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\", and has a primary group of users.\n\n    $ sudo chgrp users /home/smithj'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230322'\n  tag rid: 'SV-230322r880717_rule'\n  tag stig_id: 'RHEL-08-010740'\n  tag fix_id: 'F-32966r880716_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where { !shell.match(ignore_shells) && (uid >= uid_min || uid.zero?) }.entries.each do |user_info|\n    next if input('exempt_home_users').include?(user_info.username.to_s)\n\n    findings += command(\"find #{user_info.home} -maxdepth 0 -not -gid #{user_info.gid}\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories that are not group-owned by the user's primary GID\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230322.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Home directories that are not group-owned by the user's primary GID is expected to be empty","run_time":0.003936,"start_time":"2024-01-09T19:40:46-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Home directories that are not group-owned by the user's primary GID"}]},{"id":"SV-230323","title":"All RHEL 8 local interactive user home directories defined in the\n/etc/passwd file must exist.","desc":"If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the \"/\" directory as the current\nworking directory upon logon. This could create a denial of service because the\nuser would not be able to access their logon configuration files, and it may\ngive them visibility to system files they normally would not be able to access.","descriptions":[{"label":"default","data":"If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the \"/\" directory as the current\nworking directory upon logon. This could create a denial of service because the\nuser would not be able to access their logon configuration files, and it may\ngive them visibility to system files they normally would not be able to access."},{"label":"check","data":"Verify the assigned home directory of all local interactive users on RHEL 8\nexists with the following command:\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-xr-x 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser ID (UID). Evidence of interactive use may be obtained from a number of log\nfiles containing system logon information.\n\n    Check that all referenced home directories exist with the following command:\n\n    $ sudo pwck -r\n\n    user 'smithj': directory '/home/smithj' does not exist\n\n    If any home directories referenced in \"/etc/passwd\" are returned as not\ndefined, this is a finding."},{"label":"fix","data":"Create home directories to all local interactive users that currently do\nnot have a home directory assigned. Use the following commands to create the\nuser home directory assigned in \"/etc/ passwd\":\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\", a UID of \"smithj\", and a Group Identifier (GID) of \"users\nassigned\" in \"/etc/passwd\".\n\n    $ sudo mkdir /home/smithj\n    $ sudo chown smithj /home/smithj\n    $ sudo chgrp users /home/smithj\n    $ sudo chmod 0750 /home/smithj"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230323","rid":"SV-230323r627750_rule","stig_id":"RHEL-08-010750","fix_id":"F-32967r567716_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230323' do\n  title 'All RHEL 8 local interactive user home directories defined in the\n/etc/passwd file must exist.'\n  desc 'If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the \"/\" directory as the current\nworking directory upon logon. This could create a denial of service because the\nuser would not be able to access their logon configuration files, and it may\ngive them visibility to system files they normally would not be able to access.'\n  desc 'check', %q(Verify the assigned home directory of all local interactive users on RHEL 8\nexists with the following command:\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-xr-x 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser ID (UID). Evidence of interactive use may be obtained from a number of log\nfiles containing system logon information.\n\n    Check that all referenced home directories exist with the following command:\n\n    $ sudo pwck -r\n\n    user 'smithj': directory '/home/smithj' does not exist\n\n    If any home directories referenced in \"/etc/passwd\" are returned as not\ndefined, this is a finding.)\n  desc 'fix', 'Create home directories to all local interactive users that currently do\nnot have a home directory assigned. Use the following commands to create the\nuser home directory assigned in \"/etc/ passwd\":\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\", a UID of \"smithj\", and a Group Identifier (GID) of \"users\nassigned\" in \"/etc/passwd\".\n\n    $ sudo mkdir /home/smithj\n    $ sudo chown smithj /home/smithj\n    $ sudo chgrp users /home/smithj\n    $ sudo chmod 0750 /home/smithj'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230323'\n  tag rid: 'SV-230323r627750_rule'\n  tag stig_id: 'RHEL-08-010750'\n  tag fix_id: 'F-32967r567716_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  iuser_entries = passwd.where { uid.to_i >= 1000 && shell !~ /nologin/ }\n  iuser_entries.homes.each do |home_dir|\n    describe directory(home_dir) do\n      it { should exist }\n    end\n  end\n\n  if iuser_entries.entries.empty?\n    describe 'Test skipped because no directories were found' do\n      skip 'This test is skipped since the user directory search returned an empty list'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230323.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /home/ec2-user is expected to exist","run_time":0.339303,"start_time":"2024-01-09T19:40:46-05:00","resource_class":"directory","resource_params":"[\"/home/ec2-user\"]","resource_id":"/home/ec2-user"}]},{"id":"SV-230324","title":"All RHEL 8 local interactive user accounts must be assigned a home\ndirectory upon creation.","desc":"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.","descriptions":[{"label":"default","data":"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own."},{"label":"check","data":"Verify all local interactive users on RHEL 8 are assigned a home directory\nupon creation with the following command:\n\n    $ sudo grep -i create_home /etc/login.defs\n\n    CREATE_HOME yes\n\n    If the value for \"CREATE_HOME\" parameter is not set to \"yes\", the line\nis missing, or the line is commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to assign home directories to all new local interactive\nusers by setting the \"CREATE_HOME\" parameter in \"/etc/login.defs\" to\n\"yes\" as follows.\n\n    CREATE_HOME yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230324","rid":"SV-230324r627750_rule","stig_id":"RHEL-08-010760","fix_id":"F-32968r567719_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230324' do\n  title 'All RHEL 8 local interactive user accounts must be assigned a home\ndirectory upon creation.'\n  desc 'If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.'\n  desc 'check', 'Verify all local interactive users on RHEL 8 are assigned a home directory\nupon creation with the following command:\n\n    $ sudo grep -i create_home /etc/login.defs\n\n    CREATE_HOME yes\n\n    If the value for \"CREATE_HOME\" parameter is not set to \"yes\", the line\nis missing, or the line is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to assign home directories to all new local interactive\nusers by setting the \"CREATE_HOME\" parameter in \"/etc/login.defs\" to\n\"yes\" as follows.\n\n    CREATE_HOME yes'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230324'\n  tag rid: 'SV-230324r627750_rule'\n  tag stig_id: 'RHEL-08-010760'\n  tag fix_id: 'F-32968r567719_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe login_defs do\n    its('CREATE_HOME') { should eq 'yes' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230324.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"login.defs CREATE_HOME is expected to eq \"yes\"","run_time":0.001359,"start_time":"2024-01-09T19:40:46-05:00","resource_class":"login_defs","resource_params":"[]","resource_id":"/etc/login.defs"}]},{"id":"SV-230325","title":"All RHEL 8 local initialization files must have mode 0740 or less\npermissive.","desc":"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.","descriptions":[{"label":"default","data":"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon."},{"label":"check","data":"Verify that all local initialization files have a mode of \"0740\" or less permissive with the following command:\n\nNote: The example will be for the \"smithj\" user, who has a home directory of \"/home/smithj\".\n\n     $ sudo ls -al /home/smithj/.[^.]* | more\n\n     -rw-------. 1 smithj users 2984 Apr 27 19:02 .bash_history\n     -rw-r--r--. 1 smithj users   18 Aug 21  2019 .bash_logout\n     -rw-r--r--. 1 smithj users  193 Aug 21  2019 .bash_profile\n\nIf any local initialization files have a mode more permissive than \"0740\", this is a finding."},{"label":"fix","data":"Set the mode of the local initialization files to \"0740\" with the\nfollowing command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\"/home/smithj\".\n\n    $ sudo chmod 0740 /home/smithj/.<INIT_FILE>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230325","rid":"SV-230325r917879_rule","stig_id":"RHEL-08-010770","fix_id":"F-32969r917878_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230325' do\n  title 'All RHEL 8 local initialization files must have mode 0740 or less\npermissive.'\n  desc \"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.\"\n  desc 'check', 'Verify that all local initialization files have a mode of \"0740\" or less permissive with the following command:\n\nNote: The example will be for the \"smithj\" user, who has a home directory of \"/home/smithj\".\n\n     $ sudo ls -al /home/smithj/.[^.]* | more\n\n     -rw-------. 1 smithj users 2984 Apr 27 19:02 .bash_history\n     -rw-r--r--. 1 smithj users   18 Aug 21  2019 .bash_logout\n     -rw-r--r--. 1 smithj users  193 Aug 21  2019 .bash_profile\n\nIf any local initialization files have a mode more permissive than \"0740\", this is a finding.'\n  desc 'fix', 'Set the mode of the local initialization files to \"0740\" with the\nfollowing command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\"/home/smithj\".\n\n    $ sudo chmod 0740 /home/smithj/.<INIT_FILE>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230325'\n  tag rid: 'SV-230325r917879_rule'\n  tag stig_id: 'RHEL-08-010770'\n  tag fix_id: 'F-32969r917878_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  findings = Set[]\n  users.where { !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    findings += command(\"find #{user_info.home} -xdev -maxdepth 1 -name '.*' -type f -perm /037\").stdout.split(\"\\n\")\n  end\n  describe findings do\n    it { should be_empty }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230325.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"#<Set: {\"/root/.bash_logout\", \"/root/.bash_profile\", \"/root/.bashrc\", \"/root/.cshrc\", \"/root/.tcshrc\", \"/home/ec2-user/.bash_logout\", \"/home/ec2-user/.bash_profile\", \"/home/ec2-user/.bashrc\"}> is expected to be empty","run_time":0.008466,"start_time":"2024-01-09T19:40:46-05:00","message":"expected `#<Set: {\"/root/.bash_logout\", \"/root/.bash_profile\", \"/root/.bashrc\", \"/root/.cshrc\", \"/root/.tcshrc\", \"/home/ec2-user/.bash_logout\", \"/home/ec2-user/.bash_profile\", \"/home/ec2-user/.bashrc\"}>.empty?` to be truthy, got false","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230326","title":"All RHEL 8 local files and directories must have a valid owner.","desc":"Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \"UID\" as the UID of the un-owned\nfiles.","descriptions":[{"label":"default","data":"Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \"UID\" as the UID of the un-owned\nfiles."},{"label":"check","data":"Verify all local files and directories on RHEL 8 have a valid owner with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nouser\n\n    If any files on the system do not have an assigned owner, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories."},{"label":"fix","data":"Either remove all files and directories from the system that do not have a\nvalid user, or assign a valid user to all unowned files and directories on RHEL\n8 with the \"chown\" command:\n\n    $ sudo chown <user> <file>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230326","rid":"SV-230326r627750_rule","stig_id":"RHEL-08-010780","fix_id":"F-32970r567725_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230326' do\n  title 'All RHEL 8 local files and directories must have a valid owner.'\n  desc 'Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \"UID\" as the UID of the un-owned\nfiles.'\n  desc 'check', 'Verify all local files and directories on RHEL 8 have a valid owner with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nouser\n\n    If any files on the system do not have an assigned owner, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories.'\n  desc 'fix', 'Either remove all files and directories from the system that do not have a\nvalid user, or assign a valid user to all unowned files and directories on RHEL\n8 with the \"chown\" command:\n\n    $ sudo chown <user> <file>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230326'\n  tag rid: 'SV-230326r627750_rule'\n  tag stig_id: 'RHEL-08-010780'\n  tag fix_id: 'F-32970r567725_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'')\n    .stdout.strip.split(\"\\n\").each do |fs|\n    describe command(\"find / -xdev -xautofs -fstype #{fs} -nouser\") do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230326.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `find / -xdev -xautofs -fstype xfs -nouser` stdout.strip is expected to be empty","run_time":1.723498,"start_time":"2024-01-09T19:40:46-05:00","resource_class":"command","resource_params":"[\"find / -xdev -xautofs -fstype xfs -nouser\"]","resource_id":"Command: `find / -xdev -xautofs -fstype xfs -nouser`"}]},{"id":"SV-230327","title":"All RHEL 8 local files and directories must have a valid group owner.","desc":"Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner.","descriptions":[{"label":"default","data":"Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner."},{"label":"check","data":"Verify all local files and directories on RHEL 8 have a valid group with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nogroup\n\n    If any files on the system do not have an assigned group, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories."},{"label":"fix","data":"Either remove all files and directories from RHEL 8 that do not have a\nvalid group, or assign a valid group to all files and directories on the system\nwith the \"chgrp\" command:\n\n    $ sudo chgrp <group> <file>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230327","rid":"SV-230327r627750_rule","stig_id":"RHEL-08-010790","fix_id":"F-32971r567728_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230327' do\n  title 'All RHEL 8 local files and directories must have a valid group owner.'\n  desc 'Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner.'\n  desc 'check', 'Verify all local files and directories on RHEL 8 have a valid group with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nogroup\n\n    If any files on the system do not have an assigned group, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories.'\n  desc 'fix', 'Either remove all files and directories from RHEL 8 that do not have a\nvalid group, or assign a valid group to all files and directories on the system\nwith the \"chgrp\" command:\n\n    $ sudo chgrp <group> <file>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230327'\n  tag rid: 'SV-230327r627750_rule'\n  tag stig_id: 'RHEL-08-010790'\n  tag fix_id: 'F-32971r567728_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'')\n    .stdout.strip.split(\"\\n\").each do |fs|\n    describe command(\"find / -xdev -xautofs -fstype #{fs} -nogroup\") do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230327.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `find / -xdev -xautofs -fstype xfs -nogroup` stdout.strip is expected to be empty","run_time":1.72076,"start_time":"2024-01-09T19:40:48-05:00","resource_class":"command","resource_params":"[\"find / -xdev -xautofs -fstype xfs -nogroup\"]","resource_id":"Command: `find / -xdev -xautofs -fstype xfs -nogroup`"}]},{"id":"SV-230328","title":"A separate RHEL 8 filesystem must be used for user home directories\n(such as /home or an equivalent).","desc":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.","descriptions":[{"label":"default","data":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."},{"label":"check","data":"Verify that a separate file system has been created for non-privileged local interactive user home directories.\n\n  Check the home directory assignment for all non-privileged users, users with a User Identifier (UID) greater than 1000, on the system with the following command:\n\n     $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n     doej 1001 /home/doej\n     publicj 1002 /home/publicj\n     smithj 1003 /home/smithj\n\nThe output of the command will give the directory/partition that contains the home directories for the non-privileged users on the system (in this example, \"/home\") and users’ shell. All accounts with a valid shell (such as /bin/bash) are considered interactive users.\n\nCheck that a file system/partition has been created for the nonprivileged interactive users with the following command:\n\nNote: The partition of \"/home\" is used in the example.\n\n     $ sudo grep /home /etc/fstab\n\n     /dev/mapper/...   /home   xfs   defaults,noexec,nosuid,nodev 0 0\n\nIf a separate entry for the file system/partition containing the nonprivileged interactive user home directories does not exist, this is a finding."},{"label":"fix","data":"Migrate the \"/home\" directory onto a separate file system."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230328","rid":"SV-230328r902723_rule","stig_id":"RHEL-08-010800","fix_id":"F-32972r902722_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230328' do\n  title 'A separate RHEL 8 filesystem must be used for user home directories\n(such as /home or an equivalent).'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', %q(Verify that a separate file system has been created for non-privileged local interactive user home directories.\n\n  Check the home directory assignment for all non-privileged users, users with a User Identifier (UID) greater than 1000, on the system with the following command:\n\n     $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n     doej 1001 /home/doej\n     publicj 1002 /home/publicj\n     smithj 1003 /home/smithj\n\nThe output of the command will give the directory/partition that contains the home directories for the non-privileged users on the system (in this example, \"/home\") and users’ shell. All accounts with a valid shell (such as /bin/bash) are considered interactive users.\n\nCheck that a file system/partition has been created for the nonprivileged interactive users with the following command:\n\nNote: The partition of \"/home\" is used in the example.\n\n     $ sudo grep /home /etc/fstab\n\n     /dev/mapper/...   /home   xfs   defaults,noexec,nosuid,nodev 0 0\n\nIf a separate entry for the file system/partition containing the nonprivileged interactive user home directories does not exist, this is a finding.)\n  desc 'fix', 'Migrate the \"/home\" directory onto a separate file system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230328'\n  tag rid: 'SV-230328r902723_rule'\n  tag stig_id: 'RHEL-08-010800'\n  tag fix_id: 'F-32972r902722_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  only_if('This requirement is Not Applicable inside a container, the containers host manages the containers filesystems') {\n    !virtualization.system.eql?('docker')\n  }\n\n  ignore_shells = input('non_interactive_shells').join('|')\n  homes = users.where { uid >= 1000 && !shell.match(ignore_shells) }.homes\n  root_device = etc_fstab.where { mount_point == '/' }.device_name\n\n  if input('seperate_filesystem_exempt')\n    impact 0.0\n    describe 'This system is not required to have sperate filesystems for each mount point' do\n      skip 'The system is managing filesystems and space via other mechinisums, this requirement is Not Applicable'\n    end\n  else\n    homes.each do |home|\n      pn_parent = Pathname.new(home).parent.to_s\n      home_device = etc_fstab.where { mount_point == pn_parent }.device_name\n\n      describe \"The '#{pn_parent}' mount point\" do\n        subject { home_device }\n\n        it 'is not on the same partition as the root partition' do\n          is_expected.not_to equal(root_device)\n        end\n\n        it 'has its own partition' do\n          is_expected.not_to be_empty\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230328.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This system is not required to have sperate filesystems for each mount point","run_time":6.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"","skip_message":"The system is managing filesystems and space via other mechinisums, this requirement is Not Applicable","resource_class":"Object","resource_params":"[]","resource_id":"This system is not required to have sperate filesystems for each mount point"}]},{"id":"SV-230329","title":"Unattended or automatic logon via the RHEL 8 graphical user interface\nmust not be allowed.","desc":"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.","descriptions":[{"label":"default","data":"Failure to restrict system access to authenticated users negatively\nimpacts operating system security."},{"label":"check","data":"Verify the operating system does not allow an unattended or automatic logon\nto the system via a graphical user interface.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check for the value of the \"AutomaticLoginEnable\" in the\n\"/etc/gdm/custom.conf\" file with the following command:\n\n    $ sudo grep -i automaticloginenable /etc/gdm/custom.conf\n\n    AutomaticLoginEnable=false\n\n    If the value of \"AutomaticLoginEnable\" is not set to \"false\", this is a\nfinding."},{"label":"fix","data":"Configure the operating system to not allow an unattended or automatic\nlogon to the system via a graphical user interface.\n\n    Add or edit the line for the \"AutomaticLoginEnable\" parameter in the\n[daemon] section of the \"/etc/gdm/custom.conf\" file to \"false\":\n\n    [daemon]\n    AutomaticLoginEnable=false"}],"impact":0.0,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00229","gid":"V-230329","rid":"SV-230329r877377_rule","stig_id":"RHEL-08-010820","fix_id":"F-32973r567734_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230329' do\n  title 'Unattended or automatic logon via the RHEL 8 graphical user interface\nmust not be allowed.'\n  desc 'Failure to restrict system access to authenticated users negatively\nimpacts operating system security.'\n  desc 'check', 'Verify the operating system does not allow an unattended or automatic logon\nto the system via a graphical user interface.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check for the value of the \"AutomaticLoginEnable\" in the\n\"/etc/gdm/custom.conf\" file with the following command:\n\n    $ sudo grep -i automaticloginenable /etc/gdm/custom.conf\n\n    AutomaticLoginEnable=false\n\n    If the value of \"AutomaticLoginEnable\" is not set to \"false\", this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to not allow an unattended or automatic\nlogon to the system via a graphical user interface.\n\n    Add or edit the line for the \"AutomaticLoginEnable\" parameter in the\n[daemon] section of the \"/etc/gdm/custom.conf\" file to \"false\":\n\n    [daemon]\n    AutomaticLoginEnable=false'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00229'\n  tag gid: 'V-230329'\n  tag rid: 'SV-230329r877377_rule'\n  tag stig_id: 'RHEL-08-010820'\n  tag fix_id: 'F-32973r567734_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  custom_conf = '/etc/gdm/custom.conf'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    if (f = file(custom_conf)).exist?\n      describe parse_config_file(custom_conf) do\n        its('daemon.AutomaticLoginEnable') { cmp false }\n      end\n    else\n      describe f do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GDM installed' do\n      skip 'The system does not have GDM installed, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230329.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have GDM installed","run_time":1.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"","skip_message":"The system does not have GDM installed, this requirement is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have GDM installed"}]},{"id":"SV-230330","title":"RHEL 8 must not allow users to override SSH environment variables.","desc":"SSH environment options potentially allow users to bypass access\nrestriction in some configurations.","descriptions":[{"label":"default","data":"SSH environment options potentially allow users to bypass access\nrestriction in some configurations."},{"label":"check","data":"Verify that unattended or automatic logon via ssh is disabled with the following command:\n\n$ sudo grep -ir PermitUserEnvironment /etc/ssh/sshd_config*\n\nPermitUserEnvironment no\n\nIf \"PermitUserEnvironment\" is set to \"yes\", is missing completely, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to allow the SSH daemon to not allow unattended or\nautomatic logon to the system.\n\n    Add or edit the following line in the \"/etc/ssh/sshd_config\" file:\n\n    PermitUserEnvironment no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00229","gid":"V-230330","rid":"SV-230330r877377_rule","stig_id":"RHEL-08-010830","fix_id":"F-32974r567737_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230330' do\n  title 'RHEL 8 must not allow users to override SSH environment variables.'\n  desc 'SSH environment options potentially allow users to bypass access\nrestriction in some configurations.'\n  desc 'check', 'Verify that unattended or automatic logon via ssh is disabled with the following command:\n\n$ sudo grep -ir PermitUserEnvironment /etc/ssh/sshd_config*\n\nPermitUserEnvironment no\n\nIf \"PermitUserEnvironment\" is set to \"yes\", is missing completely, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allow the SSH daemon to not allow unattended or\nautomatic logon to the system.\n\n    Add or edit the following line in the \"/etc/ssh/sshd_config\" file:\n\n    PermitUserEnvironment no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00229'\n  tag gid: 'V-230330'\n  tag rid: 'SV-230330r877377_rule'\n  tag stig_id: 'RHEL-08-010830'\n  tag fix_id: 'F-32974r567737_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('PermitUserEnvironment') { should eq 'no' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230330.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration PermitUserEnvironment is expected to eq \"no\"","run_time":0.000372,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230331","title":"RHEL 8 temporary user accounts must be provisioned with an expiration\ntime of 72 hours or less.","desc":"If temporary user accounts remain active when no longer needed or for\nan excessive period, these accounts may be used to gain unauthorized access. To\nmitigate this risk, automated termination of all temporary accounts must be set\nupon account creation.\n\n    Temporary accounts are established as part of normal account activation\nprocedures when there is a need for short-term accounts without the demand for\nimmediacy in account activation.\n\n    If temporary accounts are used, RHEL 8 must be configured to automatically\nterminate these types of accounts after a DoD-defined time period of 72 hours.\n\n    To address access requirements, many RHEL 8 operating systems may be\nintegrated with enterprise-level authentication/access mechanisms that meet or\nexceed access control policy requirements.","descriptions":[{"label":"default","data":"If temporary user accounts remain active when no longer needed or for\nan excessive period, these accounts may be used to gain unauthorized access. To\nmitigate this risk, automated termination of all temporary accounts must be set\nupon account creation.\n\n    Temporary accounts are established as part of normal account activation\nprocedures when there is a need for short-term accounts without the demand for\nimmediacy in account activation.\n\n    If temporary accounts are used, RHEL 8 must be configured to automatically\nterminate these types of accounts after a DoD-defined time period of 72 hours.\n\n    To address access requirements, many RHEL 8 operating systems may be\nintegrated with enterprise-level authentication/access mechanisms that meet or\nexceed access control policy requirements."},{"label":"check","data":"Verify that temporary accounts have been provisioned with an expiration\ndate of 72 hours.\n\n    For every existing temporary account, run the following command to obtain\nits account expiration information.\n\n    $ sudo chage -l system_account_name\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire\nwithin 72 hours, this is a finding."},{"label":"fix","data":"If a temporary account must be created configure the system to terminate\nthe account after a 72 hour time period with the following command to set an\nexpiration date on it. Substitute \"system_account_name\" with the account to\nbe created.\n\n    $ sudo chage -E `date -d \"+3 days\" +%Y-%m-%d` system_account_name"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000002-GPOS-00002","gid":"V-230331","rid":"SV-230331r627750_rule","stig_id":"RHEL-08-020000","fix_id":"F-32975r567740_fix","cci":["CCI-000016"],"nist":["AC-2 (2)"]},"code":"control 'SV-230331' do\n  title 'RHEL 8 temporary user accounts must be provisioned with an expiration\ntime of 72 hours or less.'\n  desc 'If temporary user accounts remain active when no longer needed or for\nan excessive period, these accounts may be used to gain unauthorized access. To\nmitigate this risk, automated termination of all temporary accounts must be set\nupon account creation.\n\n    Temporary accounts are established as part of normal account activation\nprocedures when there is a need for short-term accounts without the demand for\nimmediacy in account activation.\n\n    If temporary accounts are used, RHEL 8 must be configured to automatically\nterminate these types of accounts after a DoD-defined time period of 72 hours.\n\n    To address access requirements, many RHEL 8 operating systems may be\nintegrated with enterprise-level authentication/access mechanisms that meet or\nexceed access control policy requirements.'\n  desc 'check', 'Verify that temporary accounts have been provisioned with an expiration\ndate of 72 hours.\n\n    For every existing temporary account, run the following command to obtain\nits account expiration information.\n\n    $ sudo chage -l system_account_name\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire\nwithin 72 hours, this is a finding.'\n  desc 'fix', 'If a temporary account must be created configure the system to terminate\nthe account after a 72 hour time period with the following command to set an\nexpiration date on it. Substitute \"system_account_name\" with the account to\nbe created.\n\n    $ sudo chage -E `date -d \"+3 days\" +%Y-%m-%d` system_account_name'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000002-GPOS-00002'\n  tag gid: 'V-230331'\n  tag rid: 'SV-230331r627750_rule'\n  tag stig_id: 'RHEL-08-020000'\n  tag fix_id: 'F-32975r567740_fix'\n  tag cci: ['CCI-000016']\n  tag nist: ['AC-2 (2)']\n\n  if input('temporary_accounts').empty?\n    describe 'Temporary accounts' do\n      subject { input('temporary_accounts') }\n      it { should be_empty }\n    end\n  else\n    input('temporary_accounts').each do |acct|\n      describe user(acct.to_s) do\n        its('maxdays') { should cmp <= 3 }\n        its('maxdays') { should cmp.positive? }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230331.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Temporary accounts is expected to be empty","run_time":0.002632,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Temporary accounts"}]},{"id":"SV-230332","title":"RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Check that the system locks an account after three unsuccessful logon\nattempts with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding."},{"label":"fix","data":"Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230332","rid":"SV-230332r627750_rule","stig_id":"RHEL-08-020010","fix_id":"F-32976r567743_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230332' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system locks an account after three unsuccessful logon\nattempts with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230332'\n  tag rid: 'SV-230332r627750_rule'\n  tag stig_id: 'RHEL-08-020010'\n  tag fix_id: 'F-32976r567743_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  unsuccessful_attempts = input('unsuccessful_attempts')\n  pam_auth_files = input('pam_auth_files')\n\n  only_if('This system uses Centralized Account Management to manage this requirement', impact: 0.0) {\n    !input('central_account_management')\n  }\n\n  if os.release.to_f >= 8.2\n    impact 0.0\n    describe 'This requirement only applies to RHEL 8 version(s) 8.0 and 8.1' do\n      skip \"Currently on release #{os.release}, this control is Not Applicable.\"\n    end\n  else\n    [\n      pam_auth_files['password-auth'],\n      pam_auth_files['system-auth']\n    ].each do |path|\n      describe pam(path) do\n        its('lines') {\n          should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('deny',\n                                                                                                            '<=', unsuccessful_attempts)\n        }\n        its('lines') {\n          should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('deny',\n                                                                                                            '>=', 0)\n        }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230332.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This requirement only applies to RHEL 8 version(s) 8.0 and 8.1","run_time":2.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"","skip_message":"Currently on release 8.9, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"This requirement only applies to RHEL 8 version(s) 8.0 and 8.1"}]},{"id":"SV-230333","title":"RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts:\n\n    $ sudo grep 'deny =' /etc/security/faillock.conf\n\n    deny = 3\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\"), is\nmissing or commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    deny = 3"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230333","rid":"SV-230333r743966_rule","stig_id":"RHEL-08-020011","fix_id":"F-32977r743965_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230333' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts:\n\n    $ sudo grep 'deny =' /etc/security/faillock.conf\n\n    deny = 3\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\"), is\nmissing or commented out, this is a finding.)\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    deny = 3'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230333'\n  tag rid: 'SV-230333r743966_rule'\n  tag stig_id: 'RHEL-08-020011'\n  tag fix_id: 'F-32977r743965_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  # NOTE: This check applies to RHEL versions 8.2 or newer,\n  # if the system is RHEL version 8.0 or 8.1,\n  # this check is not applicable.\n\n  if os.release.to_f < 8.2\n    impact 0.0\n    describe 'This requirement only applies to RHEL 8 Systems 8.2 and newer' do\n      skip \"Currently on release #{os.release}, this control is Not Applicable.\"\n    end\n  else\n    describe parse_config_file('/etc/security/faillock.conf') do\n      its('deny') { should cmp <= input('unsuccessful_attempts') }\n      its('deny') { should_not cmp 0 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230333.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf deny is expected to cmp <= 3","run_time":0.000138,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected it to be <= 3\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"},{"status":"passed","code_desc":"Parse Config File /etc/security/faillock.conf deny is expected not to cmp == 0","run_time":6.7e-05,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230334","title":"RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding."},{"label":"fix","data":"Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230334","rid":"SV-230334r627750_rule","stig_id":"RHEL-08-020012","fix_id":"F-32978r567749_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230334' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding.'\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230334'\n  tag rid: 'SV-230334r627750_rule'\n  tag stig_id: 'RHEL-08-020012'\n  tag fix_id: 'F-32978r567749_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL version 8.2 and later. If the system is\n  not RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('fail_interval',\n                                                                                                        '<=', input('fail_interval'))\n    }\n  end\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('fail_interval',\n                                                                                                        '<=', input('fail_interval'))\n    }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230334.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so preauth, all with integer arg fail_interval <= 900","run_time":0.000283,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"passed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so preauth, all with integer arg fail_interval <= 900","run_time":0.000403,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-230335","title":"RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts within 15 minutes:\n\n    $ sudo grep 'fail_interval =' /etc/security/faillock.conf\n\n    fail_interval = 900\n\n    If the \"fail_interval\" option is not set to \"900\" or more, is missing\nor commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    fail_interval = 900"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230335","rid":"SV-230335r743969_rule","stig_id":"RHEL-08-020013","fix_id":"F-32979r743968_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230335' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts within 15 minutes:\n\n    $ sudo grep 'fail_interval =' /etc/security/faillock.conf\n\n    fail_interval = 900\n\n    If the \"fail_interval\" option is not set to \"900\" or more, is missing\nor commented out, this is a finding.)\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    fail_interval = 900'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230335'\n  tag rid: 'SV-230335r743969_rule'\n  tag stig_id: 'RHEL-08-020013'\n  tag fix_id: 'F-32979r743968_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file(input('security_faillock_conf')) do\n    its('fail_interval') { should cmp >= input('fail_interval') }\n    its('fail_interval') { should_not cmp 0 }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230335.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf fail_interval is expected to cmp >= 900","run_time":8.6e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected it to be >= 900\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"},{"status":"passed","code_desc":"Parse Config File /etc/security/faillock.conf fail_interval is expected not to cmp == 0","run_time":6.9e-05,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230336","title":"RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes until released by an administrator with\nthe following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding."},{"label":"fix","data":"Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230336","rid":"SV-230336r627750_rule","stig_id":"RHEL-08-020014","fix_id":"F-32980r567755_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230336' do\n  title 'RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes until released by an administrator with\nthe following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding.'\n  desc 'fix', 'Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230336'\n  tag rid: 'SV-230336r627750_rule'\n  tag stig_id: 'RHEL-08-020014'\n  tag fix_id: 'F-32980r567755_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL version 8.2 and later. If the system is\n  not RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') do\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n        (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '<=',\n                                                                                            604_800).and \\\n                                                                                              match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '>=',\n                                                                                                                                                                                 input('lockout_time')))\n    end\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') do\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n        (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '<=',\n                                                                                            604_800).and \\\n                                                                                              match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '>=',\n                                                                                                                                                                                 input('lockout_time')))\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230336.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time <= 604800 and include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time >= 604800","run_time":0.000245,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"passed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time <= 604800 and include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time >= 604800","run_time":0.000216,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-230337","title":"RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount until released by an administrator after three unsuccessful logon\nattempts:\n\n    $ sudo grep 'unlock_time =' /etc/security/faillock.conf\n\n    unlock_time = 0\n\n    If the \"unlock_time\" option is not set to \"0\", is missing or commented\nout, this is a finding."},{"label":"fix","data":"Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    unlock_time = 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230337","rid":"SV-230337r743972_rule","stig_id":"RHEL-08-020015","fix_id":"F-32981r743971_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230337' do\n  title 'RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount until released by an administrator after three unsuccessful logon\nattempts:\n\n    $ sudo grep 'unlock_time =' /etc/security/faillock.conf\n\n    unlock_time = 0\n\n    If the \"unlock_time\" option is not set to \"0\", is missing or commented\nout, this is a finding.)\n  desc 'fix', 'Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    unlock_time = 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230337'\n  tag rid: 'SV-230337r743972_rule'\n  tag stig_id: 'RHEL-08-020015'\n  tag fix_id: 'F-32981r743971_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe.one do\n    describe parse_config_file('/etc/security/faillock.conf') do\n      its('unlock_time') { should cmp 0 }\n    end\n    describe parse_config_file('/etc/security/faillock.conf') do\n      its('unlock_time') { should cmp >= input('lockout_time') }\n      its('unlock_time') { should cmp <= 604_800 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230337.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf unlock_time is expected to cmp == 0","run_time":9.9e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"},{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf unlock_time is expected to cmp >= #<Inspec::Input::NO_VALUE_SET:0x00000001170dd708 @name=\"lockout_time\">","run_time":7.1e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected it to be >= #<Inspec::Input::NO_VALUE_SET:0x00000001170dd708 @name=\"lockout_time\">\n     got: \n\n(compared using `cmp` matcher)\n\n\n\nexpected it to be >= 604800\n     got: \n\n(compared using `cmp` matcher)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"},{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf unlock_time is expected to cmp <= 604800","run_time":5.9e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected it to be <= 604800\n     got: \n\n(compared using `cmp` matcher)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230338","title":"RHEL 8 must ensure account lockouts persist.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Check that the faillock directory contents persists after a reboot with the\nfollowing commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding."},{"label":"fix","data":"Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    Note: Using the default faillock directory of /var/run/faillock will result\nin the contents being cleared in the event of a reboot.\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230338","rid":"SV-230338r627750_rule","stig_id":"RHEL-08-020016","fix_id":"F-32982r567761_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230338' do\n  title 'RHEL 8 must ensure account lockouts persist.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the faillock directory contents persists after a reboot with the\nfollowing commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding.'\n  desc 'fix', 'Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    Note: Using the default faillock directory of /var/run/faillock will result\nin the contents being cleared in the event of a reboot.\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230338'\n  tag rid: 'SV-230338r627750_rule'\n  tag stig_id: 'RHEL-08-020016'\n  tag fix_id: 'F-32982r567761_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args(\"dir=#{input('log_directory')}\")\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args(\"dir=#{input('log_directory')}\")\n    }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230338.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":3.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-230339","title":"RHEL 8 must ensure account lockouts persist.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer. If the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured use a\nnon-default faillock directory to ensure contents persist after reboot:\n\n    $ sudo grep 'dir =' /etc/security/faillock.conf\n\n    dir = /var/log/faillock\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory, is missing or commented out, this is a finding."},{"label":"fix","data":"Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    dir = /var/log/faillock"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230339","rid":"SV-230339r743975_rule","stig_id":"RHEL-08-020017","fix_id":"F-32983r743974_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230339' do\n  title 'RHEL 8 must ensure account lockouts persist.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer. If the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured use a\nnon-default faillock directory to ensure contents persist after reboot:\n\n    $ sudo grep 'dir =' /etc/security/faillock.conf\n\n    dir = /var/log/faillock\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory, is missing or commented out, this is a finding.)\n  desc 'fix', 'Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    dir = /var/log/faillock'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230339'\n  tag rid: 'SV-230339r743975_rule'\n  tag stig_id: 'RHEL-08-020017'\n  tag fix_id: 'F-32983r743974_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer. If the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('dir') { should cmp input('log_directory') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230339.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf dir is expected to cmp == \"/var/log/faillock\"","run_time":7.3e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected: /var/log/faillock\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230340","title":"RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Check that the system prevents informative messages from being presented to\nthe user pertaining to logon information with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding."},{"label":"fix","data":"Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230340","rid":"SV-230340r627750_rule","stig_id":"RHEL-08-020018","fix_id":"F-32984r567767_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230340' do\n  title 'RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system prevents informative messages from being presented to\nthe user pertaining to logon information with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.'\n  desc 'fix', 'Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230340'\n  tag rid: 'SV-230340r627750_rule'\n  tag stig_id: 'RHEL-08-020018'\n  tag fix_id: 'F-32984r567767_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('silent')\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('silent')\n    }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230340.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":2.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-230341","title":"RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to prevent\ninformative messages from being presented at logon attempts:\n\n    $ sudo grep silent /etc/security/faillock.conf\n\n    silent\n\n    If the \"silent\" option is not set, is missing or commented out, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    silent"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230341","rid":"SV-230341r743978_rule","stig_id":"RHEL-08-020019","fix_id":"F-32985r743977_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230341' do\n  title 'RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to prevent\ninformative messages from being presented at logon attempts:\n\n    $ sudo grep silent /etc/security/faillock.conf\n\n    silent\n\n    If the \"silent\" option is not set, is missing or commented out, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    silent'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230341'\n  tag rid: 'SV-230341r743978_rule'\n  tag stig_id: 'RHEL-08-020019'\n  tag fix_id: 'F-32985r743977_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('silent') { should_not be nil }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230341.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf silent is expected not to equal nil","run_time":9.1e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230342","title":"RHEL 8 must log user name information when unsuccessful logon attempts\noccur.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout."},{"label":"check","data":"Check that the system logs user name information when unsuccessful logon\nattempts occur with the following commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding."},{"label":"fix","data":"Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230342","rid":"SV-230342r646872_rule","stig_id":"RHEL-08-020020","fix_id":"F-32986r567773_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230342' do\n  title 'RHEL 8 must log user name information when unsuccessful logon attempts\noccur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.'\n  desc 'check', 'Check that the system logs user name information when unsuccessful logon\nattempts occur with the following commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.'\n  desc 'fix', 'Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230342'\n  tag rid: 'SV-230342r646872_rule'\n  tag stig_id: 'RHEL-08-020020'\n  tag fix_id: 'F-32986r567773_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('If the system is RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('audit')\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('audit')\n    }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230342.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":2.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: If the system is RHEL version 8.2 or newer, this check is not applicable.","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-230343","title":"RHEL 8 must log user name information when unsuccessful logon attempts\noccur.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep audit /etc/security/faillock.conf\n\n    audit\n\n    If the \"audit\" option is not set, is missing or commented out, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    audit"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230343","rid":"SV-230343r743981_rule","stig_id":"RHEL-08-020021","fix_id":"F-32987r743980_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230343' do\n  title 'RHEL 8 must log user name information when unsuccessful logon attempts\noccur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep audit /etc/security/faillock.conf\n\n    audit\n\n    If the \"audit\" option is not set, is missing or commented out, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    audit'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230343'\n  tag rid: 'SV-230343r743981_rule'\n  tag stig_id: 'RHEL-08-020021'\n  tag fix_id: 'F-32987r743980_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('audit') { should_not be nil }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230343.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf audit is expected not to equal nil","run_time":5.3e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230344","title":"RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout."},{"label":"check","data":"Check that the system includes the root account when locking an account\nafter three unsuccessful logon attempts within a period of 15 minutes with the\nfollowing commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding."},{"label":"fix","data":"Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230344","rid":"SV-230344r646874_rule","stig_id":"RHEL-08-020022","fix_id":"F-32988r567779_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230344' do\n  title 'RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.'\n  desc 'check', 'Check that the system includes the root account when locking an account\nafter three unsuccessful logon attempts within a period of 15 minutes with the\nfollowing commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding.'\n  desc 'fix', 'Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230344'\n  tag rid: 'SV-230344r646874_rule'\n  tag stig_id: 'RHEL-08-020022'\n  tag fix_id: 'F-32988r567779_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('If the system is RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('even_deny_root')\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('even_deny_root')\n    }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230344.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":2.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: If the system is RHEL version 8.2 or newer, this check is not applicable.","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-230345","title":"RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep even_deny_root /etc/security/faillock.conf\n\n    even_deny_root\n\n    If the \"even_deny_root\" option is not set, is missing or commented out,\nthis is a finding."},{"label":"fix","data":"Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    even_deny_root"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-230345","rid":"SV-230345r743984_rule","stig_id":"RHEL-08-020023","fix_id":"F-32989r743983_fix","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'SV-230345' do\n  title 'RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep even_deny_root /etc/security/faillock.conf\n\n    even_deny_root\n\n    If the \"even_deny_root\" option is not set, is missing or commented out,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    even_deny_root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230345'\n  tag rid: 'SV-230345r743984_rule'\n  tag stig_id: 'RHEL-08-020023'\n  tag fix_id: 'F-32989r743983_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('even_deny_root') { should_not be nil }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230345.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf even_deny_root is expected not to equal nil","run_time":4.8e-05,"start_time":"2024-01-09T19:40:49-05:00","message":"\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"}]},{"id":"SV-230346","title":"RHEL 8 must limit the number of concurrent sessions to ten for all\naccounts and/or account types.","desc":"Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system.","descriptions":[{"label":"default","data":"Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system."},{"label":"check","data":"Verify the operating system limits the number of concurrent sessions to\n\"10\" for all accounts and/or account types by issuing the following command:\n\n    $ sudo grep -r -s '^[^#].*maxlogins' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard maxlogins 10\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"maxlogins\" item is missing, commented out, or the value is set\ngreater than \"10\" and is not documented with the Information System Security\nOfficer (ISSO) as an operational requirement for all domains that have the\n\"maxlogins\" item assigned, this is a finding."},{"label":"fix","data":"Configure the operating system to limit the number of concurrent sessions\nto \"10\" for all accounts and/or account types.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard maxlogins 10"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000027-GPOS-00008","gid":"V-230346","rid":"SV-230346r877399_rule","stig_id":"RHEL-08-020024","fix_id":"F-32990r619863_fix","cci":["CCI-000054"],"nist":["AC-10"]},"code":"control 'SV-230346' do\n  title 'RHEL 8 must limit the number of concurrent sessions to ten for all\naccounts and/or account types.'\n  desc 'Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system.'\n  desc 'check', %q(Verify the operating system limits the number of concurrent sessions to\n\"10\" for all accounts and/or account types by issuing the following command:\n\n    $ sudo grep -r -s '^[^#].*maxlogins' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard maxlogins 10\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"maxlogins\" item is missing, commented out, or the value is set\ngreater than \"10\" and is not documented with the Information System Security\nOfficer (ISSO) as an operational requirement for all domains that have the\n\"maxlogins\" item assigned, this is a finding.)\n  desc 'fix', 'Configure the operating system to limit the number of concurrent sessions\nto \"10\" for all accounts and/or account types.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard maxlogins 10'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000027-GPOS-00008'\n  tag gid: 'V-230346'\n  tag rid: 'SV-230346r877399_rule'\n  tag stig_id: 'RHEL-08-020024'\n  tag fix_id: 'F-32990r619863_fix'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  # Collect any files under limits.d if they exist\n  limits_files = directory('/etc/security/limits.d').exist? ? command('ls /etc/security/limits.d/*.conf').stdout.strip.lines : []\n  # Add limits.conf to the list\n  limits_files.push('/etc/security/limits.conf')\n  compliant_files = []\n  noncompliant_files = []\n\n  limits_files.each do |limits_file|\n    # Get any universal limits from each file\n    local_limits = limits_conf(limits_file).*\n    # If we got an array (results) check further\n    next unless local_limits.is_a?(Array)\n\n    local_limits.each do |temp_limit|\n      # For each result check if it is a 'hard' limit for 'maxlogins'\n      if temp_limit.include?('hard') && temp_limit.include?('maxlogins')\n        # If the limit is in range, push to compliant files\n        if temp_limit[-1].to_i <= input('maxlogins_limit')\n          compliant_files.push(limits_file)\n          # Otherwise add to noncompliant files\n        else\n          noncompliant_files.push(limits_file)\n        end\n      end\n    end\n  end\n\n  # It is required that at least 1 file contain compliant configuration\n  describe \"Files configuring maxlogins less than or equal to #{input('maxlogins_limit')}\" do\n    subject { compliant_files.length }\n    it { should be_positive }\n  end\n\n  # No files should set 'hard' 'maxlogins' to any noncompliant value\n  describe \"Files configuring maxlogins greater than #{input('maxlogins_limit')}\" do\n    subject { noncompliant_files }\n    it { should cmp [] }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230346.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Files configuring maxlogins less than or equal to 10 is expected to be positive","run_time":0.002353,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Files configuring maxlogins less than or equal to 10"},{"status":"passed","code_desc":"Files configuring maxlogins greater than 10 is expected to cmp == []","run_time":6.2e-05,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Files configuring maxlogins greater than 10"}]},{"id":"SV-230347","title":"RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ngraphical user sessions.","desc":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system.","descriptions":[{"label":"default","data":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system."},{"label":"check","data":"Verify the operating system enables a user's session lock until that user\nre-establishes access using established identification and authentication\nprocedures with the following command:\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-enabled\n\n    true\n\n    If the setting is \"false\", this is a finding.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable."},{"label":"fix","data":"Configure the operating system to enable a user's session lock until that\nuser re-establishes access using established identification and authentication\nprocedures.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following example:\n\n    $ sudo vi /etc/dconf/db/local.d/00-screensaver\n\n    Edit the \"[org/gnome/desktop/screensaver]\" section of the database file\nand add or update the following lines:\n\n    # Set this to true to lock the screen when the screensaver activates\n    lock-enabled=true\n\n    Update the system databases:\n\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000028-GPOS-00009","satisfies":["SRG-OS-000028-GPOS-00009","SRG-OS-000030-GPOS-00011"],"gid":"V-230347","rid":"SV-230347r627750_rule","stig_id":"RHEL-08-020030","fix_id":"F-32991r567788_fix","cci":["CCI-000056"],"nist":["AC-11 b"]},"code":"control 'SV-230347' do\n  title 'RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ngraphical user sessions.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system.'\n  desc 'check', %q(Verify the operating system enables a user's session lock until that user\nre-establishes access using established identification and authentication\nprocedures with the following command:\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-enabled\n\n    true\n\n    If the setting is \"false\", this is a finding.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.)\n  desc 'fix', %q(Configure the operating system to enable a user's session lock until that\nuser re-establishes access using established identification and authentication\nprocedures.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following example:\n\n    $ sudo vi /etc/dconf/db/local.d/00-screensaver\n\n    Edit the \"[org/gnome/desktop/screensaver]\" section of the database file\nand add or update the following lines:\n\n    # Set this to true to lock the screen when the screensaver activates\n    lock-enabled=true\n\n    Update the system databases:\n\n    $ sudo dconf update)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230347'\n  tag rid: 'SV-230347r627750_rule'\n  tag stig_id: 'RHEL-08-020030'\n  tag fix_id: 'F-32991r567788_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command('gsettings get org.gnome.desktop.screensaver lock-enabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230347.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have GNOME installed","run_time":3.0e-06,"start_time":"2024-01-09T19:40:49-05:00","resource":"","skip_message":"The system does not have GNOME installed, this requirement is Not\n        Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have GNOME installed"}]},{"id":"SV-230348","title":"RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ncommand line sessions.","desc":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.","descriptions":[{"label":"default","data":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package."},{"label":"check","data":"Verify the operating system enables the user to manually initiate a session lock with the following command:\n\n     $ sudo grep -Ei 'lock-command|lock-session' /etc/tmux.conf\n\n     set -g lock-command vlock\n     bind X lock-session\n\nIf the \"lock-command\" is not set and \"lock-session\" is not bound to a specific keyboard key in the global settings, this is a finding."},{"label":"fix","data":"Configure the operating system to enable a user to manually initiate a session lock via tmux. This configuration binds the uppercase letter \"X\" to manually initiate a session lock after the prefix key \"Ctrl + b\" has been sent. The complete key sequence is thus \"Ctrl + b\" then \"Shift + x\" to lock tmux.\n\nCreate a global configuration file \"/etc/tmux.conf\" and add the following lines:\n\n     set -g lock-command vlock\n     bind X lock-session\n\nReload tmux configuration to take effect. This can be performed in tmux while it is running:\n\n     $ tmux source-file /etc/tmux.conf"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000028-GPOS-00009","satisfies":["SRG-OS-000028-GPOS-00009","SRG-OS-000030-GPOS-00011"],"gid":"V-230348","rid":"SV-230348r902725_rule","stig_id":"RHEL-08-020040","fix_id":"F-32992r880719_fix","cci":["CCI-000056"],"nist":["AC-11 b"]},"code":"control 'SV-230348' do\n  title 'RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ncommand line sessions.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.'\n  desc 'check', %q(Verify the operating system enables the user to manually initiate a session lock with the following command:\n\n     $ sudo grep -Ei 'lock-command|lock-session' /etc/tmux.conf\n\n     set -g lock-command vlock\n     bind X lock-session\n\nIf the \"lock-command\" is not set and \"lock-session\" is not bound to a specific keyboard key in the global settings, this is a finding.)\n  desc 'fix', 'Configure the operating system to enable a user to manually initiate a session lock via tmux. This configuration binds the uppercase letter \"X\" to manually initiate a session lock after the prefix key \"Ctrl + b\" has been sent. The complete key sequence is thus \"Ctrl + b\" then \"Shift + x\" to lock tmux.\n\nCreate a global configuration file \"/etc/tmux.conf\" and add the following lines:\n\n     set -g lock-command vlock\n     bind X lock-session\n\nReload tmux configuration to take effect. This can be performed in tmux while it is running:\n\n     $ tmux source-file /etc/tmux.conf'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230348'\n  tag rid: 'SV-230348r902725_rule'\n  tag stig_id: 'RHEL-08-020040'\n  tag fix_id: 'F-32992r880719_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i lock-command /etc/tmux.conf') do\n      its('stdout.strip') { should cmp 'set -g lock-command vlock' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230348.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep -i lock-command /etc/tmux.conf` stdout.strip is expected to cmp == \"set -g lock-command vlock\"","run_time":0.233508,"start_time":"2024-01-09T19:40:49-05:00","resource_class":"command","resource_params":"[\"grep -i lock-command /etc/tmux.conf\"]","resource_id":"Command: `grep -i lock-command /etc/tmux.conf`"}]},{"id":"SV-230349","title":"RHEL 8 must ensure session control is automatically started at shell\ninitialization.","desc":"Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package.","descriptions":[{"label":"default","data":"Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package."},{"label":"check","data":"Verify the operating system shell initialization file is configured to start each shell with the tmux terminal multiplexer with the following commands:\n\nDetermine if tmux is currently running:\n     $ sudo ps all | grep tmux | grep -v grep\n\nIf the command does not produce output, this is a finding.\n\nDetermine the location of the tmux script:\n     $ sudo grep -r tmux /etc/bashrc /etc/profile.d\n\n     /etc/profile.d/tmux.sh:  case \"$name\" in (sshd|login) tmux ;; esac\n\nReview the tmux script by using the following example:\n     $ sudo cat /etc/profile.d/tmux.sh\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nIf \"tmux\" is not configured as the example above, is commented out, or is missing, this is a finding."},{"label":"fix","data":"Configure the operating system to initialize the tmux terminal multiplexer as each shell is called by adding the following lines to a custom.sh shell script in the /etc/profile.d/ directory:\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nThis setting will take effect at next logon."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000028-GPOS-00009","satisfies":["SRG-OS-000028-GPOS-00009","SRG-OS-000030-GPOS-00011"],"gid":"V-230349","rid":"SV-230349r917920_rule","stig_id":"RHEL-08-020041","fix_id":"F-32993r880735_fix","cci":["CCI-000056"],"nist":["AC-11 b"]},"code":"control 'SV-230349' do\n  title 'RHEL 8 must ensure session control is automatically started at shell\ninitialization.'\n  desc 'Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package.'\n  desc 'check', 'Verify the operating system shell initialization file is configured to start each shell with the tmux terminal multiplexer with the following commands:\n\nDetermine if tmux is currently running:\n     $ sudo ps all | grep tmux | grep -v grep\n\nIf the command does not produce output, this is a finding.\n\nDetermine the location of the tmux script:\n     $ sudo grep -r tmux /etc/bashrc /etc/profile.d\n\n     /etc/profile.d/tmux.sh:  case \"$name\" in (sshd|login) tmux ;; esac\n\nReview the tmux script by using the following example:\n     $ sudo cat /etc/profile.d/tmux.sh\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nIf \"tmux\" is not configured as the example above, is commented out, or is missing, this is a finding.'\n  desc 'fix', 'Configure the operating system to initialize the tmux terminal multiplexer as each shell is called by adding the following lines to a custom.sh shell script in the /etc/profile.d/ directory:\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nThis setting will take effect at next logon.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230349'\n  tag rid: 'SV-230349r917920_rule'\n  tag stig_id: 'RHEL-08-020041'\n  tag fix_id: 'F-32993r880735_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i tmux /etc/bashrc') do\n      its('stdout.strip') { should cmp '[ -n \"$PS1\" -a -z \"$TMUX\" ] && exec tmux' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230349.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Command: `grep -i tmux /etc/bashrc` stdout.strip is expected to cmp == \"[ -n \\\"$PS1\\\" -a -z \\\"$TMUX\\\" ] && exec tmux\"","run_time":0.125746,"start_time":"2024-01-09T19:40:50-05:00","message":"\nexpected: [ -n \"$PS1\" -a -z \"$TMUX\" ] && exec tmux\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"command","resource_params":"[\"grep -i tmux /etc/bashrc\"]","resource_id":"Command: `grep -i tmux /etc/bashrc`"}]},{"id":"SV-230350","title":"RHEL 8 must prevent users from disabling session control mechanisms.","desc":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.","descriptions":[{"label":"default","data":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package."},{"label":"check","data":"Verify the operating system prevents users from disabling the tmux terminal\nmultiplexer with the following command:\n\n    $ sudo grep -i tmux /etc/shells\n\n    If any output is produced, this is a finding."},{"label":"fix","data":"Configure the operating system to prevent users from disabling\nthe tmux terminal multiplexer by editing the \"/etc/shells\" configuration file\nto remove any instances of tmux."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000028-GPOS-00009","satisfies":["SRG-OS-000028-GPOS-00009","SRG-OS-000030-GPOS-00011"],"gid":"V-230350","rid":"SV-230350r627750_rule","stig_id":"RHEL-08-020042","fix_id":"F-32994r567797_fix","cci":["CCI-000056"],"nist":["AC-11 b"]},"code":"control 'SV-230350' do\n  title 'RHEL 8 must prevent users from disabling session control mechanisms.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.'\n  desc 'check', 'Verify the operating system prevents users from disabling the tmux terminal\nmultiplexer with the following command:\n\n    $ sudo grep -i tmux /etc/shells\n\n    If any output is produced, this is a finding.'\n  desc 'fix', 'Configure the operating system to prevent users from disabling\nthe tmux terminal multiplexer by editing the \"/etc/shells\" configuration file\nto remove any instances of tmux.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230350'\n  tag rid: 'SV-230350r627750_rule'\n  tag stig_id: 'RHEL-08-020042'\n  tag fix_id: 'F-32994r567797_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i tmux /etc/shells') do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230350.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Command: `grep -i tmux /etc/shells` stdout.strip is expected to be empty","run_time":0.192982,"start_time":"2024-01-09T19:40:50-05:00","message":"expected `\"/usr/bin/tmux\\n/bin/tmux\".empty?` to be truthy, got false","resource_class":"command","resource_params":"[\"grep -i tmux /etc/shells\"]","resource_id":"Command: `grep -i tmux /etc/shells`"}]},{"id":"SV-230351","title":"RHEL 8 must be able to initiate directly a session lock for all\n    connection types using smartcard when the smartcard is removed.","desc":"A session lock is a temporary action taken when a user stops work and\n    moves away from the immediate physical vicinity of the information system but\n    does not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\n    determined. Rather than be forced to wait for a period of time to expire before\n    the user session can be locked, RHEL 8 needs to provide users with the ability\n    to manually invoke a session lock so users can secure their session if it is\n    necessary to temporarily vacate the immediate physical vicinity.","descriptions":[{"label":"default","data":"A session lock is a temporary action taken when a user stops work and\n    moves away from the immediate physical vicinity of the information system but\n    does not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\n    determined. Rather than be forced to wait for a period of time to expire before\n    the user session can be locked, RHEL 8 needs to provide users with the ability\n    to manually invoke a session lock so users can secure their session if it is\n    necessary to temporarily vacate the immediate physical vicinity."},{"label":"check","data":"Verify the operating system enables a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user interface,\n    Gnome Shell. If the system does not have any graphical user interface installed,\n    this requirement is Not Applicable.\n\n    $ sudo grep -R removal-action /etc/dconf/db/*\n\n    /etc/dconf/db/distro.d/20-authselect:removal-action='lock-screen'\n\n    If the \"removal-action='lock-screen'\" setting is missing or commented out from\n    the dconf database files, this is a finding."},{"label":"fix","data":"Configure the operating system to enable a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures.\n\n    Select/Create an authselect profile and incorporate the\n    \"with-smartcard-lock-on-removal\" feature with the following example:\n\n    $sudo authselect select sssd with-smartcard with-smartcard-lock-on-removal\n\n    Alternatively, the dconf settings can be edited in the /etc/dconf/db/* location.\n\n    Edit or add the \"[org/gnome/settings-daemon/peripherals/smartcard]\" section of\n    the database file and add or update the following lines:\n\n    removal-action='lock-screen'\n\n    Update the system databases:\n\n    $sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000028-GPOS-00009","satisfies":["SRG-OS-000028-GPOS-00009","SRG-OS-000030-GPOS-00011"],"gid":"V-230351","rid":"SV-230351r792899_rule","stig_id":"RHEL-08-020050","fix_id":"F-32995r792898_fix","cci":["CCI-000056"],"nist":["AC-11 b"]},"code":"control 'SV-230351' do\n  title 'RHEL 8 must be able to initiate directly a session lock for all\n    connection types using smartcard when the smartcard is removed.'\n  desc 'A session lock is a temporary action taken when a user stops work and\n    moves away from the immediate physical vicinity of the information system but\n    does not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\n    determined. Rather than be forced to wait for a period of time to expire before\n    the user session can be locked, RHEL 8 needs to provide users with the ability\n    to manually invoke a session lock so users can secure their session if it is\n    necessary to temporarily vacate the immediate physical vicinity.'\n  desc 'check', %q(Verify the operating system enables a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user interface,\n    Gnome Shell. If the system does not have any graphical user interface installed,\n    this requirement is Not Applicable.\n\n    $ sudo grep -R removal-action /etc/dconf/db/*\n\n    /etc/dconf/db/distro.d/20-authselect:removal-action='lock-screen'\n\n    If the \"removal-action='lock-screen'\" setting is missing or commented out from\n    the dconf database files, this is a finding.)\n  desc 'fix', %q(Configure the operating system to enable a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures.\n\n    Select/Create an authselect profile and incorporate the\n    \"with-smartcard-lock-on-removal\" feature with the following example:\n\n    $sudo authselect select sssd with-smartcard with-smartcard-lock-on-removal\n\n    Alternatively, the dconf settings can be edited in the /etc/dconf/db/* location.\n\n    Edit or add the \"[org/gnome/settings-daemon/peripherals/smartcard]\" section of\n    the database file and add or update the following lines:\n\n    removal-action='lock-screen'\n\n    Update the system databases:\n\n    $sudo dconf update)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230351'\n  tag rid: 'SV-230351r792899_rule'\n  tag stig_id: 'RHEL-08-020050'\n  tag fix_id: 'F-32995r792898_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if !input('smart_card_enabled')\n    impact 0.0\n    describe \"The system is not smartcard enabled thus this control is Not\n    Applicable\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA\n      requirement, this control is Not Applicable.\"\n    end\n  elsif !package('gnome-desktop3').installed?\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  else\n    describe command('grep -R removal-action /etc/dconf/db/*') do\n      its('stdout.strip') { should match(/^[^#].*:\\s*removal-action\\s*=[\\s']*lock-screen[\\s']*$/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230351.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system is not smartcard enabled thus this control is Not\n    Applicable","run_time":4.0e-06,"start_time":"2024-01-09T19:40:50-05:00","resource":"","skip_message":"The system is not using Smartcards / PIVs to fulfil the MFA\n      requirement, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system is not smartcard enabled thus this control is Not\n    Applicable"}]},{"id":"SV-230352","title":"RHEL 8 must automatically lock graphical user sessions after 15\nminutes of inactivity.","desc":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.","descriptions":[{"label":"default","data":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity."},{"label":"check","data":"Verify the operating system initiates a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces with the following commands:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.session idle-delay\n\n    uint32 900\n\n    If \"idle-delay\" is set to \"0\" or a value greater than \"900\", this is\na finding."},{"label":"fix","data":"Configure the operating system to initiate a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following\nlines:\n\n    [org/gnome/desktop/session]\n    # Set the lock time out to 900 seconds before the session is considered idle\n    idle-delay=uint32 900\n\n    Update the system databases:\n\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-GPOS-00010","satisfies":["SRG-OS-000029-GPOS-00010","SRG-OS-000031-GPOS-00012"],"gid":"V-230352","rid":"SV-230352r646876_rule","stig_id":"RHEL-08-020060","fix_id":"F-32996r567803_fix","cci":["CCI-000057"],"nist":["AC-11 a"]},"code":"control 'SV-230352' do\n  title 'RHEL 8 must automatically lock graphical user sessions after 15\nminutes of inactivity.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.'\n  desc 'check', 'Verify the operating system initiates a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces with the following commands:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.session idle-delay\n\n    uint32 900\n\n    If \"idle-delay\" is set to \"0\" or a value greater than \"900\", this is\na finding.'\n  desc 'fix', 'Configure the operating system to initiate a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following\nlines:\n\n    [org/gnome/desktop/session]\n    # Set the lock time out to 900 seconds before the session is considered idle\n    idle-delay=uint32 900\n\n    Update the system databases:\n\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012']\n  tag gid: 'V-230352'\n  tag rid: 'SV-230352r646876_rule'\n  tag stig_id: 'RHEL-08-020060'\n  tag fix_id: 'F-32996r567803_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command(\"gsettings get org.gnome.desktop.session idle-delay | cut -d ' ' -f2\") do\n      its('stdout.strip') { should cmp <= 900 }\n      its('stdout.strip') { should cmp >= 0 }\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230352.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have GNOME installed","run_time":2.0e-06,"start_time":"2024-01-09T19:40:50-05:00","resource":"","skip_message":"The system does not have GNOME installed, this requirement is Not\n        Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have GNOME installed"}]},{"id":"SV-230353","title":"RHEL 8 must automatically lock command line user sessions after 15\nminutes of inactivity.","desc":"Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.","descriptions":[{"label":"default","data":"Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session."},{"label":"check","data":"Verify the operating system initiates a session lock after 15 minutes of\ninactivity.\n\n    Check the value of the system inactivity timeout with the following command:\n\n    $ sudo grep -i lock-after-time /etc/tmux.conf\n\n    set -g lock-after-time 900\n\n    If \"lock-after-time\" is not set to \"900\" or less in the global tmux\nconfiguration file to enforce session lock after inactivity, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce session lock after a period of 15\nminutes of inactivity by adding the following line to the \"/etc/tmux.conf\"\nglobal configuration file:\n\n    set -g lock-after-time 900"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-GPOS-00010","satisfies":["SRG-OS-000029-GPOS-00010","SRG-OS-000031-GPOS-00012"],"gid":"V-230353","rid":"SV-230353r627750_rule","stig_id":"RHEL-08-020070","fix_id":"F-32997r567806_fix","cci":["CCI-000057"],"nist":["AC-11 a"]},"code":"control 'SV-230353' do\n  title 'RHEL 8 must automatically lock command line user sessions after 15\nminutes of inactivity.'\n  desc 'Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.'\n  desc 'check', 'Verify the operating system initiates a session lock after 15 minutes of\ninactivity.\n\n    Check the value of the system inactivity timeout with the following command:\n\n    $ sudo grep -i lock-after-time /etc/tmux.conf\n\n    set -g lock-after-time 900\n\n    If \"lock-after-time\" is not set to \"900\" or less in the global tmux\nconfiguration file to enforce session lock after inactivity, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce session lock after a period of 15\nminutes of inactivity by adding the following line to the \"/etc/tmux.conf\"\nglobal configuration file:\n\n    set -g lock-after-time 900'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012']\n  tag gid: 'V-230353'\n  tag rid: 'SV-230353r627750_rule'\n  tag stig_id: 'RHEL-08-020070'\n  tag fix_id: 'F-32997r567806_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command(\"grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4\") do\n      its('stdout.strip') { should cmp <= input('system_inactivity_timeout') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230353.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4` stdout.strip is expected to cmp <= 900","run_time":0.192269,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"command","resource_params":"[\"grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4\"]","resource_id":"Command: `grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4`"}]},{"id":"SV-230354","title":"RHEL 8 must prevent a user from overriding the session lock-delay\nsetting for the graphical user interface.","desc":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.","descriptions":[{"label":"default","data":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline."},{"label":"check","data":"Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-delay /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-delay\n\n    If the command does not return at least the example result, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-delay"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-GPOS-00010","satisfies":["SRG-OS-000029-GPOS-00010","SRG-OS-000031-GPOS-00012","SRG-OS-000480-GPOS-00227"],"gid":"V-230354","rid":"SV-230354r743990_rule","stig_id":"RHEL-08-020080","fix_id":"F-32998r743989_fix","cci":["CCI-000057"],"nist":["AC-11 a"]},"code":"control 'SV-230354' do\n  title 'RHEL 8 must prevent a user from overriding the session lock-delay\nsetting for the graphical user interface.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.\"\n  desc 'check', 'Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-delay /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-delay\n\n    If the command does not return at least the example result, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-delay'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-230354'\n  tag rid: 'SV-230354r743990_rule'\n  tag stig_id: 'RHEL-08-020080'\n  tag fix_id: 'F-32998r743989_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command('grep -i lock-delay /etc/dconf/db/local.d/locks/*') do\n      its('stdout.split') { should include '/org/gnome/desktop/screensaver/lock-delay' }\n    end\n  else\n    impact 0.0\n    describe 'The GNOME desktop is not installed' do\n      skip 'The GNOME desktop is not installed, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230354.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The GNOME desktop is not installed","run_time":5.0e-06,"start_time":"2024-01-09T19:40:50-05:00","resource":"","skip_message":"The GNOME desktop is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The GNOME desktop is not installed"}]},{"id":"SV-230355","title":"RHEL 8 must map the authenticated identity to the user or group\naccount for PKI-based authentication.","desc":"Without mapping the certificate used to authenticate to the user\naccount, the ability to determine the identity of the individual user or group\nwill not be available for forensic analysis.\n\n    There are various methods of mapping certificates to user/group accounts\nfor RHEL 8. For the purposes of this requirement, the check and fix will\naccount for Active Directory mapping. Some of the other possible methods\ninclude joining the system to a domain and utilizing a Red Hat idM server, or a\nlocal system mapping, where the system is not part of a domain.","descriptions":[{"label":"default","data":"Without mapping the certificate used to authenticate to the user\naccount, the ability to determine the identity of the individual user or group\nwill not be available for forensic analysis.\n\n    There are various methods of mapping certificates to user/group accounts\nfor RHEL 8. For the purposes of this requirement, the check and fix will\naccount for Active Directory mapping. Some of the other possible methods\ninclude joining the system to a domain and utilizing a Red Hat idM server, or a\nlocal system mapping, where the system is not part of a domain."},{"label":"check","data":"Verify the certificate of the user or group is mapped to the corresponding user or group in the \"sssd.conf\" file with the following command:\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\n$ sudo cat /etc/sssd/sssd.conf\n\n[sssd]\nconfig_file_version = 2\nservices = pam, sudo, ssh\ndomains = testing.test\n\n[pam]\npam_cert_auth = True\n\n[domain/testing.test]\nid_provider = ldap\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nIf the certmap section does not exist, ask the System Administrator to indicate how certificates are mapped to accounts. If there is no evidence of certificate mapping, this is a finding."},{"label":"fix","data":"Configure the operating system to map the authenticated identity to the user or group account by adding or modifying the certmap section of the \"/etc/sssd/sssd.conf file based on the following example:\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000068-GPOS-00036","gid":"V-230355","rid":"SV-230355r858743_rule","stig_id":"RHEL-08-020090","fix_id":"F-32999r818835_fix","cci":["CCI-000187"],"nist":["IA-5 (2) (c)","IA-5 (2) (a) (2)"]},"code":"control 'SV-230355' do\n  title 'RHEL 8 must map the authenticated identity to the user or group\naccount for PKI-based authentication.'\n  desc 'Without mapping the certificate used to authenticate to the user\naccount, the ability to determine the identity of the individual user or group\nwill not be available for forensic analysis.\n\n    There are various methods of mapping certificates to user/group accounts\nfor RHEL 8. For the purposes of this requirement, the check and fix will\naccount for Active Directory mapping. Some of the other possible methods\ninclude joining the system to a domain and utilizing a Red Hat idM server, or a\nlocal system mapping, where the system is not part of a domain.'\n  desc 'check', 'Verify the certificate of the user or group is mapped to the corresponding user or group in the \"sssd.conf\" file with the following command:\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\n$ sudo cat /etc/sssd/sssd.conf\n\n[sssd]\nconfig_file_version = 2\nservices = pam, sudo, ssh\ndomains = testing.test\n\n[pam]\npam_cert_auth = True\n\n[domain/testing.test]\nid_provider = ldap\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nIf the certmap section does not exist, ask the System Administrator to indicate how certificates are mapped to accounts. If there is no evidence of certificate mapping, this is a finding.'\n  desc 'fix', 'Configure the operating system to map the authenticated identity to the user or group account by adding or modifying the certmap section of the \"/etc/sssd/sssd.conf file based on the following example:\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000068-GPOS-00036'\n  tag gid: 'V-230355'\n  tag rid: 'SV-230355r858743_rule'\n  tag stig_id: 'RHEL-08-020090'\n  tag fix_id: 'F-32999r818835_fix'\n  tag cci: ['CCI-000187']\n  tag nist: ['IA-5 (2) (c)', 'IA-5 (2) (a) (2)']\n\n  if virtualization.system.eql?('docker') && !file('/etc/sssd/sssd.conf').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/etc/sssd/sssd.conf') do\n      it { should exist }\n      its('content') { should match(/^\\s*\\[certmap.*\\]\\s*$/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230355.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File /etc/sssd/sssd.conf is expected to exist","run_time":0.000132,"start_time":"2024-01-09T19:40:50-05:00","message":"expected File /etc/sssd/sssd.conf to exist","resource_class":"file","resource_params":"[\"/etc/sssd/sssd.conf\"]","resource_id":"/etc/sssd/sssd.conf"},{"status":"failed","code_desc":"File /etc/sssd/sssd.conf content is expected to match /^\\s*\\[certmap.*\\]\\s*$/","run_time":0.121926,"start_time":"2024-01-09T19:40:50-05:00","message":"expected nil to match /^\\s*\\[certmap.*\\]\\s*$/","resource_class":"file","resource_params":"[\"/etc/sssd/sssd.conf\"]","resource_id":"/etc/sssd/sssd.conf"}]},{"id":"SV-230356","title":"RHEL 8 must ensure the password complexity module is enabled in the password-auth file.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth"},{"label":"check","data":"Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000069-GPOS-00037","gid":"V-230356","rid":"SV-230356r902728_rule","stig_id":"RHEL-08-020100","fix_id":"F-33000r902727_fix","cci":["CCI-000192","CCI-000366"],"nist":["IA-5 (1) (a)","CM-6 b"]},"code":"control 'SV-230356' do\n  title 'RHEL 8 must ensure the password complexity module is enabled in the password-auth file.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth'\n  desc 'check', 'Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-GPOS-00037'\n  tag gid: 'V-230356'\n  tag rid: 'SV-230356r902728_rule'\n  tag stig_id: 'RHEL-08-020100'\n  tag fix_id: 'F-33000r902727_fix'\n  tag cci: ['CCI-000192', 'CCI-000366']\n  tag nist: ['IA-5 (1) (a)', 'CM-6 b']\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so') }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '>=', 1)\n    }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '<=',\n                                                                                                   input('max_retry'))\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so') }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '>=', 1)\n    }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '<=',\n                                                                                                   input('max_retry'))\n    }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230356.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite) pam_pwquality.so","run_time":0.00023,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1","run_time":0.000222,"start_time":"2024-01-09T19:40:50-05:00","message":"expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3","run_time":0.000208,"start_time":"2024-01-09T19:40:50-05:00","message":"expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"passed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite) pam_pwquality.so","run_time":0.000131,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1","run_time":0.000176,"start_time":"2024-01-09T19:40:50-05:00","message":"expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3","run_time":0.00022,"start_time":"2024-01-09T19:40:50-05:00","message":"expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-230357","title":"RHEL 8 must enforce password complexity by requiring that at least one\nuppercase character be used.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require uppercase characters, without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require uppercase characters, without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."},{"label":"check","data":"Verify the value for \"ucredit\" with the following command:\n\n$ sudo grep -r ucredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ucredit = -1\n\nIf the value of \"ucredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce password complexity by requiring that at least one uppercase character be used by setting the \"ucredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nucredit = -1\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000069-GPOS-00037","gid":"V-230357","rid":"SV-230357r858771_rule","stig_id":"RHEL-08-020110","fix_id":"F-33001r858770_fix","cci":["CCI-000192"],"nist":["IA-5 (1) (a)"]},"code":"control 'SV-230357' do\n  title 'RHEL 8 must enforce password complexity by requiring that at least one\nuppercase character be used.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require uppercase characters, without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"ucredit\" with the following command:\n\n$ sudo grep -r ucredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ucredit = -1\n\nIf the value of \"ucredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one uppercase character be used by setting the \"ucredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nucredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-GPOS-00037'\n  tag gid: 'V-230357'\n  tag rid: 'SV-230357r858771_rule'\n  tag stig_id: 'RHEL-08-020110'\n  tag fix_id: 'F-33001r858770_fix'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe 'pwquality.conf:' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting) { 'ucredit' }\n    let(:value) { Array(config.params[setting]) }\n\n    it 'has `ucredit` set' do\n      expect(value).not_to be_empty, 'ucredit is not set in pwquality.conf'\n    end\n\n    it 'only sets `ucredit` once' do\n      expect(value.length).to eq(1), 'ucredit is commented or set more than once in pwquality.conf'\n    end\n\n    it 'does not set `ucredit` to a positive value' do\n      expect(value.first.to_i).to cmp < 0, 'ucredit is not set to a negative value in pwquality.conf'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230357.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf: has `ucredit` set","run_time":0.002777,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf:"},{"status":"passed","code_desc":"pwquality.conf: only sets `ucredit` once","run_time":0.000217,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf:"},{"status":"passed","code_desc":"pwquality.conf: does not set `ucredit` to a positive value","run_time":0.000182,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf:"}]},{"id":"SV-230358","title":"RHEL 8 must enforce password complexity by requiring that at least one\nlower-case character be used.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require lower-case characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require lower-case characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."},{"label":"check","data":"Verify the value for \"lcredit\" with the following command:\n\n$ sudo grep -r lcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:lcredit = -1\n\nIf the value of \"lcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce password complexity by requiring that at least one lower-case character be used by setting the \"lcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nlcredit = -1\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000070-GPOS-00038","gid":"V-230358","rid":"SV-230358r858773_rule","stig_id":"RHEL-08-020120","fix_id":"F-33002r858772_fix","cci":["CCI-000193"],"nist":["IA-5 (1) (a)"]},"code":"control 'SV-230358' do\n  title 'RHEL 8 must enforce password complexity by requiring that at least one\nlower-case character be used.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require lower-case characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"lcredit\" with the following command:\n\n$ sudo grep -r lcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:lcredit = -1\n\nIf the value of \"lcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one lower-case character be used by setting the \"lcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nlcredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000070-GPOS-00038'\n  tag gid: 'V-230358'\n  tag rid: 'SV-230358r858773_rule'\n  tag stig_id: 'RHEL-08-020120'\n  tag fix_id: 'F-33002r858772_fix'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting) { 'lcredit' }\n    let(:value) { Array(config.params[setting]) }\n\n    it 'has `lcredit` set' do\n      expect(value).not_to be_empty, 'lcredit is not set in pwquality.conf'\n    end\n\n    it 'only sets `lcredit` once' do\n      expect(value.length).to eq(1), 'lcredit is commented or set more than once in pwquality.conf'\n    end\n\n    it 'does not set `lcredit` to a positive value' do\n      expect(value.first.to_i).to be < 0, 'lcredit is not set to a negative value in pwquality.conf'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230358.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `lcredit` set","run_time":0.002303,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `lcredit` once","run_time":0.000156,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `lcredit` to a positive value","run_time":0.000167,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230359","title":"RHEL 8 must enforce password complexity by requiring that at least one\nnumeric character be used.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that in order to require numeric characters, without degrading\nthe minlen value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that in order to require numeric characters, without degrading\nthe minlen value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."},{"label":"check","data":"Verify the value for \"dcredit\" with the following command:\n\n$ sudo grep -r dcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dcredit = -1\n\nIf the value of \"dcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce password complexity by requiring that at least one numeric character be used by setting the \"dcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\ndcredit = -1\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000071-GPOS-00039","gid":"V-230359","rid":"SV-230359r858775_rule","stig_id":"RHEL-08-020130","fix_id":"F-33003r858774_fix","cci":["CCI-000194"],"nist":["IA-5 (1) (a)"]},"code":"control 'SV-230359' do\n  title 'RHEL 8 must enforce password complexity by requiring that at least one\nnumeric character be used.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that in order to require numeric characters, without degrading\nthe minlen value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"dcredit\" with the following command:\n\n$ sudo grep -r dcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dcredit = -1\n\nIf the value of \"dcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one numeric character be used by setting the \"dcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\ndcredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000071-GPOS-00039'\n  tag gid: 'V-230359'\n  tag rid: 'SV-230359r858775_rule'\n  tag stig_id: 'RHEL-08-020130'\n  tag fix_id: 'F-33003r858774_fix'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting) { 'dcredit' }\n    let(:value) { Array(config.params[setting]) }\n\n    it 'has `dcredit` set' do\n      expect(value).not_to be_empty, 'dcredit is not set in pwquality.conf'\n    end\n\n    it 'only sets `dcredit` once' do\n      expect(value.length).to eq(1), 'dcredit is commented or set more than once in pwquality.conf'\n    end\n\n    it 'does not set `dcredit` to a positive value' do\n      expect(value.first.to_i).to be < 0, 'dcredit is not set to a negative value in pwquality.conf'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230359.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `dcredit` set","run_time":0.002277,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `dcredit` once","run_time":0.00015,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `dcredit` to a positive value","run_time":0.000235,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230360","title":"RHEL 8 must require the maximum number of repeating characters of the\nsame character class be limited to four when passwords are changed.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxclassrepeat\" option sets the maximum number of allowed\nsame consecutive characters in the same class in the new password.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxclassrepeat\" option sets the maximum number of allowed\nsame consecutive characters in the same class in the new password."},{"label":"check","data":"Check for the value of the \"maxclassrepeat\" option with the following command:\n\n$ sudo grep -r maxclassrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxclassrepeat = 4\n\nIf the value of \"maxclassrepeat\" is set to \"0\", more than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to require the change of the number of repeating characters of the same character class when passwords are changed by setting the \"maxclassrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" conf (or modify the line to have the required value):\n\nmaxclassrepeat = 4\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000072-GPOS-00040","gid":"V-230360","rid":"SV-230360r858777_rule","stig_id":"RHEL-08-020140","fix_id":"F-33004r858776_fix","cci":["CCI-000195"],"nist":["IA-5 (1) (b)"]},"code":"control 'SV-230360' do\n  title 'RHEL 8 must require the maximum number of repeating characters of the\nsame character class be limited to four when passwords are changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxclassrepeat\" option sets the maximum number of allowed\nsame consecutive characters in the same class in the new password.'\n  desc 'check', 'Check for the value of the \"maxclassrepeat\" option with the following command:\n\n$ sudo grep -r maxclassrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxclassrepeat = 4\n\nIf the value of \"maxclassrepeat\" is set to \"0\", more than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of the number of repeating characters of the same character class when passwords are changed by setting the \"maxclassrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" conf (or modify the line to have the required value):\n\nmaxclassrepeat = 4\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230360'\n  tag rid: 'SV-230360r858777_rule'\n  tag stig_id: 'RHEL-08-020140'\n  tag fix_id: 'F-33004r858776_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('maxclassrepeat')\n  setting = 'maxclassrepeat'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230360.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `maxclassrepeat` set","run_time":0.002481,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `maxclassrepeat` once","run_time":0.000194,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `maxclassrepeat` to more than 4","run_time":0.000141,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230361","title":"RHEL 8 must require the maximum number of repeating characters be\nlimited to three when passwords are changed.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxrepeat\" option sets the maximum number of allowed same\nconsecutive characters in a new password.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxrepeat\" option sets the maximum number of allowed same\nconsecutive characters in a new password."},{"label":"check","data":"Check for the value of the \"maxrepeat\" option with the following command:\n\n$ sudo grep -r maxrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxrepeat = 3\n\nIf the value of \"maxrepeat\" is set to more than \"3\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to require the change of the number of repeating consecutive characters when passwords are changed by setting the \"maxrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nmaxrepeat = 3\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000072-GPOS-00040","gid":"V-230361","rid":"SV-230361r858779_rule","stig_id":"RHEL-08-020150","fix_id":"F-33005r858778_fix","cci":["CCI-000195"],"nist":["IA-5 (1) (b)"]},"code":"control 'SV-230361' do\n  title 'RHEL 8 must require the maximum number of repeating characters be\nlimited to three when passwords are changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxrepeat\" option sets the maximum number of allowed same\nconsecutive characters in a new password.'\n  desc 'check', 'Check for the value of the \"maxrepeat\" option with the following command:\n\n$ sudo grep -r maxrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxrepeat = 3\n\nIf the value of \"maxrepeat\" is set to more than \"3\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of the number of repeating consecutive characters when passwords are changed by setting the \"maxrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nmaxrepeat = 3\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230361'\n  tag rid: 'SV-230361r858779_rule'\n  tag stig_id: 'RHEL-08-020150'\n  tag fix_id: 'F-33005r858778_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('maxrepeat')\n  setting = 'maxrepeat'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230361.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `maxrepeat` set","run_time":0.002375,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `maxrepeat` once","run_time":0.000153,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `maxrepeat` to more than 3","run_time":0.000194,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230362","title":"RHEL 8 must require the change of at least four character classes when passwords are changed.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"minclass\" option sets the minimum number of required classes\nof characters for the new password (digits, uppercase, lowercase, others).","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"minclass\" option sets the minimum number of required classes\nof characters for the new password (digits, uppercase, lowercase, others)."},{"label":"check","data":"Verify the value of the \"minclass\" option with the following command:\n\n$ sudo grep -r minclass /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minclass = 4\n\nIf the value of \"minclass\" is set to less than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to require the change of at least four character classes when passwords are changed by setting the \"minclass\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nminclass = 4\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000072-GPOS-00040","gid":"V-230362","rid":"SV-230362r858781_rule","stig_id":"RHEL-08-020160","fix_id":"F-33006r858780_fix","cci":["CCI-000195"],"nist":["IA-5 (1) (b)"]},"code":"control 'SV-230362' do\n  title 'RHEL 8 must require the change of at least four character classes when passwords are changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"minclass\" option sets the minimum number of required classes\nof characters for the new password (digits, uppercase, lowercase, others).'\n  desc 'check', 'Verify the value of the \"minclass\" option with the following command:\n\n$ sudo grep -r minclass /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minclass = 4\n\nIf the value of \"minclass\" is set to less than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of at least four character classes when passwords are changed by setting the \"minclass\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nminclass = 4\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230362'\n  tag rid: 'SV-230362r858781_rule'\n  tag stig_id: 'RHEL-08-020160'\n  tag fix_id: 'F-33006r858780_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('minclass')\n  setting = 'minclass'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230362.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `minclass` set","run_time":0.002285,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `minclass` once","run_time":0.00036,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `minclass` to more than 4","run_time":0.000152,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230363","title":"RHEL 8 must require the change of at least 8 characters when passwords\nare changed.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"difok\" option sets the number of characters in a password\nthat must not be present in the old password.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"difok\" option sets the number of characters in a password\nthat must not be present in the old password."},{"label":"check","data":"Verify the value of the \"difok\" option with the following command:\n\n$ sudo grep -r difok /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:difok = 8\n\nIf the value of \"difok\" is set to less than \"8\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to require the change of at least eight of the total number of characters when passwords are changed by setting the \"difok\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\ndifok = 8\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000072-GPOS-00040","gid":"V-230363","rid":"SV-230363r858783_rule","stig_id":"RHEL-08-020170","fix_id":"F-33007r858782_fix","cci":["CCI-000195"],"nist":["IA-5 (1) (b)"]},"code":"control 'SV-230363' do\n  title 'RHEL 8 must require the change of at least 8 characters when passwords\nare changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"difok\" option sets the number of characters in a password\nthat must not be present in the old password.'\n  desc 'check', 'Verify the value of the \"difok\" option with the following command:\n\n$ sudo grep -r difok /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:difok = 8\n\nIf the value of \"difok\" is set to less than \"8\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of at least eight of the total number of characters when passwords are changed by setting the \"difok\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\ndifok = 8\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230363'\n  tag rid: 'SV-230363r858783_rule'\n  tag stig_id: 'RHEL-08-020170'\n  tag fix_id: 'F-33007r858782_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('difok')\n  setting = 'difok'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230363.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `difok` set","run_time":0.002303,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `difok` once","run_time":0.000194,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `difok` to more than 8","run_time":0.000143,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230364","title":"RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime\nrestriction in /etc/shadow.","desc":"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.","descriptions":[{"label":"default","data":"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse."},{"label":"check","data":"Check whether the minimum time period between password changes for each\nuser account is one day or greater.\n\n    $ sudo awk -F: '$4 < 1 {print $1 \" \" $4}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding."},{"label":"fix","data":"Configure non-compliant accounts to enforce a 24 hours/1 day minimum\npassword lifetime:\n\n    $ sudo chage -m 1 [user]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000075-GPOS-00043","gid":"V-230364","rid":"SV-230364r627750_rule","stig_id":"RHEL-08-020180","fix_id":"F-33008r567839_fix","cci":["CCI-000198"],"nist":["IA-5 (1) (d)"]},"code":"control 'SV-230364' do\n  title 'RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime\nrestriction in /etc/shadow.'\n  desc \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc 'check', %q(Check whether the minimum time period between password changes for each\nuser account is one day or greater.\n\n    $ sudo awk -F: '$4 < 1 {print $1 \" \" $4}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.)\n  desc 'fix', 'Configure non-compliant accounts to enforce a 24 hours/1 day minimum\npassword lifetime:\n\n    $ sudo chage -m 1 [user]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000075-GPOS-00043'\n  tag gid: 'V-230364'\n  tag rid: 'SV-230364r627750_rule'\n  tag stig_id: 'RHEL-08-020180'\n  tag fix_id: 'F-33008r567839_fix'\n  tag cci: ['CCI-000198']\n  tag nist: ['IA-5 (1) (d)']\n\n  # TODO: add inputs for a frequecny\n\n  bad_users = users.where { uid >= 1000 }.where { mindays < 1 }.usernames\n  in_scope_users = bad_users - input('exempt_home_users')\n\n  describe 'Users should not' do\n    it 'be able to change their password more then once a 24 hour period' do\n      failure_message = \"The following users can update their password more then once a day: #{in_scope_users.join(', ')}\"\n      expect(in_scope_users).to be_empty, failure_message\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230364.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Users should not be able to change their password more then once a 24 hour period","run_time":0.002131,"start_time":"2024-01-09T19:40:50-05:00","message":"The following users can update their password more then once a day: nobody","resource_class":"Object","resource_params":"[]","resource_id":"Users should not"}]},{"id":"SV-230365","title":"RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.","desc":"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.","descriptions":[{"label":"default","data":"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse."},{"label":"check","data":"Verify the operating system enforces 24 hours/1 day as the minimum password\nlifetime for new user accounts.\n\n    Check for the value of \"PASS_MIN_DAYS\" in \"/etc/login.defs\" with the\nfollowing command:\n\n    $ sudo grep -i pass_min_days /etc/login.defs\n    PASS_MIN_DAYS 1\n\n    If the \"PASS_MIN_DAYS\" parameter value is not \"1\" or greater, or is\ncommented out, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce 24 hours/1 day as the minimum\npassword lifetime.\n\n    Add the following line in \"/etc/login.defs\" (or modify the line to have\nthe required value):\n\n    PASS_MIN_DAYS 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000075-GPOS-00043","gid":"V-230365","rid":"SV-230365r858727_rule","stig_id":"RHEL-08-020190","fix_id":"F-33009r567842_fix","cci":["CCI-000198"],"nist":["IA-5 (1) (d)"]},"code":"control 'SV-230365' do\n  title 'RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.'\n  desc \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc 'check', 'Verify the operating system enforces 24 hours/1 day as the minimum password\nlifetime for new user accounts.\n\n    Check for the value of \"PASS_MIN_DAYS\" in \"/etc/login.defs\" with the\nfollowing command:\n\n    $ sudo grep -i pass_min_days /etc/login.defs\n    PASS_MIN_DAYS 1\n\n    If the \"PASS_MIN_DAYS\" parameter value is not \"1\" or greater, or is\ncommented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce 24 hours/1 day as the minimum\npassword lifetime.\n\n    Add the following line in \"/etc/login.defs\" (or modify the line to have\nthe required value):\n\n    PASS_MIN_DAYS 1'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000075-GPOS-00043'\n  tag gid: 'V-230365'\n  tag rid: 'SV-230365r858727_rule'\n  tag stig_id: 'RHEL-08-020190'\n  tag fix_id: 'F-33009r567842_fix'\n  tag cci: ['CCI-000198']\n  tag nist: ['IA-5 (1) (d)']\n\n  value = input('pass_min_days')\n  setting = input_object('pass_min_days').name.upcase\n\n  describe \"/etc/login.defs does not have `#{setting}` configured\" do\n    let(:config) { login_defs.read_params[setting] }\n    it \"greater than #{value} day\" do\n      expect(config).to cmp <= value\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230365.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"/etc/login.defs does not have `PASS_MIN_DAYS` configured greater than 1 day","run_time":0.000237,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"/etc/login.defs does not have `PASS_MIN_DAYS` configured"}]},{"id":"SV-230366","title":"RHEL 8 user account passwords must have a 60-day maximum password\nlifetime restriction.","desc":"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.","descriptions":[{"label":"default","data":"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised."},{"label":"check","data":"Verify that RHEL 8 enforces a 60-day maximum password lifetime for new user\naccounts by running the following command:\n\n    $ sudo grep -i pass_max_days /etc/login.defs\n    PASS_MAX_DAYS 60\n\n    If the \"PASS_MAX_DAYS\" parameter value is greater than \"60\", or\ncommented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to enforce a 60-day maximum password lifetime.\n\nAdd, or modify the following line in the \"/etc/login.defs\" file:\n\nPASS_MAX_DAYS 60"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000076-GPOS-00044","gid":"V-230366","rid":"SV-230366r646878_rule","stig_id":"RHEL-08-020200","fix_id":"F-33010r567845_fix","cci":["CCI-000199"],"nist":["IA-5 (1) (d)"]},"code":"control 'SV-230366' do\n  title 'RHEL 8 user account passwords must have a 60-day maximum password\nlifetime restriction.'\n  desc 'Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.'\n  desc 'check', 'Verify that RHEL 8 enforces a 60-day maximum password lifetime for new user\naccounts by running the following command:\n\n    $ sudo grep -i pass_max_days /etc/login.defs\n    PASS_MAX_DAYS 60\n\n    If the \"PASS_MAX_DAYS\" parameter value is greater than \"60\", or\ncommented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enforce a 60-day maximum password lifetime.\n\nAdd, or modify the following line in the \"/etc/login.defs\" file:\n\nPASS_MAX_DAYS 60'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000076-GPOS-00044'\n  tag gid: 'V-230366'\n  tag rid: 'SV-230366r646878_rule'\n  tag stig_id: 'RHEL-08-020200'\n  tag fix_id: 'F-33010r567845_fix'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  value = input('pass_max_days')\n  setting = input_object('pass_max_days').name.upcase\n\n  describe \"/etc/login.defs does not have `#{setting}` configured\" do\n    let(:config) { login_defs.read_params[setting] }\n    it \"greater than #{value} day\" do\n      expect(config).to cmp <= value\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230366.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"/etc/login.defs does not have `PASS_MAX_DAYS` configured greater than 60 day","run_time":0.000223,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"/etc/login.defs does not have `PASS_MAX_DAYS` configured"}]},{"id":"SV-230367","title":"RHEL 8 user account passwords must be configured so that existing\npasswords are restricted to a 60-day maximum lifetime.","desc":"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.","descriptions":[{"label":"default","data":"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised."},{"label":"check","data":"Check whether the maximum time period for existing passwords is restricted\nto 60 days with the following commands:\n\n    $ sudo awk -F: '$5 > 60 {print $1 \" \" $5}' /etc/shadow\n\n    $ sudo awk -F: '$5 <= 0 {print $1 \" \" $5}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding."},{"label":"fix","data":"Configure non-compliant accounts to enforce a 60-day maximum password\nlifetime restriction.\n\n    $ sudo chage -M 60 [user]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000076-GPOS-00044","gid":"V-230367","rid":"SV-230367r627750_rule","stig_id":"RHEL-08-020210","fix_id":"F-33011r567848_fix","cci":["CCI-000199"],"nist":["IA-5 (1) (d)"]},"code":"control 'SV-230367' do\n  title 'RHEL 8 user account passwords must be configured so that existing\npasswords are restricted to a 60-day maximum lifetime.'\n  desc 'Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.'\n  desc 'check', %q(Check whether the maximum time period for existing passwords is restricted\nto 60 days with the following commands:\n\n    $ sudo awk -F: '$5 > 60 {print $1 \" \" $5}' /etc/shadow\n\n    $ sudo awk -F: '$5 <= 0 {print $1 \" \" $5}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.)\n  desc 'fix', 'Configure non-compliant accounts to enforce a 60-day maximum password\nlifetime restriction.\n\n    $ sudo chage -M 60 [user]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000076-GPOS-00044'\n  tag gid: 'V-230367'\n  tag rid: 'SV-230367r627750_rule'\n  tag stig_id: 'RHEL-08-020210'\n  tag fix_id: 'F-33011r567848_fix'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  value = input('pass_max_days')\n\n  bad_users = users.where { uid >= 1000 }.where { value > 60 or maxdays.negative? }.usernames\n  in_scope_users = bad_users - input('exempt_home_users')\n\n  describe 'Users are not be able' do\n    it \"to retain passwords for more then #{value} day(s)\" do\n      failure_message = \"The following users can update their password more then every #{value} day(s): #{in_scope_users.join(', ')}\"\n      expect(in_scope_users).to be_empty, failure_message\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230367.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Users are not be able to retain passwords for more then 60 day(s)","run_time":0.002085,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Users are not be able"}]},{"id":"SV-230368","title":"RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.","desc":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\n  RHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.","descriptions":[{"label":"default","data":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\n  RHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program."},{"label":"check","data":"Verify the operating system is configured in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/password-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/password-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding."},{"label":"fix","data":"Configure the operating system in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/password-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000077-GPOS-00045","gid":"V-230368","rid":"SV-230368r902759_rule","stig_id":"RHEL-08-020220","fix_id":"F-33012r902757_fix","cci":["CCI-000200"],"nist":["IA-5 (1) (e)"]},"code":"control 'SV-230368' do\n  title 'RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.'\n  desc 'Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\n  RHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.'\n  desc 'check', 'Verify the operating system is configured in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/password-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/password-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding.'\n  desc 'fix', 'Configure the operating system in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/password-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-GPOS-00045'\n  tag gid: 'V-230368'\n  tag rid: 'SV-230368r902759_rule'\n  tag stig_id: 'RHEL-08-020220'\n  tag fix_id: 'F-33012r902757_fix'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite|sufficient) pam_pwhistory.so').any_with_integer_arg('remember', '>=', input('min_reuse_generations')) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230368.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5","run_time":0.000461,"start_time":"2024-01-09T19:40:50-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""}]},{"id":"SV-230369","title":"RHEL 8 passwords must have a minimum of 15 characters.","desc":"The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Configurations are set in the \"etc/security/pwquality.conf\" file.\n\n    The \"minlen\", sometimes noted as minimum length, acts as a \"score\" of\ncomplexity based on the credit components of the \"pwquality\" module. By\nsetting the credit components to a negative value, not only will those\ncomponents be required, they will not count towards the total \"score\" of\n\"minlen\". This will enable \"minlen\" to require a 15-character minimum.\n\n    The DoD minimum password requirement is 15 characters.","descriptions":[{"label":"default","data":"The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Configurations are set in the \"etc/security/pwquality.conf\" file.\n\n    The \"minlen\", sometimes noted as minimum length, acts as a \"score\" of\ncomplexity based on the credit components of the \"pwquality\" module. By\nsetting the credit components to a negative value, not only will those\ncomponents be required, they will not count towards the total \"score\" of\n\"minlen\". This will enable \"minlen\" to require a 15-character minimum.\n\n    The DoD minimum password requirement is 15 characters."},{"label":"check","data":"Verify the operating system enforces a minimum 15-character password length. The \"minlen\" option sets the minimum number of characters in a new password.\n\nCheck for the value of the \"minlen\" option with the following command:\n\n$ sudo grep -r minlen /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minlen = 15\n\nIf the command does not return a \"minlen\" value of 15 or greater, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure operating system to enforce a minimum 15-character password length.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\nminlen = 15\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000078-GPOS-00046","gid":"V-230369","rid":"SV-230369r858785_rule","stig_id":"RHEL-08-020230","fix_id":"F-33013r858784_fix","cci":["CCI-000205"],"nist":["IA-5 (1) (a)"]},"code":"control 'SV-230369' do\n  title 'RHEL 8 passwords must have a minimum of 15 characters.'\n  desc 'The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Configurations are set in the \"etc/security/pwquality.conf\" file.\n\n    The \"minlen\", sometimes noted as minimum length, acts as a \"score\" of\ncomplexity based on the credit components of the \"pwquality\" module. By\nsetting the credit components to a negative value, not only will those\ncomponents be required, they will not count towards the total \"score\" of\n\"minlen\". This will enable \"minlen\" to require a 15-character minimum.\n\n    The DoD minimum password requirement is 15 characters.'\n  desc 'check', 'Verify the operating system enforces a minimum 15-character password length. The \"minlen\" option sets the minimum number of characters in a new password.\n\nCheck for the value of the \"minlen\" option with the following command:\n\n$ sudo grep -r minlen /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minlen = 15\n\nIf the command does not return a \"minlen\" value of 15 or greater, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure operating system to enforce a minimum 15-character password length.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\nminlen = 15\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000078-GPOS-00046'\n  tag gid: 'V-230369'\n  tag rid: 'SV-230369r858785_rule'\n  tag stig_id: 'RHEL-08-020230'\n  tag fix_id: 'F-33013r858784_fix'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe parse_config_file('/etc/security/pwquality.conf') do\n    its('minlen.to_i') { should cmp >= input('pass_min_len') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230369.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/security/pwquality.conf minlen.to_i is expected to cmp >= 15","run_time":7.8e-05,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/security/pwquality.conf\"]","resource_id":"/etc/security/pwquality.conf"}]},{"id":"SV-230370","title":"RHEL 8 passwords for new users must have a minimum of 15 characters.","desc":"The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    The DoD minimum password requirement is 15 characters.","descriptions":[{"label":"default","data":"The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    The DoD minimum password requirement is 15 characters."},{"label":"check","data":"Verify that RHEL 8 enforces a minimum 15-character password length for new\nuser accounts by running the following command:\n\n    $ sudo grep -i  pass_min_len /etc/login.defs\n\n    PASS_MIN_LEN 15\n\n    If the \"PASS_MIN_LEN\" parameter value is less than \"15\", or commented\nout, this is a finding."},{"label":"fix","data":"Configure operating system to enforce a minimum 15-character password\nlength for new user accounts.\n\n    Add, or modify the following line in the \"/etc/login.defs\" file:\n\n    PASS_MIN_LEN 15"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000078-GPOS-00046","gid":"V-230370","rid":"SV-230370r627750_rule","stig_id":"RHEL-08-020231","fix_id":"F-33014r567857_fix","cci":["CCI-000205"],"nist":["IA-5 (1) (a)"]},"code":"control 'SV-230370' do\n  title 'RHEL 8 passwords for new users must have a minimum of 15 characters.'\n  desc 'The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    The DoD minimum password requirement is 15 characters.'\n  desc 'check', 'Verify that RHEL 8 enforces a minimum 15-character password length for new\nuser accounts by running the following command:\n\n    $ sudo grep -i  pass_min_len /etc/login.defs\n\n    PASS_MIN_LEN 15\n\n    If the \"PASS_MIN_LEN\" parameter value is less than \"15\", or commented\nout, this is a finding.'\n  desc 'fix', 'Configure operating system to enforce a minimum 15-character password\nlength for new user accounts.\n\n    Add, or modify the following line in the \"/etc/login.defs\" file:\n\n    PASS_MIN_LEN 15'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000078-GPOS-00046'\n  tag gid: 'V-230370'\n  tag rid: 'SV-230370r627750_rule'\n  tag stig_id: 'RHEL-08-020231'\n  tag fix_id: 'F-33014r567857_fix'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  value = input('pass_min_len')\n  setting = input_object('pass_min_len').name.upcase\n\n  describe \"/etc/login.defs does not have `#{setting}` configured\" do\n    let(:config) { login_defs.read_params[setting] }\n    it \"greater than #{value} day\" do\n      expect(config).to cmp >= value\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230370.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"/etc/login.defs does not have `PASS_MIN_LEN` configured greater than 15 day","run_time":0.000263,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"/etc/login.defs does not have `PASS_MIN_LEN` configured"}]},{"id":"SV-230371","title":"RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.","desc":"To ensure accountability and prevent unauthenticated access,\ninteractive users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Interactive users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nInteractive users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication; and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity.","descriptions":[{"label":"default","data":"To ensure accountability and prevent unauthenticated access,\ninteractive users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Interactive users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nInteractive users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication; and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity."},{"label":"check","data":"Verify that RHEL 8 contains no duplicate User IDs (UIDs) for interactive\nusers.\n\n    Check that the operating system contains no duplicate UIDs for interactive\nusers with the following command:\n\n    $ sudo awk -F \":\" 'list[$3]++{print $1, $3}' /etc/passwd\n\n    If output is produced, and the accounts listed are interactive user\naccounts, this is a finding."},{"label":"fix","data":"Edit the file \"/etc/passwd\" and provide each interactive user\naccount that has a duplicate User ID (UID) with a unique UID."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000104-GPOS-00051","satisfies":["SRG-OS-000104-GPOS-00051","SRG-OS-000121-GPOS-00062","SRG-OS-000042-GPOS-00020"],"gid":"V-230371","rid":"SV-230371r627750_rule","stig_id":"RHEL-08-020240","fix_id":"F-33015r567860_fix","cci":["CCI-000764"],"nist":["IA-2"]},"code":"control 'SV-230371' do\n  title 'RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.'\n  desc 'To ensure accountability and prevent unauthenticated access,\ninteractive users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Interactive users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nInteractive users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication; and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity.'\n  desc 'check', %q(Verify that RHEL 8 contains no duplicate User IDs (UIDs) for interactive\nusers.\n\n    Check that the operating system contains no duplicate UIDs for interactive\nusers with the following command:\n\n    $ sudo awk -F \":\" 'list[$3]++{print $1, $3}' /etc/passwd\n\n    If output is produced, and the accounts listed are interactive user\naccounts, this is a finding.)\n  desc 'fix', 'Edit the file \"/etc/passwd\" and provide each interactive user\naccount that has a duplicate User ID (UID) with a unique UID.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000104-GPOS-00051'\n  tag satisfies: ['SRG-OS-000104-GPOS-00051', 'SRG-OS-000121-GPOS-00062', 'SRG-OS-000042-GPOS-00020']\n  tag gid: 'V-230371'\n  tag rid: 'SV-230371r627750_rule'\n  tag stig_id: 'RHEL-08-020240'\n  tag fix_id: 'F-33015r567860_fix'\n  tag cci: ['CCI-000764']\n  tag nist: ['IA-2']\n\n  user_count = passwd.where { uid.to_i >= 1000 }.entries.length\n\n  describe \"Count of interactive unique user IDs should match interactive user count (#{user_count}): UID count\" do\n    subject { passwd.where { uid.to_i >= 1000 }.uids.uniq.length }\n    it { should eq user_count }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230371.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Count of interactive unique user IDs should match interactive user count (2): UID count is expected to eq 2","run_time":0.000152,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Count of interactive unique user IDs should match interactive user count (2): UID count"}]},{"id":"SV-230372","title":"RHEL 8 must implement smart card logon for multifactor authentication\nfor access to interactive accounts.","desc":"Using an authentication device, such as a Common Access Card (CAC) or\ntoken that is separate from the information system, ensures that even if the\ninformation system is compromised, that compromise will not affect credentials\nstored on the authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD CAC.\n\n    There are various methods of implementing multifactor authentication for\nRHEL 8. Some methods include a local system multifactor account mapping or\njoining the system to a domain and utilizing a Red Hat idM server or Microsoft\nWindows Active Directory server. Any of these methods will require that the\nclient operating system handle the multifactor authentication correctly.","descriptions":[{"label":"default","data":"Using an authentication device, such as a Common Access Card (CAC) or\ntoken that is separate from the information system, ensures that even if the\ninformation system is compromised, that compromise will not affect credentials\nstored on the authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD CAC.\n\n    There are various methods of implementing multifactor authentication for\nRHEL 8. Some methods include a local system multifactor account mapping or\njoining the system to a domain and utilizing a Red Hat idM server or Microsoft\nWindows Active Directory server. Any of these methods will require that the\nclient operating system handle the multifactor authentication correctly."},{"label":"check","data":"Verify RHEL 8 uses multifactor authentication for local access to accounts.\n\n    Note: If the System Administrator demonstrates the use of an approved\nalternate multifactor authentication method, this requirement is not applicable.\n\n    Check that the \"pam_cert_auth\" setting is set to \"true\" in the\n\"/etc/sssd/sssd.conf\" file.\n\n    Check that the \"try_cert_auth\" or \"require_cert_auth\" options are\nconfigured in both \"/etc/pam.d/system-auth\" and \"/etc/pam.d/smartcard-auth\"\nfiles with the following command:\n\n    $ sudo grep cert_auth /etc/sssd/sssd.conf /etc/pam.d/*\n\n    /etc/sssd/sssd.conf:pam_cert_auth = True\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    If \"pam_cert_auth\" is not set to \"true\" in \"/etc/sssd/sssd.conf\",\nthis is a finding.\n\n    If \"pam_sss.so\" is not set to \"try_cert_auth\" or \"require_cert_auth\"\nin both the \"/etc/pam.d/smartcard-auth\" and \"/etc/pam.d/system-auth\" files,\nthis is a finding."},{"label":"fix","data":"Configure RHEL 8 to use multifactor authentication for local access to\naccounts.\n\n    Add or update the \"pam_cert_auth\" setting in the \"/etc/sssd/sssd.conf\"\nfile to match the following line:\n\n    [pam]\n    pam_cert_auth = True\n\n    Add or update \"pam_sss.so\" with \"try_cert_auth\" or\n\"require_cert_auth\" in the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/smartcard-auth\" files based on the following examples:\n\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000105-GPOS-00052","satisfies":["SRG-OS-000105-GPOS-00052","SRG-OS-000106-GPOS-00053","SRG-OS-000107-GPOS-00054","SRG-OS-000108-GPOS-00055"],"gid":"V-230372","rid":"SV-230372r627750_rule","stig_id":"RHEL-08-020250","fix_id":"F-33016r567863_fix","cci":["CCI-000765"],"nist":["IA-2 (1)"],"host":null},"code":"control 'SV-230372' do\n  title 'RHEL 8 must implement smart card logon for multifactor authentication\nfor access to interactive accounts.'\n  desc 'Using an authentication device, such as a Common Access Card (CAC) or\ntoken that is separate from the information system, ensures that even if the\ninformation system is compromised, that compromise will not affect credentials\nstored on the authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD CAC.\n\n    There are various methods of implementing multifactor authentication for\nRHEL 8. Some methods include a local system multifactor account mapping or\njoining the system to a domain and utilizing a Red Hat idM server or Microsoft\nWindows Active Directory server. Any of these methods will require that the\nclient operating system handle the multifactor authentication correctly.'\n  desc 'check', 'Verify RHEL 8 uses multifactor authentication for local access to accounts.\n\n    Note: If the System Administrator demonstrates the use of an approved\nalternate multifactor authentication method, this requirement is not applicable.\n\n    Check that the \"pam_cert_auth\" setting is set to \"true\" in the\n\"/etc/sssd/sssd.conf\" file.\n\n    Check that the \"try_cert_auth\" or \"require_cert_auth\" options are\nconfigured in both \"/etc/pam.d/system-auth\" and \"/etc/pam.d/smartcard-auth\"\nfiles with the following command:\n\n    $ sudo grep cert_auth /etc/sssd/sssd.conf /etc/pam.d/*\n\n    /etc/sssd/sssd.conf:pam_cert_auth = True\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    If \"pam_cert_auth\" is not set to \"true\" in \"/etc/sssd/sssd.conf\",\nthis is a finding.\n\n    If \"pam_sss.so\" is not set to \"try_cert_auth\" or \"require_cert_auth\"\nin both the \"/etc/pam.d/smartcard-auth\" and \"/etc/pam.d/system-auth\" files,\nthis is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use multifactor authentication for local access to\naccounts.\n\n    Add or update the \"pam_cert_auth\" setting in the \"/etc/sssd/sssd.conf\"\nfile to match the following line:\n\n    [pam]\n    pam_cert_auth = True\n\n    Add or update \"pam_sss.so\" with \"try_cert_auth\" or\n\"require_cert_auth\" in the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/smartcard-auth\" files based on the following examples:\n\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000105-GPOS-00052'\n  tag satisfies: ['SRG-OS-000105-GPOS-00052', 'SRG-OS-000106-GPOS-00053', 'SRG-OS-000107-GPOS-00054', 'SRG-OS-000108-GPOS-00055']\n  tag gid: 'V-230372'\n  tag rid: 'SV-230372r627750_rule'\n  tag stig_id: 'RHEL-08-020250'\n  tag fix_id: 'F-33016r567863_fix'\n  tag cci: ['CCI-000765']\n  tag nist: ['IA-2 (1)']\n  tag 'host'\n\n  only_if('If the System Administrator demonstrates the use of an approved\n    alternate multifactor authentication method, this requirement is not applicable.', impact: 0.0) {\n    !input('smart_card_enabled')\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file(input('sssd_conf_path')) do\n      its('pam') { should include('pam_cert_auth' => 'True') }\n    end\n    describe service('sssd') do\n      it { should be_installed }\n      it { should be_enabled }\n      it { should be_running }\n    end\n\n    [pam_auth_files['system-auth'], pam_auth_files['smartcard-auth']].each do |path|\n      describe pam(path) do\n        its('lines') { should match_pam_rule('.* .* pam_sss.so (try_cert_auth|require_cert_auth)') }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230372.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"Parse Config File /etc/sssd/sssd.conf","run_time":3.0e-06,"start_time":"2024-01-09T19:40:50-05:00","resource":"Parse Config File /etc/sssd/sssd.conf","skip_message":"Can't find file: /etc/sssd/sssd.conf","resource_class":"parse_config_file","resource_params":"[\"/etc/sssd/sssd.conf\"]","resource_id":"/etc/sssd/sssd.conf"},{"status":"passed","code_desc":"Service sssd is expected to be installed","run_time":0.427462,"start_time":"2024-01-09T19:40:50-05:00","resource_class":"service","resource_params":"[\"sssd\"]","resource_id":"sssd"},{"status":"passed","code_desc":"Service sssd is expected to be enabled","run_time":0.000106,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"service","resource_params":"[\"sssd\"]","resource_id":"sssd"},{"status":"failed","code_desc":"Service sssd is expected to be running","run_time":8.4e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected that `Service sssd` is running","resource_class":"service","resource_params":"[\"sssd\"]","resource_id":"sssd"},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)","run_time":0.000588,"start_time":"2024-01-09T19:40:51-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/smartcard-auth] lines is expected to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)","run_time":0.000128,"start_time":"2024-01-09T19:40:51-05:00","message":"expected \"auth required pam_debug.so auth=authinfo_unavail\" to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)","resource_class":"pam","resource_params":"[\"/etc/pam.d/smartcard-auth\"]","resource_id":""}]},{"id":"SV-230373","title":"RHEL 8 account identifiers (individuals, groups, roles, and devices)\n    must be disabled after 35 days of inactivity.","desc":"Inactive identifiers pose a risk to systems and applications because\n    attackers may exploit an inactive identifier and potentially obtain undetected\n    access to the system. Owners of inactive accounts will not notice if\n    unauthorized access to their user account has been obtained.\n\n    RHEL 8 needs to track periods of inactivity and disable application\n    identifiers after 35 days of inactivity.","descriptions":[{"label":"default","data":"Inactive identifiers pose a risk to systems and applications because\n    attackers may exploit an inactive identifier and potentially obtain undetected\n    access to the system. Owners of inactive accounts will not notice if\n    unauthorized access to their user account has been obtained.\n\n    RHEL 8 needs to track periods of inactivity and disable application\n    identifiers after 35 days of inactivity."},{"label":"check","data":"Verify the account identifiers (individuals, groups, roles, and devices)\n    are disabled after 35 days of inactivity with the following command:\n\n    Check the account inactivity value by performing the following command:\n\n        $ sudo grep -i inactive /etc/default/useradd\n\n        INACTIVE=35\n\n    If \"INACTIVE\" is set to \"-1\", a value greater than \"35\", or is\n    commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to disable account identifiers after 35 days of inactivity\n    after the password expiration.\n\n    Run the following command to change the configuration for useradd:\n\n      $ sudo useradd -D -f 35\n\n    DoD recommendation is 35 days, but a lower value is acceptable. The value \"-1\" will\n    disable this feature, and \"0\" will disable the account immediately after the\n    password expires."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000118-GPOS-00060","gid":"V-230373","rid":"SV-230373r627750_rule","stig_id":"RHEL-08-020260","fix_id":"F-33017r567866_fix","cci":["CCI-000795"],"nist":["IA-4 e"]},"code":"control 'SV-230373' do\n  title 'RHEL 8 account identifiers (individuals, groups, roles, and devices)\n    must be disabled after 35 days of inactivity.'\n  desc 'Inactive identifiers pose a risk to systems and applications because\n    attackers may exploit an inactive identifier and potentially obtain undetected\n    access to the system. Owners of inactive accounts will not notice if\n    unauthorized access to their user account has been obtained.\n\n    RHEL 8 needs to track periods of inactivity and disable application\n    identifiers after 35 days of inactivity.'\n  desc 'check', 'Verify the account identifiers (individuals, groups, roles, and devices)\n    are disabled after 35 days of inactivity with the following command:\n\n    Check the account inactivity value by performing the following command:\n\n        $ sudo grep -i inactive /etc/default/useradd\n\n        INACTIVE=35\n\n    If \"INACTIVE\" is set to \"-1\", a value greater than \"35\", or is\n    commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to disable account identifiers after 35 days of inactivity\n    after the password expiration.\n\n    Run the following command to change the configuration for useradd:\n\n      $ sudo useradd -D -f 35\n\n    DoD recommendation is 35 days, but a lower value is acceptable. The value \"-1\" will\n    disable this feature, and \"0\" will disable the account immediately after the\n    password expires.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000118-GPOS-00060'\n  tag gid: 'V-230373'\n  tag rid: 'SV-230373r627750_rule'\n  tag stig_id: 'RHEL-08-020260'\n  tag fix_id: 'F-33017r567866_fix'\n  tag cci: ['CCI-000795']\n  tag nist: ['IA-4 e']\n\n  days_of_inactivity = input('days_of_inactivity')\n\n  describe 'Useradd configuration' do\n    useradd_config = parse_config_file('/etc/default/useradd')\n\n    context 'when INACTIVE is set' do\n      it 'should exist' do\n        expect(useradd_config.params).to include('INACTIVE')\n      end\n\n      it 'should not be nil' do\n        expect(useradd_config.params['INACTIVE']).not_to be_nil\n      end\n\n      it 'should have INACTIVE greater than or equal to 0' do\n        expect(useradd_config.params['INACTIVE'].to_i).to be >= 0\n      end\n\n      it 'should have INACTIVE less than or equal to days_of_inactivity' do\n        expect(useradd_config.params['INACTIVE'].to_i).to be <= days_of_inactivity\n      end\n\n      it 'should not have INACTIVE equal to -1' do\n        expect(useradd_config.params['INACTIVE']).not_to eq '-1'\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230373.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Useradd configuration when INACTIVE is set should exist","run_time":5.7e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"when INACTIVE is set"},{"status":"passed","code_desc":"Useradd configuration when INACTIVE is set should not be nil","run_time":3.8e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"when INACTIVE is set"},{"status":"failed","code_desc":"Useradd configuration when INACTIVE is set should have INACTIVE greater than or equal to 0","run_time":6.0e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected: >= 0\n     got:    -1","resource_class":"Object","resource_params":"[]","resource_id":"when INACTIVE is set"},{"status":"passed","code_desc":"Useradd configuration when INACTIVE is set should have INACTIVE less than or equal to days_of_inactivity","run_time":3.0e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"when INACTIVE is set"},{"status":"failed","code_desc":"Useradd configuration when INACTIVE is set should not have INACTIVE equal to -1","run_time":5.2e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"\nexpected: value != \"-1\"\n     got: \"-1\"\n\n(compared using ==)\n","resource_class":"Object","resource_params":"[]","resource_id":"when INACTIVE is set"}]},{"id":"SV-230374","title":"RHEL 8 must automatically expire temporary accounts within 72 hours.","desc":"Temporary accounts are privileged or nonprivileged accounts that are\n    established during pressing circumstances, such as new software or hardware\n    configuration or an incident response, where the need for prompt account\n    activation requires bypassing normal account authorization procedures.\n\n    If any inactive temporary accounts are left enabled on the system and are\n    not either manually removed or automatically expired within 72 hours, the\n    security posture of the system will be degraded and exposed to exploitation\n    by unauthorized users or insider threat actors.\n\n    Temporary accounts are different from emergency accounts. Emergency accounts,\n    also known as \"last resort\" or \"break glass\" accounts, are local logon accounts\n    enabled on the system for emergency use by authorized system administrators\n    to manage a system when standard logon methods are failing or not available.\n\n    Emergency accounts are not subject to manual removal or scheduled expiration\n    requirements.\n\n    The automatic expiration of temporary accounts may be extended as needed by\n    the circumstances but it must not be extended indefinitely. A documented\n    permanent account should be established for privileged users who need long-term\n    maintenance accounts.","descriptions":[{"label":"default","data":"Temporary accounts are privileged or nonprivileged accounts that are\n    established during pressing circumstances, such as new software or hardware\n    configuration or an incident response, where the need for prompt account\n    activation requires bypassing normal account authorization procedures.\n\n    If any inactive temporary accounts are left enabled on the system and are\n    not either manually removed or automatically expired within 72 hours, the\n    security posture of the system will be degraded and exposed to exploitation\n    by unauthorized users or insider threat actors.\n\n    Temporary accounts are different from emergency accounts. Emergency accounts,\n    also known as \"last resort\" or \"break glass\" accounts, are local logon accounts\n    enabled on the system for emergency use by authorized system administrators\n    to manage a system when standard logon methods are failing or not available.\n\n    Emergency accounts are not subject to manual removal or scheduled expiration\n    requirements.\n\n    The automatic expiration of temporary accounts may be extended as needed by\n    the circumstances but it must not be extended indefinitely. A documented\n    permanent account should be established for privileged users who need long-term\n    maintenance accounts."},{"label":"check","data":"Verify temporary accounts have been provisioned with an\n    expiration date of 72 hours.\n\n    For every existing temporary account, run the following command to obtain its\n    account expiration information:\n\n    $ sudo chage -l <temporary_account_name> | grep -i \"account expires\"\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire within\n    72 hours, this is a finding."},{"label":"fix","data":"Configure the operating system to expire temporary accounts after\n    72 hours with the following command:\n\n    $ sudo chage -E $(date -d +3days +%Y-%m-%d) <temporary_account_name>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000123-GPOS-00064","gid":"V-230374","rid":"SV-230374r903129_rule","stig_id":"RHEL-08-020270","fix_id":"F-33018r902730_fix","cci":["CCI-001682"],"nist":["AC-2 (2)"]},"code":"control 'SV-230374' do\n  title 'RHEL 8 must automatically expire temporary accounts within 72 hours.'\n  desc 'Temporary accounts are privileged or nonprivileged accounts that are\n    established during pressing circumstances, such as new software or hardware\n    configuration or an incident response, where the need for prompt account\n    activation requires bypassing normal account authorization procedures.\n\n    If any inactive temporary accounts are left enabled on the system and are\n    not either manually removed or automatically expired within 72 hours, the\n    security posture of the system will be degraded and exposed to exploitation\n    by unauthorized users or insider threat actors.\n\n    Temporary accounts are different from emergency accounts. Emergency accounts,\n    also known as \"last resort\" or \"break glass\" accounts, are local logon accounts\n    enabled on the system for emergency use by authorized system administrators\n    to manage a system when standard logon methods are failing or not available.\n\n    Emergency accounts are not subject to manual removal or scheduled expiration\n    requirements.\n\n    The automatic expiration of temporary accounts may be extended as needed by\n    the circumstances but it must not be extended indefinitely. A documented\n    permanent account should be established for privileged users who need long-term\n    maintenance accounts.'\n  desc 'check', 'Verify temporary accounts have been provisioned with an\n    expiration date of 72 hours.\n\n    For every existing temporary account, run the following command to obtain its\n    account expiration information:\n\n    $ sudo chage -l <temporary_account_name> | grep -i \"account expires\"\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire within\n    72 hours, this is a finding.'\n  desc 'fix', 'Configure the operating system to expire temporary accounts after\n    72 hours with the following command:\n\n    $ sudo chage -E $(date -d +3days +%Y-%m-%d) <temporary_account_name>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000123-GPOS-00064'\n  tag gid: 'V-230374'\n  tag rid: 'SV-230374r903129_rule'\n  tag stig_id: 'RHEL-08-020270'\n  tag fix_id: 'F-33018r902730_fix'\n  tag cci: ['CCI-001682']\n  tag nist: ['AC-2 (2)']\n\n  temp_accounts = input('temporary_accounts')\n\n  if temp_accounts.empty?\n    describe 'Temporary accounts' do\n      it 'should be empty' do\n        expect(temp_accounts).to be_empty\n      end\n    end\n  else\n    temp_accounts.each do |acct|\n      context \"User #{acct}\" do\n        it 'should have maxdays less than or equal to 3' do\n          expect(user(acct.to_s).maxdays).to be <= 3\n        end\n\n        it 'should have maxdays greater than 0' do\n          expect(user(acct.to_s).maxdays).to be > 0\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230374.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Temporary accounts should be empty","run_time":0.003362,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Temporary accounts"}]},{"id":"SV-230375","title":"All RHEL 8 passwords must contain at least one special character.","desc":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that to require special characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that to require special characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."},{"label":"check","data":"Verify the value for \"ocredit\" with the following command:\n\n$ sudo grep -r ocredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ocredit = -1\n\nIf the value of \"ocredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce password complexity by requiring that at least one special character be used by setting the \"ocredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nocredit = -1\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000266-GPOS-00101","gid":"V-230375","rid":"SV-230375r858787_rule","stig_id":"RHEL-08-020280","fix_id":"F-33019r858786_fix","cci":["CCI-001619"],"nist":["IA-5 (1) (a)"]},"code":"control 'SV-230375' do\n  title 'All RHEL 8 passwords must contain at least one special character.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that to require special characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"ocredit\" with the following command:\n\n$ sudo grep -r ocredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ocredit = -1\n\nIf the value of \"ocredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one special character be used by setting the \"ocredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nocredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000266-GPOS-00101'\n  tag gid: 'V-230375'\n  tag rid: 'SV-230375r858787_rule'\n  tag stig_id: 'RHEL-08-020280'\n  tag fix_id: 'F-33019r858786_fix'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  # value = input('ocredit')\n  setting = 'ocredit'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to a positive value\" do\n      expect(setting_value.first.to_i).to be <= 0, \"#{setting} is set to a positive value in pwquality.conf\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230375.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"pwquality.conf settings has `ocredit` set","run_time":0.002876,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings only sets `ocredit` once","run_time":0.000196,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"},{"status":"passed","code_desc":"pwquality.conf settings does not set `ocredit` to a positive value","run_time":0.000231,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"pwquality.conf settings"}]},{"id":"SV-230376","title":"RHEL 8 must prohibit the use of cached authentications after one day.","desc":"If cached authentication information is out-of-date, the validity of\nthe authentication information may be questionable.\n\nRHEL 8 includes multiple options for configuring authentication, but this\nrequirement will be focus on the System Security Services Daemon (SSSD). By\ndefault sssd does not cache credentials.","descriptions":[{"label":"default","data":"If cached authentication information is out-of-date, the validity of\nthe authentication information may be questionable.\n\nRHEL 8 includes multiple options for configuring authentication, but this\nrequirement will be focus on the System Security Services Daemon (SSSD). By\ndefault sssd does not cache credentials."},{"label":"check","data":"Verify that the SSSD prohibits the use of cached authentications\nafter one day.\n\nNote: If smart card authentication is not being used on the system this\nitem is Not Applicable.\n\nCheck that SSSD allows cached authentications with the following command:\n\n$sudo grep cache_credentials /etc/sssd/sssd.conf\n\ncache_credentials = true\n\nIf \"cache_credentials\" is set to \"false\" or missing from the\nconfiguration file, this is not a finding and no further checks are required.\n\nIf \"cache_credentials\" is set to \"true\", check that SSSD prohibits the\nuse of cached authentications after one day with the following command:\n\n$sudo grep offline_credentials_expiration  /etc/sssd/sssd.conf\n\noffline_credentials_expiration = 1\n\nIf \"offline_credentials_expiration\" is not set to a value of \"1\", this\nis a finding."},{"label":"fix","data":"Configure the SSSD to prohibit the use of cached authentications\nafter one day.\n\nAdd or change the following line in \"/etc/sssd/sssd.conf\" just below the\nline \"[pam]\".\n\noffline_credentials_expiration = 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000383-GPOS-00166","gid":"V-230376","rid":"SV-230376r854036_rule","stig_id":"RHEL-08-020290","fix_id":"F-33020r567875_fix","cci":["CCI-002007"],"nist":["IA-5 (13)"]},"code":"control 'SV-230376' do\n  title 'RHEL 8 must prohibit the use of cached authentications after one day.'\n  desc 'If cached authentication information is out-of-date, the validity of\nthe authentication information may be questionable.\n\nRHEL 8 includes multiple options for configuring authentication, but this\nrequirement will be focus on the System Security Services Daemon (SSSD). By\ndefault sssd does not cache credentials.'\n  desc 'check', 'Verify that the SSSD prohibits the use of cached authentications\nafter one day.\n\nNote: If smart card authentication is not being used on the system this\nitem is Not Applicable.\n\nCheck that SSSD allows cached authentications with the following command:\n\n$sudo grep cache_credentials /etc/sssd/sssd.conf\n\ncache_credentials = true\n\nIf \"cache_credentials\" is set to \"false\" or missing from the\nconfiguration file, this is not a finding and no further checks are required.\n\nIf \"cache_credentials\" is set to \"true\", check that SSSD prohibits the\nuse of cached authentications after one day with the following command:\n\n$sudo grep offline_credentials_expiration  /etc/sssd/sssd.conf\n\noffline_credentials_expiration = 1\n\nIf \"offline_credentials_expiration\" is not set to a value of \"1\", this\nis a finding.'\n  desc 'fix', 'Configure the SSSD to prohibit the use of cached authentications\nafter one day.\n\nAdd or change the following line in \"/etc/sssd/sssd.conf\" just below the\nline \"[pam]\".\n\noffline_credentials_expiration = 1'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000383-GPOS-00166'\n  tag gid: 'V-230376'\n  tag rid: 'SV-230376r854036_rule'\n  tag stig_id: 'RHEL-08-020290'\n  tag fix_id: 'F-33020r567875_fix'\n  tag cci: ['CCI-002007']\n  tag nist: ['IA-5 (13)']\n\n  sssd_config = parse_config_file('/etc/sssd/sssd.conf')\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('smart_card_enabled')\n    impact 0.0\n    describe 'The system is not utilizing smart card authentication' do\n      skip 'The system is not utilizing smart card authentication, this control\n      is Not Applicable.'\n    end\n  else\n    describe.one do\n      describe 'Cache credentials enabled' do\n        subject { sssd_config.content }\n        it { should_not match(/cache_credentials\\s*=\\s*true/) }\n      end\n      describe 'Offline credentials expiration' do\n        subject { sssd_config }\n        its('pam.offline_credentials_expiration') { should cmp '1' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230376.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Cache credentials enabled is expected not to match /cache_credentials\\s*=\\s*true/","run_time":4.5e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"Cache credentials enabled"}]},{"id":"SV-230377","title":"RHEL 8 must prevent the use of dictionary words for passwords.","desc":"If RHEL 8 allows the user to select passwords based on dictionary\nwords, this increases the chances of password compromise by increasing the\nopportunity for successful guesses, and brute-force attacks.","descriptions":[{"label":"default","data":"If RHEL 8 allows the user to select passwords based on dictionary\nwords, this increases the chances of password compromise by increasing the\nopportunity for successful guesses, and brute-force attacks."},{"label":"check","data":"Verify RHEL 8 prevents the use of dictionary words for passwords.\n\nDetermine if the field \"dictcheck\" is set with the following command:\n\n$ sudo grep -r dictcheck /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dictcheck=1\n\nIf the \"dictcheck\" parameter is not set to \"1\", or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent the use of dictionary words for passwords.\n\nAdd or update the following line in the \"/etc/security/pwquality.conf\" file or a configuration file in the /etc/pwquality.conf.d/ directory to contain the \"dictcheck\" parameter:\n\ndictcheck=1\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00225","gid":"V-230377","rid":"SV-230377r858789_rule","stig_id":"RHEL-08-020300","fix_id":"F-33021r858788_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230377' do\n  title 'RHEL 8 must prevent the use of dictionary words for passwords.'\n  desc 'If RHEL 8 allows the user to select passwords based on dictionary\nwords, this increases the chances of password compromise by increasing the\nopportunity for successful guesses, and brute-force attacks.'\n  desc 'check', 'Verify RHEL 8 prevents the use of dictionary words for passwords.\n\nDetermine if the field \"dictcheck\" is set with the following command:\n\n$ sudo grep -r dictcheck /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dictcheck=1\n\nIf the \"dictcheck\" parameter is not set to \"1\", or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent the use of dictionary words for passwords.\n\nAdd or update the following line in the \"/etc/security/pwquality.conf\" file or a configuration file in the /etc/pwquality.conf.d/ directory to contain the \"dictcheck\" parameter:\n\ndictcheck=1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00225'\n  tag gid: 'V-230377'\n  tag rid: 'SV-230377r858789_rule'\n  tag stig_id: 'RHEL-08-020300'\n  tag fix_id: 'F-33021r858788_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe parse_config_file('/etc/security/pwquality.conf') do\n    its('dictcheck') { should eq '1' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230377.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/security/pwquality.conf dictcheck is expected to eq \"1\"","run_time":5.7e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/security/pwquality.conf\"]","resource_id":"/etc/security/pwquality.conf"}]},{"id":"SV-230378","title":"RHEL 8 must enforce a delay of at least four seconds between logon\nprompts following a failed logon attempt.","desc":"Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across the DoD\nthat reflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.","descriptions":[{"label":"default","data":"Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across the DoD\nthat reflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections."},{"label":"check","data":"Verify the operating system enforces a delay of at least four seconds\nbetween console logon prompts following a failed logon attempt with the\nfollowing command:\n\n    $ sudo grep -i fail_delay /etc/login.defs\n\n    FAIL_DELAY 4\n\n    If the value of \"FAIL_DELAY\" is not set to \"4\" or greater, or the line\nis commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to enforce a delay of at least four seconds\nbetween logon prompts following a failed console logon attempt.\n\n    Modify the \"/etc/login.defs\" file to set the \"FAIL_DELAY\" parameter to\n\"4\" or greater:\n\n    FAIL_DELAY 4"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00226","gid":"V-230378","rid":"SV-230378r627750_rule","stig_id":"RHEL-08-020310","fix_id":"F-33022r567881_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230378' do\n  title 'RHEL 8 must enforce a delay of at least four seconds between logon\nprompts following a failed logon attempt.'\n  desc 'Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across the DoD\nthat reflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.'\n  desc 'check', 'Verify the operating system enforces a delay of at least four seconds\nbetween console logon prompts following a failed logon attempt with the\nfollowing command:\n\n    $ sudo grep -i fail_delay /etc/login.defs\n\n    FAIL_DELAY 4\n\n    If the value of \"FAIL_DELAY\" is not set to \"4\" or greater, or the line\nis commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce a delay of at least four seconds\nbetween logon prompts following a failed console logon attempt.\n\n    Modify the \"/etc/login.defs\" file to set the \"FAIL_DELAY\" parameter to\n\"4\" or greater:\n\n    FAIL_DELAY 4'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00226'\n  tag gid: 'V-230378'\n  tag rid: 'SV-230378r627750_rule'\n  tag stig_id: 'RHEL-08-020310'\n  tag fix_id: 'F-33022r567881_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe login_defs do\n    its('FAIL_DELAY.to_i') { should cmp >= 4 }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230378.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"login.defs FAIL_DELAY.to_i is expected to cmp >= 4","run_time":0.000276,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"login_defs","resource_params":"[]","resource_id":"/etc/login.defs"}]},{"id":"SV-230379","title":"RHEL 8 must not have unnecessary accounts.","desc":"Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system.","descriptions":[{"label":"default","data":"Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system."},{"label":"check","data":"Verify all accounts on the system are assigned to an active system,\napplication, or user account.\n\n    Obtain the list of authorized system accounts from the Information System\nSecurity Officer (ISSO).\n\n    Check the system accounts on the system with the following command:\n\n    $ sudo more /etc/passwd\n\n    root:x:0:0:root:/root:/bin/bash\n    bin:x:1:1:bin:/bin:/sbin/nologin\n    daemon:x:2:2:daemon:/sbin:/sbin/nologin\n    sync:x:5:0:sync:/sbin:/bin/sync\n    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\n    halt:x:7:0:halt:/sbin:/sbin/halt\n    games:x:12:100:games:/usr/games:/sbin/nologin\n    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin\n\n    Accounts such as \"games\" and \"gopher\" are not authorized accounts as\nthey do not support authorized system functions.\n\n    If the accounts on the system do not match the provided documentation, or\naccounts that do not support an authorized system function are present, this is\na finding."},{"label":"fix","data":"Configure the system so all accounts on the system are assigned to an\nactive system, application, or user account.\n\n    Remove accounts that do not support approved system activities or that\nallow for a normal user to perform administrative-level actions.\n\n    Document all authorized accounts on the system."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230379","rid":"SV-230379r627750_rule","stig_id":"RHEL-08-020320","fix_id":"F-33023r567884_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230379' do\n  title 'RHEL 8 must not have unnecessary accounts.'\n  desc 'Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system.'\n  desc 'check', 'Verify all accounts on the system are assigned to an active system,\napplication, or user account.\n\n    Obtain the list of authorized system accounts from the Information System\nSecurity Officer (ISSO).\n\n    Check the system accounts on the system with the following command:\n\n    $ sudo more /etc/passwd\n\n    root:x:0:0:root:/root:/bin/bash\n    bin:x:1:1:bin:/bin:/sbin/nologin\n    daemon:x:2:2:daemon:/sbin:/sbin/nologin\n    sync:x:5:0:sync:/sbin:/bin/sync\n    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\n    halt:x:7:0:halt:/sbin:/sbin/halt\n    games:x:12:100:games:/usr/games:/sbin/nologin\n    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin\n\n    Accounts such as \"games\" and \"gopher\" are not authorized accounts as\nthey do not support authorized system functions.\n\n    If the accounts on the system do not match the provided documentation, or\naccounts that do not support an authorized system function are present, this is\na finding.'\n  desc 'fix', 'Configure the system so all accounts on the system are assigned to an\nactive system, application, or user account.\n\n    Remove accounts that do not support approved system activities or that\nallow for a normal user to perform administrative-level actions.\n\n    Document all authorized accounts on the system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230379'\n  tag rid: 'SV-230379r627750_rule'\n  tag stig_id: 'RHEL-08-020320'\n  tag fix_id: 'F-33023r567884_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  passwd.users.each do |user|\n    describe user do\n      it 'should be listed in allowed users.' do\n        expect(subject).to(be_in((input('known_system_accounts') + input('user_accounts')).uniq))\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230379.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"root should be listed in allowed users.","run_time":8.5e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"root"},{"status":"passed","code_desc":"bin should be listed in allowed users.","run_time":5.3e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"bin"},{"status":"passed","code_desc":"daemon should be listed in allowed users.","run_time":5.1e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"daemon"},{"status":"passed","code_desc":"adm should be listed in allowed users.","run_time":4.9e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"adm"},{"status":"passed","code_desc":"lp should be listed in allowed users.","run_time":4.9e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"lp"},{"status":"passed","code_desc":"sync should be listed in allowed users.","run_time":4.7e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"sync"},{"status":"passed","code_desc":"shutdown should be listed in allowed users.","run_time":0.000194,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"shutdown"},{"status":"passed","code_desc":"halt should be listed in allowed users.","run_time":8.4e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"halt"},{"status":"passed","code_desc":"mail should be listed in allowed users.","run_time":5.8e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"mail"},{"status":"passed","code_desc":"operator should be listed in allowed users.","run_time":5.2e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"operator"},{"status":"failed","code_desc":"games should be listed in allowed users.","run_time":7.5e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `games` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"games"},{"status":"failed","code_desc":"ftp should be listed in allowed users.","run_time":6.2e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `ftp` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"ftp"},{"status":"passed","code_desc":"nobody should be listed in allowed users.","run_time":5.2e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"nobody"},{"status":"passed","code_desc":"dbus should be listed in allowed users.","run_time":7.8e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"dbus"},{"status":"failed","code_desc":"systemd-coredump should be listed in allowed users.","run_time":6.7e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `systemd-coredump` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"systemd-coredump"},{"status":"failed","code_desc":"systemd-resolve should be listed in allowed users.","run_time":5.9e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `systemd-resolve` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"systemd-resolve"},{"status":"failed","code_desc":"tss should be listed in allowed users.","run_time":5.9e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `tss` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"tss"},{"status":"passed","code_desc":"polkitd should be listed in allowed users.","run_time":4.9e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"polkitd"},{"status":"failed","code_desc":"unbound should be listed in allowed users.","run_time":5.8e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `unbound` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"unbound"},{"status":"passed","code_desc":"sssd should be listed in allowed users.","run_time":4.7e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"sssd"},{"status":"passed","code_desc":"chrony should be listed in allowed users.","run_time":5.1e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"chrony"},{"status":"passed","code_desc":"sshd should be listed in allowed users.","run_time":4.7e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"sshd"},{"status":"failed","code_desc":"ec2-user should be listed in allowed users.","run_time":5.8e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"expected `ec2-user` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`","resource_class":"Object","resource_params":"[]","resource_id":"ec2-user"},{"status":"passed","code_desc":"postfix should be listed in allowed users.","run_time":4.6e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"postfix"}]},{"id":"SV-230380","title":"RHEL 8 must not allow accounts configured with blank or null\npasswords.","desc":"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.","descriptions":[{"label":"default","data":"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments."},{"label":"check","data":"To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -ir permitemptypasswords /etc/ssh/sshd_config*\n\nPermitEmptyPasswords no\n\nIf \"PermitEmptyPasswords\" is set to \"yes\", this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Edit the following line in \"etc/ssh/sshd_config\" to prevent logons with\nempty passwords.\n\n    PermitEmptyPasswords no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230380","rid":"SV-230380r858715_rule","stig_id":"RHEL-08-020330","fix_id":"F-33024r743992_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230380' do\n  title 'RHEL 8 must not allow accounts configured with blank or null\npasswords.'\n  desc 'If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.'\n  desc 'check', 'To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -ir permitemptypasswords /etc/ssh/sshd_config*\n\nPermitEmptyPasswords no\n\nIf \"PermitEmptyPasswords\" is set to \"yes\", this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Edit the following line in \"etc/ssh/sshd_config\" to prevent logons with\nempty passwords.\n\n    PermitEmptyPasswords no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230380'\n  tag rid: 'SV-230380r858715_rule'\n  tag stig_id: 'RHEL-08-020330'\n  tag fix_id: 'F-33024r743992_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('PermitEmptyPasswords') { should cmp 'no' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230380.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"SSHD Configuration PermitEmptyPasswords is expected to cmp == \"no\"","run_time":0.000342,"start_time":"2024-01-09T19:40:51-05:00","message":"\nexpected: no\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230381","title":"RHEL 8 must display the date and time of the last successful account\nlogon upon logon.","desc":"Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use.","descriptions":[{"label":"default","data":"Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use."},{"label":"check","data":"Verify users are provided with feedback on when account accesses last\noccurred with the following command:\n\n    $ sudo grep pam_lastlog /etc/pam.d/postlogin\n\n    session required pam_lastlog.so showfailed\n\n    If \"pam_lastlog\" is missing from \"/etc/pam.d/postlogin\" file, or the\nsilent option is present, this is a finding."},{"label":"fix","data":"Configure the operating system to provide users with feedback on when\naccount accesses last occurred by setting the required configuration options in\n\"/etc/pam.d/postlogin\".\n\n    Add the following line to the top of \"/etc/pam.d/postlogin\":\n\n    session required pam_lastlog.so showfailed"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230381","rid":"SV-230381r858726_rule","stig_id":"RHEL-08-020340","fix_id":"F-33025r567890_fix","cci":["CCI-000366","CCI-000052"],"nist":["CM-6 b","AC-9"]},"code":"control 'SV-230381' do\n  title 'RHEL 8 must display the date and time of the last successful account\nlogon upon logon.'\n  desc 'Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use.'\n  desc 'check', 'Verify users are provided with feedback on when account accesses last\noccurred with the following command:\n\n    $ sudo grep pam_lastlog /etc/pam.d/postlogin\n\n    session required pam_lastlog.so showfailed\n\n    If \"pam_lastlog\" is missing from \"/etc/pam.d/postlogin\" file, or the\nsilent option is present, this is a finding.'\n  desc 'fix', 'Configure the operating system to provide users with feedback on when\naccount accesses last occurred by setting the required configuration options in\n\"/etc/pam.d/postlogin\".\n\n    Add the following line to the top of \"/etc/pam.d/postlogin\":\n\n    session required pam_lastlog.so showfailed'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230381'\n  tag rid: 'SV-230381r858726_rule'\n  tag stig_id: 'RHEL-08-020340'\n  tag fix_id: 'F-33025r567890_fix'\n  tag cci: ['CCI-000366', 'CCI-000052']\n  tag nist: ['CM-6 b', 'AC-9']\n\n  describe pam('/etc/pam.d/postlogin') do\n    its('lines') { should match_pam_rule('session .* pam_lastlog.so').all_with_args('showfailed') }\n    its('lines') { should_not match_pam_rule('session .* pam_lastlog.so').all_without_args('silent') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230381.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/postlogin] lines is expected to include session .* pam_lastlog.so, all with args showfailed","run_time":0.000156,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/postlogin\"]","resource_id":""},{"status":"passed","code_desc":"PAM Config[/etc/pam.d/postlogin] lines is expected not to include session .* pam_lastlog.so, all without args silent","run_time":0.000146,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/postlogin\"]","resource_id":""}]},{"id":"SV-230382","title":"RHEL 8 must display the date and time of the last successful account\nlogon upon an SSH logon.","desc":"Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse.","descriptions":[{"label":"default","data":"Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse."},{"label":"check","data":"Verify SSH provides users with feedback on when account accesses last occurred with the following command:\n\n$ sudo grep -ir printlastlog /etc/ssh/sshd_config*\n\nPrintLastLog yes\n\nIf the \"PrintLastLog\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure SSH to provide users with feedback on when account accesses last\noccurred by setting the required configuration options in \"/etc/pam.d/sshd\"\nor in the \"sshd_config\" file used by the system (\"/etc/ssh/sshd_config\"\nwill be used in the example) (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor).\n\n    Modify the \"PrintLastLog\" line in \"/etc/ssh/sshd_config\" to match the\nfollowing:\n\n    PrintLastLog yes\n\n    The SSH service must be restarted for changes to \"sshd_config\" to take\neffect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230382","rid":"SV-230382r858717_rule","stig_id":"RHEL-08-020350","fix_id":"F-33026r567893_fix","cci":["CCI-000366","CCI-000052"],"nist":["CM-6 b","AC-9"]},"code":"control 'SV-230382' do\n  title 'RHEL 8 must display the date and time of the last successful account\nlogon upon an SSH logon.'\n  desc 'Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse.'\n  desc 'check', 'Verify SSH provides users with feedback on when account accesses last occurred with the following command:\n\n$ sudo grep -ir printlastlog /etc/ssh/sshd_config*\n\nPrintLastLog yes\n\nIf the \"PrintLastLog\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure SSH to provide users with feedback on when account accesses last\noccurred by setting the required configuration options in \"/etc/pam.d/sshd\"\nor in the \"sshd_config\" file used by the system (\"/etc/ssh/sshd_config\"\nwill be used in the example) (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor).\n\n    Modify the \"PrintLastLog\" line in \"/etc/ssh/sshd_config\" to match the\nfollowing:\n\n    PrintLastLog yes\n\n    The SSH service must be restarted for changes to \"sshd_config\" to take\neffect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230382'\n  tag rid: 'SV-230382r858717_rule'\n  tag stig_id: 'RHEL-08-020350'\n  tag fix_id: 'F-33026r567893_fix'\n  tag cci: ['CCI-000366', 'CCI-000052']\n  tag nist: ['CM-6 b', 'AC-9']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('PrintLastLog') { should cmp 'yes' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230382.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration PrintLastLog is expected to cmp == \"yes\"","run_time":0.000314,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230383","title":"RHEL 8 must define default permissions for all authenticated users in\nsuch a way that the user can only read and modify their own files.","desc":"Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access.","descriptions":[{"label":"default","data":"Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access."},{"label":"check","data":"Verify the operating system defines default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Check for the value of the \"UMASK\" parameter in \"/etc/login.defs\" file\nwith the following command:\n\n    Note: If the value of the \"UMASK\" parameter is set to \"000\" in\n\"/etc/login.defs\" file, the Severity is raised to a CAT I.\n\n    # grep -i umask /etc/login.defs\n\n    UMASK 077\n\n    If the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\"\nparameter is missing or is commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to define default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Add or edit the line for the \"UMASK\" parameter in \"/etc/login.defs\"\nfile to \"077\":\n\n    UMASK 077"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00228","gid":"V-230383","rid":"SV-230383r627750_rule","stig_id":"RHEL-08-020351","fix_id":"F-33027r567896_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230383' do\n  title 'RHEL 8 must define default permissions for all authenticated users in\nsuch a way that the user can only read and modify their own files.'\n  desc 'Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access.'\n  desc 'check', 'Verify the operating system defines default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Check for the value of the \"UMASK\" parameter in \"/etc/login.defs\" file\nwith the following command:\n\n    Note: If the value of the \"UMASK\" parameter is set to \"000\" in\n\"/etc/login.defs\" file, the Severity is raised to a CAT I.\n\n    # grep -i umask /etc/login.defs\n\n    UMASK 077\n\n    If the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\"\nparameter is missing or is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to define default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Add or edit the line for the \"UMASK\" parameter in \"/etc/login.defs\"\nfile to \"077\":\n\n    UMASK 077'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00228'\n  tag gid: 'V-230383'\n  tag rid: 'SV-230383r627750_rule'\n  tag stig_id: 'RHEL-08-020351'\n  tag fix_id: 'F-33027r567896_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  permissions_for_shells = input('permissions_for_shells')\n\n  impact 0.7 if login_defs.read_params['UMASK'].eql?('000')\n  describe login_defs do\n    its('UMASK') { should cmp permissions_for_shells['default_umask'] }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230383.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"login.defs UMASK is expected to cmp == \"077\"","run_time":0.000167,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"login_defs","resource_params":"[]","resource_id":"/etc/login.defs"}]},{"id":"SV-230384","title":"RHEL 8 must set the umask value to 077 for all local interactive user\naccounts.","desc":"The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.","descriptions":[{"label":"default","data":"The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system."},{"label":"check","data":"Verify that the default umask for all local interactive users is \"077\".\n\nIdentify the locations of all local interactive user home directories by looking at the \"/etc/passwd\" file.\n\nCheck all local interactive user initialization files for interactive users with the following command:\n\nNote: The example is for a system that is configured to create users home directories in the \"/home\" directory.\n\n$ sudo grep -ir ^umask /home | grep -v '.bash_history'\n\nIf any local interactive user initialization files are found to have a umask statement that has a value less restrictive than \"077\", this is a finding."},{"label":"fix","data":"Remove the umask statement from all local interactive user's initialization\nfiles.\n\n    If the account is for an application, the requirement for a umask less\nrestrictive than \"077\" can be documented with the Information System Security\nOfficer, but the user agreement for access to the account must specify that the\nlocal interactive user must log on to their account first and then switch the\nuser to the application account with the correct option to gain the account's\nenvironment variables."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00228","gid":"V-230384","rid":"SV-230384r858732_rule","stig_id":"RHEL-08-020352","fix_id":"F-33028r567899_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230384' do\n  title 'RHEL 8 must set the umask value to 077 for all local interactive user\naccounts.'\n  desc 'The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.'\n  desc 'check', %q(Verify that the default umask for all local interactive users is \"077\".\n\nIdentify the locations of all local interactive user home directories by looking at the \"/etc/passwd\" file.\n\nCheck all local interactive user initialization files for interactive users with the following command:\n\nNote: The example is for a system that is configured to create users home directories in the \"/home\" directory.\n\n$ sudo grep -ir ^umask /home | grep -v '.bash_history'\n\nIf any local interactive user initialization files are found to have a umask statement that has a value less restrictive than \"077\", this is a finding.)\n  desc 'fix', %q(Remove the umask statement from all local interactive user's initialization\nfiles.\n\n    If the account is for an application, the requirement for a umask less\nrestrictive than \"077\" can be documented with the Information System Security\nOfficer, but the user agreement for access to the account must specify that the\nlocal interactive user must log on to their account first and then switch the\nuser to the application account with the correct option to gain the account's\nenvironment variables.)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00228'\n  tag gid: 'V-230384'\n  tag rid: 'SV-230384r858732_rule'\n  tag stig_id: 'RHEL-08-020352'\n  tag fix_id: 'F-33028r567899_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  # Get home directory for users with UID >= 1000 or UID == 0 and support interactive logins.\n  findings = Set[]\n  dotfiles = Set[]\n  umasks = {}\n  umask_findings = Set[]\n\n  uid_min = login_defs.UID_MIN.to_i\n\n  interactive_users = users.where { !shell.match(ignore_shells) && (uid >= uid_min || uid.zero?) }.entries\n\n  # For each user, build and execute a find command that identifies initialization files\n  # in a user's home directory.\n  interactive_users.each do |u|\n    # Only check if the home directory is local\n    is_local = command(\"df -l #{u.home}\").exit_status\n\n    if is_local.zero?\n      # Get user's initialization files\n      dotfiles += command(\"find #{u.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n\n      # Get user's umask\n      umasks.store(u.username, command(\"su -c 'umask' -l #{u.username}\").stdout.chomp(\"\\n\"))\n\n      # Check all local initialization files to see whether or not they are less restrictive than 077.\n      dotfiles.each do |df|\n        findings += df if file(df).more_permissive_than?('0077')\n      end\n\n      # Check umask for all interactive users\n      umasks.each do |key, value|\n        max_mode = '0077'.to_i(8)\n        inv_mode = 0o777 ^ max_mode\n        umask_findings += key if inv_mode & value.to_i(8) != 0\n      end\n    else\n      describe 'This control skips non-local filesystems' do\n        skip \"This control has skipped the #{u.home} home directory for #{u.username} because it is not a local filesystem.\"\n      end\n    end\n  end\n\n  # Report on any interactive files that are less restrictive than 077.\n  describe 'No interactive user initialization files with a less restrictive umask were found.' do\n    subject { findings.empty? }\n    it { should eq true }\n  end\n\n  # Report on any interactive users that have a umask less restrictive than 077.\n  describe 'No users were found with a less restrictive umask were found.' do\n    subject { umask_findings.empty? }\n    it { should eq true }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230384.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"No interactive user initialization files with a less restrictive umask were found. is expected to eq true","run_time":4.8e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No interactive user initialization files with a less restrictive umask were found."},{"status":"passed","code_desc":"No users were found with a less restrictive umask were found. is expected to eq true","run_time":3.5e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"Object","resource_params":"[]","resource_id":"No users were found with a less restrictive umask were found."}]},{"id":"SV-230385","title":"RHEL 8 must define default permissions for logon and non-logon shells.","desc":"The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.","descriptions":[{"label":"default","data":"The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system."},{"label":"check","data":"Verify that the umask default for installed shells is \"077\".\n\nCheck for the value of the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\" files with the following command:\n\nNote: If the value of the \"UMASK\" parameter is set to \"000\" in the \"/etc/bashrc\" the \"/etc/csh.cshrc\" or the \"/etc/profile\" files, the Severity is raised to a CAT I.\n\n# grep -i umask /etc/bashrc /etc/csh.cshrc /etc/profile\n\n/etc/bashrc:          umask 077\n/etc/bashrc:          umask 077\n/etc/csh.cshrc:      umask 077\n/etc/csh.cshrc:      umask 077\n/etc/profile:      umask 077\n/etc/profile:      umask 077\n\nIf the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\" parameter is missing or is commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to define default permissions for all authenticated users in such a way that the user can only read and modify their own files.\n\nAdd or edit the lines for the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\"files to \"077\":\n\nUMASK 077"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230385","rid":"SV-230385r792902_rule","stig_id":"RHEL-08-020353","fix_id":"F-33029r792901_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230385' do\n  title 'RHEL 8 must define default permissions for logon and non-logon shells.'\n  desc 'The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.'\n  desc 'check', 'Verify that the umask default for installed shells is \"077\".\n\nCheck for the value of the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\" files with the following command:\n\nNote: If the value of the \"UMASK\" parameter is set to \"000\" in the \"/etc/bashrc\" the \"/etc/csh.cshrc\" or the \"/etc/profile\" files, the Severity is raised to a CAT I.\n\n# grep -i umask /etc/bashrc /etc/csh.cshrc /etc/profile\n\n/etc/bashrc:          umask 077\n/etc/bashrc:          umask 077\n/etc/csh.cshrc:      umask 077\n/etc/csh.cshrc:      umask 077\n/etc/profile:      umask 077\n/etc/profile:      umask 077\n\nIf the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\" parameter is missing or is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to define default permissions for all authenticated users in such a way that the user can only read and modify their own files.\n\nAdd or edit the lines for the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\"files to \"077\":\n\nUMASK 077'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230385'\n  tag rid: 'SV-230385r792902_rule'\n  tag stig_id: 'RHEL-08-020353'\n  tag fix_id: 'F-33029r792901_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  umask_regexp = /umask\\s*(?<umask_code>\\d\\d\\d)/\n\n  bashrc_umask = file('/etc/bashrc').content.match(umask_regexp)[:umask_code]\n  cshrc_umask = file('/etc/csh.cshrc').content.match(umask_regexp)[:umask_code]\n\n  if bashrc_umask == '000' || cshrc_umask == '000'\n    impact 0.7\n    tag severity: 'high'\n  end\n\n  describe 'umask value defined in /etc/bashrc' do\n    subject { bashrc_umask }\n    it { should cmp input('permissions_for_shells')['bashrc_umask'] }\n  end\n  describe 'umask value defined in /etc/csh.cshrc' do\n    subject { cshrc_umask }\n    it { should cmp input('permissions_for_shells')['cshrc_umask'] }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230385.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"umask value defined in /etc/bashrc is expected to cmp == \"077\"","run_time":0.000107,"start_time":"2024-01-09T19:40:51-05:00","message":"\nexpected: 077\n     got: 02\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"umask value defined in /etc/bashrc"},{"status":"failed","code_desc":"umask value defined in /etc/csh.cshrc is expected to cmp == \"077\"","run_time":7.0e-05,"start_time":"2024-01-09T19:40:51-05:00","message":"\nexpected: 077\n     got: 02\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"umask value defined in /etc/csh.cshrc"}]},{"id":"SV-230386","title":"The RHEL 8 audit system must be configured to audit the execution of\nprivileged functions and prevent all software from executing at higher\nprivilege levels than users executing the software.","desc":"Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat.","descriptions":[{"label":"default","data":"Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat."},{"label":"check","data":"Verify RHEL 8 audits the execution of privileged functions.\n\n    Check if RHEL 8 is configured to audit the execution of the \"execve\"\nsystem call, by running the following command:\n\n    $ sudo grep execve /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    If the command does not return all lines, or the lines are commented out,\nthis is a finding."},{"label":"fix","data":"Configure RHEL 8 to audit the execution of the \"execve\" system call.\n\n    Add or update the following file system rules to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000326-GPOS-00126","satisfies":["SRG-OS-000326-GPOS-00126","SRG-OS-000327-GPOS-00127"],"gid":"V-230386","rid":"SV-230386r854037_rule","stig_id":"RHEL-08-030000","fix_id":"F-33030r567905_fix","cci":["CCI-002233"],"nist":["AC-6 (8)"]},"code":"control 'SV-230386' do\n  title 'The RHEL 8 audit system must be configured to audit the execution of\nprivileged functions and prevent all software from executing at higher\nprivilege levels than users executing the software.'\n  desc 'Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat.'\n  desc 'check', 'Verify RHEL 8 audits the execution of privileged functions.\n\n    Check if RHEL 8 is configured to audit the execution of the \"execve\"\nsystem call, by running the following command:\n\n    $ sudo grep execve /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    If the command does not return all lines, or the lines are commented out,\nthis is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit the execution of the \"execve\" system call.\n\n    Add or update the following file system rules to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000326-GPOS-00126'\n  tag satisfies: ['SRG-OS-000326-GPOS-00126', 'SRG-OS-000327-GPOS-00127']\n  tag gid: 'V-230386'\n  tag rid: 'SV-230386r854037_rule'\n  tag stig_id: 'RHEL-08-030000'\n  tag fix_id: 'F-33030r567905_fix'\n  tag cci: ['CCI-002233']\n  tag nist: ['AC-6 (8)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # All execve calls should use 'always,exit'\n    describe auditd.syscall('execve') do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n\n    # Work with the SUID rules\n    describe auditd.syscall('execve').where { fields.include?('euid=0') } do\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n    end\n\n    # Work with the SGID rules\n    describe auditd.syscall('execve').where { fields.include?('egid=0') } do\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230386.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"execve\" action.uniq is expected to eq [\"always\"]","run_time":5.6e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"execve\" list.uniq is expected to eq [\"exit\"]","run_time":4.3e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"execve\" fields include? \"euid=0\" arch.uniq is expected to include \"b32\"","run_time":6.2e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"execve\" fields include? \"euid=0\" arch.uniq is expected to include \"b64\"","run_time":4.4e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"execve\" fields include? \"egid=0\" arch.uniq is expected to include \"b32\"","run_time":4.3e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"execve\" fields include? \"egid=0\" arch.uniq is expected to include \"b64\"","run_time":4.2e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230387","title":"Cron logging must be implemented in RHEL 8.","desc":"Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users.","descriptions":[{"label":"default","data":"Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users."},{"label":"check","data":"Verify that \"rsyslog\" is configured to log cron events with the following\ncommand:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/*.conf\" files.\n\n    $ sudo grep -s cron /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n    /etc/rsyslog.conf:# Log cron stuff\n    /etc/rsyslog.conf:cron.*\n                                                /var/log/cron\n\n    If the command does not return a response, check for cron logging all\nfacilities with the following command.\n\n    $ sudo grep -s /var/log/messages /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n\n    If \"rsyslog\" is not logging messages for the cron facility or all\nfacilities, this is a finding."},{"label":"fix","data":"Configure \"rsyslog\" to log all cron messages by adding or updating the\nfollowing line to \"/etc/rsyslog.conf\" or a configuration file in the\n/etc/rsyslog.d/ directory:\n\n    cron.* /var/log/cron\n\n    The rsyslog daemon must be restarted for the changes to take effect:\n    $ sudo systemctl restart rsyslog.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230387","rid":"SV-230387r743996_rule","stig_id":"RHEL-08-030010","fix_id":"F-33031r743995_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230387' do\n  title 'Cron logging must be implemented in RHEL 8.'\n  desc 'Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users.'\n  desc 'check', 'Verify that \"rsyslog\" is configured to log cron events with the following\ncommand:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/*.conf\" files.\n\n    $ sudo grep -s cron /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n    /etc/rsyslog.conf:# Log cron stuff\n    /etc/rsyslog.conf:cron.*\n                                                /var/log/cron\n\n    If the command does not return a response, check for cron logging all\nfacilities with the following command.\n\n    $ sudo grep -s /var/log/messages /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n\n    If \"rsyslog\" is not logging messages for the cron facility or all\nfacilities, this is a finding.'\n  desc 'fix', 'Configure \"rsyslog\" to log all cron messages by adding or updating the\nfollowing line to \"/etc/rsyslog.conf\" or a configuration file in the\n/etc/rsyslog.d/ directory:\n\n    cron.* /var/log/cron\n\n    The rsyslog daemon must be restarted for the changes to take effect:\n    $ sudo systemctl restart rsyslog.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230387'\n  tag rid: 'SV-230387r743996_rule'\n  tag stig_id: 'RHEL-08-030010'\n  tag fix_id: 'F-33031r743995_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe command('grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron') do\n        its('stdout') { should match %r{cron\\.\\*\\s*/var/log/cron} }\n      end\n      describe command('grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages') do\n        its('stdout') { should match %r{\\*.info;mail.none;authpriv.none;cron.none\\s*/var/log/messages} }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230387.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron` stdout is expected to match /cron\\.\\*\\s*\\/var\\/log\\/cron/","run_time":4.0e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"command","resource_params":"[\"grep  -hsv \\\"^#\\\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron\"]","resource_id":"Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron`"},{"status":"passed","code_desc":"Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages` stdout is expected to match /\\*.info;mail.none;authpriv.none;cron.none\\s*\\/var\\/log\\/messages/","run_time":3.4e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"command","resource_params":"[\"grep  -hsv \\\"^#\\\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages\"]","resource_id":"Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages`"}]},{"id":"SV-230388","title":"The RHEL 8 System Administrator (SA) and Information System Security\nOfficer (ISSO) (at a minimum) must be alerted of an audit processing failure\nevent.","desc":"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.","descriptions":[{"label":"default","data":"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both."},{"label":"check","data":"Verify that the SA and ISSO (at a minimum) are notified in the event of an\naudit processing failure.\n\n    Check that RHEL 8 notifies the SA and ISSO (at a minimum) in the event of\nan audit processing failure with the following command:\n\n    $ sudo grep action_mail_acct /etc/audit/auditd.conf\n\n    action_mail_acct = root\n\n    If the value of the \"action_mail_acct\" keyword is not set to \"root\"\nand/or other accounts for security personnel, the \"action_mail_acct\" keyword\nis missing, or the retuned line is commented out, ask the system administrator\nto indicate how they and the ISSO are notified of an audit process failure.  If\nthere is no evidence of the proper personnel being notified of an audit\nprocessing failure, this is a finding."},{"label":"fix","data":"Configure \"auditd\" service to notify the SA and ISSO in the event of an\naudit processing failure.\n\n    Edit the following line in \"/etc/audit/auditd.conf\" to ensure that\nadministrators are notified via email for those situations:\n\n    action_mail_acct = root"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000046-GPOS-00022","gid":"V-230388","rid":"SV-230388r627750_rule","stig_id":"RHEL-08-030020","fix_id":"F-33032r567911_fix","cci":["CCI-000139"],"nist":["AU-5 a"]},"code":"control 'SV-230388' do\n  title 'The RHEL 8 System Administrator (SA) and Information System Security\nOfficer (ISSO) (at a minimum) must be alerted of an audit processing failure\nevent.'\n  desc 'It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.'\n  desc 'check', 'Verify that the SA and ISSO (at a minimum) are notified in the event of an\naudit processing failure.\n\n    Check that RHEL 8 notifies the SA and ISSO (at a minimum) in the event of\nan audit processing failure with the following command:\n\n    $ sudo grep action_mail_acct /etc/audit/auditd.conf\n\n    action_mail_acct = root\n\n    If the value of the \"action_mail_acct\" keyword is not set to \"root\"\nand/or other accounts for security personnel, the \"action_mail_acct\" keyword\nis missing, or the retuned line is commented out, ask the system administrator\nto indicate how they and the ISSO are notified of an audit process failure.  If\nthere is no evidence of the proper personnel being notified of an audit\nprocessing failure, this is a finding.'\n  desc 'fix', 'Configure \"auditd\" service to notify the SA and ISSO in the event of an\naudit processing failure.\n\n    Edit the following line in \"/etc/audit/auditd.conf\" to ensure that\nadministrators are notified via email for those situations:\n\n    action_mail_acct = root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000046-GPOS-00022'\n  tag gid: 'V-230388'\n  tag rid: 'SV-230388r627750_rule'\n  tag stig_id: 'RHEL-08-030020'\n  tag fix_id: 'F-33032r567911_fix'\n  tag cci: ['CCI-000139']\n  tag nist: ['AU-5 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('action_mail_acct') { should cmp 'root' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230388.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Audit Daemon Config action_mail_acct is expected to cmp == \"root\"","run_time":0.000136,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"auditd_conf","resource_params":"[]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230389","title":"The RHEL 8 Information System Security Officer (ISSO) and System\nAdministrator (SA) (at a minimum) must have mail aliases to be notified of an\naudit processing failure.","desc":"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.","descriptions":[{"label":"default","data":"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both."},{"label":"check","data":"Verify that the administrators are notified in the event of an audit\nprocessing failure.\n\n    Check that the \"/etc/aliases\" file has a defined value for \"root\".\n\n    $ sudo grep \"postmaster:\\s*root$\" /etc/aliases\n\n    If the command does not return a line, or the line is commented out, ask\nthe system administrator to indicate how they and the ISSO are notified of an\naudit process failure.  If there is no evidence of the proper personnel being\nnotified of an audit processing failure, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to notify administrators in the event of an audit\nprocessing failure.\n\n    Add/update the following line in \"/etc/aliases\":\n\n    postmaster: root"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000046-GPOS-00022","gid":"V-230389","rid":"SV-230389r627750_rule","stig_id":"RHEL-08-030030","fix_id":"F-33033r567914_fix","cci":["CCI-000139"],"nist":["AU-5 a"]},"code":"control 'SV-230389' do\n  title 'The RHEL 8 Information System Security Officer (ISSO) and System\nAdministrator (SA) (at a minimum) must have mail aliases to be notified of an\naudit processing failure.'\n  desc 'It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.'\n  desc 'check', 'Verify that the administrators are notified in the event of an audit\nprocessing failure.\n\n    Check that the \"/etc/aliases\" file has a defined value for \"root\".\n\n    $ sudo grep \"postmaster:\\\\s*root$\" /etc/aliases\n\n    If the command does not return a line, or the line is commented out, ask\nthe system administrator to indicate how they and the ISSO are notified of an\naudit process failure.  If there is no evidence of the proper personnel being\nnotified of an audit processing failure, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to notify administrators in the event of an audit\nprocessing failure.\n\n    Add/update the following line in \"/etc/aliases\":\n\n    postmaster: root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000046-GPOS-00022'\n  tag gid: 'V-230389'\n  tag rid: 'SV-230389r627750_rule'\n  tag stig_id: 'RHEL-08-030030'\n  tag fix_id: 'F-33033r567914_fix'\n  tag cci: ['CCI-000139']\n  tag nist: ['AU-5 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep \"postmaster:\\s*root$\" /etc/aliases') do\n      its('stdout.strip') { should match(/postmaster:\\s*root/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230389.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep \"postmaster:\\s*root$\" /etc/aliases` stdout.strip is expected to match /postmaster:\\s*root/","run_time":0.108281,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"command","resource_params":"[\"grep \\\"postmaster:\\\\s*root$\\\" /etc/aliases\"]","resource_id":"Command: `grep \"postmaster:\\s*root$\" /etc/aliases`"}]},{"id":"SV-230390","title":"The RHEL 8 System must take appropriate action when an audit\nprocessing failure occurs.","desc":"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.","descriptions":[{"label":"default","data":"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both."},{"label":"check","data":"Verify RHEL 8 takes the appropriate action when an audit processing failure\noccurs.\n\n    Check that RHEL 8 takes the appropriate action when an audit processing\nfailure occurs with the following command:\n\n    $ sudo grep disk_error_action /etc/audit/auditd.conf\n\n    disk_error_action = HALT\n\n    If the value of the \"disk_error_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nprocess failure occurs.  If there is no evidence of appropriate action, this is\na finding."},{"label":"fix","data":"Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_error_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_error_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_error_action\" to \"SYSLOG\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000047-GPOS-00023","gid":"V-230390","rid":"SV-230390r627750_rule","stig_id":"RHEL-08-030040","fix_id":"F-33034r567917_fix","cci":["CCI-000140"],"nist":["AU-5 b"]},"code":"control 'SV-230390' do\n  title 'The RHEL 8 System must take appropriate action when an audit\nprocessing failure occurs.'\n  desc 'It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.'\n  desc 'check', 'Verify RHEL 8 takes the appropriate action when an audit processing failure\noccurs.\n\n    Check that RHEL 8 takes the appropriate action when an audit processing\nfailure occurs with the following command:\n\n    $ sudo grep disk_error_action /etc/audit/auditd.conf\n\n    disk_error_action = HALT\n\n    If the value of the \"disk_error_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nprocess failure occurs.  If there is no evidence of appropriate action, this is\na finding.'\n  desc 'fix', 'Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_error_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_error_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_error_action\" to \"SYSLOG\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000047-GPOS-00023'\n  tag gid: 'V-230390'\n  tag rid: 'SV-230390r627750_rule'\n  tag stig_id: 'RHEL-08-030040'\n  tag fix_id: 'F-33034r567917_fix'\n  tag cci: ['CCI-000140']\n  tag nist: ['AU-5 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('disk_error_action') { should be_in input('disk_error_action') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230390.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Audit Daemon Config disk_error_action is expected to be in \"SYSLOG\", \"SINGLE\", and \"HALT\"","run_time":0.000289,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"auditd_conf","resource_params":"[]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230392","title":"The RHEL 8 audit system must take appropriate action when the audit\nstorage volume is full.","desc":"It is critical that when RHEL 8 is at risk of failing to process audit\nlogs as required, it takes action to mitigate the failure. Audit processing\nfailures include software/hardware errors; failures in the audit capturing\nmechanisms; and audit storage capacity being reached or exceeded. Responses to\naudit failure depend upon the nature of the failure mode.\n\n    When availability is an overriding concern, other approved actions in\nresponse to an audit failure are as follows:\n\n    1) If the failure was caused by the lack of audit record storage capacity,\nRHEL 8 must continue generating audit records if possible (automatically\nrestarting the audit service if necessary) and overwriting the oldest audit\nrecords in a first-in-first-out manner.\n\n    2) If audit records are sent to a centralized collection server and\ncommunication with this server is lost or the server fails, RHEL 8 must queue\naudit records locally until communication is restored or until the audit\nrecords are retrieved manually. Upon restoration of the connection to the\ncentralized collection server, action should be taken to synchronize the local\naudit data with the collection server.","descriptions":[{"label":"default","data":"It is critical that when RHEL 8 is at risk of failing to process audit\nlogs as required, it takes action to mitigate the failure. Audit processing\nfailures include software/hardware errors; failures in the audit capturing\nmechanisms; and audit storage capacity being reached or exceeded. Responses to\naudit failure depend upon the nature of the failure mode.\n\n    When availability is an overriding concern, other approved actions in\nresponse to an audit failure are as follows:\n\n    1) If the failure was caused by the lack of audit record storage capacity,\nRHEL 8 must continue generating audit records if possible (automatically\nrestarting the audit service if necessary) and overwriting the oldest audit\nrecords in a first-in-first-out manner.\n\n    2) If audit records are sent to a centralized collection server and\ncommunication with this server is lost or the server fails, RHEL 8 must queue\naudit records locally until communication is restored or until the audit\nrecords are retrieved manually. Upon restoration of the connection to the\ncentralized collection server, action should be taken to synchronize the local\naudit data with the collection server."},{"label":"check","data":"Verify RHEL 8 takes the appropriate action when the audit storage volume is\nfull.\n\n    Check that RHEL 8 takes the appropriate action when the audit storage\nvolume is full with the following command:\n\n    $ sudo grep disk_full_action /etc/audit/auditd.conf\n\n    disk_full_action = HALT\n\n    If the value of the \"disk_full_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nstorage volume is full.  If there is no evidence of appropriate action, this is\na finding."},{"label":"fix","data":"Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_full_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_full_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_full_action\" to \"SYSLOG\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000047-GPOS-00023","gid":"V-230392","rid":"SV-230392r627750_rule","stig_id":"RHEL-08-030060","fix_id":"F-33036r567923_fix","cci":["CCI-000140"],"nist":["AU-5 b"]},"code":"control 'SV-230392' do\n  title 'The RHEL 8 audit system must take appropriate action when the audit\nstorage volume is full.'\n  desc 'It is critical that when RHEL 8 is at risk of failing to process audit\nlogs as required, it takes action to mitigate the failure. Audit processing\nfailures include software/hardware errors; failures in the audit capturing\nmechanisms; and audit storage capacity being reached or exceeded. Responses to\naudit failure depend upon the nature of the failure mode.\n\n    When availability is an overriding concern, other approved actions in\nresponse to an audit failure are as follows:\n\n    1) If the failure was caused by the lack of audit record storage capacity,\nRHEL 8 must continue generating audit records if possible (automatically\nrestarting the audit service if necessary) and overwriting the oldest audit\nrecords in a first-in-first-out manner.\n\n    2) If audit records are sent to a centralized collection server and\ncommunication with this server is lost or the server fails, RHEL 8 must queue\naudit records locally until communication is restored or until the audit\nrecords are retrieved manually. Upon restoration of the connection to the\ncentralized collection server, action should be taken to synchronize the local\naudit data with the collection server.'\n  desc 'check', 'Verify RHEL 8 takes the appropriate action when the audit storage volume is\nfull.\n\n    Check that RHEL 8 takes the appropriate action when the audit storage\nvolume is full with the following command:\n\n    $ sudo grep disk_full_action /etc/audit/auditd.conf\n\n    disk_full_action = HALT\n\n    If the value of the \"disk_full_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nstorage volume is full.  If there is no evidence of appropriate action, this is\na finding.'\n  desc 'fix', 'Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_full_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_full_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_full_action\" to \"SYSLOG\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000047-GPOS-00023'\n  tag gid: 'V-230392'\n  tag rid: 'SV-230392r627750_rule'\n  tag stig_id: 'RHEL-08-030060'\n  tag fix_id: 'F-33036r567923_fix'\n  tag cci: ['CCI-000140']\n  tag nist: ['AU-5 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('disk_full_action') { should be_in input('disk_full_action') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230392.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Audit Daemon Config disk_full_action is expected to be in \"SYSLOG\", \"SINGLE\", and \"HALT\"","run_time":0.000224,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"auditd_conf","resource_params":"[]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230393","title":"The RHEL 8 audit system must audit local events.","desc":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.","descriptions":[{"label":"default","data":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked."},{"label":"check","data":"Verify the RHEL 8 Audit Daemon is configured to include local events, with\nthe following command:\n\n    $ sudo grep local_events /etc/audit/auditd.conf\n\n    local_events = yes\n\n    If the value of the \"local_events\" option is not set to \"yes\", or the\nline is commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to audit local events on the system.\n\nAdd or update the following line in \"/etc/audit/auditd.conf\" file:\n\nlocal_events = yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230393","rid":"SV-230393r627750_rule","stig_id":"RHEL-08-030061","fix_id":"F-33037r567926_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230393' do\n  title 'The RHEL 8 audit system must audit local events.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.'\n  desc 'check', 'Verify the RHEL 8 Audit Daemon is configured to include local events, with\nthe following command:\n\n    $ sudo grep local_events /etc/audit/auditd.conf\n\n    local_events = yes\n\n    If the value of the \"local_events\" option is not set to \"yes\", or the\nline is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit local events on the system.\n\nAdd or update the following line in \"/etc/audit/auditd.conf\" file:\n\nlocal_events = yes'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230393'\n  tag rid: 'SV-230393r627750_rule'\n  tag stig_id: 'RHEL-08-030061'\n  tag fix_id: 'F-33037r567926_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('local_events') { should eq 'yes' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230393.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/audit/auditd.conf local_events is expected to eq \"yes\"","run_time":5.9e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/audit/auditd.conf\"]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230394","title":"RHEL 8 must label all off-loaded audit logs before sending them to the\ncentral log server.","desc":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging is needed to determine who, what, and when events occur on\na system.  Without this, determining root cause of an event will be much more\ndifficult.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system.","descriptions":[{"label":"default","data":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging is needed to determine who, what, and when events occur on\na system.  Without this, determining root cause of an event will be much more\ndifficult.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system."},{"label":"check","data":"Verify the RHEL 8 Audit Daemon is configured to label all off-loaded audit\nlogs, with the following command:\n\n    $ sudo grep \"name_format\" /etc/audit/auditd.conf\n\n    name_format = hostname\n\n    If the \"name_format\" option is not \"hostname\", \"fqd\", or \"numeric\",\nor the line is commented out, this is a finding."},{"label":"fix","data":"Edit the /etc/audit/auditd.conf file and add or update the \"name_format\"\noption:\n\n    name_format = hostname\n\n    The audit daemon must be restarted for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-GPOS-00133","gid":"V-230394","rid":"SV-230394r877390_rule","stig_id":"RHEL-08-030062","fix_id":"F-33038r567929_fix","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'SV-230394' do\n  title 'RHEL 8 must label all off-loaded audit logs before sending them to the\ncentral log server.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging is needed to determine who, what, and when events occur on\na system.  Without this, determining root cause of an event will be much more\ndifficult.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system.'\n  desc 'check', 'Verify the RHEL 8 Audit Daemon is configured to label all off-loaded audit\nlogs, with the following command:\n\n    $ sudo grep \"name_format\" /etc/audit/auditd.conf\n\n    name_format = hostname\n\n    If the \"name_format\" option is not \"hostname\", \"fqd\", or \"numeric\",\nor the line is commented out, this is a finding.'\n  desc 'fix', 'Edit the /etc/audit/auditd.conf file and add or update the \"name_format\"\noption:\n\n    name_format = hostname\n\n    The audit daemon must be restarted for changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag gid: 'V-230394'\n  tag rid: 'SV-230394r877390_rule'\n  tag stig_id: 'RHEL-08-030062'\n  tag fix_id: 'F-33038r567929_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif file('/etc/audit/auditd.conf').exist?\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('name_format') { should match(/^hostname$|^fqd$|^numeric$/i) }\n    end\n  else\n    describe \"File '/etc/audit/auditd.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audit/auditd.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230394.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/audit/auditd.conf name_format is expected to match /^hostname$|^fqd$|^numeric$/i","run_time":5.0e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/audit/auditd.conf\"]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230395","title":"RHEL 8 must resolve audit information before writing to disk.","desc":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging aids in making sense of who, what, and when events occur\non a system.  Without this, determining root cause of an event will be much\nmore difficult.","descriptions":[{"label":"default","data":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging aids in making sense of who, what, and when events occur\non a system.  Without this, determining root cause of an event will be much\nmore difficult."},{"label":"check","data":"Verify the RHEL 8 Audit Daemon is configured to resolve audit information\nbefore writing to disk, with the following command:\n\n    $ sudo grep \"log_format\" /etc/audit/auditd.conf\n\n    log_format = ENRICHED\n\n    If the \"log_format\" option is not \"ENRICHED\", or the line is commented\nout, this is a finding."},{"label":"fix","data":"Edit the /etc/audit/auditd.conf file and add or update the \"log_format\"\noption:\n\n    log_format = ENRICHED\n\n    The audit daemon must be restarted for changes to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230395","rid":"SV-230395r627750_rule","stig_id":"RHEL-08-030063","fix_id":"F-33039r567932_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230395' do\n  title 'RHEL 8 must resolve audit information before writing to disk.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging aids in making sense of who, what, and when events occur\non a system.  Without this, determining root cause of an event will be much\nmore difficult.'\n  desc 'check', 'Verify the RHEL 8 Audit Daemon is configured to resolve audit information\nbefore writing to disk, with the following command:\n\n    $ sudo grep \"log_format\" /etc/audit/auditd.conf\n\n    log_format = ENRICHED\n\n    If the \"log_format\" option is not \"ENRICHED\", or the line is commented\nout, this is a finding.'\n  desc 'fix', 'Edit the /etc/audit/auditd.conf file and add or update the \"log_format\"\noption:\n\n    log_format = ENRICHED\n\n    The audit daemon must be restarted for changes to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230395'\n  tag rid: 'SV-230395r627750_rule'\n  tag stig_id: 'RHEL-08-030063'\n  tag fix_id: 'F-33039r567932_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('log_format') { should eq 'ENRICHED' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230395.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/audit/auditd.conf log_format is expected to eq \"ENRICHED\"","run_time":4.7e-05,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/audit/auditd.conf\"]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230396","title":"RHEL 8 audit logs must have a mode of 0600 or less permissive to\nprevent unauthorized read access.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify the audit logs have a mode of \"0600\" or less permissive.\n\n    First, determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, check if the audit log has a mode\nof \"0600\" or less permissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit/audit.log\n\n    600 /var/log/audit/audit.log\n\n    If the audit log has a mode more permissive than \"0600\", this is a\nfinding."},{"label":"fix","data":"Configure the audit log to be protected from unauthorized read access by setting the correct permissive mode with the following command:\n\n$ sudo chmod 0600 /var/log/audit/audit.log"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029","SRG-OS-000206-GPOS-00084"],"gid":"V-230396","rid":"SV-230396r902733_rule","stig_id":"RHEL-08-030070","fix_id":"F-33040r902732_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230396' do\n  title 'RHEL 8 audit logs must have a mode of 0600 or less permissive to\nprevent unauthorized read access.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the audit logs have a mode of \"0600\" or less permissive.\n\n    First, determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, check if the audit log has a mode\nof \"0600\" or less permissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit/audit.log\n\n    600 /var/log/audit/audit.log\n\n    If the audit log has a mode more permissive than \"0600\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access by setting the correct permissive mode with the following command:\n\n$ sudo chmod 0600 /var/log/audit/audit.log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029', 'SRG-OS-000206-GPOS-00084']\n  tag gid: 'V-230396'\n  tag rid: 'SV-230396r902733_rule'\n  tag stig_id: 'RHEL-08-030070'\n  tag fix_id: 'F-33040r902732_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  log_file = auditd_conf('/etc/audit/auditd.conf').log_file\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(log_file) do\n      it { should_not be_more_permissive_than('0600') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230396.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/audit/audit.log is expected not to be more permissive than \"0600\"","run_time":0.278196,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"file","resource_params":"[\"/var/log/audit/audit.log\"]","resource_id":"/var/log/audit/audit.log"}]},{"id":"SV-230397","title":"RHEL 8 audit logs must be owned by root to prevent unauthorized read\naccess.","desc":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.","descriptions":[{"label":"default","data":"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."},{"label":"check","data":"Verify the audit logs are owned by \"root\". First, determine where the\naudit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\nowned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not owned by \"root\", this is a finding."},{"label":"fix","data":"Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_file]\n\n    Replace \"[audit_log_file]\" to the correct audit log path, by default this\nlocation is \"/var/log/audit/audit.log\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029","SRG-OS-000206-GPOS-00084"],"gid":"V-230397","rid":"SV-230397r627750_rule","stig_id":"RHEL-08-030080","fix_id":"F-33041r567938_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230397' do\n  title 'RHEL 8 audit logs must be owned by root to prevent unauthorized read\naccess.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the audit logs are owned by \"root\". First, determine where the\naudit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\nowned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_file]\n\n    Replace \"[audit_log_file]\" to the correct audit log path, by default this\nlocation is \"/var/log/audit/audit.log\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029', 'SRG-OS-000206-GPOS-00084']\n  tag gid: 'V-230397'\n  tag rid: 'SV-230397r627750_rule'\n  tag stig_id: 'RHEL-08-030080'\n  tag fix_id: 'F-33041r567938_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  log_file = auditd_conf('/etc/audit/auditd.conf').log_file\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(log_file) do\n      its('owner') { should eq 'root' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230397.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/audit/audit.log owner is expected to eq \"root\"","run_time":0.000229,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"file","resource_params":"[\"/var/log/audit/audit.log\"]","resource_id":"/var/log/audit/audit.log"}]},{"id":"SV-230398","title":"RHEL 8 audit logs must be group-owned by root to prevent unauthorized\nread access.","desc":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.","descriptions":[{"label":"default","data":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity."},{"label":"check","data":"Verify the audit logs are group-owned by \"root\". First determine where\nthe audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\ngroup-owned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not group-owned by \"root\", this is a finding."},{"label":"fix","data":"Configure the audit log to be owned by root by configuring the log group in\nthe /etc/audit/auditd.conf file:\n\n    log_group = root"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029"],"gid":"V-230398","rid":"SV-230398r627750_rule","stig_id":"RHEL-08-030090","fix_id":"F-33042r567941_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230398' do\n  title 'RHEL 8 audit logs must be group-owned by root to prevent unauthorized\nread access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.'\n  desc 'check', 'Verify the audit logs are group-owned by \"root\". First determine where\nthe audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\ngroup-owned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not group-owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit log to be owned by root by configuring the log group in\nthe /etc/audit/auditd.conf file:\n\n    log_group = root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230398'\n  tag rid: 'SV-230398r627750_rule'\n  tag stig_id: 'RHEL-08-030090'\n  tag fix_id: 'F-33042r567941_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(auditd_conf('/etc/audit/auditd.conf').log_file) do\n      its('group') { should be_in input('var_log_audit_group') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230398.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/audit/audit.log group is expected to be in \"root\"","run_time":0.000297,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"file","resource_params":"[\"/var/log/audit/audit.log\"]","resource_id":"/var/log/audit/audit.log"}]},{"id":"SV-230399","title":"RHEL 8 audit log directory must be owned by root to prevent\nunauthorized read access.","desc":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.","descriptions":[{"label":"default","data":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity."},{"label":"check","data":"Verify the audit log directory is owned by \"root\" to prevent unauthorized\nread access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the owner of the audit log directory by using the output of the\nabove command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not owned by \"root\", this is a finding."},{"label":"fix","data":"Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029"],"gid":"V-230399","rid":"SV-230399r627750_rule","stig_id":"RHEL-08-030100","fix_id":"F-33043r567944_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230399' do\n  title 'RHEL 8 audit log directory must be owned by root to prevent\nunauthorized read access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.'\n  desc 'check', 'Verify the audit log directory is owned by \"root\" to prevent unauthorized\nread access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the owner of the audit log directory by using the output of the\nabove command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230399'\n  tag rid: 'SV-230399r627750_rule'\n  tag stig_id: 'RHEL-08-030100'\n  tag fix_id: 'F-33043r567944_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    log_dir = auditd_conf('/etc/audit/auditd.conf').log_file.split('/')[0..-2].join('/')\n    describe directory(log_dir) do\n      its('owner') { should eq 'root' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230399.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /var/log/audit owner is expected to eq \"root\"","run_time":0.121332,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"directory","resource_params":"[\"/var/log/audit\"]","resource_id":"/var/log/audit"}]},{"id":"SV-230400","title":"RHEL 8 audit log directory must be group-owned by root to prevent\nunauthorized read access.","desc":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.","descriptions":[{"label":"default","data":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity."},{"label":"check","data":"Verify the audit log directory is group-owned by \"root\" to prevent\nunauthorized read access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the group owner of the audit log directory by using the output of\nthe above command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not group-owned by \"root\", this is a\nfinding."},{"label":"fix","data":"Configure the audit log to be protected from unauthorized read access by\nsetting the correct group-owner as \"root\" with the following command:\n\n    $ sudo chgrp root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029"],"gid":"V-230400","rid":"SV-230400r627750_rule","stig_id":"RHEL-08-030110","fix_id":"F-33044r567947_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230400' do\n  title 'RHEL 8 audit log directory must be group-owned by root to prevent\nunauthorized read access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.'\n  desc 'check', 'Verify the audit log directory is group-owned by \"root\" to prevent\nunauthorized read access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the group owner of the audit log directory by using the output of\nthe above command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not group-owned by \"root\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access by\nsetting the correct group-owner as \"root\" with the following command:\n\n    $ sudo chgrp root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230400'\n  tag rid: 'SV-230400r627750_rule'\n  tag stig_id: 'RHEL-08-030110'\n  tag fix_id: 'F-33044r567947_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe directory(auditd_conf('/etc/audit/auditd.conf').log_file.split('/')[0..-2].join('/')) do\n      its('group') { should be_in input('var_log_audit_group') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230400.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /var/log/audit group is expected to be in \"root\"","run_time":0.000391,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"directory","resource_params":"[\"/var/log/audit\"]","resource_id":"/var/log/audit"}]},{"id":"SV-230401","title":"RHEL 8 audit log directory must have a mode of 0700 or less permissive\nto prevent unauthorized read access.","desc":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.","descriptions":[{"label":"default","data":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity."},{"label":"check","data":"Verify the audit log directories have a mode of \"0700\" or less permissive\nby first determining where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log, determine the directory where the\naudit logs are stored (ex: \"/var/log/audit\"). Run the following command to\ndetermine the permissions for the audit log folder:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit\n\n    700 /var/log/audit\n\n    If the audit log directory has a mode more permissive than \"0700\", this\nis a finding."},{"label":"fix","data":"Configure the audit log directory to be protected from unauthorized read\naccess by setting the correct permissive mode with the following command:\n\n    $ sudo chmod 0700 [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" to the correct audit log directory path,\nby default this location is \"/var/log/audit\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029"],"gid":"V-230401","rid":"SV-230401r627750_rule","stig_id":"RHEL-08-030120","fix_id":"F-33045r567950_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230401' do\n  title 'RHEL 8 audit log directory must have a mode of 0700 or less permissive\nto prevent unauthorized read access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.'\n  desc 'check', 'Verify the audit log directories have a mode of \"0700\" or less permissive\nby first determining where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log, determine the directory where the\naudit logs are stored (ex: \"/var/log/audit\"). Run the following command to\ndetermine the permissions for the audit log folder:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit\n\n    700 /var/log/audit\n\n    If the audit log directory has a mode more permissive than \"0700\", this\nis a finding.'\n  desc 'fix', 'Configure the audit log directory to be protected from unauthorized read\naccess by setting the correct permissive mode with the following command:\n\n    $ sudo chmod 0700 [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" to the correct audit log directory path,\nby default this location is \"/var/log/audit\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230401'\n  tag rid: 'SV-230401r627750_rule'\n  tag stig_id: 'RHEL-08-030120'\n  tag fix_id: 'F-33045r567950_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  log_dir = command(\"dirname #{auditd_conf('/etc/audit/auditd.conf').log_file}\").stdout.strip\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe directory(log_dir) do\n      it { should_not be_more_permissive_than('0700') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230401.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Directory /var/log/audit is expected not to be more permissive than \"0700\"","run_time":0.176809,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"directory","resource_params":"[\"/var/log/audit\"]","resource_id":"/var/log/audit"}]},{"id":"SV-230402","title":"RHEL 8 audit system must protect auditing rules from unauthorized\nchange.","desc":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.","descriptions":[{"label":"default","data":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes."},{"label":"check","data":"Verify the audit system prevents unauthorized changes with the following\ncommand:\n\n    $ sudo grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1\n\n    -e 2\n\n    If the audit system is not set to be immutable by adding the \"-e 2\"\noption to the \"/etc/audit/audit.rules\", this is a finding."},{"label":"fix","data":"Configure the audit system to set the audit rules to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    -e 2\n\n    Note: Once set, the system must be rebooted for auditing to be changed.  It\nis recommended to add this option as the last step in securing the system."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029"],"gid":"V-230402","rid":"SV-230402r627750_rule","stig_id":"RHEL-08-030121","fix_id":"F-33046r567953_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230402' do\n  title 'RHEL 8 audit system must protect auditing rules from unauthorized\nchange.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.'\n  desc 'check', 'Verify the audit system prevents unauthorized changes with the following\ncommand:\n\n    $ sudo grep \"^\\\\s*[^#]\" /etc/audit/audit.rules | tail -1\n\n    -e 2\n\n    If the audit system is not set to be immutable by adding the \"-e 2\"\noption to the \"/etc/audit/audit.rules\", this is a finding.'\n  desc 'fix', 'Configure the audit system to set the audit rules to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    -e 2\n\n    Note: Once set, the system must be rebooted for auditing to be changed.  It\nis recommended to add this option as the last step in securing the system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230402'\n  tag rid: 'SV-230402r627750_rule'\n  tag stig_id: 'RHEL-08-030121'\n  tag fix_id: 'F-33046r567953_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1') do\n      its('stdout.strip') { should cmp '-e 2' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230402.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1` stdout.strip is expected to cmp == \"-e 2\"","run_time":0.127244,"start_time":"2024-01-09T19:40:51-05:00","resource_class":"command","resource_params":"[\"grep \\\"^\\\\s*[^#]\\\" /etc/audit/audit.rules | tail -1\"]","resource_id":"Command: `grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1`"}]},{"id":"SV-230403","title":"RHEL 8 audit system must protect logon UIDs from unauthorized change.","desc":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.","descriptions":[{"label":"default","data":"Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes."},{"label":"check","data":"Verify the audit system prevents unauthorized changes to logon UIDs with\nthe following command:\n\n    $ sudo grep -i immutable /etc/audit/audit.rules\n\n    --loginuid-immutable\n\n    If the login UIDs are not set to be immutable by adding the\n\"--loginuid-immutable\" option to the \"/etc/audit/audit.rules\", this is a\nfinding."},{"label":"fix","data":"Configure the audit system to set the logon UIDs to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    --loginuid-immutable"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000057-GPOS-00027","satisfies":["SRG-OS-000057-GPOS-00027","SRG-OS-000058-GPOS-00028","SRG-OS-000059-GPOS-00029"],"gid":"V-230403","rid":"SV-230403r627750_rule","stig_id":"RHEL-08-030122","fix_id":"F-33047r567956_fix","cci":["CCI-000162"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230403' do\n  title 'RHEL 8 audit system must protect logon UIDs from unauthorized change.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.'\n  desc 'check', 'Verify the audit system prevents unauthorized changes to logon UIDs with\nthe following command:\n\n    $ sudo grep -i immutable /etc/audit/audit.rules\n\n    --loginuid-immutable\n\n    If the login UIDs are not set to be immutable by adding the\n\"--loginuid-immutable\" option to the \"/etc/audit/audit.rules\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit system to set the logon UIDs to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    --loginuid-immutable'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230403'\n  tag rid: 'SV-230403r627750_rule'\n  tag stig_id: 'RHEL-08-030122'\n  tag fix_id: 'F-33047r567956_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i immutable /etc/audit/audit.rules') do\n      its('stdout.strip') { should cmp '--loginuid-immutable' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230403.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `grep -i immutable /etc/audit/audit.rules` stdout.strip is expected to cmp == \"--loginuid-immutable\"","run_time":0.173741,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"command","resource_params":"[\"grep -i immutable /etc/audit/audit.rules\"]","resource_id":"Command: `grep -i immutable /etc/audit/audit.rules`"}]},{"id":"SV-230404","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/shadow.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/shadow /etc/audit/audit.rules\n\n    -w /etc/shadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/shadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","SRG-OS-000466-GPOS-00210","SRG-OS-000476-GPOS-00221"],"gid":"V-230404","rid":"SV-230404r627750_rule","stig_id":"RHEL-08-030130","fix_id":"F-33048r567959_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230404' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/shadow.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/shadow /etc/audit/audit.rules\n\n    -w /etc/shadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/shadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230404'\n  tag rid: 'SV-230404r627750_rule'\n  tag stig_id: 'RHEL-08-030130'\n  tag fix_id: 'F-33048r567959_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/shadow'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230404.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/shadow\" permissions is expected not to cmp == []","run_time":0.002233,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/shadow\" action is expected not to include \"never\"","run_time":0.000602,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/shadow\" key is expected to cmp == \"identity\"","run_time":0.00037,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":0.000199,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":0.000123,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230405","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n/etc/security/opasswd.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/security/opasswd /etc/audit/audit.rules\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","SRG-OS-000476-GPOS-00221"],"gid":"V-230405","rid":"SV-230405r627750_rule","stig_id":"RHEL-08-030140","fix_id":"F-33049r567962_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230405' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n/etc/security/opasswd.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/security/opasswd /etc/audit/audit.rules\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230405'\n  tag rid: 'SV-230405r627750_rule'\n  tag stig_id: 'RHEL-08-030140'\n  tag fix_id: 'F-33049r567962_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/security/opasswd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230405.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/security/opasswd\" permissions is expected not to cmp == []","run_time":0.000517,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/security/opasswd\" action is expected not to include \"never\"","run_time":0.000155,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/security/opasswd\" key is expected to cmp == \"identity\"","run_time":0.00016,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":0.000115,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":0.000103,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230406","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/passwd.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/passwd /etc/audit/audit.rules\n\n    -w /etc/passwd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/passwd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","SRG-OS-000466-GPOS-00210","SRG-OS-000476-GPOS-00221"],"gid":"V-230406","rid":"SV-230406r627750_rule","stig_id":"RHEL-08-030150","fix_id":"F-33050r567965_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230406' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/passwd.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/passwd /etc/audit/audit.rules\n\n    -w /etc/passwd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/passwd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230406'\n  tag rid: 'SV-230406r627750_rule'\n  tag stig_id: 'RHEL-08-030150'\n  tag fix_id: 'F-33050r567965_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = auditd.file('/etc/passwd')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe audit_file do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp input('audit_passwd_key') }\n    end\n\n    # Resource creates data structure including all usages of file\n    audit_file.permissions.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230406.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/passwd\" permissions is expected not to cmp == []","run_time":0.000188,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/passwd\" action is expected not to include \"never\"","run_time":0.000134,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/passwd\" key is expected to cmp == \"identity\"","run_time":0.000262,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":9.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":8.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230407","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/gshadow.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/gshadow /etc/audit/audit.rules\n\n    -w /etc/gshadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/gshadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","SRG-OS-000466-GPOS-00210","SRG-OS-000476-GPOS-00221"],"gid":"V-230407","rid":"SV-230407r627750_rule","stig_id":"RHEL-08-030160","fix_id":"F-33051r567968_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230407' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/gshadow.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/gshadow /etc/audit/audit.rules\n\n    -w /etc/gshadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/gshadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230407'\n  tag rid: 'SV-230407r627750_rule'\n  tag stig_id: 'RHEL-08-030160'\n  tag fix_id: 'F-33051r567968_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/gshadow'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230407.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/gshadow\" permissions is expected not to cmp == []","run_time":0.00014,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/gshadow\" action is expected not to include \"never\"","run_time":0.000122,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/gshadow\" key is expected to cmp == \"identity\"","run_time":0.000124,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":9.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":8.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230408","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/group.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/group /etc/audit/audit.rules\n\n    -w /etc/group -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/group -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","CCI-002884","SRG-OS-000466-GPOS-00210","SRG-OS-000476-GPOS-00221"],"gid":"V-230408","rid":"SV-230408r627750_rule","stig_id":"RHEL-08-030170","fix_id":"F-33052r567971_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230408' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/group.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/group /etc/audit/audit.rules\n\n    -w /etc/group -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/group -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'CCI-002884', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230408'\n  tag rid: 'SV-230408r627750_rule'\n  tag stig_id: 'RHEL-08-030170'\n  tag fix_id: 'F-33052r567971_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = auditd.file('/etc/group')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe audit_file do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp input('audit_group_key') }\n    end\n\n    # Resource creates data structure including all usages of file\n    audit_file.permissions.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230408.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/group\" permissions is expected not to cmp == []","run_time":0.00014,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/group\" action is expected not to include \"never\"","run_time":0.000101,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/group\" key is expected to cmp == \"identity\"","run_time":0.000159,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":9.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":8.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230409","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers /etc/audit/audit.rules\n\n    -w /etc/sudoers -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","CCI-002884","SRG-OS-000466-GPOS-00210","SRG-OS-000476-GPOS-00221"],"gid":"V-230409","rid":"SV-230409r627750_rule","stig_id":"RHEL-08-030171","fix_id":"F-33053r567974_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230409' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers /etc/audit/audit.rules\n\n    -w /etc/sudoers -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'CCI-002884', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230409'\n  tag rid: 'SV-230409r627750_rule'\n  tag stig_id: 'RHEL-08-030171'\n  tag fix_id: 'F-33053r567974_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/sudoers'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230409.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/sudoers\" permissions is expected not to cmp == []","run_time":0.000141,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/sudoers\" action is expected not to include \"never\"","run_time":9.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/sudoers\" key is expected to cmp == \"identity\"","run_time":0.000127,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":8.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":8.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230410","title":"RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.d/.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."},{"label":"check","data":"Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers.d/ /etc/audit/audit.rules\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000004-GPOS-00004","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000304-GPOS-00121","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000470-GPOS-00214","SRG-OS-000471-GPOS-00215","SRG-OS-000239-GPOS-00089","SRG-OS-000240-GPOS-00090","SRG-OS-000241-GPOS-00091","SRG-OS-000303-GPOS-00120","SRG-OS-000304-GPOS-00121","CCI-002884","SRG-OS-000466-GPOS-00210","SRG-OS-000476-GPOS-00221"],"gid":"V-230410","rid":"SV-230410r627750_rule","stig_id":"RHEL-08-030172","fix_id":"F-33054r567977_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230410' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.d/.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers.d/ /etc/audit/audit.rules\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'CCI-002884', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230410'\n  tag rid: 'SV-230410r627750_rule'\n  tag stig_id: 'RHEL-08-030172'\n  tag fix_id: 'F-33054r567977_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/sudoers.d'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230410.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/sudoers.d\" permissions is expected not to cmp == []","run_time":0.000317,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/sudoers.d\" action is expected not to include \"never\"","run_time":0.000102,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/etc/sudoers.d\" key is expected to cmp == \"identity\"","run_time":0.00012,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"w\"","run_time":9.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"w\", \"a\"] is expected to include \"a\"","run_time":8.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"SV-230411","title":"The RHEL 8 audit package must be installed.","desc":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.","descriptions":[{"label":"default","data":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system."},{"label":"check","data":"Verify the audit service is configured to produce audit records.\n\nCheck that the audit service is installed with the following command:\n\n$ sudo yum list installed audit\n\nIf the \"audit\" package is not installed, this is a finding."},{"label":"fix","data":"Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred.\n\n    Install the audit service (if the audit service is not already installed)\nwith the following command:\n\n    $ sudo yum install audit"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000038-GPOS-00016","SRG-OS-000039-GPOS-00017","SRG-OS-000040-GPOS-00018","SRG-OS-000041-GPOS-00019","SRG-OS-000042-GPOS-00021","SRG-OS-000051-GPOS-00024","SRG-OS-000054-GPOS-00025","SRG-OS-000122-GPOS-00063","SRG-OS-000254-GPOS-00095","SRG-OS-000255-GPOS-00096","SRG-OS-000337-GPOS-00129","SRG-OS-000348-GPOS-00136","SRG-OS-000349-GPOS-00137","SRG-OS-000350-GPOS-00138","SRG-OS-000351-GPOS-00139","SRG-OS-000352-GPOS-00140","SRG-OS-000353-GPOS-00141","SRG-OS-000354-GPOS-00142","SRG-OS-000358-GPOS-00145","SRG-OS-000365-GPOS-00152","SRG-OS-000392-GPOS-00172","SRG-OS-000475-GPOS-00220"],"gid":"V-230411","rid":"SV-230411r744000_rule","stig_id":"RHEL-08-030180","fix_id":"F-33055r646880_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230411' do\n  title 'The RHEL 8 audit package must be installed.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.'\n  desc 'check', 'Verify the audit service is configured to produce audit records.\n\nCheck that the audit service is installed with the following command:\n\n$ sudo yum list installed audit\n\nIf the \"audit\" package is not installed, this is a finding.'\n  desc 'fix', 'Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred.\n\n    Install the audit service (if the audit service is not already installed)\nwith the following command:\n\n    $ sudo yum install audit'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000038-GPOS-00016', 'SRG-OS-000039-GPOS-00017', 'SRG-OS-000040-GPOS-00018', 'SRG-OS-000041-GPOS-00019', 'SRG-OS-000042-GPOS-00021', 'SRG-OS-000051-GPOS-00024', 'SRG-OS-000054-GPOS-00025', 'SRG-OS-000122-GPOS-00063', 'SRG-OS-000254-GPOS-00095', 'SRG-OS-000255-GPOS-00096', 'SRG-OS-000337-GPOS-00129', 'SRG-OS-000348-GPOS-00136', 'SRG-OS-000349-GPOS-00137', 'SRG-OS-000350-GPOS-00138', 'SRG-OS-000351-GPOS-00139', 'SRG-OS-000352-GPOS-00140', 'SRG-OS-000353-GPOS-00141', 'SRG-OS-000354-GPOS-00142', 'SRG-OS-000358-GPOS-00145', 'SRG-OS-000365-GPOS-00152', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000475-GPOS-00220']\n  tag gid: 'V-230411'\n  tag rid: 'SV-230411r744000_rule'\n  tag stig_id: 'RHEL-08-030180'\n  tag fix_id: 'F-33055r646880_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('audit') do\n      it { should be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230411.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package audit is expected to be installed","run_time":0.123754,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"package","resource_params":"[\"audit\"]","resource_id":"audit"}]},{"id":"SV-230412","title":"Successful/unsuccessful uses of the su command in RHEL 8 must generate\nan audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"su\" command allows a\nuser to run commands with a substitute user and group ID.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"su\" command allows a\nuser to run commands with a substitute user and group ID.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates audit records when successful/unsuccessful attempts\nto use the \"su\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/su /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to generate audit records when successful/unsuccessful\nattempts to use the \"su\" command occur by adding or updating the following\nrule in \"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000064-GPOS-0003","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000466-GPOS-00210"],"gid":"V-230412","rid":"SV-230412r627750_rule","stig_id":"RHEL-08-030190","fix_id":"F-33056r567983_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230412' do\n  title 'Successful/unsuccessful uses of the su command in RHEL 8 must generate\nan audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"su\" command allows a\nuser to run commands with a substitute user and group ID.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates audit records when successful/unsuccessful attempts\nto use the \"su\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/su /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records when successful/unsuccessful\nattempts to use the \"su\" command occur by adding or updating the following\nrule in \"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000064-GPOS-0003', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230412'\n  tag rid: 'SV-230412r627750_rule'\n  tag stig_id: 'RHEL-08-030190'\n  tag fix_id: 'F-33056r567983_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/su'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230412.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/su\" permissions.flatten is expected to include \"x\"","run_time":0.000367,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/su\" action.uniq is expected to eq [\"always\"]","run_time":0.000131,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/su\" list.uniq is expected to eq [\"exit\"]","run_time":0.000104,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/su\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000338,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/su\" fields.flatten is expected to include \"auid!=-1\"","run_time":0.000101,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Auditd Rules with file == \"/usr/bin/su\" key.uniq is expected to cmp == \"priv_cmd\"","run_time":0.000268,"start_time":"2024-01-09T19:40:52-05:00","message":"\nexpected: priv_cmd\n     got: [\"privileged-priv_change\"]\n\n(compared using `cmp` matcher)\n","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230413","title":"The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.","desc":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter).\n\n\"Setxattr\" is a system call used to set an extended attribute value.\n\"Fsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a file.\n\"Lsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a symbolic link.\n\"Removexattr\" is a system call that removes extended attributes.\n\"Fremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from a file.\n\"Lremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter).\n\n\"Setxattr\" is a system call used to set an extended attribute value.\n\"Fsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a file.\n\"Lsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a symbolic link.\n\"Removexattr\" is a system call that removes extended attributes.\n\"Fremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from a file.\n\"Lremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."},{"label":"check","data":"Verify if RHEL 8 is configured to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by running the following command:\n\n$ sudo grep xattr /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nIf the command does not return an audit rule for \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" or any of the lines returned are commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by adding or updating the following lines to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000392-GPOS-00172","SRG-OS-000458-GPOS-00203","SRG-OS-000462-GPOS-00206","SRG-OS-000463-GPOS-00207","SRG-OS-000468-GPOS-00212","SRG-OS-000471-GPOS-00215","SRG-OS-000474-GPOS-00219","SRG-OS-000466-GPOS-00210"],"gid":"V-230413","rid":"SV-230413r810463_rule","stig_id":"RHEL-08-030200","fix_id":"F-33057r809294_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230413' do\n  title 'The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter).\n\n\"Setxattr\" is a system call used to set an extended attribute value.\n\"Fsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a file.\n\"Lsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a symbolic link.\n\"Removexattr\" is a system call that removes extended attributes.\n\"Fremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from a file.\n\"Lremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify if RHEL 8 is configured to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by running the following command:\n\n$ sudo grep xattr /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nIf the command does not return an audit rule for \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by adding or updating the following lines to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000458-GPOS-00203', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000463-GPOS-00207', 'SRG-OS-000468-GPOS-00212', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000474-GPOS-00219', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230413'\n  tag rid: 'SV-230413r810463_rule'\n  tag stig_id: 'RHEL-08-030200'\n  tag fix_id: 'F-33057r809294_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'lremovexattr'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230413.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" action.uniq is expected to eq [\"always\"]","run_time":0.000107,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" list.uniq is expected to eq [\"exit\"]","run_time":8.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" arch.uniq is expected to include \"b32\"","run_time":0.000104,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" arch.uniq is expected to include \"b64\"","run_time":0.000108,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000104,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" fields.flatten is expected to include \"auid!=-1\"","run_time":9.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"lremovexattr\" key.uniq is expected to cmp == \"perm_mod\"","run_time":0.000327,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230418","title":"Successful/unsuccessful uses of the chage command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chage\" command is\nused to change or view user password expiry information.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chage\" command is\nused to change or view user password expiry information.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"chage\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"chage\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000468-GPOS-00212","SRG-OS-000471-GPOS-00215"],"gid":"V-230418","rid":"SV-230418r627750_rule","stig_id":"RHEL-08-030250","fix_id":"F-33062r568001_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230418' do\n  title 'Successful/unsuccessful uses of the chage command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chage\" command is\nused to change or view user password expiry information.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"chage\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"chage\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000468-GPOS-00212', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230418'\n  tag rid: 'SV-230418r627750_rule'\n  tag stig_id: 'RHEL-08-030250'\n  tag fix_id: 'F-33062r568001_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chage'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-chage' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230418.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chage\" permissions.flatten is expected to include \"x\"","run_time":0.000121,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chage\" action.uniq is expected to eq [\"always\"]","run_time":0.0001,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chage\" list.uniq is expected to eq [\"exit\"]","run_time":9.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chage\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000102,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chage\" fields.flatten is expected to include \"auid!=-1\"","run_time":0.000106,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chage\" key.uniq is expected to cmp == \"privileged-chage\"","run_time":0.000312,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230419","title":"Successful/unsuccessful uses of the chcon command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chcon\" command is\nused to change file SELinux security context.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chcon\" command is\nused to change file SELinux security context.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chcon\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chcon /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chcon\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000468-GPOS-00212","SRG-OS-000471-GPOS-00215"],"gid":"V-230419","rid":"SV-230419r627750_rule","stig_id":"RHEL-08-030260","fix_id":"F-33063r568004_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230419' do\n  title 'Successful/unsuccessful uses of the chcon command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chcon\" command is\nused to change file SELinux security context.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chcon\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chcon /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chcon\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000468-GPOS-00212', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230419'\n  tag rid: 'SV-230419r627750_rule'\n  tag stig_id: 'RHEL-08-030260'\n  tag fix_id: 'F-33063r568004_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chcon'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230419.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chcon\" permissions.flatten is expected to include \"x\"","run_time":0.000195,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chcon\" action.uniq is expected to eq [\"always\"]","run_time":0.000117,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chcon\" list.uniq is expected to eq [\"exit\"]","run_time":9.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chcon\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000104,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chcon\" fields.flatten is expected to include \"auid!=-1\"","run_time":9.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chcon\" key.uniq is expected to cmp == \"perm_mod\"","run_time":0.00014,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230421","title":"Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate\nan audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-agent\" is a\nprogram to hold private keys used for public key authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-agent\" is a\nprogram to hold private keys used for public key authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-agent\" by performing the following command to check\nthe file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-agent /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-agent\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230421","rid":"SV-230421r627750_rule","stig_id":"RHEL-08-030280","fix_id":"F-33065r568010_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230421' do\n  title 'Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate\nan audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-agent\" is a\nprogram to hold private keys used for public key authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-agent\" by performing the following command to check\nthe file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-agent /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-agent\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230421'\n  tag rid: 'SV-230421r627750_rule'\n  tag stig_id: 'RHEL-08-030280'\n  tag fix_id: 'F-33065r568010_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/ssh-agent'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-ssh' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230421.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/ssh-agent\" permissions.flatten is expected to include \"x\"","run_time":0.000101,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/ssh-agent\" action.uniq is expected to eq [\"always\"]","run_time":8.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/ssh-agent\" list.uniq is expected to eq [\"exit\"]","run_time":8.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/ssh-agent\" fields.flatten is expected to include \"auid>=1000\"","run_time":9.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/ssh-agent\" fields.flatten is expected to include \"auid!=-1\"","run_time":9.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/ssh-agent\" key.uniq is expected to cmp == \"privileged-ssh\"","run_time":0.000112,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230422","title":"Successful/unsuccessful uses of the passwd command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"passwd\" command is\nused to change passwords for user accounts.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"passwd\" command is\nused to change passwords for user accounts.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"passwd\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w passwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"passwd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230422","rid":"SV-230422r627750_rule","stig_id":"RHEL-08-030290","fix_id":"F-33066r568013_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230422' do\n  title 'Successful/unsuccessful uses of the passwd command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"passwd\" command is\nused to change passwords for user accounts.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"passwd\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w passwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"passwd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230422'\n  tag rid: 'SV-230422r627750_rule'\n  tag stig_id: 'RHEL-08-030290'\n  tag fix_id: 'F-33066r568013_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/passwd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-passwd' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230422.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/passwd\" permissions.flatten is expected to include \"x\"","run_time":8.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/passwd\" action.uniq is expected to eq [\"always\"]","run_time":7.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/passwd\" list.uniq is expected to eq [\"exit\"]","run_time":0.000154,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/passwd\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000224,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/passwd\" fields.flatten is expected to include \"auid!=-1\"","run_time":0.000101,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/passwd\" key.uniq is expected to cmp == \"privileged-passwd\"","run_time":0.000208,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230423","title":"Successful/unsuccessful uses of the mount command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" command is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" command is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/mount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230423","rid":"SV-230423r627750_rule","stig_id":"RHEL-08-030300","fix_id":"F-33067r568016_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230423' do\n  title 'Successful/unsuccessful uses of the mount command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" command is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/mount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230423'\n  tag rid: 'SV-230423r627750_rule'\n  tag stig_id: 'RHEL-08-030300'\n  tag fix_id: 'F-33067r568016_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/mount'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-mount' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230423.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/mount\" permissions.flatten is expected to include \"x\"","run_time":0.000102,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/mount\" action.uniq is expected to eq [\"always\"]","run_time":9.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/mount\" list.uniq is expected to eq [\"exit\"]","run_time":0.000179,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/mount\" fields.flatten is expected to include \"auid>=1000\"","run_time":8.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/mount\" fields.flatten is expected to include \"auid!=-1\"","run_time":7.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/mount\" key.uniq is expected to cmp == \"privileged-mount\"","run_time":0.000119,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230424","title":"Successful/unsuccessful uses of the umount command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"umount\" command is\nused to unmount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"umount\" command is\nused to unmount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"umount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/umount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"umount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230424","rid":"SV-230424r627750_rule","stig_id":"RHEL-08-030301","fix_id":"F-33068r568019_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230424' do\n  title 'Successful/unsuccessful uses of the umount command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"umount\" command is\nused to unmount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"umount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/umount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"umount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230424'\n  tag rid: 'SV-230424r627750_rule'\n  tag stig_id: 'RHEL-08-030301'\n  tag fix_id: 'F-33068r568019_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/umount'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-mount' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230424.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/umount\" permissions.flatten is expected to include \"x\"","run_time":8.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/umount\" action.uniq is expected to eq [\"always\"]","run_time":7.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/umount\" list.uniq is expected to eq [\"exit\"]","run_time":7.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/umount\" fields.flatten is expected to include \"auid>=1000\"","run_time":7.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/umount\" fields.flatten is expected to include \"auid!=-1\"","run_time":7.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/umount\" key.uniq is expected to cmp == \"privileged-mount\"","run_time":0.000165,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230425","title":"Successful/unsuccessful uses of the mount syscall in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" syscall is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" syscall is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" syscall by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"\\-S mount\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" syscall by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230425","rid":"SV-230425r627750_rule","stig_id":"RHEL-08-030302","fix_id":"F-33069r568022_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230425' do\n  title 'Successful/unsuccessful uses of the mount syscall in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" syscall is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" syscall by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"\\\\-S mount\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" syscall by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230425'\n  tag rid: 'SV-230425r627750_rule'\n  tag stig_id: 'RHEL-08-030302'\n  tag fix_id: 'F-33069r568022_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'mount'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-mount' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230425.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" action.uniq is expected to eq [\"always\"]","run_time":7.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" list.uniq is expected to eq [\"exit\"]","run_time":7.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" arch.uniq is expected to include \"b32\"","run_time":8.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" arch.uniq is expected to include \"b64\"","run_time":7.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" fields.flatten is expected to include \"auid>=1000\"","run_time":8.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" fields.flatten is expected to include \"auid!=-1\"","run_time":8.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"mount\" key.uniq is expected to cmp == \"privileged-mount\"","run_time":0.000123,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230426","title":"Successful/unsuccessful uses of the unix_update in RHEL 8 must\ngenerate an audit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\"Unix_update\" is a helper program for the \"pam_unix\" module that updates\nthe password for a given user. It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\"Unix_update\" is a helper program for the \"pam_unix\" module that updates\nthe password for a given user. It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"unix_update\" by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_update\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_update\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230426","rid":"SV-230426r627750_rule","stig_id":"RHEL-08-030310","fix_id":"F-33070r568025_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230426' do\n  title 'Successful/unsuccessful uses of the unix_update in RHEL 8 must\ngenerate an audit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\"Unix_update\" is a helper program for the \"pam_unix\" module that updates\nthe password for a given user. It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"unix_update\" by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_update\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_update\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230426'\n  tag rid: 'SV-230426r627750_rule'\n  tag stig_id: 'RHEL-08-030310'\n  tag fix_id: 'F-33070r568025_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/unix_update'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230426.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_update\" permissions.flatten is expected to include \"x\"","run_time":8.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_update\" action.uniq is expected to eq [\"always\"]","run_time":7.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_update\" list.uniq is expected to eq [\"exit\"]","run_time":7.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_update\" fields.flatten is expected to include \"auid>=1000\"","run_time":7.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_update\" fields.flatten is expected to include \"auid!=-1\"","run_time":7.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_update\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":0.000113,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230427","title":"Successful/unsuccessful uses of postdrop in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postdrop\" command creates a file in the maildrop directory and copies\nits standard input to the file.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postdrop\" command creates a file in the maildrop directory and copies\nits standard input to the file.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"postdrop\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postdrop\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postdrop\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230427","rid":"SV-230427r627750_rule","stig_id":"RHEL-08-030311","fix_id":"F-33071r568028_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230427' do\n  title 'Successful/unsuccessful uses of postdrop in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postdrop\" command creates a file in the maildrop directory and copies\nits standard input to the file.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"postdrop\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postdrop\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postdrop\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230427'\n  tag rid: 'SV-230427r627750_rule'\n  tag stig_id: 'RHEL-08-030311'\n  tag fix_id: 'F-33071r568028_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/postdrop'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230427.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postdrop\" permissions.flatten is expected to include \"x\"","run_time":8.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postdrop\" action.uniq is expected to eq [\"always\"]","run_time":7.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postdrop\" list.uniq is expected to eq [\"exit\"]","run_time":6.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postdrop\" fields.flatten is expected to include \"auid>=1000\"","run_time":6.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postdrop\" fields.flatten is expected to include \"auid!=-1\"","run_time":7.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postdrop\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":9.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230428","title":"Successful/unsuccessful uses of postqueue in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postqueue\" command implements the Postfix user interface for queue\nmanagement.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postqueue\" command implements the Postfix user interface for queue\nmanagement.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"postqueue\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postqueue\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postqueue\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230428","rid":"SV-230428r627750_rule","stig_id":"RHEL-08-030312","fix_id":"F-33072r568031_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230428' do\n  title 'Successful/unsuccessful uses of postqueue in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postqueue\" command implements the Postfix user interface for queue\nmanagement.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"postqueue\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postqueue\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postqueue\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230428'\n  tag rid: 'SV-230428r627750_rule'\n  tag stig_id: 'RHEL-08-030312'\n  tag fix_id: 'F-33072r568031_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/postqueue'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230428.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postqueue\" permissions.flatten is expected to include \"x\"","run_time":8.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postqueue\" action.uniq is expected to eq [\"always\"]","run_time":8.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postqueue\" list.uniq is expected to eq [\"exit\"]","run_time":7.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postqueue\" fields.flatten is expected to include \"auid>=1000\"","run_time":8.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postqueue\" fields.flatten is expected to include \"auid!=-1\"","run_time":7.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/postqueue\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":0.00013,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230429","title":"Successful/unsuccessful uses of semanage in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"semanage\" command is used to configure certain elements of SELinux\npolicy without requiring modification to or recompilation from policy sources.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"semanage\" command is used to configure certain elements of SELinux\npolicy without requiring modification to or recompilation from policy sources.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"semanage\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"semanage\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"semanage\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230429","rid":"SV-230429r627750_rule","stig_id":"RHEL-08-030313","fix_id":"F-33073r568034_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230429' do\n  title 'Successful/unsuccessful uses of semanage in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"semanage\" command is used to configure certain elements of SELinux\npolicy without requiring modification to or recompilation from policy sources.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"semanage\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"semanage\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"semanage\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230429'\n  tag rid: 'SV-230429r627750_rule'\n  tag stig_id: 'RHEL-08-030313'\n  tag fix_id: 'F-33073r568034_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/semanage'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230429.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/semanage\" permissions.flatten is expected to include \"x\"","run_time":8.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/semanage\" action.uniq is expected to eq [\"always\"]","run_time":6.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/semanage\" list.uniq is expected to eq [\"exit\"]","run_time":6.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/semanage\" fields.flatten is expected to include \"auid>=1000\"","run_time":9.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/semanage\" fields.flatten is expected to include \"auid!=-1\"","run_time":8.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/semanage\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":0.000127,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230430","title":"Successful/unsuccessful uses of setfiles in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setfiles\" command is primarily used to initialize the security context\nfields (extended attributes) on one or more filesystems (or parts of them).\nUsually it is initially run as part of the SELinux installation process (a step\ncommonly known as labeling).\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setfiles\" command is primarily used to initialize the security context\nfields (extended attributes) on one or more filesystems (or parts of them).\nUsually it is initially run as part of the SELinux installation process (a step\ncommonly known as labeling).\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"setfiles\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setfiles\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setfiles\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230430","rid":"SV-230430r627750_rule","stig_id":"RHEL-08-030314","fix_id":"F-33074r568037_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230430' do\n  title 'Successful/unsuccessful uses of setfiles in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setfiles\" command is primarily used to initialize the security context\nfields (extended attributes) on one or more filesystems (or parts of them).\nUsually it is initially run as part of the SELinux installation process (a step\ncommonly known as labeling).\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"setfiles\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setfiles\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setfiles\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230430'\n  tag rid: 'SV-230430r627750_rule'\n  tag stig_id: 'RHEL-08-030314'\n  tag fix_id: 'F-33074r568037_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/setfiles'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230430.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setfiles\" permissions.flatten is expected to include \"x\"","run_time":9.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setfiles\" action.uniq is expected to eq [\"always\"]","run_time":7.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setfiles\" list.uniq is expected to eq [\"exit\"]","run_time":0.000175,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setfiles\" fields.flatten is expected to include \"auid>=1000\"","run_time":7.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setfiles\" fields.flatten is expected to include \"auid!=-1\"","run_time":7.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setfiles\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":0.000101,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230431","title":"Successful/unsuccessful uses of userhelper in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"userhelper\" command is not intended to be run interactively.\n\"Userhelper\" provides a basic interface to change a user's password, gecos\ninformation, and shell.  The main difference between this program and its\ntraditional equivalents (passwd, chfn, chsh) is that prompts are written to\nstandard out to make it easy for a graphical user interface wrapper to\ninterface to it as a child process.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"userhelper\" command is not intended to be run interactively.\n\"Userhelper\" provides a basic interface to change a user's password, gecos\ninformation, and shell.  The main difference between this program and its\ntraditional equivalents (passwd, chfn, chsh) is that prompts are written to\nstandard out to make it easy for a graphical user interface wrapper to\ninterface to it as a child process.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"userhelper\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"userhelper\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"userhelper\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230431","rid":"SV-230431r627750_rule","stig_id":"RHEL-08-030315","fix_id":"F-33075r568040_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230431' do\n  title 'Successful/unsuccessful uses of userhelper in RHEL 8 must generate an\naudit record.'\n  desc %q(Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"userhelper\" command is not intended to be run interactively.\n\"Userhelper\" provides a basic interface to change a user's password, gecos\ninformation, and shell.  The main difference between this program and its\ntraditional equivalents (passwd, chfn, chsh) is that prompts are written to\nstandard out to make it easy for a graphical user interface wrapper to\ninterface to it as a child process.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.)\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"userhelper\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"userhelper\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"userhelper\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230431'\n  tag rid: 'SV-230431r627750_rule'\n  tag stig_id: 'RHEL-08-030315'\n  tag fix_id: 'F-33075r568040_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/userhelper'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230431.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/userhelper\" permissions.flatten is expected to include \"x\"","run_time":7.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/userhelper\" action.uniq is expected to eq [\"always\"]","run_time":6.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/userhelper\" list.uniq is expected to eq [\"exit\"]","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/userhelper\" fields.flatten is expected to include \"auid>=1000\"","run_time":6.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/userhelper\" fields.flatten is expected to include \"auid!=-1\"","run_time":6.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/userhelper\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":0.000101,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230432","title":"Successful/unsuccessful uses of setsebool in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setsebool\" command sets the current state of a particular SELinux\nboolean or a list of booleans to a given value.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setsebool\" command sets the current state of a particular SELinux\nboolean or a list of booleans to a given value.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"setsebool\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setsebool\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setsebool\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230432","rid":"SV-230432r627750_rule","stig_id":"RHEL-08-030316","fix_id":"F-33076r568043_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230432' do\n  title 'Successful/unsuccessful uses of setsebool in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setsebool\" command sets the current state of a particular SELinux\nboolean or a list of booleans to a given value.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"setsebool\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setsebool\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setsebool\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230432'\n  tag rid: 'SV-230432r627750_rule'\n  tag stig_id: 'RHEL-08-030316'\n  tag fix_id: 'F-33076r568043_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/setsebool'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230432.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setsebool\" permissions.flatten is expected to include \"x\"","run_time":0.007013,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setsebool\" action.uniq is expected to eq [\"always\"]","run_time":0.000102,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setsebool\" list.uniq is expected to eq [\"exit\"]","run_time":6.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setsebool\" fields.flatten is expected to include \"auid>=1000\"","run_time":7.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setsebool\" fields.flatten is expected to include \"auid!=-1\"","run_time":6.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/setsebool\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":0.000123,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230433","title":"Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an\naudit record.","desc":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"unix_chkpwd\" command is a helper program for the pam_unix module that\nverifies the password of the current user.  It also checks password and account\nexpiration dates in shadow.  It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"unix_chkpwd\" command is a helper program for the pam_unix module that\nverifies the password of the current user.  It also checks password and account\nexpiration dates in shadow.  It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof \"unix_chkpwd\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_chkpwd\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_chkpwd\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230433","rid":"SV-230433r627750_rule","stig_id":"RHEL-08-030317","fix_id":"F-33077r568046_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230433' do\n  title 'Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"unix_chkpwd\" command is a helper program for the pam_unix module that\nverifies the password of the current user.  It also checks password and account\nexpiration dates in shadow.  It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"unix_chkpwd\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_chkpwd\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_chkpwd\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230433'\n  tag rid: 'SV-230433r627750_rule'\n  tag stig_id: 'RHEL-08-030317'\n  tag fix_id: 'F-33077r568046_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/unix_chkpwd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230433.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" permissions.flatten is expected to include \"x\"","run_time":7.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" action.uniq is expected to eq [\"always\"]","run_time":6.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" list.uniq is expected to eq [\"exit\"]","run_time":6.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000298,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" fields.flatten is expected to include \"auid!=-1\"","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" key.uniq is expected to cmp == \"privileged-unix-update\"","run_time":9.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230434","title":"Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-keysign\" program\nis an SSH helper program for host-based authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-keysign\" program\nis an SSH helper program for host-based authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-keysign\" by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-keysign /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-keysign\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230434","rid":"SV-230434r744002_rule","stig_id":"RHEL-08-030320","fix_id":"F-33078r744001_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230434' do\n  title 'Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-keysign\" program\nis an SSH helper program for host-based authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-keysign\" by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-keysign /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-keysign\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230434'\n  tag rid: 'SV-230434r744002_rule'\n  tag stig_id: 'RHEL-08-030320'\n  tag fix_id: 'F-33078r744001_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/libexec/openssh/ssh-keysign'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-ssh' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230434.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" permissions.flatten is expected to include \"x\"","run_time":6.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" action.uniq is expected to eq [\"always\"]","run_time":6.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" list.uniq is expected to eq [\"exit\"]","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" fields.flatten is expected to include \"auid>=1000\"","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" fields.flatten is expected to include \"auid!=-1\"","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" key.uniq is expected to cmp == \"privileged-ssh\"","run_time":0.000209,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230435","title":"Successful/unsuccessful uses of the setfacl command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"setfacl\" command is\nused to set file access control lists.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"setfacl\" command is\nused to set file access control lists.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"setfacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w setfacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"setfacl\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230435","rid":"SV-230435r627750_rule","stig_id":"RHEL-08-030330","fix_id":"F-33079r568052_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230435' do\n  title 'Successful/unsuccessful uses of the setfacl command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"setfacl\" command is\nused to set file access control lists.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"setfacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w setfacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"setfacl\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230435'\n  tag rid: 'SV-230435r627750_rule'\n  tag stig_id: 'RHEL-08-030330'\n  tag fix_id: 'F-33079r568052_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/setfacl'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230435.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/setfacl\" permissions.flatten is expected to include \"x\"","run_time":6.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/setfacl\" action.uniq is expected to eq [\"always\"]","run_time":5.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/setfacl\" list.uniq is expected to eq [\"exit\"]","run_time":5.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/setfacl\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/setfacl\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/setfacl\" key.uniq is expected to cmp == \"perm_mod\"","run_time":9.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230436","title":"Successful/unsuccessful uses of the pam_timestamp_check command in\nRHEL 8 must generate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"pam_timestamp_check\"\ncommand is used to check if the default timestamp is valid.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"pam_timestamp_check\"\ncommand is used to check if the default timestamp is valid.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"pam_timestamp_check\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w pam_timestamp_check /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"pam_timestamp_check\" command by adding\nor updating the following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230436","rid":"SV-230436r627750_rule","stig_id":"RHEL-08-030340","fix_id":"F-33080r568055_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230436' do\n  title 'Successful/unsuccessful uses of the pam_timestamp_check command in\nRHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"pam_timestamp_check\"\ncommand is used to check if the default timestamp is valid.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"pam_timestamp_check\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w pam_timestamp_check /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"pam_timestamp_check\" command by adding\nor updating the following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230436'\n  tag rid: 'SV-230436r627750_rule'\n  tag stig_id: 'RHEL-08-030340'\n  tag fix_id: 'F-33080r568055_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/pam_timestamp_check'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-pam_timestamp_check' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230436.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" permissions.flatten is expected to include \"x\"","run_time":6.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" action.uniq is expected to eq [\"always\"]","run_time":0.000168,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" list.uniq is expected to eq [\"exit\"]","run_time":4.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" key.uniq is expected to cmp == \"privileged-pam_timestamp_check\"","run_time":7.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230437","title":"Successful/unsuccessful uses of the newgrp command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"newgrp\" command is\nused to change the current group ID during a login session.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"newgrp\" command is\nused to change the current group ID during a login session.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"newgrp\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w newgrp /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"newgrp\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230437","rid":"SV-230437r627750_rule","stig_id":"RHEL-08-030350","fix_id":"F-33081r568058_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230437' do\n  title 'Successful/unsuccessful uses of the newgrp command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"newgrp\" command is\nused to change the current group ID during a login session.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"newgrp\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w newgrp /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"newgrp\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230437'\n  tag rid: 'SV-230437r627750_rule'\n  tag stig_id: 'RHEL-08-030350'\n  tag fix_id: 'F-33081r568058_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/newgrp'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230437.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/newgrp\" permissions.flatten is expected to include \"x\"","run_time":5.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/newgrp\" action.uniq is expected to eq [\"always\"]","run_time":4.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/newgrp\" list.uniq is expected to eq [\"exit\"]","run_time":5.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/newgrp\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/newgrp\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/newgrp\" key.uniq is expected to cmp == \"priv_cmd\"","run_time":7.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230438","title":"Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.","desc":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"init_module\" and \"finit_module\" system calls are used to load a kernel module.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"init_module\" and \"finit_module\" system calls are used to load a kernel module.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."},{"label":"check","data":"Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"init_module\" and \"finit_module\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep init_module /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nIf the command does not return an audit rule for \"init_module\" and \"finit_module\" or any of the lines returned are commented out, this is a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"init_module\" and \"finit_module\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nThe audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230438","rid":"SV-230438r810464_rule","stig_id":"RHEL-08-030360","fix_id":"F-33082r810448_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230438' do\n  title 'Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"init_module\" and \"finit_module\" system calls are used to load a kernel module.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"init_module\" and \"finit_module\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep init_module /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nIf the command does not return an audit rule for \"init_module\" and \"finit_module\" or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"init_module\" and \"finit_module\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230438'\n  tag rid: 'SV-230438r810464_rule'\n  tag stig_id: 'RHEL-08-030360'\n  tag fix_id: 'F-33082r810448_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'init_module'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'module_chng' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230438.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" action.uniq is expected to eq [\"always\"]","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" list.uniq is expected to eq [\"exit\"]","run_time":4.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" arch.uniq is expected to include \"b32\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" arch.uniq is expected to include \"b64\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"init_module\" key.uniq is expected to cmp == \"module_chng\"","run_time":0.000198,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230439","title":"Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.","desc":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"rename\" system call will rename the specified files by replacing the first occurrence of expression in their name by replacement.\n\nThe \"unlink\" system call deletes a name from the filesystem. If that name was the last link to a file and no processes have the file open, the file is deleted and the space it was using is made available for reuse.\nThe \"rmdir\" system call removes empty directories.\nThe \"renameat\" system call renames a file, moving it between directories if required.\nThe \"unlinkat\" system call operates in exactly the same way as either \"unlink\" or \"rmdir\" except for the differences described in the manual page.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"rename\" system call will rename the specified files by replacing the first occurrence of expression in their name by replacement.\n\nThe \"unlink\" system call deletes a name from the filesystem. If that name was the last link to a file and no processes have the file open, the file is deleted and the space it was using is made available for reuse.\nThe \"rmdir\" system call removes empty directories.\nThe \"renameat\" system call renames a file, moving it between directories if required.\nThe \"unlinkat\" system call operates in exactly the same way as either \"unlink\" or \"rmdir\" except for the differences described in the manual page.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible."},{"label":"check","data":"Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'rename\\|unlink\\|rmdir' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nIf the command does not return an audit rule for \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" or any of the lines returned are commented out, this is a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nThe audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230439","rid":"SV-230439r810465_rule","stig_id":"RHEL-08-030361","fix_id":"F-33083r809301_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230439' do\n  title 'Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"rename\" system call will rename the specified files by replacing the first occurrence of expression in their name by replacement.\n\nThe \"unlink\" system call deletes a name from the filesystem. If that name was the last link to a file and no processes have the file open, the file is deleted and the space it was using is made available for reuse.\nThe \"rmdir\" system call removes empty directories.\nThe \"renameat\" system call renames a file, moving it between directories if required.\nThe \"unlinkat\" system call operates in exactly the same way as either \"unlink\" or \"rmdir\" except for the differences described in the manual page.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', %q(Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'rename\\|unlink\\|rmdir' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nIf the command does not return an audit rule for \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" or any of the lines returned are commented out, this is a finding.)\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230439'\n  tag rid: 'SV-230439r810465_rule'\n  tag stig_id: 'RHEL-08-030361'\n  tag fix_id: 'F-33083r809301_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'rename'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'delete' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230439.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"rename\" action.uniq is expected to eq [\"always\"]","run_time":6.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"rename\" list.uniq is expected to eq [\"exit\"]","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"rename\" arch.uniq is expected to include \"b32\"","run_time":7.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"rename\" arch.uniq is expected to include \"b64\"","run_time":5.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"rename\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"rename\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Auditd Rules with syscall == \"rename\" key.uniq is expected to cmp == \"delete\"","run_time":0.000386,"start_time":"2024-01-09T19:40:52-05:00","message":"\nexpected: delete\n     got: [\"module_chng\"]\n\n(compared using `cmp` matcher)\n","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230444","title":"Successful/unsuccessful uses of the gpasswd command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"gpasswd\" command is\nused to administer /etc/group and /etc/gshadow. Every group can have\nadministrators, members and a password.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"gpasswd\" command is\nused to administer /etc/group and /etc/gshadow. Every group can have\nadministrators, members and a password.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"gpasswd\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w gpasswd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"gpasswd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230444","rid":"SV-230444r627750_rule","stig_id":"RHEL-08-030370","fix_id":"F-33088r568079_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230444' do\n  title 'Successful/unsuccessful uses of the gpasswd command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"gpasswd\" command is\nused to administer /etc/group and /etc/gshadow. Every group can have\nadministrators, members and a password.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"gpasswd\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w gpasswd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"gpasswd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230444'\n  tag rid: 'SV-230444r627750_rule'\n  tag stig_id: 'RHEL-08-030370'\n  tag fix_id: 'F-33088r568079_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/gpasswd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-gpasswd' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230444.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/gpasswd\" permissions.flatten is expected to include \"x\"","run_time":0.00017,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/gpasswd\" action.uniq is expected to eq [\"always\"]","run_time":8.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/gpasswd\" list.uniq is expected to eq [\"exit\"]","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/gpasswd\" fields.flatten is expected to include \"auid>=1000\"","run_time":7.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/gpasswd\" fields.flatten is expected to include \"auid!=-1\"","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/gpasswd\" key.uniq is expected to cmp == \"privileged-gpasswd\"","run_time":9.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230446","title":"Successful/unsuccessful uses of the delete_module command in RHEL 8\nmust generate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"delete_module\"\ncommand is used to unload a kernel module.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"delete_module\"\ncommand is used to unload a kernel module.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"delete_module\" command by performing the following\ncommand to check the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"delete_module\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"delete_module\" command by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230446","rid":"SV-230446r627750_rule","stig_id":"RHEL-08-030390","fix_id":"F-33090r568085_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230446' do\n  title 'Successful/unsuccessful uses of the delete_module command in RHEL 8\nmust generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"delete_module\"\ncommand is used to unload a kernel module.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"delete_module\" command by performing the following\ncommand to check the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"delete_module\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"delete_module\" command by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230446'\n  tag rid: 'SV-230446r627750_rule'\n  tag stig_id: 'RHEL-08-030390'\n  tag fix_id: 'F-33090r568085_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'delete_module'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'module_chng' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230446.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" action.uniq is expected to eq [\"always\"]","run_time":5.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" list.uniq is expected to eq [\"exit\"]","run_time":5.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" arch.uniq is expected to include \"b32\"","run_time":5.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" arch.uniq is expected to include \"b64\"","run_time":5.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"delete_module\" key.uniq is expected to cmp == \"module_chng\"","run_time":8.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230447","title":"Successful/unsuccessful uses of the crontab command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"crontab\" command is\nused to maintain crontab files for individual users. Crontab is the program\nused to install, remove, or list the tables used to drive the cron daemon. This\nis similar to the task scheduler used in other operating systems.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"crontab\" command is\nused to maintain crontab files for individual users. Crontab is the program\nused to install, remove, or list the tables used to drive the cron daemon. This\nis similar to the task scheduler used in other operating systems.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"crontab\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w crontab /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"crontab\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230447","rid":"SV-230447r627750_rule","stig_id":"RHEL-08-030400","fix_id":"F-33091r568088_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230447' do\n  title 'Successful/unsuccessful uses of the crontab command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"crontab\" command is\nused to maintain crontab files for individual users. Crontab is the program\nused to install, remove, or list the tables used to drive the cron daemon. This\nis similar to the task scheduler used in other operating systems.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"crontab\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w crontab /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"crontab\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230447'\n  tag rid: 'SV-230447r627750_rule'\n  tag stig_id: 'RHEL-08-030400'\n  tag fix_id: 'F-33091r568088_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/crontab'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-crontab' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230447.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/crontab\" permissions.flatten is expected to include \"x\"","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/crontab\" action.uniq is expected to eq [\"always\"]","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/crontab\" list.uniq is expected to eq [\"exit\"]","run_time":5.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/crontab\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/crontab\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/crontab\" key.uniq is expected to cmp == \"privileged-crontab\"","run_time":7.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230448","title":"Successful/unsuccessful uses of the chsh command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chsh\" command is\nused to change the login shell.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chsh\" command is\nused to change the login shell.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chsh\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chsh /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chsh\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215"],"gid":"V-230448","rid":"SV-230448r627750_rule","stig_id":"RHEL-08-030410","fix_id":"F-33092r568091_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230448' do\n  title 'Successful/unsuccessful uses of the chsh command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chsh\" command is\nused to change the login shell.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chsh\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chsh /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chsh\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230448'\n  tag rid: 'SV-230448r627750_rule'\n  tag stig_id: 'RHEL-08-030410'\n  tag fix_id: 'F-33092r568091_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chsh'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230448.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chsh\" permissions.flatten is expected to include \"x\"","run_time":6.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chsh\" action.uniq is expected to eq [\"always\"]","run_time":5.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chsh\" list.uniq is expected to eq [\"exit\"]","run_time":4.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chsh\" fields.flatten is expected to include \"auid>=1000\"","run_time":6.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chsh\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chsh\" key.uniq is expected to cmp == \"priv_cmd\"","run_time":7.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230449","title":"Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.","desc":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"truncate\" and \"ftruncate\" functions are used to truncate a file to a specified length.\n\nThe \"creat\" system call is used to open and possibly create a file or device.\nThe \"open\" system call opens a file specified by a pathname. If the specified file does not exist, it may optionally be created by \"open\".\nThe \"openat\" system call opens a file specified by a relative pathname.\nThe \"name_to_handle_at\" and \"open_by_handle_at\" system calls split the functionality of \"openat\" into two parts: \"name_to_handle_at\" returns an opaque handle that corresponds to a specified file; \"open_by_handle_at\" opens the file corresponding to a handle returned by a previous call to \"name_to_handle_at\" and returns an open file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"truncate\" and \"ftruncate\" functions are used to truncate a file to a specified length.\n\nThe \"creat\" system call is used to open and possibly create a file or device.\nThe \"open\" system call opens a file specified by a pathname. If the specified file does not exist, it may optionally be created by \"open\".\nThe \"openat\" system call opens a file specified by a relative pathname.\nThe \"name_to_handle_at\" and \"open_by_handle_at\" system calls split the functionality of \"openat\" into two parts: \"name_to_handle_at\" returns an opaque handle that corresponds to a specified file; \"open_by_handle_at\" opens the file corresponding to a handle returned by a previous call to \"name_to_handle_at\" and returns an open file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."},{"label":"check","data":"Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'open\\|truncate\\|creat' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nIf the output does not produce rules containing \"-F exit=-EPERM\", this is a finding.\nIf the output does not produce rules containing \"-F exit=-EACCES\", this is a finding.\nIf the command does not return an audit rule for \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" or any of the lines returned are commented out, this is a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nThe audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000064-GPOS-00033"],"gid":"V-230449","rid":"SV-230449r810455_rule","stig_id":"RHEL-08-030420","fix_id":"F-33093r809304_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230449' do\n  title 'Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"truncate\" and \"ftruncate\" functions are used to truncate a file to a specified length.\n\nThe \"creat\" system call is used to open and possibly create a file or device.\nThe \"open\" system call opens a file specified by a pathname. If the specified file does not exist, it may optionally be created by \"open\".\nThe \"openat\" system call opens a file specified by a relative pathname.\nThe \"name_to_handle_at\" and \"open_by_handle_at\" system calls split the functionality of \"openat\" into two parts: \"name_to_handle_at\" returns an opaque handle that corresponds to a specified file; \"open_by_handle_at\" opens the file corresponding to a handle returned by a previous call to \"name_to_handle_at\" and returns an open file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', %q(Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'open\\|truncate\\|creat' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nIf the output does not produce rules containing \"-F exit=-EPERM\", this is a finding.\nIf the output does not produce rules containing \"-F exit=-EACCES\", this is a finding.\nIf the command does not return an audit rule for \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" or any of the lines returned are commented out, this is a finding.)\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000064-GPOS-00033']\n  tag gid: 'V-230449'\n  tag rid: 'SV-230449r810455_rule'\n  tag stig_id: 'RHEL-08-030420'\n  tag fix_id: 'F-33093r809304_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'truncate'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'exit=-EACCES' }\n      its('fields.flatten') { should include 'exit=-EPERM' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_access' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230449.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" action.uniq is expected to eq [\"always\"]","run_time":6.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" list.uniq is expected to eq [\"exit\"]","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" arch.uniq is expected to include \"b32\"","run_time":6.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" arch.uniq is expected to include \"b64\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"exit=-EACCES\"","run_time":5.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"exit=-EPERM\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"truncate\" key.uniq is expected to cmp == \"perm_access\"","run_time":7.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230455","title":"Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.","desc":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chown\" command is used to change file owner and group.\n\nThe \"fchown\" system call is used to change the ownership of a file referred to by the open file descriptor.\nThe \"fchownat\" system call is used to change ownership of a file relative to a directory file descriptor.\nThe \"lchown\" system call is used to change the ownership of the file specified by a path, which does not dereference symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chown\" command is used to change file owner and group.\n\nThe \"fchown\" system call is used to change the ownership of a file referred to by the open file descriptor.\nThe \"fchownat\" system call is used to change ownership of a file relative to a directory file descriptor.\nThe \"lchown\" system call is used to change the ownership of the file specified by a path, which does not dereference symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."},{"label":"check","data":"Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chown\", \"fchown\", \"fchownat\" and \"lchown\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chown /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf audit rules are not defined for \"chown\", \"fchown\", \"fchownat\", and \"lchown\" or any of the lines returned are commented out, this is a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chown\", \"fchown\", \"fchownat\", and \"lchown\" system calls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000064-GPOS-00033","SRG-OS-000466-GPOS-00210"],"gid":"V-230455","rid":"SV-230455r810459_rule","stig_id":"RHEL-08-030480","fix_id":"F-33099r809307_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230455' do\n  title 'Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chown\" command is used to change file owner and group.\n\nThe \"fchown\" system call is used to change the ownership of a file referred to by the open file descriptor.\nThe \"fchownat\" system call is used to change ownership of a file relative to a directory file descriptor.\nThe \"lchown\" system call is used to change the ownership of the file specified by a path, which does not dereference symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chown\", \"fchown\", \"fchownat\" and \"lchown\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chown /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf audit rules are not defined for \"chown\", \"fchown\", \"fchownat\", and \"lchown\" or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chown\", \"fchown\", \"fchownat\", and \"lchown\" system calls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000064-GPOS-00033', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230455'\n  tag rid: 'SV-230455r810459_rule'\n  tag stig_id: 'RHEL-08-030480'\n  tag fix_id: 'F-33099r809307_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'chown'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230455.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" action.uniq is expected to eq [\"always\"]","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" list.uniq is expected to eq [\"exit\"]","run_time":5.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" arch.uniq is expected to include \"b32\"","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" arch.uniq is expected to include \"b64\"","run_time":5.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chown\" key.uniq is expected to cmp == \"perm_mod\"","run_time":7.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230456","title":"Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.","desc":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chmod\" system call changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.\n\nThe \"fchmod\" system call is used to change permissions of a file.\nThe \"fchmodat\" system call is used to change permissions of a file relative to a directory file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chmod\" system call changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.\n\nThe \"fchmod\" system call is used to change permissions of a file.\nThe \"fchmodat\" system call is used to change permissions of a file relative to a directory file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible."},{"label":"check","data":"Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chmod /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf the command does not return an audit rule for \"chmod\", \"fchmod\", and \"fchmodat\", or any of the lines returned are commented out, this is a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000064-GPOS-00033","SRG-OS-000466-GPOS-00210"],"gid":"V-230456","rid":"SV-230456r810462_rule","stig_id":"RHEL-08-030490","fix_id":"F-33100r809310_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230456' do\n  title 'Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chmod\" system call changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.\n\nThe \"fchmod\" system call is used to change permissions of a file.\nThe \"fchmodat\" system call is used to change permissions of a file relative to a directory file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chmod /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf the command does not return an audit rule for \"chmod\", \"fchmod\", and \"fchmodat\", or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000064-GPOS-00033', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230456'\n  tag rid: 'SV-230456r810462_rule'\n  tag stig_id: 'RHEL-08-030490'\n  tag fix_id: 'F-33100r809310_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'chmod'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230456.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" action.uniq is expected to eq [\"always\"]","run_time":5.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" list.uniq is expected to eq [\"exit\"]","run_time":0.000172,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" arch.uniq is expected to include \"b32\"","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" arch.uniq is expected to include \"b64\"","run_time":4.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" fields.flatten is expected to include \"auid>=1000\"","run_time":4.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with syscall == \"chmod\" key.uniq is expected to cmp == \"perm_mod\"","run_time":6.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230462","title":"Successful/unsuccessful uses of the sudo command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"sudo\" command allows\na permitted user to execute a command as the superuser or another user, as\nspecified by the security policy.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"sudo\" command allows\na permitted user to execute a command as the superuser or another user, as\nspecified by the security policy.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"sudo\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w sudo /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"sudo\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000466-GPOS-00210"],"gid":"V-230462","rid":"SV-230462r627750_rule","stig_id":"RHEL-08-030550","fix_id":"F-33106r568133_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230462' do\n  title 'Successful/unsuccessful uses of the sudo command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"sudo\" command allows\na permitted user to execute a command as the superuser or another user, as\nspecified by the security policy.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"sudo\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w sudo /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"sudo\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230462'\n  tag rid: 'SV-230462r627750_rule'\n  tag stig_id: 'RHEL-08-030550'\n  tag fix_id: 'F-33106r568133_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/sudo'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230462.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/sudo\" permissions.flatten is expected to include \"x\"","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/sudo\" action.uniq is expected to eq [\"always\"]","run_time":4.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/sudo\" list.uniq is expected to eq [\"exit\"]","run_time":4.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/sudo\" fields.flatten is expected to include \"auid>=1000\"","run_time":0.000174,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/sudo\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/sudo\" key.uniq is expected to cmp == \"priv_cmd\"","run_time":7.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230463","title":"Successful/unsuccessful uses of the usermod command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"usermod\" command\nmodifies the system account files to reflect the changes that are specified on\nthe command line.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"usermod\" command\nmodifies the system account files to reflect the changes that are specified on\nthe command line.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify that an audit event is generated for any successful/unsuccessful use\nof the \"usermod\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w usermod /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"usermod\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000466-GPOS-00210"],"gid":"V-230463","rid":"SV-230463r627750_rule","stig_id":"RHEL-08-030560","fix_id":"F-33107r568136_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230463' do\n  title 'Successful/unsuccessful uses of the usermod command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"usermod\" command\nmodifies the system account files to reflect the changes that are specified on\nthe command line.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"usermod\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w usermod /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"usermod\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230463'\n  tag rid: 'SV-230463r627750_rule'\n  tag stig_id: 'RHEL-08-030560'\n  tag fix_id: 'F-33107r568136_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/usermod'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-usermod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230463.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/usermod\" permissions.flatten is expected to include \"x\"","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/usermod\" action.uniq is expected to eq [\"always\"]","run_time":4.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/usermod\" list.uniq is expected to eq [\"exit\"]","run_time":4.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/usermod\" fields.flatten is expected to include \"auid>=1000\"","run_time":4.9e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/usermod\" fields.flatten is expected to include \"auid!=-1\"","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/sbin/usermod\" key.uniq is expected to cmp == \"privileged-usermod\"","run_time":0.00016,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230464","title":"Successful/unsuccessful uses of the chacl command in RHEL 8 must\ngenerate an audit record.","desc":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chacl\" command is\nused to change the access control list of a file or directory.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.","descriptions":[{"label":"default","data":"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chacl\" command is\nused to change the access control list of a file or directory.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chacl\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000466-GPOS-00210"],"gid":"V-230464","rid":"SV-230464r627750_rule","stig_id":"RHEL-08-030570","fix_id":"F-33108r568139_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230464' do\n  title 'Successful/unsuccessful uses of the chacl command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chacl\" command is\nused to change the access control list of a file or directory.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chacl\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230464'\n  tag rid: 'SV-230464r627750_rule'\n  tag stig_id: 'RHEL-08-030570'\n  tag fix_id: 'F-33108r568139_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chacl'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230464.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chacl\" permissions.flatten is expected to include \"x\"","run_time":5.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chacl\" action.uniq is expected to eq [\"always\"]","run_time":4.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chacl\" list.uniq is expected to eq [\"exit\"]","run_time":4.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chacl\" fields.flatten is expected to include \"auid>=1000\"","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chacl\" fields.flatten is expected to include \"auid!=-1\"","run_time":4.8e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/chacl\" key.uniq is expected to cmp == \"perm_mod\"","run_time":6.5e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230465","title":"Successful/unsuccessful uses of the kmod command in RHEL 8 must\ngenerate an audit record.","desc":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"kmod\" command is\nused to control Linux Kernel modules.\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.","descriptions":[{"label":"default","data":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"kmod\" command is\nused to control Linux Kernel modules.\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."},{"label":"check","data":"Verify if RHEL 8 is configured to audit the execution of the module\nmanagement program \"kmod\", by running the following command:\n\n    $ sudo grep \"/usr/bin/kmod\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure RHEL 8 to audit the execution of the module management program\n\"kmod\" by adding or updating the following line to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000471-GPOS-00216","SRG-OS-000477-GPOS-00222"],"gid":"V-230465","rid":"SV-230465r627750_rule","stig_id":"RHEL-08-030580","fix_id":"F-33109r568142_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230465' do\n  title 'Successful/unsuccessful uses of the kmod command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"kmod\" command is\nused to control Linux Kernel modules.\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify if RHEL 8 is configured to audit the execution of the module\nmanagement program \"kmod\", by running the following command:\n\n    $ sudo grep \"/usr/bin/kmod\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit the execution of the module management program\n\"kmod\" by adding or updating the following line to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000471-GPOS-00216', 'SRG-OS-000477-GPOS-00222']\n  tag gid: 'V-230465'\n  tag rid: 'SV-230465r627750_rule'\n  tag stig_id: 'RHEL-08-030580'\n  tag fix_id: 'F-33109r568142_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/kmod'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'modules' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230465.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/kmod\" permissions.flatten is expected to include \"x\"","run_time":5.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/kmod\" action.uniq is expected to eq [\"always\"]","run_time":4.6e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/kmod\" list.uniq is expected to eq [\"exit\"]","run_time":5.7e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/kmod\" fields.flatten is expected to include \"auid>=1000\"","run_time":6.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/kmod\" fields.flatten is expected to include \"auid!=-1\"","run_time":6.3e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/usr/bin/kmod\" key.uniq is expected to cmp == \"modules\"","run_time":9.0e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230466","title":"Successful/unsuccessful modifications to the faillock log file in RHEL\n8 must generate an audit record.","desc":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.\n\n    From \"Pam_Faillock man\" pages: Note the default directory that\npam_faillock uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.","descriptions":[{"label":"default","data":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.\n\n    From \"Pam_Faillock man\" pages: Note the default directory that\npam_faillock uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"faillock\" file occur. First, determine where the\nfaillock tallies are stored with the following commands:\n\n    For RHEL versions 8.0 and 8.1:\n\n    $ sudo grep -i pam_faillock.so /etc/pam.d/system-auth\n\n    auth     required          pam_faillock.so preauth dir=/var/log/faillock\nsilent deny=3 fail_interval=900 even_deny_root\n\n    For RHEL versions 8.2 and newer:\n\n    $ sudo grep dir /etc/security/faillock.conf\n\n    dir=/var/log/faillock\n\n    Using the location of the faillock log file, check that the following calls\nare being audited by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w faillock /etc/audit/audit.rules\n\n    -w /var/log/faillock -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"faillock\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/faillock -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000473-GPOS-00218"],"gid":"V-230466","rid":"SV-230466r627750_rule","stig_id":"RHEL-08-030590","fix_id":"F-33110r568145_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230466' do\n  title 'Successful/unsuccessful modifications to the faillock log file in RHEL\n8 must generate an audit record.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.\n\n    From \"Pam_Faillock man\" pages: Note the default directory that\npam_faillock uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"faillock\" file occur. First, determine where the\nfaillock tallies are stored with the following commands:\n\n    For RHEL versions 8.0 and 8.1:\n\n    $ sudo grep -i pam_faillock.so /etc/pam.d/system-auth\n\n    auth     required          pam_faillock.so preauth dir=/var/log/faillock\nsilent deny=3 fail_interval=900 even_deny_root\n\n    For RHEL versions 8.2 and newer:\n\n    $ sudo grep dir /etc/security/faillock.conf\n\n    dir=/var/log/faillock\n\n    Using the location of the faillock log file, check that the following calls\nare being audited by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w faillock /etc/audit/audit.rules\n\n    -w /var/log/faillock -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"faillock\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/faillock -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218']\n  tag gid: 'V-230466'\n  tag rid: 'SV-230466r627750_rule'\n  tag stig_id: 'RHEL-08-030590'\n  tag fix_id: 'F-33110r568145_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  if os.release.to_f < 8.2\n    m = /dir=(?<dir>\\S*)/\n    s = command('grep -i pam_faillock.so /etc/pam.d/system-auth').stdout\n    dir_match = m.match(s)\n    audit_file = (dir_match[:dir] if dir_match)\n  else\n    audit_file = parse_config_file('/etc/security/faillock.conf').params('dir')\n  end\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif audit_file\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'w' }\n      its('permissions.flatten') { should include 'a' }\n      its('key') { should cmp 'logins' }\n    end\n  else\n    describe 'No faillock logfile found' do\n      subject { audit_file }\n      it { should_not be nil }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230466.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"No faillock logfile found is expected not to equal nil","run_time":9.7e-05,"start_time":"2024-01-09T19:40:52-05:00","message":"\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n","resource_class":"Object","resource_params":"[]","resource_id":"No faillock logfile found"}]},{"id":"SV-230467","title":"Successful/unsuccessful modifications to the lastlog file in RHEL 8\nmust generate an audit record.","desc":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.","descriptions":[{"label":"default","data":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."},{"label":"check","data":"Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"lastlog\" file by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w lastlog /etc/audit/audit.rules\n\n    -w /var/log/lastlog -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."},{"label":"fix","data":"Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"lastlog\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/lastlog -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000473-GPOS-00218"],"gid":"V-230467","rid":"SV-230467r627750_rule","stig_id":"RHEL-08-030600","fix_id":"F-33111r568148_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230467' do\n  title 'Successful/unsuccessful modifications to the lastlog file in RHEL 8\nmust generate an audit record.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"lastlog\" file by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w lastlog /etc/audit/audit.rules\n\n    -w /var/log/lastlog -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"lastlog\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/lastlog -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218']\n  tag gid: 'V-230467'\n  tag rid: 'SV-230467r627750_rule'\n  tag stig_id: 'RHEL-08-030600'\n  tag fix_id: 'F-33111r568148_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/var/log/lastlog'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'w' }\n      its('permissions.flatten') { should include 'a' }\n      its('key') { should cmp 'logins' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230467.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Auditd Rules with file == \"/var/log/lastlog\" permissions.flatten is expected to include \"w\"","run_time":7.1e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/var/log/lastlog\" permissions.flatten is expected to include \"a\"","run_time":5.2e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"Auditd Rules with file == \"/var/log/lastlog\" key is expected to cmp == \"logins\"","run_time":7.4e-05,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230468","title":"RHEL 8 must enable auditing of processes that start prior to the audit\ndaemon.","desc":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.","descriptions":[{"label":"default","data":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."},{"label":"check","data":"Verify RHEL 8 enables auditing of processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit\" entry does not equal \"1\", is missing, or the line is commented out, this is a finding.\n\nCheck that auditing is enabled by default to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit=1\"\n\nIf \"audit\" is not set to \"1\", is missing or commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to audit processes that start prior to the audit daemon\nwith the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit=1\""}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000042-GPOS-00020","SRG-OS-000062-GPOS-00031","SRG-OS-000392-GPOS-00172","SRG-OS-000462-GPOS-00206","SRG-OS-000471-GPOS-00215","SRG-OS-000473-GPOS-00218"],"gid":"V-230468","rid":"SV-230468r792904_rule","stig_id":"RHEL-08-030601","fix_id":"F-33112r568151_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230468' do\n  title 'RHEL 8 must enable auditing of processes that start prior to the audit\ndaemon.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify RHEL 8 enables auditing of processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit\" entry does not equal \"1\", is missing, or the line is commented out, this is a finding.\n\nCheck that auditing is enabled by default to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit=1\"\n\nIf \"audit\" is not set to \"1\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit processes that start prior to the audit daemon\nwith the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit=1\"'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218']\n  tag gid: 'V-230468'\n  tag rid: 'SV-230468r792904_rule'\n  tag stig_id: 'RHEL-08-030601'\n  tag fix_id: 'F-33112r568151_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  grub_config = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_config) do\n      its('kernelopts') { should match(/audit=1/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/audit=1/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230468.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config  kernelopts is expected to match /audit=1/","run_time":0.001395,"start_time":"2024-01-09T19:40:52-05:00","message":"expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /audit=1/","resource_class":"parse_config","resource_params":"[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]","resource_id":"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"},{"status":"failed","code_desc":"Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /audit=1/","run_time":0.000956,"start_time":"2024-01-09T19:40:52-05:00","message":"expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /audit=1/","resource_class":"parse_config_file","resource_params":"[\"/etc/default/grub\"]","resource_id":"/etc/default/grub"}]},{"id":"SV-230469","title":"RHEL 8 must allocate an audit_backlog_limit of sufficient size to\ncapture processes that start prior to the audit daemon.","desc":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    Allocating an audit_backlog_limit of sufficient size is critical in\nmaintaining a stable boot process.  With an insufficient limit allocated, the\nsystem is susceptible to boot failures and crashes.","descriptions":[{"label":"default","data":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    Allocating an audit_backlog_limit of sufficient size is critical in\nmaintaining a stable boot process.  With an insufficient limit allocated, the\nsystem is susceptible to boot failures and crashes."},{"label":"check","data":"Verify RHEL 8 allocates a sufficient audit_backlog_limit to capture processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit_backlog_limit\" entry does not equal \"8192\" or greater, is missing, or the line is commented out, this is a finding.\n\nCheck the audit_backlog_limit is set to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\"\n\nIf \"audit_backlog_limit\" is not set to \"8192\" or greater, is missing or commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to allocate sufficient audit_backlog_limit to capture\nprocesses that start prior to the audit daemon with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit_backlog_limit=8192\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\""}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000341-GPOS-00132","gid":"V-230469","rid":"SV-230469r877391_rule","stig_id":"RHEL-08-030602","fix_id":"F-33113r568154_fix","cci":["CCI-001849"],"nist":["AU-4"]},"code":"control 'SV-230469' do\n  title 'RHEL 8 must allocate an audit_backlog_limit of sufficient size to\ncapture processes that start prior to the audit daemon.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    Allocating an audit_backlog_limit of sufficient size is critical in\nmaintaining a stable boot process.  With an insufficient limit allocated, the\nsystem is susceptible to boot failures and crashes.'\n  desc 'check', 'Verify RHEL 8 allocates a sufficient audit_backlog_limit to capture processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit_backlog_limit\" entry does not equal \"8192\" or greater, is missing, or the line is commented out, this is a finding.\n\nCheck the audit_backlog_limit is set to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\"\n\nIf \"audit_backlog_limit\" is not set to \"8192\" or greater, is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allocate sufficient audit_backlog_limit to capture\nprocesses that start prior to the audit daemon with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit_backlog_limit=8192\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\"'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000341-GPOS-00132'\n  tag gid: 'V-230469'\n  tag rid: 'SV-230469r877391_rule'\n  tag stig_id: 'RHEL-08-030602'\n  tag fix_id: 'F-33113r568154_fix'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    grub_config = command('grub2-editenv - list').stdout\n    kernelopts = parse_config(grub_config)['kernelopts'].strip.gsub(' ', \"\\n\")\n    grub_cmdline_linux = parse_config_file('/etc/default/grub')['GRUB_CMDLINE_LINUX'].strip.gsub(' ', \"\\n\").gsub('\"',\n                                                                                                                 '')\n\n    describe 'kernelopts' do\n      subject { parse_config(kernelopts) }\n      its('audit_backlog_limit') { should cmp >= 8192 }\n    end\n\n    describe 'persistant kernelopts' do\n      subject { parse_config(grub_cmdline_linux) }\n      its('audit_backlog_limit') { should cmp >= 8192 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230469.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"kernelopts audit_backlog_limit is expected to cmp >= 8192","run_time":0.000216,"start_time":"2024-01-09T19:40:52-05:00","message":"\nexpected it to be >= 8192\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"audit_backlog_limit"},{"status":"failed","code_desc":"persistant kernelopts audit_backlog_limit is expected to cmp >= 8192","run_time":0.000385,"start_time":"2024-01-09T19:40:52-05:00","message":"\nexpected it to be >= 8192\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"audit_backlog_limit"}]},{"id":"SV-230470","title":"RHEL 8 must enable Linux audit logging for the USBGuard daemon.","desc":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.","descriptions":[{"label":"default","data":"Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."},{"label":"check","data":"Verify RHEL 8 enables Linux audit logging of the USBGuard daemon with the\nfollowing commands:\n\n    Note: If the USBGuard daemon is not installed and enabled, this requirement\nis not applicable.\n\n    $ sudo grep -i auditbackend /etc/usbguard/usbguard-daemon.conf\n\n    AuditBackend=LinuxAudit\n\n    If the \"AuditBackend\" entry does not equal \"LinuxAudit\", is missing, or\nthe line is commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to enable Linux audit logging of the USBGuard daemon by\nadding or modifying the following line in\n\"/etc/usbguard/usbguard-daemon.conf\":\n\n    AuditBackend=LinuxAudit"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000471-GPOS-00215"],"gid":"V-230470","rid":"SV-230470r744006_rule","stig_id":"RHEL-08-030603","fix_id":"F-33114r744005_fix","cci":["CCI-000169"],"nist":["AU-12 a"]},"code":"control 'SV-230470' do\n  title 'RHEL 8 must enable Linux audit logging for the USBGuard daemon.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify RHEL 8 enables Linux audit logging of the USBGuard daemon with the\nfollowing commands:\n\n    Note: If the USBGuard daemon is not installed and enabled, this requirement\nis not applicable.\n\n    $ sudo grep -i auditbackend /etc/usbguard/usbguard-daemon.conf\n\n    AuditBackend=LinuxAudit\n\n    If the \"AuditBackend\" entry does not equal \"LinuxAudit\", is missing, or\nthe line is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable Linux audit logging of the USBGuard daemon by\nadding or modifying the following line in\n\"/etc/usbguard/usbguard-daemon.conf\":\n\n    AuditBackend=LinuxAudit'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230470'\n  tag rid: 'SV-230470r744006_rule'\n  tag stig_id: 'RHEL-08-030603'\n  tag fix_id: 'F-33114r744005_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/usbguard/usbguard-daemon.conf') do\n      its('AuditBackend') { should cmp 'LinuxAudit' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230470.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"Parse Config File /etc/usbguard/usbguard-daemon.conf","run_time":5.0e-06,"start_time":"2024-01-09T19:40:52-05:00","resource":"Parse Config File /etc/usbguard/usbguard-daemon.conf","skip_message":"Can't find file: /etc/usbguard/usbguard-daemon.conf","resource_class":"parse_config_file","resource_params":"[\"/etc/usbguard/usbguard-daemon.conf\"]","resource_id":"/etc/usbguard/usbguard-daemon.conf"}]},{"id":"SV-230471","title":"RHEL 8 must allow only the Information System Security Manager (ISSM)\n(or individuals or roles appointed by the ISSM) to select which auditable\nevents are to be audited.","desc":"Without the capability to restrict the roles and individuals that can\nselect which events are audited, unauthorized personnel may be able to prevent\nthe auditing of critical events. Misconfigured audits may degrade the system's\nperformance by overwhelming the audit log. Misconfigured audits may also make\nit more difficult to establish, correlate, and investigate the events relating\nto an incident or identify those responsible for one.","descriptions":[{"label":"default","data":"Without the capability to restrict the roles and individuals that can\nselect which events are audited, unauthorized personnel may be able to prevent\nthe auditing of critical events. Misconfigured audits may degrade the system's\nperformance by overwhelming the audit log. Misconfigured audits may also make\nit more difficult to establish, correlate, and investigate the events relating\nto an incident or identify those responsible for one."},{"label":"check","data":"Verify that the files in directory \"/etc/audit/rules.d/\" and\n\"/etc/audit/auditd.conf\" file have a mode of \"0640\" or less permissive by\nusing the following commands:\n\n    $ sudo ls -al /etc/audit/rules.d/*.rules\n\n    -rw-r----- 1 root root 1280 Feb 16 17:09 audit.rules\n\n    $ sudo ls -l /etc/audit/auditd.conf\n\n    -rw-r----- 1 root root 621 Sep 22 17:19 auditd.conf\n\n    If the files in the \"/etc/audit/rules.d/\" directory or the\n\"/etc/audit/auditd.conf\" file have a mode more permissive than \"0640\", this\nis a finding."},{"label":"fix","data":"Configure the files in directory \"/etc/audit/rules.d/\" and the\n\"/etc/audit/auditd.conf\" file to have a mode of \"0640\" with the following\ncommands:\n\n    $ sudo chmod 0640 /etc/audit/rules.d/audit.rules\n    $ sudo chmod 0640 /etc/audit/rules.d/[customrulesfile].rules\n    $ sudo chmod 0640 /etc/audit/auditd.conf"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000063-GPOS-00032","gid":"V-230471","rid":"SV-230471r627750_rule","stig_id":"RHEL-08-030610","fix_id":"F-33115r568160_fix","cci":["CCI-000171"],"nist":["AU-12 b"]},"code":"control 'SV-230471' do\n  title 'RHEL 8 must allow only the Information System Security Manager (ISSM)\n(or individuals or roles appointed by the ISSM) to select which auditable\nevents are to be audited.'\n  desc \"Without the capability to restrict the roles and individuals that can\nselect which events are audited, unauthorized personnel may be able to prevent\nthe auditing of critical events. Misconfigured audits may degrade the system's\nperformance by overwhelming the audit log. Misconfigured audits may also make\nit more difficult to establish, correlate, and investigate the events relating\nto an incident or identify those responsible for one.\"\n  desc 'check', 'Verify that the files in directory \"/etc/audit/rules.d/\" and\n\"/etc/audit/auditd.conf\" file have a mode of \"0640\" or less permissive by\nusing the following commands:\n\n    $ sudo ls -al /etc/audit/rules.d/*.rules\n\n    -rw-r----- 1 root root 1280 Feb 16 17:09 audit.rules\n\n    $ sudo ls -l /etc/audit/auditd.conf\n\n    -rw-r----- 1 root root 621 Sep 22 17:19 auditd.conf\n\n    If the files in the \"/etc/audit/rules.d/\" directory or the\n\"/etc/audit/auditd.conf\" file have a mode more permissive than \"0640\", this\nis a finding.'\n  desc 'fix', 'Configure the files in directory \"/etc/audit/rules.d/\" and the\n\"/etc/audit/auditd.conf\" file to have a mode of \"0640\" with the following\ncommands:\n\n    $ sudo chmod 0640 /etc/audit/rules.d/audit.rules\n    $ sudo chmod 0640 /etc/audit/rules.d/[customrulesfile].rules\n    $ sudo chmod 0640 /etc/audit/auditd.conf'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000063-GPOS-00032'\n  tag gid: 'V-230471'\n  tag rid: 'SV-230471r627750_rule'\n  tag stig_id: 'RHEL-08-030610'\n  tag fix_id: 'F-33115r568160_fix'\n  tag cci: ['CCI-000171']\n  tag nist: ['AU-12 b']\n\n  rules_files = bash('ls -d /etc/audit/rules.d/*.rules').stdout.strip.split.append('/etc/audit/auditd.conf')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    rules_files.each do |rf|\n      describe file(rf) do\n        it { should_not be_more_permissive_than('0640') }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230471.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /etc/audit/rules.d/audit.rules is expected not to be more permissive than \"0640\"","run_time":0.261202,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"file","resource_params":"[\"/etc/audit/rules.d/audit.rules\"]","resource_id":"/etc/audit/rules.d/audit.rules"},{"status":"passed","code_desc":"File /etc/audit/auditd.conf is expected not to be more permissive than \"0640\"","run_time":0.003173,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"file","resource_params":"[\"/etc/audit/auditd.conf\"]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230472","title":"RHEL 8 audit tools must have a mode of 0755 or less permissive.","desc":"Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.","descriptions":[{"label":"default","data":"Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators."},{"label":"check","data":"Verify the audit tools are protected from unauthorized access, deletion, or\nmodification by checking the permissive mode.\n\n    Check the octal permission of each audit tool by running the following\ncommand:\n\n    $ sudo stat -c \"%a %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    755 /sbin/auditctl\n    755 /sbin/aureport\n    755 /sbin/ausearch\n    750 /sbin/autrace\n    755 /sbin/auditd\n    755 /sbin/rsyslogd\n    755 /sbin/augenrules\n\n    If any of the audit tools has a mode more permissive than \"0755\", this is\na finding."},{"label":"fix","data":"Configure the audit tools to be protected from unauthorized access by\nsetting the correct permissive mode using the following command:\n\n    $ sudo chmod 0755 [audit_tool]\n\n    Replace \"[audit_tool]\" with the audit tool that does not have the correct\npermissive mode."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000256-GPOS-00097","gid":"V-230472","rid":"SV-230472r627750_rule","stig_id":"RHEL-08-030620","fix_id":"F-33116r568163_fix","cci":["CCI-001493"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230472' do\n  title 'RHEL 8 audit tools must have a mode of 0755 or less permissive.'\n  desc 'Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.'\n  desc 'check', 'Verify the audit tools are protected from unauthorized access, deletion, or\nmodification by checking the permissive mode.\n\n    Check the octal permission of each audit tool by running the following\ncommand:\n\n    $ sudo stat -c \"%a %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    755 /sbin/auditctl\n    755 /sbin/aureport\n    755 /sbin/ausearch\n    750 /sbin/autrace\n    755 /sbin/auditd\n    755 /sbin/rsyslogd\n    755 /sbin/augenrules\n\n    If any of the audit tools has a mode more permissive than \"0755\", this is\na finding.'\n  desc 'fix', 'Configure the audit tools to be protected from unauthorized access by\nsetting the correct permissive mode using the following command:\n\n    $ sudo chmod 0755 [audit_tool]\n\n    Replace \"[audit_tool]\" with the audit tool that does not have the correct\npermissive mode.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000256-GPOS-00097'\n  tag gid: 'V-230472'\n  tag rid: 'SV-230472r627750_rule'\n  tag stig_id: 'RHEL-08-030620'\n  tag fix_id: 'F-33116r568163_fix'\n  tag cci: ['CCI-001493']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/sbin/auditctl') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/aureport') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/ausearch') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/autrace') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/auditd') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/rsyslogd') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/augenrules') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230472.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /sbin/auditctl is expected not to be more permissive than \"0755\"","run_time":0.234372,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"file","resource_params":"[\"/sbin/auditctl\"]","resource_id":"/sbin/auditctl"},{"status":"passed","code_desc":"File /sbin/aureport is expected not to be more permissive than \"0755\"","run_time":0.288544,"start_time":"2024-01-09T19:40:52-05:00","resource_class":"file","resource_params":"[\"/sbin/aureport\"]","resource_id":"/sbin/aureport"},{"status":"passed","code_desc":"File /sbin/ausearch is expected not to be more permissive than \"0755\"","run_time":0.239236,"start_time":"2024-01-09T19:40:53-05:00","resource_class":"file","resource_params":"[\"/sbin/ausearch\"]","resource_id":"/sbin/ausearch"},{"status":"passed","code_desc":"File /sbin/autrace is expected not to be more permissive than \"0755\"","run_time":0.282851,"start_time":"2024-01-09T19:40:53-05:00","resource_class":"file","resource_params":"[\"/sbin/autrace\"]","resource_id":"/sbin/autrace"},{"status":"passed","code_desc":"File /sbin/auditd is expected not to be more permissive than \"0755\"","run_time":0.251061,"start_time":"2024-01-09T19:40:53-05:00","resource_class":"file","resource_params":"[\"/sbin/auditd\"]","resource_id":"/sbin/auditd"},{"status":"passed","code_desc":"File /sbin/rsyslogd is expected not to be more permissive than \"0755\"","run_time":0.325094,"start_time":"2024-01-09T19:40:53-05:00","resource_class":"file","resource_params":"[\"/sbin/rsyslogd\"]","resource_id":"/sbin/rsyslogd"},{"status":"passed","code_desc":"File /sbin/augenrules is expected not to be more permissive than \"0755\"","run_time":0.232184,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/augenrules\"]","resource_id":"/sbin/augenrules"}]},{"id":"SV-230473","title":"RHEL 8 audit tools must be owned by root.","desc":"Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.","descriptions":[{"label":"default","data":"Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators."},{"label":"check","data":"Verify the audit tools are owned by \"root\" to prevent any unauthorized\naccess, deletion, or modification.\n\n    Check the owner of each audit tool by running the following command:\n\n    $ sudo stat -c \"%U %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not owned by \"root\", this is a finding."},{"label":"fix","data":"Configure the audit tools to be owned by \"root\", by running the following\ncommand:\n\n    $ sudo chown root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not owned by \"root\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000256-GPOS-00097","satisfies":["SRG-OS-000256-GPOS-00097","SRG-OS-000257-GPOS-00098","SRG-OS-000258-GPOS-00099"],"gid":"V-230473","rid":"SV-230473r744008_rule","stig_id":"RHEL-08-030630","fix_id":"F-33117r568166_fix","cci":["CCI-001493"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230473' do\n  title 'RHEL 8 audit tools must be owned by root.'\n  desc 'Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.'\n  desc 'check', 'Verify the audit tools are owned by \"root\" to prevent any unauthorized\naccess, deletion, or modification.\n\n    Check the owner of each audit tool by running the following command:\n\n    $ sudo stat -c \"%U %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit tools to be owned by \"root\", by running the following\ncommand:\n\n    $ sudo chown root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not owned by \"root\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000256-GPOS-00097'\n  tag satisfies: ['SRG-OS-000256-GPOS-00097', 'SRG-OS-000257-GPOS-00098', 'SRG-OS-000258-GPOS-00099']\n  tag gid: 'V-230473'\n  tag rid: 'SV-230473r744008_rule'\n  tag stig_id: 'RHEL-08-030630'\n  tag fix_id: 'F-33117r568166_fix'\n  tag cci: ['CCI-001493']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/sbin/auditctl') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/aureport') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/ausearch') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/autrace') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/auditd') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/rsyslogd') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/augenrules') do\n      it { should be_owned_by 'root' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230473.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /sbin/auditctl is expected to be owned by \"root\"","run_time":0.003199,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/auditctl\"]","resource_id":"/sbin/auditctl"},{"status":"passed","code_desc":"File /sbin/aureport is expected to be owned by \"root\"","run_time":0.002602,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/aureport\"]","resource_id":"/sbin/aureport"},{"status":"passed","code_desc":"File /sbin/ausearch is expected to be owned by \"root\"","run_time":0.002606,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/ausearch\"]","resource_id":"/sbin/ausearch"},{"status":"passed","code_desc":"File /sbin/autrace is expected to be owned by \"root\"","run_time":0.002512,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/autrace\"]","resource_id":"/sbin/autrace"},{"status":"passed","code_desc":"File /sbin/auditd is expected to be owned by \"root\"","run_time":0.002501,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/auditd\"]","resource_id":"/sbin/auditd"},{"status":"passed","code_desc":"File /sbin/rsyslogd is expected to be owned by \"root\"","run_time":0.002465,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/rsyslogd\"]","resource_id":"/sbin/rsyslogd"},{"status":"passed","code_desc":"File /sbin/augenrules is expected to be owned by \"root\"","run_time":0.002542,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/augenrules\"]","resource_id":"/sbin/augenrules"}]},{"id":"SV-230474","title":"RHEL 8 audit tools must be group-owned by root.","desc":"Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.","descriptions":[{"label":"default","data":"Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators."},{"label":"check","data":"Verify the audit tools are group-owned by \"root\" to prevent any\nunauthorized access, deletion, or modification.\n\n    Check the owner of each audit tool by running the following commands:\n\n    $ sudo stat -c \"%G %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not group-owned by \"root\", this is a\nfinding."},{"label":"fix","data":"Configure the audit tools to be group-owned by \"root\", by running the\nfollowing command:\n\n    $ sudo chgrp root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not group-owned by \"root\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000256-GPOS-00097","satisfies":["SRG-OS-000256-GPOS-00097","SRG-OS-000257-GPOS-00098","SRG-OS-000258-GPOS-00099"],"gid":"V-230474","rid":"SV-230474r627750_rule","stig_id":"RHEL-08-030640","fix_id":"F-33118r568169_fix","cci":["CCI-001493"],"nist":["AU-9","AU-9 a"]},"code":"control 'SV-230474' do\n  title 'RHEL 8 audit tools must be group-owned by root.'\n  desc 'Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.'\n  desc 'check', 'Verify the audit tools are group-owned by \"root\" to prevent any\nunauthorized access, deletion, or modification.\n\n    Check the owner of each audit tool by running the following commands:\n\n    $ sudo stat -c \"%G %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not group-owned by \"root\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit tools to be group-owned by \"root\", by running the\nfollowing command:\n\n    $ sudo chgrp root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not group-owned by \"root\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000256-GPOS-00097'\n  tag satisfies: ['SRG-OS-000256-GPOS-00097', 'SRG-OS-000257-GPOS-00098', 'SRG-OS-000258-GPOS-00099']\n  tag gid: 'V-230474'\n  tag rid: 'SV-230474r627750_rule'\n  tag stig_id: 'RHEL-08-030640'\n  tag fix_id: 'F-33118r568169_fix'\n  tag cci: ['CCI-001493']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/sbin/auditctl') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/aureport') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/ausearch') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/autrace') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/auditd') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/rsyslogd') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/augenrules') do\n      it { should be_grouped_into 'root' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230474.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /sbin/auditctl is expected to be grouped into \"root\"","run_time":0.002517,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/auditctl\"]","resource_id":"/sbin/auditctl"},{"status":"passed","code_desc":"File /sbin/aureport is expected to be grouped into \"root\"","run_time":0.002374,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/aureport\"]","resource_id":"/sbin/aureport"},{"status":"passed","code_desc":"File /sbin/ausearch is expected to be grouped into \"root\"","run_time":0.002454,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/ausearch\"]","resource_id":"/sbin/ausearch"},{"status":"passed","code_desc":"File /sbin/autrace is expected to be grouped into \"root\"","run_time":0.002414,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/autrace\"]","resource_id":"/sbin/autrace"},{"status":"passed","code_desc":"File /sbin/auditd is expected to be grouped into \"root\"","run_time":0.00228,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/auditd\"]","resource_id":"/sbin/auditd"},{"status":"passed","code_desc":"File /sbin/rsyslogd is expected to be grouped into \"root\"","run_time":0.002367,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/rsyslogd\"]","resource_id":"/sbin/rsyslogd"},{"status":"passed","code_desc":"File /sbin/augenrules is expected to be grouped into \"root\"","run_time":0.002345,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/sbin/augenrules\"]","resource_id":"/sbin/augenrules"}]},{"id":"SV-230475","title":"RHEL 8 must use cryptographic mechanisms to protect the integrity of\naudit tools.","desc":"Protecting the integrity of the tools used for auditing purposes is a\ncritical step toward ensuring the integrity of audit information. Audit\ninformation includes all information (e.g., audit records, audit settings, and\naudit reports) needed to successfully audit information system activity.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.\n\n    It is not uncommon for attackers to replace the audit tools or inject code\ninto the existing tools with the purpose of providing the capability to hide or\nerase system activity from the audit logs.\n\n    To address this risk, audit tools must be cryptographically signed to\nprovide the capability to identify when the audit tools have been modified,\nmanipulated, or replaced. An example is a checksum hash of the file or files.","descriptions":[{"label":"default","data":"Protecting the integrity of the tools used for auditing purposes is a\ncritical step toward ensuring the integrity of audit information. Audit\ninformation includes all information (e.g., audit records, audit settings, and\naudit reports) needed to successfully audit information system activity.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.\n\n    It is not uncommon for attackers to replace the audit tools or inject code\ninto the existing tools with the purpose of providing the capability to hide or\nerase system activity from the audit logs.\n\n    To address this risk, audit tools must be cryptographically signed to\nprovide the capability to identify when the audit tools have been modified,\nmanipulated, or replaced. An example is a checksum hash of the file or files."},{"label":"check","data":"Verify that Advanced Intrusion Detection Environment (AIDE) is properly configured to use cryptographic mechanisms to protect the integrity of audit tools.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nCheck the selection lines to ensure AIDE is configured to add/check with the following command:\n\n     $ sudo grep -E '(\\/usr\\/sbin\\/(audit|au|rsys))' /etc/aide.conf\n\n     /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512\n\nIf any of the audit tools listed above do not have an appropriate selection line, ask the system administrator to indicate what cryptographic mechanisms are being used to protect the integrity of the audit tools. If there is no evidence of integrity protection, this is a finding."},{"label":"fix","data":"Add or update the following lines to \"/etc/aide.conf\", to protect the\nintegrity of the audit tools.\n\n    # Audit Tools\n    /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000278-GPOS-00108","gid":"V-230475","rid":"SV-230475r880722_rule","stig_id":"RHEL-08-030650","fix_id":"F-33119r568172_fix","cci":["CCI-001496"],"nist":["AU-9 (3)"]},"code":"control 'SV-230475' do\n  title 'RHEL 8 must use cryptographic mechanisms to protect the integrity of\naudit tools.'\n  desc 'Protecting the integrity of the tools used for auditing purposes is a\ncritical step toward ensuring the integrity of audit information. Audit\ninformation includes all information (e.g., audit records, audit settings, and\naudit reports) needed to successfully audit information system activity.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.\n\n    It is not uncommon for attackers to replace the audit tools or inject code\ninto the existing tools with the purpose of providing the capability to hide or\nerase system activity from the audit logs.\n\n    To address this risk, audit tools must be cryptographically signed to\nprovide the capability to identify when the audit tools have been modified,\nmanipulated, or replaced. An example is a checksum hash of the file or files.'\n  desc 'check', \"Verify that Advanced Intrusion Detection Environment (AIDE) is properly configured to use cryptographic mechanisms to protect the integrity of audit tools.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nCheck the selection lines to ensure AIDE is configured to add/check with the following command:\n\n     $ sudo grep -E '(\\\\/usr\\\\/sbin\\\\/(audit|au|rsys))' /etc/aide.conf\n\n     /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512\n\nIf any of the audit tools listed above do not have an appropriate selection line, ask the system administrator to indicate what cryptographic mechanisms are being used to protect the integrity of the audit tools. If there is no evidence of integrity protection, this is a finding.\"\n  desc 'fix', 'Add or update the following lines to \"/etc/aide.conf\", to protect the\nintegrity of the audit tools.\n\n    # Audit Tools\n    /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-GPOS-00108'\n  tag gid: 'V-230475'\n  tag rid: 'SV-230475r880722_rule'\n  tag stig_id: 'RHEL-08-030650'\n  tag fix_id: 'F-33119r568172_fix'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  audit_tools = %w[/usr/sbin/auditctl\n                   /usr/sbin/auditd\n                   /usr/sbin/ausearch\n                   /usr/sbin/aureport\n                   /usr/sbin/autrace\n                   /usr/sbin/rsyslogd\n                   /usr/sbin/augenrules]\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('aide').installed?\n    audit_tools.each do |tool|\n      describe \"selection_line: #{tool}\" do\n        subject { aide_conf.where { selection_line.eql?(tool) } }\n        its('rules.flatten') { should include 'p' }\n        its('rules.flatten') { should include 'i' }\n        its('rules.flatten') { should include 'n' }\n        its('rules.flatten') { should include 'u' }\n        its('rules.flatten') { should include 'g' }\n        its('rules.flatten') { should include 's' }\n        its('rules.flatten') { should include 'b' }\n        its('rules.flatten') { should include 'acl' }\n        its('rules.flatten') { should include 'xattrs' }\n        its('rules.flatten') { should include 'sha512' }\n      end\n    end\n  else\n    describe 'The system is not utilizing Advanced Intrusion Detection Environment (AIDE)' do\n      skip 'The system is not utilizing Advanced Intrusion Detection Environment (AIDE), manual review is required.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230475.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system is not utilizing Advanced Intrusion Detection Environment (AIDE)","run_time":4.0e-06,"start_time":"2024-01-09T19:40:54-05:00","resource":"","skip_message":"The system is not utilizing Advanced Intrusion Detection Environment (AIDE), manual review is required.","resource_class":"Object","resource_params":"[]","resource_id":"The system is not utilizing Advanced Intrusion Detection Environment (AIDE)"}]},{"id":"SV-230476","title":"RHEL 8 must allocate audit record storage capacity to store at least\none week of audit records, when audit records are not immediately sent to a\ncentral audit record storage facility.","desc":"To ensure RHEL 8 systems have a sufficient storage capacity in which\nto write the audit logs, RHEL 8 needs to be able to allocate audit record\nstorage capacity.\n\n    The task of allocating audit record storage capacity is usually performed\nduring initial installation of RHEL 8.","descriptions":[{"label":"default","data":"To ensure RHEL 8 systems have a sufficient storage capacity in which\nto write the audit logs, RHEL 8 needs to be able to allocate audit record\nstorage capacity.\n\n    The task of allocating audit record storage capacity is usually performed\nduring initial installation of RHEL 8."},{"label":"check","data":"Verify RHEL 8 allocates audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility.\n\nDetermine to which partition the audit records are being written with the following command:\n\n$ sudo grep -iw log_file /etc/audit/auditd.conf\nlog_file = /var/log/audit/audit.log\n\nCheck the size of the partition to which audit records are written (with the example being /var/log/audit/) with the following command:\n\n$ sudo df -h /var/log/audit/\n/dev/sda2 24G 10.4G 13.6G 43% /var/log/audit\n\nIf the audit records are not written to a partition made specifically for audit records (/var/log/audit is a separate partition), determine the amount of space being used by other files in the partition with the following command:\n\n$ sudo du -sh [audit_partition]\n1.8G /var/log/audit\n\nIf the audit record partition is not allocated for sufficient storage capacity, this is a finding.\n\nNote: The partition size needed to capture a week of audit records is based on the activity level of the system and the total storage capacity available. Typically 10.0 GB of storage space for audit records should be sufficient."},{"label":"fix","data":"Allocate enough storage capacity for at least one week of audit records\nwhen audit records are not immediately sent to a central audit record storage\nfacility.\n\n    If audit records are stored on a partition made specifically for audit\nrecords, resize the partition with sufficient space to contain one week of\naudit records.\n\n    If audit records are not stored on a partition made specifically for audit\nrecords, a new partition with sufficient space will need be to be created."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000341-GPOS-00132","gid":"V-230476","rid":"SV-230476r877391_rule","stig_id":"RHEL-08-030660","fix_id":"F-33120r568175_fix","cci":["CCI-001849"],"nist":["AU-4"]},"code":"control 'SV-230476' do\n  title 'RHEL 8 must allocate audit record storage capacity to store at least\none week of audit records, when audit records are not immediately sent to a\ncentral audit record storage facility.'\n  desc 'To ensure RHEL 8 systems have a sufficient storage capacity in which\nto write the audit logs, RHEL 8 needs to be able to allocate audit record\nstorage capacity.\n\n    The task of allocating audit record storage capacity is usually performed\nduring initial installation of RHEL 8.'\n  desc 'check', 'Verify RHEL 8 allocates audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility.\n\nDetermine to which partition the audit records are being written with the following command:\n\n$ sudo grep -iw log_file /etc/audit/auditd.conf\nlog_file = /var/log/audit/audit.log\n\nCheck the size of the partition to which audit records are written (with the example being /var/log/audit/) with the following command:\n\n$ sudo df -h /var/log/audit/\n/dev/sda2 24G 10.4G 13.6G 43% /var/log/audit\n\nIf the audit records are not written to a partition made specifically for audit records (/var/log/audit is a separate partition), determine the amount of space being used by other files in the partition with the following command:\n\n$ sudo du -sh [audit_partition]\n1.8G /var/log/audit\n\nIf the audit record partition is not allocated for sufficient storage capacity, this is a finding.\n\nNote: The partition size needed to capture a week of audit records is based on the activity level of the system and the total storage capacity available. Typically 10.0 GB of storage space for audit records should be sufficient.'\n  desc 'fix', 'Allocate enough storage capacity for at least one week of audit records\nwhen audit records are not immediately sent to a central audit record storage\nfacility.\n\n    If audit records are stored on a partition made specifically for audit\nrecords, resize the partition with sufficient space to contain one week of\naudit records.\n\n    If audit records are not stored on a partition made specifically for audit\nrecords, a new partition with sufficient space will need be to be created.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-GPOS-00132'\n  tag gid: 'V-230476'\n  tag rid: 'SV-230476r877391_rule'\n  tag stig_id: 'RHEL-08-030660'\n  tag fix_id: 'F-33120r568175_fix'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  audit_log_dir = command(\"dirname #{auditd_conf.log_file}\").stdout.strip\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(audit_log_dir) do\n      it { should exist }\n      it { should be_directory }\n    end\n\n    # Fetch partition sizes in 1K blocks for consistency\n    partition_info = command(\"df -B 1K #{audit_log_dir}\").stdout.split(\"\\n\")\n    partition_sz_arr = partition_info.last.gsub(/\\s+/m, ' ').strip.split(' ')\n\n    # Get unused space percentage\n    percentage_space_unused = (100 - partition_sz_arr[4].to_i)\n\n    describe \"auditd_conf's space_left threshold should be under the amount of space currently available (in 1K blocks) for the audit log directory:\" do\n      subject { auditd_conf }\n      its('space_left.to_i') { should be <= percentage_space_unused }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230476.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /var/log/audit is expected to exist","run_time":5.1e-05,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/var/log/audit\"]","resource_id":"/var/log/audit"},{"status":"passed","code_desc":"File /var/log/audit is expected to be directory","run_time":0.002337,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"file","resource_params":"[\"/var/log/audit\"]","resource_id":"/var/log/audit"},{"status":"passed","code_desc":"auditd_conf's space_left threshold should be under the amount of space currently available (in 1K blocks) for the audit log directory: space_left.to_i is expected to be <= 65","run_time":0.000209,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"Object","resource_params":"[]","resource_id":"space_left.to_i"}]},{"id":"SV-230477","title":"RHEL 8 must have the packages required for offloading audit logs\ninstalled.","desc":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.","descriptions":[{"label":"default","data":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP."},{"label":"check","data":"Verify the operating system has the packages required for offloading audit\nlogs installed with the following commands:\n\n    $ sudo yum list installed rsyslog\n\n    rsyslog.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog\" package is not installed, ask the administrator to\nindicate how audit logs are being offloaded and what packages are installed to\nsupport it.  If there is no evidence of audit logs being offloaded, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to offload audit logs by installing the\nrequired packages with the following command:\n\n    $ sudo yum install rsyslog"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230477","rid":"SV-230477r627750_rule","stig_id":"RHEL-08-030670","fix_id":"F-33121r568178_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230477' do\n  title 'RHEL 8 must have the packages required for offloading audit logs\ninstalled.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.'\n  desc 'check', 'Verify the operating system has the packages required for offloading audit\nlogs installed with the following commands:\n\n    $ sudo yum list installed rsyslog\n\n    rsyslog.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog\" package is not installed, ask the administrator to\nindicate how audit logs are being offloaded and what packages are installed to\nsupport it.  If there is no evidence of audit logs being offloaded, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to offload audit logs by installing the\nrequired packages with the following command:\n\n    $ sudo yum install rsyslog'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230477'\n  tag rid: 'SV-230477r627750_rule'\n  tag stig_id: 'RHEL-08-030670'\n  tag fix_id: 'F-33121r568178_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('rsyslog') do\n      it { should be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230477.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package rsyslog is expected to be installed","run_time":0.080177,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"package","resource_params":"[\"rsyslog\"]","resource_id":"rsyslog"}]},{"id":"SV-230478","title":"RHEL 8 must have the packages required for encrypting offloaded audit\nlogs installed.","desc":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"rsyslog-gnutls\" (which is a secure\ncommunications library implementing the SSL, TLS and DTLS protocols), and you\nhave a method to securely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.","descriptions":[{"label":"default","data":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"rsyslog-gnutls\" (which is a secure\ncommunications library implementing the SSL, TLS and DTLS protocols), and you\nhave a method to securely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP."},{"label":"check","data":"Verify the operating system has the packages required for encrypting\noffloaded audit logs installed with the following commands:\n\n    $ sudo yum list installed rsyslog-gnutls\n\n    rsyslog-gnutls.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog-gnutls\" package is not installed, ask the administrator\nto indicate how audit logs are being encrypted during offloading and what\npackages are installed to support it.  If there is no evidence of audit logs\nbeing encrypted during offloading, this is a finding."},{"label":"fix","data":"Configure the operating system to encrypt offloaded audit logs by\ninstalling the required packages with the following command:\n\n    $ sudo yum install rsyslog-gnutls"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230478","rid":"SV-230478r744011_rule","stig_id":"RHEL-08-030680","fix_id":"F-33122r744010_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230478' do\n  title 'RHEL 8 must have the packages required for encrypting offloaded audit\nlogs installed.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"rsyslog-gnutls\" (which is a secure\ncommunications library implementing the SSL, TLS and DTLS protocols), and you\nhave a method to securely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.'\n  desc 'check', 'Verify the operating system has the packages required for encrypting\noffloaded audit logs installed with the following commands:\n\n    $ sudo yum list installed rsyslog-gnutls\n\n    rsyslog-gnutls.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog-gnutls\" package is not installed, ask the administrator\nto indicate how audit logs are being encrypted during offloading and what\npackages are installed to support it.  If there is no evidence of audit logs\nbeing encrypted during offloading, this is a finding.'\n  desc 'fix', 'Configure the operating system to encrypt offloaded audit logs by\ninstalling the required packages with the following command:\n\n    $ sudo yum install rsyslog-gnutls'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230478'\n  tag rid: 'SV-230478r744011_rule'\n  tag stig_id: 'RHEL-08-030680'\n  tag fix_id: 'F-33122r744010_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('rsyslog-gnutls') do\n      it { should be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230478.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package rsyslog-gnutls is expected to be installed","run_time":0.190988,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"package","resource_params":"[\"rsyslog-gnutls\"]","resource_id":"rsyslog-gnutls"}]},{"id":"SV-230479","title":"The RHEL 8 audit records must be off-loaded onto a different system or\nstorage media from the system being audited.","desc":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.","descriptions":[{"label":"default","data":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP."},{"label":"check","data":"Verify the audit system offloads audit records onto a different system or media from the system being audited with the following command:\n\n     $ sudo grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n     /etc/rsyslog.conf:*.* @@[logaggregationserver.example.mil]:[port]\n\nIf a remote server is not configured, or the line is commented out, ask the system administrator to indicate how the audit logs are offloaded to a different system or media.\n\nIf there is no evidence that the audit logs are being offloaded to another system or media, this is a finding."},{"label":"fix","data":"Configure the operating system to offload audit records onto a different system or media from the system being audited by specifying the remote logging server in \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\" with the name or IP address of the log aggregation server.\n\nFor UDP:\n     *.* @[logaggregationserver.example.mil]:[port]\n\nFor TCP:\n     *.* @@[logaggregationserver.example.mil]:[port]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-GPOS-00133","satisfies":["SRG-OS-000342-GPOS-00133","SRG-OS-000479-GPOS-00224"],"gid":"V-230479","rid":"SV-230479r917883_rule","stig_id":"RHEL-08-030690","fix_id":"F-33123r917882_fix","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'SV-230479' do\n  title 'The RHEL 8 audit records must be off-loaded onto a different system or\nstorage media from the system being audited.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.'\n  desc 'check', 'Verify the audit system offloads audit records onto a different system or media from the system being audited with the following command:\n\n     $ sudo grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n     /etc/rsyslog.conf:*.* @@[logaggregationserver.example.mil]:[port]\n\nIf a remote server is not configured, or the line is commented out, ask the system administrator to indicate how the audit logs are offloaded to a different system or media.\n\nIf there is no evidence that the audit logs are being offloaded to another system or media, this is a finding.'\n  desc 'fix', 'Configure the operating system to offload audit records onto a different system or media from the system being audited by specifying the remote logging server in \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\" with the name or IP address of the log aggregation server.\n\nFor UDP:\n     *.* @[logaggregationserver.example.mil]:[port]\n\nFor TCP:\n     *.* @@[logaggregationserver.example.mil]:[port]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230479'\n  tag rid: 'SV-230479r917883_rule'\n  tag stig_id: 'RHEL-08-030690'\n  tag fix_id: 'F-33123r917882_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf') do\n      its('stdout') { should match(/^.*:\\*\\.\\*\\s*@@[a-z.0-9]*:?[0-9]*?/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230479.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Command: `grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf` stdout is expected to match /^.*:\\*\\.\\*\\s*@@[a-z.0-9]*:?[0-9]*?/","run_time":0.123976,"start_time":"2024-01-09T19:40:54-05:00","message":"expected \"\" to match /^.*:\\*\\.\\*\\s*@@[a-z.0-9]*:?[0-9]*?/","resource_class":"command","resource_params":"[\"grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\"]","resource_id":"Command: `grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf`"}]},{"id":"SV-230480","title":"RHEL 8 must take appropriate action when the internal event queue is\nfull.","desc":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.","descriptions":[{"label":"default","data":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing."},{"label":"check","data":"Verify the audit system is configured to take an appropriate action when\nthe internal event queue is full:\n\n    $ sudo grep -i overflow_action /etc/audit/auditd.conf\n\n    overflow_action = syslog\n\n    If the value of the \"overflow_action\" option is not set to \"syslog\",\n\"single\", \"halt\", or the line is commented out, ask the System\nAdministrator to indicate how the audit logs are off-loaded to a different\nsystem or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media takes appropriate action if the internal\nevent queue becomes full, this is a finding."},{"label":"fix","data":"Edit the /etc/audit/auditd.conf file and add or update the\n\"overflow_action\" option:\n\n    overflow_action = syslog\n\n    The audit daemon must be restarted for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-GPOS-00133","satisfies":["SRG-OS-000342-GPOS-00133","SRG-OS-000479-GPOS-00224"],"gid":"V-230480","rid":"SV-230480r877390_rule","stig_id":"RHEL-08-030700","fix_id":"F-33124r568187_fix","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'SV-230480' do\n  title 'RHEL 8 must take appropriate action when the internal event queue is\nfull.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.'\n  desc 'check', 'Verify the audit system is configured to take an appropriate action when\nthe internal event queue is full:\n\n    $ sudo grep -i overflow_action /etc/audit/auditd.conf\n\n    overflow_action = syslog\n\n    If the value of the \"overflow_action\" option is not set to \"syslog\",\n\"single\", \"halt\", or the line is commented out, ask the System\nAdministrator to indicate how the audit logs are off-loaded to a different\nsystem or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media takes appropriate action if the internal\nevent queue becomes full, this is a finding.'\n  desc 'fix', 'Edit the /etc/audit/auditd.conf file and add or update the\n\"overflow_action\" option:\n\n    overflow_action = syslog\n\n    The audit daemon must be restarted for changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230480'\n  tag rid: 'SV-230480r877390_rule'\n  tag stig_id: 'RHEL-08-030700'\n  tag fix_id: 'F-33124r568187_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('overflow_action') { should match(/syslog$|single$|halt$/i) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230480.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/audit/auditd.conf overflow_action is expected to match /syslog$|single$|halt$/i","run_time":0.00014,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/audit/auditd.conf\"]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230481","title":"RHEL 8 must encrypt the transfer of audit records off-loaded onto a\ndifferent system or media from the system being audited.","desc":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.","descriptions":[{"label":"default","data":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing."},{"label":"check","data":"Verify the operating system encrypts audit records off-loaded onto a different system or media from the system being audited with the following commands:\n\n$ sudo grep -i '$DefaultNetstreamDriver' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$DefaultNetstreamDriver gtls\n\nIf the value of the \"$DefaultNetstreamDriver\" option is not set to \"gtls\" or the line is commented out, this is a finding.\n\n$ sudo grep -i '$ActionSendStreamDriverMode' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$ActionSendStreamDriverMode 1\n\nIf the value of the \"$ActionSendStreamDriverMode\" option is not set to \"1\" or the line is commented out, this is a finding.\n\nIf neither of the definitions above are set, ask the System Administrator to indicate how the audit logs are off-loaded to a different system or media.\n\nIf there is no evidence that the transfer of the audit logs being off-loaded to another system or media is encrypted, this is a finding."},{"label":"fix","data":"Configure the operating system to encrypt off-loaded audit records by\nsetting the following options in \"/etc/rsyslog.conf\" or\n\"/etc/rsyslog.d/[customfile].conf\":\n\n    $DefaultNetstreamDriver gtls\n    $ActionSendStreamDriverMode 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-GPOS-00133","satisfies":["SRG-OS-000342-GPOS-00133","SRG-OS-000479-GPOS-00224"],"gid":"V-230481","rid":"SV-230481r877390_rule","stig_id":"RHEL-08-030710","fix_id":"F-33125r568190_fix","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'SV-230481' do\n  title 'RHEL 8 must encrypt the transfer of audit records off-loaded onto a\ndifferent system or media from the system being audited.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.'\n  desc 'check', %q(Verify the operating system encrypts audit records off-loaded onto a different system or media from the system being audited with the following commands:\n\n$ sudo grep -i '$DefaultNetstreamDriver' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$DefaultNetstreamDriver gtls\n\nIf the value of the \"$DefaultNetstreamDriver\" option is not set to \"gtls\" or the line is commented out, this is a finding.\n\n$ sudo grep -i '$ActionSendStreamDriverMode' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$ActionSendStreamDriverMode 1\n\nIf the value of the \"$ActionSendStreamDriverMode\" option is not set to \"1\" or the line is commented out, this is a finding.\n\nIf neither of the definitions above are set, ask the System Administrator to indicate how the audit logs are off-loaded to a different system or media.\n\nIf there is no evidence that the transfer of the audit logs being off-loaded to another system or media is encrypted, this is a finding.)\n  desc 'fix', 'Configure the operating system to encrypt off-loaded audit records by\nsetting the following options in \"/etc/rsyslog.conf\" or\n\"/etc/rsyslog.d/[customfile].conf\":\n\n    $DefaultNetstreamDriver gtls\n    $ActionSendStreamDriverMode 1'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230481'\n  tag rid: 'SV-230481r877390_rule'\n  tag stig_id: 'RHEL-08-030710'\n  tag fix_id: 'F-33125r568190_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe 'rsyslog configuration' do\n      subject {\n        command(\"grep -i '^\\$DefaultNetstreamDriver' /etc/rsyslog.conf /etc/rsyslog.d/* | awk -F ':' '{ print $2 }'\").stdout\n      }\n      it { should match(/\\$DefaultNetstreamDriver\\s+gtls/) }\n    end\n\n    describe 'rsyslog configuration' do\n      subject {\n        command(\"grep -i '^\\$ActionSendStreamDriverMode' /etc/rsyslog.conf /etc/rsyslog.d/* | awk -F ':' '{ print $2 }'\").stdout\n      }\n      it { should match(/\\$ActionSendStreamDriverMode\\s+1/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230481.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"rsyslog configuration is expected to match /\\$DefaultNetstreamDriver\\s+gtls/","run_time":0.160526,"start_time":"2024-01-09T19:40:54-05:00","resource_class":"Object","resource_params":"[]","resource_id":"rsyslog configuration"},{"status":"passed","code_desc":"rsyslog configuration is expected to match /\\$ActionSendStreamDriverMode\\s+1/","run_time":0.168813,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"Object","resource_params":"[]","resource_id":"rsyslog configuration"}]},{"id":"SV-230482","title":"RHEL 8 must authenticate the remote logging server for off-loading\naudit logs.","desc":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    \"Rsyslog\" supported authentication modes include:\n    anon - anonymous authentication\n    x509/fingerprint - certificate fingerprint authentication\n    x509/certvalid - certificate validation only\n    x509/name - certificate validation and subject name authentication.","descriptions":[{"label":"default","data":"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    \"Rsyslog\" supported authentication modes include:\n    anon - anonymous authentication\n    x509/fingerprint - certificate fingerprint authentication\n    x509/certvalid - certificate validation only\n    x509/name - certificate validation and subject name authentication."},{"label":"check","data":"Verify the operating system authenticates the remote logging server for\noff-loading audit logs with the following command:\n\n    $ sudo grep -i '$ActionSendStreamDriverAuthMode' /etc/rsyslog.conf\n/etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:$ActionSendStreamDriverAuthMode x509/name\n\n    If the value of the \"$ActionSendStreamDriverAuthMode\" option is not set\nto \"x509/name\" or the line is commented out, ask the System Administrator to\nindicate how the audit logs are off-loaded to a different system or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media is encrypted, this is a finding."},{"label":"fix","data":"Configure the operating system to authenticate the remote logging server\nfor off-loading audit logs by setting the following option in\n\"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\":\n\n    $ActionSendStreamDriverAuthMode x509/name"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-GPOS-00133","satisfies":["SRG-OS-000342-GPOS-00133","SRG-OS-000479-GPOS-00224"],"gid":"V-230482","rid":"SV-230482r877390_rule","stig_id":"RHEL-08-030720","fix_id":"F-33126r568193_fix","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'SV-230482' do\n  title 'RHEL 8 must authenticate the remote logging server for off-loading\naudit logs.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    \"Rsyslog\" supported authentication modes include:\n    anon - anonymous authentication\n    x509/fingerprint - certificate fingerprint authentication\n    x509/certvalid - certificate validation only\n    x509/name - certificate validation and subject name authentication.'\n  desc 'check', %q(Verify the operating system authenticates the remote logging server for\noff-loading audit logs with the following command:\n\n    $ sudo grep -i '$ActionSendStreamDriverAuthMode' /etc/rsyslog.conf\n/etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:$ActionSendStreamDriverAuthMode x509/name\n\n    If the value of the \"$ActionSendStreamDriverAuthMode\" option is not set\nto \"x509/name\" or the line is commented out, ask the System Administrator to\nindicate how the audit logs are off-loaded to a different system or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media is encrypted, this is a finding.)\n  desc 'fix', 'Configure the operating system to authenticate the remote logging server\nfor off-loading audit logs by setting the following option in\n\"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\":\n\n    $ActionSendStreamDriverAuthMode x509/name'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230482'\n  tag rid: 'SV-230482r877390_rule'\n  tag stig_id: 'RHEL-08-030720'\n  tag fix_id: 'F-33126r568193_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe 'rsyslog configuration' do\n      subject {\n        command(\"grep -i '^\\$ActionSendStreamDriverAuthMode' /etc/rsyslog.conf /etc/rsyslog.d/* | awk -F ':' '{ print $2 }'\").stdout\n      }\n      it { should match %r{\\$ActionSendStreamDriverAuthMode\\s+x509/name} }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230482.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"rsyslog configuration is expected to match /\\$ActionSendStreamDriverAuthMode\\s+x509\\/name/","run_time":0.122329,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"Object","resource_params":"[]","resource_id":"rsyslog configuration"}]},{"id":"SV-230483","title":"RHEL 8 must take action when allocated audit record storage volume\n    reaches 75 percent of the repository maximum audit record storage capacity.","desc":"If security personnel are not notified immediately when storage volume\n    reaches 75 percent utilization, they are unable to plan for audit record\n    storage capacity expansion.","descriptions":[{"label":"default","data":"If security personnel are not notified immediately when storage volume\n    reaches 75 percent utilization, they are unable to plan for audit record\n    storage capacity expansion."},{"label":"check","data":"Verify RHEL 8 takes action when allocated audit record storage\n    volume reaches 75 percent of the repository maximum audit record storage\n    capacity with the following commands:\n\n        $ sudo grep -w space_left /etc/audit/auditd.conf\n\n        space_left = 25%\n\n    If the value of the \"space_left\" keyword is not set to \"25%\" or if the\n    line is commented out, ask the System Administrator to indicate how the system\n    is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\n    this is a finding."},{"label":"fix","data":"Configure the operating system to initiate an action to notify the\n    SA and ISSO (at a minimum) when allocated audit record storage volume reaches\n    75 percent of the repository maximum audit record storage capacity by\n    adding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left = 25%\n\n    Note: Option names and values in the auditd.conf file are case insensitive."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000343-GPOS-00134","gid":"V-230483","rid":"SV-230483r877389_rule","stig_id":"RHEL-08-030730","fix_id":"F-33127r744013_fix","cci":["CCI-001855"],"nist":["AU-5 (1)"]},"code":"control 'SV-230483' do\n  title 'RHEL 8 must take action when allocated audit record storage volume\n    reaches 75 percent of the repository maximum audit record storage capacity.'\n  desc 'If security personnel are not notified immediately when storage volume\n    reaches 75 percent utilization, they are unable to plan for audit record\n    storage capacity expansion.'\n  desc 'check', 'Verify RHEL 8 takes action when allocated audit record storage\n    volume reaches 75 percent of the repository maximum audit record storage\n    capacity with the following commands:\n\n        $ sudo grep -w space_left /etc/audit/auditd.conf\n\n        space_left = 25%\n\n    If the value of the \"space_left\" keyword is not set to \"25%\" or if the\n    line is commented out, ask the System Administrator to indicate how the system\n    is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\n    this is a finding.'\n  desc 'fix', 'Configure the operating system to initiate an action to notify the\n    SA and ISSO (at a minimum) when allocated audit record storage volume reaches\n    75 percent of the repository maximum audit record storage capacity by\n    adding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left = 25%\n\n    Note: Option names and values in the auditd.conf file are case insensitive.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000343-GPOS-00134'\n  tag gid: 'V-230483'\n  tag rid: 'SV-230483r877389_rule'\n  tag stig_id: 'RHEL-08-030730'\n  tag fix_id: 'F-33127r744013_fix'\n  tag cci: ['CCI-001855']\n  tag nist: ['AU-5 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('space_left') { should cmp '25%' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230483.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Audit Daemon Config space_left is expected to cmp == \"25%\"","run_time":0.00081,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"auditd_conf","resource_params":"[]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-230484","title":"RHEL 8 must securely compare internal information system clocks at\nleast every 24 hours with a server synchronized to an authoritative time\nsource, such as the United States Naval Observatory (USNO) time servers, or a\ntime server designated for the appropriate DoD network (NIPRNet/SIPRNet),\nand/or the Global Positioning System (GPS).","desc":"Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n    If time stamps are not consistently applied and there is no common time\nreference, it is difficult to perform forensic analysis.\n\n    Time stamps generated by the operating system include date and time. Time\nis commonly expressed in Coordinated Universal Time (UTC), a modern\ncontinuation of Greenwich Mean Time (GMT), or local time with an offset from\nUTC.\n\n    RHEL 8 utilizes the \"timedatectl\" command to view the status of the\n\"systemd-timesyncd.service\". The \"timedatectl\" status will display the\nlocal time, UTC, and the offset from UTC.\n\n    Note that USNO offers authenticated NTP service to DoD and U.S. Government\nagencies operating on the NIPR and SIPR networks. Visit\nhttps://www.usno.navy.mil/USNO/time/ntp/dod-customers for more information.","descriptions":[{"label":"default","data":"Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n    If time stamps are not consistently applied and there is no common time\nreference, it is difficult to perform forensic analysis.\n\n    Time stamps generated by the operating system include date and time. Time\nis commonly expressed in Coordinated Universal Time (UTC), a modern\ncontinuation of Greenwich Mean Time (GMT), or local time with an offset from\nUTC.\n\n    RHEL 8 utilizes the \"timedatectl\" command to view the status of the\n\"systemd-timesyncd.service\". The \"timedatectl\" status will display the\nlocal time, UTC, and the offset from UTC.\n\n    Note that USNO offers authenticated NTP service to DoD and U.S. Government\nagencies operating on the NIPR and SIPR networks. Visit\nhttps://www.usno.navy.mil/USNO/time/ntp/dod-customers for more information."},{"label":"check","data":"Verify RHEL 8 is securely comparing internal information system clocks at\nleast every 24 hours with an NTP server with the following commands:\n\n    $ sudo grep maxpoll /etc/chrony.conf\n\n    server 0.us.pool.ntp.mil iburst maxpoll 16\n\n    If the \"maxpoll\" option is set to a number greater than 16 or the line is\ncommented out, this is a finding.\n\n    Verify the \"chrony.conf\" file is configured to an authoritative DoD time\nsource by running the following command:\n\n    $ sudo grep -i server /etc/chrony.conf\n    server 0.us.pool.ntp.mil\n\n    If the parameter \"server\" is not set or is not set to an authoritative\nDoD time source, this is a finding."},{"label":"fix","data":"Configure the operating system to securely compare internal information\nsystem clocks at least every 24 hours with an NTP server by adding/modifying\nthe following line in the /etc/chrony.conf file.\n\n    server [ntp.server.name] iburst maxpoll 16"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000355-GPOS-00143","satisfies":["SRG-OS-000355-GPOS-00143","SRG-OS-000356-GPOS-00144","SRG-OS-000359-GPOS-00146"],"gid":"V-230484","rid":"SV-230484r877038_rule","stig_id":"RHEL-08-030740","fix_id":"F-33128r568199_fix","cci":["CCI-001891"],"nist":["AU-8 (1) (a)"]},"code":"control 'SV-230484' do\n  title 'RHEL 8 must securely compare internal information system clocks at\nleast every 24 hours with a server synchronized to an authoritative time\nsource, such as the United States Naval Observatory (USNO) time servers, or a\ntime server designated for the appropriate DoD network (NIPRNet/SIPRNet),\nand/or the Global Positioning System (GPS).'\n  desc 'Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n    If time stamps are not consistently applied and there is no common time\nreference, it is difficult to perform forensic analysis.\n\n    Time stamps generated by the operating system include date and time. Time\nis commonly expressed in Coordinated Universal Time (UTC), a modern\ncontinuation of Greenwich Mean Time (GMT), or local time with an offset from\nUTC.\n\n    RHEL 8 utilizes the \"timedatectl\" command to view the status of the\n\"systemd-timesyncd.service\". The \"timedatectl\" status will display the\nlocal time, UTC, and the offset from UTC.\n\n    Note that USNO offers authenticated NTP service to DoD and U.S. Government\nagencies operating on the NIPR and SIPR networks. Visit\nhttps://www.usno.navy.mil/USNO/time/ntp/dod-customers for more information.'\n  desc 'check', 'Verify RHEL 8 is securely comparing internal information system clocks at\nleast every 24 hours with an NTP server with the following commands:\n\n    $ sudo grep maxpoll /etc/chrony.conf\n\n    server 0.us.pool.ntp.mil iburst maxpoll 16\n\n    If the \"maxpoll\" option is set to a number greater than 16 or the line is\ncommented out, this is a finding.\n\n    Verify the \"chrony.conf\" file is configured to an authoritative DoD time\nsource by running the following command:\n\n    $ sudo grep -i server /etc/chrony.conf\n    server 0.us.pool.ntp.mil\n\n    If the parameter \"server\" is not set or is not set to an authoritative\nDoD time source, this is a finding.'\n  desc 'fix', 'Configure the operating system to securely compare internal information\nsystem clocks at least every 24 hours with an NTP server by adding/modifying\nthe following line in the /etc/chrony.conf file.\n\n    server [ntp.server.name] iburst maxpoll 16'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-GPOS-00143'\n  tag satisfies: ['SRG-OS-000355-GPOS-00143', 'SRG-OS-000356-GPOS-00144', 'SRG-OS-000359-GPOS-00146']\n  tag gid: 'V-230484'\n  tag rid: 'SV-230484r877038_rule'\n  tag stig_id: 'RHEL-08-030740'\n  tag fix_id: 'F-33128r568199_fix'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    time_sources = ntp_conf('/etc/chrony.conf').server\n    # Cover case when a single server is defined and resource returns a string and not an array\n    time_sources = [time_sources] if time_sources.is_a? String\n\n    unless time_sources.nil?\n      max_poll_values = time_sources.map { |val|\n        val.match?(/.*maxpoll.*/) ? val.gsub(/.*maxpoll\\s+(\\d+)(\\s+.*|$)/, '\\1').to_i : 10\n      }\n    end\n\n    # Verify the \"chrony.conf\" file is configured to an authoritative DoD time source by running the following command:\n\n    describe ntp_conf('/etc/chrony.conf') do\n      its('server') { should_not be_nil }\n    end\n\n    unless ntp_conf('/etc/chrony.conf').server.nil?\n      if ntp_conf('/etc/chrony.conf').server.is_a? String\n        describe ntp_conf('/etc/chrony.conf') do\n          its('server') { should match input('authoritative_timeserver') }\n        end\n      end\n\n      if ntp_conf('/etc/chrony.conf').server.is_a? Array\n        describe ntp_conf('/etc/chrony.conf') do\n          its('server.join') { should match input('authoritative_timeserver') }\n        end\n      end\n    end\n    # All time sources must contain valid maxpoll entries\n    unless time_sources.nil?\n      describe 'chronyd maxpoll values (99=maxpoll absent)' do\n        subject { max_poll_values }\n        it { should all be < 17 }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230484.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"ntp.conf server is expected not to be nil","run_time":0.000352,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"ntp_conf","resource_params":"[\"/etc/chrony.conf\"]","resource_id":"/etc/chrony.conf"},{"status":"failed","code_desc":"ntp.conf server is expected to match \"0.us.pool.ntp.mil\"","run_time":0.00055,"start_time":"2024-01-09T19:40:55-05:00","message":"expected \"169.254.169.123 prefer iburst minpoll 4 maxpoll 4\" to match \"0.us.pool.ntp.mil\"","resource_class":"ntp_conf","resource_params":"[\"/etc/chrony.conf\"]","resource_id":"/etc/chrony.conf"},{"status":"passed","code_desc":"chronyd maxpoll values (99=maxpoll absent) is expected to all be < 17","run_time":0.004196,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"Object","resource_params":"[]","resource_id":"chronyd maxpoll values (99=maxpoll absent)"}]},{"id":"SV-230485","title":"RHEL 8 must disable the chrony daemon from acting as a server.","desc":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nMinimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.","descriptions":[{"label":"default","data":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nMinimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information."},{"label":"check","data":"Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables the chrony daemon from acting as a server with the following command:\n\n     $ sudo grep -w 'port' /etc/chrony.conf\n     port 0\n\nIf the \"port\" option is not set to \"0\", is commented out or missing, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the chrony daemon from acting as a server by adding or modifying the following line in the \"/etc/chrony.conf\" file:\n\n     port 0"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230485","rid":"SV-230485r928590_rule","stig_id":"RHEL-08-030741","fix_id":"F-33129r928589_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230485' do\n  title 'RHEL 8 must disable the chrony daemon from acting as a server.'\n  desc 'Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nMinimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.'\n  desc 'check', %q(Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables the chrony daemon from acting as a server with the following command:\n\n     $ sudo grep -w 'port' /etc/chrony.conf\n     port 0\n\nIf the \"port\" option is not set to \"0\", is commented out or missing, this is a finding.)\n  desc 'fix', 'Configure the operating system to disable the chrony daemon from acting as a server by adding or modifying the following line in the \"/etc/chrony.conf\" file:\n\n     port 0'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230485'\n  tag rid: 'SV-230485r928590_rule'\n  tag stig_id: 'RHEL-08-030741'\n  tag fix_id: 'F-33129r928589_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  chrony_conf = ntp_conf('/etc/chrony.conf')\n\n  if virtualization.system.eql?('docker') && !file('/etc/chrony.conf').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe chrony_conf do\n      its('port') { should cmp 0 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230485.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"ntp.conf port is expected to cmp == 0","run_time":0.000357,"start_time":"2024-01-09T19:40:55-05:00","message":"\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"ntp_conf","resource_params":"[\"/etc/chrony.conf\"]","resource_id":"/etc/chrony.conf"}]},{"id":"SV-230486","title":"RHEL 8 must disable network management of the chrony daemon.","desc":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nNot exposing the management interface of the chrony daemon on the network diminishes the attack space.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.","descriptions":[{"label":"default","data":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nNot exposing the management interface of the chrony daemon on the network diminishes the attack space.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information."},{"label":"check","data":"Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables network management of the chrony daemon with the following command:\n\n     $ sudo grep -w 'cmdport' /etc/chrony.conf\n     cmdport 0\n\nIf the \"cmdport\" option is not set to \"0\", is commented out or missing, this is a finding."},{"label":"fix","data":"Configure the operating system disable network management of the chrony daemon by adding or modifying the following line in the \"/etc/chrony.conf\" file.\n\n     cmdport 0"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230486","rid":"SV-230486r928593_rule","stig_id":"RHEL-08-030742","fix_id":"F-33130r928592_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230486' do\n  title 'RHEL 8 must disable network management of the chrony daemon.'\n  desc 'Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nNot exposing the management interface of the chrony daemon on the network diminishes the attack space.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.'\n  desc 'check', %q(Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables network management of the chrony daemon with the following command:\n\n     $ sudo grep -w 'cmdport' /etc/chrony.conf\n     cmdport 0\n\nIf the \"cmdport\" option is not set to \"0\", is commented out or missing, this is a finding.)\n  desc 'fix', 'Configure the operating system disable network management of the chrony daemon by adding or modifying the following line in the \"/etc/chrony.conf\" file.\n\n     cmdport 0'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230486'\n  tag rid: 'SV-230486r928593_rule'\n  tag stig_id: 'RHEL-08-030742'\n  tag fix_id: 'F-33130r928592_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker') && !file('/etc/chrony.conf').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe ntp_conf('/etc/chrony.conf') do\n      its('cmdport') { should cmp 0 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230486.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"ntp.conf cmdport is expected to cmp == 0","run_time":0.000302,"start_time":"2024-01-09T19:40:55-05:00","message":"\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"ntp_conf","resource_params":"[\"/etc/chrony.conf\"]","resource_id":"/etc/chrony.conf"}]},{"id":"SV-230487","title":"RHEL 8 must not have the telnet-server package installed.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised."},{"label":"check","data":"Check to see if the telnet-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed telnet-server\n\n    If the telnet-server package is installed, this is a finding."},{"label":"fix","data":"Configure the operating system to disable non-essential capabilities by\nremoving the telnet-server package from the system with the following command:\n\n    $ sudo yum remove telnet-server"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230487","rid":"SV-230487r627750_rule","stig_id":"RHEL-08-040000","fix_id":"F-33131r568208_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230487' do\n  title 'RHEL 8 must not have the telnet-server package installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.'\n  desc 'check', 'Check to see if the telnet-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed telnet-server\n\n    If the telnet-server package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving the telnet-server package from the system with the following command:\n\n    $ sudo yum remove telnet-server'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230487'\n  tag rid: 'SV-230487r627750_rule'\n  tag stig_id: 'RHEL-08-040000'\n  tag fix_id: 'F-33131r568208_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('telnet-server') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230487.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package telnet-server is expected not to be installed","run_time":0.124659,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"package","resource_params":"[\"telnet-server\"]","resource_id":"telnet-server"}]},{"id":"SV-230488","title":"RHEL 8 must not have any automated bug reporting tools installed.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed."},{"label":"check","data":"Check to see if any automated bug reporting packages are installed with the\nfollowing command:\n\n    $ sudo yum list installed abrt*\n\n    If any automated bug reporting package is installed, this is a finding."},{"label":"fix","data":"Configure the operating system to disable non-essential capabilities by\nremoving automated bug reporting packages from the system with the following\ncommand:\n\n    $ sudo yum remove abrt*"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230488","rid":"SV-230488r627750_rule","stig_id":"RHEL-08-040001","fix_id":"F-33132r568211_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230488' do\n  title 'RHEL 8 must not have any automated bug reporting tools installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.'\n  desc 'check', 'Check to see if any automated bug reporting packages are installed with the\nfollowing command:\n\n    $ sudo yum list installed abrt*\n\n    If any automated bug reporting package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving automated bug reporting packages from the system with the following\ncommand:\n\n    $ sudo yum remove abrt*'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230488'\n  tag rid: 'SV-230488r627750_rule'\n  tag stig_id: 'RHEL-08-040001'\n  tag fix_id: 'F-33132r568211_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe packages(/abrt/) do\n    its('statuses') { should_not cmp 'installed' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230488.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Packages /abrt/ statuses is expected not to cmp == \"installed\"","run_time":0.000235,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"packages","resource_params":"[/abrt/]","resource_id":""}]},{"id":"SV-230489","title":"RHEL 8 must not have the sendmail package installed.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed."},{"label":"check","data":"Check to see if the sendmail package is installed with the following\ncommand:\n\n    $ sudo yum list installed sendmail\n\n    If the sendmail package is installed, this is a finding."},{"label":"fix","data":"Configure the operating system to disable non-essential capabilities by\nremoving the sendmail package from the system with the following command:\n\n    $ sudo yum remove sendmail"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230489","rid":"SV-230489r627750_rule","stig_id":"RHEL-08-040002","fix_id":"F-33133r568214_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230489' do\n  title 'RHEL 8 must not have the sendmail package installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.'\n  desc 'check', 'Check to see if the sendmail package is installed with the following\ncommand:\n\n    $ sudo yum list installed sendmail\n\n    If the sendmail package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving the sendmail package from the system with the following command:\n\n    $ sudo yum remove sendmail'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230489'\n  tag rid: 'SV-230489r627750_rule'\n  tag stig_id: 'RHEL-08-040002'\n  tag fix_id: 'F-33133r568214_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('sendmail') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230489.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package sendmail is expected not to be installed","run_time":0.125388,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"package","resource_params":"[\"sendmail\"]","resource_id":"sendmail"}]},{"id":"SV-230491","title":"RHEL 8 must enable mitigations against processor-based\nvulnerabilities.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    Kernel page-table isolation is a kernel feature that mitigates the Meltdown\nsecurity vulnerability and hardens the kernel against attempts to bypass kernel\naddress space layout randomization (KASLR).","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    Kernel page-table isolation is a kernel feature that mitigates the Meltdown\nsecurity vulnerability and hardens the kernel against attempts to bypass kernel\naddress space layout randomization (KASLR)."},{"label":"check","data":"Verify RHEL 8 enables kernel page-table isolation with the following commands:\n\n$ sudo grub2-editenv list | grep pti\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 pti=on boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"pti\" entry does not equal \"on\", is missing, or the line is commented out, this is a finding.\n\nCheck that kernel page-table isolation is enabled by default to persist in kernel updates:\n\n$ sudo grep pti /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"pti=on\"\n\nIf \"pti\" is not set to \"on\", is missing or commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to enable kernel page-table isolation with the following\ncommand:\n\n    $ sudo grubby --update-kernel=ALL --args=\"pti=on\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"pti=on\""}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230491","rid":"SV-230491r818842_rule","stig_id":"RHEL-08-040004","fix_id":"F-33135r568220_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230491' do\n  title 'RHEL 8 must enable mitigations against processor-based\nvulnerabilities.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    Kernel page-table isolation is a kernel feature that mitigates the Meltdown\nsecurity vulnerability and hardens the kernel against attempts to bypass kernel\naddress space layout randomization (KASLR).'\n  desc 'check', 'Verify RHEL 8 enables kernel page-table isolation with the following commands:\n\n$ sudo grub2-editenv list | grep pti\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 pti=on boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"pti\" entry does not equal \"on\", is missing, or the line is commented out, this is a finding.\n\nCheck that kernel page-table isolation is enabled by default to persist in kernel updates:\n\n$ sudo grep pti /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"pti=on\"\n\nIf \"pti\" is not set to \"on\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable kernel page-table isolation with the following\ncommand:\n\n    $ sudo grubby --update-kernel=ALL --args=\"pti=on\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"pti=on\"'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230491'\n  tag rid: 'SV-230491r818842_rule'\n  tag stig_id: 'RHEL-08-040004'\n  tag fix_id: 'F-33135r568220_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/pti=on/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/pti=on/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230491.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config  kernelopts is expected to match /pti=on/","run_time":0.004055,"start_time":"2024-01-09T19:40:55-05:00","message":"expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /pti=on/","resource_class":"parse_config","resource_params":"[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]","resource_id":"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"},{"status":"failed","code_desc":"Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /pti=on/","run_time":0.001833,"start_time":"2024-01-09T19:40:55-05:00","message":"expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /pti=on/","resource_class":"parse_config_file","resource_params":"[\"/etc/default/grub\"]","resource_id":"/etc/default/grub"}]},{"id":"SV-230492","title":"RHEL 8 must not have the rsh-server package installed.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised."},{"label":"check","data":"Check to see if the rsh-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed rsh-server\n\n    If the rsh-server package is installed, this is a finding."},{"label":"fix","data":"Configure the operating system to disable non-essential capabilities by\nremoving the rsh-server package from the system with the following command:\n\n    $ sudo yum remove rsh-server"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000095-GPOS-00049","satisfies":["SRG-OS-000095-GPOS-00049","SRG-OS-000074-GPOS-00042"],"gid":"V-230492","rid":"SV-230492r627750_rule","stig_id":"RHEL-08-040010","fix_id":"F-33136r568223_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230492' do\n  title 'RHEL 8 must not have the rsh-server package installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.'\n  desc 'check', 'Check to see if the rsh-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed rsh-server\n\n    If the rsh-server package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving the rsh-server package from the system with the following command:\n\n    $ sudo yum remove rsh-server'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag satisfies: ['SRG-OS-000095-GPOS-00049', 'SRG-OS-000074-GPOS-00042']\n  tag gid: 'V-230492'\n  tag rid: 'SV-230492r627750_rule'\n  tag stig_id: 'RHEL-08-040010'\n  tag fix_id: 'F-33136r568223_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('rsh-server') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230492.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package rsh-server is expected not to be installed","run_time":0.213471,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"package","resource_params":"[\"rsh-server\"]","resource_id":"rsh-server"}]},{"id":"SV-230493","title":"RHEL 8 must cover or disable the built-in or attached camera when not\nin use.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect from collaborative computing devices (i.e., cameras)\ncan result in subsequent compromises of organizational information. Providing\neasy methods to physically disconnect from such devices after a collaborative\ncomputing session helps to ensure participants actually carry out the\ndisconnect activity without having to go through complex and tedious procedures.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect from collaborative computing devices (i.e., cameras)\ncan result in subsequent compromises of organizational information. Providing\neasy methods to physically disconnect from such devices after a collaborative\ncomputing session helps to ensure participants actually carry out the\ndisconnect activity without having to go through complex and tedious procedures."},{"label":"check","data":"If the device or operating system does not have a camera installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of the camera is a local AO decision.\n\nThis requirement is not applicable to dedicated VTC suites located in approved VTC locations that are centrally managed.\n\nFor an external camera, if there is not a method for the operator to manually disconnect the camera at the end of collaborative computing sessions, this is a finding.\n\nFor a built-in camera, the camera must be protected by a camera cover (e.g., laptop camera cover slide) when not in use. If the built-in camera is not protected with a camera cover, or is not physically disabled, this is a finding.\n\nIf the camera is not disconnected, covered, or physically disabled, determine if it is being disabled via software with the following commands:\n\nVerify the operating system disables the ability to load the uvcvideo kernel module.\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall uvcvideo /bin/true\n\nIf the command does not return any output, or the line is commented out, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the camera is disabled via blacklist with the following command:\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist uvcvideo\n\nIf the command does not return any output or the output is not \"blacklist uvcvideo\", and the collaborative computing device has not been authorized for use, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the built-in or attached camera when not in use.\n\nBuild or modify the \"/etc/modprobe.d/blacklist.conf\" file by using the following example:\n\ninstall uvcvideo /bin/true\nblacklist uvcvideo\n\nReboot the system for the settings to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-GPOS-00049","satisfies":["SRG-OS-000095-GPOS-00049","SRG-OS-000370-GPOS-00155"],"gid":"V-230493","rid":"SV-230493r809316_rule","stig_id":"RHEL-08-040020","fix_id":"F-33137r809315_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230493' do\n  title 'RHEL 8 must cover or disable the built-in or attached camera when not\nin use.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect from collaborative computing devices (i.e., cameras)\ncan result in subsequent compromises of organizational information. Providing\neasy methods to physically disconnect from such devices after a collaborative\ncomputing session helps to ensure participants actually carry out the\ndisconnect activity without having to go through complex and tedious procedures.'\n  desc 'check', 'If the device or operating system does not have a camera installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of the camera is a local AO decision.\n\nThis requirement is not applicable to dedicated VTC suites located in approved VTC locations that are centrally managed.\n\nFor an external camera, if there is not a method for the operator to manually disconnect the camera at the end of collaborative computing sessions, this is a finding.\n\nFor a built-in camera, the camera must be protected by a camera cover (e.g., laptop camera cover slide) when not in use. If the built-in camera is not protected with a camera cover, or is not physically disabled, this is a finding.\n\nIf the camera is not disconnected, covered, or physically disabled, determine if it is being disabled via software with the following commands:\n\nVerify the operating system disables the ability to load the uvcvideo kernel module.\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall uvcvideo /bin/true\n\nIf the command does not return any output, or the line is commented out, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the camera is disabled via blacklist with the following command:\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist uvcvideo\n\nIf the command does not return any output or the output is not \"blacklist uvcvideo\", and the collaborative computing device has not been authorized for use, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the built-in or attached camera when not in use.\n\nBuild or modify the \"/etc/modprobe.d/blacklist.conf\" file by using the following example:\n\ninstall uvcvideo /bin/true\nblacklist uvcvideo\n\nReboot the system for the settings to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag satisfies: ['SRG-OS-000095-GPOS-00049', 'SRG-OS-000370-GPOS-00155']\n  tag gid: 'V-230493'\n  tag rid: 'SV-230493r809316_rule'\n  tag stig_id: 'RHEL-08-040020'\n  tag fix_id: 'F-33137r809315_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('camera_installed')\n    describe kernel_module('uvcvideo') do\n      it { should_not be_loaded }\n      it { should be_blacklisted }\n    end\n  else\n    impact 0.0\n    describe 'Device or operating system does not have a camera installed' do\n      skip 'Device or operating system does not have a camera installed, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230493.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Module uvcvideo is expected not to be loaded","run_time":0.121619,"start_time":"2024-01-09T19:40:55-05:00","resource_class":"kernel_module","resource_params":"[\"uvcvideo\"]","resource_id":"uvcvideo"},{"status":"failed","code_desc":"Kernel Module uvcvideo is expected to be blacklisted","run_time":1.070168,"start_time":"2024-01-09T19:40:55-05:00","message":"expected `Kernel Module uvcvideo.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"uvcvideo\"]","resource_id":"uvcvideo"}]},{"id":"SV-230494","title":"RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Asynchronous Transfer Mode (ATM) is a protocol operating on network,\ndata link, and physical layers, based on virtual circuits and virtual paths.\nDisabling ATM protects the system against exploitation of any laws in its\nimplementation.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Asynchronous Transfer Mode (ATM) is a protocol operating on network,\ndata link, and physical layers, based on virtual circuits and virtual paths.\nDisabling ATM protects the system against exploitation of any laws in its\nimplementation."},{"label":"check","data":"Verify the operating system disables the ability to load the ATM protocol kernel module.\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall atm /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the ATM protocol.\n\nCheck to see if the ATM protocol is disabled with the following command:\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist atm\n\nIf the command does not return any output or the output is not \"blacklist atm\", and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the ATM protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall atm /bin/true\nblacklist atm\n\nReboot the system for the settings to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230494","rid":"SV-230494r792911_rule","stig_id":"RHEL-08-040021","fix_id":"F-33138r792910_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230494' do\n  title 'RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Asynchronous Transfer Mode (ATM) is a protocol operating on network,\ndata link, and physical layers, based on virtual circuits and virtual paths.\nDisabling ATM protects the system against exploitation of any laws in its\nimplementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the ATM protocol kernel module.\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall atm /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the ATM protocol.\n\nCheck to see if the ATM protocol is disabled with the following command:\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist atm\n\nIf the command does not return any output or the output is not \"blacklist atm\", and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the ATM protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall atm /bin/true\nblacklist atm\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230494'\n  tag rid: 'SV-230494r792911_rule'\n  tag stig_id: 'RHEL-08-040021'\n  tag fix_id: 'F-33138r792910_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('atm') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230494.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module atm is expected to be disabled","run_time":0.003304,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module atm.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"atm\"]","resource_id":"atm"},{"status":"failed","code_desc":"Kernel Module atm is expected to be blacklisted","run_time":0.004042,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module atm.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"atm\"]","resource_id":"atm"}]},{"id":"SV-230495","title":"RHEL 8 must disable the controller area network (CAN) protocol.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Controller Area Network (CAN) is a serial communications protocol,\nwhich was initially developed for automotive and is now also used in marine,\nindustrial, and medical applications. Disabling CAN protects the system against\nexploitation of any flaws in its implementation.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Controller Area Network (CAN) is a serial communications protocol,\nwhich was initially developed for automotive and is now also used in marine,\nindustrial, and medical applications. Disabling CAN protects the system against\nexploitation of any flaws in its implementation."},{"label":"check","data":"Verify the operating system disables the ability to load the CAN protocol kernel module.\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall can /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the CAN protocol.\n\nCheck to see if the CAN protocol is disabled with the following command:\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist can\n\nIf the command does not return any output or the output is not \"blacklist can\", and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the CAN protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall can /bin/true\nblacklist can\n\nReboot the system for the settings to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230495","rid":"SV-230495r792914_rule","stig_id":"RHEL-08-040022","fix_id":"F-33139r792913_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230495' do\n  title 'RHEL 8 must disable the controller area network (CAN) protocol.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Controller Area Network (CAN) is a serial communications protocol,\nwhich was initially developed for automotive and is now also used in marine,\nindustrial, and medical applications. Disabling CAN protects the system against\nexploitation of any flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the CAN protocol kernel module.\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall can /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the CAN protocol.\n\nCheck to see if the CAN protocol is disabled with the following command:\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist can\n\nIf the command does not return any output or the output is not \"blacklist can\", and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the CAN protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall can /bin/true\nblacklist can\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230495'\n  tag rid: 'SV-230495r792914_rule'\n  tag stig_id: 'RHEL-08-040022'\n  tag fix_id: 'F-33139r792913_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('can') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230495.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module can is expected to be disabled","run_time":0.002773,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module can.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"can\"]","resource_id":"can"},{"status":"failed","code_desc":"Kernel Module can is expected to be blacklisted","run_time":0.003998,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module can.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"can\"]","resource_id":"can"}]},{"id":"SV-230496","title":"RHEL 8 must disable the stream control transmission protocol (SCTP).","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Stream Control Transmission Protocol (SCTP) is a transport layer\nprotocol, designed to support the idea of message-oriented communication, with\nseveral streams of messages within one connection. Disabling SCTP protects the\nsystem against exploitation of any flaws in its implementation.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Stream Control Transmission Protocol (SCTP) is a transport layer\nprotocol, designed to support the idea of message-oriented communication, with\nseveral streams of messages within one connection. Disabling SCTP protects the\nsystem against exploitation of any flaws in its implementation."},{"label":"check","data":"Verify the operating system disables the ability to load the SCTP kernel module.\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall sctp /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the SCTP.\n\nCheck to see if the SCTP is disabled with the following command:\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist sctp\n\nIf the command does not return any output or the output is not \"blacklist sctp\", and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the SCTP kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall sctp /bin/true\nblacklist sctp\n\nReboot the system for the settings to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230496","rid":"SV-230496r792917_rule","stig_id":"RHEL-08-040023","fix_id":"F-33140r792916_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230496' do\n  title 'RHEL 8 must disable the stream control transmission protocol (SCTP).'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Stream Control Transmission Protocol (SCTP) is a transport layer\nprotocol, designed to support the idea of message-oriented communication, with\nseveral streams of messages within one connection. Disabling SCTP protects the\nsystem against exploitation of any flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the SCTP kernel module.\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall sctp /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the SCTP.\n\nCheck to see if the SCTP is disabled with the following command:\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist sctp\n\nIf the command does not return any output or the output is not \"blacklist sctp\", and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the SCTP kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall sctp /bin/true\nblacklist sctp\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230496'\n  tag rid: 'SV-230496r792917_rule'\n  tag stig_id: 'RHEL-08-040023'\n  tag fix_id: 'F-33140r792916_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('sctp') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230496.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module sctp is expected to be disabled","run_time":0.0028,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module sctp.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"sctp\"]","resource_id":"sctp"},{"status":"failed","code_desc":"Kernel Module sctp is expected to be blacklisted","run_time":0.003977,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module sctp.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"sctp\"]","resource_id":"sctp"}]},{"id":"SV-230497","title":"RHEL 8 must disable the transparent inter-process communication (TIPC)\nprotocol.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Transparent Inter-Process Communication (TIPC) protocol is designed to\nprovide communications between nodes in a cluster. Disabling TIPC protects the\nsystem against exploitation of any flaws in its implementation.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Transparent Inter-Process Communication (TIPC) protocol is designed to\nprovide communications between nodes in a cluster. Disabling TIPC protects the\nsystem against exploitation of any flaws in its implementation."},{"label":"check","data":"Verify the operating system disables the ability to load the TIPC protocol kernel module.\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall tipc /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the TIPC protocol.\n\nCheck to see if the TIPC protocol is disabled with the following command:\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist tipc\n\nIf the command does not return any output or the output is not \"blacklist tipc\", and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the TIPC protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall tipc /bin/true\nblacklist tipc\n\nReboot the system for the settings to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230497","rid":"SV-230497r792920_rule","stig_id":"RHEL-08-040024","fix_id":"F-33141r792919_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230497' do\n  title 'RHEL 8 must disable the transparent inter-process communication (TIPC)\nprotocol.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Transparent Inter-Process Communication (TIPC) protocol is designed to\nprovide communications between nodes in a cluster. Disabling TIPC protects the\nsystem against exploitation of any flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the TIPC protocol kernel module.\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall tipc /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the TIPC protocol.\n\nCheck to see if the TIPC protocol is disabled with the following command:\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist tipc\n\nIf the command does not return any output or the output is not \"blacklist tipc\", and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the TIPC protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall tipc /bin/true\nblacklist tipc\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230497'\n  tag rid: 'SV-230497r792920_rule'\n  tag stig_id: 'RHEL-08-040024'\n  tag fix_id: 'F-33141r792919_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('tipc') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230497.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module tipc is expected to be disabled","run_time":0.002765,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module tipc.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"tipc\"]","resource_id":"tipc"},{"status":"failed","code_desc":"Kernel Module tipc is expected to be blacklisted","run_time":0.004032,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module tipc.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"tipc\"]","resource_id":"tipc"}]},{"id":"SV-230498","title":"RHEL 8 must disable mounting of cramfs.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Removing support for unneeded filesystem types reduces the local attack\nsurface of the server.\n\n    Compressed ROM/RAM file system (or cramfs) is a read-only file system\ndesigned for simplicity and space-efficiency.  It is mainly used in embedded\nand small-footprint systems.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Removing support for unneeded filesystem types reduces the local attack\nsurface of the server.\n\n    Compressed ROM/RAM file system (or cramfs) is a read-only file system\ndesigned for simplicity and space-efficiency.  It is mainly used in embedded\nand small-footprint systems."},{"label":"check","data":"Verify the operating system disables the ability to load the cramfs kernel module.\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall cramfs /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the cramfs protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the cramfs kernel module.\n\nCheck to see if the cramfs kernel module is disabled with the following command:\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist cramfs\n\nIf the command does not return any output or the output is not \"blacklist cramfs\", and use of the cramfs kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the cramfs\nkernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install cramfs /bin/true\n    blacklist cramfs\n\n    Reboot the system for the settings to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230498","rid":"SV-230498r792922_rule","stig_id":"RHEL-08-040025","fix_id":"F-33142r568241_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230498' do\n  title 'RHEL 8 must disable mounting of cramfs.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Removing support for unneeded filesystem types reduces the local attack\nsurface of the server.\n\n    Compressed ROM/RAM file system (or cramfs) is a read-only file system\ndesigned for simplicity and space-efficiency.  It is mainly used in embedded\nand small-footprint systems.'\n  desc 'check', 'Verify the operating system disables the ability to load the cramfs kernel module.\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall cramfs /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the cramfs protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the cramfs kernel module.\n\nCheck to see if the cramfs kernel module is disabled with the following command:\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist cramfs\n\nIf the command does not return any output or the output is not \"blacklist cramfs\", and use of the cramfs kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the cramfs\nkernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install cramfs /bin/true\n    blacklist cramfs\n\n    Reboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230498'\n  tag rid: 'SV-230498r792922_rule'\n  tag stig_id: 'RHEL-08-040025'\n  tag fix_id: 'F-33142r568241_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('cramfs') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230498.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module cramfs is expected to be disabled","run_time":0.002735,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module cramfs.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"cramfs\"]","resource_id":"cramfs"},{"status":"failed","code_desc":"Kernel Module cramfs is expected to be blacklisted","run_time":0.004046,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module cramfs.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"cramfs\"]","resource_id":"cramfs"}]},{"id":"SV-230499","title":"RHEL 8 must disable IEEE 1394 (FireWire) Support.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time\ncommunication. Disabling FireWire protects the system against exploitation of\nany flaws in its implementation.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time\ncommunication. Disabling FireWire protects the system against exploitation of\nany flaws in its implementation."},{"label":"check","data":"Verify the operating system disables the ability to load the firewire-core kernel module.\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall firewire-core /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the firewire-core protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the firewire-core kernel module.\n\nCheck to see if the firewire-core kernel module is disabled with the following command:\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist firewire-core\n\nIf the command does not return any output or the output is not \"blacklist firewire-core\", and use of the firewire-core kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the\nfirewire-core kernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install firewire-core /bin/true\n    blacklist firewire-core\n\n    Reboot the system for the settings to take effect."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000095-GPOS-00049","gid":"V-230499","rid":"SV-230499r792924_rule","stig_id":"RHEL-08-040026","fix_id":"F-33143r568244_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230499' do\n  title 'RHEL 8 must disable IEEE 1394 (FireWire) Support.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time\ncommunication. Disabling FireWire protects the system against exploitation of\nany flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the firewire-core kernel module.\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall firewire-core /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the firewire-core protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the firewire-core kernel module.\n\nCheck to see if the firewire-core kernel module is disabled with the following command:\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist firewire-core\n\nIf the command does not return any output or the output is not \"blacklist firewire-core\", and use of the firewire-core kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the\nfirewire-core kernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install firewire-core /bin/true\n    blacklist firewire-core\n\n    Reboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230499'\n  tag rid: 'SV-230499r792924_rule'\n  tag stig_id: 'RHEL-08-040026'\n  tag fix_id: 'F-33143r568244_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('firewire_core') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230499.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module firewire_core is expected to be disabled","run_time":0.002745,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module firewire_core.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"firewire_core\"]","resource_id":"firewire_core"},{"status":"failed","code_desc":"Kernel Module firewire_core is expected to be blacklisted","run_time":0.004021,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module firewire_core.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"firewire_core\"]","resource_id":"firewire_core"}]},{"id":"SV-230500","title":"RHEL 8 must be configured to prohibit or restrict the use of\nfunctions, ports, protocols, and/or services, as defined in the Ports,\nProtocols, and Services Management (PPSM) Category Assignments List (CAL) and\nvulnerability assessments.","desc":"To prevent unauthorized connection of devices, unauthorized transfer\nof information, or unauthorized tunneling (i.e., embedding of data types within\ndata types), organizations must disable or restrict unused or unnecessary\nphysical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality-of-life issues.","descriptions":[{"label":"default","data":"To prevent unauthorized connection of devices, unauthorized transfer\nof information, or unauthorized tunneling (i.e., embedding of data types within\ndata types), organizations must disable or restrict unused or unnecessary\nphysical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality-of-life issues."},{"label":"check","data":"Inspect the firewall configuration and running services to verify it is\nconfigured to prohibit or restrict the use of functions, ports, protocols,\nand/or services that are unnecessary or prohibited.\n\n    Check which services are currently active with the following command:\n\n    $ sudo firewall-cmd --list-all-zones\n\n    custom (active)\n    target: DROP\n    icmp-block-inversion: no\n    interfaces: ens33\n    sources:\n    services: dhcpv6-client dns http https ldaps rpc-bind ssh\n    ports:\n    masquerade: no\n    forward-ports:\n    icmp-blocks:\n    rich rules:\n\n    Ask the System Administrator for the site or program Ports, Protocols, and\nServices Management Component Local Service Assessment (PPSM CLSA). Verify the\nservices allowed by the firewall match the PPSM CLSA.\n\n    If there are additional ports, protocols, or services that are not in the\nPPSM CLSA, or there are ports, protocols, or services that are prohibited by\nthe PPSM Category Assurance List (CAL), this is a finding."},{"label":"fix","data":"Update the host's firewall settings and/or running services to\ncomply with the PPSM Component Local Service Assessment (CLSA) for the site or\nprogram and the PPSM CAL."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000096-GPOS-00050","gid":"V-230500","rid":"SV-230500r627750_rule","stig_id":"RHEL-08-040030","fix_id":"F-33144r568247_fix","cci":["CCI-000382"],"nist":["CM-7 b"]},"code":"control 'SV-230500' do\n  title 'RHEL 8 must be configured to prohibit or restrict the use of\nfunctions, ports, protocols, and/or services, as defined in the Ports,\nProtocols, and Services Management (PPSM) Category Assignments List (CAL) and\nvulnerability assessments.'\n  desc 'To prevent unauthorized connection of devices, unauthorized transfer\nof information, or unauthorized tunneling (i.e., embedding of data types within\ndata types), organizations must disable or restrict unused or unnecessary\nphysical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality-of-life issues.'\n  desc 'check', 'Inspect the firewall configuration and running services to verify it is\nconfigured to prohibit or restrict the use of functions, ports, protocols,\nand/or services that are unnecessary or prohibited.\n\n    Check which services are currently active with the following command:\n\n    $ sudo firewall-cmd --list-all-zones\n\n    custom (active)\n    target: DROP\n    icmp-block-inversion: no\n    interfaces: ens33\n    sources:\n    services: dhcpv6-client dns http https ldaps rpc-bind ssh\n    ports:\n    masquerade: no\n    forward-ports:\n    icmp-blocks:\n    rich rules:\n\n    Ask the System Administrator for the site or program Ports, Protocols, and\nServices Management Component Local Service Assessment (PPSM CLSA). Verify the\nservices allowed by the firewall match the PPSM CLSA.\n\n    If there are additional ports, protocols, or services that are not in the\nPPSM CLSA, or there are ports, protocols, or services that are prohibited by\nthe PPSM Category Assurance List (CAL), this is a finding.'\n  desc 'fix', \"Update the host's firewall settings and/or running services to\ncomply with the PPSM Component Local Service Assessment (CLSA) for the site or\nprogram and the PPSM CAL.\"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000096-GPOS-00050'\n  tag gid: 'V-230500'\n  tag rid: 'SV-230500r627750_rule'\n  tag stig_id: 'RHEL-08-040030'\n  tag fix_id: 'F-33144r568247_fix'\n  tag cci: ['CCI-000382']\n  tag nist: ['CM-7 b']\n\n  firewalld_properties = input('firewalld_properties')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe firewalld do\n      it { should be_running }\n      its('default_zone') { should eq firewalld_properties['default_zone'] }\n    end\n    describe firewalld.where { zone == firewalld_properties['default_zone'] } do\n      its('ports') { should cmp [firewalld_properties['ports']] }\n      its('protocols') { should cmp [firewalld_properties['protocols']] }\n      its('services') { should cmp [firewalld_properties['services']] }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230500.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Firewall Rules is expected to be running","run_time":0.476668,"start_time":"2024-01-09T19:40:57-05:00","message":"expected that `Firewall Rules` is running","resource_class":"firewalld","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Firewall Rules default_zone is expected to eq \"public\"","run_time":0.401197,"start_time":"2024-01-09T19:40:57-05:00","message":"\nexpected: \"public\"\n     got: \"Error on command firewall-cmd --get-default-zone: FirewallD is not running\\n\"\n\n(compared using ==)","resource_class":"firewalld","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Firewall Rules with zone == \"public\" ports is expected to cmp == [[]]","run_time":0.000456,"start_time":"2024-01-09T19:40:57-05:00","message":"\nexpected: [[]]\n     got: []\n\n(compared using `cmp` matcher)\n","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Firewall Rules with zone == \"public\" protocols is expected to cmp == [[]]","run_time":0.000261,"start_time":"2024-01-09T19:40:57-05:00","message":"\nexpected: [[]]\n     got: []\n\n(compared using `cmp` matcher)\n","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Firewall Rules with zone == \"public\" services is expected to cmp == [[\"cockpit\", \"dhcpv6-client\", \"ssh\"]]","run_time":0.000251,"start_time":"2024-01-09T19:40:57-05:00","message":"\nexpected: [[\"cockpit\", \"dhcpv6-client\", \"ssh\"]]\n     got: []\n\n(compared using `cmp` matcher)\n","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230502","title":"The RHEL 8 file system automounter must be disabled unless required.","desc":"Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity.","descriptions":[{"label":"default","data":"Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity."},{"label":"check","data":"Verify the operating system disables the ability to automount devices.\n\n    Check to see if automounter service is active with the following command:\n\n    Note: If the autofs service is not installed, this requirement is not\napplicable.\n\n    $ sudo systemctl status autofs\n\n    autofs.service - Automounts filesystems on demand\n    Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)\n    Active: inactive (dead)\n\n    If the \"autofs\" status is set to \"active\" and is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement,\nthis is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to automount devices.\n\n    Turn off the automount service with the following commands:\n\n    $ sudo systemctl stop autofs\n    $ sudo systemctl disable autofs\n\n    If \"autofs\" is required for Network File System (NFS), it must be\ndocumented with the ISSO."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000114-GPOS-00059","gid":"V-230502","rid":"SV-230502r627750_rule","stig_id":"RHEL-08-040070","fix_id":"F-33146r568253_fix","cci":["CCI-000778"],"nist":["IA-3"]},"code":"control 'SV-230502' do\n  title 'The RHEL 8 file system automounter must be disabled unless required.'\n  desc 'Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity.'\n  desc 'check', 'Verify the operating system disables the ability to automount devices.\n\n    Check to see if automounter service is active with the following command:\n\n    Note: If the autofs service is not installed, this requirement is not\napplicable.\n\n    $ sudo systemctl status autofs\n\n    autofs.service - Automounts filesystems on demand\n    Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)\n    Active: inactive (dead)\n\n    If the \"autofs\" status is set to \"active\" and is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to automount devices.\n\n    Turn off the automount service with the following commands:\n\n    $ sudo systemctl stop autofs\n    $ sudo systemctl disable autofs\n\n    If \"autofs\" is required for Network File System (NFS), it must be\ndocumented with the ISSO.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000114-GPOS-00059'\n  tag gid: 'V-230502'\n  tag rid: 'SV-230502r627750_rule'\n  tag stig_id: 'RHEL-08-040070'\n  tag fix_id: 'F-33146r568253_fix'\n  tag cci: ['CCI-000778']\n  tag nist: ['IA-3']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('autofs').installed?\n    describe systemd_service('autofs.service') do\n      it { should_not be_running }\n      it { should_not be_enabled }\n      it { should_not be_installed }\n    end\n  else\n    impact 0.0\n    describe 'The autofs service is not installed' do\n      skip 'The autofs service is not installed, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230502.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The autofs service is not installed","run_time":1.5e-05,"start_time":"2024-01-09T19:40:57-05:00","resource":"","skip_message":"The autofs service is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The autofs service is not installed"}]},{"id":"SV-230503","title":"RHEL 8 must be configured to disable USB mass storage.","desc":"USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity.","descriptions":[{"label":"default","data":"USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity."},{"label":"check","data":"Verify the operating system disables the ability to load the USB Storage kernel module.\n\n$ sudo grep -r usb-storage /etc/modprobe.d/* | grep -i \"/bin/true\"\n\ninstall usb-storage /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of USB Storage is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use USB mass storage devices.\n\nCheck to see if USB mass storage is disabled with the following command:\n\n$ sudo grep usb-storage /etc/modprobe.d/* | grep -i \"blacklist\"\n\nblacklist usb-storage\n\nIf the command does not return any output or the output is not \"blacklist usb-storage\" and use of USB storage devices is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the ability to use the USB Storage kernel module and the ability to use USB mass storage devices.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall usb-storage /bin/true\nblacklist usb-storage\n\nReboot the system for the settings to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000114-GPOS-00059","satisfies":["SRG-OS-000114-GPOS-00059","SRG-OS-000378-GPOS-00163"],"gid":"V-230503","rid":"SV-230503r809319_rule","stig_id":"RHEL-08-040080","fix_id":"F-33147r809318_fix","cci":["CCI-000778"],"nist":["IA-3"]},"code":"control 'SV-230503' do\n  title 'RHEL 8 must be configured to disable USB mass storage.'\n  desc 'USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity.'\n  desc 'check', 'Verify the operating system disables the ability to load the USB Storage kernel module.\n\n$ sudo grep -r usb-storage /etc/modprobe.d/* | grep -i \"/bin/true\"\n\ninstall usb-storage /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of USB Storage is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use USB mass storage devices.\n\nCheck to see if USB mass storage is disabled with the following command:\n\n$ sudo grep usb-storage /etc/modprobe.d/* | grep -i \"blacklist\"\n\nblacklist usb-storage\n\nIf the command does not return any output or the output is not \"blacklist usb-storage\" and use of USB storage devices is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the USB Storage kernel module and the ability to use USB mass storage devices.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall usb-storage /bin/true\nblacklist usb-storage\n\nReboot the system for the settings to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000114-GPOS-00059'\n  tag satisfies: ['SRG-OS-000114-GPOS-00059', 'SRG-OS-000378-GPOS-00163']\n  tag gid: 'V-230503'\n  tag rid: 'SV-230503r809319_rule'\n  tag stig_id: 'RHEL-08-040080'\n  tag fix_id: 'F-33147r809318_fix'\n  tag cci: ['CCI-000778']\n  tag nist: ['IA-3']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('usb_storage') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230503.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module usb_storage is expected to be disabled","run_time":0.008701,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module usb_storage.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"usb_storage\"]","resource_id":"usb_storage"},{"status":"failed","code_desc":"Kernel Module usb_storage is expected to be blacklisted","run_time":0.008052,"start_time":"2024-01-09T19:40:57-05:00","message":"expected `Kernel Module usb_storage.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"usb_storage\"]","resource_id":"usb_storage"}]},{"id":"SV-230504","title":"A RHEL 8 firewall must employ a deny-all, allow-by-exception policy\nfor allowing connections to other systems.","desc":"Failure to restrict network connectivity only to authorized systems\npermits inbound connections from malicious systems. It also permits outbound\nconnections that may facilitate exfiltration of DoD data.\n\n    RHEL 8 incorporates the \"firewalld\" daemon, which allows for many\ndifferent configurations. One of these configurations is zones. Zones can be\nutilized to a deny-all, allow-by-exception approach. The default \"drop\" zone\nwill drop all incoming network packets unless it is explicitly allowed by the\nconfiguration file or is related to an outgoing network connection.","descriptions":[{"label":"default","data":"Failure to restrict network connectivity only to authorized systems\npermits inbound connections from malicious systems. It also permits outbound\nconnections that may facilitate exfiltration of DoD data.\n\n    RHEL 8 incorporates the \"firewalld\" daemon, which allows for many\ndifferent configurations. One of these configurations is zones. Zones can be\nutilized to a deny-all, allow-by-exception approach. The default \"drop\" zone\nwill drop all incoming network packets unless it is explicitly allowed by the\nconfiguration file or is related to an outgoing network connection."},{"label":"check","data":"Verify \"firewalld\" is configured to employ a deny-all, allow-by-exception\npolicy for allowing connections to other systems with the following commands:\n\n    $ sudo  firewall-cmd --state\n\n    running\n\n    $ sudo firewall-cmd --get-active-zones\n\n    [custom]\n       interfaces: ens33\n\n    $ sudo firewall-cmd --info-zone=[custom] | grep target\n\n       target: DROP\n\n    If no zones are active on the RHEL 8 interfaces or if the target is set to\na different option other than \"DROP\", this is a finding."},{"label":"fix","data":"Configure the \"firewalld\" daemon to employ a deny-all, allow-by-exception with the following commands:\n\n$ sudo firewall-cmd --permanent --new-zone=[custom]\n\n$ sudo cp /usr/lib/firewalld/zones/drop.xml /etc/firewalld/zones/[custom].xml\n\nThis will provide a clean configuration file to work with that employs a deny-all approach. Note: Add the exceptions that are required for mission functionality and update the short title in the xml file to match the [custom] zone name.\n\nReload the firewall rules to make the new [custom] zone available to load:\n$ sudo firewall-cmd --reload\n\nSet the default zone to the new [custom] zone:\n$ sudo firewall-cmd --set-default-zone=[custom]\n\nNote: This is a runtime and permanent change.\nAdd any interfaces to the new [custom] zone:\n$ sudo firewall-cmd --permanent --zone=[custom] --change-interface=ens33\n\nReload the firewall rules for changes to take effect:\n$ sudo firewall-cmd --reload"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000297-GPOS-00115","gid":"V-230504","rid":"SV-230504r854047_rule","stig_id":"RHEL-08-040090","fix_id":"F-33148r809320_fix","cci":["CCI-002314"],"legacy":[],"nist":["AC-17 (1)"]},"code":"control 'SV-230504' do\n  title 'A RHEL 8 firewall must employ a deny-all, allow-by-exception policy\nfor allowing connections to other systems.'\n  desc 'Failure to restrict network connectivity only to authorized systems\npermits inbound connections from malicious systems. It also permits outbound\nconnections that may facilitate exfiltration of DoD data.\n\n    RHEL 8 incorporates the \"firewalld\" daemon, which allows for many\ndifferent configurations. One of these configurations is zones. Zones can be\nutilized to a deny-all, allow-by-exception approach. The default \"drop\" zone\nwill drop all incoming network packets unless it is explicitly allowed by the\nconfiguration file or is related to an outgoing network connection.'\n  desc 'check', 'Verify \"firewalld\" is configured to employ a deny-all, allow-by-exception\npolicy for allowing connections to other systems with the following commands:\n\n    $ sudo  firewall-cmd --state\n\n    running\n\n    $ sudo firewall-cmd --get-active-zones\n\n    [custom]\n       interfaces: ens33\n\n    $ sudo firewall-cmd --info-zone=[custom] | grep target\n\n       target: DROP\n\n    If no zones are active on the RHEL 8 interfaces or if the target is set to\na different option other than \"DROP\", this is a finding.'\n  desc 'fix', 'Configure the \"firewalld\" daemon to employ a deny-all, allow-by-exception with the following commands:\n\n$ sudo firewall-cmd --permanent --new-zone=[custom]\n\n$ sudo cp /usr/lib/firewalld/zones/drop.xml /etc/firewalld/zones/[custom].xml\n\nThis will provide a clean configuration file to work with that employs a deny-all approach. Note: Add the exceptions that are required for mission functionality and update the short title in the xml file to match the [custom] zone name.\n\nReload the firewall rules to make the new [custom] zone available to load:\n$ sudo firewall-cmd --reload\n\nSet the default zone to the new [custom] zone:\n$ sudo firewall-cmd --set-default-zone=[custom]\n\nNote: This is a runtime and permanent change.\nAdd any interfaces to the new [custom] zone:\n$ sudo firewall-cmd --permanent --zone=[custom] --change-interface=ens33\n\nReload the firewall rules for changes to take effect:\n$ sudo firewall-cmd --reload'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000297-GPOS-00115'\n  tag gid: 'V-230504'\n  tag rid: 'SV-230504r854047_rule'\n  tag stig_id: 'RHEL-08-040090'\n  tag fix_id: 'F-33148r809320_fix'\n  tag cci: ['CCI-002314']\n  tag legacy: []\n  tag nist: ['AC-17 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe firewalld do\n      it { should be_running }\n    end\n\n    describe firewalld.zone do\n      it { should_not be_empty }\n    end\n\n    firewalld.zone.each do |zone|\n      describe \"Firewall zone \\'#{zone}\\' target\" do\n        subject { firewalld.zone(zone).target }\n        it { should cmp 'DROP' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230504.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Firewall Rules is expected to be running","run_time":0.000242,"start_time":"2024-01-09T19:40:58-05:00","message":"expected that `Firewall Rules` is running","resource_class":"firewalld","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"[\"Error on command firewall-cmd --get-active-zones: FirewallD is not running\"] is expected not to be empty","run_time":0.003892,"start_time":"2024-01-09T19:40:58-05:00","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Firewall zone 'Error on command firewall-cmd --get-active-zones: FirewallD is not running' target is expected to cmp == \"DROP\"","run_time":0.000468,"start_time":"2024-01-09T19:40:58-05:00","message":"\nexpected: DROP\n     got: [\"Error on command firewall-cmd --permanent --zone=Error on command firewall-cmd --get-active-zones: FirewallD is not running --get-target: usage: see firewall-cmd man page\\nfirewall-cmd: error: unrecognized arguments: on command firewall-cmd --get-active-zones: FirewallD is not running\"]\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"Firewall zone 'Error on command firewall-cmd --get-active-zones: FirewallD is not running' target"}]},{"id":"SV-230505","title":"A firewall must be installed on RHEL 8.","desc":"\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).","descriptions":[{"label":"default","data":"\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets)."},{"label":"check","data":"Verify that \"firewalld\" is installed with the following commands:\n\n    $ sudo yum list installed firewalld\n\n    firewalld.noarch     0.7.0-5.el8\n\n    If the \"firewalld\" package is not installed, ask the System Administrator\nif another firewall is installed. If no firewall is installed this is a finding."},{"label":"fix","data":"Install \"firewalld\" with the following command:\n\n$ sudo yum install firewalld.noarch"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000297-GPOS-00115","gid":"V-230505","rid":"SV-230505r854048_rule","stig_id":"RHEL-08-040100","fix_id":"F-33149r744019_fix","cci":["CCI-002314"],"nist":["AC-17 (1)"]},"code":"control 'SV-230505' do\n  title 'A firewall must be installed on RHEL 8.'\n  desc '\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).'\n  desc 'check', 'Verify that \"firewalld\" is installed with the following commands:\n\n    $ sudo yum list installed firewalld\n\n    firewalld.noarch     0.7.0-5.el8\n\n    If the \"firewalld\" package is not installed, ask the System Administrator\nif another firewall is installed. If no firewall is installed this is a finding.'\n  desc 'fix', 'Install \"firewalld\" with the following command:\n\n$ sudo yum install firewalld.noarch'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000297-GPOS-00115'\n  tag gid: 'V-230505'\n  tag rid: 'SV-230505r854048_rule'\n  tag stig_id: 'RHEL-08-040100'\n  tag fix_id: 'F-33149r744019_fix'\n  tag cci: ['CCI-002314']\n  tag nist: ['AC-17 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('firewalld') do\n      it { should be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230505.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package firewalld is expected to be installed","run_time":0.1023,"start_time":"2024-01-09T19:40:58-05:00","resource_class":"package","resource_params":"[\"firewalld\"]","resource_id":"firewalld"}]},{"id":"SV-230506","title":"RHEL 8 wireless network adapters must be disabled.","desc":"Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.","descriptions":[{"label":"default","data":"Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required."},{"label":"check","data":"Verify there are no wireless interfaces configured on the system with the\nfollowing command:\n\n    Note: This requirement is Not Applicable for systems that do not have\nphysical wireless network radios.\n\n    $ sudo nmcli device status\n\n    DEVICE                    TYPE            STATE\nCONNECTION\n    virbr0                      bridge         connected             virbr0\n    wlp7s0                    wifi              connected            wifiSSID\n    enp6s0                    ethernet     disconnected        --\n    p2p-dev-wlp7s0     wifi-p2p     disconnected        --\n    lo                             loopback    unmanaged           --\n    virbr0-nic                tun              unmanaged          --\n\n    If a wireless interface is configured and has not been documented and\napproved by the Information System Security Officer (ISSO), this is a finding."},{"label":"fix","data":"Configure the system to disable all wireless network interfaces with the\nfollowing command:\n\n    $ sudo nmcli radio all off"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000299-GPOS-00117","satisfies":["SRG-OS-000299-GPOS-00117","SRG-OS-000300-GPOS-00118","SRG-OS-000481-GPOS-000481"],"gid":"V-230506","rid":"SV-230506r627750_rule","stig_id":"RHEL-08-040110","fix_id":"F-33150r568265_fix","cci":["CCI-001444"],"nist":["AC-18 (1)"]},"code":"control 'SV-230506' do\n  title 'RHEL 8 wireless network adapters must be disabled.'\n  desc 'Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.'\n  desc 'check', 'Verify there are no wireless interfaces configured on the system with the\nfollowing command:\n\n    Note: This requirement is Not Applicable for systems that do not have\nphysical wireless network radios.\n\n    $ sudo nmcli device status\n\n    DEVICE                    TYPE            STATE\nCONNECTION\n    virbr0                      bridge         connected             virbr0\n    wlp7s0                    wifi              connected            wifiSSID\n    enp6s0                    ethernet     disconnected        --\n    p2p-dev-wlp7s0     wifi-p2p     disconnected        --\n    lo                             loopback    unmanaged           --\n    virbr0-nic                tun              unmanaged          --\n\n    If a wireless interface is configured and has not been documented and\napproved by the Information System Security Officer (ISSO), this is a finding.'\n  desc 'fix', 'Configure the system to disable all wireless network interfaces with the\nfollowing command:\n\n    $ sudo nmcli radio all off'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000299-GPOS-00117'\n  tag satisfies: ['SRG-OS-000299-GPOS-00117', 'SRG-OS-000300-GPOS-00118', 'SRG-OS-000481-GPOS-000481']\n  tag gid: 'V-230506'\n  tag rid: 'SV-230506r627750_rule'\n  tag stig_id: 'RHEL-08-040110'\n  tag fix_id: 'F-33150r568265_fix'\n  tag cci: ['CCI-001444']\n  tag nist: ['AC-18 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('nmcli device') do\n      its('stdout.strip') { should_not match(/wifi\\s*connected/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230506.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `nmcli device` stdout.strip is expected not to match /wifi\\s*connected/","run_time":0.186117,"start_time":"2024-01-09T19:40:58-05:00","resource_class":"command","resource_params":"[\"nmcli device\"]","resource_id":"Command: `nmcli device`"}]},{"id":"SV-230507","title":"RHEL 8 Bluetooth must be disabled.","desc":"Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.","descriptions":[{"label":"default","data":"Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required."},{"label":"check","data":"If the device or operating system does not have a Bluetooth adapter installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of Bluetooth is a local AO decision.\n\nDetermine if Bluetooth is disabled with the following command:\n\n$ sudo grep bluetooth /etc/modprobe.d/*\n\n/etc/modprobe.d/bluetooth.conf:install bluetooth /bin/true\n\nIf the Bluetooth driver blacklist entry is missing, a Bluetooth driver is determined to be in use, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the operating system disables the ability to use Bluetooth with the following command:\n\n$ sudo grep -r bluetooth /etc/modprobe.d | grep -i \"blacklist\" | grep -v \"^#\"\n\nblacklist bluetooth\n\nIf the command does not return any output or the output is not \"blacklist bluetooth\", and use of Bluetooth is not documented with the ISSO as an operational requirement, this is a finding."},{"label":"fix","data":"Configure the operating system to disable the Bluetooth adapter when not in use.\n\nBuild or modify the \"/etc/modprobe.d/bluetooth.conf\" file with the following line:\n\ninstall bluetooth /bin/true\n\nDisable the ability to use the Bluetooth kernel module.\n\n$ sudo vi /etc/modprobe.d/blacklist.conf\n\nAdd or update the line:\n\nblacklist bluetooth\n\nReboot the system for the settings to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000300-GPOS-00118","gid":"V-230507","rid":"SV-230507r833336_rule","stig_id":"RHEL-08-040111","fix_id":"F-33151r833335_fix","cci":["CCI-001443"],"nist":["AC-18 (1)"]},"code":"control 'SV-230507' do\n  title 'RHEL 8 Bluetooth must be disabled.'\n  desc 'Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.'\n  desc 'check', 'If the device or operating system does not have a Bluetooth adapter installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of Bluetooth is a local AO decision.\n\nDetermine if Bluetooth is disabled with the following command:\n\n$ sudo grep bluetooth /etc/modprobe.d/*\n\n/etc/modprobe.d/bluetooth.conf:install bluetooth /bin/true\n\nIf the Bluetooth driver blacklist entry is missing, a Bluetooth driver is determined to be in use, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the operating system disables the ability to use Bluetooth with the following command:\n\n$ sudo grep -r bluetooth /etc/modprobe.d | grep -i \"blacklist\" | grep -v \"^#\"\n\nblacklist bluetooth\n\nIf the command does not return any output or the output is not \"blacklist bluetooth\", and use of Bluetooth is not documented with the ISSO as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the Bluetooth adapter when not in use.\n\nBuild or modify the \"/etc/modprobe.d/bluetooth.conf\" file with the following line:\n\ninstall bluetooth /bin/true\n\nDisable the ability to use the Bluetooth kernel module.\n\n$ sudo vi /etc/modprobe.d/blacklist.conf\n\nAdd or update the line:\n\nblacklist bluetooth\n\nReboot the system for the settings to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000300-GPOS-00118'\n  tag gid: 'V-230507'\n  tag rid: 'SV-230507r833336_rule'\n  tag stig_id: 'RHEL-08-040111'\n  tag fix_id: 'F-33151r833335_fix'\n  tag cci: ['CCI-001443']\n  tag nist: ['AC-18 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('bluetooth_installed')\n    describe kernel_module('bluetooth') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  else\n    impact 0.0\n    describe 'Device or operating system does not have a Bluetooth adapter installed' do\n      skip 'If the device or operating system does not have a Bluetooth adapter installed, this requirement is not applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230507.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Module bluetooth is expected to be disabled","run_time":0.009446,"start_time":"2024-01-09T19:40:58-05:00","message":"expected `Kernel Module bluetooth.disabled?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"bluetooth\"]","resource_id":"bluetooth"},{"status":"failed","code_desc":"Kernel Module bluetooth is expected to be blacklisted","run_time":0.009043,"start_time":"2024-01-09T19:40:58-05:00","message":"expected `Kernel Module bluetooth.blacklisted?` to be truthy, got false","resource_class":"kernel_module","resource_params":"[\"bluetooth\"]","resource_id":"bluetooth"}]},{"id":"SV-230508","title":"RHEL 8 must mount /dev/shm with the nodev option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/dev/shm\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\"option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /dev/shm\nis mounted without the \"nodev\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /dev/shm is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230508","rid":"SV-230508r854049_rule","stig_id":"RHEL-08-040120","fix_id":"F-33152r568271_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230508' do\n  title 'RHEL 8 must mount /dev/shm with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/dev/shm\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\"option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /dev/shm\nis mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /dev/shm is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230508'\n  tag rid: 'SV-230508r854049_rule'\n  tag stig_id: 'RHEL-08-040120'\n  tag fix_id: 'F-33152r568271_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  describe etc_fstab.where { mount_point == '/dev/shm' } do\n    its('mount_options.flatten') { should include 'nodev' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230508.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/dev/shm\" mount_options.flatten is expected to include \"nodev\"","run_time":0.000268,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nodev\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230509","title":"RHEL 8 must mount /dev/shm with the nosuid option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/dev/shm\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/dev/shm is mounted without the \"nosuid\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /dev/shm is mounted with the  \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230509","rid":"SV-230509r854050_rule","stig_id":"RHEL-08-040121","fix_id":"F-33153r568274_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230509' do\n  title 'RHEL 8 must mount /dev/shm with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/dev/shm\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/dev/shm is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /dev/shm is mounted with the  \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230509'\n  tag rid: 'SV-230509r854050_rule'\n  tag stig_id: 'RHEL-08-040121'\n  tag fix_id: 'F-33153r568274_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  describe etc_fstab.where { mount_point == '/dev/shm' } do\n    its('mount_options.flatten') { should include 'nosuid' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230509.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/dev/shm\" mount_options.flatten is expected to include \"nosuid\"","run_time":0.000122,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nosuid\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230510","title":"RHEL 8 must mount /dev/shm with the noexec option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/dev/shm\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" options is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/dev/shm is mounted without the \"noexec\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /dev/shm is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230510","rid":"SV-230510r854051_rule","stig_id":"RHEL-08-040122","fix_id":"F-33154r568277_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230510' do\n  title 'RHEL 8 must mount /dev/shm with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/dev/shm\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" options is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/dev/shm is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /dev/shm is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230510'\n  tag rid: 'SV-230510r854051_rule'\n  tag stig_id: 'RHEL-08-040122'\n  tag fix_id: 'F-33154r568277_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  describe etc_fstab.where { mount_point == '/dev/shm' } do\n    its('mount_options.flatten') { should include 'noexec' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230510.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/dev/shm\" mount_options.flatten is expected to include \"noexec\"","run_time":0.00011,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"noexec\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230511","title":"RHEL 8 must mount /tmp with the nodev option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/tmp\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /tmp is\nmounted without the \"nodev\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /tmp is mounted with the \"nodev\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230511","rid":"SV-230511r854052_rule","stig_id":"RHEL-08-040123","fix_id":"F-33155r568280_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230511' do\n  title 'RHEL 8 must mount /tmp with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/tmp\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /tmp is\nmounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /tmp is mounted with the \"nodev\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230511'\n  tag rid: 'SV-230511r854052_rule'\n  tag stig_id: 'RHEL-08-040123'\n  tag fix_id: 'F-33155r568280_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('skip_mount_tmp')['nodev']\n    impact 0.0\n    describe 'The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.' do\n      skip 'The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230511.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.","run_time":8.0e-06,"start_time":"2024-01-09T19:40:58-05:00","resource":"","skip_message":"The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.","resource_class":"Object","resource_params":"[]","resource_id":"The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization."}]},{"id":"SV-230512","title":"RHEL 8 must mount /tmp with the nosuid option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/tmp\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if /tmp is\nmounted without the \"nosuid\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /tmp is mounted with the \"nosuid\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230512","rid":"SV-230512r854053_rule","stig_id":"RHEL-08-040124","fix_id":"F-33156r568283_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230512' do\n  title 'RHEL 8 must mount /tmp with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/tmp\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if /tmp is\nmounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /tmp is mounted with the \"nosuid\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230512'\n  tag rid: 'SV-230512r854053_rule'\n  tag stig_id: 'RHEL-08-040124'\n  tag fix_id: 'F-33156r568283_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('skip_mount_tmp')['nosuid']\n    impact 0.0\n    describe 'The requirement to add nosuid to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.' do\n      skip 'The requirement to add nosuid to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230512.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The requirement to add nosuid to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.","run_time":4.0e-06,"start_time":"2024-01-09T19:40:58-05:00","resource":"","skip_message":"The requirement to add nosuid to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.","resource_class":"Object","resource_params":"[]","resource_id":"The requirement to add nosuid to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization."}]},{"id":"SV-230513","title":"RHEL 8 must mount /tmp with the noexec option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/tmp\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if /tmp is\nmounted without the \"noexec\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /tmp is mounted with the \"noexec\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230513","rid":"SV-230513r854054_rule","stig_id":"RHEL-08-040125","fix_id":"F-33157r568286_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230513' do\n  title 'RHEL 8 must mount /tmp with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/tmp\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if /tmp is\nmounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /tmp is mounted with the \"noexec\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230513'\n  tag rid: 'SV-230513r854054_rule'\n  tag stig_id: 'RHEL-08-040125'\n  tag fix_id: 'F-33157r568286_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('skip_mount_tmp')['noexec']\n    impact 0.0\n    describe 'The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.' do\n      skip 'The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230513.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.","run_time":6.0e-06,"start_time":"2024-01-09T19:40:58-05:00","resource":"","skip_message":"The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.","resource_class":"Object","resource_params":"[]","resource_id":"The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization."}]},{"id":"SV-230514","title":"RHEL 8 must mount /var/log with the nodev option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/log\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /var/log\nis mounted without the \"nodev\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/log is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230514","rid":"SV-230514r854055_rule","stig_id":"RHEL-08-040126","fix_id":"F-33158r568289_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230514' do\n  title 'RHEL 8 must mount /var/log with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /var/log\nis mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230514'\n  tag rid: 'SV-230514r854055_rule'\n  tag stig_id: 'RHEL-08-040126'\n  tag fix_id: 'F-33158r568289_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230514.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log\" mount_options.flatten is expected to include \"nodev\"","run_time":0.000115,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nodev\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230515","title":"RHEL 8 must mount /var/log with the nosuid option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/log\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log is mounted without the \"nosuid\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/log is mounted with the \"nosuid\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230515","rid":"SV-230515r854056_rule","stig_id":"RHEL-08-040127","fix_id":"F-33159r568292_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230515' do\n  title 'RHEL 8 must mount /var/log with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log is mounted with the \"nosuid\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230515'\n  tag rid: 'SV-230515r854056_rule'\n  tag stig_id: 'RHEL-08-040127'\n  tag fix_id: 'F-33159r568292_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230515.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log\" mount_options.flatten is expected to include \"nosuid\"","run_time":0.000108,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nosuid\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230516","title":"RHEL 8 must mount /var/log with the noexec option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/log\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log is mounted without the \"noexec\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/log is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230516","rid":"SV-230516r854057_rule","stig_id":"RHEL-08-040128","fix_id":"F-33160r568295_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230516' do\n  title 'RHEL 8 must mount /var/log with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230516'\n  tag rid: 'SV-230516r854057_rule'\n  tag stig_id: 'RHEL-08-040128'\n  tag fix_id: 'F-33160r568295_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230516.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log\" mount_options.flatten is expected to include \"noexec\"","run_time":0.000105,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"noexec\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230517","title":"RHEL 8 must mount /var/log/audit with the nodev option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/log/audit\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if\n/var/log/audit is mounted without the \"nodev\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/log/audit is mounted with the \"nodev\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230517","rid":"SV-230517r854058_rule","stig_id":"RHEL-08-040129","fix_id":"F-33161r568298_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230517' do\n  title 'RHEL 8 must mount /var/log/audit with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log/audit\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if\n/var/log/audit is mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log/audit is mounted with the \"nodev\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230517'\n  tag rid: 'SV-230517r854058_rule'\n  tag stig_id: 'RHEL-08-040129'\n  tag fix_id: 'F-33161r568298_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log/audit' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230517.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log/audit\" mount_options.flatten is expected to include \"nodev\"","run_time":0.000102,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nodev\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230518","title":"RHEL 8 must mount /var/log/audit with the nosuid option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/log/audit\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log/audit is mounted without the \"nosuid\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/log/audit is mounted with the \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230518","rid":"SV-230518r854059_rule","stig_id":"RHEL-08-040130","fix_id":"F-33162r568301_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230518' do\n  title 'RHEL 8 must mount /var/log/audit with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log/audit\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log/audit is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log/audit is mounted with the \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230518'\n  tag rid: 'SV-230518r854059_rule'\n  tag stig_id: 'RHEL-08-040130'\n  tag fix_id: 'F-33162r568301_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log/audit' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230518.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log/audit\" mount_options.flatten is expected to include \"nosuid\"","run_time":0.000102,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nosuid\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230519","title":"RHEL 8 must mount /var/log/audit with the noexec option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/log/audit\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log/audit is mounted without the \"noexec\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/log/audit is mounted with the \"noexec\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230519","rid":"SV-230519r854060_rule","stig_id":"RHEL-08-040131","fix_id":"F-33163r568304_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230519' do\n  title 'RHEL 8 must mount /var/log/audit with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log/audit\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log/audit is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log/audit is mounted with the \"noexec\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230519'\n  tag rid: 'SV-230519r854060_rule'\n  tag stig_id: 'RHEL-08-040131'\n  tag fix_id: 'F-33163r568304_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log/audit' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230519.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/log/audit\" mount_options.flatten is expected to include \"noexec\"","run_time":0.000105,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"noexec\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230520","title":"RHEL 8 must mount /var/tmp with the nodev option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/tmp\" is mounted with the \"nodev\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nodev\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nodev\" option is missing, or if /var/tmp is mounted without the \"nodev\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/tmp is mounted with the \"nodev\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230520","rid":"SV-230520r854061_rule","stig_id":"RHEL-08-040132","fix_id":"F-33164r792926_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230520' do\n  title 'RHEL 8 must mount /var/tmp with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/tmp\" is mounted with the \"nodev\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nodev\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nodev\" option is missing, or if /var/tmp is mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/tmp is mounted with the \"nodev\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230520'\n  tag rid: 'SV-230520r854061_rule'\n  tag stig_id: 'RHEL-08-040132'\n  tag fix_id: 'F-33164r792926_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/tmp' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230520.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/tmp\" mount_options.flatten is expected to include \"nodev\"","run_time":0.000101,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nodev\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230521","title":"RHEL 8 must mount /var/tmp with the nosuid option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/tmp\" is mounted with the \"nosuid\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nosuid\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nosuid\" option is missing, or if /var/tmp is mounted without the \"nosuid\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/tmp is mounted with the \"nosuid\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230521","rid":"SV-230521r854062_rule","stig_id":"RHEL-08-040133","fix_id":"F-33165r792929_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230521' do\n  title 'RHEL 8 must mount /var/tmp with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/tmp\" is mounted with the \"nosuid\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nosuid\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nosuid\" option is missing, or if /var/tmp is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/tmp is mounted with the \"nosuid\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230521'\n  tag rid: 'SV-230521r854062_rule'\n  tag stig_id: 'RHEL-08-040133'\n  tag fix_id: 'F-33165r792929_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/tmp' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230521.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/tmp\" mount_options.flatten is expected to include \"nosuid\"","run_time":0.000102,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"nosuid\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230522","title":"RHEL 8 must mount /var/tmp with the noexec option.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."},{"label":"check","data":"Verify \"/var/tmp\" is mounted with the \"noexec\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"noexec\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"noexec\" option is missing, or if /var/tmp is mounted without the \"noexec\" option, this is a finding."},{"label":"fix","data":"Configure the system so that /var/tmp is mounted with the \"noexec\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","gid":"V-230522","rid":"SV-230522r854063_rule","stig_id":"RHEL-08-040134","fix_id":"F-33166r792932_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230522' do\n  title 'RHEL 8 must mount /var/tmp with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/tmp\" is mounted with the \"noexec\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"noexec\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"noexec\" option is missing, or if /var/tmp is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/tmp is mounted with the \"noexec\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230522'\n  tag rid: 'SV-230522r854063_rule'\n  tag stig_id: 'RHEL-08-040134'\n  tag fix_id: 'F-33166r792932_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/tmp' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230522.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/tmp\" mount_options.flatten is expected to include \"noexec\"","run_time":0.000104,"start_time":"2024-01-09T19:40:58-05:00","message":"expected [] to include \"noexec\"","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230523","title":"The RHEL 8 fapolicy module must be installed.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers."},{"label":"check","data":"Verify the RHEL 8 \"fapolicyd\" is installed.\n\nCheck that \"fapolicyd\" is installed with the following command:\n\n$ sudo yum list installed fapolicyd\n\nInstalled Packages\nfapolicyd.x86_64\n\nIf fapolicyd is not installed, this is a finding."},{"label":"fix","data":"Install \"fapolicyd\" with the following command:\n\n$ sudo yum install fapolicyd.x86_64"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","satisfies":["SRG-OS-000368-GPOS-00154","SRG-OS-000370-GPOS-00155","SRG-OS-000480-GPOS-00232"],"gid":"V-230523","rid":"SV-230523r854064_rule","stig_id":"RHEL-08-040135","fix_id":"F-33167r744022_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-230523' do\n  title 'The RHEL 8 fapolicy module must be installed.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.'\n  desc 'check', 'Verify the RHEL 8 \"fapolicyd\" is installed.\n\nCheck that \"fapolicyd\" is installed with the following command:\n\n$ sudo yum list installed fapolicyd\n\nInstalled Packages\nfapolicyd.x86_64\n\nIf fapolicyd is not installed, this is a finding.'\n  desc 'fix', 'Install \"fapolicyd\" with the following command:\n\n$ sudo yum install fapolicyd.x86_64'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag satisfies: ['SRG-OS-000368-GPOS-00154', 'SRG-OS-000370-GPOS-00155', 'SRG-OS-000480-GPOS-00232']\n  tag gid: 'V-230523'\n  tag rid: 'SV-230523r854064_rule'\n  tag stig_id: 'RHEL-08-040135'\n  tag fix_id: 'F-33167r744022_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if !input('use_fapolicyd')\n    impact 0.0\n    describe 'The organization is not using the Fapolicyd service to manage firewall servies, this control is Not Applicable' do\n      skip 'The organization is not using the Fapolicyd service to manage firewall servies, this control is Not Applicable'\n    end\n  elsif virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('fapolicyd') do\n      it { should be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230523.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System Package fapolicyd is expected to be installed","run_time":0.168746,"start_time":"2024-01-09T19:40:58-05:00","message":"expected that `System Package fapolicyd` is installed","resource_class":"package","resource_params":"[\"fapolicyd\"]","resource_id":"fapolicyd"}]},{"id":"SV-230524","title":"RHEL 8 must block unauthorized peripherals before establishing a\nconnection.","desc":"Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.","descriptions":[{"label":"default","data":"Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices."},{"label":"check","data":"Verify the USBGuard has a policy configured with the following command:\n\n    $ sudo usbguard list-rules\n\n    If the command does not return results or an error is returned, ask the SA\nto indicate how unauthorized peripherals are being blocked.\n\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding."},{"label":"fix","data":"Configure the operating system to enable the blocking of unauthorized\nperipherals with the following command:\n    This command must be run from a root shell and will create an allow list\nfor any usb devices currently connect to the system.\n\n    # usbguard generate-policy > /etc/usbguard/rules.conf\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000378-GPOS-00163","gid":"V-230524","rid":"SV-230524r854065_rule","stig_id":"RHEL-08-040140","fix_id":"F-33168r744025_fix","cci":["CCI-001958"],"nist":["IA-3"]},"code":"control 'SV-230524' do\n  title 'RHEL 8 must block unauthorized peripherals before establishing a\nconnection.'\n  desc 'Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.'\n  desc 'check', 'Verify the USBGuard has a policy configured with the following command:\n\n    $ sudo usbguard list-rules\n\n    If the command does not return results or an error is returned, ask the SA\nto indicate how unauthorized peripherals are being blocked.\n\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable the blocking of unauthorized\nperipherals with the following command:\n    This command must be run from a root shell and will create an allow list\nfor any usb devices currently connect to the system.\n\n    # usbguard generate-policy > /etc/usbguard/rules.conf\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000378-GPOS-00163'\n  tag gid: 'V-230524'\n  tag rid: 'SV-230524r854065_rule'\n  tag stig_id: 'RHEL-08-040140'\n  tag fix_id: 'F-33168r744025_fix'\n  tag cci: ['CCI-001958']\n  tag nist: ['IA-3']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('usbguard list-rules') do\n      its('stdout') { should_not be_empty }\n      its('exit_status') { should eq 0 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230524.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Command: `usbguard list-rules` stdout is expected not to be empty","run_time":0.10905,"start_time":"2024-01-09T19:40:58-05:00","message":"expected `\"\".empty?` to be falsey, got true","resource_class":"command","resource_params":"[\"usbguard list-rules\"]","resource_id":"Command: `usbguard list-rules`"},{"status":"failed","code_desc":"Command: `usbguard list-rules` exit_status is expected to eq 0","run_time":9.8e-05,"start_time":"2024-01-09T19:40:58-05:00","message":"\nexpected: 0\n     got: 1\n\n(compared using ==)\n","resource_class":"command","resource_params":"[\"usbguard list-rules\"]","resource_id":"Command: `usbguard list-rules`"}]},{"id":"SV-230525","title":"A firewall must be able to protect against or limit the effects of\nDenial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting\nmeasures on impacted network interfaces.","desc":"DoS is a condition when a resource is not available for legitimate\nusers. When this occurs, the organization either cannot accomplish its mission\nor must operate at degraded capacity.\n\n    This requirement addresses the configuration of RHEL 8 to mitigate the\nimpact of DoS attacks that have occurred or are ongoing on system availability.\nFor each system, known and potential DoS attacks must be identified and\nsolutions for each type implemented. A variety of technologies exists to limit\nor, in some cases, eliminate the effects of DoS attacks (e.g., limiting\nprocesses or establishing memory partitions). Employing increased capacity and\nbandwidth, combined with service redundancy, may reduce the susceptibility to\nsome DoS attacks.\n\n    Since version 0.6.0, \"firewalld\" has incorporated \"nftables\" as its\nbackend support. Utilizing the limit statement in \"nftables\" can help to\nmitigate DoS attacks.","descriptions":[{"label":"default","data":"DoS is a condition when a resource is not available for legitimate\nusers. When this occurs, the organization either cannot accomplish its mission\nor must operate at degraded capacity.\n\n    This requirement addresses the configuration of RHEL 8 to mitigate the\nimpact of DoS attacks that have occurred or are ongoing on system availability.\nFor each system, known and potential DoS attacks must be identified and\nsolutions for each type implemented. A variety of technologies exists to limit\nor, in some cases, eliminate the effects of DoS attacks (e.g., limiting\nprocesses or establishing memory partitions). Employing increased capacity and\nbandwidth, combined with service redundancy, may reduce the susceptibility to\nsome DoS attacks.\n\n    Since version 0.6.0, \"firewalld\" has incorporated \"nftables\" as its\nbackend support. Utilizing the limit statement in \"nftables\" can help to\nmitigate DoS attacks."},{"label":"check","data":"Verify \"nftables\" is configured to allow rate limits on any connection to\nthe system with the following command:\n\n    Verify \"firewalld\" has \"nftables\" set as the default backend:\n\n    $ sudo grep -i firewallbackend /etc/firewalld/firewalld.conf\n\n    # FirewallBackend\n    FirewallBackend=nftables\n\n    If the \"nftables\" is not set as the \"firewallbackend\" default, this is\na finding."},{"label":"fix","data":"Configure \"nftables\" to be the default \"firewallbackend\" for \"firewalld\" by adding or editing the following line in \"/etc/firewalld/firewalld.conf\":\n\nFirewallBackend=nftables\n\nEstablish rate-limiting rules based on organization-defined types of DoS attacks on impacted network interfaces."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000420-GPOS-00186","gid":"V-230525","rid":"SV-230525r902735_rule","stig_id":"RHEL-08-040150","fix_id":"F-33169r902734_fix","cci":["CCI-002385"],"nist":["SC-5","SC-5 a"]},"code":"control 'SV-230525' do\n  title 'A firewall must be able to protect against or limit the effects of\nDenial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting\nmeasures on impacted network interfaces.'\n  desc 'DoS is a condition when a resource is not available for legitimate\nusers. When this occurs, the organization either cannot accomplish its mission\nor must operate at degraded capacity.\n\n    This requirement addresses the configuration of RHEL 8 to mitigate the\nimpact of DoS attacks that have occurred or are ongoing on system availability.\nFor each system, known and potential DoS attacks must be identified and\nsolutions for each type implemented. A variety of technologies exists to limit\nor, in some cases, eliminate the effects of DoS attacks (e.g., limiting\nprocesses or establishing memory partitions). Employing increased capacity and\nbandwidth, combined with service redundancy, may reduce the susceptibility to\nsome DoS attacks.\n\n    Since version 0.6.0, \"firewalld\" has incorporated \"nftables\" as its\nbackend support. Utilizing the limit statement in \"nftables\" can help to\nmitigate DoS attacks.'\n  desc 'check', 'Verify \"nftables\" is configured to allow rate limits on any connection to\nthe system with the following command:\n\n    Verify \"firewalld\" has \"nftables\" set as the default backend:\n\n    $ sudo grep -i firewallbackend /etc/firewalld/firewalld.conf\n\n    # FirewallBackend\n    FirewallBackend=nftables\n\n    If the \"nftables\" is not set as the \"firewallbackend\" default, this is\na finding.'\n  desc 'fix', 'Configure \"nftables\" to be the default \"firewallbackend\" for \"firewalld\" by adding or editing the following line in \"/etc/firewalld/firewalld.conf\":\n\nFirewallBackend=nftables\n\nEstablish rate-limiting rules based on organization-defined types of DoS attacks on impacted network interfaces.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000420-GPOS-00186'\n  tag gid: 'V-230525'\n  tag rid: 'SV-230525r902735_rule'\n  tag stig_id: 'RHEL-08-040150'\n  tag fix_id: 'F-33169r902734_fix'\n  tag cci: ['CCI-002385']\n  tag nist: ['SC-5', 'SC-5 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/firewalld/firewalld.conf') do\n      its('FirewallBackend') { should eq 'nftables' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230525.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/firewalld/firewalld.conf FirewallBackend is expected to eq \"nftables\"","run_time":4.9e-05,"start_time":"2024-01-09T19:40:58-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/firewalld/firewalld.conf\"]","resource_id":"/etc/firewalld/firewalld.conf"}]},{"id":"SV-230526","title":"All RHEL 8 networked systems must have and implement SSH to protect\nthe confidentiality and integrity of transmitted and received information, as\nwell as information during preparation for transmission.","desc":"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.","descriptions":[{"label":"default","data":"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa."},{"label":"check","data":"Verify SSH is loaded and active with the following command:\n\n    $ sudo systemctl status sshd\n\n    sshd.service - OpenSSH server daemon\n    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)\n    Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days\nago\n    Main PID: 1348 (sshd)\n    CGroup: /system.slice/sshd.service\n    1053 /usr/sbin/sshd -D\n\n    If \"sshd\" does not show a status of \"active\" and \"running\", this is a\nfinding."},{"label":"fix","data":"Configure the SSH service to automatically start after reboot with the\nfollowing command:\n\n    $ sudo systemctl enable sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-GPOS-00187","satisfies":["SRG-OS-000423-GPOS-00187","SRG-OS-000424-GPOS-00188","SRG-OS-000425-GPOS-00189","SRG-OS-000426-GPOS-00190"],"gid":"V-230526","rid":"SV-230526r916422_rule","stig_id":"RHEL-08-040160","fix_id":"F-33170r744031_fix","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'SV-230526' do\n  title 'All RHEL 8 networked systems must have and implement SSH to protect\nthe confidentiality and integrity of transmitted and received information, as\nwell as information during preparation for transmission.'\n  desc 'Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.'\n  desc 'check', 'Verify SSH is loaded and active with the following command:\n\n    $ sudo systemctl status sshd\n\n    sshd.service - OpenSSH server daemon\n    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)\n    Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days\nago\n    Main PID: 1348 (sshd)\n    CGroup: /system.slice/sshd.service\n    1053 /usr/sbin/sshd -D\n\n    If \"sshd\" does not show a status of \"active\" and \"running\", this is a\nfinding.'\n  desc 'fix', 'Configure the SSH service to automatically start after reboot with the\nfollowing command:\n\n    $ sudo systemctl enable sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-GPOS-00187'\n  tag satisfies: ['SRG-OS-000423-GPOS-00187', 'SRG-OS-000424-GPOS-00188', 'SRG-OS-000425-GPOS-00189', 'SRG-OS-000426-GPOS-00190']\n  tag gid: 'V-230526'\n  tag rid: 'SV-230526r916422_rule'\n  tag stig_id: 'RHEL-08-040160'\n  tag fix_id: 'F-33170r744031_fix'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe systemd_service('sshd.service') do\n      it { should be_running }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230526.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Service sshd.service is expected to be running","run_time":0.426598,"start_time":"2024-01-09T19:40:58-05:00","resource_class":"systemd_service","resource_params":"[\"sshd.service\"]","resource_id":"sshd.service"}]},{"id":"SV-230527","title":"RHEL 8 must force a frequent session key renegotiation for SSH\nconnections to the server.","desc":"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n    Session key regeneration limits the chances of a session key becoming\ncompromised.","descriptions":[{"label":"default","data":"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n    Session key regeneration limits the chances of a session key becoming\ncompromised."},{"label":"check","data":"Verify the SSH server is configured to force frequent session key renegotiation with the following command:\n\n$ sudo grep -ir RekeyLimit /etc/ssh/sshd_config*\n\nRekeyLimit 1G 1h\n\nIf \"RekeyLimit\" does not have a maximum data amount and maximum time defined, is missing or commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the system to force a frequent session key renegotiation for SSH\nconnections to the server by add or modifying the following line in the\n\"/etc/ssh/sshd_config\" file:\n\n    RekeyLimit 1G 1h\n\n    Restart the SSH daemon for the settings to take effect.\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000033-GPOS-00014","satisfies":["SRG-OS-000033-GPOS-00014","SRG-OS-000420-GPOS-00186","SRG-OS-000424-GPOS-00188"],"gid":"V-230527","rid":"SV-230527r877398_rule","stig_id":"RHEL-08-040161","fix_id":"F-33171r568328_fix","cci":["CCI-000068"],"nist":["AC-17 (2)"]},"code":"control 'SV-230527' do\n  title 'RHEL 8 must force a frequent session key renegotiation for SSH\nconnections to the server.'\n  desc 'Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n    Session key regeneration limits the chances of a session key becoming\ncompromised.'\n  desc 'check', 'Verify the SSH server is configured to force frequent session key renegotiation with the following command:\n\n$ sudo grep -ir RekeyLimit /etc/ssh/sshd_config*\n\nRekeyLimit 1G 1h\n\nIf \"RekeyLimit\" does not have a maximum data amount and maximum time defined, is missing or commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the system to force a frequent session key renegotiation for SSH\nconnections to the server by add or modifying the following line in the\n\"/etc/ssh/sshd_config\" file:\n\n    RekeyLimit 1G 1h\n\n    Restart the SSH daemon for the settings to take effect.\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000033-GPOS-00014'\n  tag satisfies: ['SRG-OS-000033-GPOS-00014', 'SRG-OS-000420-GPOS-00186', 'SRG-OS-000424-GPOS-00188']\n  tag gid: 'V-230527'\n  tag rid: 'SV-230527r877398_rule'\n  tag stig_id: 'RHEL-08-040161'\n  tag fix_id: 'F-33171r568328_fix'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('RekeyLimit') { should cmp '1G 1h' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230527.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration RekeyLimit is expected to cmp == \"1G 1h\"","run_time":0.000355,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230529","title":"The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.","desc":"A locally logged-on user, who presses Ctrl-Alt-Delete when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.","descriptions":[{"label":"default","data":"A locally logged-on user, who presses Ctrl-Alt-Delete when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken."},{"label":"check","data":"Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed with the following command:\n\n    $ sudo systemctl status ctrl-alt-del.target\n\n    ctrl-alt-del.target\n    Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\n    Active: inactive (dead)\n\n    If the \"ctrl-alt-del.target\" is loaded and not masked, this is a finding."},{"label":"fix","data":"Configure the system to disable the Ctrl-Alt-Delete sequence for the command line with the following commands:\n\n$ sudo systemctl disable ctrl-alt-del.target\n\n$ sudo systemctl mask ctrl-alt-del.target\n\nCreated symlink /etc/systemd/system/ctrl-alt-del.target -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230529","rid":"SV-230529r833338_rule","stig_id":"RHEL-08-040170","fix_id":"F-33173r833337_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230529' do\n  title 'The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.'\n  desc 'A locally logged-on user, who presses Ctrl-Alt-Delete when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.'\n  desc 'check', 'Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed with the following command:\n\n    $ sudo systemctl status ctrl-alt-del.target\n\n    ctrl-alt-del.target\n    Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\n    Active: inactive (dead)\n\n    If the \"ctrl-alt-del.target\" is loaded and not masked, this is a finding.'\n  desc 'fix', 'Configure the system to disable the Ctrl-Alt-Delete sequence for the command line with the following commands:\n\n$ sudo systemctl disable ctrl-alt-del.target\n\n$ sudo systemctl mask ctrl-alt-del.target\n\nCreated symlink /etc/systemd/system/ctrl-alt-del.target -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230529'\n  tag rid: 'SV-230529r833338_rule'\n  tag stig_id: 'RHEL-08-040170'\n  tag fix_id: 'F-33173r833337_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  c = systemd_service('ctrl-alt-del.target')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe c do\n        its('params.LoadState') { should eq 'masked' }\n      end\n      describe c do\n        its('params.LoadState') { should eq 'not-found' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230529.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Service ctrl-alt-del.target params.LoadState is expected to eq \"masked\"","run_time":0.000295,"start_time":"2024-01-09T19:40:59-05:00","message":"\nexpected: \"masked\"\n     got: \"loaded\"\n\n(compared using ==)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"systemd_service","resource_params":"[\"ctrl-alt-del.target\"]","resource_id":"ctrl-alt-del.target"},{"status":"failed","code_desc":"Service ctrl-alt-del.target params.LoadState is expected to eq \"not-found\"","run_time":0.000152,"start_time":"2024-01-09T19:40:59-05:00","message":"\nexpected: \"not-found\"\n     got: \"loaded\"\n\n(compared using ==)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"systemd_service","resource_params":"[\"ctrl-alt-del.target\"]","resource_id":"ctrl-alt-del.target"}]},{"id":"SV-230530","title":"The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a\ngraphical user interface is installed.","desc":"A locally logged-on user, who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.","descriptions":[{"label":"default","data":"A locally logged-on user, who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken."},{"label":"check","data":"Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed when using a graphical user interface with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo grep logout /etc/dconf/db/local.d/*\n\n    logout=''\n\n    If the \"logout\" key is bound to an action, is commented out, or is\nmissing, this is a finding."},{"label":"fix","data":"Configure the system to disable the Ctrl-Alt-Delete sequence when using a\ngraphical user interface by creating or editing the\n/etc/dconf/db/local.d/00-disable-CAD file.\n\n    Add the setting to disable the Ctrl-Alt-Delete sequence for a graphical\nuser interface:\n\n    [org/gnome/settings-daemon/plugins/media-keys]\n    logout=''\n\n    Note: The value above is set to two single quotations.\n\n    Then update the dconf settings:\n\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230530","rid":"SV-230530r646883_rule","stig_id":"RHEL-08-040171","fix_id":"F-33174r568337_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230530' do\n  title 'The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a\ngraphical user interface is installed.'\n  desc 'A locally logged-on user, who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.'\n  desc 'check', %q(Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed when using a graphical user interface with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo grep logout /etc/dconf/db/local.d/*\n\n    logout=''\n\n    If the \"logout\" key is bound to an action, is commented out, or is\nmissing, this is a finding.)\n  desc 'fix', \"Configure the system to disable the Ctrl-Alt-Delete sequence when using a\ngraphical user interface by creating or editing the\n/etc/dconf/db/local.d/00-disable-CAD file.\n\n    Add the setting to disable the Ctrl-Alt-Delete sequence for a graphical\nuser interface:\n\n    [org/gnome/settings-daemon/plugins/media-keys]\n    logout=''\n\n    Note: The value above is set to two single quotations.\n\n    Then update the dconf settings:\n\n    $ sudo dconf update\"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230530'\n  tag rid: 'SV-230530r646883_rule'\n  tag stig_id: 'RHEL-08-040171'\n  tag fix_id: 'F-33174r568337_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command('grep logout /etc/dconf/db/local.d/*') do\n      its('stdout.strip') { should cmp \"logout=''\" }\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230530.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have GNOME installed","run_time":4.0e-06,"start_time":"2024-01-09T19:40:59-05:00","resource":"","skip_message":"The system does not have GNOME installed, this requirement is Not\n        Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have GNOME installed"}]},{"id":"SV-230531","title":"The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be\ndisabled.","desc":"A locally logged-on user who presses Ctrl-Alt-Delete when at the\nconsole can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.","descriptions":[{"label":"default","data":"A locally logged-on user who presses Ctrl-Alt-Delete when at the\nconsole can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken."},{"label":"check","data":"Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed seven times within two seconds with the following command:\n\n    $ sudo grep -i ctrl /etc/systemd/system.conf\n\n    CtrlAltDelBurstAction=none\n\n    If the \"CtrlAltDelBurstAction\" is not set to \"none\", commented out, or\nis missing, this is a finding."},{"label":"fix","data":"Configure the system to disable the CtrlAltDelBurstAction by added or\nmodifying the following line in the \"/etc/systemd/system.conf\" configuration\nfile:\n\n    CtrlAltDelBurstAction=none\n\n    Reload the daemon for this change to take effect.\n\n    $ sudo systemctl daemon-reload"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230531","rid":"SV-230531r627750_rule","stig_id":"RHEL-08-040172","fix_id":"F-33175r619890_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230531' do\n  title 'The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be\ndisabled.'\n  desc 'A locally logged-on user who presses Ctrl-Alt-Delete when at the\nconsole can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.'\n  desc 'check', 'Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed seven times within two seconds with the following command:\n\n    $ sudo grep -i ctrl /etc/systemd/system.conf\n\n    CtrlAltDelBurstAction=none\n\n    If the \"CtrlAltDelBurstAction\" is not set to \"none\", commented out, or\nis missing, this is a finding.'\n  desc 'fix', 'Configure the system to disable the CtrlAltDelBurstAction by added or\nmodifying the following line in the \"/etc/systemd/system.conf\" configuration\nfile:\n\n    CtrlAltDelBurstAction=none\n\n    Reload the daemon for this change to take effect.\n\n    $ sudo systemctl daemon-reload'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230531'\n  tag rid: 'SV-230531r627750_rule'\n  tag stig_id: 'RHEL-08-040172'\n  tag fix_id: 'F-33175r619890_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/systemd/system.conf') do\n      its('Manager') { should include('CtrlAltDelBurstAction' => 'none') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230531.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/systemd/system.conf Manager is expected to include {\"CtrlAltDelBurstAction\" => \"none\"}","run_time":0.000265,"start_time":"2024-01-09T19:40:59-05:00","message":"expected {\"DefaultLimitCORE\" => \"0:infinity\"} to include {\"CtrlAltDelBurstAction\" => \"none\"}","resource_class":"parse_config_file","resource_params":"[\"/etc/systemd/system.conf\"]","resource_id":"/etc/systemd/system.conf"}]},{"id":"SV-230532","title":"The debug-shell systemd service must be disabled on RHEL 8.","desc":"The debug-shell requires no authentication and provides root\nprivileges to anyone who has physical access to the machine.  While this\nfeature is disabled by default, masking it adds an additional layer of\nassurance that it will not be enabled via a dependency in systemd.  This also\nprevents attackers with physical access from trivially bypassing security on\nthe machine through valid troubleshooting configurations and gaining root\naccess when the system is rebooted.","descriptions":[{"label":"default","data":"The debug-shell requires no authentication and provides root\nprivileges to anyone who has physical access to the machine.  While this\nfeature is disabled by default, masking it adds an additional layer of\nassurance that it will not be enabled via a dependency in systemd.  This also\nprevents attackers with physical access from trivially bypassing security on\nthe machine through valid troubleshooting configurations and gaining root\naccess when the system is rebooted."},{"label":"check","data":"Verify RHEL 8 is configured to mask the debug-shell systemd service with\nthe following command:\n\n    $ sudo systemctl status debug-shell.service\n\n    debug-shell.service\n    Loaded: masked (Reason: Unit debug-shell.service is masked.)\n    Active: inactive (dead)\n\n    If the \"debug-shell.service\" is loaded and not masked, this is a finding."},{"label":"fix","data":"Configure the system to mask the debug-shell systemd service with the\nfollowing command:\n\n    $ sudo systemctl mask debug-shell.service\n\n    Created symlink /etc/systemd/system/debug-shell.service -> /dev/null\n\n    Reload the daemon to take effect.\n\n    $ sudo systemctl daemon-reload"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230532","rid":"SV-230532r627750_rule","stig_id":"RHEL-08-040180","fix_id":"F-33176r619892_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230532' do\n  title 'The debug-shell systemd service must be disabled on RHEL 8.'\n  desc 'The debug-shell requires no authentication and provides root\nprivileges to anyone who has physical access to the machine.  While this\nfeature is disabled by default, masking it adds an additional layer of\nassurance that it will not be enabled via a dependency in systemd.  This also\nprevents attackers with physical access from trivially bypassing security on\nthe machine through valid troubleshooting configurations and gaining root\naccess when the system is rebooted.'\n  desc 'check', 'Verify RHEL 8 is configured to mask the debug-shell systemd service with\nthe following command:\n\n    $ sudo systemctl status debug-shell.service\n\n    debug-shell.service\n    Loaded: masked (Reason: Unit debug-shell.service is masked.)\n    Active: inactive (dead)\n\n    If the \"debug-shell.service\" is loaded and not masked, this is a finding.'\n  desc 'fix', 'Configure the system to mask the debug-shell systemd service with the\nfollowing command:\n\n    $ sudo systemctl mask debug-shell.service\n\n    Created symlink /etc/systemd/system/debug-shell.service -> /dev/null\n\n    Reload the daemon to take effect.\n\n    $ sudo systemctl daemon-reload'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230532'\n  tag rid: 'SV-230532r627750_rule'\n  tag stig_id: 'RHEL-08-040180'\n  tag fix_id: 'F-33176r619892_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  d = systemd_service('debug-shell.service')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe d do\n        its('params.LoadState') { should eq 'masked' }\n      end\n      describe d do\n        its('params.LoadState') { should eq 'not-found' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230532.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Service debug-shell.service params.LoadState is expected to eq \"masked\"","run_time":0.000597,"start_time":"2024-01-09T19:40:59-05:00","message":"\nexpected: \"masked\"\n     got: \"loaded\"\n\n(compared using ==)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"systemd_service","resource_params":"[\"debug-shell.service\"]","resource_id":"debug-shell.service"},{"status":"failed","code_desc":"Service debug-shell.service params.LoadState is expected to eq \"not-found\"","run_time":0.000388,"start_time":"2024-01-09T19:40:59-05:00","message":"\nexpected: \"not-found\"\n     got: \"loaded\"\n\n(compared using ==)\n","exception":"RSpec::Core::MultipleExceptionError","resource_class":"systemd_service","resource_params":"[\"debug-shell.service\"]","resource_id":"debug-shell.service"}]},{"id":"SV-230533","title":"The Trivial File Transfer Protocol (TFTP) server package must not be\ninstalled if not required for RHEL 8 operational support.","desc":"If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established.","descriptions":[{"label":"default","data":"If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established."},{"label":"check","data":"Verify a TFTP server has not been installed on the system with the\nfollowing command:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64   5.2-24.el8\n\n    If TFTP is installed and the requirement for TFTP is not documented with\nthe ISSO, this is a finding."},{"label":"fix","data":"Remove the TFTP package from the system with the following command:\n\n$ sudo yum remove tftp-server"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230533","rid":"SV-230533r627750_rule","stig_id":"RHEL-08-040190","fix_id":"F-33177r568346_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230533' do\n  title 'The Trivial File Transfer Protocol (TFTP) server package must not be\ninstalled if not required for RHEL 8 operational support.'\n  desc 'If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established.'\n  desc 'check', 'Verify a TFTP server has not been installed on the system with the\nfollowing command:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64   5.2-24.el8\n\n    If TFTP is installed and the requirement for TFTP is not documented with\nthe ISSO, this is a finding.'\n  desc 'fix', 'Remove the TFTP package from the system with the following command:\n\n$ sudo yum remove tftp-server'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230533'\n  tag rid: 'SV-230533r627750_rule'\n  tag stig_id: 'RHEL-08-040190'\n  tag fix_id: 'F-33177r568346_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('tftp-server') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230533.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package tftp-server is expected not to be installed","run_time":0.000115,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"package","resource_params":"[\"tftp-server\"]","resource_id":"tftp-server"}]},{"id":"SV-230534","title":"The root account must be the only account having unrestricted access\nto the RHEL 8 system.","desc":"If an account other than root also has a User Identifier (UID) of\n\"0\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \"0\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount.","descriptions":[{"label":"default","data":"If an account other than root also has a User Identifier (UID) of\n\"0\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \"0\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount."},{"label":"check","data":"Check the system for duplicate UID \"0\" assignments with the following\ncommand:\n\n    $ sudo awk -F: '$3 == 0 {print $1}' /etc/passwd\n\n    If any accounts other than root have a UID of \"0\", this is a finding."},{"label":"fix","data":"Change the UID of any account on the system, other than root, that has a\nUID of \"0\".\n\n    If the account is associated with system commands or applications, the UID\nshould be changed to one greater than \"0\" but less than \"1000\". Otherwise,\nassign a UID of greater than \"1000\" that has not already been assigned."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230534","rid":"SV-230534r627750_rule","stig_id":"RHEL-08-040200","fix_id":"F-33178r568349_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230534' do\n  title 'The root account must be the only account having unrestricted access\nto the RHEL 8 system.'\n  desc 'If an account other than root also has a User Identifier (UID) of\n\"0\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \"0\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount.'\n  desc 'check', %q(Check the system for duplicate UID \"0\" assignments with the following\ncommand:\n\n    $ sudo awk -F: '$3 == 0 {print $1}' /etc/passwd\n\n    If any accounts other than root have a UID of \"0\", this is a finding.)\n  desc 'fix', 'Change the UID of any account on the system, other than root, that has a\nUID of \"0\".\n\n    If the account is associated with system commands or applications, the UID\nshould be changed to one greater than \"0\" but less than \"1000\". Otherwise,\nassign a UID of greater than \"1000\" that has not already been assigned.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230534'\n  tag rid: 'SV-230534r627750_rule'\n  tag stig_id: 'RHEL-08-040200'\n  tag fix_id: 'F-33178r568349_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe passwd.uids(0) do\n    its('users') { should cmp 'root' }\n    its('entries.length') { should eq 1 }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230534.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"/etc/passwd with uid == 0 users is expected to cmp == \"root\"","run_time":6.8e-05,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"/etc/passwd with uid == 0 entries.length is expected to eq 1","run_time":4.8e-05,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-230535","title":"RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.","desc":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 will not accept IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_redirects\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_redirects = 0\n\nIf \"net.ipv6.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent IPv6 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230535","rid":"SV-230535r858793_rule","stig_id":"RHEL-08-040210","fix_id":"F-33179r858792_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230535' do\n  title 'RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 will not accept IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_redirects\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_redirects = 0\n\nIf \"net.ipv6.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent IPv6 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230535'\n  tag rid: 'SV-230535r858793_rule'\n  tag stig_id: 'RHEL-08-040210'\n  tag fix_id: 'F-33179r858792_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230535.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.default.accept_redirects value is expected to eq 0","run_time":0.109396,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.default.accept_redirects\"]","resource_id":"net.ipv6.conf.default.accept_redirects"}]},{"id":"SV-230536","title":"RHEL 8 must not send Internet Control Message Protocol (ICMP)\nredirects.","desc":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not IPv4 ICMP redirect messages.\n\nCheck the value of the \"all send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.send_redirects\n\nnet.ipv4.conf.all.send_redirects = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.send_redirects = 0\n\nIf \"net.ipv4.conf.all.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not allow interfaces to perform IPv4 ICMP redirects.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.send_redirects=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230536","rid":"SV-230536r858795_rule","stig_id":"RHEL-08-040220","fix_id":"F-33180r858794_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230536' do\n  title 'RHEL 8 must not send Internet Control Message Protocol (ICMP)\nredirects.'\n  desc %q(ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf)\n  desc 'check', 'Verify RHEL 8 does not IPv4 ICMP redirect messages.\n\nCheck the value of the \"all send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.send_redirects\n\nnet.ipv4.conf.all.send_redirects = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.send_redirects = 0\n\nIf \"net.ipv4.conf.all.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow interfaces to perform IPv4 ICMP redirects.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.send_redirects=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230536'\n  tag rid: 'SV-230536r858795_rule'\n  tag stig_id: 'RHEL-08-040220'\n  tag fix_id: 'F-33180r858794_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv4_enabled')\n    describe kernel_parameter('net.ipv4.conf.all.send_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv4 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv4 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230536.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.all.send_redirects value is expected to eq 0","run_time":0.111888,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.all.send_redirects\"]","resource_id":"net.ipv4.conf.all.send_redirects"}]},{"id":"SV-230537","title":"RHEL 8 must not respond to Internet Control Message Protocol (ICMP)\nechoes sent to a broadcast address.","desc":"Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). IPv6 does not implement the same method of broadcast as IPv4. Instead, IPv6 uses multicast addressing to the all-hosts multicast group. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). IPv6 does not implement the same method of broadcast as IPv4. Instead, IPv6 uses multicast addressing to the all-hosts multicast group. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not respond to ICMP echoes sent to a broadcast address.\n\nCheck the value of the \"icmp_echo_ignore_broadcasts\" variable with the following command:\n\n$ sudo sysctl net.ipv4.icmp_echo_ignore_broadcasts\n\nnet.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf the returned line does not have a value of \"1\", a line is not returned, or the retuned line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.icmp_echo_ignore_broadcasts /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf \"net.ipv4.icmp_echo_ignore_broadcasts\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not respond to IPv4 ICMP echoes sent to a broadcast address.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.icmp_echo_ignore_broadcasts=1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230537","rid":"SV-230537r858797_rule","stig_id":"RHEL-08-040230","fix_id":"F-33181r858796_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230537' do\n  title 'RHEL 8 must not respond to Internet Control Message Protocol (ICMP)\nechoes sent to a broadcast address.'\n  desc 'Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). IPv6 does not implement the same method of broadcast as IPv4. Instead, IPv6 uses multicast addressing to the all-hosts multicast group. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not respond to ICMP echoes sent to a broadcast address.\n\nCheck the value of the \"icmp_echo_ignore_broadcasts\" variable with the following command:\n\n$ sudo sysctl net.ipv4.icmp_echo_ignore_broadcasts\n\nnet.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf the returned line does not have a value of \"1\", a line is not returned, or the retuned line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.icmp_echo_ignore_broadcasts /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf \"net.ipv4.icmp_echo_ignore_broadcasts\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not respond to IPv4 ICMP echoes sent to a broadcast address.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.icmp_echo_ignore_broadcasts=1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230537'\n  tag rid: 'SV-230537r858797_rule'\n  tag stig_id: 'RHEL-08-040230'\n  tag fix_id: 'F-33181r858796_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv4_enabled')\n    describe kernel_parameter('net.ipv4.icmp_echo_ignore_broadcasts') do\n      its('value') { should eq 1 }\n    end\n  else\n    impact 0.0\n    describe 'IPv4 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv4 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230537.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.icmp_echo_ignore_broadcasts value is expected to eq 1","run_time":0.116828,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.icmp_echo_ignore_broadcasts\"]","resource_id":"net.ipv4.icmp_echo_ignore_broadcasts"}]},{"id":"SV-230538","title":"RHEL 8 must not forward IPv6 source-routed packets.","desc":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not accept IPv6 source-routed packets.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_source_route\n\nnet.ipv6.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_source_route = 0\n\nIf \"net.ipv6.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not forward IPv6 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230538","rid":"SV-230538r858801_rule","stig_id":"RHEL-08-040240","fix_id":"F-33182r858800_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230538' do\n  title 'RHEL 8 must not forward IPv6 source-routed packets.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv6 source-routed packets.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_source_route\n\nnet.ipv6.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_source_route = 0\n\nIf \"net.ipv6.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv6 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230538'\n  tag rid: 'SV-230538r858801_rule'\n  tag stig_id: 'RHEL-08-040240'\n  tag fix_id: 'F-33182r858800_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_source_route') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230538.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.default.accept_source_route value is expected to eq 0","run_time":0.335214,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.default.accept_source_route\"]","resource_id":"net.ipv6.conf.default.accept_source_route"}]},{"id":"SV-230539","title":"RHEL 8 must not forward IPv6 source-routed packets by default.","desc":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not accept IPv6 source-routed packets by default.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_source_route\n\nnet.ipv6.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_source_route = 0\n\nIf \"net.ipv6.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not forward IPv6 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230539","rid":"SV-230539r861085_rule","stig_id":"RHEL-08-040250","fix_id":"F-33183r858805_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230539' do\n  title 'RHEL 8 must not forward IPv6 source-routed packets by default.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv6 source-routed packets by default.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_source_route\n\nnet.ipv6.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_source_route = 0\n\nIf \"net.ipv6.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv6 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230539'\n  tag rid: 'SV-230539r861085_rule'\n  tag stig_id: 'RHEL-08-040250'\n  tag fix_id: 'F-33183r858805_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_source_route') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230539.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.default.accept_source_route value is expected to eq 0","run_time":0.000305,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.default.accept_source_route\"]","resource_id":"net.ipv6.conf.default.accept_source_route"}]},{"id":"SV-230540","title":"RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.","desc":"Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 is not performing IPv6 packet forwarding, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck that IPv6 forwarding is disabled using the following commands:\n\n$ sudo sysctl net.ipv6.conf.all.forwarding\n\nnet.ipv6.conf.all.forwarding = 0\n\nIf the IPv6 forwarding value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.forwarding = 0\n\nIf \"net.ipv6.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not allow IPv6 packet forwarding, unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.forwarding=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230540","rid":"SV-230540r858810_rule","stig_id":"RHEL-08-040260","fix_id":"F-33184r858809_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230540' do\n  title 'RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 is not performing IPv6 packet forwarding, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck that IPv6 forwarding is disabled using the following commands:\n\n$ sudo sysctl net.ipv6.conf.all.forwarding\n\nnet.ipv6.conf.all.forwarding = 0\n\nIf the IPv6 forwarding value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.forwarding = 0\n\nIf \"net.ipv6.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow IPv6 packet forwarding, unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.forwarding=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230540'\n  tag rid: 'SV-230540r858810_rule'\n  tag stig_id: 'RHEL-08-040260'\n  tag fix_id: 'F-33184r858809_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('net.ipv4.ip_forward') do\n      its('value') { should eq 0 }\n    end\n    if input('ipv6_enabled')\n      describe kernel_parameter('net.ipv6.conf.all.forwarding') do\n        its('value') { should eq 0 }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230540.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.ip_forward value is expected to eq 0","run_time":0.117127,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.ip_forward\"]","resource_id":"net.ipv4.ip_forward"},{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.all.forwarding value is expected to eq 0","run_time":0.166548,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.all.forwarding\"]","resource_id":"net.ipv6.conf.all.forwarding"}]},{"id":"SV-230541","title":"RHEL 8 must not accept router advertisements on all IPv6 interfaces.","desc":"Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.all.accept_ra\n\nnet.ipv6.conf.all.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_ra = 0\n\nIf \"net.ipv6.conf.all.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230541","rid":"SV-230541r858812_rule","stig_id":"RHEL-08-040261","fix_id":"F-33185r858811_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230541' do\n  title 'RHEL 8 must not accept router advertisements on all IPv6 interfaces.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.all.accept_ra\n\nnet.ipv6.conf.all.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_ra = 0\n\nIf \"net.ipv6.conf.all.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230541'\n  tag rid: 'SV-230541r858812_rule'\n  tag stig_id: 'RHEL-08-040261'\n  tag fix_id: 'F-33185r858811_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.all.accept_ra') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 not enabled' do\n      skip 'IPv6 is not enabled, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230541.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.all.accept_ra value is expected to eq 0","run_time":0.090956,"start_time":"2024-01-09T19:40:59-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.all.accept_ra\"]","resource_id":"net.ipv6.conf.all.accept_ra"}]},{"id":"SV-230542","title":"RHEL 8 must not accept router advertisements on all IPv6 interfaces by\ndefault.","desc":"Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces by default, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by default by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.default.accept_ra\n\nnet.ipv6.conf.default.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_ra = 0\n\nIf \"net.ipv6.conf.default.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces by default unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230542","rid":"SV-230542r858814_rule","stig_id":"RHEL-08-040262","fix_id":"F-33186r858813_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230542' do\n  title 'RHEL 8 must not accept router advertisements on all IPv6 interfaces by\ndefault.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces by default, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by default by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.default.accept_ra\n\nnet.ipv6.conf.default.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_ra = 0\n\nIf \"net.ipv6.conf.default.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces by default unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230542'\n  tag rid: 'SV-230542r858814_rule'\n  tag stig_id: 'RHEL-08-040262'\n  tag fix_id: 'F-33186r858813_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_ra') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 not enabled' do\n      skip 'IPv6 is not enabled, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230542.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.default.accept_ra value is expected to eq 0","run_time":0.141492,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.default.accept_ra\"]","resource_id":"net.ipv6.conf.default.accept_ra"}]},{"id":"SV-230543","title":"RHEL 8 must not allow interfaces to perform Internet Control Message\nProtocol (ICMP) redirects by default.","desc":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nCheck the value of the \"default send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.send_redirects\n\nnet.ipv4.conf.default.send_redirects=0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.send_redirects = 0\n\nIf \"net.ipv4.conf.default.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.send_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230543","rid":"SV-230543r858816_rule","stig_id":"RHEL-08-040270","fix_id":"F-33187r858815_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230543' do\n  title 'RHEL 8 must not allow interfaces to perform Internet Control Message\nProtocol (ICMP) redirects by default.'\n  desc %q(ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf)\n  desc 'check', 'Verify RHEL 8 does not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nCheck the value of the \"default send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.send_redirects\n\nnet.ipv4.conf.default.send_redirects=0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.send_redirects = 0\n\nIf \"net.ipv4.conf.default.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.send_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230543'\n  tag rid: 'SV-230543r858816_rule'\n  tag stig_id: 'RHEL-08-040270'\n  tag fix_id: 'F-33187r858815_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv4_enabled')\n    describe kernel_parameter('net.ipv4.conf.default.send_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv4 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv4 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230543.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.default.send_redirects value is expected to eq 0","run_time":0.121421,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.default.send_redirects\"]","resource_id":"net.ipv4.conf.default.send_redirects"}]},{"id":"SV-230544","title":"RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP)\nredirect messages.","desc":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 ignores IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_redirects\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_redirects = 0\n\nIf \"net.ipv6.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to ignore IPv6 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230544","rid":"SV-230544r858820_rule","stig_id":"RHEL-08-040280","fix_id":"F-33188r858819_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230544' do\n  title 'RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP)\nredirect messages.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 ignores IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_redirects\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_redirects = 0\n\nIf \"net.ipv6.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to ignore IPv6 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230544'\n  tag rid: 'SV-230544r858820_rule'\n  tag stig_id: 'RHEL-08-040280'\n  tag fix_id: 'F-33188r858819_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.all.accept_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230544.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv6.conf.all.accept_redirects value is expected to eq 0","run_time":0.17495,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv6.conf.all.accept_redirects\"]","resource_id":"net.ipv6.conf.all.accept_redirects"}]},{"id":"SV-230545","title":"RHEL 8 must disable access to network bpf syscall from unprivileged\nprocesses.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 prevents privilege escalation thru the kernel by disabling access to the bpf syscall with the following commands:\n\n$ sudo sysctl kernel.unprivileged_bpf_disabled\n\nkernel.unprivileged_bpf_disabled = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.unprivileged_bpf_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.unprivileged_bpf_disabled = 1\n\nIf \"kernel.unprivileged_bpf_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent privilege escalation thru the kernel by disabling access to the bpf syscall by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.unprivileged_bpf_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230545","rid":"SV-230545r858822_rule","stig_id":"RHEL-08-040281","fix_id":"F-33189r858821_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230545' do\n  title 'RHEL 8 must disable access to network bpf syscall from unprivileged\nprocesses.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 prevents privilege escalation thru the kernel by disabling access to the bpf syscall with the following commands:\n\n$ sudo sysctl kernel.unprivileged_bpf_disabled\n\nkernel.unprivileged_bpf_disabled = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.unprivileged_bpf_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.unprivileged_bpf_disabled = 1\n\nIf \"kernel.unprivileged_bpf_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent privilege escalation thru the kernel by disabling access to the bpf syscall by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.unprivileged_bpf_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230545'\n  tag rid: 'SV-230545r858822_rule'\n  tag stig_id: 'RHEL-08-040281'\n  tag fix_id: 'F-33189r858821_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.unprivileged_bpf_disabled') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230545.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.unprivileged_bpf_disabled value is expected to eq 1","run_time":0.121666,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.unprivileged_bpf_disabled\"]","resource_id":"kernel.unprivileged_bpf_disabled"}]},{"id":"SV-230546","title":"RHEL 8 must restrict usage of ptrace to descendant  processes.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 restricts usage of ptrace to descendant processes with the following commands:\n\n$ sudo sysctl kernel.yama.ptrace_scope\n\nkernel.yama.ptrace_scope = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.yama.ptrace_scope /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.yama.ptrace_scope = 1\n\nIf \"kernel.yama.ptrace_scope\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to restrict usage of ptrace to descendant processes by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.yama.ptrace_scope = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230546","rid":"SV-230546r858824_rule","stig_id":"RHEL-08-040282","fix_id":"F-33190r858823_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230546' do\n  title 'RHEL 8 must restrict usage of ptrace to descendant  processes.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 restricts usage of ptrace to descendant processes with the following commands:\n\n$ sudo sysctl kernel.yama.ptrace_scope\n\nkernel.yama.ptrace_scope = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.yama.ptrace_scope /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.yama.ptrace_scope = 1\n\nIf \"kernel.yama.ptrace_scope\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to restrict usage of ptrace to descendant processes by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.yama.ptrace_scope = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230546'\n  tag rid: 'SV-230546r858824_rule'\n  tag stig_id: 'RHEL-08-040282'\n  tag fix_id: 'F-33190r858823_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.yama.ptrace_scope') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230546.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.yama.ptrace_scope value is expected to eq 1","run_time":0.140668,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.yama.ptrace_scope\"]","resource_id":"kernel.yama.ptrace_scope"}]},{"id":"SV-230547","title":"RHEL 8 must restrict exposed kernel pointer addresses access.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 restricts exposed kernel pointer addresses access with the following commands:\n\n$ sudo sysctl kernel.kptr_restrict\n\nkernel.kptr_restrict = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.kptr_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.kptr_restrict = 1\n\nIf \"kernel.kptr_restrict\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to restrict exposed kernel pointer addresses access by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.kptr_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230547","rid":"SV-230547r858826_rule","stig_id":"RHEL-08-040283","fix_id":"F-33191r858825_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230547' do\n  title 'RHEL 8 must restrict exposed kernel pointer addresses access.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 restricts exposed kernel pointer addresses access with the following commands:\n\n$ sudo sysctl kernel.kptr_restrict\n\nkernel.kptr_restrict = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.kptr_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.kptr_restrict = 1\n\nIf \"kernel.kptr_restrict\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to restrict exposed kernel pointer addresses access by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.kptr_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230547'\n  tag rid: 'SV-230547r858826_rule'\n  tag stig_id: 'RHEL-08-040283'\n  tag fix_id: 'F-33191r858825_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.kptr_restrict') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230547.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter kernel.kptr_restrict value is expected to eq 1","run_time":0.131843,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"kernel.kptr_restrict\"]","resource_id":"kernel.kptr_restrict"}]},{"id":"SV-230548","title":"RHEL 8 must disable the use of user namespaces.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 disables the use of user namespaces with the following commands:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\n$ sudo sysctl user.max_user_namespaces\n\nuser.max_user_namespaces = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r user.max_user_namespaces /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: user.max_user_namespaces = 0\n\nIf \"user.max_user_namespaces\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to disable the use of user namespaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\nuser.max_user_namespaces = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230548","rid":"SV-230548r858828_rule","stig_id":"RHEL-08-040284","fix_id":"F-33192r858827_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230548' do\n  title 'RHEL 8 must disable the use of user namespaces.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 disables the use of user namespaces with the following commands:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\n$ sudo sysctl user.max_user_namespaces\n\nuser.max_user_namespaces = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r user.max_user_namespaces /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: user.max_user_namespaces = 0\n\nIf \"user.max_user_namespaces\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to disable the use of user namespaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\nuser.max_user_namespaces = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230548'\n  tag rid: 'SV-230548r858828_rule'\n  tag stig_id: 'RHEL-08-040284'\n  tag fix_id: 'F-33192r858827_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('container_host')\n    impact 0.0\n    describe true do\n      skip 'Profile running on a container host -- User namespaces are used primarily for Linux containers.; this control is Not Applicable'\n    end\n  else\n    describe kernel_parameter('user.max_user_namespaces') do\n      its('value') { should be_zero }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230548.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter user.max_user_namespaces value is expected to be zero","run_time":0.193388,"start_time":"2024-01-09T19:41:00-05:00","resource_class":"kernel_parameter","resource_params":"[\"user.max_user_namespaces\"]","resource_id":"user.max_user_namespaces"}]},{"id":"SV-230549","title":"RHEL 8 must use reverse path filtering on all IPv4 interfaces.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 uses reverse path filtering on all IPv4 interfaces with the following commands:\n\n$ sudo sysctl net.ipv4.conf.all.rp_filter\n\nnet.ipv4.conf.all.rp_filter = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.rp_filter /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.rp_filter = 1\n\nIf \"net.ipv4.conf.all.rp_filter\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to use reverse path filtering on all IPv4 interfaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.ipv4.conf.all.rp_filter = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230549","rid":"SV-230549r858830_rule","stig_id":"RHEL-08-040285","fix_id":"F-33193r858829_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230549' do\n  title 'RHEL 8 must use reverse path filtering on all IPv4 interfaces.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 uses reverse path filtering on all IPv4 interfaces with the following commands:\n\n$ sudo sysctl net.ipv4.conf.all.rp_filter\n\nnet.ipv4.conf.all.rp_filter = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.rp_filter /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.rp_filter = 1\n\nIf \"net.ipv4.conf.all.rp_filter\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use reverse path filtering on all IPv4 interfaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.ipv4.conf.all.rp_filter = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230549'\n  tag rid: 'SV-230549r858830_rule'\n  tag stig_id: 'RHEL-08-040285'\n  tag fix_id: 'F-33193r858829_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('net.ipv4.conf.all.rp_filter') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230549.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.all.rp_filter value is expected to eq 1","run_time":0.122098,"start_time":"2024-01-09T19:41:01-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.all.rp_filter\"]","resource_id":"net.ipv4.conf.all.rp_filter"}]},{"id":"SV-230550","title":"RHEL 8 must be configured to prevent unrestricted mail relaying.","desc":"If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity.","descriptions":[{"label":"default","data":"If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity."},{"label":"check","data":"Verify the system is configured to prevent unrestricted mail relaying.\n\n    Determine if \"postfix\" is installed with the following commands:\n\n    $ sudo yum list installed postfix\n\n    postfix.x86_64  2:3.3.1-9.el8\n\n    If postfix is not installed, this is Not Applicable.\n\n    If postfix is installed, determine if it is configured to reject\nconnections from unknown or untrusted networks with the following command:\n\n    $ sudo postconf -n smtpd_client_restrictions\n\n    smtpd_client_restrictions = permit_mynetworks, reject\n\n    If the \"smtpd_client_restrictions\" parameter contains any entries other\nthan \"permit_mynetworks\" and \"reject\", this is a finding."},{"label":"fix","data":"If \"postfix\" is installed, modify the \"/etc/postfix/main.cf\" file to\nrestrict client connections to the local network with the following command:\n\n    $ sudo postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230550","rid":"SV-230550r627750_rule","stig_id":"RHEL-08-040290","fix_id":"F-33194r568397_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230550' do\n  title 'RHEL 8 must be configured to prevent unrestricted mail relaying.'\n  desc 'If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity.'\n  desc 'check', 'Verify the system is configured to prevent unrestricted mail relaying.\n\n    Determine if \"postfix\" is installed with the following commands:\n\n    $ sudo yum list installed postfix\n\n    postfix.x86_64  2:3.3.1-9.el8\n\n    If postfix is not installed, this is Not Applicable.\n\n    If postfix is installed, determine if it is configured to reject\nconnections from unknown or untrusted networks with the following command:\n\n    $ sudo postconf -n smtpd_client_restrictions\n\n    smtpd_client_restrictions = permit_mynetworks, reject\n\n    If the \"smtpd_client_restrictions\" parameter contains any entries other\nthan \"permit_mynetworks\" and \"reject\", this is a finding.'\n  desc 'fix', %q(If \"postfix\" is installed, modify the \"/etc/postfix/main.cf\" file to\nrestrict client connections to the local network with the following command:\n\n    $ sudo postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject')\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230550'\n  tag rid: 'SV-230550r627750_rule'\n  tag stig_id: 'RHEL-08-040290'\n  tag fix_id: 'F-33194r568397_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if package('postfix').installed?\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') {\n        should match(/^smtpd_client_restrictions\\s+=\\s+(permit_mynetworks|reject)($|(,\\s*(permit_mynetworks|reject)\\s*$))/i)\n      }\n    end\n  else\n    impact 0.0\n    describe 'The `postfix` package is not installed' do\n      skip 'The `postfix` package is not installed, this control is Not Applicable'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230550.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Command: `postconf -n smtpd_client_restrictions` stdout.strip is expected to match /^smtpd_client_restrictions\\s+=\\s+(permit_mynetworks|reject)($|(,\\s*(permit_mynetworks|reject)\\s*$))/i","run_time":0.358658,"start_time":"2024-01-09T19:41:01-05:00","message":"expected \"\" to match /^smtpd_client_restrictions\\s+=\\s+(permit_mynetworks|reject)($|(,\\s*(permit_mynetworks|reject)\\s*$))/i","resource_class":"command","resource_params":"[\"postconf -n smtpd_client_restrictions\"]","resource_id":"Command: `postconf -n smtpd_client_restrictions`"}]},{"id":"SV-230551","title":"The RHEL 8 file integrity tool must be configured to verify extended\nattributes.","desc":"Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).","descriptions":[{"label":"default","data":"Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE)."},{"label":"check","data":"Verify the file integrity tool is configured to verify extended attributes.\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    Note: AIDE is highly configurable at install time. This requirement assumes\nthe \"aide.conf\" file is under the \"/etc\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    $ sudo find / -name aide.conf\n\n    Check the \"aide.conf\" file to determine if the \"xattrs\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \"xattrs\" rule follows:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \"xattrs\" rule is not being used on all uncommented selection lines\nin the \"/etc/aide.conf\" file, or extended attributes are not being checked by\nanother file integrity tool, this is a finding."},{"label":"fix","data":"Configure the file integrity tool to check file and directory extended\nattributes.\n\n    If AIDE is installed, ensure the \"xattrs\" rule is present on all\nuncommented file and directory selection lists."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230551","rid":"SV-230551r627750_rule","stig_id":"RHEL-08-040300","fix_id":"F-33195r568400_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230551' do\n  title 'The RHEL 8 file integrity tool must be configured to verify extended\nattributes.'\n  desc 'Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).'\n  desc 'check', 'Verify the file integrity tool is configured to verify extended attributes.\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    Note: AIDE is highly configurable at install time. This requirement assumes\nthe \"aide.conf\" file is under the \"/etc\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    $ sudo find / -name aide.conf\n\n    Check the \"aide.conf\" file to determine if the \"xattrs\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \"xattrs\" rule follows:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \"xattrs\" rule is not being used on all uncommented selection lines\nin the \"/etc/aide.conf\" file, or extended attributes are not being checked by\nanother file integrity tool, this is a finding.'\n  desc 'fix', 'Configure the file integrity tool to check file and directory extended\nattributes.\n\n    If AIDE is installed, ensure the \"xattrs\" rule is present on all\nuncommented file and directory selection lists.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230551'\n  tag rid: 'SV-230551r627750_rule'\n  tag stig_id: 'RHEL-08-040300'\n  tag fix_id: 'F-33195r568400_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('aide') do\n      it { should be_installed }\n    end\n\n    findings = []\n    aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n      findings.append(selection.selection_line) unless selection.rules.include? 'xattrs'\n    end\n\n    describe \"List of monitored files/directories without 'xattrs' rule\" do\n      subject { findings }\n      it { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230551.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System Package aide is expected to be installed","run_time":0.000553,"start_time":"2024-01-09T19:41:01-05:00","message":"expected that `System Package aide` is installed","resource_class":"package","resource_params":"[\"aide\"]","resource_id":"aide"},{"status":"passed","code_desc":"List of monitored files/directories without 'xattrs' rule is expected to be empty","run_time":0.006519,"start_time":"2024-01-09T19:41:01-05:00","resource_class":"Object","resource_params":"[]","resource_id":"List of monitored files/directories without 'xattrs' rule"}]},{"id":"SV-230552","title":"The RHEL 8 file integrity tool must be configured to verify Access\nControl Lists (ACLs).","desc":"ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).","descriptions":[{"label":"default","data":"ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE)."},{"label":"check","data":"Verify the file integrity tool is configured to verify ACLs.\n\nNote: AIDE is highly configurable at install time. This requirement assumes the \"aide.conf\" file is under the \"/etc\" directory.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nUse the following command to determine if the file is in a location other than \"/etc/aide/aide.conf\":\n\n     $ sudo find / -name aide.conf\n\nCheck the \"aide.conf\" file to determine if the \"acl\" rule has been added to the rule list being applied to the files and directories selection lists with the following command:\n\n     $ sudo grep -E \"[+]?acl\" /etc/aide.conf\n\n     VarFile = OwnerMode+n+l+X+acl\n\nIf the \"acl\" rule is not being used on all selection lines in the \"/etc/aide.conf\" file, is commented out, or ACLs are not being checked by another file integrity tool, this is a finding."},{"label":"fix","data":"Configure the file integrity tool to check file and directory ACLs.\n\n    If AIDE is installed, ensure the \"acl\" rule is present on all file and\ndirectory selection lists."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230552","rid":"SV-230552r880724_rule","stig_id":"RHEL-08-040310","fix_id":"F-33196r568403_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230552' do\n  title 'The RHEL 8 file integrity tool must be configured to verify Access\nControl Lists (ACLs).'\n  desc 'ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).'\n  desc 'check', 'Verify the file integrity tool is configured to verify ACLs.\n\nNote: AIDE is highly configurable at install time. This requirement assumes the \"aide.conf\" file is under the \"/etc\" directory.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nUse the following command to determine if the file is in a location other than \"/etc/aide/aide.conf\":\n\n     $ sudo find / -name aide.conf\n\nCheck the \"aide.conf\" file to determine if the \"acl\" rule has been added to the rule list being applied to the files and directories selection lists with the following command:\n\n     $ sudo grep -E \"[+]?acl\" /etc/aide.conf\n\n     VarFile = OwnerMode+n+l+X+acl\n\nIf the \"acl\" rule is not being used on all selection lines in the \"/etc/aide.conf\" file, is commented out, or ACLs are not being checked by another file integrity tool, this is a finding.'\n  desc 'fix', 'Configure the file integrity tool to check file and directory ACLs.\n\n    If AIDE is installed, ensure the \"acl\" rule is present on all file and\ndirectory selection lists.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230552'\n  tag rid: 'SV-230552r880724_rule'\n  tag stig_id: 'RHEL-08-040310'\n  tag fix_id: 'F-33196r568403_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('aide') do\n      it { should be_installed }\n    end\n\n    findings = []\n    aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n      findings.append(selection.selection_line) unless selection.rules.include? 'acl'\n    end\n\n    describe \"List of monitored files/directories without 'acl' rule\" do\n      subject { findings }\n      it { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230552.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System Package aide is expected to be installed","run_time":0.000193,"start_time":"2024-01-09T19:41:01-05:00","message":"expected that `System Package aide` is installed","resource_class":"package","resource_params":"[\"aide\"]","resource_id":"aide"},{"status":"passed","code_desc":"List of monitored files/directories without 'acl' rule is expected to be empty","run_time":0.004793,"start_time":"2024-01-09T19:41:01-05:00","resource_class":"Object","resource_params":"[]","resource_id":"List of monitored files/directories without 'acl' rule"}]},{"id":"SV-230553","title":"The graphical display manager must not be installed on RHEL 8 unless\napproved.","desc":"Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system.\nGraphical display managers have a long history of security vulnerabilities and\nmust not be used, unless approved and documented.","descriptions":[{"label":"default","data":"Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system.\nGraphical display managers have a long history of security vulnerabilities and\nmust not be used, unless approved and documented."},{"label":"check","data":"Verify that a graphical user interface is not installed:\n\n$ rpm -qa | grep xorg | grep server\n\nAsk the System Administrator if use of a graphical user interface is an operational requirement.\n\nIf the use of a graphical user interface on the system is not documented with the ISSO, this is a finding."},{"label":"fix","data":"Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo yum remove xorg-x11-server-Xorg xorg-x11-server-common xorg-x11-server-utils xorg-x11-server-Xwayland\n\nA reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230553","rid":"SV-230553r809324_rule","stig_id":"RHEL-08-040320","fix_id":"F-33197r809323_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230553' do\n  title 'The graphical display manager must not be installed on RHEL 8 unless\napproved.'\n  desc 'Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system.\nGraphical display managers have a long history of security vulnerabilities and\nmust not be used, unless approved and documented.'\n  desc 'check', 'Verify that a graphical user interface is not installed:\n\n$ rpm -qa | grep xorg | grep server\n\nAsk the System Administrator if use of a graphical user interface is an operational requirement.\n\nIf the use of a graphical user interface on the system is not documented with the ISSO, this is a finding.'\n  desc 'fix', 'Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo yum remove xorg-x11-server-Xorg xorg-x11-server-common xorg-x11-server-utils xorg-x11-server-Xwayland\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230553'\n  tag rid: 'SV-230553r809324_rule'\n  tag stig_id: 'RHEL-08-040320'\n  tag fix_id: 'F-33197r809323_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  input('remove_xorg_x11_server_packages').each do |p|\n    describe package(p) do\n      it { should_not be_installed }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230553.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package xorg-x11-server-common is expected not to be installed","run_time":0.108045,"start_time":"2024-01-09T19:41:01-05:00","resource_class":"package","resource_params":"[\"xorg-x11-server-common\"]","resource_id":"xorg-x11-server-common"},{"status":"passed","code_desc":"System Package xorg-x11-server-Xorg is expected not to be installed","run_time":0.134939,"start_time":"2024-01-09T19:41:01-05:00","resource_class":"package","resource_params":"[\"xorg-x11-server-Xorg\"]","resource_id":"xorg-x11-server-Xorg"},{"status":"passed","code_desc":"System Package xorg-x11-server-utils is expected not to be installed","run_time":0.29699,"start_time":"2024-01-09T19:41:01-05:00","resource_class":"package","resource_params":"[\"xorg-x11-server-utils\"]","resource_id":"xorg-x11-server-utils"},{"status":"passed","code_desc":"System Package xorg-x11-server-Xwayland is expected not to be installed","run_time":0.130578,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"package","resource_params":"[\"xorg-x11-server-Xwayland\"]","resource_id":"xorg-x11-server-Xwayland"}]},{"id":"SV-230554","title":"RHEL 8 network interfaces must not be in promiscuous mode.","desc":"Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow them to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel.","descriptions":[{"label":"default","data":"Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow them to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel."},{"label":"check","data":"Verify network interfaces are not in promiscuous mode unless approved by\nthe ISSO and documented.\n\n    Check for the status with the following command:\n\n    $ sudo ip link | grep -i promisc\n\n    If network interfaces are found on the system in promiscuous mode and their\nuse has not been approved by the ISSO and documented, this is a finding."},{"label":"fix","data":"Configure network interfaces to turn off promiscuous mode unless approved\nby the ISSO and documented.\n\n    Set the promiscuous mode of an interface to off with the following command:\n\n    $ sudo ip link set dev <devicename> multicast off promisc off"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230554","rid":"SV-230554r627750_rule","stig_id":"RHEL-08-040330","fix_id":"F-33198r568409_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230554' do\n  title 'RHEL 8 network interfaces must not be in promiscuous mode.'\n  desc 'Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow them to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel.'\n  desc 'check', 'Verify network interfaces are not in promiscuous mode unless approved by\nthe ISSO and documented.\n\n    Check for the status with the following command:\n\n    $ sudo ip link | grep -i promisc\n\n    If network interfaces are found on the system in promiscuous mode and their\nuse has not been approved by the ISSO and documented, this is a finding.'\n  desc 'fix', 'Configure network interfaces to turn off promiscuous mode unless approved\nby the ISSO and documented.\n\n    Set the promiscuous mode of an interface to off with the following command:\n\n    $ sudo ip link set dev <devicename> multicast off promisc off'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230554'\n  tag rid: 'SV-230554r627750_rule'\n  tag stig_id: 'RHEL-08-040330'\n  tag fix_id: 'F-33198r568409_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('ip link | grep -i promisc') do\n      its('stdout.strip') { should match(/^$/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230554.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `ip link | grep -i promisc` stdout.strip is expected to match /^$/","run_time":0.141996,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"command","resource_params":"[\"ip link | grep -i promisc\"]","resource_id":"Command: `ip link | grep -i promisc`"}]},{"id":"SV-230555","title":"RHEL 8 remote X connections for interactive users must be disabled\nunless to fulfill documented and validated mission requirements.","desc":"The security risk of using X11 forwarding is that the client's X11\ndisplay server may be exposed to attack when the SSH client requests\nforwarding.  A system administrator may have a stance in which they want to\nprotect clients that may expose themselves to attack by unwittingly requesting\nX11 forwarding, which can warrant a \"no\" setting.\n\n    X11 forwarding should be enabled with caution. Users with the ability to\nbypass file permissions on the remote host (for the user's X11 authorization\ndatabase) can access the local X11 display through the forwarded connection. An\nattacker may then be able to perform activities such as keystroke monitoring if\nthe ForwardX11Trusted option is also enabled.\n\n    If X11 services are not required for the system's intended function, they\nshould be disabled or restricted as appropriate to the system’s needs.","descriptions":[{"label":"default","data":"The security risk of using X11 forwarding is that the client's X11\ndisplay server may be exposed to attack when the SSH client requests\nforwarding.  A system administrator may have a stance in which they want to\nprotect clients that may expose themselves to attack by unwittingly requesting\nX11 forwarding, which can warrant a \"no\" setting.\n\n    X11 forwarding should be enabled with caution. Users with the ability to\nbypass file permissions on the remote host (for the user's X11 authorization\ndatabase) can access the local X11 display through the forwarded connection. An\nattacker may then be able to perform activities such as keystroke monitoring if\nthe ForwardX11Trusted option is also enabled.\n\n    If X11 services are not required for the system's intended function, they\nshould be disabled or restricted as appropriate to the system’s needs."},{"label":"check","data":"Verify X11Forwarding is disabled with the following command:\n\n$ sudo grep -ir x11forwarding /etc/ssh/sshd_config* | grep -v \"^#\"\n\nX11Forwarding no\n\nIf the \"X11Forwarding\" keyword is set to \"yes\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement or is missing, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11Forwarding\" keyword and set its value to \"no\" (this file may be named\ndifferently or be in a different location if using a version of SSH that is\nprovided by a third-party vendor):\n\n    X11Forwarding no\n\n    The SSH service must be restarted for changes to take effect:\n\n    $ sudo systemctl restart sshd"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230555","rid":"SV-230555r858721_rule","stig_id":"RHEL-08-040340","fix_id":"F-33199r568412_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230555' do\n  title 'RHEL 8 remote X connections for interactive users must be disabled\nunless to fulfill documented and validated mission requirements.'\n  desc %q(The security risk of using X11 forwarding is that the client's X11\ndisplay server may be exposed to attack when the SSH client requests\nforwarding.  A system administrator may have a stance in which they want to\nprotect clients that may expose themselves to attack by unwittingly requesting\nX11 forwarding, which can warrant a \"no\" setting.\n\n    X11 forwarding should be enabled with caution. Users with the ability to\nbypass file permissions on the remote host (for the user's X11 authorization\ndatabase) can access the local X11 display through the forwarded connection. An\nattacker may then be able to perform activities such as keystroke monitoring if\nthe ForwardX11Trusted option is also enabled.\n\n    If X11 services are not required for the system's intended function, they\nshould be disabled or restricted as appropriate to the system’s needs.)\n  desc 'check', 'Verify X11Forwarding is disabled with the following command:\n\n$ sudo grep -ir x11forwarding /etc/ssh/sshd_config* | grep -v \"^#\"\n\nX11Forwarding no\n\nIf the \"X11Forwarding\" keyword is set to \"yes\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement or is missing, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11Forwarding\" keyword and set its value to \"no\" (this file may be named\ndifferently or be in a different location if using a version of SSH that is\nprovided by a third-party vendor):\n\n    X11Forwarding no\n\n    The SSH service must be restarted for changes to take effect:\n\n    $ sudo systemctl restart sshd'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230555'\n  tag rid: 'SV-230555r858721_rule'\n  tag stig_id: 'RHEL-08-040340'\n  tag fix_id: 'F-33199r568412_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe sshd_config do\n      its('X11Forwarding') { should cmp 'no' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230555.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration X11Forwarding is expected to cmp == \"no\"","run_time":0.001396,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230556","title":"The RHEL 8 SSH daemon must prevent remote hosts from connecting to the\nproxy display.","desc":"When X11 forwarding is enabled, there may be additional exposure to\nthe server and client displays if the sshd proxy display is configured to\nlisten on the wildcard address.  By default, sshd binds the forwarding server\nto the loopback address and sets the hostname part of the DIPSLAY environment\nvariable to localhost.  This prevents remote hosts from connecting to the proxy\ndisplay.","descriptions":[{"label":"default","data":"When X11 forwarding is enabled, there may be additional exposure to\nthe server and client displays if the sshd proxy display is configured to\nlisten on the wildcard address.  By default, sshd binds the forwarding server\nto the loopback address and sets the hostname part of the DIPSLAY environment\nvariable to localhost.  This prevents remote hosts from connecting to the proxy\ndisplay."},{"label":"check","data":"Verify the SSH daemon prevents remote hosts from connecting to the proxy display.\n\nCheck the SSH X11UseLocalhost setting with the following command:\n\n# sudo grep -ir x11uselocalhost /etc/ssh/sshd_config*\nX11UseLocalhost yes\n\nIf the \"X11UseLocalhost\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the SSH daemon to prevent remote hosts from connecting to the\nproxy display.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11UseLocalhost\" keyword and set its value to \"yes\" (this file may be\nnamed differently or be in a different location if using a version of SSH that\nis provided by a third-party vendor):\n\n    X11UseLocalhost yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230556","rid":"SV-230556r858723_rule","stig_id":"RHEL-08-040341","fix_id":"F-33200r568415_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230556' do\n  title 'The RHEL 8 SSH daemon must prevent remote hosts from connecting to the\nproxy display.'\n  desc 'When X11 forwarding is enabled, there may be additional exposure to\nthe server and client displays if the sshd proxy display is configured to\nlisten on the wildcard address.  By default, sshd binds the forwarding server\nto the loopback address and sets the hostname part of the DIPSLAY environment\nvariable to localhost.  This prevents remote hosts from connecting to the proxy\ndisplay.'\n  desc 'check', 'Verify the SSH daemon prevents remote hosts from connecting to the proxy display.\n\nCheck the SSH X11UseLocalhost setting with the following command:\n\n# sudo grep -ir x11uselocalhost /etc/ssh/sshd_config*\nX11UseLocalhost yes\n\nIf the \"X11UseLocalhost\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to prevent remote hosts from connecting to the\nproxy display.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11UseLocalhost\" keyword and set its value to \"yes\" (this file may be\nnamed differently or be in a different location if using a version of SSH that\nis provided by a third-party vendor):\n\n    X11UseLocalhost yes'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230556'\n  tag rid: 'SV-230556r858723_rule'\n  tag stig_id: 'RHEL-08-040341'\n  tag fix_id: 'F-33200r568415_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('X11UseLocalhost') { should cmp 'yes' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230556.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SSHD Configuration X11UseLocalhost is expected to cmp == \"yes\"","run_time":0.000858,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"sshd_config","resource_params":"[]","resource_id":"/etc/ssh/sshd_config"}]},{"id":"SV-230557","title":"If the Trivial File Transfer Protocol (TFTP) server is required, the\nRHEL 8 TFTP daemon must be configured to operate in secure mode.","desc":"Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files.","descriptions":[{"label":"default","data":"Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files."},{"label":"check","data":"Verify the TFTP daemon is configured to operate in secure mode with the\nfollowing commands:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64 x.x-x.el8\n\n    If a TFTP server is not installed, this is Not Applicable.\n\n    If a TFTP server is installed, check for the server arguments with the\nfollowing command:\n\n    $ sudo grep server_args /etc/xinetd.d/tftp\n\n    server_args = -s /var/lib/tftpboot\n\n    If the \"server_args\" line does not have a \"-s\" option, and a\nsubdirectory is not assigned, this is a finding."},{"label":"fix","data":"Configure the TFTP daemon to operate in secure mode by adding the following\nline to \"/etc/xinetd.d/tftp\" (or modify the line to have the required value):\n\n    server_args = -s /var/lib/tftpboot"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230557","rid":"SV-230557r627750_rule","stig_id":"RHEL-08-040350","fix_id":"F-33201r568418_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230557' do\n  title 'If the Trivial File Transfer Protocol (TFTP) server is required, the\nRHEL 8 TFTP daemon must be configured to operate in secure mode.'\n  desc 'Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files.'\n  desc 'check', 'Verify the TFTP daemon is configured to operate in secure mode with the\nfollowing commands:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64 x.x-x.el8\n\n    If a TFTP server is not installed, this is Not Applicable.\n\n    If a TFTP server is installed, check for the server arguments with the\nfollowing command:\n\n    $ sudo grep server_args /etc/xinetd.d/tftp\n\n    server_args = -s /var/lib/tftpboot\n\n    If the \"server_args\" line does not have a \"-s\" option, and a\nsubdirectory is not assigned, this is a finding.'\n  desc 'fix', 'Configure the TFTP daemon to operate in secure mode by adding the following\nline to \"/etc/xinetd.d/tftp\" (or modify the line to have the required value):\n\n    server_args = -s /var/lib/tftpboot'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230557'\n  tag rid: 'SV-230557r627750_rule'\n  tag stig_id: 'RHEL-08-040350'\n  tag fix_id: 'F-33201r568418_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if package('tftp-server').installed?\n    impact 0.5\n    describe command('grep server_args /etc/xinetd.d/tftp') do\n      its('stdout.strip') { should match %r{^\\s*server_args\\s+=\\s+(-s|--secure)\\s(/\\S+)$} }\n    end\n  else\n    impact 0.0\n    describe 'The TFTP package is not installed' do\n      skip 'If a TFTP server is not installed, this is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230557.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The TFTP package is not installed","run_time":1.1e-05,"start_time":"2024-01-09T19:41:02-05:00","resource":"","skip_message":"If a TFTP server is not installed, this is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The TFTP package is not installed"}]},{"id":"SV-230558","title":"A File Transfer Protocol (FTP) server package must not be installed\nunless mission essential on RHEL 8.","desc":"The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service.","descriptions":[{"label":"default","data":"The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service."},{"label":"check","data":"Verify an FTP server has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed *ftpd*\n\n    vsftpd.x86_64\n3.0.3-28.el8                                                  appstream\n\n    If an FTP server is installed and is not documented with the Information\nSystem Security Officer (ISSO) as an operational requirement, this is a finding."},{"label":"fix","data":"Document the FTP server package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove vsftpd"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230558","rid":"SV-230558r627750_rule","stig_id":"RHEL-08-040360","fix_id":"F-33202r568421_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230558' do\n  title 'A File Transfer Protocol (FTP) server package must not be installed\nunless mission essential on RHEL 8.'\n  desc 'The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service.'\n  desc 'check', 'Verify an FTP server has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed *ftpd*\n\n    vsftpd.x86_64\n3.0.3-28.el8                                                  appstream\n\n    If an FTP server is installed and is not documented with the Information\nSystem Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Document the FTP server package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove vsftpd'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230558'\n  tag rid: 'SV-230558r627750_rule'\n  tag stig_id: 'RHEL-08-040360'\n  tag fix_id: 'F-33202r568421_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('vsftpd') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230558.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package vsftpd is expected not to be installed","run_time":0.193907,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"package","resource_params":"[\"vsftpd\"]","resource_id":"vsftpd"}]},{"id":"SV-230559","title":"The gssproxy package must not be installed unless mission essential on\nRHEL 8.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The gssproxy package is a proxy for GSS API credential handling and could\nexpose secrets on some networks. It is not needed for normal function of the OS.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The gssproxy package is a proxy for GSS API credential handling and could\nexpose secrets on some networks. It is not needed for normal function of the OS."},{"label":"check","data":"Verify the gssproxy package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed gssproxy\n\n    gssproxy.x86_64\n0.8.0-14.el8                                                  @anaconda\n\n    If the gssproxy package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."},{"label":"fix","data":"Document the gssproxy package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove gssproxy"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230559","rid":"SV-230559r646887_rule","stig_id":"RHEL-08-040370","fix_id":"F-33203r568424_fix","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'SV-230559' do\n  title 'The gssproxy package must not be installed unless mission essential on\nRHEL 8.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The gssproxy package is a proxy for GSS API credential handling and could\nexpose secrets on some networks. It is not needed for normal function of the OS.'\n  desc 'check', 'Verify the gssproxy package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed gssproxy\n\n    gssproxy.x86_64\n0.8.0-14.el8                                                  @anaconda\n\n    If the gssproxy package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the gssproxy package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove gssproxy'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230559'\n  tag rid: 'SV-230559r646887_rule'\n  tag stig_id: 'RHEL-08-040370'\n  tag fix_id: 'F-33203r568424_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('gssproxy') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230559.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package gssproxy is expected not to be installed","run_time":0.133366,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"package","resource_params":"[\"gssproxy\"]","resource_id":"gssproxy"}]},{"id":"SV-230560","title":"The iprutils package must not be installed unless mission essential on\nRHEL 8.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The iprutils package provides a suite of utilities to manage and configure\nSCSI devices supported by the ipr SCSI storage device driver.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The iprutils package provides a suite of utilities to manage and configure\nSCSI devices supported by the ipr SCSI storage device driver."},{"label":"check","data":"Verify the iprutils package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed iprutils\n\n    iprutils.x86_64\n2.4.18.1-1.el8                                                  @anaconda\n\n    If the iprutils package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."},{"label":"fix","data":"Document the iprutils package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove iprutils"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230560","rid":"SV-230560r627750_rule","stig_id":"RHEL-08-040380","fix_id":"F-33204r568427_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230560' do\n  title 'The iprutils package must not be installed unless mission essential on\nRHEL 8.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The iprutils package provides a suite of utilities to manage and configure\nSCSI devices supported by the ipr SCSI storage device driver.'\n  desc 'check', 'Verify the iprutils package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed iprutils\n\n    iprutils.x86_64\n2.4.18.1-1.el8                                                  @anaconda\n\n    If the iprutils package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the iprutils package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove iprutils'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230560'\n  tag rid: 'SV-230560r627750_rule'\n  tag stig_id: 'RHEL-08-040380'\n  tag fix_id: 'F-33204r568427_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('iprutils') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230560.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package iprutils is expected not to be installed","run_time":0.12975,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"package","resource_params":"[\"iprutils\"]","resource_id":"iprutils"}]},{"id":"SV-230561","title":"The tuned package must not be installed unless mission essential on\nRHEL 8.","desc":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The tuned package contains a daemon that tunes the system settings\ndynamically. It does so by monitoring the usage of several system components\nperiodically. Based on that information, components will then be put into lower\nor higher power savings modes to adapt to the current usage. The tuned package\nis not needed for normal OS operations.","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The tuned package contains a daemon that tunes the system settings\ndynamically. It does so by monitoring the usage of several system components\nperiodically. Based on that information, components will then be put into lower\nor higher power savings modes to adapt to the current usage. The tuned package\nis not needed for normal OS operations."},{"label":"check","data":"Verify the tuned package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed tuned\n\n    tuned.noarch\n2.12.0-3.el8                                                  @anaconda\n\n    If the tuned package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."},{"label":"fix","data":"Document the tuned package with the ISSO as an operational requirement or\nremove it from the system with the following command:\n\n    $ sudo yum remove tuned"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-230561","rid":"SV-230561r627750_rule","stig_id":"RHEL-08-040390","fix_id":"F-33205r568430_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-230561' do\n  title 'The tuned package must not be installed unless mission essential on\nRHEL 8.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The tuned package contains a daemon that tunes the system settings\ndynamically. It does so by monitoring the usage of several system components\nperiodically. Based on that information, components will then be put into lower\nor higher power savings modes to adapt to the current usage. The tuned package\nis not needed for normal OS operations.'\n  desc 'check', 'Verify the tuned package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed tuned\n\n    tuned.noarch\n2.12.0-3.el8                                                  @anaconda\n\n    If the tuned package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the tuned package with the ISSO as an operational requirement or\nremove it from the system with the following command:\n\n    $ sudo yum remove tuned'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230561'\n  tag rid: 'SV-230561r627750_rule'\n  tag stig_id: 'RHEL-08-040390'\n  tag fix_id: 'F-33205r568430_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('tuned') do\n    it { should_not be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230561.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package tuned is expected not to be installed","run_time":0.126853,"start_time":"2024-01-09T19:41:02-05:00","resource_class":"package","resource_params":"[\"tuned\"]","resource_id":"tuned"}]},{"id":"SV-237640","title":"The krb5-server package must not be installed on RHEL 8.","desc":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.","descriptions":[{"label":"default","data":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."},{"label":"check","data":"Verify the krb5-server package has not been installed on the system with\nthe following commands:\n\n    If the system is a workstation or is utilizing\nkrb5-server-1.17-18.el8.x86_64 or newer, this is Not Applicable\n\n    $ sudo yum list installed krb5-server\n\n    krb5-server.x86_64 1.17-9.el8 repository\n\n    If the krb5-server package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."},{"label":"fix","data":"Document the krb5-server package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-server"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000120-GPOS-00061","gid":"V-237640","rid":"SV-237640r646890_rule","stig_id":"RHEL-08-010163","fix_id":"F-40822r646889_fix","cci":["CCI-000803"],"nist":["IA-7"]},"code":"control 'SV-237640' do\n  title 'The krb5-server package must not be installed on RHEL 8.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify the krb5-server package has not been installed on the system with\nthe following commands:\n\n    If the system is a workstation or is utilizing\nkrb5-server-1.17-18.el8.x86_64 or newer, this is Not Applicable\n\n    $ sudo yum list installed krb5-server\n\n    krb5-server.x86_64 1.17-9.el8 repository\n\n    If the krb5-server package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the krb5-server package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-server'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-237640'\n  tag rid: 'SV-237640r646890_rule'\n  tag stig_id: 'RHEL-08-010163'\n  tag fix_id: 'F-40822r646889_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n\n  describe.one do\n    describe package('krb5-server') do\n      it { should_not be_installed }\n    end\n\n    describe package('krb5-server') do\n      its('version') { should cmp >= '1.17-9.el8' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237640.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package krb5-server is expected not to be installed","run_time":0.000996,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"package","resource_params":"[\"krb5-server\"]","resource_id":"krb5-server"}]},{"id":"SV-237641","title":"RHEL 8 must restrict privilege elevation to authorized personnel.","desc":"The sudo command allows a user to execute programs with elevated\n(administrator) privileges. It prompts the user for their password and confirms\nyour request to execute a command by checking a file, called sudoers. If the\n\"sudoers\" file is not configured correctly, any user defined on the system\ncan initiate privileged actions on the target system.","descriptions":[{"label":"default","data":"The sudo command allows a user to execute programs with elevated\n(administrator) privileges. It prompts the user for their password and confirms\nyour request to execute a command by checking a file, called sudoers. If the\n\"sudoers\" file is not configured correctly, any user defined on the system\ncan initiate privileged actions on the target system."},{"label":"check","data":"Verify the \"sudoers\" file restricts sudo access to authorized personnel.\n$ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*\n\nIf the either of the following entries are returned, this is a finding:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL"},{"label":"fix","data":"Remove the following entries from the sudoers file:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-237641","rid":"SV-237641r646893_rule","stig_id":"RHEL-08-010382","fix_id":"F-40823r646892_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-237641' do\n  title 'RHEL 8 must restrict privilege elevation to authorized personnel.'\n  desc 'The sudo command allows a user to execute programs with elevated\n(administrator) privileges. It prompts the user for their password and confirms\nyour request to execute a command by checking a file, called sudoers. If the\n\"sudoers\" file is not configured correctly, any user defined on the system\ncan initiate privileged actions on the target system.'\n  desc 'check', %q(Verify the \"sudoers\" file restricts sudo access to authorized personnel.\n$ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*\n\nIf the either of the following entries are returned, this is a finding:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL)\n  desc 'fix', 'Remove the following entries from the sudoers file:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-237641'\n  tag rid: 'SV-237641r646893_rule'\n  tag stig_id: 'RHEL-08-010382'\n  tag fix_id: 'F-40823r646892_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  sudoers_files = bash('ls -d /etc/sudoers.d/*').stdout.strip.split.append('/etc/sudoers')\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    sudoers_files.each do |file|\n      describe file(file) do\n        its('content') { should_not match(/^ALL\\s*ALL=\\(ALL\\)\\sALL/) }\n        its('content') { should_not match(/^ALL\\s*ALL=\\(ALL:ALL\\)\\sALL/) }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237641.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /etc/sudoers.d/90-cloud-init-users content is expected not to match /^ALL\\s*ALL=\\(ALL\\)\\sALL/","run_time":0.000243,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"file","resource_params":"[\"/etc/sudoers.d/90-cloud-init-users\"]","resource_id":"/etc/sudoers.d/90-cloud-init-users"},{"status":"passed","code_desc":"File /etc/sudoers.d/90-cloud-init-users content is expected not to match /^ALL\\s*ALL=\\(ALL:ALL\\)\\sALL/","run_time":0.000125,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"file","resource_params":"[\"/etc/sudoers.d/90-cloud-init-users\"]","resource_id":"/etc/sudoers.d/90-cloud-init-users"},{"status":"passed","code_desc":"File /etc/sudoers content is expected not to match /^ALL\\s*ALL=\\(ALL\\)\\sALL/","run_time":0.000139,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"file","resource_params":"[\"/etc/sudoers\"]","resource_id":"/etc/sudoers"},{"status":"passed","code_desc":"File /etc/sudoers content is expected not to match /^ALL\\s*ALL=\\(ALL:ALL\\)\\sALL/","run_time":0.000126,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"file","resource_params":"[\"/etc/sudoers\"]","resource_id":"/etc/sudoers"}]},{"id":"SV-237642","title":"RHEL 8 must use the invoking user's password for privilege escalation\nwhen using \"sudo\".","desc":"The sudoers security policy requires that users authenticate\nthemselves before they can use sudo. When sudoers requires authentication, it\nvalidates the invoking user's credentials. If the rootpw, targetpw, or runaspw\nflags are defined and not disabled, by default the operating system will prompt\nthe invoking user for the \"root\" user password.\n    For more information on each of the listed configurations, reference the\nsudoers(5) manual page.","descriptions":[{"label":"default","data":"The sudoers security policy requires that users authenticate\nthemselves before they can use sudo. When sudoers requires authentication, it\nvalidates the invoking user's credentials. If the rootpw, targetpw, or runaspw\nflags are defined and not disabled, by default the operating system will prompt\nthe invoking user for the \"root\" user password.\n    For more information on each of the listed configurations, reference the\nsudoers(5) manual page."},{"label":"check","data":"Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.\n\n     $ sudo grep -Eir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'\n\n     /etc/sudoers:Defaults !targetpw\n     /etc/sudoers:Defaults !rootpw\n     /etc/sudoers:Defaults !runaspw\n\nIf conflicting results are returned, this is a finding.\nIf \"Defaults !targetpw\" is not defined, this is a finding.\nIf \"Defaults !rootpw\" is not defined, this is a finding.\nIf \"Defaults !runaspw\" is not defined, this is a finding."},{"label":"fix","data":"Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:\n     Defaults !targetpw\n     Defaults !rootpw\n     Defaults !runaspw\n\nRemove any configurations that conflict with the above from the following locations:\n     /etc/sudoers\n     /etc/sudoers.d/"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-237642","rid":"SV-237642r880727_rule","stig_id":"RHEL-08-010383","fix_id":"F-40824r880726_fix","cci":["CCI-002227"],"nist":["AC-6 (5)"]},"code":"control 'SV-237642' do\n  title %q(RHEL 8 must use the invoking user's password for privilege escalation\nwhen using \"sudo\".)\n  desc %q(The sudoers security policy requires that users authenticate\nthemselves before they can use sudo. When sudoers requires authentication, it\nvalidates the invoking user's credentials. If the rootpw, targetpw, or runaspw\nflags are defined and not disabled, by default the operating system will prompt\nthe invoking user for the \"root\" user password.\n    For more information on each of the listed configurations, reference the\nsudoers(5) manual page.)\n  desc 'check', %q(Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.\n\n     $ sudo grep -Eir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'\n\n     /etc/sudoers:Defaults !targetpw\n     /etc/sudoers:Defaults !rootpw\n     /etc/sudoers:Defaults !runaspw\n\nIf conflicting results are returned, this is a finding.\nIf \"Defaults !targetpw\" is not defined, this is a finding.\nIf \"Defaults !rootpw\" is not defined, this is a finding.\nIf \"Defaults !runaspw\" is not defined, this is a finding.)\n  desc 'fix', 'Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:\n     Defaults !targetpw\n     Defaults !rootpw\n     Defaults !runaspw\n\nRemove any configurations that conflict with the above from the following locations:\n     /etc/sudoers\n     /etc/sudoers.d/'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-237642'\n  tag rid: 'SV-237642r880727_rule'\n  tag stig_id: 'RHEL-08-010383'\n  tag fix_id: 'F-40824r880726_fix'\n  tag cci: ['CCI-002227']\n  tag nist: ['AC-6 (5)']\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe bash(\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\") do\n      its('stdout') { should match(/^Defaults !targetpw/) }\n      its('stdout') { should match(/^Defaults !rootpw/) }\n      its('stdout') { should match(/^Defaults !runaspw/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237642.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Bash command egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }' stdout is expected to match /^Defaults !targetpw/","run_time":0.210655,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"\" to match /^Defaults !targetpw/","resource_class":"bash","resource_params":"[\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\"]","resource_id":"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'"},{"status":"failed","code_desc":"Bash command egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }' stdout is expected to match /^Defaults !rootpw/","run_time":0.001112,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"\" to match /^Defaults !rootpw/","resource_class":"bash","resource_params":"[\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\"]","resource_id":"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'"},{"status":"failed","code_desc":"Bash command egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }' stdout is expected to match /^Defaults !runaspw/","run_time":0.00096,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"\" to match /^Defaults !runaspw/","resource_class":"bash","resource_params":"[\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\"]","resource_id":"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'"}]},{"id":"SV-237643","title":"RHEL 8 must require re-authentication when using the \"sudo\" command.","desc":"Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the organization requires the user to\nre-authenticate when using the \"sudo\" command.\n\n    If the value is set to an integer less than 0, the user's time stamp will\nnot expire and the user will not have to re-authenticate for privileged actions\nuntil the user's session is terminated.","descriptions":[{"label":"default","data":"Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the organization requires the user to\nre-authenticate when using the \"sudo\" command.\n\n    If the value is set to an integer less than 0, the user's time stamp will\nnot expire and the user will not have to re-authenticate for privileged actions\nuntil the user's session is terminated."},{"label":"check","data":"Verify the operating system requires re-authentication when using the \"sudo\" command to elevate privileges.\n\n$ sudo grep -ir 'timestamp_timeout' /etc/sudoers /etc/sudoers.d\n/etc/sudoers:Defaults timestamp_timeout=0\n\nIf conflicting results are returned, this is a finding.\n\nIf \"timestamp_timeout\" is set to a negative number, is commented out, or no results are returned, this is a finding."},{"label":"fix","data":"Configure the \"sudo\" command to require re-authentication.\nEdit the /etc/sudoers file:\n$ sudo visudo\n\nAdd or modify the following line:\nDefaults timestamp_timeout=[value]\nNote: The \"[value]\" must be a number that is greater than or equal to \"0\".\n\nRemove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/ files."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000373-GPOS-00156","gid":"V-237643","rid":"SV-237643r861088_rule","stig_id":"RHEL-08-010384","fix_id":"F-40825r858763_fix","cci":["CCI-002038"],"nist":["IA-11"],"host":null,"container-conditional":null},"code":"control 'SV-237643' do\n  title 'RHEL 8 must require re-authentication when using the \"sudo\" command.'\n  desc %q(Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the organization requires the user to\nre-authenticate when using the \"sudo\" command.\n\n    If the value is set to an integer less than 0, the user's time stamp will\nnot expire and the user will not have to re-authenticate for privileged actions\nuntil the user's session is terminated.)\n  desc 'check', %q(Verify the operating system requires re-authentication when using the \"sudo\" command to elevate privileges.\n\n$ sudo grep -ir 'timestamp_timeout' /etc/sudoers /etc/sudoers.d\n/etc/sudoers:Defaults timestamp_timeout=0\n\nIf conflicting results are returned, this is a finding.\n\nIf \"timestamp_timeout\" is set to a negative number, is commented out, or no results are returned, this is a finding.)\n  desc 'fix', 'Configure the \"sudo\" command to require re-authentication.\nEdit the /etc/sudoers file:\n$ sudo visudo\n\nAdd or modify the following line:\nDefaults timestamp_timeout=[value]\nNote: The \"[value]\" must be a number that is greater than or equal to \"0\".\n\nRemove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/ files.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag gid: 'V-237643'\n  tag rid: 'SV-237643r861088_rule'\n  tag stig_id: 'RHEL-08-010384'\n  tag fix_id: 'F-40825r858763_fix'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n  tag 'host', 'container-conditional'\n\n  sudoers_config_files = input('sudoers_config_files').map(&:strip).join(' ')\n  sudo_configs = command(\"cat #{sudoers_config_files}\").stdout\n\n  sudo_config_data = parse_config(sudo_configs).params\n\n  setting = 'timestamp_timeout'\n  value = 0\n\n  sudo_config_hash = Hashie::Mash.new\n  sudo_config_data.each do |k, v|\n    if k.start_with?('Defaults')\n      key_parts = k.split('   ', 2) # split by three spaces\n      sudo_config_hash.Defaults ||= Hashie::Mash.new\n      sudo_config_hash.Defaults[key_parts[1].strip] = v\n    else\n      key_parts = k.split(\"\\t\") # split by tab character\n      sudo_config_hash[key_parts[0]] ||= Hashie::Mash.new\n      sudo_config_hash[key_parts[0]][key_parts[1]] = v\n    end\n  end\n\n  impact 0.0 if virtualization.system.eql?('docker') && !command('sudo').exist?\n\n  describe 'The Sudo Configuration' do\n    if virtualization.system.eql?('docker') && !command('sudo').exist?\n      it 'This requirement is Not Applicable since `sudo` not installed in the container.' do\n        skip 'This requirement is Not Applicable since `sudo` not installed in the container.'\n      end\n    else\n      it 'has a configured non-negative Default timestamp_timeout value' do\n        expect(sudo_config_hash.Defaults[setting]).to be >= 0, \"The Default #{setting} setting is not present or incorrectly configured. Please ensure #{setting} present and is not negative.\"\n      end\n      it 'has the correct Default timestamp_timeout setting' do\n        expect(sudo_config_hash.Defaults[setting.to_s]).to eq(0), \"The Default #{setting} setting is not present or incorrectly configured. Please ensure #{setting} is set to #{value}.\"\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237643.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"The Sudo Configuration has a configured non-negative Default timestamp_timeout value","run_time":0.000128,"start_time":"2024-01-09T19:41:03-05:00","message":"The Default timestamp_timeout setting is not present or incorrectly configured. Please ensure timestamp_timeout present and is not negative.","resource_class":"Object","resource_params":"[]","resource_id":"The Sudo Configuration"},{"status":"failed","code_desc":"The Sudo Configuration has the correct Default timestamp_timeout setting","run_time":7.3e-05,"start_time":"2024-01-09T19:41:03-05:00","message":"The Default timestamp_timeout setting is not present or incorrectly configured. Please ensure timestamp_timeout is set to 0.","resource_class":"Object","resource_params":"[]","resource_id":"The Sudo Configuration"}]},{"id":"SV-244519","title":"RHEL 8 must display a banner before granting local or remote access to\nthe system via a graphical user logon.","desc":"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist."},{"label":"check","data":"Verify RHEL 8 displays a banner before granting access to the operating\nsystem via a graphical user logon.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check to see if the operating system displays a banner at the logon screen\nwith the following command:\n\n    $ sudo grep banner-message-enable /etc/dconf/db/local.d/*\n\n    banner-message-enable=true\n\n    If \"banner-message-enable\" is set to \"false\" or is missing, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to display a banner before granting access\nto the system.\n\n    Note: If the system does not have a graphical user interface installed,\nthis requirement is Not Applicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following lines to the [org/gnome/login-screen] section of the\n\"/etc/dconf/db/local.d/01-banner-message\":\n\n    [org/gnome/login-screen]\n\n    banner-message-enable=true\n\n    Run the following command to update the database:\n\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-GPOS-00006","satisfies":["SRG-OS-000023-GPOS-00006","SRG-OS-000228-GPOS-00088"],"gid":"V-244519","rid":"SV-244519r743806_rule","stig_id":"RHEL-08-010049","fix_id":"F-47751r743805_fix","cci":["CCI-000048"],"nist":["AC-8 a"],"host":null},"code":"control 'SV-244519' do\n  title \"RHEL 8 must display a banner before granting local or remote access to\nthe system via a graphical user logon.\"\n  desc \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\"\n  desc 'check', 'Verify RHEL 8 displays a banner before granting access to the operating\nsystem via a graphical user logon.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check to see if the operating system displays a banner at the logon screen\nwith the following command:\n\n    $ sudo grep banner-message-enable /etc/dconf/db/local.d/*\n\n    banner-message-enable=true\n\n    If \"banner-message-enable\" is set to \"false\" or is missing, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to display a banner before granting access\nto the system.\n\n    Note: If the system does not have a graphical user interface installed,\nthis requirement is Not Applicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following lines to the [org/gnome/login-screen] section of the\n\"/etc/dconf/db/local.d/01-banner-message\":\n\n    [org/gnome/login-screen]\n\n    banner-message-enable=true\n\n    Run the following command to update the database:\n\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-244519'\n  tag rid: 'SV-244519r743806_rule'\n  tag stig_id: 'RHEL-08-010049'\n  tag fix_id: 'F-47751r743805_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI Desktop is installed, this control is Not Applicable' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('grep ^banner-message-enable /etc/dconf/db/local.d/*') do\n      its('stdout.strip') { should cmp 'banner-message-enable=true' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244519.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have a GUI Desktop is installed, this control is Not Applicable","run_time":9.0e-06,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"A GUI desktop is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have a GUI Desktop is installed, this control is Not Applicable"}]},{"id":"SV-244521","title":"RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require a unique superusers name upon booting into\nsingle-user mode and maintenance.","desc":"If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.","descriptions":[{"label":"default","data":"If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc."},{"label":"check","data":"For systems that use BIOS, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/efi/EFI/redhat/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding."},{"label":"fix","data":"Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000080-GPOS-00048","gid":"V-244521","rid":"SV-244521r792982_rule","stig_id":"RHEL-08-010141","fix_id":"F-47753r743811_fix","cci":["CCI-000213"],"nist":["AC-3"],"host":null},"code":"control 'SV-244521' do\n  title 'RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require a unique superusers name upon booting into\nsingle-user mode and maintenance.'\n  desc 'If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.'\n  desc 'check', 'For systems that use BIOS, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/efi/EFI/redhat/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding.'\n  desc 'fix', 'Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-244521'\n  tag rid: 'SV-244521r792982_rule'\n  tag stig_id: 'RHEL-08-010141'\n  tag fix_id: 'F-47753r743811_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if file('/sys/firmware/efi').exist?\n    describe parse_config_file(input('grub_uefi_main_cfg')) do\n      its('set superusers') { should cmp '\"root\"' }\n    end\n  else\n    impact 0.0\n    describe 'System running BIOS' do\n      skip 'The System is running BIOS, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244521.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"System running BIOS","run_time":3.0e-06,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"The System is running BIOS, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"System running BIOS"}]},{"id":"SV-244522","title":"RHEL 8 operating systems booted with a BIOS must require  a unique superusers name upon booting into single-user and maintenance modes.","desc":"If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.","descriptions":[{"label":"default","data":"If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc."},{"label":"check","data":"For systems that use UEFI, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/grub2/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding."},{"label":"fix","data":"Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000080-GPOS-00048","gid":"V-244522","rid":"SV-244522r792984_rule","stig_id":"RHEL-08-010149","fix_id":"F-47754r743814_fix","cci":["CCI-000213"],"nist":["AC-3"],"host":null},"code":"control 'SV-244522' do\n  title 'RHEL 8 operating systems booted with a BIOS must require  a unique superusers name upon booting into single-user and maintenance modes.'\n  desc 'If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.'\n  desc 'check', 'For systems that use UEFI, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/grub2/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding.'\n  desc 'fix', 'Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-244522'\n  tag rid: 'SV-244522r792984_rule'\n  tag stig_id: 'RHEL-08-010149'\n  tag fix_id: 'F-47754r743814_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe 'System running UEFI' do\n      skip 'The System is running UEFI, this control is Not Applicable.'\n    end\n  else\n    describe parse_config_file(input('grub_main_cfg')) do\n      its('set superusers') { should_not be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244522.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /boot/grub2/grub.cfg set superusers is expected not to be empty","run_time":0.004265,"start_time":"2024-01-09T19:41:03-05:00","message":"expected nil to respond to `empty?`","resource_class":"parse_config_file","resource_params":"[\"/boot/grub2/grub.cfg\"]","resource_id":"/boot/grub2/grub.cfg"}]},{"id":"SV-244523","title":"RHEL 8 operating systems must require authentication upon booting into\nemergency mode.","desc":"If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.","descriptions":[{"label":"default","data":"If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system."},{"label":"check","data":"Check to see if the system requires authentication for emergency mode with\nthe following command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/emergency.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell emergency\", commented out, or\nmissing, this is a finding."},{"label":"fix","data":"Configure the system to require authentication upon booting into emergency\nmode by adding the following line to the\n\"/usr/lib/systemd/system/emergency.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000080-GPOS-00048","gid":"V-244523","rid":"SV-244523r743818_rule","stig_id":"RHEL-08-010152","fix_id":"F-47755r743817_fix","cci":["CCI-000213"],"nist":["AC-3"],"host":null},"code":"control 'SV-244523' do\n  title 'RHEL 8 operating systems must require authentication upon booting into\nemergency mode.'\n  desc 'If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.'\n  desc 'check', 'Check to see if the system requires authentication for emergency mode with\nthe following command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/emergency.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell emergency\", commented out, or\nmissing, this is a finding.'\n  desc 'fix', 'Configure the system to require authentication upon booting into emergency\nmode by adding the following line to the\n\"/usr/lib/systemd/system/emergency.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-244523'\n  tag rid: 'SV-244523r743818_rule'\n  tag stig_id: 'RHEL-08-010152'\n  tag fix_id: 'F-47755r743817_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe service('emergency') do\n    its('params.ExecStart') { should include '/usr/lib/systemd/systemd-sulogin-shell emergency' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244523.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Service emergency params.ExecStart is expected to include \"/usr/lib/systemd/systemd-sulogin-shell emergency\"","run_time":0.509036,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"service","resource_params":"[\"emergency\"]","resource_id":"emergency"}]},{"id":"SV-244524","title":"The RHEL 8 pam_unix.so module must be configured in the system-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.","desc":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.","descriptions":[{"label":"default","data":"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."},{"label":"check","data":"Verify that pam_unix.so module is configured to use sha512.\n\nCheck that pam_unix.so module is configured to use sha512 in /etc/pam.d/system-auth with the following command:\n\n$ sudo grep password /etc/pam.d/system-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/system-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000120-GPOS-00061","gid":"V-244524","rid":"SV-244524r809331_rule","stig_id":"RHEL-08-010159","fix_id":"F-47756r809330_fix","cci":["CCI-000803"],"nist":["IA-7"],"host":null,"container":null},"code":"control 'SV-244524' do\n  title 'The RHEL 8 pam_unix.so module must be configured in the system-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify that pam_unix.so module is configured to use sha512.\n\nCheck that pam_unix.so module is configured to use sha512 in /etc/pam.d/system-auth with the following command:\n\n$ sudo grep password /etc/pam.d/system-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/system-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-244524'\n  tag rid: 'SV-244524r809331_rule'\n  tag stig_id: 'RHEL-08-010159'\n  tag fix_id: 'F-47756r809330_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('password sufficient pam_unix.so sha512') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244524.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include password sufficient pam_unix.so sha512","run_time":0.000894,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-244525","title":"RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.","desc":"Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\nTerminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean that the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\nRHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.","descriptions":[{"label":"default","data":"Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\nTerminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean that the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\nRHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages."},{"label":"check","data":"Verify the SSH server automatically terminates a user session after the SSH client has been unresponsive for 10 minutes.\n\nCheck that the \"ClientAliveInterval\" variable is set to a value of \"600\" or less by performing the following command:\n\n     $ sudo grep -ir clientaliveinterval /etc/ssh/sshd_config*\n\n     ClientAliveInterval 600\n\nIf \"ClientAliveInterval\" does not exist, does not have a value of \"600\" or less in \"/etc/ssh/sshd_config\" or is commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Note: This setting must be applied in conjunction with RHEL-08-010200 to function correctly.\n\nConfigure the SSH server to terminate a user session automatically after the SSH client has been unresponsive for 10 minutes.\n\nModify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n     ClientAliveInterval 600\n\nFor the changes to take effect, the SSH daemon must be restarted.\n\n     $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-GPOS-00072","satisfies":["SRG-OS-000163-GPOS-00072","SRG-OS-000126-GPOS-00066","SRG-OS-000279-GPOS-00109"],"gid":"V-244525","rid":"SV-244525r917886_rule","stig_id":"RHEL-08-010201","fix_id":"F-47757r917885_fix","cci":["CCI-001133"],"nist":["SC-10"],"host":null,"container-conditional":null},"code":"control 'SV-244525' do\n  title 'RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.'\n  desc 'Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\nTerminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean that the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\nRHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.'\n  desc 'check', 'Verify the SSH server automatically terminates a user session after the SSH client has been unresponsive for 10 minutes.\n\nCheck that the \"ClientAliveInterval\" variable is set to a value of \"600\" or less by performing the following command:\n\n     $ sudo grep -ir clientaliveinterval /etc/ssh/sshd_config*\n\n     ClientAliveInterval 600\n\nIf \"ClientAliveInterval\" does not exist, does not have a value of \"600\" or less in \"/etc/ssh/sshd_config\" or is commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Note: This setting must be applied in conjunction with RHEL-08-010200 to function correctly.\n\nConfigure the SSH server to terminate a user session automatically after the SSH client has been unresponsive for 10 minutes.\n\nModify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n     ClientAliveInterval 600\n\nFor the changes to take effect, the SSH daemon must be restarted.\n\n     $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-GPOS-00072'\n  tag satisfies: ['SRG-OS-000163-GPOS-00072', 'SRG-OS-000126-GPOS-00066', 'SRG-OS-000279-GPOS-00109']\n  tag gid: 'V-244525'\n  tag rid: 'SV-244525r917886_rule'\n  tag stig_id: 'RHEL-08-010201'\n  tag fix_id: 'F-47757r917885_fix'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  setting = 'ClientAliveInterval'\n  gssapi_authentication = input('sshd_config_values')\n  value = gssapi_authentication[setting]\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'the OpenSSH Server is not installed' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'The OpenSSH Server configuration' do\n      it \"has the correct #{setting} configuration\" do\n        expect(sshd_config.params[setting.downcase]).to cmp(value), \"The #{setting} setting in the SSHD config is not correct. Please ensure it set to '#{value}'.\"\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244525.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The OpenSSH Server configuration has the correct ClientAliveInterval configuration","run_time":0.001322,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The OpenSSH Server configuration"}]},{"id":"SV-244526","title":"The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.","desc":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/ directory.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/ directory."},{"label":"check","data":"Verify that system-wide crypto policies are in effect:\n\n$ sudo grep CRYPTO_POLICY /etc/sysconfig/sshd\n\n# CRYPTO_POLICY=\n\nIf the \"CRYPTO_POLICY \" is uncommented, this is a finding."},{"label":"fix","data":"Configure the RHEL 8 SSH daemon to use system-wide crypto policies by adding the following line to /etc/sysconfig/sshd:\n\n# CRYPTO_POLICY=\n\nA reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000250-GPOS-00093","satisfies":["SRG-OS-000250-GPOS-00093","SRG-OS-000393-GPOS-00173","SRG-OS-000394-GPOS-00174","SRG-OS-000125-GPOS-00065"],"gid":"V-244526","rid":"SV-244526r877394_rule","stig_id":"RHEL-08-010287","fix_id":"F-47758r809333_fix","cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container-conditional":null},"code":"control 'SV-244526' do\n  title 'The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.'\n  desc \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/ directory.\"\n  desc 'check', 'Verify that system-wide crypto policies are in effect:\n\n$ sudo grep CRYPTO_POLICY /etc/sysconfig/sshd\n\n# CRYPTO_POLICY=\n\nIf the \"CRYPTO_POLICY \" is uncommented, this is a finding.'\n  desc 'fix', \"Configure the RHEL 8 SSH daemon to use system-wide crypto policies by adding the following line to /etc/sysconfig/sshd:\n\n# CRYPTO_POLICY=\n\nA reboot is required for the changes to take effect.\"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-244526'\n  tag rid: 'SV-244526r877394_rule'\n  tag stig_id: 'RHEL-08-010287'\n  tag fix_id: 'F-47758r809333_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'the OpenSSH Server is not installed' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'The system' do\n      it 'does not have a CRYPTO_POLICY setting configured' do\n        expect(parse_config_file('/etc/sysconfig/sshd').params['CRYPTO_POLICY']).to be_nil, 'The CRYPTO_POLICY setting in the /etc/sysconfig/sshd should not be present. Please ensure it is commented out.'\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244526.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The system does not have a CRYPTO_POLICY setting configured","run_time":0.000299,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The system"}]},{"id":"SV-244527","title":"RHEL 8 must have the packages required to use the hardware random\nnumber generator entropy gatherer service.","desc":"The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The rngd service feeds random data from hardware device to kernel random\ndevice. Quality (non-predictable) random number generation is important for\nseveral security functions (i.e., ciphers).","descriptions":[{"label":"default","data":"The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The rngd service feeds random data from hardware device to kernel random\ndevice. Quality (non-predictable) random number generation is important for\nseveral security functions (i.e., ciphers)."},{"label":"check","data":"Check that RHEL 8 has the packages required to enabled the hardware random\nnumber generator entropy gatherer service with the following command:\n\n    $ sudo yum list installed rng-tools\n\n    rng-tools.x86_64                       6.8-3.el8\n@anaconda\n\n    If the \"rng-tools\" package is not installed, this is a finding."},{"label":"fix","data":"Install the packages required to enabled the hardware random number\ngenerator entropy gatherer service with the following command:\n\n    $ sudo yum install rng-tools"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244527","rid":"SV-244527r743830_rule","stig_id":"RHEL-08-010472","fix_id":"F-47759r743829_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244527' do\n  title 'RHEL 8 must have the packages required to use the hardware random\nnumber generator entropy gatherer service.'\n  desc 'The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The rngd service feeds random data from hardware device to kernel random\ndevice. Quality (non-predictable) random number generation is important for\nseveral security functions (i.e., ciphers).'\n  desc 'check', 'Check that RHEL 8 has the packages required to enabled the hardware random\nnumber generator entropy gatherer service with the following command:\n\n    $ sudo yum list installed rng-tools\n\n    rng-tools.x86_64                       6.8-3.el8\n@anaconda\n\n    If the \"rng-tools\" package is not installed, this is a finding.'\n  desc 'fix', 'Install the packages required to enabled the hardware random number\ngenerator entropy gatherer service with the following command:\n\n    $ sudo yum install rng-tools'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244527'\n  tag rid: 'SV-244527r743830_rule'\n  tag stig_id: 'RHEL-08-010472'\n  tag fix_id: 'F-47759r743829_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe package('rng-tools') do\n    it { should be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244527.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package rng-tools is expected to be installed","run_time":0.126433,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"package","resource_params":"[\"rng-tools\"]","resource_id":"rng-tools"}]},{"id":"SV-244528","title":"The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.","desc":"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.","descriptions":[{"label":"default","data":"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere."},{"label":"check","data":"Verify the SSH daemon does not allow GSSAPI authentication with the following command:\n\n$ sudo grep -ir GSSAPIAuthentication  /etc/ssh/sshd_config*\n\nGSSAPIAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure the SSH daemon to not allow GSSAPI authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    GSSAPIAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244528","rid":"SV-244528r858709_rule","stig_id":"RHEL-08-010522","fix_id":"F-47760r743832_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container-conditional":null},"code":"control 'SV-244528' do\n  title 'The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.'\n  desc \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc 'check', 'Verify the SSH daemon does not allow GSSAPI authentication with the following command:\n\n$ sudo grep -ir GSSAPIAuthentication  /etc/ssh/sshd_config*\n\nGSSAPIAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to not allow GSSAPI authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    GSSAPIAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244528'\n  tag rid: 'SV-244528r858709_rule'\n  tag stig_id: 'RHEL-08-010522'\n  tag fix_id: 'F-47760r743832_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  setting = 'GSSAPIAuthentication'\n  gssapi_authentication = input('sshd_config_values')\n  value = gssapi_authentication[setting]\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'the OpenSSH Server is not installed' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'The OpenSSH Server configuration' do\n      it \"has the correct #{setting} configuration\" do\n        expect(sshd_config.params[setting.downcase]).to cmp(value), \"The #{setting} setting in the SSHD config is not correct. Please ensure it set to '#{value}'.\"\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244528.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"The OpenSSH Server configuration has the correct GSSAPIAuthentication configuration","run_time":0.001514,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"Object","resource_params":"[]","resource_id":"The OpenSSH Server configuration"}]},{"id":"SV-244529","title":"RHEL 8 must use a separate file system for /var/tmp.","desc":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.","descriptions":[{"label":"default","data":"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."},{"label":"check","data":"Verify that a separate file system has been created for \"/var/tmp\".\n\nCheck that a file system has been created for \"/var/tmp\" with the following command:\n\n     $ sudo grep /var/tmp /etc/fstab\n\n     /dev/mapper/...   /var/tmp   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/tmp\" is not in use, this is a finding."},{"label":"fix","data":"Migrate the \"/var/tmp\" path onto a separate file system."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244529","rid":"SV-244529r902737_rule","stig_id":"RHEL-08-010544","fix_id":"F-47761r743835_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244529' do\n  title 'RHEL 8 must use a separate file system for /var/tmp.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system has been created for \"/var/tmp\".\n\nCheck that a file system has been created for \"/var/tmp\" with the following command:\n\n     $ sudo grep /var/tmp /etc/fstab\n\n     /dev/mapper/...   /var/tmp   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/tmp\" is not in use, this is a finding.'\n  desc 'fix', 'Migrate the \"/var/tmp\" path onto a separate file system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244529'\n  tag rid: 'SV-244529r902737_rule'\n  tag stig_id: 'RHEL-08-010544'\n  tag fix_id: 'F-47761r743835_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe etc_fstab.where { mount_point == '/var/tmp' } do\n    it { should exist }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244529.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File System Table File (fstab) with mount_point == \"/var/tmp\" is expected to exist","run_time":0.000408,"start_time":"2024-01-09T19:41:03-05:00","message":"expected File System Table File (fstab) with mount_point == \"/var/tmp\" to exist","resource_class":"FilterTable::Table","resource_params":"[]","resource_id":""}]},{"id":"SV-244530","title":"RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot/efi directory.","desc":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.","descriptions":[{"label":"default","data":"The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."},{"label":"check","data":"For systems that use BIOS, this is Not Applicable.\n\nVerify the /boot/efi directory is mounted with the \"nosuid\" option with the following command:\n\n$ sudo mount | grep '\\s/boot/efi\\s'\n\n/dev/sda1 on /boot/efi type vfat (rw,nosuid,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=winnt,errors=remount-ro)\n\nIf the /boot/efi file system does not have the \"nosuid\" option set, this is a finding."},{"label":"fix","data":"Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot/efi directory."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244530","rid":"SV-244530r809336_rule","stig_id":"RHEL-08-010572","fix_id":"F-47762r743838_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244530' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot/efi directory.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', %q(For systems that use BIOS, this is Not Applicable.\n\nVerify the /boot/efi directory is mounted with the \"nosuid\" option with the following command:\n\n$ sudo mount | grep '\\s/boot/efi\\s'\n\n/dev/sda1 on /boot/efi type vfat (rw,nosuid,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=winnt,errors=remount-ro)\n\nIf the /boot/efi file system does not have the \"nosuid\" option set, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot/efi directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244530'\n  tag rid: 'SV-244530r809336_rule'\n  tag stig_id: 'RHEL-08-010572'\n  tag fix_id: 'F-47762r743838_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if file('/sys/firmware/efi').exist?\n    describe mount('/boot/efi') do\n      it { should be_mounted }\n      its('options') { should include 'nosuid' }\n    end\n  else\n    impact 0.0\n    describe 'System running BIOS' do\n      skip 'The System is running a BIOS, this control is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244530.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"System running BIOS","run_time":1.2e-05,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"The System is running a BIOS, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"System running BIOS"}]},{"id":"SV-244531","title":"All RHEL 8 local interactive user home directory files must have mode\n0750 or less permissive.","desc":"Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.","descriptions":[{"label":"default","data":"Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users."},{"label":"check","data":"Verify all files and directories contained in a local interactive user home\ndirectory, excluding local initialization files, have a mode of \"0750\".\n    Files that begin with a \".\" are excluded from this requirement.\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /home/smithj\n    -rwxr-x--- 1 smithj smithj 18 Mar 5 17:06 file1\n    -rwxr----- 1 smithj smithj 193 Mar 5 17:06 file2\n    -rw-r-x--- 1 smithj smithj 231 Mar 5 17:06 file3\n\n    If any files or directories are found with a mode more permissive than\n\"0750\", this is a finding."},{"label":"fix","data":"Set the mode on files and directories in the local interactive user home\ndirectory with the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chmod 0750 /home/smithj/<file or directory>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244531","rid":"SV-244531r743842_rule","stig_id":"RHEL-08-010731","fix_id":"F-47763r743841_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-244531' do\n  title 'All RHEL 8 local interactive user home directory files must have mode\n0750 or less permissive.'\n  desc 'Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.'\n  desc 'check', 'Verify all files and directories contained in a local interactive user home\ndirectory, excluding local initialization files, have a mode of \"0750\".\n    Files that begin with a \".\" are excluded from this requirement.\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /home/smithj\n    -rwxr-x--- 1 smithj smithj 18 Mar 5 17:06 file1\n    -rwxr----- 1 smithj smithj 193 Mar 5 17:06 file2\n    -rw-r-x--- 1 smithj smithj 231 Mar 5 17:06 file3\n\n    If any files or directories are found with a mode more permissive than\n\"0750\", this is a finding.'\n  desc 'fix', 'Set the mode on files and directories in the local interactive user home\ndirectory with the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chmod 0750 /home/smithj/<file or directory>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244531'\n  tag rid: 'SV-244531r743842_rule'\n  tag stig_id: 'RHEL-08-010731'\n  tag fix_id: 'F-47763r743841_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  ignore_shells = input('non_interactive_shells').join('|')\n  exempt_home_users = input('exempt_home_users').join('|')\n\n  findings = Set[]\n  users.where { !username.match(exempt_home_users) && !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    findings += command(\"find #{user_info.home} -xdev -not -name '.*' -perm /027 -type f\").stdout.split(\"\\n\")\n  end\n  describe 'All files in the users home directory' do\n    it 'are expected to have permissions 0750 or better' do\n      expect(findings).to be_empty, 'Some files in the users home directory do not have correct permissions. Please ensure all files have permissions 0750 or better.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244531.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"All files in the users home directory are expected to have permissions 0750 or better","run_time":0.007209,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All files in the users home directory"}]},{"id":"SV-244532","title":"RHEL 8 must be configured so that all files and directories contained\nin local interactive user home directories are group-owned by a group of which\nthe home directory owner is a member.","desc":"If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them.","descriptions":[{"label":"default","data":"If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them."},{"label":"check","data":"Verify all files and directories in a local interactive user home directory\nare group-owned by a group that the user is a member.\n\n    Check the group owner of all files and directories in a local interactive\nuser's home directory with the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /<home directory>/<users home directory>/\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3\n\n    If any files found with a group-owner different from the home directory\nuser private group, check to see if the user is a member of that group with the\nfollowing command:\n\n    $ sudo grep smithj /etc/group\n    sa:x:100:juan,shelley,bob,smithj\n    smithj:x:521:smithj\n\n    If any files or directories are group owned by a group that the directory\nowner is not a member of, this is a finding."},{"label":"fix","data":"Change the group of a local interactive user's files and directories to a\ngroup that the interactive user is a member. To change the group owner of a\nlocal interactive user's files and directories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chgrp smithj /home/smithj/<file or directory>"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244532","rid":"SV-244532r743845_rule","stig_id":"RHEL-08-010741","fix_id":"F-47764r743844_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-244532' do\n  title 'RHEL 8 must be configured so that all files and directories contained\nin local interactive user home directories are group-owned by a group of which\nthe home directory owner is a member.'\n  desc \"If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them.\"\n  desc 'check', %q(Verify all files and directories in a local interactive user home directory\nare group-owned by a group that the user is a member.\n\n    Check the group owner of all files and directories in a local interactive\nuser's home directory with the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /<home directory>/<users home directory>/\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3\n\n    If any files found with a group-owner different from the home directory\nuser private group, check to see if the user is a member of that group with the\nfollowing command:\n\n    $ sudo grep smithj /etc/group\n    sa:x:100:juan,shelley,bob,smithj\n    smithj:x:521:smithj\n\n    If any files or directories are group owned by a group that the directory\nowner is not a member of, this is a finding.)\n  desc 'fix', %q(Change the group of a local interactive user's files and directories to a\ngroup that the interactive user is a member. To change the group owner of a\nlocal interactive user's files and directories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chgrp smithj /home/smithj/<file or directory>)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244532'\n  tag rid: 'SV-244532r743845_rule'\n  tag stig_id: 'RHEL-08-010741'\n  tag fix_id: 'F-47764r743844_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  ignore_shells = input('non_interactive_shells').join('|')\n  exempt_home_users = input('exempt_home_users').join('|')\n\n  findings = Set[]\n  users.where { !username.match(exempt_home_users) && !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    findings += command(\"find #{user_info.home} -xdev -not -gid #{user_info.gid}\").stdout.split(\"\\n\")\n  end\n  describe 'All files in the users home directory' do\n    it 'are expected to be owned by the user' do\n      expect(findings).to be_empty, 'Some files in the users home directory are not owned by the user. Please ensure all files are owned by thier user.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244532.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"All files in the users home directory are expected to be owned by the user","run_time":0.004768,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All files in the users home directory"}]},{"id":"SV-244533","title":"RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/system-auth file.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/system-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/system-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding."},{"label":"fix","data":"Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/system-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" file\nto match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-244533","rid":"SV-244533r743848_rule","stig_id":"RHEL-08-020025","fix_id":"F-47765r743847_fix","cci":["CCI-000044"],"nist":["AC-7 a"],"host":null,"container":null},"code":"control 'SV-244533' do\n  title 'RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/system-auth file.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/system-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/system-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding.'\n  desc 'fix', 'Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/system-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" file\nto match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-244533'\n  tag rid: 'SV-244533r743848_rule'\n  tag stig_id: 'RHEL-08-020025'\n  tag fix_id: 'F-47765r743847_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('auth required pam_faillock.so preauth') }\n    its('lines') { should match_pam_rule('auth required pam_faillock.so authfail') }\n    its('lines') { should match_pam_rule('account required pam_faillock.so') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244533.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include auth required pam_faillock.so preauth","run_time":0.00093,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so preauth","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include auth required pam_faillock.so authfail","run_time":0.000574,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so authfail","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include account required pam_faillock.so","run_time":0.000583,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include account required pam_faillock.so","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-244534","title":"RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/password-auth file.","desc":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password."},{"label":"check","data":"Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/password-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/password-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding."},{"label":"fix","data":"Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/password-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/password-auth\"\nfile to match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-GPOS-00005","satisfies":["SRG-OS-000021-GPOS-00005","SRG-OS-000329-GPOS-00128"],"gid":"V-244534","rid":"SV-244534r743851_rule","stig_id":"RHEL-08-020026","fix_id":"F-47766r743850_fix","cci":["CCI-000044"],"nist":["AC-7 a"],"host":null,"container":null},"code":"control 'SV-244534' do\n  title 'RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/password-auth file.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/password-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/password-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding.'\n  desc 'fix', 'Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/password-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/password-auth\"\nfile to match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-244534'\n  tag rid: 'SV-244534r743851_rule'\n  tag stig_id: 'RHEL-08-020026'\n  tag fix_id: 'F-47766r743850_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe pam('/etc/pam.d/password-auth') do\n    its('lines') { should match_pam_rule('auth required pam_faillock.so preauth') }\n    its('lines') { should match_pam_rule('auth required pam_faillock.so authfail') }\n    its('lines') { should match_pam_rule('account required pam_faillock.so') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244534.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include auth required pam_faillock.so preauth","run_time":0.000606,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so preauth","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include auth required pam_faillock.so authfail","run_time":0.000564,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so authfail","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"failed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include account required pam_faillock.so","run_time":0.000466,"start_time":"2024-01-09T19:41:03-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include account required pam_faillock.so","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""}]},{"id":"SV-244535","title":"RHEL 8 must initiate a session lock for graphical user interfaces when\nthe screensaver is activated.","desc":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.","descriptions":[{"label":"default","data":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled."},{"label":"check","data":"Verify the operating system initiates a session lock a for graphical user\ninterfaces when the screensaver is activated with the following command:\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-delay\n\n    uint32 5\n\n    If the \"uint32\" setting is missing, or is not set to \"5\" or less, this\nis a finding."},{"label":"fix","data":"Configure the operating system to initiate a session lock for graphical\nuser interfaces when a screensaver is activated.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    [org/gnome/desktop/screensaver]\n    lock-delay=uint32 5\n\n    The \"uint32\" must be included along with the integer key values as shown.\n\n    Update the system databases:\n\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-GPOS-00010","satisfies":["SRG-OS-000029-GPOS-00010","SRG-OS-000031-GPOS-00012","SRG-OS-000480-GPOS-00227"],"gid":"V-244535","rid":"SV-244535r743854_rule","stig_id":"RHEL-08-020031","fix_id":"F-47767r743853_fix","cci":["CCI-000057"],"nist":["AC-11 a"],"host":null},"code":"control 'SV-244535' do\n  title 'RHEL 8 must initiate a session lock for graphical user interfaces when\nthe screensaver is activated.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\"\n  desc 'check', 'Verify the operating system initiates a session lock a for graphical user\ninterfaces when the screensaver is activated with the following command:\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-delay\n\n    uint32 5\n\n    If the \"uint32\" setting is missing, or is not set to \"5\" or less, this\nis a finding.'\n  desc 'fix', 'Configure the operating system to initiate a session lock for graphical\nuser interfaces when a screensaver is activated.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    [org/gnome/desktop/screensaver]\n    lock-delay=uint32 5\n\n    The \"uint32\" must be included along with the integer key values as shown.\n\n    Update the system databases:\n\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-244535'\n  tag rid: 'SV-244535r743854_rule'\n  tag stig_id: 'RHEL-08-020031'\n  tag fix_id: 'F-47767r743853_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI Desktop is installed, this control is Not Applicable' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('gsettings get org.gnome.desktop.screensaver lock-delay') do\n      its('stdout.strip') { should match(/uint32\\s[0-5]/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244535.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have a GUI Desktop is installed, this control is Not Applicable","run_time":6.0e-06,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"A GUI desktop is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have a GUI Desktop is installed, this control is Not Applicable"}]},{"id":"SV-244536","title":"RHEL 8 must disable the user list at logon for graphical user\ninterfaces.","desc":"Leaving the user list enabled is a security risk since it allows\nanyone with physical access to the system to enumerate known user accounts\nwithout authenticated access to the system.","descriptions":[{"label":"default","data":"Leaving the user list enabled is a security risk since it allows\nanyone with physical access to the system to enumerate known user accounts\nwithout authenticated access to the system."},{"label":"check","data":"Verify the operating system disables the user logon list for graphical user\ninterfaces with the following command:\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.login-screen disable-user-list\n    true\n\n    If the setting is \"false\", this is a finding."},{"label":"fix","data":"Configure the operating system to disable the user list at logon for\ngraphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/02-login-screen\n\n    [org/gnome/login-screen]\n    disable-user-list=true\n\n    Update the system databases:\n    $ sudo dconf update"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244536","rid":"SV-244536r743857_rule","stig_id":"RHEL-08-020032","fix_id":"F-47768r743856_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244536' do\n  title 'RHEL 8 must disable the user list at logon for graphical user\ninterfaces.'\n  desc 'Leaving the user list enabled is a security risk since it allows\nanyone with physical access to the system to enumerate known user accounts\nwithout authenticated access to the system.'\n  desc 'check', 'Verify the operating system disables the user logon list for graphical user\ninterfaces with the following command:\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.login-screen disable-user-list\n    true\n\n    If the setting is \"false\", this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the user list at logon for\ngraphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/02-login-screen\n\n    [org/gnome/login-screen]\n    disable-user-list=true\n\n    Update the system databases:\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244536'\n  tag rid: 'SV-244536r743857_rule'\n  tag stig_id: 'RHEL-08-020032'\n  tag fix_id: 'F-47768r743856_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI installed, this requirement is Not Applicable.' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('gsettings get org.gnome.login-screen disable-user-list') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244536.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have a GUI installed, this requirement is Not Applicable.","run_time":5.0e-06,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"A GUI desktop is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have a GUI installed, this requirement is Not Applicable."}]},{"id":"SV-244537","title":"RHEL 8 must have the tmux package installed.","desc":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.","descriptions":[{"label":"default","data":"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package."},{"label":"check","data":"Verify RHEL 8 has the \"tmux\" package installed, by running the following\ncommand:\n\n    $ sudo yum list installed tmux\n\n    tmux.x86.64                     2.7-1.el8\n@repository\n\n    If \"tmux\" is not installed, this is a finding."},{"label":"fix","data":"Configure the operating system to enable a user to initiate a session lock\nvia tmux.\n\n    Install the \"tmux\" package, if it is not already installed, by running\nthe following command:\n\n    $ sudo yum install tmux"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000028-GPOS-00009","satisfies":["SRG-OS-000028-GPOS-00009","SRG-OS-000030-GPOS-00011"],"gid":"V-244537","rid":"SV-244537r743860_rule","stig_id":"RHEL-08-020039","fix_id":"F-47769r743859_fix","cci":["CCI-000056"],"nist":["AC-11 b"],"host":null},"code":"control 'SV-244537' do\n  title 'RHEL 8 must have the tmux package installed.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.'\n  desc 'check', 'Verify RHEL 8 has the \"tmux\" package installed, by running the following\ncommand:\n\n    $ sudo yum list installed tmux\n\n    tmux.x86.64                     2.7-1.el8\n@repository\n\n    If \"tmux\" is not installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable a user to initiate a session lock\nvia tmux.\n\n    Install the \"tmux\" package, if it is not already installed, by running\nthe following command:\n\n    $ sudo yum install tmux'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-244537'\n  tag rid: 'SV-244537r743860_rule'\n  tag stig_id: 'RHEL-08-020039'\n  tag fix_id: 'F-47769r743859_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe package('tmux') do\n    it { should be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244537.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package tmux is expected to be installed","run_time":0.105359,"start_time":"2024-01-09T19:41:03-05:00","resource_class":"package","resource_params":"[\"tmux\"]","resource_id":"tmux"}]},{"id":"SV-244538","title":"RHEL 8 must prevent a user from overriding the session idle-delay\nsetting for the graphical user interface.","desc":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.","descriptions":[{"label":"default","data":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline."},{"label":"check","data":"Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i idle /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/session/idle-delay\n\n    If the command does not return at least the example result, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/session/idle-delay"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-GPOS-00010","satisfies":["SRG-OS-000029-GPOS-00010","SRG-OS-000031-GPOS-00012","SRG-OS-000480-GPOS-00227"],"gid":"V-244538","rid":"SV-244538r743863_rule","stig_id":"RHEL-08-020081","fix_id":"F-47770r743862_fix","cci":["CCI-000057"],"nist":["AC-11 a"],"host":null},"code":"control 'SV-244538' do\n  title 'RHEL 8 must prevent a user from overriding the session idle-delay\nsetting for the graphical user interface.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.\"\n  desc 'check', 'Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i idle /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/session/idle-delay\n\n    If the command does not return at least the example result, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/session/idle-delay'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-244538'\n  tag rid: 'SV-244538r743863_rule'\n  tag stig_id: 'RHEL-08-020081'\n  tag fix_id: 'F-47770r743862_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI Desktop is installed, this control is Not Applicable' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('grep -i idle /etc/dconf/db/local.d/locks/*') do\n      it 'checks if idle delay is set' do\n        expect(subject.stdout.split).to include('/org/gnome/desktop/session/idle-delay'), 'The idle delay is not set. Please ensure it is set.'\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244538.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The system does not have a GUI Desktop is installed, this control is Not Applicable","run_time":1.6e-05,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"A GUI desktop is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The system does not have a GUI Desktop is installed, this control is Not Applicable"}]},{"id":"SV-244539","title":"RHEL 8 must prevent a user from overriding the screensaver\nlock-enabled setting for the graphical user interface.","desc":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.","descriptions":[{"label":"default","data":"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline."},{"label":"check","data":"Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n    If the command does not return at least the example result, this is a\nfinding."},{"label":"fix","data":"Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-enabled"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-GPOS-00010","satisfies":["SRG-OS-000029-GPOS-00010","SRG-OS-000031-GPOS-00012","SRG-OS-000480-GPOS-00227"],"gid":"V-244539","rid":"SV-244539r743866_rule","stig_id":"RHEL-08-020082","fix_id":"F-47771r743865_fix","cci":["CCI-000057"],"nist":["AC-11 a"],"host":null},"code":"control 'SV-244539' do\n  title 'RHEL 8 must prevent a user from overriding the screensaver\nlock-enabled setting for the graphical user interface.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.\"\n  desc 'check', 'Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n    If the command does not return at least the example result, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-enabled'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-244539'\n  tag rid: 'SV-244539r743866_rule'\n  tag stig_id: 'RHEL-08-020082'\n  tag fix_id: 'F-47771r743865_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if !package('gnome-desktop3').installed?\n    impact 0.0\n    describe 'The GNOME desktop is not installed, this control is Not Applicable.' do\n      skip 'The GNOME desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('grep -i lock-enabled /etc/dconf/db/local.d/locks/*') do\n      its('stdout.split') { should include '/org/gnome/desktop/screensaver/lock-enabled' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244539.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"The GNOME desktop is not installed, this control is Not Applicable.","run_time":6.0e-06,"start_time":"2024-01-09T19:41:03-05:00","resource":"","skip_message":"The GNOME desktop is not installed, this control is Not Applicable.","resource_class":"Object","resource_params":"[]","resource_id":"The GNOME desktop is not installed, this control is Not Applicable."}]},{"id":"SV-244540","title":"RHEL 8 must not allow blank or null passwords in the system-auth file.","desc":"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.","descriptions":[{"label":"default","data":"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments."},{"label":"check","data":"To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/system-auth\n\nIf output is produced, this is a finding."},{"label":"fix","data":"Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/system-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244540","rid":"SV-244540r743869_rule","stig_id":"RHEL-08-020331","fix_id":"F-47772r743868_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-244540' do\n  title 'RHEL 8 must not allow blank or null passwords in the system-auth file.'\n  desc 'If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.'\n  desc 'check', 'To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/system-auth\n\nIf output is produced, this is a finding.'\n  desc 'fix', 'Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/system-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244540'\n  tag rid: 'SV-244540r743869_rule'\n  tag stig_id: 'RHEL-08-020331'\n  tag fix_id: 'F-47772r743868_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  pam_auth_files = input('pam_auth_files')\n  file_list = pam_auth_files.values.join(' ')\n  bad_entries = command(\"grep -i nullok #{file_list}\").stdout.lines.collect(&:squish)\n\n  describe 'The system is configureed' do\n    subject { command(\"grep -i nullok #{file_list}\") }\n    it 'to not allow null passwords' do\n      expect(subject.stdout.strip).to be_empty, \"The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \\n\\t- #{bad_entries.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244540.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"The system is configureed to not allow null passwords","run_time":0.007398,"start_time":"2024-01-09T19:41:03-05:00","message":"The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \n\t- /etc/pam.d/system-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/system-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok\n\t- /etc/pam.d/password-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/password-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok","resource_class":"Object","resource_params":"[]","resource_id":"The system is configureed"}]},{"id":"SV-244541","title":"RHEL 8 must not allow blank or null passwords in the password-auth\nfile.","desc":"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.","descriptions":[{"label":"default","data":"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments."},{"label":"check","data":"To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/password-auth\n\nIf output is produced, this is a finding."},{"label":"fix","data":"Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/password-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244541","rid":"SV-244541r743872_rule","stig_id":"RHEL-08-020332","fix_id":"F-47773r743871_fix","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'SV-244541' do\n  title 'RHEL 8 must not allow blank or null passwords in the password-auth\nfile.'\n  desc 'If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.'\n  desc 'check', 'To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/password-auth\n\nIf output is produced, this is a finding.'\n  desc 'fix', 'Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/password-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244541'\n  tag rid: 'SV-244541r743872_rule'\n  tag stig_id: 'RHEL-08-020332'\n  tag fix_id: 'F-47773r743871_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  pam_auth_files = input('pam_auth_files')\n  file_list = pam_auth_files.values.join(' ')\n  bad_entries = command(\"grep -i nullok #{file_list}\").stdout.lines.collect(&:squish)\n\n  describe 'The system is configureed' do\n    subject { command(\"grep -i nullok #{file_list}\") }\n    it 'to not allow null passwords' do\n      expect(subject.stdout.strip).to be_empty, \"The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \\n\\t- #{bad_entries.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244541.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"The system is configureed to not allow null passwords","run_time":0.005198,"start_time":"2024-01-09T19:41:04-05:00","message":"The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \n\t- /etc/pam.d/system-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/system-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok\n\t- /etc/pam.d/password-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/password-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok","resource_class":"Object","resource_params":"[]","resource_id":"The system is configureed"}]},{"id":"SV-244542","title":"RHEL 8 audit records must contain information to establish what type\nof events occurred, the source of events, where events occurred, and the\noutcome of events.","desc":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.","descriptions":[{"label":"default","data":"Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system."},{"label":"check","data":"Verify the audit service is configured to produce audit records with the following command:\n\n$ sudo systemctl status auditd.service\n\nauditd.service - Security Auditing Service\nLoaded:loaded (/usr/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)\nActive: active (running) since Tues 2020-12-11 12:56:56 EST; 4 weeks 0 days ago\n\nIf the audit service is not \"active\" and \"running\", this is a finding."},{"label":"fix","data":"Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred with the\nfollowing commands:\n\n    $ sudo systemctl enable auditd.service\n\n    $ sudo systemctl start auditd.service"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000062-GPOS-00031","satisfies":["SRG-OS-000062-GPOS-00031","SRG-OS-000037-GPOS-00015","SRG-OS-000038-GPOS-00016","SRG-OS-000039-GPOS-00017","SRG-OS-000040-GPOS-00018","SRG-OS-000041-GPOS-00019","SRG-OS-000042-GPOS-00021","SRG-OS-000051-GPOS-00024","SRG-OS-000054-GPOS-00025","SRG-OS-000122-GPOS-00063","SRG-OS-000254-GPOS-00095","SRG-OS-000255-GPOS-00096","SRG-OS-000337-GPOS-00129","SRG-OS-000348-GPOS-00136","SRG-OS-000349-GPOS-00137","SRG-OS-000350-GPOS-00138","SRG-OS-000351-GPOS-00139","SRG-OS-000352-GPOS-00140","SRG-OS-000353-GPOS-00141","SRG-OS-000354-GPOS-00142","SRG-OS-000358-GPOS-00145","SRG-OS-000365-GPOS-00152","SRG-OS-000392-GPOS-00172","SRG-OS-000475-GPOS-00220"],"gid":"V-244542","rid":"SV-244542r818838_rule","stig_id":"RHEL-08-030181","fix_id":"F-47774r743874_fix","cci":["CCI-000169"],"nist":["AU-12 a"],"host":null},"code":"control 'SV-244542' do\n  title 'RHEL 8 audit records must contain information to establish what type\nof events occurred, the source of events, where events occurred, and the\noutcome of events.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.'\n  desc 'check', 'Verify the audit service is configured to produce audit records with the following command:\n\n$ sudo systemctl status auditd.service\n\nauditd.service - Security Auditing Service\nLoaded:loaded (/usr/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)\nActive: active (running) since Tues 2020-12-11 12:56:56 EST; 4 weeks 0 days ago\n\nIf the audit service is not \"active\" and \"running\", this is a finding.'\n  desc 'fix', 'Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred with the\nfollowing commands:\n\n    $ sudo systemctl enable auditd.service\n\n    $ sudo systemctl start auditd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000038-GPOS-00016', 'SRG-OS-000039-GPOS-00017', 'SRG-OS-000040-GPOS-00018', 'SRG-OS-000041-GPOS-00019', 'SRG-OS-000042-GPOS-00021', 'SRG-OS-000051-GPOS-00024', 'SRG-OS-000054-GPOS-00025', 'SRG-OS-000122-GPOS-00063', 'SRG-OS-000254-GPOS-00095', 'SRG-OS-000255-GPOS-00096', 'SRG-OS-000337-GPOS-00129', 'SRG-OS-000348-GPOS-00136', 'SRG-OS-000349-GPOS-00137', 'SRG-OS-000350-GPOS-00138', 'SRG-OS-000351-GPOS-00139', 'SRG-OS-000352-GPOS-00140', 'SRG-OS-000353-GPOS-00141', 'SRG-OS-000354-GPOS-00142', 'SRG-OS-000358-GPOS-00145', 'SRG-OS-000365-GPOS-00152', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000475-GPOS-00220']\n  tag gid: 'V-244542'\n  tag rid: 'SV-244542r818838_rule'\n  tag stig_id: 'RHEL-08-030181'\n  tag fix_id: 'F-47774r743874_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe service('auditd') do\n    it { should be_enabled }\n    it { should be_running }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244542.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Service auditd is expected to be enabled","run_time":0.386387,"start_time":"2024-01-09T19:41:04-05:00","resource_class":"service","resource_params":"[\"auditd\"]","resource_id":"auditd"},{"status":"passed","code_desc":"Service auditd is expected to be running","run_time":0.000406,"start_time":"2024-01-09T19:41:04-05:00","resource_class":"service","resource_params":"[\"auditd\"]","resource_id":"auditd"}]},{"id":"SV-244543","title":"RHEL 8 must notify the System Administrator (SA) and Information\nSystem Security Officer (ISSO) (at a minimum) when allocated audit record\nstorage volume 75 percent utilization.","desc":"If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion.","descriptions":[{"label":"default","data":"If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion."},{"label":"check","data":"Verify RHEL 8 notifies the SA and ISSO (at a minimum) when allocated audit\nrecord storage volume reaches 75 percent of the repository maximum audit record\nstorage capacity with the following command:\n\n    $ sudo grep -w space_left_action /etc/audit/auditd.conf\n\n    space_left_action = email\n\n    If the value of the \"space_left_action\" is not set to \"email\", or if\nthe line is commented out, ask the System Administrator to indicate how the\nsystem is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\nthis is a finding."},{"label":"fix","data":"Configure the operating system to initiate an action to notify the SA and\nISSO (at a minimum) when allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity by\nadding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left_action = email\n\n    Note: Option names and values in the auditd.conf file are case insensitive."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000343-GPOS-00134","gid":"V-244543","rid":"SV-244543r877389_rule","stig_id":"RHEL-08-030731","fix_id":"F-47775r743877_fix","cci":["CCI-001855"],"nist":["AU-5 (1)"],"host":null},"code":"control 'SV-244543' do\n  title 'RHEL 8 must notify the System Administrator (SA) and Information\nSystem Security Officer (ISSO) (at a minimum) when allocated audit record\nstorage volume 75 percent utilization.'\n  desc 'If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion.'\n  desc 'check', 'Verify RHEL 8 notifies the SA and ISSO (at a minimum) when allocated audit\nrecord storage volume reaches 75 percent of the repository maximum audit record\nstorage capacity with the following command:\n\n    $ sudo grep -w space_left_action /etc/audit/auditd.conf\n\n    space_left_action = email\n\n    If the value of the \"space_left_action\" is not set to \"email\", or if\nthe line is commented out, ask the System Administrator to indicate how the\nsystem is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to initiate an action to notify the SA and\nISSO (at a minimum) when allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity by\nadding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left_action = email\n\n    Note: Option names and values in the auditd.conf file are case insensitive.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000343-GPOS-00134'\n  tag gid: 'V-244543'\n  tag rid: 'SV-244543r877389_rule'\n  tag stig_id: 'RHEL-08-030731'\n  tag fix_id: 'F-47775r743877_fix'\n  tag cci: ['CCI-001855']\n  tag nist: ['AU-5 (1)']\n  tag 'host'\n\n  alert_method = input('alert_method')\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe auditd_conf do\n    its('space_left_action.downcase') { should cmp alert_method }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244543.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Audit Daemon Config space_left_action.downcase is expected to cmp == \"email\"","run_time":0.000889,"start_time":"2024-01-09T19:41:04-05:00","resource_class":"auditd_conf","resource_params":"[]","resource_id":"/etc/audit/auditd.conf"}]},{"id":"SV-244544","title":"A firewall must be active on RHEL 8.","desc":"\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).","descriptions":[{"label":"default","data":"\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets)."},{"label":"check","data":"Verify that \"firewalld\" is active with the following commands:\n\n    $ sudo systemctl is-active firewalld\n\n    active\n\n    If the \"firewalld\" package is not \"active\", ask the System\nAdministrator if another firewall is installed. If no firewall is installed and\nactive this is a finding."},{"label":"fix","data":"Configure \"firewalld\" to protect the operating system with the following\ncommand:\n\n    $ sudo systemctl enable firewalld"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000297-GPOS-00115","gid":"V-244544","rid":"SV-244544r854073_rule","stig_id":"RHEL-08-040101","fix_id":"F-47776r743880_fix","cci":["CCI-002314"],"nist":["AC-17 (1)"]},"code":"control 'SV-244544' do\n  title 'A firewall must be active on RHEL 8.'\n  desc '\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).'\n  desc 'check', 'Verify that \"firewalld\" is active with the following commands:\n\n    $ sudo systemctl is-active firewalld\n\n    active\n\n    If the \"firewalld\" package is not \"active\", ask the System\nAdministrator if another firewall is installed. If no firewall is installed and\nactive this is a finding.'\n  desc 'fix', 'Configure \"firewalld\" to protect the operating system with the following\ncommand:\n\n    $ sudo systemctl enable firewalld'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000297-GPOS-00115'\n  tag gid: 'V-244544'\n  tag rid: 'SV-244544r854073_rule'\n  tag stig_id: 'RHEL-08-040101'\n  tag fix_id: 'F-47776r743880_fix'\n  tag cci: ['CCI-002314']\n  tag nist: ['AC-17 (1)']\n\n  only_if('This requirment is Not Applicable in the container, the container management platform manages the firewall service', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('external_firewall')\n    message = 'This system uses an externally managed firewall service, verify with the system administrator that the firewall is configured to requirements'\n    describe message do\n      skip message\n    end\n  else\n    describe package('firewalld') do\n      it { should be_installed }\n    end\n    describe firewalld do\n      it { should be_installed }\n      it { should be_running }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244544.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package firewalld is expected to be installed","run_time":0.000436,"start_time":"2024-01-09T19:41:04-05:00","resource_class":"package","resource_params":"[\"firewalld\"]","resource_id":"firewalld"},{"status":"passed","code_desc":"Firewall Rules is expected to be installed","run_time":0.000265,"start_time":"2024-01-09T19:41:04-05:00","resource_class":"firewalld","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Firewall Rules is expected to be running","run_time":0.000328,"start_time":"2024-01-09T19:41:04-05:00","message":"expected that `Firewall Rules` is running","resource_class":"firewalld","resource_params":"[]","resource_id":""}]},{"id":"SV-244545","title":"The RHEL 8 fapolicy module must be enabled.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers."},{"label":"check","data":"Verify the RHEL 8 \"fapolicyd\" is enabled and running with the following\ncommand:\n\n    $ sudo systemctl status fapolicyd.service\n\n    fapolicyd.service - File Access Policy Daemon\n    Loaded: loaded (/usr/lib/systemd/system/fapolicyd.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If fapolicyd is not enabled and running, this is a finding."},{"label":"fix","data":"Enable \"fapolicyd\" using the following command:\n\n$ sudo systemctl enable --now fapolicyd"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","satisfies":["SRG-OS-000368-GPOS-00154","SRG-OS-000370-GPOS-00155","SRG-OS-000480-GPOS-00232"],"gid":"V-244545","rid":"SV-244545r854074_rule","stig_id":"RHEL-08-040136","fix_id":"F-47777r743883_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"],"host":null},"code":"control 'SV-244545' do\n  title 'The RHEL 8 fapolicy module must be enabled.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.'\n  desc 'check', 'Verify the RHEL 8 \"fapolicyd\" is enabled and running with the following\ncommand:\n\n    $ sudo systemctl status fapolicyd.service\n\n    fapolicyd.service - File Access Policy Daemon\n    Loaded: loaded (/usr/lib/systemd/system/fapolicyd.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If fapolicyd is not enabled and running, this is a finding.'\n  desc 'fix', 'Enable \"fapolicyd\" using the following command:\n\n$ sudo systemctl enable --now fapolicyd'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag satisfies: ['SRG-OS-000368-GPOS-00154', 'SRG-OS-000370-GPOS-00155', 'SRG-OS-000480-GPOS-00232']\n  tag gid: 'V-244545'\n  tag rid: 'SV-244545r854074_rule'\n  tag stig_id: 'RHEL-08-040136'\n  tag fix_id: 'F-47777r743883_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n  tag 'host'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'This requirement is Not Applicable in the container' do\n      skip 'This requirement is Not Applicable in the container'\n    end\n  elsif !input('use_fapolicyd')\n    impact 0.0\n    describe 'The organization does not use the Fapolicyd service to manage firewall services' do\n      skip 'The organization is not using the Fapolicyd service to manage firewall services, this control is Not Applicable'\n    end\n  else\n    describe service('fapolicyd') do\n      it { should be_enabled }\n      it { should be_running }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244545.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Service fapolicyd is expected to be enabled","run_time":0.622238,"start_time":"2024-01-09T19:41:04-05:00","message":"expected that `Service fapolicyd` is enabled","resource_class":"service","resource_params":"[\"fapolicyd\"]","resource_id":"fapolicyd"},{"status":"failed","code_desc":"Service fapolicyd is expected to be running","run_time":0.001345,"start_time":"2024-01-09T19:41:05-05:00","message":"expected that `Service fapolicyd` is running","resource_class":"service","resource_params":"[\"fapolicyd\"]","resource_id":"fapolicyd"}]},{"id":"SV-244546","title":"The RHEL 8 fapolicy module must be configured to employ a deny-all,\npermit-by-exception policy to allow the execution of authorized software\nprograms.","desc":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.","descriptions":[{"label":"default","data":"The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers."},{"label":"check","data":"Verify the RHEL 8 \"fapolicyd\" employs a deny-all, permit-by-exception policy.\n\nCheck that \"fapolicyd\" is in enforcement mode with the following command:\n\n$ sudo grep permissive /etc/fapolicyd/fapolicyd.conf\n\npermissive = 0\n\nCheck that fapolicyd employs a deny-all policy on system mounts with the following commands:\n\nFor RHEL 8.4 systems and older:\n$ sudo tail /etc/fapolicyd/fapolicyd.rules\n\nFor RHEL 8.5 systems and newer:\n$ sudo tail /etc/fapolicyd/compiled.rules\n\nallow exe=/usr/bin/python3.7 : ftype=text/x-python\ndeny_audit perm=any pattern=ld_so : all\ndeny perm=any all : all\n\nIf fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to employ a deny-all, permit-by-exception application whitelisting policy with \"fapolicyd\".\n\nWith the \"fapolicyd\" installed and enabled, configure the daemon to function in permissive mode until the whitelist is built correctly to avoid system lockout. Do this by editing the \"/etc/fapolicyd/fapolicyd.conf\" file with the following line:\n\npermissive = 1\n\nFor RHEL 8.4 systems and older:\nBuild the whitelist in the \"/etc/fapolicyd/fapolicyd.rules\" file ensuring the last rule is \"deny perm=any all : all\".\n\nFor RHEL 8.5 systems and newer:\nBuild the whitelist in a file within the \"/etc/fapolicyd/rules.d\" directory ensuring the last rule is \"deny perm=any all : all\".\n\nOnce it is determined the whitelist is built correctly, set the fapolicyd to enforcing mode by editing the \"permissive\" line in the /etc/fapolicyd/fapolicyd.conf file.\n\npermissive = 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000368-GPOS-00154","satisfies":["SRG-OS-000368-GPOS-00154","SRG-OS-000370-GPOS-00155","SRG-OS-000480-GPOS-00232"],"gid":"V-244546","rid":"SV-244546r858730_rule","stig_id":"RHEL-08-040137","fix_id":"F-47778r858729_fix","cci":["CCI-001764"],"nist":["CM-7 (2)"]},"code":"control 'SV-244546' do\n  title 'The RHEL 8 fapolicy module must be configured to employ a deny-all,\npermit-by-exception policy to allow the execution of authorized software\nprograms.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.'\n  desc 'check', 'Verify the RHEL 8 \"fapolicyd\" employs a deny-all, permit-by-exception policy.\n\nCheck that \"fapolicyd\" is in enforcement mode with the following command:\n\n$ sudo grep permissive /etc/fapolicyd/fapolicyd.conf\n\npermissive = 0\n\nCheck that fapolicyd employs a deny-all policy on system mounts with the following commands:\n\nFor RHEL 8.4 systems and older:\n$ sudo tail /etc/fapolicyd/fapolicyd.rules\n\nFor RHEL 8.5 systems and newer:\n$ sudo tail /etc/fapolicyd/compiled.rules\n\nallow exe=/usr/bin/python3.7 : ftype=text/x-python\ndeny_audit perm=any pattern=ld_so : all\ndeny perm=any all : all\n\nIf fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to employ a deny-all, permit-by-exception application whitelisting policy with \"fapolicyd\".\n\nWith the \"fapolicyd\" installed and enabled, configure the daemon to function in permissive mode until the whitelist is built correctly to avoid system lockout. Do this by editing the \"/etc/fapolicyd/fapolicyd.conf\" file with the following line:\n\npermissive = 1\n\nFor RHEL 8.4 systems and older:\nBuild the whitelist in the \"/etc/fapolicyd/fapolicyd.rules\" file ensuring the last rule is \"deny perm=any all : all\".\n\nFor RHEL 8.5 systems and newer:\nBuild the whitelist in a file within the \"/etc/fapolicyd/rules.d\" directory ensuring the last rule is \"deny perm=any all : all\".\n\nOnce it is determined the whitelist is built correctly, set the fapolicyd to enforcing mode by editing the \"permissive\" line in the /etc/fapolicyd/fapolicyd.conf file.\n\npermissive = 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag satisfies: ['SRG-OS-000368-GPOS-00154', 'SRG-OS-000370-GPOS-00155', 'SRG-OS-000480-GPOS-00232']\n  tag gid: 'V-244546'\n  tag rid: 'SV-244546r858730_rule'\n  tag stig_id: 'RHEL-08-040137'\n  tag fix_id: 'F-47778r858729_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  # Check if the system is a Docker container or not using Fapolicyd\n  if virtualization.system.eql?('docker') || !input('use_fapolicyd')\n    impact 0.0\n    describe 'Control not applicable' do\n      skip 'The organization is not using the Fapolicyd service to manage firewall services, this control is Not Applicable' unless input('use_fapolicyd')\n      skip 'Control not applicable within a container' if virtualization.system.eql?('docker')\n    end\n  else\n    # Parse the fapolicyd configuration file\n    fapolicyd_config = parse_config_file('/etc/fapolicyd/fapolicyd.conf')\n\n    describe 'Fapolicyd configuration' do\n      it 'permissive should not be commented out' do\n        expect(fapolicyd_config.content).to match(/^permissive\\s*=\\s*0$/), 'permissive is commented out in the fapolicyd.conf file'\n      end\n      it 'should have permissive set to 0' do\n        expect(fapolicyd_config.params['permissive']).to cmp '0'\n      end\n    end\n\n    # Determine the rules file based on the OS release\n    rules_file = os.release.to_f < 8.4 ? '/etc/fapolicyd/fapolicyd.rules' : '/etc/fapolicyd/compiled.rules'\n\n    # Check if the rules file exists\n    describe file(rules_file) do\n      it { should exist }\n    end\n\n    # If the rules file exists, check the last rule\n    if file(rules_file).exist?\n      rules = file(rules_file).content.strip.split(\"\\n\")\n      last_rule = rules.last\n\n      describe 'Last rule in the rules file' do\n        it { expect(last_rule).to cmp 'deny perm=any all : all' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244546.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Fapolicyd configuration permissive should not be commented out","run_time":0.000366,"start_time":"2024-01-09T19:41:05-05:00","message":"permissive is commented out in the fapolicyd.conf file","resource_class":"Object","resource_params":"[]","resource_id":"Fapolicyd configuration"},{"status":"failed","code_desc":"Fapolicyd configuration should have permissive set to 0","run_time":0.00037,"start_time":"2024-01-09T19:41:05-05:00","message":"\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"Fapolicyd configuration"},{"status":"failed","code_desc":"File /etc/fapolicyd/compiled.rules is expected to exist","run_time":0.000232,"start_time":"2024-01-09T19:41:05-05:00","message":"expected File /etc/fapolicyd/compiled.rules to exist","resource_class":"file","resource_params":"[\"/etc/fapolicyd/compiled.rules\"]","resource_id":"/etc/fapolicyd/compiled.rules"}]},{"id":"SV-244547","title":"RHEL 8 must have the USBGuard installed.","desc":"Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.","descriptions":[{"label":"default","data":"Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices."},{"label":"check","data":"Verify USBGuard is installed on the operating system with the following\ncommand:\n\n    $ sudo yum list installed usbguard\n\n    Installed Packages\n    usbguard.x86_64                   0.7.8-7.el8             @ol8_appstream\n\n    If the USBGuard package is not installed, ask the SA to indicate how\nunauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding."},{"label":"fix","data":"Install the USBGuard package with the following command:\n\n$ sudo yum install usbguard.x86_64"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000378-GPOS-00163","gid":"V-244547","rid":"SV-244547r854076_rule","stig_id":"RHEL-08-040139","fix_id":"F-47779r743889_fix","cci":["CCI-001958"],"nist":["IA-3"],"host":null},"code":"control 'SV-244547' do\n  title 'RHEL 8 must have the USBGuard installed.'\n  desc 'Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.'\n  desc 'check', 'Verify USBGuard is installed on the operating system with the following\ncommand:\n\n    $ sudo yum list installed usbguard\n\n    Installed Packages\n    usbguard.x86_64                   0.7.8-7.el8             @ol8_appstream\n\n    If the USBGuard package is not installed, ask the SA to indicate how\nunauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding.'\n  desc 'fix', 'Install the USBGuard package with the following command:\n\n$ sudo yum install usbguard.x86_64'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000378-GPOS-00163'\n  tag gid: 'V-244547'\n  tag rid: 'SV-244547r854076_rule'\n  tag stig_id: 'RHEL-08-040139'\n  tag fix_id: 'F-47779r743889_fix'\n  tag cci: ['CCI-001958']\n  tag nist: ['IA-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  peripherals_package = input('peripherals_package')\n\n  describe package(peripherals_package) do\n    it \"is expected to be installed. \\n\\tPlease ensure to configure the service to ensure your devices function as expected.\" do\n      expect(subject.installed?).to be(true), \"The #{peripherals_package} package is not installed\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244547.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System Package usbguard is expected to be installed. \n\tPlease ensure to configure the service to ensure your devices function as expected.","run_time":0.207489,"start_time":"2024-01-09T19:41:05-05:00","message":"The usbguard package is not installed","resource_class":"package","resource_params":"[\"usbguard\"]","resource_id":"usbguard"}]},{"id":"SV-244548","title":"RHEL 8 must enable the USBGuard.","desc":"Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.","descriptions":[{"label":"default","data":"Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices."},{"label":"check","data":"Verify the operating system has enabled the use of the USBGuard with the\nfollowing command:\n\n    $ sudo systemctl status usbguard.service\n\n    usbguard.service - USBGuard daemon\n    Loaded: loaded (/usr/lib/systemd/system/usbguard.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If the usbguard.service is not enabled and active, ask the SA to indicate\nhow unauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding."},{"label":"fix","data":"Configure the operating system to enable the blocking of unauthorized\nperipherals with the following commands:\n\n    $ sudo systemctl enable usbguard.service\n\n    $ sudo systemctl start usbguard.service\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000378-GPOS-00163","gid":"V-244548","rid":"SV-244548r854077_rule","stig_id":"RHEL-08-040141","fix_id":"F-47780r743892_fix","cci":["CCI-001958"],"nist":["IA-3"]},"code":"control 'SV-244548' do\n  title 'RHEL 8 must enable the USBGuard.'\n  desc 'Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.'\n  desc 'check', 'Verify the operating system has enabled the use of the USBGuard with the\nfollowing command:\n\n    $ sudo systemctl status usbguard.service\n\n    usbguard.service - USBGuard daemon\n    Loaded: loaded (/usr/lib/systemd/system/usbguard.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If the usbguard.service is not enabled and active, ask the SA to indicate\nhow unauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable the blocking of unauthorized\nperipherals with the following commands:\n\n    $ sudo systemctl enable usbguard.service\n\n    $ sudo systemctl start usbguard.service\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000378-GPOS-00163'\n  tag gid: 'V-244548'\n  tag rid: 'SV-244548r854077_rule'\n  tag stig_id: 'RHEL-08-040141'\n  tag fix_id: 'F-47780r743892_fix'\n  tag cci: ['CCI-001958']\n  tag nist: ['IA-3']\n\n  only_if('This requirement is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  peripherals_service = input('peripherals_service')\n\n  describe service(peripherals_service) do\n    it \"is expected to be running. \\n\\tPlease ensure to configure the service to ensure your devices function as expected.\" do\n      expect(subject.running?).to be(true), \"The #{peripherals_service} service is not running\"\n    end\n    it \"is expected to be enabled. \\n\\tPlease ensure to configure the service to ensure your devices function as expected.\" do\n      expect(subject.enabled?).to be(true), \"The #{peripherals_service} service is not enabled\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244548.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Service usbguard is expected to be running. \n\tPlease ensure to configure the service to ensure your devices function as expected.","run_time":0.355734,"start_time":"2024-01-09T19:41:05-05:00","message":"The usbguard service is not running","resource_class":"service","resource_params":"[\"usbguard\"]","resource_id":"usbguard"},{"status":"failed","code_desc":"Service usbguard is expected to be enabled. \n\tPlease ensure to configure the service to ensure your devices function as expected.","run_time":0.00066,"start_time":"2024-01-09T19:41:05-05:00","message":"The usbguard service is not enabled","resource_class":"service","resource_params":"[\"usbguard\"]","resource_id":"usbguard"}]},{"id":"SV-244549","title":"All RHEL 8 networked systems must have SSH installed.","desc":"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.","descriptions":[{"label":"default","data":"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa."},{"label":"check","data":"Verify SSH is installed with the following command:\n\n$ sudo yum list installed openssh-server\n\nopenssh-server.x86_64                 8.0p1-5.el8          @anaconda\n\nIf the \"SSH server\" package is not installed, this is a finding."},{"label":"fix","data":"Install SSH packages onto the host with the following command:\n\n$ sudo yum install openssh-server.x86_64"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-GPOS-00187","satisfies":["SRG-OS-000423-GPOS-00187","SRG-OS-000424-GPOS-00188","SRG-OS-000425-GPOS-00189","SRG-OS-000426-GPOS-00190"],"gid":"V-244549","rid":"SV-244549r916422_rule","stig_id":"RHEL-08-040159","fix_id":"F-47781r743895_fix","cci":["CCI-002418"],"nist":["SC-8"],"host":null,"container-conditional":null},"code":"control 'SV-244549' do\n  title 'All RHEL 8 networked systems must have SSH installed.'\n  desc \"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\"\n  desc 'check', 'Verify SSH is installed with the following command:\n\n$ sudo yum list installed openssh-server\n\nopenssh-server.x86_64                 8.0p1-5.el8          @anaconda\n\nIf the \"SSH server\" package is not installed, this is a finding.'\n  desc 'fix', \"Install SSH packages onto the host with the following command:\n\n$ sudo yum install openssh-server.x86_64\"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-GPOS-00187'\n  tag satisfies: ['SRG-OS-000423-GPOS-00187', 'SRG-OS-000424-GPOS-00188', 'SRG-OS-000425-GPOS-00189', 'SRG-OS-000426-GPOS-00190']\n  tag gid: 'V-244549'\n  tag rid: 'SV-244549r916422_rule'\n  tag stig_id: 'RHEL-08-040159'\n  tag fix_id: 'F-47781r743895_fix'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'OpenSSH Server is not installed in the container environment' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'In a machine environment' do\n      it 'the OpenSSH Server should be installed' do\n        expect(package('openssh-server').installed?).to eq(true), 'the OpenSSH Server is not installed'\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244549.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"In a machine environment the OpenSSH Server should be installed","run_time":0.218138,"start_time":"2024-01-09T19:41:05-05:00","resource_class":"Object","resource_params":"[]","resource_id":"In a machine environment"}]},{"id":"SV-244550","title":"RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.","desc":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 will not accept IPv4 ICMP redirect messages.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_redirects\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_redirects = 0\n\nIf \"net.ipv4.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent IPv4 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244550","rid":"SV-244550r858791_rule","stig_id":"RHEL-08-040209","fix_id":"F-47782r858790_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244550' do\n  title 'RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 will not accept IPv4 ICMP redirect messages.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_redirects\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_redirects = 0\n\nIf \"net.ipv4.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent IPv4 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244550'\n  tag rid: 'SV-244550r858791_rule'\n  tag stig_id: 'RHEL-08-040209'\n  tag fix_id: 'F-47782r858790_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.default.accept_redirects'\n  action = 'do not accept IPv4 ICMP redirect messagess'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting setting' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244550.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.default.accept_redirects is disabled in sysctl -a","run_time":0.117248,"start_time":"2024-01-09T19:41:05-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.default.accept_redirects\"]","resource_id":"net.ipv4.conf.default.accept_redirects"},{"status":"passed","code_desc":"Configuration files for do not accept IPv4 ICMP redirect messagess does not have conflicting setting","run_time":0.000168,"start_time":"2024-01-09T19:41:05-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for do not accept IPv4 ICMP redirect messagess"},{"status":"passed","code_desc":"Configuration files for do not accept IPv4 ICMP redirect messagess does not have more then one value","run_time":0.000108,"start_time":"2024-01-09T19:41:05-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for do not accept IPv4 ICMP redirect messagess"}]},{"id":"SV-244551","title":"RHEL 8 must not forward IPv4 source-routed packets.","desc":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not accept IPv4 source-routed packets.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_source_route\n\nnet.ipv4.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_source_route = 0\n\nIf \"net.ipv4.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not forward IPv4 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244551","rid":"SV-244551r858799_rule","stig_id":"RHEL-08-040239","fix_id":"F-47783r858798_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244551' do\n  title 'RHEL 8 must not forward IPv4 source-routed packets.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv4 source-routed packets.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_source_route\n\nnet.ipv4.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_source_route = 0\n\nIf \"net.ipv4.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv4 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244551'\n  tag rid: 'SV-244551r858799_rule'\n  tag stig_id: 'RHEL-08-040239'\n  tag fix_id: 'F-47783r858798_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This system is acting as a router on the network, this control is Not Applicable', impact: 0.0) {\n    !input('network_router')\n  }\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.all.accept_source_route'\n  action = 'not accept IPv4 source-routed packets'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    # takes the found config values and puts them into a single array with only unique values\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n    # uniq_excluding_value = config_values.values.flatten.map(&:strip).map(&:to_i).uniq.excluding(value)\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244551.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.all.accept_source_route is disabled in sysctl -a","run_time":0.128853,"start_time":"2024-01-09T19:41:05-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.all.accept_source_route\"]","resource_id":"net.ipv4.conf.all.accept_source_route"},{"status":"passed","code_desc":"Configuration files for not accept IPv4 source-routed packets does not have conflicting settings","run_time":0.003183,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for not accept IPv4 source-routed packets"},{"status":"passed","code_desc":"Configuration files for not accept IPv4 source-routed packets does not have more then one value","run_time":0.000116,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for not accept IPv4 source-routed packets"}]},{"id":"SV-244552","title":"RHEL 8 must not forward IPv4 source-routed packets by default.","desc":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 does not accept IPv4 source-routed packets by default.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_source_route\n\nnet.ipv4.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_source_route = 0\n\nIf \"net.ipv4.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not forward IPv4 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244552","rid":"SV-244552r858803_rule","stig_id":"RHEL-08-040249","fix_id":"F-47784r858802_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244552' do\n  title 'RHEL 8 must not forward IPv4 source-routed packets by default.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv4 source-routed packets by default.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_source_route\n\nnet.ipv4.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_source_route = 0\n\nIf \"net.ipv4.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv4 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244552'\n  tag rid: 'SV-244552r858803_rule'\n  tag stig_id: 'RHEL-08-040249'\n  tag fix_id: 'F-47784r858802_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This system is acting as a router on the network, this control is Not Applicable', impact: 0.0) {\n    !input('network_router')\n  }\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.default.accept_source_route'\n  action = 'not forward IPv4 source-routed packets by default'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244552.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.default.accept_source_route is disabled in sysctl -a","run_time":0.121754,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.default.accept_source_route\"]","resource_id":"net.ipv4.conf.default.accept_source_route"},{"status":"passed","code_desc":"Configuration files for not forward IPv4 source-routed packets by default does not have conflicting settings","run_time":0.000427,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for not forward IPv4 source-routed packets by default"},{"status":"passed","code_desc":"Configuration files for not forward IPv4 source-routed packets by default does not have more then one value","run_time":9.9e-05,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for not forward IPv4 source-routed packets by default"}]},{"id":"SV-244553","title":"RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.","desc":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 ignores IPv4 ICMP redirect messages.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_redirects\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_redirects = 0\n\nIf \"net.ipv4.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to ignore IPv4 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244553","rid":"SV-244553r858818_rule","stig_id":"RHEL-08-040279","fix_id":"F-47785r858817_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244553' do\n  title 'RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 ignores IPv4 ICMP redirect messages.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_redirects\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_redirects = 0\n\nIf \"net.ipv4.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to ignore IPv4 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244553'\n  tag rid: 'SV-244553r858818_rule'\n  tag stig_id: 'RHEL-08-040279'\n  tag fix_id: 'F-47785r858817_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.all.accept_redirects'\n  action = 'ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting setting' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244553.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.all.accept_redirects is disabled in sysctl -a","run_time":0.155616,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.all.accept_redirects\"]","resource_id":"net.ipv4.conf.all.accept_redirects"},{"status":"passed","code_desc":"Configuration files for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages does not have conflicting setting","run_time":0.00019,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages"},{"status":"passed","code_desc":"Configuration files for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages does not have more then one value","run_time":7.2e-05,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages"}]},{"id":"SV-244554","title":"RHEL 8 must enable hardening for the Berkeley Packet Filter\nJust-in-time compiler.","desc":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nEnabling hardening for the Berkeley Packet Filter (BPF) Just-in-time (JIT) compiler aids in mitigating JIT spraying attacks. Setting the value to \"2\" enables JIT hardening for all users.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf","descriptions":[{"label":"default","data":"It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nEnabling hardening for the Berkeley Packet Filter (BPF) Just-in-time (JIT) compiler aids in mitigating JIT spraying attacks. Setting the value to \"2\" enables JIT hardening for all users.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 enables hardening for the BPF JIT with the following commands:\n\n$ sudo sysctl net.core.bpf_jit_harden\n\nnet.core.bpf_jit_harden = 2\n\nIf the returned line does not have a value of \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.core.bpf_jit_harden /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.core.bpf_jit_harden = 2\n\nIf \"net.core.bpf_jit_harden\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to enable hardening for the BPF JIT compiler by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.core.bpf_jit_harden = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-GPOS-00227","gid":"V-244554","rid":"SV-244554r858832_rule","stig_id":"RHEL-08-040286","fix_id":"F-47786r858831_fix","cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-244554' do\n  title 'RHEL 8 must enable hardening for the Berkeley Packet Filter\nJust-in-time compiler.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nEnabling hardening for the Berkeley Packet Filter (BPF) Just-in-time (JIT) compiler aids in mitigating JIT spraying attacks. Setting the value to \"2\" enables JIT hardening for all users.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 enables hardening for the BPF JIT with the following commands:\n\n$ sudo sysctl net.core.bpf_jit_harden\n\nnet.core.bpf_jit_harden = 2\n\nIf the returned line does not have a value of \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.core.bpf_jit_harden /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.core.bpf_jit_harden = 2\n\nIf \"net.core.bpf_jit_harden\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable hardening for the BPF JIT compiler by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.core.bpf_jit_harden = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244554'\n  tag rid: 'SV-244554r858832_rule'\n  tag stig_id: 'RHEL-08-040286'\n  tag fix_id: 'F-47786r858831_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.core.bpf_jit_harden'\n  action = 'Enables hardening for the BPF JIT'\n  value = 2\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244554.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Kernel Parameter net.core.bpf_jit_harden is disabled in sysctl -a","run_time":0.117909,"start_time":"2024-01-09T19:41:06-05:00","message":"\nexpected: 2\n     got: 1\n\n(compared using `cmp` matcher)\n","resource_class":"kernel_parameter","resource_params":"[\"net.core.bpf_jit_harden\"]","resource_id":"net.core.bpf_jit_harden"},{"status":"passed","code_desc":"Configuration files for Enables hardening for the BPF JIT does not have conflicting settings","run_time":0.000145,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for Enables hardening for the BPF JIT"},{"status":"passed","code_desc":"Configuration files for Enables hardening for the BPF JIT does not have more then one value","run_time":0.000102,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"Object","resource_params":"[]","resource_id":"for Enables hardening for the BPF JIT"}]},{"id":"SV-245540","title":"The RHEL 8 operating system must implement the Endpoint Security for\nLinux Threat Prevention tool.","desc":"Adding endpoint security tools can provide the capability to\nautomatically take actions in response to malicious behavior, which can provide\nadditional agility in reacting to network threats. These tools also often\ninclude a reporting capability to provide network awareness of the system,\nwhich may not otherwise exist in an organization's systems management regime.","descriptions":[{"label":"default","data":"Adding endpoint security tools can provide the capability to\nautomatically take actions in response to malicious behavior, which can provide\nadditional agility in reacting to network threats. These tools also often\ninclude a reporting capability to provide network awareness of the system,\nwhich may not otherwise exist in an organization's systems management regime."},{"label":"check","data":"Per OPORD 16-0080, the preferred endpoint security tool is McAfee Endpoint\nSecurity for Linux (ENSL) in conjunction with SELinux.\n\n    Procedure:\n    Check that the following package has been installed:\n\n    $ sudo rpm -qa | grep -i mcafeetp\n\n    If the \"mcafeetp\" package is not installed, this is a finding.\n\n    Verify that the daemon is running:\n\n    $ sudo ps -ef | grep -i mfetpd\n\n    If the daemon is not running, this is a finding."},{"label":"fix","data":"Install and enable the latest McAfee ENSLTP package."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000191-GPOS-00080","gid":"V-245540","rid":"SV-245540r754730_rule","stig_id":"RHEL-08-010001","fix_id":"F-48770r754729_fix","cci":["CCI-001233"],"nist":["SI-2 (2)"],"host":null},"code":"control 'SV-245540' do\n  title 'The RHEL 8 operating system must implement the Endpoint Security for\nLinux Threat Prevention tool.'\n  desc \"Adding endpoint security tools can provide the capability to\nautomatically take actions in response to malicious behavior, which can provide\nadditional agility in reacting to network threats. These tools also often\ninclude a reporting capability to provide network awareness of the system,\nwhich may not otherwise exist in an organization's systems management regime.\"\n  desc 'check', 'Per OPORD 16-0080, the preferred endpoint security tool is McAfee Endpoint\nSecurity for Linux (ENSL) in conjunction with SELinux.\n\n    Procedure:\n    Check that the following package has been installed:\n\n    $ sudo rpm -qa | grep -i mcafeetp\n\n    If the \"mcafeetp\" package is not installed, this is a finding.\n\n    Verify that the daemon is running:\n\n    $ sudo ps -ef | grep -i mfetpd\n\n    If the daemon is not running, this is a finding.'\n  desc 'fix', 'Install and enable the latest McAfee ENSLTP package.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000191-GPOS-00080'\n  tag gid: 'V-245540'\n  tag rid: 'SV-245540r754730_rule'\n  tag stig_id: 'RHEL-08-010001'\n  tag fix_id: 'F-48770r754729_fix'\n  tag cci: ['CCI-001233']\n  tag nist: ['SI-2 (2)']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if input('skip_endpoint_security_tool')\n    impact 0.0\n    describe 'Implementing the Endpoint Security for Linux Threat Prevention tool is not applicable by agreement with  the approval authority of the organization.' do\n      skip 'Implementing the Endpoint Security for Linux Threat Prevention tool is not applicable by agreement with  the approval authority of the organization.'\n    end\n  else\n    linux_threat_prevention_package = input('linux_threat_prevention_package')\n    linux_threat_prevention_service = input('linux_threat_prevention_service')\n    describe package(linux_threat_prevention_package) do\n      it { should be_installed }\n    end\n\n    describe processes(linux_threat_prevention_service) do\n      it { should exist }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-245540.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System Package mcafeetp is expected to be installed","run_time":0.134239,"start_time":"2024-01-09T19:41:06-05:00","message":"expected that `System Package mcafeetp` is installed","resource_class":"package","resource_params":"[\"mcafeetp\"]","resource_id":"mcafeetp"},{"status":"failed","code_desc":"Processes mfetpd is expected to exist","run_time":0.000456,"start_time":"2024-01-09T19:41:06-05:00","message":"expected Processes mfetpd to exist","resource_class":"processes","resource_params":"[\"mfetpd\"]","resource_id":""}]},{"id":"SV-250315","title":"RHEL 8 systems, versions 8.2 and above, must configure SELinux context\n  type to allow the use of a non-default faillock tally directory.","desc":"By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"faillock.conf\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  re-enabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"faillock.conf\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  re-enabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory."},{"label":"check","data":"If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.2 or newer. If the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/security/faillock.conf\n\n  dir = /var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding."},{"label":"fix","data":"Configure RHEL 8 to allow the use of a non-default faillock tally\n  directory while SELinux enforces a targeted policy.\n\n  Create a non-default faillock tally directory (if it does not already exist)\n  with the following example:\n\n  $ sudo mkdir /var/log/faillock\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/subdirectories\n  and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-53749r793000_chk","severity":"medium","gid":"V-250315","rid":"SV-250315r854079_rule","stig_id":"RHEL-08-020027","gtitle":"SRG-OS-000021-GPOS-00005","fix_id":"F-53703r793001_fix","documentable":null,"cci":["CCI-000044","CCI-002238"],"nist":["AC-7 a","AC-7 b"],"host":null,"container":null},"code":"control 'SV-250315' do\n  title 'RHEL 8 systems, versions 8.2 and above, must configure SELinux context\n  type to allow the use of a non-default faillock tally directory.'\n  desc %q(By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"faillock.conf\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  re-enabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.)\n  desc 'check', 'If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.2 or newer. If the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/security/faillock.conf\n\n  dir = /var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allow the use of a non-default faillock tally\n  directory while SELinux enforces a targeted policy.\n\n  Create a non-default faillock tally directory (if it does not already exist)\n  with the following example:\n\n  $ sudo mkdir /var/log/faillock\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/subdirectories\n  and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock'\n  impact 0.5\n  tag check_id: 'C-53749r793000_chk'\n  tag severity: 'medium'\n  tag gid: 'V-250315'\n  tag rid: 'SV-250315r854079_rule'\n  tag stig_id: 'RHEL-08-020027'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag fix_id: 'F-53703r793001_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000044', 'CCI-002238']\n  tag nist: ['AC-7 a', 'AC-7 b']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL version 8.2 and later. If the system is\n  not RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe selinux do\n    it { should be_installed }\n    it { should be_enforcing }\n    it { should_not be_disabled }\n  end\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('dir') { should cmp input('non_default_tally_dir') }\n  end\n\n  faillock_tally = input('faillock_tally')\n\n  describe \"The selected non-default tally directory for PAM: #{input('non_default_tally_dir')}\" do\n    subject { file(input('non_default_tally_dir')) }\n    its('selinux_label') { should match(/#{faillock_tally}/) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-250315.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"SELinux is expected to be installed","run_time":0.205833,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"selinux","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"SELinux is expected to be enforcing","run_time":0.009937,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"selinux","resource_params":"[]","resource_id":""},{"status":"passed","code_desc":"SELinux is expected not to be disabled","run_time":0.005224,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"selinux","resource_params":"[]","resource_id":""},{"status":"failed","code_desc":"Parse Config File /etc/security/faillock.conf dir is expected to cmp == \"/var/log/faillock\"","run_time":0.000388,"start_time":"2024-01-09T19:41:06-05:00","message":"\nexpected: /var/log/faillock\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"parse_config_file","resource_params":"[\"/etc/security/faillock.conf\"]","resource_id":"/etc/security/faillock.conf"},{"status":"failed","code_desc":"The selected non-default tally directory for PAM: /var/log/faillock selinux_label is expected to match /faillog_t/","run_time":0.104025,"start_time":"2024-01-09T19:41:06-05:00","message":"expected nil to match /faillog_t/","resource_class":"Object","resource_params":"[]","resource_id":"selinux_label"}]},{"id":"SV-250316","title":"RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory.","desc":"By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"Pam_Faillock\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  reenabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"Pam_Faillock\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  reenabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory."},{"label":"check","data":"If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL\n  version 8.2 or newer, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/pam.d/password-auth\n\n  auth   required   pam_faillock.so preauth dir=/var/log/faillock\n  auth   required   pam_faillock.so authfail dir=/var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding."},{"label":"fix","data":"Configure RHEL 8 to allow the use of a non-default faillock\n  tally directory while SELinux enforces a targeted policy.\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/\n  subdirectories and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock"}],"impact":0.0,"refs":[],"tags":{"check_id":"C-53750r793003_chk","severity":"medium","gid":"V-250316","rid":"SV-250316r854080_rule","stig_id":"RHEL-08-020028","gtitle":"SRG-OS-000021-GPOS-00005","fix_id":"F-53704r793004_fix","documentable":null,"cci":["CCI-000044","CCI-002238"],"nist":["AC-7 a","AC-7 b"],"host":null,"container":null},"code":"control 'SV-250316' do\n  title 'RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory.'\n  desc %q(By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"Pam_Faillock\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  reenabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.)\n  desc 'check', 'If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL\n  version 8.2 or newer, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/pam.d/password-auth\n\n  auth   required   pam_faillock.so preauth dir=/var/log/faillock\n  auth   required   pam_faillock.so authfail dir=/var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allow the use of a non-default faillock\n  tally directory while SELinux enforces a targeted policy.\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/\n  subdirectories and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock'\n  impact 0.5\n  tag check_id: 'C-53750r793003_chk'\n  tag severity: 'medium'\n  tag gid: 'V-250316'\n  tag rid: 'SV-250316r854080_rule'\n  tag stig_id: 'RHEL-08-020028'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag fix_id: 'F-53704r793004_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000044', 'CCI-002238']\n  tag nist: ['AC-7 a', 'AC-7 b']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    os.release.to_f < 8.2\n  }\n\n  describe selinux do\n    it { should be_installed }\n    it { should be_enforcing }\n    it { should_not be_disabled }\n  end\n\n  # TODO: refactor this with the pam resource\n  describe file('/etc/pam.d/password-auth') do\n    its('content') {\n      should match(/auth\\s+required\\s+pam_faillock.so preauth\n    dir=#{input('non_default_tally_dir')}/)\n    }\n    its('content') {\n      should match(/auth\\s+required\\s+pam_faillock.so authfail\n    dir=#{input('non_default_tally_dir')}/)\n    }\n  end\n\n  faillock_tally = input('faillock_tally')\n\n  describe \"The selected non-default tally directory for PAM: #{input('non_default_tally_dir')}\" do\n    subject { file(input('non_default_tally_dir')) }\n    its('selinux_label') { should match(/#{faillock_tally}/) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-250316.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":1.6e-05,"start_time":"2024-01-09T19:41:06-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL version 8.2 or newer, this check is Not Applicable.","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-250317","title":"RHEL 8 must not enable IPv4 packet forwarding unless the system is a router.","desc":"Routing protocol daemons are typically used on routers to exchange network\n    topology information with other routers. If this software is used when not required,\n    system network information may be unnecessarily transmitted across the network.\n\n    The sysctl --system command will load settings from all system configuration files.\n\n    All configuration files are sorted by their filename in lexicographic order, regardless\n    of which of the directories they reside in. If multiple files specify the same option,\n    the entry in the file with the lexicographically latest name will take precedence.\n\n    Files are read from directories in the following list from top to bottom. Once a file of a\n    given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf","descriptions":[{"label":"default","data":"Routing protocol daemons are typically used on routers to exchange network\n    topology information with other routers. If this software is used when not required,\n    system network information may be unnecessarily transmitted across the network.\n\n    The sysctl --system command will load settings from all system configuration files.\n\n    All configuration files are sorted by their filename in lexicographic order, regardless\n    of which of the directories they reside in. If multiple files specify the same option,\n    the entry in the file with the lexicographically latest name will take precedence.\n\n    Files are read from directories in the following list from top to bottom. Once a file of a\n    given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf"},{"label":"check","data":"Verify RHEL 8 is not performing IPv4 packet forwarding, unless the system\n    is a router.\n\n    Check that IPv4 forwarding is disabled using the following command:\n\n    $ sudo sysctl net.ipv4.conf.all.forwarding\n\n    net.ipv4.conf.all.forwarding = 0\n\n    If the IPv4 forwarding value is not \"0\" and is not documented with the Information System\n    Security Officer (ISSO) as an operational requirement, this is a finding.\n\n    Check that the configuration files are present to enable this network parameter.\n\n    $ sudo grep -sr net.ipv4.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n    /etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.forwarding = 0\n\n    If \"net.ipv4.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\n    If conflicting results are returned, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to not allow IPv4 packet forwarding, unless the system is a router.\n\n    Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n    net.ipv4.conf.all.forwarding=0\n\n    Remove any configurations that conflict with the above from the following locations:\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf\n    /etc/sysctl.d/*.conf\n\n    Load settings from all system configuration files with the following command:\n\n    $ sudo sysctl --system"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-53751r833382_chk","severity":"medium","gid":"V-250317","rid":"SV-250317r858808_rule","stig_id":"RHEL-08-040259","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-53705r858807_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-250317' do\n  title 'RHEL 8 must not enable IPv4 packet forwarding unless the system is a router.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network\n    topology information with other routers. If this software is used when not required,\n    system network information may be unnecessarily transmitted across the network.\n\n    The sysctl --system command will load settings from all system configuration files.\n\n    All configuration files are sorted by their filename in lexicographic order, regardless\n    of which of the directories they reside in. If multiple files specify the same option,\n    the entry in the file with the lexicographically latest name will take precedence.\n\n    Files are read from directories in the following list from top to bottom. Once a file of a\n    given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 is not performing IPv4 packet forwarding, unless the system\n    is a router.\n\n    Check that IPv4 forwarding is disabled using the following command:\n\n    $ sudo sysctl net.ipv4.conf.all.forwarding\n\n    net.ipv4.conf.all.forwarding = 0\n\n    If the IPv4 forwarding value is not \"0\" and is not documented with the Information System\n    Security Officer (ISSO) as an operational requirement, this is a finding.\n\n    Check that the configuration files are present to enable this network parameter.\n\n    $ sudo grep -sr net.ipv4.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n    /etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.forwarding = 0\n\n    If \"net.ipv4.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\n    If conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow IPv4 packet forwarding, unless the system is a router.\n\n    Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n    net.ipv4.conf.all.forwarding=0\n\n    Remove any configurations that conflict with the above from the following locations:\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf\n    /etc/sysctl.d/*.conf\n\n    Load settings from all system configuration files with the following command:\n\n    $ sudo sysctl --system'\n  impact 0.5\n  tag check_id: 'C-53751r833382_chk'\n  tag severity: 'medium'\n  tag gid: 'V-250317'\n  tag rid: 'SV-250317r858808_rule'\n  tag stig_id: 'RHEL-08-040259'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-53705r858807_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This system is acting as a router on the network, this control is Not Applicable', impact: 0.0) {\n    !input('network_router')\n  }\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.all.forwarding'\n  action = 'IPv4 packet forwarding'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"does not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-250317.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Kernel Parameter net.ipv4.conf.all.forwarding is disabled in sysctl -a","run_time":0.123778,"start_time":"2024-01-09T19:41:06-05:00","resource_class":"kernel_parameter","resource_params":"[\"net.ipv4.conf.all.forwarding\"]","resource_id":"net.ipv4.conf.all.forwarding"},{"status":"failed","code_desc":"Configuration files does not have `net.ipv4.conf.all.forwarding` disabled directly","run_time":0.007281,"start_time":"2024-01-09T19:41:07-05:00","message":"Add the line `net.ipv4.conf.all.forwarding=0` to a file in the `/etc/sysctl.d/` directory","resource_class":"Object","resource_params":"[]","resource_id":"Configuration files"}]},{"id":"SV-251706","title":"The RHEL 8 operating system must not have accounts configured with blank or null passwords.","desc":"If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.","descriptions":[{"label":"default","data":"If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments."},{"label":"check","data":"Check the \"/etc/shadow\" file for blank passwords with the following command:\n\n$ sudo awk -F: '!$2 {print $1}' /etc/shadow\n\nIf the command returns any results, this is a finding."},{"label":"fix","data":"Configure all accounts on the system to have a password or lock the account\nwith the following commands:\n\nPerform a password reset:\n$ sudo passwd [username]\n\nLock an account:\n$ sudo passwd -l [username]"}],"impact":0.7,"refs":[],"tags":{"check_id":"C-55143r809340_chk","severity":"high","gid":"V-251706","rid":"SV-251706r809342_rule","stig_id":"RHEL-08-010121","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55097r809341_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null,"review":null},"code":"control 'SV-251706' do\n  title 'The RHEL 8 operating system must not have accounts configured with blank or null passwords.'\n  desc 'If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.'\n  desc 'check', %q(Check the \"/etc/shadow\" file for blank passwords with the following command:\n\n$ sudo awk -F: '!$2 {print $1}' /etc/shadow\n\nIf the command returns any results, this is a finding.)\n  desc 'fix', 'Configure all accounts on the system to have a password or lock the account\nwith the following commands:\n\nPerform a password reset:\n$ sudo passwd [username]\n\nLock an account:\n$ sudo passwd -l [username]'\n  impact 0.7\n  tag check_id: 'C-55143r809340_chk'\n  tag severity: 'high'\n  tag gid: 'V-251706'\n  tag rid: 'SV-251706r809342_rule'\n  tag stig_id: 'RHEL-08-010121'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55097r809341_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container', 'review'\n\n  users_with_blank_passwords = shadow.where { password.blank? }.users - input('users_allowed_blank_passwords')\n\n  # TODO: is this an NA in containers?\n\n  describe 'All users' do\n    it 'should have a password set' do\n      fail_msg = \"Users with blank passwords:\\n\\t- #{users_with_blank_passwords.join(\"\\n\\t- \")}\"\n      expect(users_with_blank_passwords).to be_empty, fail_msg\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251706.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"All users should have a password set","run_time":0.004912,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All users"}]},{"id":"SV-251707","title":"RHEL 8 library directories must have mode 755 or less permissive.","desc":"If RHEL 8 were to allow any user to make changes to software libraries,\n  then those changes might be implemented without undergoing the appropriate\n  testing and approvals that are part of a robust change management process.\n\n  This requirement applies to RHEL 8 with software libraries that are accessible\n  and configurable, as in the case of interpreted languages. Software libraries\n  also include privileged programs that execute with escalated privileges. Only\n  qualified and authorized individuals will be allowed to obtain access to\n  information system components for purposes of initiating changes, including\n  upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software libraries,\n  then those changes might be implemented without undergoing the appropriate\n  testing and approvals that are part of a robust change management process.\n\n  This requirement applies to RHEL 8 with software libraries that are accessible\n  and configurable, as in the case of interpreted languages. Software libraries\n  also include privileged programs that execute with escalated privileges. Only\n  qualified and authorized individuals will be allowed to obtain access to\n  information system components for purposes of initiating changes, including\n  upgrades and modifications."},{"label":"check","data":"Verify the system-wide shared library directories within \"/lib\",\n  \"/lib64\", \"/usr/lib\" and \"/usr/lib64\" have mode \"755\" or less permissive with\n  the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec stat -c \"%n %a\" '{}' \\;\n\n  If any system-wide shared library directories are found to be group-writable\n  or world-writable, this is a finding."},{"label":"fix","data":"Configure the library directories to be protected from unauthorized\n  access. Run the following command, replacing \"[DIRECTORY]\" with any library\n  directory with a mode more permissive than 755.\n\n  $ sudo chmod 755 [DIRECTORY]"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000259-GPOS-00100","gid":"V-251707","rid":"SV-251707r809345_rule","stig_id":"RHEL-08-010331","fix_id":"F-55098r809344_fix","cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null},"code":"control 'SV-251707' do\n  title 'RHEL 8 library directories must have mode 755 or less permissive.'\n  desc 'If RHEL 8 were to allow any user to make changes to software libraries,\n  then those changes might be implemented without undergoing the appropriate\n  testing and approvals that are part of a robust change management process.\n\n  This requirement applies to RHEL 8 with software libraries that are accessible\n  and configurable, as in the case of interpreted languages. Software libraries\n  also include privileged programs that execute with escalated privileges. Only\n  qualified and authorized individuals will be allowed to obtain access to\n  information system components for purposes of initiating changes, including\n  upgrades and modifications.'\n  desc 'check', %q(Verify the system-wide shared library directories within \"/lib\",\n  \"/lib64\", \"/usr/lib\" and \"/usr/lib64\" have mode \"755\" or less permissive with\n  the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec stat -c \"%n %a\" '{}' \\;\n\n  If any system-wide shared library directories are found to be group-writable\n  or world-writable, this is a finding.)\n  desc 'fix', 'Configure the library directories to be protected from unauthorized\n  access. Run the following command, replacing \"[DIRECTORY]\" with any library\n  directory with a mode more permissive than 755.\n\n  $ sudo chmod 755 [DIRECTORY]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-251707'\n  tag rid: 'SV-251707r809345_rule'\n  tag stig_id: 'RHEL-08-010331'\n  tag fix_id: 'F-55098r809344_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host'\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  permissions_for_libs = input('permissions_for_libs')\n\n  overly_permissive_libs = input('system_libraries').select { |lib|\n    file(lib).more_permissive_than?(permissions_for_libs)\n  }\n\n  describe 'System libraries' do\n    it \"should not have permissions set higher than #{permissions_for_libs}\" do\n      fail_msg = \"Overly permissive system libraries:\\n\\t- #{overly_permissive_libs.join(\"\\n\\t- \")}\"\n      expect(overly_permissive_libs).to be_empty, fail_msg\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251707.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System libraries should not have permissions set higher than 0755","run_time":0.004302,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"System libraries"}]},{"id":"SV-251708","title":"RHEL 8 library directories must be owned by root.","desc":"If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications."},{"label":"check","data":"Verify the system-wide shared library directories are owned by \"root\" with\nthe following command:\n\n$ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c \"%n %U\" '{}' \\;\n\nIf any system-wide shared library directory is returned, this is a finding."},{"label":"fix","data":"Configure the system-wide shared library directories within (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not owned by \"root\".\n\n              $ sudo chown root [DIRECTORY]"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55145r810011_chk","severity":"medium","gid":"V-251708","rid":"SV-251708r810012_rule","stig_id":"RHEL-08-010341","gtitle":"SRG-OS-000259-GPOS-00100","fix_id":"F-55099r809347_fix","documentable":null,"cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null,"review":null},"code":"control 'SV-251708' do\n  title 'RHEL 8 library directories must be owned by root.'\n  desc 'If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.'\n  desc 'check', %q(Verify the system-wide shared library directories are owned by \"root\" with\nthe following command:\n\n$ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c \"%n %U\" '{}' \\;\n\nIf any system-wide shared library directory is returned, this is a finding.)\n  desc 'fix', 'Configure the system-wide shared library directories within (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not owned by \"root\".\n\n              $ sudo chown root [DIRECTORY]'\n  impact 0.5\n  tag check_id: 'C-55145r810011_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251708'\n  tag rid: 'SV-251708r810012_rule'\n  tag stig_id: 'RHEL-08-010341'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag fix_id: 'F-55099r809347_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container', 'review'\n\n  non_root_owned_libs = input('system_libraries').reject { |lib| file(lib).owned_by?('root') }\n\n  # TODO: is this NA in continers?\n\n  describe 'System libraries' do\n    it 'should be owned by root' do\n      fail_msg = \"Libs not owned by root:\\n\\t- #{non_root_owned_libs.join(\"\\n\\t- \")}\"\n      expect(non_root_owned_libs).to be_empty, fail_msg\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251708.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System libraries should be owned by root","run_time":0.004067,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"System libraries"}]},{"id":"SV-251709","title":"RHEL 8 library directories must be group-owned by root or a system account.","desc":"If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.","descriptions":[{"label":"default","data":"If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications."},{"label":"check","data":"Verify the system-wide shared library directories are group-owned\n  by \"root\" with the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c \"%n %G\" '{}' \\;\n\n  If any system-wide shared library directory is returned and is not group-owned\n  by a required system account, this is a finding."},{"label":"fix","data":"Configure the system-wide shared library directories (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not group-owned by \"root\". $ sudo chgrp root [DIRECTORY]"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55146r810013_chk","severity":"medium","gid":"V-251709","rid":"SV-251709r810014_rule","stig_id":"RHEL-08-010351","gtitle":"SRG-OS-000259-GPOS-00100","fix_id":"F-55100r809350_fix","documentable":null,"cci":["CCI-001499"],"nist":["CM-5 (6)"],"host":null,"container":null},"code":"control 'SV-251709' do\n  title 'RHEL 8 library directories must be group-owned by root or a system account.'\n  desc 'If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.'\n  desc 'check', %q(Verify the system-wide shared library directories are group-owned\n  by \"root\" with the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c \"%n %G\" '{}' \\;\n\n  If any system-wide shared library directory is returned and is not group-owned\n  by a required system account, this is a finding.)\n  desc 'fix', 'Configure the system-wide shared library directories (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not group-owned by \"root\". $ sudo chgrp root [DIRECTORY]'\n  impact 0.5\n  tag check_id: 'C-55146r810013_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251709'\n  tag rid: 'SV-251709r810014_rule'\n  tag stig_id: 'RHEL-08-010351'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag fix_id: 'F-55100r809350_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  non_root_owned_libs = input('system_libraries').filter { |lib|\n    !input('required_system_accounts').include?(file(lib).group)\n  }\n\n  describe 'System libraries' do\n    it 'should be owned by a required system account' do\n      fail_msg = \"Libs not group-owned by a system account:\\n\\t- #{non_root_owned_libs.join(\"\\n\\t- \")}\"\n      expect(non_root_owned_libs).to be_empty, fail_msg\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251709.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System libraries should be owned by a required system account","run_time":0.003784,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"System libraries"}]},{"id":"SV-251710","title":"The RHEL 8 operating system must use a file integrity tool to verify correct operation of all security functions.","desc":"Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed.\n        Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the\n        system security policy and supporting the isolation of code and data on which the protection is based. Security functionality\n        includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges),\n        setting events to be audited, and setting intrusion detection parameters.\n\n        This requirement applies to the RHEL 8 operating system performing security function verification/testing and/or systems and\n        environments that require this functionality.","descriptions":[{"label":"default","data":"Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed.\n        Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the\n        system security policy and supporting the isolation of code and data on which the protection is based. Security functionality\n        includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges),\n        setting events to be audited, and setting intrusion detection parameters.\n\n        This requirement applies to the RHEL 8 operating system performing security function verification/testing and/or systems and\n        environments that require this functionality."},{"label":"check","data":"Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all\n        security functions.\n\n        Check that the AIDE package is installed with the following command:\n          $ sudo rpm -q aide\n\n          aide-0.16-14.el8_5.1.x86_64\n\n        If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\n        If there is no application installed to perform integrity checks, this is a finding.\n\n        If AIDE is installed, check if it has been initialized with the following command:\n          $ sudo /usr/sbin/aide --check\n\n        If the output is \"Couldn't open file /var/lib/aide/aide.db.gz for reading\", this is a finding."},{"label":"fix","data":"Install AIDE, initialize it, and perform a manual check.\n\n        Install AIDE:\n          $ sudo yum install aide\n\n        Initialize it:\n          $ sudo /usr/sbin/aide --init\n\n        Example output:\n          Number of entries:      48623\n\n          ---------------------------------------------------\n          The attributes of the (uncompressed) database(s):\n          ---------------------------------------------------\n\n          /var/lib/aide/aide.db.new.gz\n            SHA1     : LTAVQ8tFJthsrf4m9gfRpnf1vyc=\n            SHA256   : NJ9+uzRQKSwmLQ8A6IpKNvYjVKGbhSjt\n              BeJBVcmOVrI=\n            SHA512   : 7d8I/F6A1b07E4ZuGeilZjefRgJJ/F20\n              eC2xoag1OsOVpctt3Mi7Jjjf3vFW4xoY\n              5mdS6/ImQpm0xtlTLOPeQQ==\n\n          End timestamp: 2022-10-20 10:50:52 -0700 (run time: 0m 46s)\n\n        The new database will need to be renamed to be read by AIDE:\n          $ sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz\n\n        Perform a manual check:\n          $ sudo /usr/sbin/aide --check\n\n        Example output:\n          Start timestamp: 2022-10-20 11:03:16 -0700 (AIDE 0.16)\n          AIDE found differences between database and filesystem!!\n          ...\n\n        Done."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55147r880728_chk","severity":"medium","gid":"V-251710","rid":"SV-251710r880730_rule","stig_id":"RHEL-08-010359","gtitle":"SRG-OS-000445-GPOS-00199","fix_id":"F-55101r880729_fix","documentable":null,"cci":["CCI-002696"],"nist":["SI-6 a"],"host":null},"code":"control 'SV-251710' do\n  title 'The RHEL 8 operating system must use a file integrity tool to verify correct operation of all security functions.'\n  desc 'Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed.\n        Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the\n        system security policy and supporting the isolation of code and data on which the protection is based. Security functionality\n        includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges),\n        setting events to be audited, and setting intrusion detection parameters.\n\n        This requirement applies to the RHEL 8 operating system performing security function verification/testing and/or systems and\n        environments that require this functionality.'\n  desc 'check', %q(Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all\n        security functions.\n\n        Check that the AIDE package is installed with the following command:\n          $ sudo rpm -q aide\n\n          aide-0.16-14.el8_5.1.x86_64\n\n        If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\n        If there is no application installed to perform integrity checks, this is a finding.\n\n        If AIDE is installed, check if it has been initialized with the following command:\n          $ sudo /usr/sbin/aide --check\n\n        If the output is \"Couldn't open file /var/lib/aide/aide.db.gz for reading\", this is a finding.)\n  desc 'fix', 'Install AIDE, initialize it, and perform a manual check.\n\n        Install AIDE:\n          $ sudo yum install aide\n\n        Initialize it:\n          $ sudo /usr/sbin/aide --init\n\n        Example output:\n          Number of entries:      48623\n\n          ---------------------------------------------------\n          The attributes of the (uncompressed) database(s):\n          ---------------------------------------------------\n\n          /var/lib/aide/aide.db.new.gz\n            SHA1     : LTAVQ8tFJthsrf4m9gfRpnf1vyc=\n            SHA256   : NJ9+uzRQKSwmLQ8A6IpKNvYjVKGbhSjt\n              BeJBVcmOVrI=\n            SHA512   : 7d8I/F6A1b07E4ZuGeilZjefRgJJ/F20\n              eC2xoag1OsOVpctt3Mi7Jjjf3vFW4xoY\n              5mdS6/ImQpm0xtlTLOPeQQ==\n\n          End timestamp: 2022-10-20 10:50:52 -0700 (run time: 0m 46s)\n\n        The new database will need to be renamed to be read by AIDE:\n          $ sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz\n\n        Perform a manual check:\n          $ sudo /usr/sbin/aide --check\n\n        Example output:\n          Start timestamp: 2022-10-20 11:03:16 -0700 (AIDE 0.16)\n          AIDE found differences between database and filesystem!!\n          ...\n\n        Done.'\n  impact 0.5\n  tag check_id: 'C-55147r880728_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251710'\n  tag rid: 'SV-251710r880730_rule'\n  tag stig_id: 'RHEL-08-010359'\n  tag gtitle: 'SRG-OS-000445-GPOS-00199'\n  tag fix_id: 'F-55101r880729_fix'\n  tag 'documentable'\n  tag cci: ['CCI-002696']\n  tag nist: ['SI-6 a']\n  tag 'host'\n\n  file_integrity_tool = input('file_integrity_tool')\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if file_integrity_tool == 'aide'\n    describe command('/usr/sbin/aide --check') do\n      its('stdout') { should_not include \"Couldn't open file\" }\n    end\n  end\n\n  describe package(file_integrity_tool) do\n    it { should be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251710.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Command: `/usr/sbin/aide --check` stdout is expected not to include \"Couldn't open file\"","run_time":0.089199,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"command","resource_params":"[\"/usr/sbin/aide --check\"]","resource_id":"Command: `/usr/sbin/aide --check`"},{"status":"failed","code_desc":"System Package aide is expected to be installed","run_time":0.00094,"start_time":"2024-01-09T19:41:07-05:00","message":"expected that `System Package aide` is installed","resource_class":"package","resource_params":"[\"aide\"]","resource_id":"aide"}]},{"id":"SV-251711","title":"RHEL 8 must specify the default \"include\" directory for the /etc/sudoers file.","desc":"The \"sudo\" command allows authorized users to run programs (including shells) as other users,\n        system users, and root. The \"/etc/sudoers\" file is used to configure authorized \"sudo\" users as\n        well as the programs they are allowed to run. Some configuration options in the \"/etc/sudoers\"\n        file allow configured users to run programs without re-authenticating. Use of these configuration\n        options makes it easier for one compromised account to be used to compromise other accounts.\n\n        It is possible to include other sudoers files from within the sudoers file currently being parsed\n        using the #include and #includedir directives. When sudo reaches this line it will suspend\n        processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the\n        end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are\n        included may themselves include other files. A hard limit of 128 nested include files is enforced\n        to prevent include file loops.","descriptions":[{"label":"default","data":"The \"sudo\" command allows authorized users to run programs (including shells) as other users,\n        system users, and root. The \"/etc/sudoers\" file is used to configure authorized \"sudo\" users as\n        well as the programs they are allowed to run. Some configuration options in the \"/etc/sudoers\"\n        file allow configured users to run programs without re-authenticating. Use of these configuration\n        options makes it easier for one compromised account to be used to compromise other accounts.\n\n        It is possible to include other sudoers files from within the sudoers file currently being parsed\n        using the #include and #includedir directives. When sudo reaches this line it will suspend\n        processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the\n        end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are\n        included may themselves include other files. A hard limit of 128 nested include files is enforced\n        to prevent include file loops."},{"label":"check","data":"Note: If the \"include\" and \"includedir\" directives are not present in the /etc/sudoers\n        file, this requirement is not applicable.\n\n        Verify the operating system specifies only the default \"include\" directory for the /etc/sudoers\n        file with the following command:\n\n        $ sudo grep include /etc/sudoers\n\n        #includedir /etc/sudoers.d\n\n        If the results are not \"/etc/sudoers.d\" or additional files or directories are specified, this is\n        a finding.\n\n        Verify the operating system does not have nested \"include\" files or directories within the\n        /etc/sudoers.d directory with the following command:\n\n        $ sudo grep -r include /etc/sudoers.d\n\n        If results are returned, this is a finding."},{"label":"fix","data":"Configure the /etc/sudoers file to only include the /etc/sudoers.d directory.\n\n        Edit the /etc/sudoers file with the following command:\n\n        $ sudo visudo\n\n        Add or modify the following line:\n        #includedir /etc/sudoers.d"}],"impact":0.0,"refs":[],"tags":{"check_id":"C-55148r833384_chk","severity":"medium","gid":"V-251711","rid":"SV-251711r833385_rule","stig_id":"RHEL-08-010379","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55102r809356_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container-conditional":null},"code":"control 'SV-251711' do\n  title 'RHEL 8 must specify the default \"include\" directory for the /etc/sudoers file.'\n  desc 'The \"sudo\" command allows authorized users to run programs (including shells) as other users,\n        system users, and root. The \"/etc/sudoers\" file is used to configure authorized \"sudo\" users as\n        well as the programs they are allowed to run. Some configuration options in the \"/etc/sudoers\"\n        file allow configured users to run programs without re-authenticating. Use of these configuration\n        options makes it easier for one compromised account to be used to compromise other accounts.\n\n        It is possible to include other sudoers files from within the sudoers file currently being parsed\n        using the #include and #includedir directives. When sudo reaches this line it will suspend\n        processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the\n        end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are\n        included may themselves include other files. A hard limit of 128 nested include files is enforced\n        to prevent include file loops.'\n  desc 'check', 'Note: If the \"include\" and \"includedir\" directives are not present in the /etc/sudoers\n        file, this requirement is not applicable.\n\n        Verify the operating system specifies only the default \"include\" directory for the /etc/sudoers\n        file with the following command:\n\n        $ sudo grep include /etc/sudoers\n\n        #includedir /etc/sudoers.d\n\n        If the results are not \"/etc/sudoers.d\" or additional files or directories are specified, this is\n        a finding.\n\n        Verify the operating system does not have nested \"include\" files or directories within the\n        /etc/sudoers.d directory with the following command:\n\n        $ sudo grep -r include /etc/sudoers.d\n\n        If results are returned, this is a finding.'\n  desc 'fix', 'Configure the /etc/sudoers file to only include the /etc/sudoers.d directory.\n\n        Edit the /etc/sudoers file with the following command:\n\n        $ sudo visudo\n\n        Add or modify the following line:\n        #includedir /etc/sudoers.d'\n  impact 0.5\n  tag check_id: 'C-55148r833384_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251711'\n  tag rid: 'SV-251711r833385_rule'\n  tag stig_id: 'RHEL-08-010379'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55102r809356_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    virtualization.system.eql?('docker') && !command('sudo').exist?\n  end\n\n  if command('grep include /etc/sudoers').stdout.empty?\n    impact 0.0\n    describe 'This requirement is not applicable as \"include\" and \"includedir\" directives are not present in the /etc/sudoers file' do\n      skip 'This requirement is not applicable as \"include\" and \"includedir\" directives are not present in the /etc/sudoers file'\n    end\n  else\n    describe 'Only the default \"include\" directory for /etc/sudoers file should be specified' do\n      subject { command('grep include /etc/sudoers').stdout.strip }\n      it { should match %r{#includedir\\s*/etc/sudoers.d\\s*$} }\n    end\n\n    describe 'Nested \"include\" files or directories within /etc/sudoers.d directory should not exist' do\n      subject { command('grep -r include /etc/sudoers.d').stdout }\n      it { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251711.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":1.1e-05,"start_time":"2024-01-09T19:41:07-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: Control not applicable within a container without sudo enabled","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-251712","title":"The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.","desc":"Without re-authentication, users may access resources or perform tasks for which they do not have authorization.\n\nWhen operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.","descriptions":[{"label":"default","data":"Without re-authentication, users may access resources or perform tasks for which they do not have authorization.\n\nWhen operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate."},{"label":"check","data":"Verify the operating system is not be configured to bypass password requirements for privilege escalation.\n\nCheck the configuration of the \"/etc/pam.d/sudo\" file with the following command:\n\n$ sudo grep pam_succeed_if /etc/pam.d/sudo\n\nIf any occurrences of \"pam_succeed_if\" is returned from the command, this is a finding."},{"label":"fix","data":"Configure the operating system to require users to supply a password for privilege escalation.\n\nCheck the configuration of the \"/etc/ pam.d/sudo\" file with the following command:\n$ sudo vi /etc/pam.d/sudo\n\nRemove any occurrences of \"pam_succeed_if\" in the file."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55149r809358_chk","severity":"medium","gid":"V-251712","rid":"SV-251712r854083_rule","stig_id":"RHEL-08-010385","gtitle":"SRG-OS-000373-GPOS-00156","fix_id":"F-55103r854082_fix","satisfies":["SRG-OS-000373-GPOS-00156","SRG-OS-000373-GPOS-00157","SRG-OS-000373-GPOS-00158"],"documentable":null,"cci":["CCI-002038"],"nist":["IA-11"],"host":null,"container-conditional":null},"code":"control 'SV-251712' do\n  title 'The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.'\n  desc 'Without re-authentication, users may access resources or perform tasks for which they do not have authorization.\n\nWhen operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.'\n  desc 'check', 'Verify the operating system is not be configured to bypass password requirements for privilege escalation.\n\nCheck the configuration of the \"/etc/pam.d/sudo\" file with the following command:\n\n$ sudo grep pam_succeed_if /etc/pam.d/sudo\n\nIf any occurrences of \"pam_succeed_if\" is returned from the command, this is a finding.'\n  desc 'fix', 'Configure the operating system to require users to supply a password for privilege escalation.\n\nCheck the configuration of the \"/etc/ pam.d/sudo\" file with the following command:\n$ sudo vi /etc/pam.d/sudo\n\nRemove any occurrences of \"pam_succeed_if\" in the file.'\n  impact 0.5\n  tag check_id: 'C-55149r809358_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251712'\n  tag rid: 'SV-251712r854083_rule'\n  tag stig_id: 'RHEL-08-010385'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag fix_id: 'F-55103r854082_fix'\n  tag satisfies: ['SRG-OS-000373-GPOS-00156', 'SRG-OS-000373-GPOS-00157', 'SRG-OS-000373-GPOS-00158']\n  tag 'documentable'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n  tag 'host', 'container-conditional'\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container without sudo enabled' do\n      skip 'Control not applicable within a container without sudo enabled'\n    end\n  else\n    describe parse_config_file('/etc/pam.d/sudo') do\n      its('content') { should_not match(/pam_succeed_if/) }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251712.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Parse Config File /etc/pam.d/sudo content is expected not to match /pam_succeed_if/","run_time":0.000169,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"parse_config_file","resource_params":"[\"/etc/pam.d/sudo\"]","resource_id":"/etc/pam.d/sudo"}]},{"id":"SV-251713","title":"RHEL 8 must ensure the password complexity module is enabled in the system-auth file.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth"},{"label":"check","data":"Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding."},{"label":"fix","data":"Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55150r902738_chk","severity":"medium","gid":"V-251713","rid":"SV-251713r902740_rule","stig_id":"RHEL-08-020101","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55104r902739_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-251713' do\n  title 'RHEL 8 must ensure the password complexity module is enabled in the system-auth file.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth'\n  desc 'check', 'Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so'\n  impact 0.5\n  tag check_id: 'C-55150r902738_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251713'\n  tag rid: 'SV-251713r902740_rule'\n  tag stig_id: 'RHEL-08-020101'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55104r902739_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  [pam_auth_files['password-auth'], pam_auth_files['system-auth']].each do |path|\n    describe pam(path) do\n      its('lines') { should match_pam_rule('.* .* pam_pwquality.so') }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251713.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PAM Config[/etc/pam.d/password-auth] lines is expected to include .* .* pam_pwquality.so","run_time":0.00058,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/password-auth\"]","resource_id":""},{"status":"passed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include .* .* pam_pwquality.so","run_time":0.000413,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-251714","title":"RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes."},{"label":"check","data":"Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding."},{"label":"fix","data":"Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3"}],"impact":0.0,"refs":[],"tags":{"check_id":"C-55151r902741_chk","severity":"medium","gid":"V-251714","rid":"SV-251714r902743_rule","stig_id":"RHEL-08-020102","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55105r902742_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-251714' do\n  title 'RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.'\n  desc 'check', 'Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding.'\n  desc 'fix', 'Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3'\n  impact 0.5\n  tag check_id: 'C-55151r902741_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251714'\n  tag rid: 'SV-251714r902743_rule'\n  tag stig_id: 'RHEL-08-020102'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55105r902742_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  only_if('This requirement only applies to RHEL 8 versions below 8.4', impact: 0.0) do\n    os.release.to_f < 8.4\n  end\n\n  describe pam_auth_files['system-auth'] do\n    its('lines') { should match_pam_rule('.* .* pam_pwquality.so').any_with_integer_arg('retry', '>=', input('min_retry')) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251714.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":5.0e-06,"start_time":"2024-01-09T19:41:07-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: This requirement only applies to RHEL 8 versions below 8.4","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-251715","title":"RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes."},{"label":"check","data":"Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding."},{"label":"fix","data":"Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3"}],"impact":0.0,"refs":[],"tags":{"check_id":"C-55152r902744_chk","severity":"medium","gid":"V-251715","rid":"SV-251715r902746_rule","stig_id":"RHEL-08-020103","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55106r902745_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-251715' do\n  title 'RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.'\n  desc 'check', 'Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding.'\n  desc 'fix', 'Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3'\n  impact 0.5\n  tag check_id: 'C-55152r902744_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251715'\n  tag rid: 'SV-251715r902746_rule'\n  tag stig_id: 'RHEL-08-020103'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55106r902745_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  only_if('This requirement only applies to RHEL 8 versions below 8.4', impact: 0.0) {\n    os.release.to_f < 8.4\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam_auth_files['password-auth'] do\n    its('lines') { should match_pam_rule('.* .* pam_pwquality.so').any_with_integer_arg('retry', '>=', input('min_retry')) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251715.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"No-op","run_time":4.0e-06,"start_time":"2024-01-09T19:41:07-05:00","resource":"No-op","skip_message":"Skipped control due to only_if condition: This requirement only applies to RHEL 8 versions below 8.4","resource_class":"noop","resource_params":"[]","resource_id":"No-op"}]},{"id":"SV-251716","title":"RHEL 8 systems, version 8.4 and above, must ensure the password complexity module is configured for three retries or less.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes."},{"label":"check","data":"Note: This requirement applies to RHEL versions 8.4 or newer. If the system is RHEL below version 8.4, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option with the following command:\n\n$ sudo grep -r retry /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:retry = 3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", is commented out or missing, this is a finding.\n\nIf conflicting results are returned, this is a finding.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth and password-auth files with the following command:\n\n$ sudo grep pwquality /etc/pam.d/system-auth /etc/pam.d/password-auth | grep retry\n\nIf the command returns any results, this is a finding."},{"label":"fix","data":"Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/security/pwquality.conf\" file(or modify the line to have the required value):\n\nretry = 3\n\nRemove any configurations that conflict with the above value."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55153r858735_chk","severity":"medium","gid":"V-251716","rid":"SV-251716r858737_rule","stig_id":"RHEL-08-020104","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55107r858736_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null,"container":null},"code":"control 'SV-251716' do\n  title 'RHEL 8 systems, version 8.4 and above, must ensure the password complexity module is configured for three retries or less.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.'\n  desc 'check', 'Note: This requirement applies to RHEL versions 8.4 or newer. If the system is RHEL below version 8.4, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option with the following command:\n\n$ sudo grep -r retry /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:retry = 3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", is commented out or missing, this is a finding.\n\nIf conflicting results are returned, this is a finding.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth and password-auth files with the following command:\n\n$ sudo grep pwquality /etc/pam.d/system-auth /etc/pam.d/password-auth | grep retry\n\nIf the command returns any results, this is a finding.'\n  desc 'fix', 'Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/security/pwquality.conf\" file(or modify the line to have the required value):\n\nretry = 3\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag check_id: 'C-55153r858735_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251716'\n  tag rid: 'SV-251716r858737_rule'\n  tag stig_id: 'RHEL-08-020104'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55107r858736_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  only_if('This requirement only applies to RHEL 8 versions above 8.4', impact: 0.0) {\n    os.release.to_f >= 8.4\n  }\n\n  describe 'System pwquality setting' do\n    subject { parse_config(command('grep -rh retry /etc/security/pwquality.conf*').stdout.strip) }\n    its('retry') { should cmp >= input('min_retry') }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251716.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"System pwquality setting retry is expected to cmp >= 3","run_time":0.210476,"start_time":"2024-01-09T19:41:07-05:00","message":"\nexpected it to be >= 3\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"retry"}]},{"id":"SV-251717","title":"RHEL 8 must be configured in the system-auth file to prohibit password reuse for a minimum of five generations.","desc":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\nRHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.","descriptions":[{"label":"default","data":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\nRHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program."},{"label":"check","data":"Verify the operating system is configured in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/system-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/system-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding."},{"label":"fix","data":"Configure the operating system in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/system-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55154r902747_chk","severity":"medium","gid":"V-251717","rid":"SV-251717r902749_rule","stig_id":"RHEL-08-020221","gtitle":"SRG-OS-000077-GPOS-00045","fix_id":"F-55108r902748_fix","documentable":null,"cci":["CCI-000200"],"nist":["IA-5 (1) (e)"],"host":null,"container":null},"code":"control 'SV-251717' do\n  title 'RHEL 8 must be configured in the system-auth file to prohibit password reuse for a minimum of five generations.'\n  desc 'Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\nRHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.'\n  desc 'check', 'Verify the operating system is configured in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/system-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/system-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding.'\n  desc 'fix', 'Configure the operating system in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/system-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3'\n  impact 0.5\n  tag check_id: 'C-55154r902747_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251717'\n  tag rid: 'SV-251717r902749_rule'\n  tag stig_id: 'RHEL-08-020221'\n  tag gtitle: 'SRG-OS-000077-GPOS-00045'\n  tag fix_id: 'F-55108r902748_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite|sufficient) pam_pwhistory.so').any_with_integer_arg('remember', '>=', input('min_reuse_generations')) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251717.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5","run_time":0.00156,"start_time":"2024-01-09T19:41:07-05:00","message":"expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5","resource_class":"pam","resource_params":"[\"/etc/pam.d/system-auth\"]","resource_id":""}]},{"id":"SV-251718","title":"The graphical display manager must not be the default target on RHEL 8 unless approved.","desc":"Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.","descriptions":[{"label":"default","data":"Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented."},{"label":"check","data":"Verify that the system is configured to boot to the command line:\n\n$ systemctl get-default\nmulti-user.target\n\nIf the system default target is not set to \"multi-user.target\" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding."},{"label":"fix","data":"Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo systemctl set-default multi-user.target\n\nA reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-55155r809376_chk","severity":"medium","gid":"V-251718","rid":"SV-251718r809378_rule","stig_id":"RHEL-08-040321","gtitle":"SRG-OS-000480-GPOS-00227","fix_id":"F-55109r809377_fix","documentable":null,"cci":["CCI-000366"],"nist":["CM-6 b"],"host":null},"code":"control 'SV-251718' do\n  title 'The graphical display manager must not be the default target on RHEL 8 unless approved.'\n  desc 'Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.'\n  desc 'check', 'Verify that the system is configured to boot to the command line:\n\n$ systemctl get-default\nmulti-user.target\n\nIf the system default target is not set to \"multi-user.target\" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.'\n  desc 'fix', 'Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo systemctl set-default multi-user.target\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag check_id: 'C-55155r809376_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251718'\n  tag rid: 'SV-251718r809378_rule'\n  tag stig_id: 'RHEL-08-040321'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55109r809377_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable inside the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('gui_required')\n    impact 0.0\n    describe 'skip' do\n      skip 'A GUI is indicated as a requirement for this system. This control is Not Applicable.'\n    end\n  else\n    get_default = command('systemctl get-default').stdout.strip\n\n    describe get_default do\n      it { should cmp 'multi-user.target' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251718.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"multi-user.target is expected to cmp == \"multi-user.target\"","run_time":0.00021,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"multi-user.target"}]},{"id":"SV-254520","title":"RHEL 8 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.","desc":"Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.\n\nPrivileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Nonprivileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from nonprivileged users.","descriptions":[{"label":"default","data":"Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.\n\nPrivileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Nonprivileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from nonprivileged users."},{"label":"check","data":"Verify the operating system prevents nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nObtain a list of authorized users (other than system administrator and guest accounts) for the system.\n\nCheck the list against the system by using the following command:\n\n     $ sudo semanage login -l | more\n\n     Login Name    SELinux User    MLS/MCS Range    Service\n\n     __default__   user_u                 s0-s0:c0.c1023        *\n     root                   unconfined_u  s0-s0:c0.c1023        *\n     system_u        system_u           s0-s0:c0.c1023        *\n     joe                     staff_u                s0-s0:c0.c1023        *\n\nAll administrators must be mapped to the \"sysadm_u\", \"staff_u\", or an appropriately tailored confined role as defined by the organization.\n\nAll authorized nonadministrative users must be mapped to the \"user_u\" role.\n\nIf they are not mapped in this way, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nUse the following command to map a new user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -a -s sysadm_u <username>\n\nUse the following command to map an existing user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -m -s sysadm_u <username>\n\nUse the following command to map a new user to the \"staff_u\" role:\n\n     $ sudo semanage login -a -s staff_u <username>\n\nUse the following command to map an existing user to the \"staff_u\" role:\n\n     $ sudo semanage login -m -s staff_u <username>\n\nUse the following command to map a new user to the \"user_u\" role:\n\n     $ sudo  semanage login -a -s user_u <username>\n\nUse the following command to map an existing user to the \"user_u\" role:\n\n     $ sudo semanage login -m -s user_u <username>\n\nNote: SELinux confined users mapped to sysadm_u are not allowed to log in to the system over SSH, by default. If this is a required function, it can be configured by setting the ssh_sysadm_login SELinux boolean to \"on\" with the following command:\n\n     $ sudo setsebool -P ssh_sysadm_login on\n\nThis must be documented with the information system security officer (ISSO) as an operational requirement."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-58004r928594_chk","severity":"medium","gid":"V-254520","rid":"SV-254520r928805_rule","stig_id":"RHEL-08-040400","gtitle":"SRG-OS-000324-GPOS-00125","fix_id":"F-57953r928805_fix","documentable":null,"cci":["CCI-002265"],"nist":["AC-16 b"],"host":null,"container":null},"code":"control 'SV-254520' do\n  title 'RHEL 8 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.'\n  desc 'Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.\n\nPrivileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Nonprivileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from nonprivileged users.'\n  desc 'check', 'Verify the operating system prevents nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nObtain a list of authorized users (other than system administrator and guest accounts) for the system.\n\nCheck the list against the system by using the following command:\n\n     $ sudo semanage login -l | more\n\n     Login Name    SELinux User    MLS/MCS Range    Service\n\n     __default__   user_u                 s0-s0:c0.c1023        *\n     root                   unconfined_u  s0-s0:c0.c1023        *\n     system_u        system_u           s0-s0:c0.c1023        *\n     joe                     staff_u                s0-s0:c0.c1023        *\n\nAll administrators must be mapped to the \"sysadm_u\", \"staff_u\", or an appropriately tailored confined role as defined by the organization.\n\nAll authorized nonadministrative users must be mapped to the \"user_u\" role.\n\nIf they are not mapped in this way, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nUse the following command to map a new user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -a -s sysadm_u <username>\n\nUse the following command to map an existing user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -m -s sysadm_u <username>\n\nUse the following command to map a new user to the \"staff_u\" role:\n\n     $ sudo semanage login -a -s staff_u <username>\n\nUse the following command to map an existing user to the \"staff_u\" role:\n\n     $ sudo semanage login -m -s staff_u <username>\n\nUse the following command to map a new user to the \"user_u\" role:\n\n     $ sudo  semanage login -a -s user_u <username>\n\nUse the following command to map an existing user to the \"user_u\" role:\n\n     $ sudo semanage login -m -s user_u <username>\n\nNote: SELinux confined users mapped to sysadm_u are not allowed to log in to the system over SSH, by default. If this is a required function, it can be configured by setting the ssh_sysadm_login SELinux boolean to \"on\" with the following command:\n\n     $ sudo setsebool -P ssh_sysadm_login on\n\nThis must be documented with the information system security officer (ISSO) as an operational requirement.'\n  impact 0.5\n  tag check_id: 'C-58004r928594_chk'\n  tag severity: 'medium'\n  tag gid: 'V-254520'\n  tag rid: 'SV-254520r928805_rule'\n  tag stig_id: 'RHEL-08-040400'\n  tag gtitle: 'SRG-OS-000324-GPOS-00125'\n  tag fix_id: 'F-57953r928805_fix'\n  tag 'documentable'\n  tag cci: ['CCI-002265']\n  tag nist: ['AC-16 b']\n  tag 'host', 'container'\n\n  se_login = command('semanage login -ln').stdout.lines.map(&:strip)\n  allowed_admin_selinux_roles = input('allowed_admin_selinux_roles')\n  allowed_non_admin_selinux_roles = input('allowed_non_admin_selinux_roles')\n\n  users = {}\n  se_login.each_with_object({}) do |line, users|\n    login_name, selinux_user = line.split[0..1]\n    users[login_name] = selinux_user\n  end\n\n  misconfigured_admins = users.select { |login_name, selinux_user|\n    input('administrator_users').include?(login_name) &&\n      !allowed_admin_selinux_roles.include?(selinux_user)\n  }\n\n  misconfigured_non_admins = users.select { |login_name, selinux_user|\n    !input('administrator_users').include?(login_name) &&\n      !allowed_non_admin_selinux_roles.include?(selinux_user)\n  }\n\n  describe 'All administrators' do\n    it \"must be mapped to the an appropriate role (allowed admin roles: #{allowed_admin_selinux_roles.join(', ')})\" do\n      expect(misconfigured_admins.keys).to be_empty, \"Misconfigured admins:\\n\\t- #{misconfigured_admins.keys.join(\"\\n\\t- \")}\"\n    end\n  end\n\n  describe 'All non-administrator users' do\n    it \"must be mapped to the an appropriate role (allowed non-admin user roles: #{allowed_non_admin_selinux_roles.join(', ')})\" do\n      expect(misconfigured_non_admins.keys).to be_empty, \"Misconfigured non-admin users:\\n\\t- #{misconfigured_non_admins.keys.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-254520.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"All administrators must be mapped to the an appropriate role (allowed admin roles: sysadm_u, staff_u)","run_time":0.008039,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All administrators"},{"status":"passed","code_desc":"All non-administrator users must be mapped to the an appropriate role (allowed non-admin user roles: user_u)","run_time":0.005033,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"Object","resource_params":"[]","resource_id":"All non-administrator users"}]},{"id":"SV-255924","title":"RHEL 8 SSH server must be configured to use only FIPS-validated key exchange algorithms.","desc":"Without cryptographic integrity protections provided by FIPS-validated cryptographic algorithms, information can be viewed and altered by unauthorized users without detection.\n\nRHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\nThe system will attempt to use the first algorithm presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest algorithm available to secure the SSH connection.","descriptions":[{"label":"default","data":"Without cryptographic integrity protections provided by FIPS-validated cryptographic algorithms, information can be viewed and altered by unauthorized users without detection.\n\nRHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\nThe system will attempt to use the first algorithm presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest algorithm available to secure the SSH connection."},{"label":"check","data":"Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:\n\n     $ sudo grep -i kexalgorithms /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512'\n\nIf the entries following \"KexAlgorithms\" have any algorithms defined other than \"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\", appear in different order than shown, or are missing or commented out, this is a finding."},{"label":"fix","data":"Configure the SSH server to use only FIPS-validated key exchange algorithms by adding or modifying the following line in \"/etc/crypto-policies/back-ends/opensshserver.config\":\n\n-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\n\nA reboot is required for the changes to take effect."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-59601r917887_chk","severity":"medium","gid":"V-255924","rid":"SV-255924r917888_rule","stig_id":"RHEL-08-040342","gtitle":"SRG-OS-000250-GPOS-00093","fix_id":"F-59544r880732_fix","documentable":null,"cci":["CCI-001453"],"nist":["AC-17 (2)"],"host":null,"container":null},"code":"control 'SV-255924' do\n  title 'RHEL 8 SSH server must be configured to use only FIPS-validated key exchange algorithms.'\n  desc 'Without cryptographic integrity protections provided by FIPS-validated cryptographic algorithms, information can be viewed and altered by unauthorized users without detection.\n\nRHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\nThe system will attempt to use the first algorithm presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest algorithm available to secure the SSH connection.'\n  desc 'check', %q(Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:\n\n     $ sudo grep -i kexalgorithms /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512'\n\nIf the entries following \"KexAlgorithms\" have any algorithms defined other than \"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\", appear in different order than shown, or are missing or commented out, this is a finding.)\n  desc 'fix', 'Configure the SSH server to use only FIPS-validated key exchange algorithms by adding or modifying the following line in \"/etc/crypto-policies/back-ends/opensshserver.config\":\n\n-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag check_id: 'C-59601r917887_chk'\n  tag severity: 'medium'\n  tag gid: 'V-255924'\n  tag rid: 'SV-255924r917888_rule'\n  tag stig_id: 'RHEL-08-040342'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag fix_id: 'F-59544r880732_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container'\n\n  describe parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config') do\n    its('CRYPTO_POLICY') { should include '-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512' }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-255924.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/crypto-policies/back-ends/opensshserver.config CRYPTO_POLICY is expected to include \"-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchan...ge-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\"","run_time":0.00036,"start_time":"2024-01-09T19:41:07-05:00","message":"expected \"'-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@ope...ha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa'\" to include \"-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchan...ge-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\"","resource_class":"parse_config_file","resource_params":"[\"/etc/crypto-policies/back-ends/opensshserver.config\"]","resource_id":"/etc/crypto-policies/back-ends/opensshserver.config"}]},{"id":"SV-256973","title":"RHEL 8 must ensure cryptographic verification of vendor software packages.","desc":"Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Red Hat cryptographically signs all software packages, which includes updates, with a GPG key to verify that they are valid.","descriptions":[{"label":"default","data":"Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Red Hat cryptographically signs all software packages, which includes updates, with a GPG key to verify that they are valid."},{"label":"check","data":"Confirm Red Hat package-signing keys are installed on the system and verify their fingerprints match vendor values.\n\nNote: For RHEL 8 software packages, Red Hat uses GPG keys labeled \"release key 2\" and \"auxiliary key 2\". The keys are defined in key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" by default.\n\nList Red Hat GPG keys installed on the system:\n\n     $ sudo rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"\n\n     gpg(Red Hat, Inc. (release key 2) <security@redhat.com>)\n     gpg(Red Hat, Inc. (auxiliary key) <security@redhat.com>)\n\nIf Red Hat GPG keys \"release key 2\" and \"auxiliary key 2\" are not installed, this is a finding.\n\nNote: The \"auxiliary key 2\" appears as \"auxiliary key\" on a RHEL 8 system.\n\nList key fingerprints of installed Red Hat GPG keys:\n\n     $ sudo gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nIf key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" is missing, this is a finding.\n\nExample output:\n\n     pub   rsa4096/FD431D51 2009-10-22 [SC]\n           Key fingerprint = 567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51\n     uid                   Red Hat, Inc. (release key 2) <security@redhat.com>\n     pub   rsa4096/D4082792 2018-06-27 [SC]\n           Key fingerprint = 6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792\n     uid                   Red Hat, Inc. (auxiliary key) <security@redhat.com>\n     sub   rsa4096/1B5584D3 2018-06-27 [E]\n\nCompare key fingerprints of installed Red Hat GPG keys with fingerprints listed for RHEL 8 on Red Hat \"Product Signing Keys\" webpage at https://access.redhat.com/security/team/key.\n\nIf key fingerprints do not match, this is a finding."},{"label":"fix","data":"Install Red Hat package-signing keys on the system and verify their fingerprints match vendor values.\n\nInsert RHEL 8 installation disc or attach RHEL 8 installation image to the system. Mount the disc or image to make the contents accessible inside the system.\n\nAssuming the mounted location is \"/media/cdrom\", use the following command to copy Red Hat GPG key file onto the system:\n\n     $ sudo cp /media/cdrom/RPM-GPG-KEY-redhat-release /etc/pki/rpm-gpg/\n\nImport Red Hat GPG keys from key file into system keyring:\n\n     $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nUsing the steps listed in the Check Text, confirm the newly imported keys show as installed on the system and verify their fingerprints match vendor values."}],"impact":0.5,"refs":[],"tags":{"check_id":"C-60651r902750_chk","severity":"medium","gid":"V-256973","rid":"SV-256973r902752_rule","stig_id":"RHEL-08-010019","gtitle":"SRG-OS-000366-GPOS-00153","fix_id":"F-60593r902751_fix","documentable":null,"cci":["CCI-001749"],"nist":["CM-5 (3)"],"host":null,"container":null},"code":"control 'SV-256973' do\n  title 'RHEL 8 must ensure cryptographic verification of vendor software packages.'\n  desc 'Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Red Hat cryptographically signs all software packages, which includes updates, with a GPG key to verify that they are valid.'\n  desc 'check', 'Confirm Red Hat package-signing keys are installed on the system and verify their fingerprints match vendor values.\n\nNote: For RHEL 8 software packages, Red Hat uses GPG keys labeled \"release key 2\" and \"auxiliary key 2\". The keys are defined in key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" by default.\n\nList Red Hat GPG keys installed on the system:\n\n     $ sudo rpm -q --queryformat \"%{SUMMARY}\\\\n\" gpg-pubkey | grep -i \"red hat\"\n\n     gpg(Red Hat, Inc. (release key 2) <security@redhat.com>)\n     gpg(Red Hat, Inc. (auxiliary key) <security@redhat.com>)\n\nIf Red Hat GPG keys \"release key 2\" and \"auxiliary key 2\" are not installed, this is a finding.\n\nNote: The \"auxiliary key 2\" appears as \"auxiliary key\" on a RHEL 8 system.\n\nList key fingerprints of installed Red Hat GPG keys:\n\n     $ sudo gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nIf key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" is missing, this is a finding.\n\nExample output:\n\n     pub   rsa4096/FD431D51 2009-10-22 [SC]\n           Key fingerprint = 567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51\n     uid                   Red Hat, Inc. (release key 2) <security@redhat.com>\n     pub   rsa4096/D4082792 2018-06-27 [SC]\n           Key fingerprint = 6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792\n     uid                   Red Hat, Inc. (auxiliary key) <security@redhat.com>\n     sub   rsa4096/1B5584D3 2018-06-27 [E]\n\nCompare key fingerprints of installed Red Hat GPG keys with fingerprints listed for RHEL 8 on Red Hat \"Product Signing Keys\" webpage at https://access.redhat.com/security/team/key.\n\nIf key fingerprints do not match, this is a finding.'\n  desc 'fix', 'Install Red Hat package-signing keys on the system and verify their fingerprints match vendor values.\n\nInsert RHEL 8 installation disc or attach RHEL 8 installation image to the system. Mount the disc or image to make the contents accessible inside the system.\n\nAssuming the mounted location is \"/media/cdrom\", use the following command to copy Red Hat GPG key file onto the system:\n\n     $ sudo cp /media/cdrom/RPM-GPG-KEY-redhat-release /etc/pki/rpm-gpg/\n\nImport Red Hat GPG keys from key file into system keyring:\n\n     $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nUsing the steps listed in the Check Text, confirm the newly imported keys show as installed on the system and verify their fingerprints match vendor values.'\n  impact 0.5\n  tag check_id: 'C-60651r902750_chk'\n  tag severity: 'medium'\n  tag gid: 'V-256973'\n  tag rid: 'SV-256973r902752_rule'\n  tag stig_id: 'RHEL-08-010019'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag fix_id: 'F-60593r902751_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n  tag 'host', 'container'\n\n  rpm_gpg_file = input('rpm_gpg_file')\n  rpm_gpg_keys = input('rpm_gpg_keys')\n\n  describe file(rpm_gpg_file) do\n    it { should exist }\n  end\n  rpm_gpg_keys.each do |k, v|\n    describe command('rpm -q --queryformat \"%{SUMMARY}\\\\n\" gpg-pubkey | grep -i \"red hat\"') do\n      its('stdout') { should include k.to_s }\n    end\n    next unless file(rpm_gpg_file).exist?\n\n    describe command(\"gpg -q --keyid-format short --with-fingerprint #{rpm_gpg_file}\") do\n      its('stdout') { should include v }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-256973.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"File /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release is expected to exist","run_time":0.000112,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"file","resource_params":"[\"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\"]","resource_id":"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"},{"status":"passed","code_desc":"Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"` stdout is expected to include \"release key 2\"","run_time":0.117746,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"command","resource_params":"[\"rpm -q --queryformat \\\"%{SUMMARY}\\\\n\\\" gpg-pubkey | grep -i \\\"red hat\\\"\"]","resource_id":"Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"`"},{"status":"passed","code_desc":"Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release` stdout is expected to include \"567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51\"","run_time":0.173143,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"command","resource_params":"[\"gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\"]","resource_id":"Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release`"},{"status":"passed","code_desc":"Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"` stdout is expected to include \"auxiliary key\"","run_time":0.000473,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"command","resource_params":"[\"rpm -q --queryformat \\\"%{SUMMARY}\\\\n\\\" gpg-pubkey | grep -i \\\"red hat\\\"\"]","resource_id":"Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"`"},{"status":"passed","code_desc":"Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release` stdout is expected to include \"6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792\"","run_time":0.000202,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"command","resource_params":"[\"gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\"]","resource_id":"Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release`"}]},{"id":"SV-256974","title":"RHEL 8 must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.","desc":"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.","descriptions":[{"label":"default","data":"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item."},{"label":"check","data":"Verify that the operating system is configured to allow sending email notifications.\n\nNote: The \"mailx\" package provides the \"mail\" command that is used to send email messages.\n\nVerify that the \"mailx\" package is installed on the system:\n\n     $ sudo yum list installed mailx\n\n     mailx.x86_64     12.5-29.el8     @rhel-8-for-x86_64-baseos-rpm\n\nIf \"mailx\" package is not installed, this is a finding."},{"label":"fix","data":"Install the \"mailx\" package on the system:\n\n     $ sudo yum install mailx"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-60652r902753_chk","severity":"medium","gid":"V-256974","rid":"SV-256974r902755_rule","stig_id":"RHEL-08-010358","gtitle":"SRG-OS-000363-GPOS-00150","fix_id":"F-60594r902754_fix","documentable":null,"cci":["CCI-001744"],"nist":["CM-3 (5)"],"host":null,"container":null},"code":"control 'SV-256974' do\n  title 'RHEL 8 must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.'\n  desc \"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\"\n  desc 'check', 'Verify that the operating system is configured to allow sending email notifications.\n\nNote: The \"mailx\" package provides the \"mail\" command that is used to send email messages.\n\nVerify that the \"mailx\" package is installed on the system:\n\n     $ sudo yum list installed mailx\n\n     mailx.x86_64     12.5-29.el8     @rhel-8-for-x86_64-baseos-rpm\n\nIf \"mailx\" package is not installed, this is a finding.'\n  desc 'fix', 'Install the \"mailx\" package on the system:\n\n     $ sudo yum install mailx'\n  impact 0.5\n  tag check_id: 'C-60652r902753_chk'\n  tag severity: 'medium'\n  tag gid: 'V-256974'\n  tag rid: 'SV-256974r902755_rule'\n  tag stig_id: 'RHEL-08-010358'\n  tag gtitle: 'SRG-OS-000363-GPOS-00150'\n  tag fix_id: 'F-60594r902754_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001744']\n  tag nist: ['CM-3 (5)']\n  tag 'host', 'container'\n\n  mail_package = input('mail_package')\n\n  describe package(mail_package) do\n    it { should be_installed }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-256974.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"System Package mailx is expected to be installed","run_time":0.217642,"start_time":"2024-01-09T19:41:07-05:00","resource_class":"package","resource_params":"[\"mailx\"]","resource_id":"mailx"}]},{"id":"SV-257258","title":"RHEL 8 must terminate idle user sessions.","desc":"Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.","descriptions":[{"label":"default","data":"Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended."},{"label":"check","data":"Verify that RHEL 8 logs out sessions that are idle for 15 minutes with the following command:\n\n     $ sudo grep -i ^StopIdleSessionSec /etc/systemd/logind.conf\n\n     StopIdleSessionSec=900\n\nIf \"StopIdleSessionSec\" is not configured to \"900\" seconds, this is a finding."},{"label":"fix","data":"Configure RHEL 8 to log out idle sessions by editing the /etc/systemd/logind.conf file with the following line:\n\n     StopIdleSessionSec=900\n\nThe \"logind\" service must be restarted for the changes to take effect. To restart the \"logind\" service, run the following command:\n\n     $ sudo systemctl restart systemd-logind"}],"impact":0.5,"refs":[],"tags":{"check_id":"C-60942r917889_chk","severity":"medium","gid":"V-257258","rid":"SV-257258r917891_rule","stig_id":"RHEL-08-020035","gtitle":"SRG-OS-000163-GPOS-00072","fix_id":"F-60884r917890_fix","documentable":null,"cci":["CCI-001133"],"nist":["SC-10"],"container":null,"host":null},"code":"control 'SV-257258' do\n  title 'RHEL 8 must terminate idle user sessions.'\n  desc 'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.'\n  desc 'check', 'Verify that RHEL 8 logs out sessions that are idle for 15 minutes with the following command:\n\n     $ sudo grep -i ^StopIdleSessionSec /etc/systemd/logind.conf\n\n     StopIdleSessionSec=900\n\nIf \"StopIdleSessionSec\" is not configured to \"900\" seconds, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to log out idle sessions by editing the /etc/systemd/logind.conf file with the following line:\n\n     StopIdleSessionSec=900\n\nThe \"logind\" service must be restarted for the changes to take effect. To restart the \"logind\" service, run the following command:\n\n     $ sudo systemctl restart systemd-logind'\n  impact 0.5\n  tag check_id: 'C-60942r917889_chk'\n  tag severity: 'medium'\n  tag gid: 'V-257258'\n  tag rid: 'SV-257258r917891_rule'\n  tag stig_id: 'RHEL-08-020035'\n  tag gtitle: 'SRG-OS-000163-GPOS-00072'\n  tag fix_id: 'F-60884r917890_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n  tag 'container', 'host'\n\n  stop_idle_session_sec = input('stop_idle_session_sec')\n\n  describe parse_config_file('/etc/systemd/logind.conf') do\n    its('Login') { should include('StopIdleSessionSec' => stop_idle_session_sec.to_s) }\n  end\nend\n","source_location":{"line":1,"ref":"/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-257258.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Parse Config File /etc/systemd/logind.conf Login is expected to include {\"StopIdleSessionSec\" => \"900\"}","run_time":0.000975,"start_time":"2024-01-09T19:41:07-05:00","message":"expected {} to include {\"StopIdleSessionSec\" => \"900\"}","resource_class":"parse_config_file","resource_params":"[\"/etc/systemd/logind.conf\"]","resource_id":"/etc/systemd/logind.conf"}]}],"status":"loaded","status_message":""}],"statistics":{"duration":29.632618},"version":"6.6.0"}
\ No newline at end of file
+{
+  "platform": {
+    "name": "redhat",
+    "release": "8.9",
+    "target_id": "7cc1d93b-bfd7-5824-a240-129577555e24"
+  },
+  "profiles": [
+    {
+      "name": "redhat-enterprise-linux-8-stig-baseline",
+      "version": "1.12.0",
+      "sha256": "7f77220de1c9d7f701dc4fbb3d0a9b2c0389c216e8d53585eec0031ecf6ed36e",
+      "title": "redhat-enterprise-linux-8-stig-baseline",
+      "maintainer": "MITRE SAF Team",
+      "summary": "This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.",
+      "license": "Apache-2.0",
+      "copyright": "MITRE",
+      "supports": [],
+      "attributes": [
+        {
+          "name": "sudoers_config_files",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/etc/sudoers",
+              "/etc/sudoers.d/*"
+            ]
+          }
+        },
+        {
+          "name": "sshd_config_values",
+          "options": {
+            "type": "Hash",
+            "value": {
+              "GSSAPIAuthentication": "no",
+              "ClientAliveInterval": "600"
+            }
+          }
+        },
+        {
+          "name": "alert_method",
+          "options": {
+            "type": "String",
+            "value": "email"
+          }
+        },
+        {
+          "name": "peripherals_package",
+          "options": {
+            "type": "String",
+            "value": "usbguard"
+          }
+        },
+        {
+          "name": "peripherals_service",
+          "options": {
+            "type": "String",
+            "value": "usbguard"
+          }
+        },
+        {
+          "name": "allow_container_openssh_server",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "maxclassrepeat",
+          "options": {
+            "type": "Numeric",
+            "value": 4
+          }
+        },
+        {
+          "name": "maxrepeat",
+          "options": {
+            "type": "Numeric",
+            "value": 3
+          }
+        },
+        {
+          "name": "minclass",
+          "options": {
+            "type": "Numeric",
+            "value": 4
+          }
+        },
+        {
+          "name": "difok",
+          "options": {
+            "type": "Numeric",
+            "value": 8
+          }
+        },
+        {
+          "name": "pass_min_days",
+          "options": {
+            "type": "Numeric",
+            "value": 1
+          }
+        },
+        {
+          "name": "pass_max_days",
+          "options": {
+            "type": "Numeric",
+            "value": 60
+          }
+        },
+        {
+          "name": "seperate_filesystem_exempt",
+          "options": {
+            "type": "Boolean",
+            "value": "Input 'seperate_filesystem_exempt' does not have a value. Skipping test."
+          }
+        },
+        {
+          "name": "disable_slow_controls",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "disconnected_system",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "use_fips",
+          "options": {
+            "type": "Boolean",
+            "value": true
+          }
+        },
+        {
+          "name": "data_at_rest_exempt",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "container_host",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "min_reuse_generations",
+          "options": {
+            "type": "Numeric",
+            "value": 5
+          }
+        },
+        {
+          "name": "min_retry",
+          "options": {
+            "type": "Numeric",
+            "value": 3
+          }
+        },
+        {
+          "name": "pass_min_len",
+          "options": {
+            "type": "Numeric",
+            "value": 15
+          }
+        },
+        {
+          "name": "faillock_tally",
+          "options": {
+            "type": "String",
+            "value": "faillog_t"
+          }
+        },
+        {
+          "name": "network_router",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "sysctl_conf_files",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/etc/sysctl.d/*.conf",
+              "/run/sysctl.d/*.conf",
+              "/usr/local/lib/sysctl.d/*.conf",
+              "/usr/lib/sysctl.d/*.conf",
+              "/lib/sysctl.d/*.conf",
+              "/etc/sysctl.conf"
+            ]
+          }
+        },
+        {
+          "name": "grub_uefi_main_cfg",
+          "options": {
+            "type": "String",
+            "value": "/boot/efi/EFI/redhat/grub.cfg"
+          }
+        },
+        {
+          "name": "grub_uefi_user_boot_files",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/boot/efi/EFI/redhat/user.cfg"
+            ]
+          }
+        },
+        {
+          "name": "exempt_home_users",
+          "options": {
+            "type": "Array",
+            "value": [
+              "root",
+              "vagrant",
+              "ec2-user"
+            ]
+          }
+        },
+        {
+          "name": "non_interactive_shells",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/sbin/nologin",
+              "/sbin/halt",
+              "/sbin/shutdown",
+              "/bin/false",
+              "/bin/sync",
+              "/bin/true"
+            ]
+          }
+        },
+        {
+          "name": "user_accounts",
+          "options": {
+            "type": "Array",
+            "value": [
+              "vagrant"
+            ]
+          }
+        },
+        {
+          "name": "grub_main_cfg",
+          "options": {
+            "type": "String",
+            "value": "/boot/grub2/grub.cfg"
+          }
+        },
+        {
+          "name": "grub_user_boot_files",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/boot/grub2/user.cfg"
+            ]
+          }
+        },
+        {
+          "name": "ipv4_enabled",
+          "options": {
+            "type": "Boolean",
+            "value": true
+          }
+        },
+        {
+          "name": "unsuccessful_attempts",
+          "options": {
+            "type": "Numeric",
+            "value": 3
+          }
+        },
+        {
+          "name": "central_account_management",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "ipv6_enabled",
+          "options": {
+            "type": "Boolean",
+            "value": true
+          }
+        },
+        {
+          "name": "camera_installed",
+          "options": {
+            "type": "Boolean",
+            "value": true
+          }
+        },
+        {
+          "name": "bluetooth_installed",
+          "options": {
+            "type": "Boolean",
+            "value": true
+          }
+        },
+        {
+          "name": "known_system_accounts",
+          "options": {
+            "type": "Array",
+            "value": [
+              "adm",
+              "bin",
+              "chrony",
+              "daemon",
+              "dbus",
+              "halt",
+              "lp",
+              "mail",
+              "nobody",
+              "ntp",
+              "operator",
+              "polkitd",
+              "postfix",
+              "root",
+              "shutdown",
+              "sshd",
+              "sssd",
+              "sync",
+              "systemd-bus-proxy",
+              "systemd-network"
+            ]
+          }
+        },
+        {
+          "name": "smart_card_enabled",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "file_integrity_tool",
+          "options": {
+            "type": "String",
+            "value": "aide"
+          }
+        },
+        {
+          "name": "authoritative_timeserver",
+          "options": {
+            "type": "String",
+            "value": "0.us.pool.ntp.mil"
+          }
+        },
+        {
+          "name": "non_removable_media_fs",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/",
+              "/tmp",
+              "none",
+              "/home"
+            ]
+          }
+        },
+        {
+          "name": "private_key_files",
+          "options": {
+            "type": "Array",
+            "value": []
+          }
+        },
+        {
+          "name": "openssh_server_required_algorithms",
+          "options": {
+            "type": "Array",
+            "value": [
+              "hmac-sha2-512",
+              "hmac-sha2-256",
+              "hmac-sha2-512-etm@openssh.com",
+              "hmac-sha2-256-etm@openssh.com"
+            ]
+          }
+        },
+        {
+          "name": "root_ca_file",
+          "options": {
+            "type": "String",
+            "value": "/etc/sssd/pki/sssd_auth_ca_db.pem"
+          }
+        },
+        {
+          "name": "system_inactivity_timeout",
+          "options": {
+            "type": "Numeric",
+            "value": 900
+          }
+        },
+        {
+          "name": "max_retry",
+          "options": {
+            "type": "Numeric",
+            "value": 3
+          }
+        },
+        {
+          "name": "days_of_inactivity",
+          "options": {
+            "type": "Numeric",
+            "value": 35
+          }
+        },
+        {
+          "name": "temporary_accounts",
+          "options": {
+            "type": "Array",
+            "value": []
+          }
+        },
+        {
+          "name": "banner_message_text_cli",
+          "options": {
+            "type": "String",
+            "value": "You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
+          }
+        },
+        {
+          "name": "banner_message_text_ral",
+          "options": {
+            "type": "String",
+            "value": "You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
+          }
+        },
+        {
+          "name": "banner_message_text_gui",
+          "options": {
+            "type": "String",
+            "value": "You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
+          }
+        },
+        {
+          "name": "maxlogins_limit",
+          "options": {
+            "type": "Numeric",
+            "value": 10
+          }
+        },
+        {
+          "name": "fail_interval",
+          "options": {
+            "type": "Numeric",
+            "value": 900
+          }
+        },
+        {
+          "name": "lockout_time",
+          "options": {
+            "type": "Numeric",
+            "value": 604800
+          }
+        },
+        {
+          "name": "log_directory",
+          "options": {
+            "type": "String",
+            "value": "/var/log/faillock"
+          }
+        },
+        {
+          "name": "sshd_client_alive_count_max",
+          "options": {
+            "type": "Numeric",
+            "value": 1
+          }
+        },
+        {
+          "name": "linux_threat_prevention_package",
+          "options": {
+            "type": "String",
+            "value": "mcafeetp"
+          }
+        },
+        {
+          "name": "linux_threat_prevention_service",
+          "options": {
+            "type": "String",
+            "value": "mfetpd"
+          }
+        },
+        {
+          "name": "remove_xorg_x11_server_packages",
+          "options": {
+            "type": "Array",
+            "value": [
+              "xorg-x11-server-common",
+              "xorg-x11-server-Xorg",
+              "xorg-x11-server-utils",
+              "xorg-x11-server-Xwayland"
+            ]
+          }
+        },
+        {
+          "name": "gui_required",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "disk_error_action",
+          "options": {
+            "type": "Array",
+            "value": [
+              "SYSLOG",
+              "SINGLE",
+              "HALT"
+            ]
+          }
+        },
+        {
+          "name": "disk_full_action",
+          "options": {
+            "type": "Array",
+            "value": [
+              "SYSLOG",
+              "SINGLE",
+              "HALT"
+            ]
+          }
+        },
+        {
+          "name": "permit_root_login",
+          "options": {
+            "type": "String",
+            "value": "no"
+          }
+        },
+        {
+          "name": "permissions_for_shells",
+          "options": {
+            "type": "Hash",
+            "value": {
+              "default_umask": "077",
+              "bashrc_umask": "077",
+              "cshrc_umask": "077"
+            }
+          }
+        },
+        {
+          "name": "permissions_for_libs",
+          "options": {
+            "type": "String",
+            "value": "0755"
+          }
+        },
+        {
+          "name": "system_libraries",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/lib",
+              "/lib64",
+              "/usr/lib",
+              "/usr/lib64"
+            ]
+          }
+        },
+        {
+          "name": "system_command_dirs",
+          "options": {
+            "type": "Array",
+            "value": [
+              "/bin",
+              "/sbin",
+              "/usr/bin",
+              "/usr/sbin",
+              "/usr/local/bin",
+              "/usr/local/sbin"
+            ]
+          }
+        },
+        {
+          "name": "required_system_accounts",
+          "options": {
+            "type": "Array",
+            "value": [
+              "root"
+            ]
+          }
+        },
+        {
+          "name": "var_log_messages_group",
+          "options": {
+            "type": "Array",
+            "value": [
+              "root"
+            ]
+          }
+        },
+        {
+          "name": "sssd_certificate_verification",
+          "options": {
+            "type": "String",
+            "value": "ocsp_dgst=sha1"
+          }
+        },
+        {
+          "name": "sssd_conf_path",
+          "options": {
+            "type": "String",
+            "value": "/etc/sssd/sssd.conf"
+          }
+        },
+        {
+          "name": "var_log_audit_group",
+          "options": {
+            "type": "Array",
+            "value": [
+              "root"
+            ]
+          }
+        },
+        {
+          "name": "use_fapolicyd",
+          "options": {
+            "type": "Boolean",
+            "value": true
+          }
+        },
+        {
+          "name": "audit_passwd_key",
+          "options": {
+            "type": "String",
+            "value": "identity"
+          }
+        },
+        {
+          "name": "audit_group_key",
+          "options": {
+            "type": "String",
+            "value": "identity"
+          }
+        },
+        {
+          "name": "pam_auth_files",
+          "options": {
+            "type": "Hash",
+            "value": {
+              "system-auth": "/etc/pam.d/system-auth",
+              "password-auth": "/etc/pam.d/password-auth",
+              "smartcard-auth": "/etc/pam.d/smartcard-auth"
+            }
+          }
+        },
+        {
+          "name": "security_faillock_conf",
+          "options": {
+            "type": "String",
+            "value": "/etc/security/faillock.conf"
+          }
+        },
+        {
+          "name": "external_firewall",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "firewalld_properties",
+          "options": {
+            "type": "Hash",
+            "value": {
+              "default_zone": "public",
+              "ports": [],
+              "protocols": [],
+              "services": [
+                "cockpit",
+                "dhcpv6-client",
+                "ssh"
+              ]
+            }
+          }
+        },
+        {
+          "name": "skip_mount_tmp",
+          "options": {
+            "type": "Hash",
+            "value": {
+              "nodev": true,
+              "nosuid": true,
+              "noexec": true
+            }
+          }
+        },
+        {
+          "name": "skip_password_privilege_escalation",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "skip_endpoint_security_tool",
+          "options": {
+            "type": "Boolean",
+            "value": false
+          }
+        },
+        {
+          "name": "non_default_tally_dir",
+          "options": {
+            "type": "String",
+            "value": "/var/log/faillock"
+          }
+        },
+        {
+          "name": "users_allowed_blank_passwords",
+          "options": {
+            "type": "Array",
+            "value": []
+          }
+        },
+        {
+          "name": "mail_package",
+          "options": {
+            "type": "String",
+            "value": "mailx"
+          }
+        },
+        {
+          "name": "rpm_gpg_file",
+          "options": {
+            "type": "String",
+            "value": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
+          }
+        },
+        {
+          "name": "rpm_gpg_keys",
+          "options": {
+            "type": "Hash",
+            "value": {
+              "release key 2": "567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51",
+              "auxiliary key": "6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792"
+            }
+          }
+        },
+        {
+          "name": "administrator_users",
+          "options": {
+            "type": "Array",
+            "value": [
+              "root"
+            ]
+          }
+        },
+        {
+          "name": "allowed_admin_selinux_roles",
+          "options": {
+            "type": "Array",
+            "value": [
+              "sysadm_u",
+              "staff_u"
+            ]
+          }
+        },
+        {
+          "name": "allowed_non_admin_selinux_roles",
+          "options": {
+            "type": "Array",
+            "value": [
+              "user_u"
+            ]
+          }
+        },
+        {
+          "name": "stop_idle_session_sec",
+          "options": {
+            "type": "Numeric",
+            "value": 900
+          }
+        },
+        {
+          "name": "sha_crypt_min_rounds",
+          "options": {
+            "type": "Numeric",
+            "value": 5000
+          }
+        },
+        {
+          "name": "sha_crypt_max_rounds",
+          "options": {
+            "type": "Numeric",
+            "value": 5000
+          }
+        },
+        {
+          "name": "unapproved_ssl_tls_versions",
+          "options": {
+            "value": "Input 'unapproved_ssl_tls_versions' does not have a value. Skipping test."
+          }
+        }
+      ],
+      "groups": [
+        {
+          "id": "controls/SV-230221.rb",
+          "controls": [
+            "SV-230221"
+          ]
+        },
+        {
+          "id": "controls/SV-230222.rb",
+          "controls": [
+            "SV-230222"
+          ]
+        },
+        {
+          "id": "controls/SV-230223.rb",
+          "controls": [
+            "SV-230223"
+          ]
+        },
+        {
+          "id": "controls/SV-230224.rb",
+          "controls": [
+            "SV-230224"
+          ]
+        },
+        {
+          "id": "controls/SV-230225.rb",
+          "controls": [
+            "SV-230225"
+          ]
+        },
+        {
+          "id": "controls/SV-230226.rb",
+          "controls": [
+            "SV-230226"
+          ]
+        },
+        {
+          "id": "controls/SV-230227.rb",
+          "controls": [
+            "SV-230227"
+          ]
+        },
+        {
+          "id": "controls/SV-230228.rb",
+          "controls": [
+            "SV-230228"
+          ]
+        },
+        {
+          "id": "controls/SV-230229.rb",
+          "controls": [
+            "SV-230229"
+          ]
+        },
+        {
+          "id": "controls/SV-230230.rb",
+          "controls": [
+            "SV-230230"
+          ]
+        },
+        {
+          "id": "controls/SV-230231.rb",
+          "controls": [
+            "SV-230231"
+          ]
+        },
+        {
+          "id": "controls/SV-230232.rb",
+          "controls": [
+            "SV-230232"
+          ]
+        },
+        {
+          "id": "controls/SV-230233.rb",
+          "controls": [
+            "SV-230233"
+          ]
+        },
+        {
+          "id": "controls/SV-230234.rb",
+          "controls": [
+            "SV-230234"
+          ]
+        },
+        {
+          "id": "controls/SV-230235.rb",
+          "controls": [
+            "SV-230235"
+          ]
+        },
+        {
+          "id": "controls/SV-230236.rb",
+          "controls": [
+            "SV-230236"
+          ]
+        },
+        {
+          "id": "controls/SV-230237.rb",
+          "controls": [
+            "SV-230237"
+          ]
+        },
+        {
+          "id": "controls/SV-230238.rb",
+          "controls": [
+            "SV-230238"
+          ]
+        },
+        {
+          "id": "controls/SV-230239.rb",
+          "controls": [
+            "SV-230239"
+          ]
+        },
+        {
+          "id": "controls/SV-230240.rb",
+          "controls": [
+            "SV-230240"
+          ]
+        },
+        {
+          "id": "controls/SV-230241.rb",
+          "controls": [
+            "SV-230241"
+          ]
+        },
+        {
+          "id": "controls/SV-230243.rb",
+          "controls": [
+            "SV-230243"
+          ]
+        },
+        {
+          "id": "controls/SV-230244.rb",
+          "controls": [
+            "SV-230244"
+          ]
+        },
+        {
+          "id": "controls/SV-230245.rb",
+          "controls": [
+            "SV-230245"
+          ]
+        },
+        {
+          "id": "controls/SV-230246.rb",
+          "controls": [
+            "SV-230246"
+          ]
+        },
+        {
+          "id": "controls/SV-230247.rb",
+          "controls": [
+            "SV-230247"
+          ]
+        },
+        {
+          "id": "controls/SV-230248.rb",
+          "controls": [
+            "SV-230248"
+          ]
+        },
+        {
+          "id": "controls/SV-230249.rb",
+          "controls": [
+            "SV-230249"
+          ]
+        },
+        {
+          "id": "controls/SV-230250.rb",
+          "controls": [
+            "SV-230250"
+          ]
+        },
+        {
+          "id": "controls/SV-230251.rb",
+          "controls": [
+            "SV-230251"
+          ]
+        },
+        {
+          "id": "controls/SV-230252.rb",
+          "controls": [
+            "SV-230252"
+          ]
+        },
+        {
+          "id": "controls/SV-230253.rb",
+          "controls": [
+            "SV-230253"
+          ]
+        },
+        {
+          "id": "controls/SV-230254.rb",
+          "controls": [
+            "SV-230254"
+          ]
+        },
+        {
+          "id": "controls/SV-230255.rb",
+          "controls": [
+            "SV-230255"
+          ]
+        },
+        {
+          "id": "controls/SV-230256.rb",
+          "controls": [
+            "SV-230256"
+          ]
+        },
+        {
+          "id": "controls/SV-230257.rb",
+          "controls": [
+            "SV-230257"
+          ]
+        },
+        {
+          "id": "controls/SV-230258.rb",
+          "controls": [
+            "SV-230258"
+          ]
+        },
+        {
+          "id": "controls/SV-230259.rb",
+          "controls": [
+            "SV-230259"
+          ]
+        },
+        {
+          "id": "controls/SV-230260.rb",
+          "controls": [
+            "SV-230260"
+          ]
+        },
+        {
+          "id": "controls/SV-230261.rb",
+          "controls": [
+            "SV-230261"
+          ]
+        },
+        {
+          "id": "controls/SV-230262.rb",
+          "controls": [
+            "SV-230262"
+          ]
+        },
+        {
+          "id": "controls/SV-230263.rb",
+          "controls": [
+            "SV-230263"
+          ]
+        },
+        {
+          "id": "controls/SV-230264.rb",
+          "controls": [
+            "SV-230264"
+          ]
+        },
+        {
+          "id": "controls/SV-230265.rb",
+          "controls": [
+            "SV-230265"
+          ]
+        },
+        {
+          "id": "controls/SV-230266.rb",
+          "controls": [
+            "SV-230266"
+          ]
+        },
+        {
+          "id": "controls/SV-230267.rb",
+          "controls": [
+            "SV-230267"
+          ]
+        },
+        {
+          "id": "controls/SV-230268.rb",
+          "controls": [
+            "SV-230268"
+          ]
+        },
+        {
+          "id": "controls/SV-230269.rb",
+          "controls": [
+            "SV-230269"
+          ]
+        },
+        {
+          "id": "controls/SV-230270.rb",
+          "controls": [
+            "SV-230270"
+          ]
+        },
+        {
+          "id": "controls/SV-230271.rb",
+          "controls": [
+            "SV-230271"
+          ]
+        },
+        {
+          "id": "controls/SV-230272.rb",
+          "controls": [
+            "SV-230272"
+          ]
+        },
+        {
+          "id": "controls/SV-230273.rb",
+          "controls": [
+            "SV-230273"
+          ]
+        },
+        {
+          "id": "controls/SV-230274.rb",
+          "controls": [
+            "SV-230274"
+          ]
+        },
+        {
+          "id": "controls/SV-230275.rb",
+          "controls": [
+            "SV-230275"
+          ]
+        },
+        {
+          "id": "controls/SV-230276.rb",
+          "controls": [
+            "SV-230276"
+          ]
+        },
+        {
+          "id": "controls/SV-230277.rb",
+          "controls": [
+            "SV-230277"
+          ]
+        },
+        {
+          "id": "controls/SV-230278.rb",
+          "controls": [
+            "SV-230278"
+          ]
+        },
+        {
+          "id": "controls/SV-230279.rb",
+          "controls": [
+            "SV-230279"
+          ]
+        },
+        {
+          "id": "controls/SV-230280.rb",
+          "controls": [
+            "SV-230280"
+          ]
+        },
+        {
+          "id": "controls/SV-230281.rb",
+          "controls": [
+            "SV-230281"
+          ]
+        },
+        {
+          "id": "controls/SV-230282.rb",
+          "controls": [
+            "SV-230282"
+          ]
+        },
+        {
+          "id": "controls/SV-230283.rb",
+          "controls": [
+            "SV-230283"
+          ]
+        },
+        {
+          "id": "controls/SV-230284.rb",
+          "controls": [
+            "SV-230284"
+          ]
+        },
+        {
+          "id": "controls/SV-230285.rb",
+          "controls": [
+            "SV-230285"
+          ]
+        },
+        {
+          "id": "controls/SV-230286.rb",
+          "controls": [
+            "SV-230286"
+          ]
+        },
+        {
+          "id": "controls/SV-230287.rb",
+          "controls": [
+            "SV-230287"
+          ]
+        },
+        {
+          "id": "controls/SV-230288.rb",
+          "controls": [
+            "SV-230288"
+          ]
+        },
+        {
+          "id": "controls/SV-230290.rb",
+          "controls": [
+            "SV-230290"
+          ]
+        },
+        {
+          "id": "controls/SV-230291.rb",
+          "controls": [
+            "SV-230291"
+          ]
+        },
+        {
+          "id": "controls/SV-230292.rb",
+          "controls": [
+            "SV-230292"
+          ]
+        },
+        {
+          "id": "controls/SV-230293.rb",
+          "controls": [
+            "SV-230293"
+          ]
+        },
+        {
+          "id": "controls/SV-230294.rb",
+          "controls": [
+            "SV-230294"
+          ]
+        },
+        {
+          "id": "controls/SV-230295.rb",
+          "controls": [
+            "SV-230295"
+          ]
+        },
+        {
+          "id": "controls/SV-230296.rb",
+          "controls": [
+            "SV-230296"
+          ]
+        },
+        {
+          "id": "controls/SV-230298.rb",
+          "controls": [
+            "SV-230298"
+          ]
+        },
+        {
+          "id": "controls/SV-230299.rb",
+          "controls": [
+            "SV-230299"
+          ]
+        },
+        {
+          "id": "controls/SV-230300.rb",
+          "controls": [
+            "SV-230300"
+          ]
+        },
+        {
+          "id": "controls/SV-230301.rb",
+          "controls": [
+            "SV-230301"
+          ]
+        },
+        {
+          "id": "controls/SV-230302.rb",
+          "controls": [
+            "SV-230302"
+          ]
+        },
+        {
+          "id": "controls/SV-230303.rb",
+          "controls": [
+            "SV-230303"
+          ]
+        },
+        {
+          "id": "controls/SV-230304.rb",
+          "controls": [
+            "SV-230304"
+          ]
+        },
+        {
+          "id": "controls/SV-230305.rb",
+          "controls": [
+            "SV-230305"
+          ]
+        },
+        {
+          "id": "controls/SV-230306.rb",
+          "controls": [
+            "SV-230306"
+          ]
+        },
+        {
+          "id": "controls/SV-230307.rb",
+          "controls": [
+            "SV-230307"
+          ]
+        },
+        {
+          "id": "controls/SV-230308.rb",
+          "controls": [
+            "SV-230308"
+          ]
+        },
+        {
+          "id": "controls/SV-230309.rb",
+          "controls": [
+            "SV-230309"
+          ]
+        },
+        {
+          "id": "controls/SV-230310.rb",
+          "controls": [
+            "SV-230310"
+          ]
+        },
+        {
+          "id": "controls/SV-230311.rb",
+          "controls": [
+            "SV-230311"
+          ]
+        },
+        {
+          "id": "controls/SV-230312.rb",
+          "controls": [
+            "SV-230312"
+          ]
+        },
+        {
+          "id": "controls/SV-230313.rb",
+          "controls": [
+            "SV-230313"
+          ]
+        },
+        {
+          "id": "controls/SV-230314.rb",
+          "controls": [
+            "SV-230314"
+          ]
+        },
+        {
+          "id": "controls/SV-230315.rb",
+          "controls": [
+            "SV-230315"
+          ]
+        },
+        {
+          "id": "controls/SV-230316.rb",
+          "controls": [
+            "SV-230316"
+          ]
+        },
+        {
+          "id": "controls/SV-230317.rb",
+          "controls": [
+            "SV-230317"
+          ]
+        },
+        {
+          "id": "controls/SV-230318.rb",
+          "controls": [
+            "SV-230318"
+          ]
+        },
+        {
+          "id": "controls/SV-230319.rb",
+          "controls": [
+            "SV-230319"
+          ]
+        },
+        {
+          "id": "controls/SV-230320.rb",
+          "controls": [
+            "SV-230320"
+          ]
+        },
+        {
+          "id": "controls/SV-230321.rb",
+          "controls": [
+            "SV-230321"
+          ]
+        },
+        {
+          "id": "controls/SV-230322.rb",
+          "controls": [
+            "SV-230322"
+          ]
+        },
+        {
+          "id": "controls/SV-230323.rb",
+          "controls": [
+            "SV-230323"
+          ]
+        },
+        {
+          "id": "controls/SV-230324.rb",
+          "controls": [
+            "SV-230324"
+          ]
+        },
+        {
+          "id": "controls/SV-230325.rb",
+          "controls": [
+            "SV-230325"
+          ]
+        },
+        {
+          "id": "controls/SV-230326.rb",
+          "controls": [
+            "SV-230326"
+          ]
+        },
+        {
+          "id": "controls/SV-230327.rb",
+          "controls": [
+            "SV-230327"
+          ]
+        },
+        {
+          "id": "controls/SV-230328.rb",
+          "controls": [
+            "SV-230328"
+          ]
+        },
+        {
+          "id": "controls/SV-230329.rb",
+          "controls": [
+            "SV-230329"
+          ]
+        },
+        {
+          "id": "controls/SV-230330.rb",
+          "controls": [
+            "SV-230330"
+          ]
+        },
+        {
+          "id": "controls/SV-230331.rb",
+          "controls": [
+            "SV-230331"
+          ]
+        },
+        {
+          "id": "controls/SV-230332.rb",
+          "controls": [
+            "SV-230332"
+          ]
+        },
+        {
+          "id": "controls/SV-230333.rb",
+          "controls": [
+            "SV-230333"
+          ]
+        },
+        {
+          "id": "controls/SV-230334.rb",
+          "controls": [
+            "SV-230334"
+          ]
+        },
+        {
+          "id": "controls/SV-230335.rb",
+          "controls": [
+            "SV-230335"
+          ]
+        },
+        {
+          "id": "controls/SV-230336.rb",
+          "controls": [
+            "SV-230336"
+          ]
+        },
+        {
+          "id": "controls/SV-230337.rb",
+          "controls": [
+            "SV-230337"
+          ]
+        },
+        {
+          "id": "controls/SV-230338.rb",
+          "controls": [
+            "SV-230338"
+          ]
+        },
+        {
+          "id": "controls/SV-230339.rb",
+          "controls": [
+            "SV-230339"
+          ]
+        },
+        {
+          "id": "controls/SV-230340.rb",
+          "controls": [
+            "SV-230340"
+          ]
+        },
+        {
+          "id": "controls/SV-230341.rb",
+          "controls": [
+            "SV-230341"
+          ]
+        },
+        {
+          "id": "controls/SV-230342.rb",
+          "controls": [
+            "SV-230342"
+          ]
+        },
+        {
+          "id": "controls/SV-230343.rb",
+          "controls": [
+            "SV-230343"
+          ]
+        },
+        {
+          "id": "controls/SV-230344.rb",
+          "controls": [
+            "SV-230344"
+          ]
+        },
+        {
+          "id": "controls/SV-230345.rb",
+          "controls": [
+            "SV-230345"
+          ]
+        },
+        {
+          "id": "controls/SV-230346.rb",
+          "controls": [
+            "SV-230346"
+          ]
+        },
+        {
+          "id": "controls/SV-230347.rb",
+          "controls": [
+            "SV-230347"
+          ]
+        },
+        {
+          "id": "controls/SV-230348.rb",
+          "controls": [
+            "SV-230348"
+          ]
+        },
+        {
+          "id": "controls/SV-230349.rb",
+          "controls": [
+            "SV-230349"
+          ]
+        },
+        {
+          "id": "controls/SV-230350.rb",
+          "controls": [
+            "SV-230350"
+          ]
+        },
+        {
+          "id": "controls/SV-230351.rb",
+          "controls": [
+            "SV-230351"
+          ]
+        },
+        {
+          "id": "controls/SV-230352.rb",
+          "controls": [
+            "SV-230352"
+          ]
+        },
+        {
+          "id": "controls/SV-230353.rb",
+          "controls": [
+            "SV-230353"
+          ]
+        },
+        {
+          "id": "controls/SV-230354.rb",
+          "controls": [
+            "SV-230354"
+          ]
+        },
+        {
+          "id": "controls/SV-230355.rb",
+          "controls": [
+            "SV-230355"
+          ]
+        },
+        {
+          "id": "controls/SV-230356.rb",
+          "controls": [
+            "SV-230356"
+          ]
+        },
+        {
+          "id": "controls/SV-230357.rb",
+          "controls": [
+            "SV-230357"
+          ]
+        },
+        {
+          "id": "controls/SV-230358.rb",
+          "controls": [
+            "SV-230358"
+          ]
+        },
+        {
+          "id": "controls/SV-230359.rb",
+          "controls": [
+            "SV-230359"
+          ]
+        },
+        {
+          "id": "controls/SV-230360.rb",
+          "controls": [
+            "SV-230360"
+          ]
+        },
+        {
+          "id": "controls/SV-230361.rb",
+          "controls": [
+            "SV-230361"
+          ]
+        },
+        {
+          "id": "controls/SV-230362.rb",
+          "controls": [
+            "SV-230362"
+          ]
+        },
+        {
+          "id": "controls/SV-230363.rb",
+          "controls": [
+            "SV-230363"
+          ]
+        },
+        {
+          "id": "controls/SV-230364.rb",
+          "controls": [
+            "SV-230364"
+          ]
+        },
+        {
+          "id": "controls/SV-230365.rb",
+          "controls": [
+            "SV-230365"
+          ]
+        },
+        {
+          "id": "controls/SV-230366.rb",
+          "controls": [
+            "SV-230366"
+          ]
+        },
+        {
+          "id": "controls/SV-230367.rb",
+          "controls": [
+            "SV-230367"
+          ]
+        },
+        {
+          "id": "controls/SV-230368.rb",
+          "controls": [
+            "SV-230368"
+          ]
+        },
+        {
+          "id": "controls/SV-230369.rb",
+          "controls": [
+            "SV-230369"
+          ]
+        },
+        {
+          "id": "controls/SV-230370.rb",
+          "controls": [
+            "SV-230370"
+          ]
+        },
+        {
+          "id": "controls/SV-230371.rb",
+          "controls": [
+            "SV-230371"
+          ]
+        },
+        {
+          "id": "controls/SV-230372.rb",
+          "controls": [
+            "SV-230372"
+          ]
+        },
+        {
+          "id": "controls/SV-230373.rb",
+          "controls": [
+            "SV-230373"
+          ]
+        },
+        {
+          "id": "controls/SV-230374.rb",
+          "controls": [
+            "SV-230374"
+          ]
+        },
+        {
+          "id": "controls/SV-230375.rb",
+          "controls": [
+            "SV-230375"
+          ]
+        },
+        {
+          "id": "controls/SV-230376.rb",
+          "controls": [
+            "SV-230376"
+          ]
+        },
+        {
+          "id": "controls/SV-230377.rb",
+          "controls": [
+            "SV-230377"
+          ]
+        },
+        {
+          "id": "controls/SV-230378.rb",
+          "controls": [
+            "SV-230378"
+          ]
+        },
+        {
+          "id": "controls/SV-230379.rb",
+          "controls": [
+            "SV-230379"
+          ]
+        },
+        {
+          "id": "controls/SV-230380.rb",
+          "controls": [
+            "SV-230380"
+          ]
+        },
+        {
+          "id": "controls/SV-230381.rb",
+          "controls": [
+            "SV-230381"
+          ]
+        },
+        {
+          "id": "controls/SV-230382.rb",
+          "controls": [
+            "SV-230382"
+          ]
+        },
+        {
+          "id": "controls/SV-230383.rb",
+          "controls": [
+            "SV-230383"
+          ]
+        },
+        {
+          "id": "controls/SV-230384.rb",
+          "controls": [
+            "SV-230384"
+          ]
+        },
+        {
+          "id": "controls/SV-230385.rb",
+          "controls": [
+            "SV-230385"
+          ]
+        },
+        {
+          "id": "controls/SV-230386.rb",
+          "controls": [
+            "SV-230386"
+          ]
+        },
+        {
+          "id": "controls/SV-230387.rb",
+          "controls": [
+            "SV-230387"
+          ]
+        },
+        {
+          "id": "controls/SV-230388.rb",
+          "controls": [
+            "SV-230388"
+          ]
+        },
+        {
+          "id": "controls/SV-230389.rb",
+          "controls": [
+            "SV-230389"
+          ]
+        },
+        {
+          "id": "controls/SV-230390.rb",
+          "controls": [
+            "SV-230390"
+          ]
+        },
+        {
+          "id": "controls/SV-230392.rb",
+          "controls": [
+            "SV-230392"
+          ]
+        },
+        {
+          "id": "controls/SV-230393.rb",
+          "controls": [
+            "SV-230393"
+          ]
+        },
+        {
+          "id": "controls/SV-230394.rb",
+          "controls": [
+            "SV-230394"
+          ]
+        },
+        {
+          "id": "controls/SV-230395.rb",
+          "controls": [
+            "SV-230395"
+          ]
+        },
+        {
+          "id": "controls/SV-230396.rb",
+          "controls": [
+            "SV-230396"
+          ]
+        },
+        {
+          "id": "controls/SV-230397.rb",
+          "controls": [
+            "SV-230397"
+          ]
+        },
+        {
+          "id": "controls/SV-230398.rb",
+          "controls": [
+            "SV-230398"
+          ]
+        },
+        {
+          "id": "controls/SV-230399.rb",
+          "controls": [
+            "SV-230399"
+          ]
+        },
+        {
+          "id": "controls/SV-230400.rb",
+          "controls": [
+            "SV-230400"
+          ]
+        },
+        {
+          "id": "controls/SV-230401.rb",
+          "controls": [
+            "SV-230401"
+          ]
+        },
+        {
+          "id": "controls/SV-230402.rb",
+          "controls": [
+            "SV-230402"
+          ]
+        },
+        {
+          "id": "controls/SV-230403.rb",
+          "controls": [
+            "SV-230403"
+          ]
+        },
+        {
+          "id": "controls/SV-230404.rb",
+          "controls": [
+            "SV-230404"
+          ]
+        },
+        {
+          "id": "controls/SV-230405.rb",
+          "controls": [
+            "SV-230405"
+          ]
+        },
+        {
+          "id": "controls/SV-230406.rb",
+          "controls": [
+            "SV-230406"
+          ]
+        },
+        {
+          "id": "controls/SV-230407.rb",
+          "controls": [
+            "SV-230407"
+          ]
+        },
+        {
+          "id": "controls/SV-230408.rb",
+          "controls": [
+            "SV-230408"
+          ]
+        },
+        {
+          "id": "controls/SV-230409.rb",
+          "controls": [
+            "SV-230409"
+          ]
+        },
+        {
+          "id": "controls/SV-230410.rb",
+          "controls": [
+            "SV-230410"
+          ]
+        },
+        {
+          "id": "controls/SV-230411.rb",
+          "controls": [
+            "SV-230411"
+          ]
+        },
+        {
+          "id": "controls/SV-230412.rb",
+          "controls": [
+            "SV-230412"
+          ]
+        },
+        {
+          "id": "controls/SV-230413.rb",
+          "controls": [
+            "SV-230413"
+          ]
+        },
+        {
+          "id": "controls/SV-230418.rb",
+          "controls": [
+            "SV-230418"
+          ]
+        },
+        {
+          "id": "controls/SV-230419.rb",
+          "controls": [
+            "SV-230419"
+          ]
+        },
+        {
+          "id": "controls/SV-230421.rb",
+          "controls": [
+            "SV-230421"
+          ]
+        },
+        {
+          "id": "controls/SV-230422.rb",
+          "controls": [
+            "SV-230422"
+          ]
+        },
+        {
+          "id": "controls/SV-230423.rb",
+          "controls": [
+            "SV-230423"
+          ]
+        },
+        {
+          "id": "controls/SV-230424.rb",
+          "controls": [
+            "SV-230424"
+          ]
+        },
+        {
+          "id": "controls/SV-230425.rb",
+          "controls": [
+            "SV-230425"
+          ]
+        },
+        {
+          "id": "controls/SV-230426.rb",
+          "controls": [
+            "SV-230426"
+          ]
+        },
+        {
+          "id": "controls/SV-230427.rb",
+          "controls": [
+            "SV-230427"
+          ]
+        },
+        {
+          "id": "controls/SV-230428.rb",
+          "controls": [
+            "SV-230428"
+          ]
+        },
+        {
+          "id": "controls/SV-230429.rb",
+          "controls": [
+            "SV-230429"
+          ]
+        },
+        {
+          "id": "controls/SV-230430.rb",
+          "controls": [
+            "SV-230430"
+          ]
+        },
+        {
+          "id": "controls/SV-230431.rb",
+          "controls": [
+            "SV-230431"
+          ]
+        },
+        {
+          "id": "controls/SV-230432.rb",
+          "controls": [
+            "SV-230432"
+          ]
+        },
+        {
+          "id": "controls/SV-230433.rb",
+          "controls": [
+            "SV-230433"
+          ]
+        },
+        {
+          "id": "controls/SV-230434.rb",
+          "controls": [
+            "SV-230434"
+          ]
+        },
+        {
+          "id": "controls/SV-230435.rb",
+          "controls": [
+            "SV-230435"
+          ]
+        },
+        {
+          "id": "controls/SV-230436.rb",
+          "controls": [
+            "SV-230436"
+          ]
+        },
+        {
+          "id": "controls/SV-230437.rb",
+          "controls": [
+            "SV-230437"
+          ]
+        },
+        {
+          "id": "controls/SV-230438.rb",
+          "controls": [
+            "SV-230438"
+          ]
+        },
+        {
+          "id": "controls/SV-230439.rb",
+          "controls": [
+            "SV-230439"
+          ]
+        },
+        {
+          "id": "controls/SV-230444.rb",
+          "controls": [
+            "SV-230444"
+          ]
+        },
+        {
+          "id": "controls/SV-230446.rb",
+          "controls": [
+            "SV-230446"
+          ]
+        },
+        {
+          "id": "controls/SV-230447.rb",
+          "controls": [
+            "SV-230447"
+          ]
+        },
+        {
+          "id": "controls/SV-230448.rb",
+          "controls": [
+            "SV-230448"
+          ]
+        },
+        {
+          "id": "controls/SV-230449.rb",
+          "controls": [
+            "SV-230449"
+          ]
+        },
+        {
+          "id": "controls/SV-230455.rb",
+          "controls": [
+            "SV-230455"
+          ]
+        },
+        {
+          "id": "controls/SV-230456.rb",
+          "controls": [
+            "SV-230456"
+          ]
+        },
+        {
+          "id": "controls/SV-230462.rb",
+          "controls": [
+            "SV-230462"
+          ]
+        },
+        {
+          "id": "controls/SV-230463.rb",
+          "controls": [
+            "SV-230463"
+          ]
+        },
+        {
+          "id": "controls/SV-230464.rb",
+          "controls": [
+            "SV-230464"
+          ]
+        },
+        {
+          "id": "controls/SV-230465.rb",
+          "controls": [
+            "SV-230465"
+          ]
+        },
+        {
+          "id": "controls/SV-230466.rb",
+          "controls": [
+            "SV-230466"
+          ]
+        },
+        {
+          "id": "controls/SV-230467.rb",
+          "controls": [
+            "SV-230467"
+          ]
+        },
+        {
+          "id": "controls/SV-230468.rb",
+          "controls": [
+            "SV-230468"
+          ]
+        },
+        {
+          "id": "controls/SV-230469.rb",
+          "controls": [
+            "SV-230469"
+          ]
+        },
+        {
+          "id": "controls/SV-230470.rb",
+          "controls": [
+            "SV-230470"
+          ]
+        },
+        {
+          "id": "controls/SV-230471.rb",
+          "controls": [
+            "SV-230471"
+          ]
+        },
+        {
+          "id": "controls/SV-230472.rb",
+          "controls": [
+            "SV-230472"
+          ]
+        },
+        {
+          "id": "controls/SV-230473.rb",
+          "controls": [
+            "SV-230473"
+          ]
+        },
+        {
+          "id": "controls/SV-230474.rb",
+          "controls": [
+            "SV-230474"
+          ]
+        },
+        {
+          "id": "controls/SV-230475.rb",
+          "controls": [
+            "SV-230475"
+          ]
+        },
+        {
+          "id": "controls/SV-230476.rb",
+          "controls": [
+            "SV-230476"
+          ]
+        },
+        {
+          "id": "controls/SV-230477.rb",
+          "controls": [
+            "SV-230477"
+          ]
+        },
+        {
+          "id": "controls/SV-230478.rb",
+          "controls": [
+            "SV-230478"
+          ]
+        },
+        {
+          "id": "controls/SV-230479.rb",
+          "controls": [
+            "SV-230479"
+          ]
+        },
+        {
+          "id": "controls/SV-230480.rb",
+          "controls": [
+            "SV-230480"
+          ]
+        },
+        {
+          "id": "controls/SV-230481.rb",
+          "controls": [
+            "SV-230481"
+          ]
+        },
+        {
+          "id": "controls/SV-230482.rb",
+          "controls": [
+            "SV-230482"
+          ]
+        },
+        {
+          "id": "controls/SV-230483.rb",
+          "controls": [
+            "SV-230483"
+          ]
+        },
+        {
+          "id": "controls/SV-230484.rb",
+          "controls": [
+            "SV-230484"
+          ]
+        },
+        {
+          "id": "controls/SV-230485.rb",
+          "controls": [
+            "SV-230485"
+          ]
+        },
+        {
+          "id": "controls/SV-230486.rb",
+          "controls": [
+            "SV-230486"
+          ]
+        },
+        {
+          "id": "controls/SV-230487.rb",
+          "controls": [
+            "SV-230487"
+          ]
+        },
+        {
+          "id": "controls/SV-230488.rb",
+          "controls": [
+            "SV-230488"
+          ]
+        },
+        {
+          "id": "controls/SV-230489.rb",
+          "controls": [
+            "SV-230489"
+          ]
+        },
+        {
+          "id": "controls/SV-230491.rb",
+          "controls": [
+            "SV-230491"
+          ]
+        },
+        {
+          "id": "controls/SV-230492.rb",
+          "controls": [
+            "SV-230492"
+          ]
+        },
+        {
+          "id": "controls/SV-230493.rb",
+          "controls": [
+            "SV-230493"
+          ]
+        },
+        {
+          "id": "controls/SV-230494.rb",
+          "controls": [
+            "SV-230494"
+          ]
+        },
+        {
+          "id": "controls/SV-230495.rb",
+          "controls": [
+            "SV-230495"
+          ]
+        },
+        {
+          "id": "controls/SV-230496.rb",
+          "controls": [
+            "SV-230496"
+          ]
+        },
+        {
+          "id": "controls/SV-230497.rb",
+          "controls": [
+            "SV-230497"
+          ]
+        },
+        {
+          "id": "controls/SV-230498.rb",
+          "controls": [
+            "SV-230498"
+          ]
+        },
+        {
+          "id": "controls/SV-230499.rb",
+          "controls": [
+            "SV-230499"
+          ]
+        },
+        {
+          "id": "controls/SV-230500.rb",
+          "controls": [
+            "SV-230500"
+          ]
+        },
+        {
+          "id": "controls/SV-230502.rb",
+          "controls": [
+            "SV-230502"
+          ]
+        },
+        {
+          "id": "controls/SV-230503.rb",
+          "controls": [
+            "SV-230503"
+          ]
+        },
+        {
+          "id": "controls/SV-230504.rb",
+          "controls": [
+            "SV-230504"
+          ]
+        },
+        {
+          "id": "controls/SV-230505.rb",
+          "controls": [
+            "SV-230505"
+          ]
+        },
+        {
+          "id": "controls/SV-230506.rb",
+          "controls": [
+            "SV-230506"
+          ]
+        },
+        {
+          "id": "controls/SV-230507.rb",
+          "controls": [
+            "SV-230507"
+          ]
+        },
+        {
+          "id": "controls/SV-230508.rb",
+          "controls": [
+            "SV-230508"
+          ]
+        },
+        {
+          "id": "controls/SV-230509.rb",
+          "controls": [
+            "SV-230509"
+          ]
+        },
+        {
+          "id": "controls/SV-230510.rb",
+          "controls": [
+            "SV-230510"
+          ]
+        },
+        {
+          "id": "controls/SV-230511.rb",
+          "controls": [
+            "SV-230511"
+          ]
+        },
+        {
+          "id": "controls/SV-230512.rb",
+          "controls": [
+            "SV-230512"
+          ]
+        },
+        {
+          "id": "controls/SV-230513.rb",
+          "controls": [
+            "SV-230513"
+          ]
+        },
+        {
+          "id": "controls/SV-230514.rb",
+          "controls": [
+            "SV-230514"
+          ]
+        },
+        {
+          "id": "controls/SV-230515.rb",
+          "controls": [
+            "SV-230515"
+          ]
+        },
+        {
+          "id": "controls/SV-230516.rb",
+          "controls": [
+            "SV-230516"
+          ]
+        },
+        {
+          "id": "controls/SV-230517.rb",
+          "controls": [
+            "SV-230517"
+          ]
+        },
+        {
+          "id": "controls/SV-230518.rb",
+          "controls": [
+            "SV-230518"
+          ]
+        },
+        {
+          "id": "controls/SV-230519.rb",
+          "controls": [
+            "SV-230519"
+          ]
+        },
+        {
+          "id": "controls/SV-230520.rb",
+          "controls": [
+            "SV-230520"
+          ]
+        },
+        {
+          "id": "controls/SV-230521.rb",
+          "controls": [
+            "SV-230521"
+          ]
+        },
+        {
+          "id": "controls/SV-230522.rb",
+          "controls": [
+            "SV-230522"
+          ]
+        },
+        {
+          "id": "controls/SV-230523.rb",
+          "controls": [
+            "SV-230523"
+          ]
+        },
+        {
+          "id": "controls/SV-230524.rb",
+          "controls": [
+            "SV-230524"
+          ]
+        },
+        {
+          "id": "controls/SV-230525.rb",
+          "controls": [
+            "SV-230525"
+          ]
+        },
+        {
+          "id": "controls/SV-230526.rb",
+          "controls": [
+            "SV-230526"
+          ]
+        },
+        {
+          "id": "controls/SV-230527.rb",
+          "controls": [
+            "SV-230527"
+          ]
+        },
+        {
+          "id": "controls/SV-230529.rb",
+          "controls": [
+            "SV-230529"
+          ]
+        },
+        {
+          "id": "controls/SV-230530.rb",
+          "controls": [
+            "SV-230530"
+          ]
+        },
+        {
+          "id": "controls/SV-230531.rb",
+          "controls": [
+            "SV-230531"
+          ]
+        },
+        {
+          "id": "controls/SV-230532.rb",
+          "controls": [
+            "SV-230532"
+          ]
+        },
+        {
+          "id": "controls/SV-230533.rb",
+          "controls": [
+            "SV-230533"
+          ]
+        },
+        {
+          "id": "controls/SV-230534.rb",
+          "controls": [
+            "SV-230534"
+          ]
+        },
+        {
+          "id": "controls/SV-230535.rb",
+          "controls": [
+            "SV-230535"
+          ]
+        },
+        {
+          "id": "controls/SV-230536.rb",
+          "controls": [
+            "SV-230536"
+          ]
+        },
+        {
+          "id": "controls/SV-230537.rb",
+          "controls": [
+            "SV-230537"
+          ]
+        },
+        {
+          "id": "controls/SV-230538.rb",
+          "controls": [
+            "SV-230538"
+          ]
+        },
+        {
+          "id": "controls/SV-230539.rb",
+          "controls": [
+            "SV-230539"
+          ]
+        },
+        {
+          "id": "controls/SV-230540.rb",
+          "controls": [
+            "SV-230540"
+          ]
+        },
+        {
+          "id": "controls/SV-230541.rb",
+          "controls": [
+            "SV-230541"
+          ]
+        },
+        {
+          "id": "controls/SV-230542.rb",
+          "controls": [
+            "SV-230542"
+          ]
+        },
+        {
+          "id": "controls/SV-230543.rb",
+          "controls": [
+            "SV-230543"
+          ]
+        },
+        {
+          "id": "controls/SV-230544.rb",
+          "controls": [
+            "SV-230544"
+          ]
+        },
+        {
+          "id": "controls/SV-230545.rb",
+          "controls": [
+            "SV-230545"
+          ]
+        },
+        {
+          "id": "controls/SV-230546.rb",
+          "controls": [
+            "SV-230546"
+          ]
+        },
+        {
+          "id": "controls/SV-230547.rb",
+          "controls": [
+            "SV-230547"
+          ]
+        },
+        {
+          "id": "controls/SV-230548.rb",
+          "controls": [
+            "SV-230548"
+          ]
+        },
+        {
+          "id": "controls/SV-230549.rb",
+          "controls": [
+            "SV-230549"
+          ]
+        },
+        {
+          "id": "controls/SV-230550.rb",
+          "controls": [
+            "SV-230550"
+          ]
+        },
+        {
+          "id": "controls/SV-230551.rb",
+          "controls": [
+            "SV-230551"
+          ]
+        },
+        {
+          "id": "controls/SV-230552.rb",
+          "controls": [
+            "SV-230552"
+          ]
+        },
+        {
+          "id": "controls/SV-230553.rb",
+          "controls": [
+            "SV-230553"
+          ]
+        },
+        {
+          "id": "controls/SV-230554.rb",
+          "controls": [
+            "SV-230554"
+          ]
+        },
+        {
+          "id": "controls/SV-230555.rb",
+          "controls": [
+            "SV-230555"
+          ]
+        },
+        {
+          "id": "controls/SV-230556.rb",
+          "controls": [
+            "SV-230556"
+          ]
+        },
+        {
+          "id": "controls/SV-230557.rb",
+          "controls": [
+            "SV-230557"
+          ]
+        },
+        {
+          "id": "controls/SV-230558.rb",
+          "controls": [
+            "SV-230558"
+          ]
+        },
+        {
+          "id": "controls/SV-230559.rb",
+          "controls": [
+            "SV-230559"
+          ]
+        },
+        {
+          "id": "controls/SV-230560.rb",
+          "controls": [
+            "SV-230560"
+          ]
+        },
+        {
+          "id": "controls/SV-230561.rb",
+          "controls": [
+            "SV-230561"
+          ]
+        },
+        {
+          "id": "controls/SV-237640.rb",
+          "controls": [
+            "SV-237640"
+          ]
+        },
+        {
+          "id": "controls/SV-237641.rb",
+          "controls": [
+            "SV-237641"
+          ]
+        },
+        {
+          "id": "controls/SV-237642.rb",
+          "controls": [
+            "SV-237642"
+          ]
+        },
+        {
+          "id": "controls/SV-237643.rb",
+          "controls": [
+            "SV-237643"
+          ]
+        },
+        {
+          "id": "controls/SV-244519.rb",
+          "controls": [
+            "SV-244519"
+          ]
+        },
+        {
+          "id": "controls/SV-244521.rb",
+          "controls": [
+            "SV-244521"
+          ]
+        },
+        {
+          "id": "controls/SV-244522.rb",
+          "controls": [
+            "SV-244522"
+          ]
+        },
+        {
+          "id": "controls/SV-244523.rb",
+          "controls": [
+            "SV-244523"
+          ]
+        },
+        {
+          "id": "controls/SV-244524.rb",
+          "controls": [
+            "SV-244524"
+          ]
+        },
+        {
+          "id": "controls/SV-244525.rb",
+          "controls": [
+            "SV-244525"
+          ]
+        },
+        {
+          "id": "controls/SV-244526.rb",
+          "controls": [
+            "SV-244526"
+          ]
+        },
+        {
+          "id": "controls/SV-244527.rb",
+          "controls": [
+            "SV-244527"
+          ]
+        },
+        {
+          "id": "controls/SV-244528.rb",
+          "controls": [
+            "SV-244528"
+          ]
+        },
+        {
+          "id": "controls/SV-244529.rb",
+          "controls": [
+            "SV-244529"
+          ]
+        },
+        {
+          "id": "controls/SV-244530.rb",
+          "controls": [
+            "SV-244530"
+          ]
+        },
+        {
+          "id": "controls/SV-244531.rb",
+          "controls": [
+            "SV-244531"
+          ]
+        },
+        {
+          "id": "controls/SV-244532.rb",
+          "controls": [
+            "SV-244532"
+          ]
+        },
+        {
+          "id": "controls/SV-244533.rb",
+          "controls": [
+            "SV-244533"
+          ]
+        },
+        {
+          "id": "controls/SV-244534.rb",
+          "controls": [
+            "SV-244534"
+          ]
+        },
+        {
+          "id": "controls/SV-244535.rb",
+          "controls": [
+            "SV-244535"
+          ]
+        },
+        {
+          "id": "controls/SV-244536.rb",
+          "controls": [
+            "SV-244536"
+          ]
+        },
+        {
+          "id": "controls/SV-244537.rb",
+          "controls": [
+            "SV-244537"
+          ]
+        },
+        {
+          "id": "controls/SV-244538.rb",
+          "controls": [
+            "SV-244538"
+          ]
+        },
+        {
+          "id": "controls/SV-244539.rb",
+          "controls": [
+            "SV-244539"
+          ]
+        },
+        {
+          "id": "controls/SV-244540.rb",
+          "controls": [
+            "SV-244540"
+          ]
+        },
+        {
+          "id": "controls/SV-244541.rb",
+          "controls": [
+            "SV-244541"
+          ]
+        },
+        {
+          "id": "controls/SV-244542.rb",
+          "controls": [
+            "SV-244542"
+          ]
+        },
+        {
+          "id": "controls/SV-244543.rb",
+          "controls": [
+            "SV-244543"
+          ]
+        },
+        {
+          "id": "controls/SV-244544.rb",
+          "controls": [
+            "SV-244544"
+          ]
+        },
+        {
+          "id": "controls/SV-244545.rb",
+          "controls": [
+            "SV-244545"
+          ]
+        },
+        {
+          "id": "controls/SV-244546.rb",
+          "controls": [
+            "SV-244546"
+          ]
+        },
+        {
+          "id": "controls/SV-244547.rb",
+          "controls": [
+            "SV-244547"
+          ]
+        },
+        {
+          "id": "controls/SV-244548.rb",
+          "controls": [
+            "SV-244548"
+          ]
+        },
+        {
+          "id": "controls/SV-244549.rb",
+          "controls": [
+            "SV-244549"
+          ]
+        },
+        {
+          "id": "controls/SV-244550.rb",
+          "controls": [
+            "SV-244550"
+          ]
+        },
+        {
+          "id": "controls/SV-244551.rb",
+          "controls": [
+            "SV-244551"
+          ]
+        },
+        {
+          "id": "controls/SV-244552.rb",
+          "controls": [
+            "SV-244552"
+          ]
+        },
+        {
+          "id": "controls/SV-244553.rb",
+          "controls": [
+            "SV-244553"
+          ]
+        },
+        {
+          "id": "controls/SV-244554.rb",
+          "controls": [
+            "SV-244554"
+          ]
+        },
+        {
+          "id": "controls/SV-245540.rb",
+          "controls": [
+            "SV-245540"
+          ]
+        },
+        {
+          "id": "controls/SV-250315.rb",
+          "controls": [
+            "SV-250315"
+          ]
+        },
+        {
+          "id": "controls/SV-250316.rb",
+          "controls": [
+            "SV-250316"
+          ]
+        },
+        {
+          "id": "controls/SV-250317.rb",
+          "controls": [
+            "SV-250317"
+          ]
+        },
+        {
+          "id": "controls/SV-251706.rb",
+          "controls": [
+            "SV-251706"
+          ]
+        },
+        {
+          "id": "controls/SV-251707.rb",
+          "controls": [
+            "SV-251707"
+          ]
+        },
+        {
+          "id": "controls/SV-251708.rb",
+          "controls": [
+            "SV-251708"
+          ]
+        },
+        {
+          "id": "controls/SV-251709.rb",
+          "controls": [
+            "SV-251709"
+          ]
+        },
+        {
+          "id": "controls/SV-251710.rb",
+          "controls": [
+            "SV-251710"
+          ]
+        },
+        {
+          "id": "controls/SV-251711.rb",
+          "controls": [
+            "SV-251711"
+          ]
+        },
+        {
+          "id": "controls/SV-251712.rb",
+          "controls": [
+            "SV-251712"
+          ]
+        },
+        {
+          "id": "controls/SV-251713.rb",
+          "controls": [
+            "SV-251713"
+          ]
+        },
+        {
+          "id": "controls/SV-251714.rb",
+          "controls": [
+            "SV-251714"
+          ]
+        },
+        {
+          "id": "controls/SV-251715.rb",
+          "controls": [
+            "SV-251715"
+          ]
+        },
+        {
+          "id": "controls/SV-251716.rb",
+          "controls": [
+            "SV-251716"
+          ]
+        },
+        {
+          "id": "controls/SV-251717.rb",
+          "controls": [
+            "SV-251717"
+          ]
+        },
+        {
+          "id": "controls/SV-251718.rb",
+          "controls": [
+            "SV-251718"
+          ]
+        },
+        {
+          "id": "controls/SV-254520.rb",
+          "controls": [
+            "SV-254520"
+          ]
+        },
+        {
+          "id": "controls/SV-255924.rb",
+          "controls": [
+            "SV-255924"
+          ]
+        },
+        {
+          "id": "controls/SV-256973.rb",
+          "controls": [
+            "SV-256973"
+          ]
+        },
+        {
+          "id": "controls/SV-256974.rb",
+          "controls": [
+            "SV-256974"
+          ]
+        },
+        {
+          "id": "controls/SV-257258.rb",
+          "controls": [
+            "SV-257258"
+          ]
+        }
+      ],
+      "controls": [
+        {
+          "id": "SV-230221",
+          "title": "RHEL 8 must be a vendor-supported release.",
+          "desc": "An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\n  Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. The RHEL 8 minor releases eligible for EUS are 8.1, 8.2, 8.4, 8.6, and 8.8. Each RHEL 8 EUS stream is available for 24 months from the availability of the minor release. RHEL 8.10 will be the final minor release overall. For more details on the Red Hat Enterprise Linux Life Cycle  visit https://access.redhat.com/support/policy/updates/errata/.\n\n  Note: The life-cycle time spans and dates are subject to adjustment.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\n  Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. The RHEL 8 minor releases eligible for EUS are 8.1, 8.2, 8.4, 8.6, and 8.8. Each RHEL 8 EUS stream is available for 24 months from the availability of the minor release. RHEL 8.10 will be the final minor release overall. For more details on the Red Hat Enterprise Linux Life Cycle  visit https://access.redhat.com/support/policy/updates/errata/.\n\n  Note: The life-cycle time spans and dates are subject to adjustment."
+            },
+            {
+              "label": "check",
+              "data": "Verify the version of the operating system is vendor supported.\n\n  Note: The lifecycle time spans and dates are subject to adjustment.\n\n  Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n    $ sudo cat /etc/redhat-release\n\n    Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n\n  Current End of Extended Update Support for RHEL 8.4 is 31 May 2023.\n\n  Current End of Maintenance Support for RHEL 8.5 is 31 May 2022.\n\n  Current End of Extended Update Support for RHEL 8.6 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.7 is 31 May 2023.\n\n  Current End of Extended Update Support for RHEL 8.8 is 31 May 2025.\n\n  Current End of Maintenance Support for RHEL 8.9 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.10 is 31 May 2029.\n\n  If the release is not supported by the vendor, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Upgrade to a supported version of RHEL 8."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230221",
+            "rid": "SV-230221r858734_rule",
+            "stig_id": "RHEL-08-010000",
+            "fix_id": "F-32865r567410_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230221' do\n  title 'RHEL 8 must be a vendor-supported release.'\n  desc 'An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\n  Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period. The RHEL 8 minor releases eligible for EUS are 8.1, 8.2, 8.4, 8.6, and 8.8. Each RHEL 8 EUS stream is available for 24 months from the availability of the minor release. RHEL 8.10 will be the final minor release overall. For more details on the Red Hat Enterprise Linux Life Cycle  visit https://access.redhat.com/support/policy/updates/errata/.\n\n  Note: The life-cycle time spans and dates are subject to adjustment.'\n  desc 'check', 'Verify the version of the operating system is vendor supported.\n\n  Note: The lifecycle time spans and dates are subject to adjustment.\n\n  Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n    $ sudo cat /etc/redhat-release\n\n    Red Hat Enterprise Linux Server release 8.6 (Ootpa)\n\n\n  Current End of Extended Update Support for RHEL 8.4 is 31 May 2023.\n\n  Current End of Maintenance Support for RHEL 8.5 is 31 May 2022.\n\n  Current End of Extended Update Support for RHEL 8.6 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.7 is 31 May 2023.\n\n  Current End of Extended Update Support for RHEL 8.8 is 31 May 2025.\n\n  Current End of Maintenance Support for RHEL 8.9 is 31 May 2024.\n\n  Current End of Maintenance Support for RHEL 8.10 is 31 May 2029.\n\n  If the release is not supported by the vendor, this is a finding.'\n  desc 'fix', 'Upgrade to a supported version of RHEL 8.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230221'\n  tag rid: 'SV-230221r858734_rule'\n  tag stig_id: 'RHEL-08-010000'\n  tag fix_id: 'F-32865r567410_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  release = os.release\n\n  EOMS_DATE = {\n    /^8\\.1/ => '30 November 2021',\n    /^8\\.2/ => '30 April 2022',\n    /^8\\.3/ => '30 April 2021',\n    /^8\\.4/ => '30 April 2023',\n    /^8\\.5/ => '30 April 2022',\n    /^8\\.6/ => '30 April 2024',\n    /^8\\.7/ => '30 April 2023',\n    /^8\\.8/ => '30 April 2025',\n    /^8\\.9/ => '30 April 2024',\n    /^8\\.10/ => '31 May 2029'\n  }.find { |k, _v| k.match(release) }&.last\n\n  describe \"The release \\\"#{release}\\\" is still be within the support window\" do\n    it \"ending on #{EOMS_DATE}\" do\n      expect(Date.today).to be <= Date.parse(EOMS_DATE)\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230221.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The release \"8.9\" is still be within the support window ending on 30 April 2024",
+              "run_time": 0.000136,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The release \"8.9\" is still be within the support window"
+            }
+          ]
+        },
+        {
+          "id": "SV-230222",
+          "title": "RHEL 8 vendor packaged system security patches and updates must be installed and up to date.",
+          "desc": "Timely patching is critical for maintaining the operational\n    availability, confidentiality, and integrity of information technology (IT)\n    systems. However, failure to keep operating system and application software\n    patched is a common mistake made by IT professionals. New patches are released\n    daily, and it is often difficult for even experienced System Administrators to\n    keep abreast of all the new patches. When new weaknesses in an operating system\n    exist, patches are usually made available by the vendor to resolve the\n    problems. If the most recent security patches and updates are not installed,\n    unauthorized users may take advantage of weaknesses in the unpatched software.\n    The lack of prompt attention to patching could result in a system compromise.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Timely patching is critical for maintaining the operational\n    availability, confidentiality, and integrity of information technology (IT)\n    systems. However, failure to keep operating system and application software\n    patched is a common mistake made by IT professionals. New patches are released\n    daily, and it is often difficult for even experienced System Administrators to\n    keep abreast of all the new patches. When new weaknesses in an operating system\n    exist, patches are usually made available by the vendor to resolve the\n    problems. If the most recent security patches and updates are not installed,\n    unauthorized users may take advantage of weaknesses in the unpatched software.\n    The lack of prompt attention to patching could result in a system compromise."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system security patches and updates are installed and\n    up to date. Updates are required to be applied with a frequency determined by\n    the site or Program Management Office (PMO).\n\n    Obtain the list of available package security updates from Red Hat. The URL\n    for updates is https://rhn.redhat.com/errata/. It is important to note that\n    updates provided by Red Hat may not be present on the system if the underlying\n    packages are not installed.\n\n    Check that the available package security updates have been installed on\n    the system with the following command:\n\n        $ sudo yum history list | more\n\n        Loaded plugins: langpacks, product-id, subscription-manager\n        ID | Command line | Date and time | Action(s) | Altered\n\n    -------------------------------------------------------------------------------\n        70 | install aide | 2020-03-05 10:58 | Install | 1\n        69 | update -y | 2020-03-04 14:34 | Update | 18 EE\n        68 | install vlc | 2020-02-21 17:12 | Install | 21\n        67 | update -y | 2020-02-21 17:04 | Update | 7 EE\n\n    If package updates have not been performed on the system within the\n    timeframe the site/program documentation requires, this is a finding.\n\n    Typical update frequency may be overridden by Information Assurance\n    Vulnerability Alert (IAVA) notifications from CYBERCOM.\n\n    If the operating system is in non-compliance with the Information Assurance\n    Vulnerability Management (IAVM) process, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install the operating system patches or updated packages\n    available from Red Hat within 30 days or sooner as local policy dictates."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230222",
+            "rid": "SV-230222r627750_rule",
+            "stig_id": "RHEL-08-010010",
+            "fix_id": "F-32866r567413_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230222' do\n  title 'RHEL 8 vendor packaged system security patches and updates must be installed and up to date.'\n  desc 'Timely patching is critical for maintaining the operational\n    availability, confidentiality, and integrity of information technology (IT)\n    systems. However, failure to keep operating system and application software\n    patched is a common mistake made by IT professionals. New patches are released\n    daily, and it is often difficult for even experienced System Administrators to\n    keep abreast of all the new patches. When new weaknesses in an operating system\n    exist, patches are usually made available by the vendor to resolve the\n    problems. If the most recent security patches and updates are not installed,\n    unauthorized users may take advantage of weaknesses in the unpatched software.\n    The lack of prompt attention to patching could result in a system compromise.'\n  desc 'check', 'Verify the operating system security patches and updates are installed and\n    up to date. Updates are required to be applied with a frequency determined by\n    the site or Program Management Office (PMO).\n\n    Obtain the list of available package security updates from Red Hat. The URL\n    for updates is https://rhn.redhat.com/errata/. It is important to note that\n    updates provided by Red Hat may not be present on the system if the underlying\n    packages are not installed.\n\n    Check that the available package security updates have been installed on\n    the system with the following command:\n\n        $ sudo yum history list | more\n\n        Loaded plugins: langpacks, product-id, subscription-manager\n        ID | Command line | Date and time | Action(s) | Altered\n\n    -------------------------------------------------------------------------------\n        70 | install aide | 2020-03-05 10:58 | Install | 1\n        69 | update -y | 2020-03-04 14:34 | Update | 18 EE\n        68 | install vlc | 2020-02-21 17:12 | Install | 21\n        67 | update -y | 2020-02-21 17:04 | Update | 7 EE\n\n    If package updates have not been performed on the system within the\n    timeframe the site/program documentation requires, this is a finding.\n\n    Typical update frequency may be overridden by Information Assurance\n    Vulnerability Alert (IAVA) notifications from CYBERCOM.\n\n    If the operating system is in non-compliance with the Information Assurance\n    Vulnerability Management (IAVM) process, this is a finding.'\n  desc 'fix', 'Install the operating system patches or updated packages\n    available from Red Hat within 30 days or sooner as local policy dictates.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230222'\n  tag rid: 'SV-230222r627750_rule'\n  tag stig_id: 'RHEL-08-010010'\n  tag fix_id: 'F-32866r567413_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  only_if(\"This control takes a long time to execute so it has been disabled through 'slow_controls'\") {\n    !input('disable_slow_controls')\n  }\n\n  if input('disconnected_system')\n    describe 'The system is set to a `disconnected` state and you must validate the state of the system packages manually' do\n      skip 'The system is set to a `disconnected` state and you must validate the state of the system packages manually'\n    end\n  else\n    updates = linux_update.updates\n    package_names = updates.map { |h| h['name'] }\n\n    describe.one do\n      describe 'List of out-of-date packages' do\n        subject { package_names }\n        it { should be_empty }\n      end\n      updates.each do |update|\n        describe package(update['name']) do\n          its('version') { should eq update['version'] }\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230222.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "List of out-of-date packages is expected to be empty",
+              "run_time": 6.4e-05,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "List of out-of-date packages"
+            }
+          ]
+        },
+        {
+          "id": "SV-230223",
+          "title": "RHEL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.",
+          "desc": "Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.\n\nRHEL 8 utilizes GRUB 2 as the default bootloader. Note that GRUB 2 command-line parameters are defined in the \"kernelopts\" variable of the /boot/grub2/grubenv file for all kernel boot entries. The command \"fips-mode-setup\" modifies the \"kernelopts\" variable, which in turn updates all kernel boot entries.\n\nThe fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users must also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended amount of keystrokes is 256 and more. Less than 256 keystrokes may generate a nonunique key.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.\n\nRHEL 8 utilizes GRUB 2 as the default bootloader. Note that GRUB 2 command-line parameters are defined in the \"kernelopts\" variable of the /boot/grub2/grubenv file for all kernel boot entries. The command \"fips-mode-setup\" modifies the \"kernelopts\" variable, which in turn updates all kernel boot entries.\n\nThe fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users must also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended amount of keystrokes is 256 and more. Less than 256 keystrokes may generate a nonunique key."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system implements DOD-approved encryption to protect the confidentiality of remote access sessions.\n\nCheck to see if FIPS mode is enabled with the following command:\n\n     $ fips-mode-setup --check\n     FIPS mode is enabled\n\nIf FIPS mode is \"enabled\", check to see if the kernel boot parameter is configured for FIPS mode with the following command:\n\n     $ sudo grub2-editenv list | grep fips\n     kernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the kernel boot parameter is configured to use FIPS mode, check to see if the system is in FIPS mode with the following command:\n\n     $ sudo cat /proc/sys/crypto/fips_enabled\n     1\n\nIf FIPS mode is not \"on\", the kernel boot parameter is not configured for FIPS mode, or the system does not have a value of \"1\" for \"fips_enabled\" in \"/proc/sys/crypto\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to implement DOD-approved encryption by following the steps below:\n\nTo enable strict FIPS compliance, the fips=1 kernel option needs to be added to the kernel boot parameters during system installation so key generation is done with FIPS-approved algorithms and continuous monitoring tests in place.\n\nEnable FIPS mode after installation (not strict FIPS-compliant) with the following command:\n\n     $ sudo fips-mode-setup --enable\n\nReboot the system for the changes to take effect."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000033-GPOS-00014",
+            "satisfies": [
+              "SRG-OS-000033-GPOS-00014",
+              "SRG-OS-000125-GPOS-00065",
+              "SRG-OS-000396-GPOS-00176",
+              "SRG-OS-000423-GPOS-00187",
+              "SRG-OS-000478-GPOS-00223"
+            ],
+            "gid": "V-230223",
+            "rid": "SV-230223r928585_rule",
+            "stig_id": "RHEL-08-010020",
+            "fix_id": "F-32867r928584_fix",
+            "cci": [
+              "CCI-000068"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230223' do\n  title 'RHEL 8 must implement NIST FIPS-validated cryptography for the following: To provision digital signatures, to generate cryptographic hashes, and to protect data requiring data-at-rest protections in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.'\n  desc 'Use of weak or untested encryption algorithms undermines the purposes of using encryption to protect data. The operating system must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.\n\nRHEL 8 utilizes GRUB 2 as the default bootloader. Note that GRUB 2 command-line parameters are defined in the \"kernelopts\" variable of the /boot/grub2/grubenv file for all kernel boot entries. The command \"fips-mode-setup\" modifies the \"kernelopts\" variable, which in turn updates all kernel boot entries.\n\nThe fips=1 kernel option needs to be added to the kernel command line during system installation so that key generation is done with FIPS-approved algorithms and continuous monitoring tests in place. Users must also ensure the system has plenty of entropy during the installation process by moving the mouse around, or if no mouse is available, ensuring that many keystrokes are typed. The recommended amount of keystrokes is 256 and more. Less than 256 keystrokes may generate a nonunique key.'\n  desc 'check', 'Verify the operating system implements DOD-approved encryption to protect the confidentiality of remote access sessions.\n\nCheck to see if FIPS mode is enabled with the following command:\n\n     $ fips-mode-setup --check\n     FIPS mode is enabled\n\nIf FIPS mode is \"enabled\", check to see if the kernel boot parameter is configured for FIPS mode with the following command:\n\n     $ sudo grub2-editenv list | grep fips\n     kernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the kernel boot parameter is configured to use FIPS mode, check to see if the system is in FIPS mode with the following command:\n\n     $ sudo cat /proc/sys/crypto/fips_enabled\n     1\n\nIf FIPS mode is not \"on\", the kernel boot parameter is not configured for FIPS mode, or the system does not have a value of \"1\" for \"fips_enabled\" in \"/proc/sys/crypto\", this is a finding.'\n  desc 'fix', 'Configure the operating system to implement DOD-approved encryption by following the steps below:\n\nTo enable strict FIPS compliance, the fips=1 kernel option needs to be added to the kernel boot parameters during system installation so key generation is done with FIPS-approved algorithms and continuous monitoring tests in place.\n\nEnable FIPS mode after installation (not strict FIPS-compliant) with the following command:\n\n     $ sudo fips-mode-setup --enable\n\nReboot the system for the changes to take effect.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-GPOS-00014'\n  tag satisfies: ['SRG-OS-000033-GPOS-00014', 'SRG-OS-000125-GPOS-00065', 'SRG-OS-000396-GPOS-00176', 'SRG-OS-000423-GPOS-00187', 'SRG-OS-000478-GPOS-00223']\n  tag gid: 'V-230223'\n  tag rid: 'SV-230223r928585_rule'\n  tag stig_id: 'RHEL-08-010020'\n  tag fix_id: 'F-32867r928584_fix'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n  tag 'host'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable in a container' do\n      skip 'The host OS controls the FIPS mode settings. The host OS should also be scanned with the applicable OS validation profile.'\n    end\n  elsif input('use_fips') == false\n    impact 0.0\n    describe 'This control is Not Applicable as FIPS is not required for this system' do\n      skip 'This control is Not Applicable as FIPS is not required for this system'\n    end\n  else\n    describe command('fips-mode-setup --check') do\n      its('stdout.strip') { should match(/FIPS mode is enabled/) }\n    end\n\n    grub_config = command('grub2-editenv - list').stdout\n\n    describe parse_config(grub_config) do\n      its('kernelopts') { should match(/fips=1/) }\n    end\n\n    describe file('/proc/sys/crypto/fips_enabled') do\n      its('content.strip') { should cmp '1' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230223.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Command: `fips-mode-setup --check` stdout.strip is expected to match /FIPS mode is enabled/",
+              "run_time": 0.079698,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "expected \"Installation of FIPS modules is not completed.\\nFIPS mode is disabled.\" to match /FIPS mode is enabled/",
+              "resource_class": "command",
+              "resource_params": "[\"fips-mode-setup --check\"]",
+              "resource_id": "Command: `fips-mode-setup --check`"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  kernelopts is expected to match /fips=1/",
+              "run_time": 0.000909,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /fips=1/",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]",
+              "resource_id": "kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File /proc/sys/crypto/fips_enabled content.strip is expected to cmp == \"1\"",
+              "run_time": 0.211785,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "\nexpected: 1\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "file",
+              "resource_params": "[\"/proc/sys/crypto/fips_enabled\"]",
+              "resource_id": "/proc/sys/crypto/fips_enabled"
+            }
+          ]
+        },
+        {
+          "id": "SV-230224",
+          "title": "All RHEL 8 local disk partitions must implement disk encryption",
+          "desc": "RHEL 8 systems handling data requiring \"data at rest\" protections\n    must employ cryptographic mechanisms to prevent unauthorized disclosure and\n    modification of the information at rest.\n\n    Selection of a cryptographic mechanism is based on the need to protect the\nintegrity of organizational information. The strength of the mechanism is\ncommensurate with the security category and/or classification of the\ninformation. Organizations have the flexibility to either encrypt all\ninformation on storage devices (i.e., full disk encryption) or encrypt specific\ndata structures (e.g., files, records, or fields).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "RHEL 8 systems handling data requiring \"data at rest\" protections\n    must employ cryptographic mechanisms to prevent unauthorized disclosure and\n    modification of the information at rest.\n\n    Selection of a cryptographic mechanism is based on the need to protect the\nintegrity of organizational information. The strength of the mechanism is\ncommensurate with the security category and/or classification of the\ninformation. Organizations have the flexibility to either encrypt all\ninformation on storage devices (i.e., full disk encryption) or encrypt specific\ndata structures (e.g., files, records, or fields)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 prevents unauthorized disclosure or modification of all information requiring at-rest protection by using disk encryption.\n\nIf there is a documented and approved reason for not having data-at-rest encryption at the operating system level, such as encryption provided by a hypervisor or a disk storage array in a virtualized environment, this requirement is not applicable.\n\nVerify all system partitions are encrypted with the following command:\n\n     $ sudo blkid\n\n     /dev/mapper/rhel-root:  UUID=\"67b7d7fe-de60-6fd0-befb-e6748cf97743\" TYPE=\"crypto_LUKS\"\n\nEvery persistent disk partition present must be of type \"crypto_LUKS\". If any partitions other than the boot partition or pseudo file systems (such as /proc or /sys) are not type \"crypto_LUKS\", ask the administrator to indicate how the partitions are encrypted.\n\nIf there is no evidence that these partitions are encrypted, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent unauthorized modification of all information at\nrest by using disk encryption.\n\n    Encrypting a partition in an already installed system is more difficult,\n    because existing partitions will need to be resized and changed. To encrypt an\n    entire partition, dedicate a partition for encryption in the partition layout."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000185-GPOS-00079",
+            "satisfies": [
+              "SRG-OS-000185-GPOS-00079",
+              "SRG-OS-000404-GPOS-00183",
+              "SRG-OS-000405-GPOS-00184"
+            ],
+            "gid": "V-230224",
+            "rid": "SV-230224r917864_rule",
+            "stig_id": "RHEL-08-010030",
+            "fix_id": "F-32868r567419_fix",
+            "cci": [
+              "CCI-001199"
+            ],
+            "nist": [
+              "SC-28"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230224' do\n  title 'All RHEL 8 local disk partitions must implement disk encryption'\n  desc 'RHEL 8 systems handling data requiring \"data at rest\" protections\n    must employ cryptographic mechanisms to prevent unauthorized disclosure and\n    modification of the information at rest.\n\n    Selection of a cryptographic mechanism is based on the need to protect the\nintegrity of organizational information. The strength of the mechanism is\ncommensurate with the security category and/or classification of the\ninformation. Organizations have the flexibility to either encrypt all\ninformation on storage devices (i.e., full disk encryption) or encrypt specific\ndata structures (e.g., files, records, or fields).'\n  desc 'check', 'Verify RHEL 8 prevents unauthorized disclosure or modification of all information requiring at-rest protection by using disk encryption.\n\nIf there is a documented and approved reason for not having data-at-rest encryption at the operating system level, such as encryption provided by a hypervisor or a disk storage array in a virtualized environment, this requirement is not applicable.\n\nVerify all system partitions are encrypted with the following command:\n\n     $ sudo blkid\n\n     /dev/mapper/rhel-root:  UUID=\"67b7d7fe-de60-6fd0-befb-e6748cf97743\" TYPE=\"crypto_LUKS\"\n\nEvery persistent disk partition present must be of type \"crypto_LUKS\". If any partitions other than the boot partition or pseudo file systems (such as /proc or /sys) are not type \"crypto_LUKS\", ask the administrator to indicate how the partitions are encrypted.\n\nIf there is no evidence that these partitions are encrypted, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent unauthorized modification of all information at\nrest by using disk encryption.\n\n    Encrypting a partition in an already installed system is more difficult,\n    because existing partitions will need to be resized and changed. To encrypt an\n    entire partition, dedicate a partition for encryption in the partition layout.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000185-GPOS-00079'\n  tag satisfies: ['SRG-OS-000185-GPOS-00079', 'SRG-OS-000404-GPOS-00183', 'SRG-OS-000405-GPOS-00184']\n  tag gid: 'V-230224'\n  tag rid: 'SV-230224r917864_rule'\n  tag stig_id: 'RHEL-08-010030'\n  tag fix_id: 'F-32868r567419_fix'\n  tag cci: ['CCI-001199']\n  tag nist: ['SC-28']\n  tag 'host'\n\n  all_args = command('blkid').stdout.strip.split(\"\\n\").map { |s| s.sub(/^\"(.*)\"$/, '\\1') }\n\n  def describe_and_skip(message)\n    describe message do\n      skip message\n    end\n  end\n\n  # TODO: This should really have a resource\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe_and_skip('Disk Encryption and Data At Rest Implementation is handled on the Container Host')\n  elsif input('data_at_rest_exempt') == true\n    impact 0.0\n    describe_and_skip('Data At Rest Requirements have been set to Not Applicabe by the `data_at_rest_exempt` input.')\n  elsif all_args.empty?\n    # TODO: Determine if this is an NA vs and NR or even a pass\n    describe_and_skip('Command blkid did not return and non-psuedo block devices.')\n  else\n    all_args.each do |args|\n      describe args do\n        it { should match(/\\bcrypto_LUKS\\b/) }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230224.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "/dev/xvda2: LABEL=\"root\" UUID=\"c6ce06eb-ddf1-4629-ad3f-d74d344e36b3\" BLOCK_SIZE=\"512\" TYPE=\"xfs\" PARTUUID=\"6264d520-3fb9-423f-8ab8-7a0a8e3d3562\" is expected to match /\\bcrypto_LUKS\\b/",
+              "run_time": 0.005469,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "expected \"/dev/xvda2: LABEL=\\\"root\\\" UUID=\\\"c6ce06eb-ddf1-4629-ad3f-d74d344e36b3\\\" BLOCK_SIZE=\\\"512\\\" TYPE=\\\"xfs\\\" PARTUUID=\\\"6264d520-3fb9-423f-8ab8-7a0a8e3d3562\\\"\" to match /\\bcrypto_LUKS\\b/",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/dev/xvda2: LABEL=\"root\" UUID=\"c6ce06eb-ddf1-4629-ad3f-d74d344e36b3\" BLOCK_SIZE=\"512\" TYPE=\"xfs\" PARTUUID=\"6264d520-3fb9-423f-8ab8-7a0a8e3d3562\""
+            },
+            {
+              "status": "failed",
+              "code_desc": "/dev/xvda1: PARTUUID=\"fac7f1fb-3e8d-4137-a512-961de09a5549\" is expected to match /\\bcrypto_LUKS\\b/",
+              "run_time": 0.003284,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "expected \"/dev/xvda1: PARTUUID=\\\"fac7f1fb-3e8d-4137-a512-961de09a5549\\\"\" to match /\\bcrypto_LUKS\\b/",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/dev/xvda1: PARTUUID=\"fac7f1fb-3e8d-4137-a512-961de09a5549\""
+            }
+          ]
+        },
+        {
+          "id": "SV-230225",
+          "title": "RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a ssh logon.",
+          "desc": "Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DoD policy. Use the following verbiage for operating systems that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read & consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DoD policy. Use the following verbiage for operating systems that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read & consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "check",
+              "data": "Verify any publicly accessible connection to the operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nCheck for the location of the banner file being used with the following command:\n\n$ sudo grep -ir banner /etc/ssh/sshd_config*\n\nbanner /etc/issue\n\nThis command will return the banner keyword and the name of the file that contains the ssh banner (in this case \"/etc/issue\").\n\nIf the line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.\n\nView the file specified by the banner keyword to check that it matches the text of the Standard Mandatory DoD Notice and Consent Banner:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nIf the system does not display a graphical logon banner or the banner does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding.\n\nIf the text in the file does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the ssh.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment the banner keyword and\nconfigure it to point to a file that will contain the logon banner (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor). An example configuration line is:\n\n    banner /etc/issue\n\n    Either create the file containing the banner or replace the text in the\nfile with the Standard Mandatory DoD Notice and Consent Banner. The\nDoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"\n\n    The SSH service must be restarted for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "satisfies": [
+              "SRG-OS-000023-GPOS-00006",
+              "SRG-OS-000228-GPOS-00088"
+            ],
+            "gid": "V-230225",
+            "rid": "SV-230225r858694_rule",
+            "stig_id": "RHEL-08-010040",
+            "fix_id": "F-32869r567422_fix",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230225' do\n  title 'RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a ssh logon.'\n  desc %q(Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DoD policy. Use the following verbiage for operating systems that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read & consent to terms in IS user agreem't.\")\n  desc 'check', 'Verify any publicly accessible connection to the operating system displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nCheck for the location of the banner file being used with the following command:\n\n$ sudo grep -ir banner /etc/ssh/sshd_config*\n\nbanner /etc/issue\n\nThis command will return the banner keyword and the name of the file that contains the ssh banner (in this case \"/etc/issue\").\n\nIf the line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.\n\nView the file specified by the banner keyword to check that it matches the text of the Standard Mandatory DoD Notice and Consent Banner:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nIf the system does not display a graphical logon banner or the banner does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding.\n\nIf the text in the file does not match the Standard Mandatory DoD Notice and Consent Banner, this is a finding.'\n  desc 'fix', 'Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the ssh.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment the banner keyword and\nconfigure it to point to a file that will contain the logon banner (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor). An example configuration line is:\n\n    banner /etc/issue\n\n    Either create the file containing the banner or replace the text in the\nfile with the Standard Mandatory DoD Notice and Consent Banner. The\nDoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"\n\n    The SSH service must be restarted for changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-230225'\n  tag rid: 'SV-230225r858694_rule'\n  tag stig_id: 'RHEL-08-010040'\n  tag fix_id: 'F-32869r567422_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable - SSH is not installed within containerized RHEL', impact: 0.0) {\n    !virtualization.system.eql?('docker') || file('/etc/ssh/sshd_config').exist?\n  }\n\n  # When Banner is commented, not found, disabled, or the specified file does not exist, this is a finding.\n  banner_file = sshd_config.banner\n\n  # Banner property is commented out.\n  if banner_file.nil?\n    describe 'The SSHD Banner is not set' do\n      subject { banner_file.nil? }\n      it { should be false }\n    end\n  end\n\n  # Banner property is set to \"none\"\n  if !banner_file.nil? && !banner_file.match(/none/i).nil?\n    describe 'The SSHD Banner is disabled' do\n      subject { banner_file.match(/none/i).nil? }\n      it { should be true }\n    end\n  end\n\n  # Banner property provides a path to a file, however, it does not exist.\n  if !banner_file.nil? && banner_file.match(/none/i).nil? && !file(banner_file).exist?\n    describe 'The SSHD Banner is set, but, the file does not exist' do\n      subject { file(banner_file).exist? }\n      it { should be true }\n    end\n  end\n\n  # Banner property provides a path to a file and it exists.\n  next unless !banner_file.nil? && banner_file.match(/none/i).nil? && file(banner_file).exist?\n\n  banner = file(banner_file).content.gsub(/[\\r\\n\\s]/, '')\n  expected_banner = input('banner_message_text_ral').gsub(/[\\r\\n\\s]/, '')\n\n  describe 'The SSHD Banner' do\n    it 'is set to the standard banner and has the correct text' do\n      expect(banner).to eq(expected_banner), 'Banner does not match expected text'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230225.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The SSHD Banner is set to the standard banner and has the correct text",
+              "run_time": 0.000521,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The SSHD Banner"
+            }
+          ]
+        },
+        {
+          "id": "SV-230226",
+          "title": "RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a graphical\nuser logon.",
+          "desc": "Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\""
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the operating system via a graphical user logon.\n\nNote: This requirement assumes the use of the RHEL 8 default graphical user interface, Gnome Shell. If the system does not have any graphical user interface installed, this requirement is Not Applicable.\n\nCheck that the operating system displays the exact Standard Mandatory DoD Notice and Consent Banner text with the command:\n\n$ sudo grep banner-message-text /etc/dconf/db/local.d/*\n\nbanner-message-text=\n'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nIf the banner does not match the Standard Mandatory DoD Notice and Consent Banner exactly, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nNote: If the system does not have a graphical user interface installed, this requirement is Not Applicable.\n\nAdd the following lines to the [org/gnome/login-screen] section of the \"/etc/dconf/db/local.d/01-banner-message\":\n\nbanner-message-text='You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nRun the following command to update the database:\n\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "satisfies": [
+              "SRG-OS-000023-GPOS-00006",
+              "SRG-OS-000228-GPOS-00088"
+            ],
+            "gid": "V-230226",
+            "rid": "SV-230226r743916_rule",
+            "stig_id": "RHEL-08-010050",
+            "fix_id": "F-32870r743915_fix",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230226' do\n  title 'RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a graphical\nuser logon.'\n  desc 'Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"'\n  desc 'check', %q(Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner before granting access to the operating system via a graphical user logon.\n\nNote: This requirement assumes the use of the RHEL 8 default graphical user interface, Gnome Shell. If the system does not have any graphical user interface installed, this requirement is Not Applicable.\n\nCheck that the operating system displays the exact Standard Mandatory DoD Notice and Consent Banner text with the command:\n\n$ sudo grep banner-message-text /etc/dconf/db/local.d/*\n\nbanner-message-text=\n'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nIf the banner does not match the Standard Mandatory DoD Notice and Consent Banner exactly, this is a finding.)\n  desc 'fix', %q(Configure the operating system to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system.\n\nNote: If the system does not have a graphical user interface installed, this requirement is Not Applicable.\n\nAdd the following lines to the [org/gnome/login-screen] section of the \"/etc/dconf/db/local.d/01-banner-message\":\n\nbanner-message-text='You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n-At any time, the USG may inspect and seize data stored on this IS.\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details. '\n\nNote: The \"\\n \" characters are for formatting only. They will not be displayed on the graphical interface.\n\nRun the following command to update the database:\n\n    $ sudo dconf update)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-230226'\n  tag rid: 'SV-230226r743916_rule'\n  tag stig_id: 'RHEL-08-010050'\n  tag fix_id: 'F-32870r743915_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host', 'container'\n\n  only_if(\"The system does not have GNOME installed; this requirement is Not\n        Applicable.\", impact: 0.0) { package('gnome-desktop3').installed? }\n\n  banner = command('grep ^banner-message-text /etc/dconf/db/local.d/*').stdout.gsub(/[\\r\\n\\s]/, '')\n  expected_banner = input('banner_message_text_gui').gsub(/[\\r\\n\\s]/, '')\n\n  describe 'The GUI Banner ' do\n    it 'is set to the standard banner and has the correct text' do\n      expect(banner).to eq(expected_banner), 'Banner does not match expected text'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230226.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 4.7e-05,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: The system does not have GNOME installed; this requirement is Not\n        Applicable.",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-230227",
+          "title": "RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a command line\nuser logon.",
+          "desc": "Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\""
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner\nbefore granting access to the operating system via a command line user logon.\n\n    Check that RHEL 8 displays a banner at the command line login screen with\nthe following command:\n\n    $ sudo cat /etc/issue\n\n    If the banner is set correctly it will return the following text:\n\n    “You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.”\n\n    If the banner text does not match the Standard Mandatory DoD Notice and\nConsent Banner exactly, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to display the Standard Mandatory DoD Notice and Consent\nBanner before granting access to the system via command line logon.\n\n    Edit the \"/etc/issue\" file to replace the default text with the Standard\nMandatory DoD Notice and Consent Banner. The DoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests -- not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "satisfies": [
+              "SRG-OS-000023-GPOS-00006",
+              "SRG-OS-000228-GPOS-00088"
+            ],
+            "gid": "V-230227",
+            "rid": "SV-230227r627750_rule",
+            "stig_id": "RHEL-08-010060",
+            "fix_id": "F-32871r567428_fix",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230227' do\n  title 'RHEL 8 must display the Standard Mandatory DoD Notice and Consent\nBanner before granting local or remote access to the system via a command line\nuser logon.'\n  desc 'Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"'\n  desc 'check', 'Verify RHEL 8 displays the Standard Mandatory DoD Notice and Consent Banner\nbefore granting access to the operating system via a command line user logon.\n\n    Check that RHEL 8 displays a banner at the command line login screen with\nthe following command:\n\n    $ sudo cat /etc/issue\n\n    If the banner is set correctly it will return the following text:\n\n    “You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.”\n\n    If the banner text does not match the Standard Mandatory DoD Notice and\nConsent Banner exactly, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to display the Standard Mandatory DoD Notice and Consent\nBanner before granting access to the system via command line logon.\n\n    Edit the \"/etc/issue\" file to replace the default text with the Standard\nMandatory DoD Notice and Consent Banner. The DoD-required text is:\n\n    \"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests -- not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-230227'\n  tag rid: 'SV-230227r627750_rule'\n  tag stig_id: 'RHEL-08-010060'\n  tag fix_id: 'F-32871r567428_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  banner_file = file('/etc/issue')\n\n  describe banner_file do\n    it { should exist }\n  end\n\n  if banner_file.exist?\n\n    banner = banner_file.content.gsub(/[\\r\\n\\s]/, '')\n    expected_banner = input('banner_message_text_cli').gsub(/[\\r\\n\\s]/, '')\n\n    describe 'The CLI Login Banner ' do\n      it 'is set to the standard banner and has the correct text' do\n        expect(banner).to eq(expected_banner), 'Banner does not match expected text'\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230227.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /etc/issue is expected to exist",
+              "run_time": 0.008627,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/issue\"]",
+              "resource_id": "/etc/issue"
+            },
+            {
+              "status": "passed",
+              "code_desc": "The CLI Login Banner  is set to the standard banner and has the correct text",
+              "run_time": 9.1e-05,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The CLI Login Banner"
+            }
+          ]
+        },
+        {
+          "id": "SV-230228",
+          "title": "All RHEL 8 remote access methods must be monitored.",
+          "desc": "Remote access services, such as those providing remote access to\nnetwork devices and information systems, which lack automated monitoring\ncapabilities, increase risk and make remote user access management difficult at\nbest.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    Automated monitoring of remote access sessions allows organizations to\ndetect cyber attacks and ensure ongoing compliance with remote access policies\nby auditing connection activities of remote access capabilities, such as Remote\nDesktop Protocol (RDP), on a variety of information system components (e.g.,\nservers, workstations, notebook computers, smartphones, and tablets).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Remote access services, such as those providing remote access to\nnetwork devices and information systems, which lack automated monitoring\ncapabilities, increase risk and make remote user access management difficult at\nbest.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    Automated monitoring of remote access sessions allows organizations to\ndetect cyber attacks and ensure ongoing compliance with remote access policies\nby auditing connection activities of remote access capabilities, such as Remote\nDesktop Protocol (RDP), on a variety of information system components (e.g.,\nservers, workstations, notebook computers, smartphones, and tablets)."
+            },
+            {
+              "label": "check",
+              "data": "Verify that RHEL 8 monitors all remote access methods.\n\n    Check that remote access methods are being logged by running the following\ncommand:\n\n    $ sudo grep -E '(auth.*|authpriv.*|daemon.*)' /etc/rsyslog.conf\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    If \"auth.*\", \"authpriv.*\" or \"daemon.*\" are not configured to be\nlogged, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to monitor all remote access methods by installing rsyslog\nwith the following command:\n\n    $ sudo yum install rsyslog\n\n    Then add or update the following lines to the \"/etc/rsyslog.conf\" file:\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    The \"rsyslog\" service must be restarted for the changes to take effect.\nTo restart the \"rsyslog\" service, run the following command:\n\n    $ sudo systemctl restart rsyslog.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000032-GPOS-00013",
+            "gid": "V-230228",
+            "rid": "SV-230228r627750_rule",
+            "stig_id": "RHEL-08-010070",
+            "fix_id": "F-32872r567431_fix",
+            "cci": [
+              "CCI-000067"
+            ],
+            "nist": [
+              "AC-17 (1)"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230228' do\n  title 'All RHEL 8 remote access methods must be monitored.'\n  desc 'Remote access services, such as those providing remote access to\nnetwork devices and information systems, which lack automated monitoring\ncapabilities, increase risk and make remote user access management difficult at\nbest.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    Automated monitoring of remote access sessions allows organizations to\ndetect cyber attacks and ensure ongoing compliance with remote access policies\nby auditing connection activities of remote access capabilities, such as Remote\nDesktop Protocol (RDP), on a variety of information system components (e.g.,\nservers, workstations, notebook computers, smartphones, and tablets).'\n  desc 'check', %q(Verify that RHEL 8 monitors all remote access methods.\n\n    Check that remote access methods are being logged by running the following\ncommand:\n\n    $ sudo grep -E '(auth.*|authpriv.*|daemon.*)' /etc/rsyslog.conf\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    If \"auth.*\", \"authpriv.*\" or \"daemon.*\" are not configured to be\nlogged, this is a finding.)\n  desc 'fix', 'Configure RHEL 8 to monitor all remote access methods by installing rsyslog\nwith the following command:\n\n    $ sudo yum install rsyslog\n\n    Then add or update the following lines to the \"/etc/rsyslog.conf\" file:\n\n    auth.*;authpriv.*;daemon.* /var/log/secure\n\n    The \"rsyslog\" service must be restarted for the changes to take effect.\nTo restart the \"rsyslog\" service, run the following command:\n\n    $ sudo systemctl restart rsyslog.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000032-GPOS-00013'\n  tag gid: 'V-230228'\n  tag rid: 'SV-230228r627750_rule'\n  tag stig_id: 'RHEL-08-010070'\n  tag fix_id: 'F-32872r567431_fix'\n  tag cci: ['CCI-000067']\n  tag nist: ['AC-17 (1)']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable; remote access not configured within containerized RHEL', impact: 0.0) {\n    !(virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?)\n  }\n\n  rsyslog = file('/etc/rsyslog.conf')\n\n  describe rsyslog do\n    it { should exist }\n  end\n\n  if rsyslog.exist?\n\n    auth_pattern = %r{^\\s*[a-z.;*]*auth(,[a-z,]+)*\\.\\*\\s*/*}\n    authpriv_pattern = %r{^\\s*[a-z.;*]*authpriv(,[a-z,]+)*\\.\\*\\s*/*}\n    daemon_pattern = %r{^\\s*[a-z.;*]*daemon(,[a-z,]+)*\\.\\*\\s*/*}\n\n    rsyslog_conf = command('grep -E \\'(auth.*|authpriv.*|daemon.*)\\' /etc/rsyslog.conf')\n\n    describe 'Logged remote access methods' do\n      it 'should include auth.*' do\n        expect(rsyslog_conf.stdout).to match(auth_pattern), 'auth.* not configured for logging'\n      end\n      it 'should include authpriv.*' do\n        expect(rsyslog_conf.stdout).to match(authpriv_pattern), 'authpriv.* not configured for logging'\n      end\n      it 'should include daemon.*' do\n        expect(rsyslog_conf.stdout).to match(daemon_pattern), 'daemon.* not configured for logging'\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230228.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /etc/rsyslog.conf is expected to exist",
+              "run_time": 6.1e-05,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/rsyslog.conf\"]",
+              "resource_id": "/etc/rsyslog.conf"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Logged remote access methods should include auth.*",
+              "run_time": 0.103051,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Logged remote access methods"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Logged remote access methods should include authpriv.*",
+              "run_time": 0.000145,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Logged remote access methods"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Logged remote access methods should include daemon.*",
+              "run_time": 8.8e-05,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Logged remote access methods"
+            }
+          ]
+        },
+        {
+          "id": "SV-230229",
+          "title": "RHEL 8, for PKI-based authentication, must validate certificates by\nconstructing a certification path (which includes status information) to an\naccepted trust anchor.",
+          "desc": "Without path validation, an informed trust decision by the relying\nparty cannot be made when presented with any certificate not already explicitly\ntrusted.\n\n  A trust anchor is an authoritative entity represented via a public key and\nassociated data. It is used in the context of public key infrastructures, X.509\ndigital certificates, and DNSSEC.\n\n  When there is a chain of trust, usually the top entity to be trusted\nbecomes the trust anchor; it can be, for example, a Certification Authority\n(CA). A certification path starts with the subject certificate and proceeds\nthrough a number of intermediate certificates up to a trusted root certificate,\ntypically issued by a trusted CA.\n\n    This requirement verifies that a certification path to an accepted trust\nanchor is used for certificate validation and that the path includes status\ninformation. Path validation is necessary for a relying party to make an\ninformed trust decision when presented with any certificate not already\nexplicitly trusted. Status information for certification paths includes\ncertificate revocation lists or online certificate status protocol responses.\nValidation of the certificate status information is out of scope for this\nrequirement.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without path validation, an informed trust decision by the relying\nparty cannot be made when presented with any certificate not already explicitly\ntrusted.\n\n  A trust anchor is an authoritative entity represented via a public key and\nassociated data. It is used in the context of public key infrastructures, X.509\ndigital certificates, and DNSSEC.\n\n  When there is a chain of trust, usually the top entity to be trusted\nbecomes the trust anchor; it can be, for example, a Certification Authority\n(CA). A certification path starts with the subject certificate and proceeds\nthrough a number of intermediate certificates up to a trusted root certificate,\ntypically issued by a trusted CA.\n\n    This requirement verifies that a certification path to an accepted trust\nanchor is used for certificate validation and that the path includes status\ninformation. Path validation is necessary for a relying party to make an\ninformed trust decision when presented with any certificate not already\nexplicitly trusted. Status information for certification paths includes\ncertificate revocation lists or online certificate status protocol responses.\nValidation of the certificate status information is out of scope for this\nrequirement."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 for PKI-based authentication has valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck that the system has a valid DoD root CA installed with the following command:\n\n$ sudo openssl x509 -text -in /etc/sssd/pki/sssd_auth_ca_db.pem\n\nCertificate:\n   Data:\n      Version: 3 (0x2)\n      Serial Number: 1 (0x1)\n      Signature Algorithm: sha256WithRSAEncryption\n      Issuer: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Validity\n         Not Before: Mar 20 18:46:41 2012 GMT\n         Not After   : Dec 30 18:46:41 2029 GMT\n      Subject: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Subject Public Key Info:\n         Public Key Algorithm: rsaEncryption\n\nIf the root ca file is not a DoD-issued certificate with a valid date and installed in the /etc/sssd/pki/sssd_auth_ca_db.pem location, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8, for PKI-based authentication, to validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nObtain a valid copy of the DoD root CA file from the PKI CA certificate bundle at cyber.mil and copy into the following file:\n\n/etc/sssd/pki/sssd_auth_ca_db.pem"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000066-GPOS-00034",
+            "satisfies": [
+              "SRG-OS-000066-GPOS-00034",
+              "SRG-OS-000384-GPOS-00167"
+            ],
+            "gid": "V-230229",
+            "rid": "SV-230229r858739_rule",
+            "stig_id": "RHEL-08-010090",
+            "fix_id": "F-32873r809269_fix",
+            "cci": [
+              "CCI-000185"
+            ],
+            "nist": [
+              "IA-5 (2) (a)",
+              "IA-5 (2) (b) (1)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230229' do\n  title 'RHEL 8, for PKI-based authentication, must validate certificates by\nconstructing a certification path (which includes status information) to an\naccepted trust anchor.'\n  desc 'Without path validation, an informed trust decision by the relying\nparty cannot be made when presented with any certificate not already explicitly\ntrusted.\n\n  A trust anchor is an authoritative entity represented via a public key and\nassociated data. It is used in the context of public key infrastructures, X.509\ndigital certificates, and DNSSEC.\n\n  When there is a chain of trust, usually the top entity to be trusted\nbecomes the trust anchor; it can be, for example, a Certification Authority\n(CA). A certification path starts with the subject certificate and proceeds\nthrough a number of intermediate certificates up to a trusted root certificate,\ntypically issued by a trusted CA.\n\n    This requirement verifies that a certification path to an accepted trust\nanchor is used for certificate validation and that the path includes status\ninformation. Path validation is necessary for a relying party to make an\ninformed trust decision when presented with any certificate not already\nexplicitly trusted. Status information for certification paths includes\ncertificate revocation lists or online certificate status protocol responses.\nValidation of the certificate status information is out of scope for this\nrequirement.'\n  desc 'check', 'Verify RHEL 8 for PKI-based authentication has valid certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck that the system has a valid DoD root CA installed with the following command:\n\n$ sudo openssl x509 -text -in /etc/sssd/pki/sssd_auth_ca_db.pem\n\nCertificate:\n   Data:\n      Version: 3 (0x2)\n      Serial Number: 1 (0x1)\n      Signature Algorithm: sha256WithRSAEncryption\n      Issuer: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Validity\n         Not Before: Mar 20 18:46:41 2012 GMT\n         Not After   : Dec 30 18:46:41 2029 GMT\n      Subject: C = US, O = U.S. Government, OU = DoD, OU = PKI, CN = DoD Root CA 3\n      Subject Public Key Info:\n         Public Key Algorithm: rsaEncryption\n\nIf the root ca file is not a DoD-issued certificate with a valid date and installed in the /etc/sssd/pki/sssd_auth_ca_db.pem location, this is a finding.'\n  desc 'fix', 'Configure RHEL 8, for PKI-based authentication, to validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.\n\nObtain a valid copy of the DoD root CA file from the PKI CA certificate bundle at cyber.mil and copy into the following file:\n\n/etc/sssd/pki/sssd_auth_ca_db.pem'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000066-GPOS-00034'\n  tag satisfies: ['SRG-OS-000066-GPOS-00034', 'SRG-OS-000384-GPOS-00167']\n  tag gid: 'V-230229'\n  tag rid: 'SV-230229r858739_rule'\n  tag stig_id: 'RHEL-08-010090'\n  tag fix_id: 'F-32873r809269_fix'\n  tag cci: ['CCI-000185']\n  tag nist: ['IA-5 (2) (a)', 'IA-5 (2) (b) (1)']\n  tag 'host', 'container'\n\n  only_if('If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.', impact: 0.0) {\n    !input('smart_card_enabled')\n  }\n\n  root_ca_file = input('root_ca_file')\n  describe file(root_ca_file) do\n    it { should exist }\n  end\n\n  describe 'Ensure the RootCA is a DoD-issued certificate with a valid date' do\n    if file(root_ca_file).exist?\n      subject { x509_certificate(root_ca_file) }\n      it 'has the correct issuer_dn' do\n        expect(subject.issuer_dn).to match('/C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DoD Root CA 3')\n      end\n      it 'has the correct subject_dn' do\n        expect(subject.subject_dn).to match('/C=US/O=U.S. Government/OU=DoD/OU=PKI/CN=DoD Root CA 3')\n      end\n      it 'is valid' do\n        expect(subject.validity_in_days).to be > 0\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230229.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File /etc/sssd/pki/sssd_auth_ca_db.pem is expected to exist",
+              "run_time": 0.000463,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "expected File /etc/sssd/pki/sssd_auth_ca_db.pem to exist",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sssd/pki/sssd_auth_ca_db.pem\"]",
+              "resource_id": "/etc/sssd/pki/sssd_auth_ca_db.pem"
+            }
+          ]
+        },
+        {
+          "id": "SV-230230",
+          "title": "RHEL 8, for certificate-based authentication, must enforce authorized\naccess to the corresponding private key.",
+          "desc": "If an unauthorized user obtains access to a private key without a\npasscode, that user would have unauthorized access to any system where the\nassociated public key has been installed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an unauthorized user obtains access to a private key without a\npasscode, that user would have unauthorized access to any system where the\nassociated public key has been installed."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH private key files have a passcode.\n\nFor each private key stored on the system, use the following command:\n\n$ sudo ssh-keygen -y -f /path/to/file\n\nIf the contents of the key are displayed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Create a new private and public key pair that utilizes a passcode with the\nfollowing command:\n\n    $ sudo ssh-keygen -n [passphrase]"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000067-GPOS-00035",
+            "gid": "V-230230",
+            "rid": "SV-230230r627750_rule",
+            "stig_id": "RHEL-08-010100",
+            "fix_id": "F-32874r567437_fix",
+            "cci": [
+              "CCI-000186"
+            ],
+            "nist": [
+              "IA-5 (2) (b)",
+              "IA-5 (2) (a) (1)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230230' do\n  title 'RHEL 8, for certificate-based authentication, must enforce authorized\naccess to the corresponding private key.'\n  desc 'If an unauthorized user obtains access to a private key without a\npasscode, that user would have unauthorized access to any system where the\nassociated public key has been installed.'\n  desc 'check', 'Verify the SSH private key files have a passcode.\n\nFor each private key stored on the system, use the following command:\n\n$ sudo ssh-keygen -y -f /path/to/file\n\nIf the contents of the key are displayed, this is a finding.'\n  desc 'fix', 'Create a new private and public key pair that utilizes a passcode with the\nfollowing command:\n\n    $ sudo ssh-keygen -n [passphrase]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000067-GPOS-00035'\n  tag gid: 'V-230230'\n  tag rid: 'SV-230230r627750_rule'\n  tag stig_id: 'RHEL-08-010100'\n  tag fix_id: 'F-32874r567437_fix'\n  tag cci: ['CCI-000186']\n  tag nist: ['IA-5 (2) (b)', 'IA-5 (2) (a) (1)']\n  tag 'host'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'N/A' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('private_key_files').empty?\n    impact 0.0\n    describe 'N/A' do\n      skip 'No private key files were given in the input, this control is Not Applicable'\n    end\n  elsif input('private_key_files').map { |kf| file(kf).exist? }.uniq.first == false\n    describe 'no files found' do\n      skip 'No private key files given in the input were found on the system; please check the input accurately lists all private keys on this system'\n    end\n  else\n    passwordless_keys = input('private_key_files').select { |kf|\n      file(kf).exist? &&\n        !inspec.command(\"ssh-keygen -y -P '' -f #{kf}\").stderr.match('incorrect passphrase supplied to decrypt private key')\n    }\n    describe 'Private key files' do\n      it 'should all have passwords set' do\n        expect(passwordless_keys).to be_empty, \"Passwordless key files:\\n\\t- #{passwordless_keys.join(\"\\n\\t- \")}\"\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230230.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "N/A",
+              "run_time": 1.0e-05,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource": "",
+              "skip_message": "No private key files were given in the input, this control is Not Applicable",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "N/A"
+            }
+          ]
+        },
+        {
+          "id": "SV-230231",
+          "title": "RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved\ncryptographic hashing algorithm.",
+          "desc": "Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised.\n\n    Unapproved mechanisms that are used for authentication to the cryptographic\nmodule are not verified and therefore cannot be relied upon to provide\nconfidentiality or integrity, and DoD data may be compromised.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised.\n\n    Unapproved mechanisms that are used for authentication to the cryptographic\nmodule are not verified and therefore cannot be relied upon to provide\nconfidentiality or integrity, and DoD data may be compromised.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the shadow password suite configuration is set to encrypt\npassword with a FIPS 140-2 approved cryptographic hashing algorithm.\n\n    Check the hashing algorithm that is being used to hash passwords with the\nfollowing command:\n\n    $ sudo grep -i crypt /etc/login.defs\n\n    ENCRYPT_METHOD SHA512\n\n    If \"ENCRYPT_METHOD\" does not equal SHA512 or greater, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to encrypt all stored passwords.\n\n    Edit/Modify the following line in the \"/etc/login.defs\" file and set\n\"[ENCRYPT_METHOD]\" to SHA512.\n\n    ENCRYPT_METHOD SHA512"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000073-GPOS-00041",
+            "gid": "V-230231",
+            "rid": "SV-230231r877397_rule",
+            "stig_id": "RHEL-08-010110",
+            "fix_id": "F-32875r567440_fix",
+            "cci": [
+              "CCI-000196"
+            ],
+            "nist": [
+              "IA-5 (1) (c)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230231' do\n  title 'RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved\ncryptographic hashing algorithm.'\n  desc 'Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised.\n\n    Unapproved mechanisms that are used for authentication to the cryptographic\nmodule are not verified and therefore cannot be relied upon to provide\nconfidentiality or integrity, and DoD data may be compromised.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD requirements.'\n  desc 'check', 'Verify that the shadow password suite configuration is set to encrypt\npassword with a FIPS 140-2 approved cryptographic hashing algorithm.\n\n    Check the hashing algorithm that is being used to hash passwords with the\nfollowing command:\n\n    $ sudo grep -i crypt /etc/login.defs\n\n    ENCRYPT_METHOD SHA512\n\n    If \"ENCRYPT_METHOD\" does not equal SHA512 or greater, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to encrypt all stored passwords.\n\n    Edit/Modify the following line in the \"/etc/login.defs\" file and set\n\"[ENCRYPT_METHOD]\" to SHA512.\n\n    ENCRYPT_METHOD SHA512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000073-GPOS-00041'\n  tag gid: 'V-230231'\n  tag rid: 'SV-230231r877397_rule'\n  tag stig_id: 'RHEL-08-010110'\n  tag fix_id: 'F-32875r567440_fix'\n  tag cci: ['CCI-000196']\n  tag nist: ['IA-5 (1) (c)']\n  tag 'host', 'container'\n\n  describe login_defs do\n    its('ENCRYPT_METHOD') { should cmp 'SHA512' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230231.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "login.defs ENCRYPT_METHOD is expected to cmp == \"SHA512\"",
+              "run_time": 0.000623,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "login_defs",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs"
+            }
+          ]
+        },
+        {
+          "id": "SV-230232",
+          "title": "RHEL 8 must employ FIPS 140-2 approved cryptographic hashing\nalgorithms for all stored passwords.",
+          "desc": "The system must use a strong hashing algorithm to store the password.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The system must use a strong hashing algorithm to store the password.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised."
+            },
+            {
+              "label": "check",
+              "data": "Confirm that the interactive user account passwords are using a strong\npassword hash with the following command:\n\n    $ sudo cut -d: -f2 /etc/shadow\n\n\n$6$kcOnRq/5$NUEYPuyL.wghQwWssXRcLRFiiru7f5JPV6GaJhNC2aK5F3PZpE/BCCtwrxRc/AInKMNX3CdMw11m9STiql12f/\n\n    Password hashes \"!\" or \"*\" indicate inactive accounts not available for\nlogon and are not evaluated. If any interactive user password hash does not\nbegin with \"$6$\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Lock all interactive user accounts not using SHA-512 hashing\nuntil the passwords can be regenerated with SHA-512."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000073-GPOS-00041",
+            "gid": "V-230232",
+            "rid": "SV-230232r877397_rule",
+            "stig_id": "RHEL-08-010120",
+            "fix_id": "F-32876r567443_fix",
+            "cci": [
+              "CCI-000196"
+            ],
+            "nist": [
+              "IA-5 (1) (c)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230232' do\n  title 'RHEL 8 must employ FIPS 140-2 approved cryptographic hashing\nalgorithms for all stored passwords.'\n  desc 'The system must use a strong hashing algorithm to store the password.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.'\n  desc 'check', 'Confirm that the interactive user account passwords are using a strong\npassword hash with the following command:\n\n    $ sudo cut -d: -f2 /etc/shadow\n\n\n$6$kcOnRq/5$NUEYPuyL.wghQwWssXRcLRFiiru7f5JPV6GaJhNC2aK5F3PZpE/BCCtwrxRc/AInKMNX3CdMw11m9STiql12f/\n\n    Password hashes \"!\" or \"*\" indicate inactive accounts not available for\nlogon and are not evaluated. If any interactive user password hash does not\nbegin with \"$6$\", this is a finding.'\n  desc 'fix', 'Lock all interactive user accounts not using SHA-512 hashing\nuntil the passwords can be regenerated with SHA-512.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000073-GPOS-00041'\n  tag gid: 'V-230232'\n  tag rid: 'SV-230232r877397_rule'\n  tag stig_id: 'RHEL-08-010120'\n  tag fix_id: 'F-32876r567443_fix'\n  tag cci: ['CCI-000196']\n  tag nist: ['IA-5 (1) (c)']\n  tag 'host', 'container'\n\n  weak_pw_hash_users = inspec.shadow.where { password !~ /^[*!]{1,2}.*$|^\\$6\\$.*$|^$/ }.users\n\n  describe 'All stored passwords' do\n    it 'should only be hashed with the SHA512 algorithm' do\n      message = \"Users without SHA512 hashes:\\n\\t- #{weak_pw_hash_users.join(\"\\n\\t- \")}\"\n      expect(weak_pw_hash_users).to be_empty, message\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230232.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "All stored passwords should only be hashed with the SHA512 algorithm",
+              "run_time": 0.013428,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All stored passwords"
+            }
+          ]
+        },
+        {
+          "id": "SV-230233",
+          "title": "The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.",
+          "desc": "The system must use a strong hashing algorithm to store the password.\nThe system must use a sufficient number of hashing rounds to ensure the\nrequired level of entropy.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The system must use a strong hashing algorithm to store the password.\nThe system must use a sufficient number of hashing rounds to ensure the\nrequired level of entropy.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised."
+            },
+            {
+              "label": "check",
+              "data": "Check that a minimum number of hash rounds is configured by running the following command:\n\n     $ sudo grep -E \"^SHA_CRYPT_\" /etc/login.defs\n\nIf only one of \"SHA_CRYPT_MIN_ROUNDS\" or \"SHA_CRYPT_MAX_ROUNDS\" is set, and this value is below \"5000\", this is a finding.\n\nIf both \"SHA_CRYPT_MIN_ROUNDS\" and \"SHA_CRYPT_MAX_ROUNDS\" are set, and the highest value for either is below \"5000\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to encrypt all stored passwords with a strong cryptographic hash.\n\nEdit/modify the following line in the \"/etc/login.defs\" file and set \"SHA_CRYPT_MIN_ROUNDS\" to a value no lower than \"5000\":\n\nSHA_CRYPT_MIN_ROUNDS 5000"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000073-GPOS-00041",
+            "gid": "V-230233",
+            "rid": "SV-230233r880705_rule",
+            "stig_id": "RHEL-08-010130",
+            "fix_id": "F-32877r809272_fix",
+            "cci": [
+              "CCI-000196"
+            ],
+            "nist": [
+              "IA-5 (1) (c)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230233' do\n  title 'The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds.'\n  desc 'The system must use a strong hashing algorithm to store the password.\nThe system must use a sufficient number of hashing rounds to ensure the\nrequired level of entropy.\n\n    Passwords need to be protected at all times, and encryption is the standard\nmethod for protecting passwords. If passwords are not encrypted, they can be\nplainly read (i.e., clear text) and easily compromised.'\n  desc 'check', 'Check that a minimum number of hash rounds is configured by running the following command:\n\n     $ sudo grep -E \"^SHA_CRYPT_\" /etc/login.defs\n\nIf only one of \"SHA_CRYPT_MIN_ROUNDS\" or \"SHA_CRYPT_MAX_ROUNDS\" is set, and this value is below \"5000\", this is a finding.\n\nIf both \"SHA_CRYPT_MIN_ROUNDS\" and \"SHA_CRYPT_MAX_ROUNDS\" are set, and the highest value for either is below \"5000\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to encrypt all stored passwords with a strong cryptographic hash.\n\nEdit/modify the following line in the \"/etc/login.defs\" file and set \"SHA_CRYPT_MIN_ROUNDS\" to a value no lower than \"5000\":\n\nSHA_CRYPT_MIN_ROUNDS 5000'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000073-GPOS-00041'\n  tag gid: 'V-230233'\n  tag rid: 'SV-230233r880705_rule'\n  tag stig_id: 'RHEL-08-010130'\n  tag fix_id: 'F-32877r809272_fix'\n  tag cci: ['CCI-000196']\n  tag nist: ['IA-5 (1) (c)']\n  tag 'host', 'container'\n\n  describe login_defs do\n    its('SHA_CRYPT_MIN_ROUNDS') { should cmp >= input('sha_crypt_min_rounds') }\n    its('SHA_CRYPT_MAX_ROUNDS') { should cmp >= input('sha_crypt_max_rounds') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230233.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "login.defs SHA_CRYPT_MIN_ROUNDS is expected to cmp >= 5000",
+              "run_time": 0.000797,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "\nexpected it to be >= 5000\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "login_defs",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs"
+            },
+            {
+              "status": "failed",
+              "code_desc": "login.defs SHA_CRYPT_MAX_ROUNDS is expected to cmp >= 5000",
+              "run_time": 0.00022,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "message": "\nexpected it to be >= 5000\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "login_defs",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs"
+            }
+          ]
+        },
+        {
+          "id": "SV-230234",
+          "title": "RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require authentication upon booting into single-user mode\nand maintenance.",
+          "desc": "If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu."
+            },
+            {
+              "label": "check",
+              "data": "For systems that use BIOS, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use UEFI, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/efi/EFI/redhat/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "gid": "V-230234",
+            "rid": "SV-230234r743922_rule",
+            "stig_id": "RHEL-08-010140",
+            "fix_id": "F-32878r743921_fix",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230234' do\n  title 'RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require authentication upon booting into single-user mode\nand maintenance.'\n  desc 'If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.'\n  desc 'check', 'For systems that use BIOS, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use UEFI, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding.'\n  desc 'fix', 'Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/efi/EFI/redhat/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-230234'\n  tag rid: 'SV-230234r743922_rule'\n  tag stig_id: 'RHEL-08-010140'\n  tag fix_id: 'F-32878r743921_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if file('/sys/firmware/efi').exist?\n    input('grub_uefi_user_boot_files').each do |grub_user_file|\n      describe parse_config_file(grub_user_file) do\n        its('GRUB2_PASSWORD') { should include 'grub.pbkdf2.sha512' }\n      end\n    end\n  else\n    impact 0.0\n    describe 'System running BIOS' do\n      skip 'The System is running BIOS, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230234.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "System running BIOS",
+              "run_time": 8.0e-06,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource": "",
+              "skip_message": "The System is running BIOS, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System running BIOS"
+            }
+          ]
+        },
+        {
+          "id": "SV-230235",
+          "title": "RHEL 8 operating systems booted with a BIOS must require\nauthentication upon booting into single-user and maintenance modes.",
+          "desc": "If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu."
+            },
+            {
+              "label": "check",
+              "data": "For systems that use UEFI, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use a BIOS, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/grub2/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/grub2/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "gid": "V-230235",
+            "rid": "SV-230235r743925_rule",
+            "stig_id": "RHEL-08-010150",
+            "fix_id": "F-32879r743924_fix",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230235' do\n  title 'RHEL 8 operating systems booted with a BIOS must require\nauthentication upon booting into single-user and maintenance modes.'\n  desc 'If the system does not require valid authentication before it boots\ninto single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 8 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.'\n  desc 'check', 'For systems that use UEFI, this is Not Applicable.\n\n    Check to see if an encrypted grub superusers password is set. On systems\nthat use a BIOS, use the following command:\n\n    $ sudo grep -iw grub2_password /boot/grub2/user.cfg\n\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the grub superusers password does not begin with \"grub.pbkdf2.sha512\",\nthis is a finding.'\n  desc 'fix', 'Configure the system to require a grub bootloader password for the grub\nsuperusers account with the grub2-setpassword command, which creates/overwrites\nthe /boot/grub2/user.cfg file.\n\n    Generate an encrypted grub2 password for the grub superusers account with\nthe following command:\n\n    $ sudo grub2-setpassword\n    Enter password:\n    Confirm password:'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-230235'\n  tag rid: 'SV-230235r743925_rule'\n  tag stig_id: 'RHEL-08-010150'\n  tag fix_id: 'F-32879r743924_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe 'System running UEFI' do\n      skip 'The System is running UEFI, this control is Not Applicable.'\n    end\n  else\n    input('grub_user_boot_files').each do |grub_user_file|\n      describe parse_config_file(grub_user_file) do\n        its('GRUB2_PASSWORD') { should include 'grub.pbkdf2.sha512' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230235.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "Parse Config File /boot/grub2/user.cfg",
+              "run_time": 6.0e-06,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource": "Parse Config File /boot/grub2/user.cfg",
+              "skip_message": "Can't find file: /boot/grub2/user.cfg",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/boot/grub2/user.cfg\"]",
+              "resource_id": "/boot/grub2/user.cfg"
+            }
+          ]
+        },
+        {
+          "id": "SV-230236",
+          "title": "RHEL 8 operating systems must require authentication upon booting into\nrescue mode.",
+          "desc": "If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system."
+            },
+            {
+              "label": "check",
+              "data": "Check to see if the system requires authentication for rescue mode with the\nfollowing command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/rescue.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell rescue\", commented out, or missing,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to require authentication upon booting into rescue\nmode by adding the following line to the\n\"/usr/lib/systemd/system/rescue.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "gid": "V-230236",
+            "rid": "SV-230236r743928_rule",
+            "stig_id": "RHEL-08-010151",
+            "fix_id": "F-32880r743927_fix",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230236' do\n  title 'RHEL 8 operating systems must require authentication upon booting into\nrescue mode.'\n  desc 'If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.'\n  desc 'check', 'Check to see if the system requires authentication for rescue mode with the\nfollowing command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/rescue.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell rescue\", commented out, or missing,\nthis is a finding.'\n  desc 'fix', 'Configure the system to require authentication upon booting into rescue\nmode by adding the following line to the\n\"/usr/lib/systemd/system/rescue.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell rescue'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-230236'\n  tag rid: 'SV-230236r743928_rule'\n  tag stig_id: 'RHEL-08-010151'\n  tag fix_id: 'F-32880r743927_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n  describe service('rescue') do\n    its('params.ExecStart') { should include '/usr/lib/systemd/systemd-sulogin-shell rescue' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230236.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Service rescue params.ExecStart is expected to include \"/usr/lib/systemd/systemd-sulogin-shell rescue\"",
+              "run_time": 0.435689,
+              "start_time": "2024-01-09T19:40:38-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"rescue\"]",
+              "resource_id": "rescue"
+            }
+          ]
+        },
+        {
+          "id": "SV-230237",
+          "title": "The RHEL 8 pam_unix.so module must be configured in the password-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.",
+          "desc": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the pam_unix.so module is configured to use sha512.\n\nCheck that the pam_unix.so module is configured to use sha512 in /etc/pam.d/password-auth with the following command:\n\n$ sudo grep password /etc/pam.d/password-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/password-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000120-GPOS-00061",
+            "gid": "V-230237",
+            "rid": "SV-230237r809276_rule",
+            "stig_id": "RHEL-08-010160",
+            "fix_id": "F-32881r809275_fix",
+            "cci": [
+              "CCI-000803"
+            ],
+            "nist": [
+              "IA-7"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230237' do\n  title 'The RHEL 8 pam_unix.so module must be configured in the password-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify that the pam_unix.so module is configured to use sha512.\n\nCheck that the pam_unix.so module is configured to use sha512 in /etc/pam.d/password-auth with the following command:\n\n$ sudo grep password /etc/pam.d/password-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/password-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-230237'\n  tag rid: 'SV-230237r809276_rule'\n  tag stig_id: 'RHEL-08-010160'\n  tag fix_id: 'F-32881r809275_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') { should match_pam_rule('.* .* pam_unix.so sha512') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230237.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include .* .* pam_unix.so sha512",
+              "run_time": 0.003098,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230238",
+          "title": "RHEL 8 must prevent system daemons from using Kerberos for\nauthentication.",
+          "desc": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    The key derivation function (KDF) in Kerberos is not FIPS compatible.\nEnsuring the system does not have any keytab files present prevents system\ndaemons from using Kerberos for authentication.  A keytab is a file containing\npairs of Kerberos principals and encrypted keys.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    The key derivation function (KDF) in Kerberos is not FIPS compatible.\nEnsuring the system does not have any keytab files present prevents system\ndaemons from using Kerberos for authentication.  A keytab is a file containing\npairs of Kerberos principals and encrypted keys.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."
+            },
+            {
+              "label": "check",
+              "data": "Verify that RHEL 8 prevents system daemons from using Kerberos for\nauthentication.\n\n    If the system is a server utilizing krb5-server-1.17-18.el8.x86_64 or\nnewer, this requirement is not applicable.\n    If the system is a workstation utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this requirement is not\napplicable.\n\n    Check if there are available keytabs with the following command:\n\n    $ sudo ls -al /etc/*.keytab\n\n    If this command produces any file(s), this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent system daemons from using Kerberos for\nauthentication.\n\n    Remove any files with the .keytab extension from the operating system."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000120-GPOS-00061",
+            "gid": "V-230238",
+            "rid": "SV-230238r646862_rule",
+            "stig_id": "RHEL-08-010161",
+            "fix_id": "F-32882r567461_fix",
+            "cci": [
+              "CCI-000803"
+            ],
+            "nist": [
+              "IA-7"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230238' do\n  title 'RHEL 8 must prevent system daemons from using Kerberos for\nauthentication.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    The key derivation function (KDF) in Kerberos is not FIPS compatible.\nEnsuring the system does not have any keytab files present prevents system\ndaemons from using Kerberos for authentication.  A keytab is a file containing\npairs of Kerberos principals and encrypted keys.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify that RHEL 8 prevents system daemons from using Kerberos for\nauthentication.\n\n    If the system is a server utilizing krb5-server-1.17-18.el8.x86_64 or\nnewer, this requirement is not applicable.\n    If the system is a workstation utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this requirement is not\napplicable.\n\n    Check if there are available keytabs with the following command:\n\n    $ sudo ls -al /etc/*.keytab\n\n    If this command produces any file(s), this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent system daemons from using Kerberos for\nauthentication.\n\n    Remove any files with the .keytab extension from the operating system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-230238'\n  tag rid: 'SV-230238r646862_rule'\n  tag stig_id: 'RHEL-08-010161'\n  tag fix_id: 'F-32882r567461_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  krb5_server = package('krb5-server')\n  krb5_workstation = package('krb5-workstation')\n\n  if (krb5_server.installed? && krb5_server.version >= '1.17-18.el8') || (krb5_workstation.installed? && krb5_workstation.version >= '1.17-18.el8')\n    impact 0.0\n    describe 'The system has krb5-workstation and server version 1.17-18 or higher' do\n      skip 'The system has krb5-workstation and server version 1.17-18 or higner, this requirement is Not Applicable.'\n    end\n  else\n    keytabs = command('ls /etc/*.keytab').stdout.split\n    describe 'The system' do\n      it 'should not have keytab files for Kerberos' do\n        expect(keytabs).to be_empty, \"Keytab files:\\n\\t- #{keytabs.join(\"\\n\\t- \")}\"\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230238.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The system should not have keytab files for Kerberos",
+              "run_time": 0.012336,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system"
+            }
+          ]
+        },
+        {
+          "id": "SV-230239",
+          "title": "The krb5-workstation package must not be installed on RHEL 8.",
+          "desc": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the krb5-workstation package has not been installed on the system\nwith the following commands:\n\n    If the system is a server or is utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this is Not Applicable.\n\n    $ sudo yum list installed krb5-workstation\n\n    krb5-workstation.x86_64\n1.17-9.el8                                                  repository\n\n    If the krb5-workstation package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the krb5-workstation package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-workstation"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000120-GPOS-00061",
+            "gid": "V-230239",
+            "rid": "SV-230239r646864_rule",
+            "stig_id": "RHEL-08-010162",
+            "fix_id": "F-32883r567464_fix",
+            "cci": [
+              "CCI-000803"
+            ],
+            "nist": [
+              "IA-7"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230239' do\n  title 'The krb5-workstation package must not be installed on RHEL 8.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify the krb5-workstation package has not been installed on the system\nwith the following commands:\n\n    If the system is a server or is utilizing\nkrb5-workstation-1.17-18.el8.x86_64 or newer, this is Not Applicable.\n\n    $ sudo yum list installed krb5-workstation\n\n    krb5-workstation.x86_64\n1.17-9.el8                                                  repository\n\n    If the krb5-workstation package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the krb5-workstation package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-workstation'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-230239'\n  tag rid: 'SV-230239r646864_rule'\n  tag stig_id: 'RHEL-08-010162'\n  tag fix_id: 'F-32883r567464_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  krb5_workstation = package('krb5-workstation')\n\n  if krb5_workstation.installed? && krb5_workstation.version >= '1.17-18.el8'\n    impact 0.0\n    describe 'N/A' do\n      skip 'Kerberos installation is at version 1.17-18.el8 or greater; this control is Not Applicable'\n    end\n  else\n    describe krb5_workstation do\n      it { should_not be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230239.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package krb5-workstation is expected not to be installed",
+              "run_time": 0.000456,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"krb5-workstation\"]",
+              "resource_id": "krb5-workstation"
+            }
+          ]
+        },
+        {
+          "id": "SV-230240",
+          "title": "RHEL 8 must use a Linux Security Module configured to enforce limits\non system services.",
+          "desc": "Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and in \"Enforcing\" mode with the following\ncommand:\n\n    $ sudo getenforce\n    Enforcing\n\n    If \"SELinux\" is not active and not in \"Enforcing\" mode, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinux\" status and the \"Enforcing\" mode by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUX=enforcing\n\n    A reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000134-GPOS-00068",
+            "gid": "V-230240",
+            "rid": "SV-230240r627750_rule",
+            "stig_id": "RHEL-08-010170",
+            "fix_id": "F-32884r567467_fix",
+            "cci": [
+              "CCI-001084"
+            ],
+            "nist": [
+              "SC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230240' do\n  title 'RHEL 8 must use a Linux Security Module configured to enforce limits\non system services.'\n  desc 'Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.'\n  desc 'check', 'Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and in \"Enforcing\" mode with the following\ncommand:\n\n    $ sudo getenforce\n    Enforcing\n\n    If \"SELinux\" is not active and not in \"Enforcing\" mode, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinux\" status and the \"Enforcing\" mode by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUX=enforcing\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag gid: 'V-230240'\n  tag rid: 'SV-230240r627750_rule'\n  tag stig_id: 'RHEL-08-010170'\n  tag fix_id: 'F-32884r567467_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  describe selinux do\n    it { should be_enforcing }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230240.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SELinux is expected to be enforcing",
+              "run_time": 0.010591,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "selinux",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230241",
+          "title": "RHEL 8 must have policycoreutils package installed.",
+          "desc": "Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    Policycoreutils contains the policy core utilities that are required for\nbasic operation of an SELinux-enabled system. These utilities include\nload_policy to load SELinux policies, setfile to label filesystems, newrole to\nswitch roles, and run_init to run /etc/init.d scripts in the proper context.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    Policycoreutils contains the policy core utilities that are required for\nbasic operation of an SELinux-enabled system. These utilities include\nload_policy to load SELinux policies, setfile to label filesystems, newrole to\nswitch roles, and run_init to run /etc/init.d scripts in the proper context."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system has the policycoreutils package installed with\nthe following command:\n\n    $ sudo yum list installed policycoreutils\n\n    policycoreutils.x86_64\n2.9-3.el8                                                  @anaconda\n\n    If the policycoreutils package is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to have the policycoreutils package\ninstalled with the following command:\n\n    $ sudo yum install policycoreutils"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000134-GPOS-00068",
+            "gid": "V-230241",
+            "rid": "SV-230241r627750_rule",
+            "stig_id": "RHEL-08-010171",
+            "fix_id": "F-32885r567470_fix",
+            "cci": [
+              "CCI-001084"
+            ],
+            "nist": [
+              "SC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230241' do\n  title 'RHEL 8 must have policycoreutils package installed.'\n  desc 'Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    Policycoreutils contains the policy core utilities that are required for\nbasic operation of an SELinux-enabled system. These utilities include\nload_policy to load SELinux policies, setfile to label filesystems, newrole to\nswitch roles, and run_init to run /etc/init.d scripts in the proper context.'\n  desc 'check', 'Verify the operating system has the policycoreutils package installed with\nthe following command:\n\n    $ sudo yum list installed policycoreutils\n\n    policycoreutils.x86_64\n2.9-3.el8                                                  @anaconda\n\n    If the policycoreutils package is not installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to have the policycoreutils package\ninstalled with the following command:\n\n    $ sudo yum install policycoreutils'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag gid: 'V-230241'\n  tag rid: 'SV-230241r627750_rule'\n  tag stig_id: 'RHEL-08-010171'\n  tag fix_id: 'F-32885r567470_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  describe package('policycoreutils') do\n    it { should be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230241.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package policycoreutils is expected to be installed",
+              "run_time": 0.093149,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"policycoreutils\"]",
+              "resource_id": "policycoreutils"
+            }
+          ]
+        },
+        {
+          "id": "SV-230243",
+          "title": "A sticky bit must be set on all RHEL 8 public directories to prevent\nunauthorized and unintended information transferred via shared system\nresources.",
+          "desc": "Preventing unauthorized information transfers mitigates the risk of\ninformation, including encrypted representations of information, produced by\nthe actions of prior users/roles (or the actions of processes acting on behalf\nof prior users/roles) from being available to any current users/roles (or\ncurrent processes) that obtain access to shared system resources (e.g.,\nregisters, main memory, hard disks) after those resources have been released\nback to information systems. The control of information in shared resources is\nalso commonly referred to as object reuse and residual information protection.\n\n    This requirement generally applies to the design of an information\ntechnology product, but it can also apply to the configuration of particular\ninformation system components that are, or use, such products. This can be\nverified by acceptance/validation processes in DoD or other government agencies.\n\n    There may be shared resources with configurable protections (e.g., files in\nstorage) that may be assessed on specific information system components.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Preventing unauthorized information transfers mitigates the risk of\ninformation, including encrypted representations of information, produced by\nthe actions of prior users/roles (or the actions of processes acting on behalf\nof prior users/roles) from being available to any current users/roles (or\ncurrent processes) that obtain access to shared system resources (e.g.,\nregisters, main memory, hard disks) after those resources have been released\nback to information systems. The control of information in shared resources is\nalso commonly referred to as object reuse and residual information protection.\n\n    This requirement generally applies to the design of an information\ntechnology product, but it can also apply to the configuration of particular\ninformation system components that are, or use, such products. This can be\nverified by acceptance/validation processes in DoD or other government agencies.\n\n    There may be shared resources with configurable protections (e.g., files in\nstorage) that may be assessed on specific information system components."
+            },
+            {
+              "label": "check",
+              "data": "Verify that all world-writable directories have the sticky bit set.\n\nCheck to see that all world-writable directories have the sticky bit set by running the following command:\n\n$ sudo find / -type d \\( -perm -0002 -a ! -perm -1000 \\) -print 2>/dev/null\n\ndrwxrwxrwt 7 root root 4096 Jul 26 11:19 /tmp\n\nIf any of the returned directories are world-writable and do not have the sticky bit set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure all world-writable directories to have the sticky bit set to\nprevent unauthorized and unintended information transferred via shared system\nresources.\n\n    Set the sticky bit on all world-writable directories using the command,\nreplace \"[World-Writable Directory]\" with any directory path missing the\nsticky bit:\n\n    $ sudo chmod 1777 [World-Writable Directory]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000138-GPOS-00069",
+            "gid": "V-230243",
+            "rid": "SV-230243r792857_rule",
+            "stig_id": "RHEL-08-010190",
+            "fix_id": "F-32887r567476_fix",
+            "cci": [
+              "CCI-001090"
+            ],
+            "nist": [
+              "SC-4"
+            ]
+          },
+          "code": "control 'SV-230243' do\n  title 'A sticky bit must be set on all RHEL 8 public directories to prevent\nunauthorized and unintended information transferred via shared system\nresources.'\n  desc 'Preventing unauthorized information transfers mitigates the risk of\ninformation, including encrypted representations of information, produced by\nthe actions of prior users/roles (or the actions of processes acting on behalf\nof prior users/roles) from being available to any current users/roles (or\ncurrent processes) that obtain access to shared system resources (e.g.,\nregisters, main memory, hard disks) after those resources have been released\nback to information systems. The control of information in shared resources is\nalso commonly referred to as object reuse and residual information protection.\n\n    This requirement generally applies to the design of an information\ntechnology product, but it can also apply to the configuration of particular\ninformation system components that are, or use, such products. This can be\nverified by acceptance/validation processes in DoD or other government agencies.\n\n    There may be shared resources with configurable protections (e.g., files in\nstorage) that may be assessed on specific information system components.'\n  desc 'check', 'Verify that all world-writable directories have the sticky bit set.\n\nCheck to see that all world-writable directories have the sticky bit set by running the following command:\n\n$ sudo find / -type d \\\\( -perm -0002 -a ! -perm -1000 \\\\) -print 2>/dev/null\n\ndrwxrwxrwt 7 root root 4096 Jul 26 11:19 /tmp\n\nIf any of the returned directories are world-writable and do not have the sticky bit set, this is a finding.'\n  desc 'fix', 'Configure all world-writable directories to have the sticky bit set to\nprevent unauthorized and unintended information transferred via shared system\nresources.\n\n    Set the sticky bit on all world-writable directories using the command,\nreplace \"[World-Writable Directory]\" with any directory path missing the\nsticky bit:\n\n    $ sudo chmod 1777 [World-Writable Directory]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000138-GPOS-00069'\n  tag gid: 'V-230243'\n  tag rid: 'SV-230243r792857_rule'\n  tag stig_id: 'RHEL-08-010190'\n  tag fix_id: 'F-32887r567476_fix'\n  tag cci: ['CCI-001090']\n  tag nist: ['SC-4']\n\n  ww_dirs = command('find / -type d \\\\( -perm -0002 -a ! -perm -1000 \\\\) -print 2>/dev/null').stdout.split(\"\\n\")\n\n  if ww_dirs.empty?\n    describe 'List of world-writable directories on the target' do\n      subject { ww_dirs }\n      it { should be_empty }\n    end\n  else\n    non_sticky_ww_dirs = ww_dirs.reject { |dir| file(dir).sticky? }\n    describe 'All public directories' do\n      it 'should have the sticky bit set' do\n        fail_msg = \"Public directories without sticky bit:\\n\\t- #{non_sticky_ww_dirs.join(\"\\n\\t- \")}\"\n        expect(non_sticky_ww_dirs).to be_empty, fail_msg\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230243.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "List of world-writable directories on the target is expected to be empty",
+              "run_time": 0.012684,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "List of world-writable directories on the target"
+            }
+          ]
+        },
+        {
+          "id": "SV-230244",
+          "title": "RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.",
+          "desc": "Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\n        Terminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\n        RHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\n        Terminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\n        RHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH server automatically terminates a user session after the SSH client has become unresponsive.\n\n        Check that the \"ClientAliveCountMax\" is set to \"1\" by performing the following command:\n\n            $ sudo grep -ir clientalivecountmax /etc/ssh/sshd_config*\n\n            ClientAliveCountMax 1\n\n        If \"ClientAliveCountMax\" do not exist, is not set to a value of \"1\" in \"/etc/ssh/sshd_config\", or is commented out, this is a finding.\n\n        If conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Note: This setting must be applied in conjunction with RHEL-08-010201 to function correctly.\n\n        Configure the SSH server to terminate a user session automatically after the SSH client has become unresponsive.\n\n        Modify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n            ClientAliveCountMax 1\n\n        For the changes to take effect, the SSH daemon must be restarted:\n\n            $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-GPOS-00072",
+            "satisfies": [
+              "SRG-OS-000163-GPOS-00072",
+              "SRG-OS-000126-GPOS-00066",
+              "SRG-OS-000279-GPOS-00109"
+            ],
+            "gid": "V-230244",
+            "rid": "SV-230244r917867_rule",
+            "stig_id": "RHEL-08-010200",
+            "fix_id": "F-32888r917866_fix",
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230244' do\n  title 'RHEL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive.'\n  desc 'Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\n        Terminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\n        RHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.'\n  desc 'check', 'Verify the SSH server automatically terminates a user session after the SSH client has become unresponsive.\n\n        Check that the \"ClientAliveCountMax\" is set to \"1\" by performing the following command:\n\n            $ sudo grep -ir clientalivecountmax /etc/ssh/sshd_config*\n\n            ClientAliveCountMax 1\n\n        If \"ClientAliveCountMax\" do not exist, is not set to a value of \"1\" in \"/etc/ssh/sshd_config\", or is commented out, this is a finding.\n\n        If conflicting results are returned, this is a finding.'\n  desc 'fix', 'Note: This setting must be applied in conjunction with RHEL-08-010201 to function correctly.\n\n        Configure the SSH server to terminate a user session automatically after the SSH client has become unresponsive.\n\n        Modify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n            ClientAliveCountMax 1\n\n        For the changes to take effect, the SSH daemon must be restarted:\n\n            $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-GPOS-00072'\n  tag satisfies: ['SRG-OS-000163-GPOS-00072', 'SRG-OS-000126-GPOS-00066', 'SRG-OS-000279-GPOS-00109']\n  tag gid: 'V-230244'\n  tag rid: 'SV-230244r917867_rule'\n  tag stig_id: 'RHEL-08-010200'\n  tag fix_id: 'F-32888r917866_fix'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n  tag 'host', 'container-conditional'\n\n  only_if('SSH is not installed on the system this requirement is Not Applicable', impact: 0.0) {\n    (service('sshd').enabled? || package('openssh-server').installed?)\n  }\n\n  client_alive_count = input('sshd_client_alive_count_max')\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'skip' do\n      skip 'SSH configuration does not apply inside containers. This control is Not Applicable.'\n    end\n  else\n    describe 'SSH ClientAliveCountMax configuration' do\n      it \"should be set to #{client_alive_count}\" do\n        expect(sshd_config.ClientAliveCountMax).to(cmp(client_alive_count), \"SSH ClientAliveCountMax is commented out or not set to the expected value (#{client_alive_count})\")\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230244.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSH ClientAliveCountMax configuration should be set to 1",
+              "run_time": 0.002174,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "SSH ClientAliveCountMax configuration"
+            }
+          ]
+        },
+        {
+          "id": "SV-230245",
+          "title": "The RHEL 8 /var/log/messages file must have mode 0640 or less\npermissive.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the \"/var/log/messages\" file has mode \"0640\" or less\npermissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/messages\n\n    640 /var/log/messages\n\n    If a value of \"0640\" or less permissive is not returned, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the permissions of the file \"/var/log/messages\" to \"0640\" by\nrunning the following command:\n\n    $ sudo chmod 0640 /var/log/messages"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000206-GPOS-00084",
+            "gid": "V-230245",
+            "rid": "SV-230245r627750_rule",
+            "stig_id": "RHEL-08-010210",
+            "fix_id": "F-32889r567482_fix",
+            "cci": [
+              "CCI-001314"
+            ],
+            "nist": [
+              "SI-11 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230245' do\n  title 'The RHEL 8 /var/log/messages file must have mode 0640 or less\npermissive.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify that the \"/var/log/messages\" file has mode \"0640\" or less\npermissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/messages\n\n    640 /var/log/messages\n\n    If a value of \"0640\" or less permissive is not returned, this is a\nfinding.'\n  desc 'fix', 'Change the permissions of the file \"/var/log/messages\" to \"0640\" by\nrunning the following command:\n\n    $ sudo chmod 0640 /var/log/messages'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230245'\n  tag rid: 'SV-230245r627750_rule'\n  tag stig_id: 'RHEL-08-010210'\n  tag fix_id: 'F-32889r567482_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe file('/var/log/messages') do\n    it { should_not be_more_permissive_than('0640') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230245.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/messages is expected not to be more permissive than \"0640\"",
+              "run_time": 0.316252,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/messages\"]",
+              "resource_id": "/var/log/messages"
+            }
+          ]
+        },
+        {
+          "id": "SV-230246",
+          "title": "The RHEL 8 /var/log/messages file must be owned by root.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the /var/log/messages file is owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%U\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the owner of the file /var/log/messages to root by running the\nfollowing command:\n\n    $ sudo chown root /var/log/messages"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000206-GPOS-00084",
+            "gid": "V-230246",
+            "rid": "SV-230246r627750_rule",
+            "stig_id": "RHEL-08-010220",
+            "fix_id": "F-32890r567485_fix",
+            "cci": [
+              "CCI-001314"
+            ],
+            "nist": [
+              "SI-11 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230246' do\n  title 'The RHEL 8 /var/log/messages file must be owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify that the /var/log/messages file is owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%U\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the owner of the file /var/log/messages to root by running the\nfollowing command:\n\n    $ sudo chown root /var/log/messages'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230246'\n  tag rid: 'SV-230246r627750_rule'\n  tag stig_id: 'RHEL-08-010220'\n  tag fix_id: 'F-32890r567485_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe file('/var/log/messages') do\n    it { should be_owned_by 'root' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230246.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/messages is expected to be owned by \"root\"",
+              "run_time": 0.01233,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/messages\"]",
+              "resource_id": "/var/log/messages"
+            }
+          ]
+        },
+        {
+          "id": "SV-230247",
+          "title": "The RHEL 8 /var/log/messages file must be group-owned by root.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify the \"/var/log/messages\" file is group-owned by root with the\nfollowing command:\n\n    $ sudo stat -c \"%G\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the group of the file \"/var/log/messages\" to \"root\" by running\nthe following command:\n\n    $ sudo chgrp root /var/log/messages"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000206-GPOS-00084",
+            "gid": "V-230247",
+            "rid": "SV-230247r627750_rule",
+            "stig_id": "RHEL-08-010230",
+            "fix_id": "F-32891r567488_fix",
+            "cci": [
+              "CCI-001314"
+            ],
+            "nist": [
+              "SI-11 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230247' do\n  title 'The RHEL 8 /var/log/messages file must be group-owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the \"/var/log/messages\" file is group-owned by root with the\nfollowing command:\n\n    $ sudo stat -c \"%G\" /var/log/messages\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the group of the file \"/var/log/messages\" to \"root\" by running\nthe following command:\n\n    $ sudo chgrp root /var/log/messages'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230247'\n  tag rid: 'SV-230247r627750_rule'\n  tag stig_id: 'RHEL-08-010230'\n  tag fix_id: 'F-32891r567488_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe file('/var/log/messages') do\n    its('group') { should be_in input('var_log_messages_group') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230247.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/messages group is expected to be in \"root\"",
+              "run_time": 0.000395,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/messages\"]",
+              "resource_id": "/var/log/messages"
+            }
+          ]
+        },
+        {
+          "id": "SV-230248",
+          "title": "The RHEL 8 /var/log directory must have mode 0755 or less permissive.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the \"/var/log\" directory has a mode of \"0755\" or less with\nthe following command:\n\n    $ sudo stat -c \"%a %n\" /var/log\n\n    755\n\n    If a value of \"0755\" or less permissive is not returned, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the permissions of the directory \"/var/log\" to \"0755\" by running\nthe following command:\n\n    $ sudo chmod 0755 /var/log"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000206-GPOS-00084",
+            "gid": "V-230248",
+            "rid": "SV-230248r627750_rule",
+            "stig_id": "RHEL-08-010240",
+            "fix_id": "F-32892r567491_fix",
+            "cci": [
+              "CCI-001314"
+            ],
+            "nist": [
+              "SI-11 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230248' do\n  title 'The RHEL 8 /var/log directory must have mode 0755 or less permissive.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify that the \"/var/log\" directory has a mode of \"0755\" or less with\nthe following command:\n\n    $ sudo stat -c \"%a %n\" /var/log\n\n    755\n\n    If a value of \"0755\" or less permissive is not returned, this is a\nfinding.'\n  desc 'fix', 'Change the permissions of the directory \"/var/log\" to \"0755\" by running\nthe following command:\n\n    $ sudo chmod 0755 /var/log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230248'\n  tag rid: 'SV-230248r627750_rule'\n  tag stig_id: 'RHEL-08-010240'\n  tag fix_id: 'F-32892r567491_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe directory('/var/log') do\n    it { should_not be_more_permissive_than('0755') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230248.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /var/log is expected not to be more permissive than \"0755\"",
+              "run_time": 0.226139,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/var/log\"]",
+              "resource_id": "/var/log"
+            }
+          ]
+        },
+        {
+          "id": "SV-230249",
+          "title": "The RHEL 8 /var/log directory must be owned by root.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify the /var/log directory is owned by root with the following command:\n\n$ sudo stat -c \"%U\" /var/log\n\nroot\n\nIf \"root\" is not returned as a result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the owner of the directory /var/log to root by running the following\ncommand:\n\n    $ sudo chown root /var/log"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000206-GPOS-00084",
+            "gid": "V-230249",
+            "rid": "SV-230249r627750_rule",
+            "stig_id": "RHEL-08-010250",
+            "fix_id": "F-32893r567494_fix",
+            "cci": [
+              "CCI-001314"
+            ],
+            "nist": [
+              "SI-11 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230249' do\n  title 'The RHEL 8 /var/log directory must be owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the /var/log directory is owned by root with the following command:\n\n$ sudo stat -c \"%U\" /var/log\n\nroot\n\nIf \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the owner of the directory /var/log to root by running the following\ncommand:\n\n    $ sudo chown root /var/log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230249'\n  tag rid: 'SV-230249r627750_rule'\n  tag stig_id: 'RHEL-08-010250'\n  tag fix_id: 'F-32893r567494_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe directory('/var/log') do\n    it { should be_owned_by 'root' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230249.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /var/log is expected to be owned by \"root\"",
+              "run_time": 0.015979,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/var/log\"]",
+              "resource_id": "/var/log"
+            }
+          ]
+        },
+        {
+          "id": "SV-230250",
+          "title": "The RHEL 8 /var/log directory must be group-owned by root.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify the \"/var/log\" directory is group-owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%G\" /var/log\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the group of the directory \"/var/log\" to \"root\" by running the\nfollowing command:\n\n    $ sudo chgrp root /var/log"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000206-GPOS-00084",
+            "gid": "V-230250",
+            "rid": "SV-230250r627750_rule",
+            "stig_id": "RHEL-08-010260",
+            "fix_id": "F-32894r567497_fix",
+            "cci": [
+              "CCI-001314"
+            ],
+            "nist": [
+              "SI-11 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230250' do\n  title 'The RHEL 8 /var/log directory must be group-owned by root.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the \"/var/log\" directory is group-owned by root with the following\ncommand:\n\n    $ sudo stat -c \"%G\" /var/log\n\n    root\n\n    If \"root\" is not returned as a result, this is a finding.'\n  desc 'fix', 'Change the group of the directory \"/var/log\" to \"root\" by running the\nfollowing command:\n\n    $ sudo chgrp root /var/log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000206-GPOS-00084'\n  tag gid: 'V-230250'\n  tag rid: 'SV-230250r627750_rule'\n  tag stig_id: 'RHEL-08-010260'\n  tag fix_id: 'F-32894r567497_fix'\n  tag cci: ['CCI-001314']\n  tag nist: ['SI-11 b']\n  tag 'host', 'container'\n\n  describe directory('/var/log') do\n    its('group') { should eq 'root' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230250.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /var/log group is expected to eq \"root\"",
+              "run_time": 0.000461,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/var/log\"]",
+              "resource_id": "/var/log"
+            }
+          ]
+        },
+        {
+          "id": "SV-230251",
+          "title": "The RHEL 8 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.",
+          "desc": "Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. RHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file. The system will attempt to use the first hash presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest hash available to secure the SSH connection.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. RHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file. The system will attempt to use the first hash presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest hash available to secure the SSH connection."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH server is configured to use only MACs employing FIPS 140-2-approved algorithms with the following command:\n\n    $ sudo grep -i macs /etc/crypto-policies/back-ends/opensshserver.config\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\nIf the MACs entries in the \"opensshserver.config\" file have any hashes other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the RHEL 8 SSH server to use only MACs employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\n    A reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "satisfies": [
+              "SRG-OS-000250-GPOS-00093",
+              "SRG-OS-000393-GPOS-00173",
+              "SRG-OS-000394-GPOS-00174",
+              "SRG-OS-000125-GPOS-00065"
+            ],
+            "gid": "V-230251",
+            "rid": "SV-230251r917870_rule",
+            "stig_id": "RHEL-08-010290",
+            "fix_id": "F-32895r917869_fix",
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230251' do\n  title 'The RHEL 8 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-2 validated cryptographic hash algorithms.'\n  desc 'Without cryptographic integrity protections, information can be altered by unauthorized users without detection. Remote access (e.g., RDP) is access to DoD nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include, for example, dial-up, broadband, and wireless. Cryptographic mechanisms used for protecting the integrity of information include, for example, signed hash functions using asymmetric cryptography enabling distribution of the public key to verify the hash information while maintaining the confidentiality of the secret key used to generate the hash. RHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file. The system will attempt to use the first hash presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest hash available to secure the SSH connection.'\n  desc 'check', 'Verify the SSH server is configured to use only MACs employing FIPS 140-2-approved algorithms with the following command:\n\n    $ sudo grep -i macs /etc/crypto-policies/back-ends/opensshserver.config\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\nIf the MACs entries in the \"opensshserver.config\" file have any hashes other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding.'\n  desc 'fix', 'Configure the RHEL 8 SSH server to use only MACs employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n    -oMACS=hmac-sha2-512,hmac-sha2-256,hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230251'\n  tag rid: 'SV-230251r917870_rule'\n  tag stig_id: 'RHEL-08-010290'\n  tag fix_id: 'F-32895r917869_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  # Check if SSH is installed within containerized RHEL\n  only_if('SSH is not installed within containerized RHEL. Therefore, this requirement is not applicable.', impact: 0.0) do\n    !(virtualization.system.eql?('docker') && !file('/etc/sysconfig/sshd').exist?)\n  end\n\n  # Define the required algorithms\n  required_algorithms = input('openssh_server_required_algorithms')\n\n  # TODO: make a simple resource for this based off 'login_defs' or 'yum' as a model\n\n  # Parse the configuration file to get the value of \"CRYPTO_POLICY\"\n  crypto_policy = parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config')['CRYPTO_POLICY']\n\n  # Parse the CRYPTO_POLICY string into a hash of configuration options\n  config_options = crypto_policy.scan(/-o(\\w+)=([\\w\\-,@]+)/).to_h\n\n  # Split each configuration option's values into an array\n  config_options.transform_values! { |v| v.split(',') }\n\n  # Define the path to the crypto policy file\n  crypto_policy_file = '/etc/crypto-policies/back-ends/opensshserver.config'\n\n  # Test that the crypto policy file is configured with the required algorithms\n  describe \"The crypto policy file #{crypto_policy_file}\" do\n    it 'is configured with the required algorithms' do\n      expect(crypto_policy).not_to be_nil, \"The crypto policy file #{crypto_policy_file} \\ndoes not contain the required algorithms\\n\\n\\t#{required_algorithms}.\"\n    end\n  end\n\n  # Test that the MACS option in the crypto policy file contains the required algorithms in the correct order\n  describe 'The MACs option in the crypto policy file' do\n    it 'contains the required algorithms in the correct order' do\n      expect(config_options['MACS']).to eq(required_algorithms), \"The MACS option in the crypto policy file does not contain the required algorithms in the *exact order*:\\n\\n\\texpected: #{required_algorithms}\\n\\tgot:#{config_options['MACS']}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230251.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The crypto policy file /etc/crypto-policies/back-ends/opensshserver.config is configured with the required algorithms",
+              "run_time": 0.000161,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The crypto policy file /etc/crypto-policies/back-ends/opensshserver.config"
+            },
+            {
+              "status": "failed",
+              "code_desc": "The MACs option in the crypto policy file contains the required algorithms in the correct order",
+              "run_time": 0.000169,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "message": "The MACS option in the crypto policy file does not contain the required algorithms in the *exact order*:\n\n\texpected: [\"hmac-sha2-512\", \"hmac-sha2-256\", \"hmac-sha2-512-etm@openssh.com\", \"hmac-sha2-256-etm@openssh.com\"]\n\tgot:",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The MACs option in the crypto policy file"
+            }
+          ]
+        },
+        {
+          "id": "SV-230252",
+          "title": "The RHEL 8 operating system must implement DoD-approved encryption to\nprotect the confidentiality of SSH server connections.",
+          "desc": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\n    The system will attempt to use the first hash presented by the client that\nmatches the server list. Listing the values \"strongest to weakest\" is a\nmethod to ensure the use of the strongest hash available to secure the SSH\nconnection.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\n    The system will attempt to use the first hash presented by the client that\nmatches the server list. Listing the values \"strongest to weakest\" is a\nmethod to ensure the use of the strongest hash available to secure the SSH\nconnection."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH server is configured to use only ciphers employing FIPS 140-2-approved algorithms with the following command:\n\n     $ sudo grep -i ciphers /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com'\n\nIf the cipher entries in the \"opensshserver.config\" file have any ciphers other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the RHEL 8 SSH server to use only ciphers employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\n\nA reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "satisfies": [
+              "SRG-OS-000250-GPOS-00093",
+              "SRG-OS-000393-GPOS-00173",
+              "SRG-OS-000394-GPOS-00174",
+              "SRG-OS-000125-GPOS-00065"
+            ],
+            "gid": "V-230252",
+            "rid": "SV-230252r917873_rule",
+            "stig_id": "RHEL-08-010291",
+            "fix_id": "F-32896r917872_fix",
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230252' do\n  title 'The RHEL 8 operating system must implement DoD-approved encryption to\nprotect the confidentiality of SSH server connections.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\n    The system will attempt to use the first hash presented by the client that\nmatches the server list. Listing the values \"strongest to weakest\" is a\nmethod to ensure the use of the strongest hash available to secure the SSH\nconnection.'\n  desc 'check', %q(Verify the SSH server is configured to use only ciphers employing FIPS 140-2-approved algorithms with the following command:\n\n     $ sudo grep -i ciphers /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com'\n\nIf the cipher entries in the \"opensshserver.config\" file have any ciphers other than shown here, the order differs from the example above, or they are missing or commented out, this is a finding.)\n  desc 'fix', 'Configure the RHEL 8 SSH server to use only ciphers employing FIPS 140-2-approved algorithms by updating the \"/etc/crypto-policies/back-ends/opensshserver.config\" file with the following line:\n\n-oCiphers=aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230252'\n  tag rid: 'SV-230252r917873_rule'\n  tag stig_id: 'RHEL-08-010291'\n  tag fix_id: 'F-32896r917872_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable - SSH is not installed within containerized RHEL', impact: 0.0) {\n    !(virtualization.system.eql?('docker') && !file('/etc/sysconfig/sshd').exist?)\n  }\n\n  describe parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config') do\n    its('CRYPTO_POLICY') { should_not be_nil }\n  end\n\n  crypto_policy = parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config')['CRYPTO_POLICY']\n\n  unless crypto_policy.nil?\n    describe parse_config(crypto_policy.gsub(/\\s|'/, \"\\n\")) do\n      its('-oCiphers') { should cmp 'aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230252.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/crypto-policies/back-ends/opensshserver.config CRYPTO_POLICY is expected not to be nil",
+              "run_time": 0.000178,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/crypto-policies/back-ends/opensshserver.config\"]",
+              "resource_id": "/etc/crypto-policies/back-ends/opensshserver.config"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  -oCiphers is expected to cmp == \"aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\"",
+              "run_time": 0.000362,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "message": "\nexpected: aes256-ctr,aes192-ctr,aes128-ctr,aes256-gcm@openssh.com,aes128-gcm@openssh.com\n     got: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "parse_config",
+              "resource_params": "[\"\\n-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc\\n-oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512\\n-oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-\\n-oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1\\n-oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\\n-oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\\n-oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa\\n\"]",
+              "resource_id": "\n-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc\n-oMACs=hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512\n-oGSSAPIKexAlgorithms=gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-\n-oKexAlgorithms=curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1\n-oHostKeyAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\n-oPubkeyAcceptedKeyTypes=ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01@openssh.com,ssh-rsa,ssh-rsa-cert-v01@openssh.com\n-oCASignatureAlgorithms=ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa\n"
+            }
+          ]
+        },
+        {
+          "id": "SV-230253",
+          "title": "RHEL 8 must ensure the SSH server uses strong entropy.",
+          "desc": "The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The SSH implementation in RHEL8 uses the OPENSSL library, which does not\nuse high-entropy sources by default.  By using the SSH_USE_STRONG_RNG\nenvironment variable the OPENSSL random generator is reseeded from /dev/random.\n This setting is not recommended on computers without the hardware random\ngenerator because insufficient entropy causes the connection to be blocked\nuntil enough entropy is available.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The SSH implementation in RHEL8 uses the OPENSSL library, which does not\nuse high-entropy sources by default.  By using the SSH_USE_STRONG_RNG\nenvironment variable the OPENSSL random generator is reseeded from /dev/random.\n This setting is not recommended on computers without the hardware random\ngenerator because insufficient entropy causes the connection to be blocked\nuntil enough entropy is available."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system SSH server uses strong entropy with the\nfollowing command:\n\n    Note: If the operating system is RHEL versions 8.0 or 8.1, this requirement\nis not applicable.\n\n    $ sudo grep -i ssh_use_strong_rng /etc/sysconfig/sshd\n\n    SSH_USE_STRONG_RNG=32\n\n    If the \"SSH_USE_STRONG_RNG\" line does not equal \"32\", is commented out\nor missing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system SSH server to use strong entropy.\n\nAdd or modify the following line in the \"/etc/sysconfig/sshd\" file.\n\nSSH_USE_STRONG_RNG=32\n\nThe SSH service must be restarted for changes to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230253",
+            "rid": "SV-230253r627750_rule",
+            "stig_id": "RHEL-08-010292",
+            "fix_id": "F-32897r567506_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230253' do\n  title 'RHEL 8 must ensure the SSH server uses strong entropy.'\n  desc 'The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The SSH implementation in RHEL8 uses the OPENSSL library, which does not\nuse high-entropy sources by default.  By using the SSH_USE_STRONG_RNG\nenvironment variable the OPENSSL random generator is reseeded from /dev/random.\n This setting is not recommended on computers without the hardware random\ngenerator because insufficient entropy causes the connection to be blocked\nuntil enough entropy is available.'\n  desc 'check', 'Verify the operating system SSH server uses strong entropy with the\nfollowing command:\n\n    Note: If the operating system is RHEL versions 8.0 or 8.1, this requirement\nis not applicable.\n\n    $ sudo grep -i ssh_use_strong_rng /etc/sysconfig/sshd\n\n    SSH_USE_STRONG_RNG=32\n\n    If the \"SSH_USE_STRONG_RNG\" line does not equal \"32\", is commented out\nor missing, this is a finding.'\n  desc 'fix', 'Configure the operating system SSH server to use strong entropy.\n\nAdd or modify the following line in the \"/etc/sysconfig/sshd\" file.\n\nSSH_USE_STRONG_RNG=32\n\nThe SSH service must be restarted for changes to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230253'\n  tag rid: 'SV-230253r627750_rule'\n  tag stig_id: 'RHEL-08-010292'\n  tag fix_id: 'F-32897r567506_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable - SSH is not installed within containerized RHEL', impact: 0.0) {\n    !(virtualization.system.eql?('docker') && !file('/etc/sysconfig/sshd').exist?)\n  }\n\n  describe parse_config_file('/etc/sysconfig/sshd') do\n    its('SSH_USE_STRONG_RNG') { should cmp 32 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230253.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/sysconfig/sshd SSH_USE_STRONG_RNG is expected to cmp == 32",
+              "run_time": 0.000631,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "message": "\nexpected: 32\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/sysconfig/sshd\"]",
+              "resource_id": "/etc/sysconfig/sshd"
+            }
+          ]
+        },
+        {
+          "id": "SV-230254",
+          "title": "The RHEL 8 operating system must implement DoD-approved encryption in\nthe OpenSSL package.",
+          "desc": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile."
+            },
+            {
+              "label": "check",
+              "data": "Verify the OpenSSL library is configured to use only ciphers employing FIPS\n140-2-approved algorithms:\n\n    Verify that system-wide crypto policies are in effect:\n\n    $ sudo grep -i opensslcnf.config /etc/pki/tls/openssl.cnf\n\n    .include /etc/crypto-policies/back-ends/opensslcnf.config\n\n    If the \"opensslcnf.config\" is not defined in the\n\"/etc/pki/tls/openssl.cnf\" file, this is a finding.\n\n    Verify which system-wide crypto policy is in use:\n\n    $ sudo update-crypto-policies --show\n\n    FIPS\n\n    If the system-wide crypto policy is set to anything other than \"FIPS\",\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the RHEL 8 OpenSSL library to use only ciphers employing FIPS\n140-2-approved algorithms with the following command:\n\n    $ sudo fips-mode-setup --enable\n\n    A reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "satisfies": [
+              "SRG-OS-000250-GPOS-00093",
+              "SRG-OS-000393-GPOS-00173",
+              "SRG-OS-000394-GPOS-00174",
+              "SRG-OS-000125-GPOS-00065"
+            ],
+            "gid": "V-230254",
+            "rid": "SV-230254r877394_rule",
+            "stig_id": "RHEL-08-010293",
+            "fix_id": "F-32898r567509_fix",
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-230254' do\n  title 'The RHEL 8 operating system must implement DoD-approved encryption in\nthe OpenSSL package.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.'\n  desc 'check', 'Verify the OpenSSL library is configured to use only ciphers employing FIPS\n140-2-approved algorithms:\n\n    Verify that system-wide crypto policies are in effect:\n\n    $ sudo grep -i opensslcnf.config /etc/pki/tls/openssl.cnf\n\n    .include /etc/crypto-policies/back-ends/opensslcnf.config\n\n    If the \"opensslcnf.config\" is not defined in the\n\"/etc/pki/tls/openssl.cnf\" file, this is a finding.\n\n    Verify which system-wide crypto policy is in use:\n\n    $ sudo update-crypto-policies --show\n\n    FIPS\n\n    If the system-wide crypto policy is set to anything other than \"FIPS\",\nthis is a finding.'\n  desc 'fix', 'Configure the RHEL 8 OpenSSL library to use only ciphers employing FIPS\n140-2-approved algorithms with the following command:\n\n    $ sudo fips-mode-setup --enable\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230254'\n  tag rid: 'SV-230254r877394_rule'\n  tag stig_id: 'RHEL-08-010293'\n  tag fix_id: 'F-32898r567509_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  only_if(\"Checking the host's FIPS compliance can't be done within the container and should be reveiwed manually.\") {\n    !(virtualization.system.eql?('docker') && !file('/etc/pki/tls/openssl.cnf').exist?)\n  }\n\n  describe 'A line in the OpenSSL config file' do\n    subject { command('grep -i opensslcnf.config /etc/pki/tls/openssl.cnf').stdout.strip }\n    it { should match(/^\\.include.*opensslcnf.config$/) }\n  end\n\n  describe 'System-wide crypto policy' do\n    subject { command('update-crypto-policies --show').stdout.strip }\n    it { should eq 'FIPS' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230254.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "A line in the OpenSSL config file is expected to match /^\\.include.*opensslcnf.config$/",
+              "run_time": 0.108262,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "A line in the OpenSSL config file"
+            },
+            {
+              "status": "failed",
+              "code_desc": "System-wide crypto policy is expected to eq \"FIPS\"",
+              "run_time": 0.239907,
+              "start_time": "2024-01-09T19:40:39-05:00",
+              "message": "\nexpected: \"FIPS\"\n     got: \"DEFAULT\"\n\n(compared using ==)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System-wide crypto policy"
+            }
+          ]
+        },
+        {
+          "id": "SV-230255",
+          "title": "The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the OpenSSL package.",
+          "desc": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile."
+            },
+            {
+              "label": "check",
+              "data": "Verify the OpenSSL library is configured to use only DoD-approved TLS encryption:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nMinProtocol = TLSv1.2\n\nIf the \"MinProtocol\" is set to anything older than \"TLSv1.2\", this is a finding.\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\n\nIf the \"TLS.MinProtocol\" is set to anything older than \"TLSv1.2\" or the \"DTLS.MinProtocol\" is set to anything older than DTLSv1.2, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the RHEL 8 OpenSSL library to use only DoD-approved TLS encryption by editing the following line in the \"/etc/crypto-policies/back-ends/opensslcnf.config\" file:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\nMinProtocol = TLSv1.2\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\nA reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "satisfies": [
+              "SRG-OS-000250-GPOS-00093",
+              "SRG-OS-000393-GPOS-00173",
+              "SRG-OS-000394-GPOS-00174",
+              "SRG-OS-000125-GPOS-00065"
+            ],
+            "gid": "V-230255",
+            "rid": "SV-230255r877394_rule",
+            "stig_id": "RHEL-08-010294",
+            "fix_id": "F-32899r809381_fix",
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230255' do\n  title 'The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the OpenSSL package.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default.  The employed\nalgorithms can be viewed in the /etc/crypto-policies/back-ends/openssl.config\nfile.'\n  desc 'check', 'Verify the OpenSSL library is configured to use only DoD-approved TLS encryption:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nMinProtocol = TLSv1.2\n\nIf the \"MinProtocol\" is set to anything older than \"TLSv1.2\", this is a finding.\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\n\n$ sudo grep -i  MinProtocol /etc/crypto-policies/back-ends/opensslcnf.config\n\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\n\nIf the \"TLS.MinProtocol\" is set to anything older than \"TLSv1.2\" or the \"DTLS.MinProtocol\" is set to anything older than DTLSv1.2, this is a finding.'\n  desc 'fix', 'Configure the RHEL 8 OpenSSL library to use only DoD-approved TLS encryption by editing the following line in the \"/etc/crypto-policies/back-ends/opensslcnf.config\" file:\n\nFor versions prior to crypto-policies-20210617-1.gitc776d3e.el8.noarch:\nMinProtocol = TLSv1.2\n\nFor version crypto-policies-20210617-1.gitc776d3e.el8.noarch and newer:\nTLS.MinProtocol = TLSv1.2\nDTLS.MinProtocol = DTLSv1.2\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-230255'\n  tag rid: 'SV-230255r877394_rule'\n  tag stig_id: 'RHEL-08-010294'\n  tag fix_id: 'F-32899r809381_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container'\n\n  crypto_policies = package('crypto-policies')\n\n  if crypto_policies.version < '20210617-1.gitc776d3e.el8.noarch'\n    describe parse_config_file('/etc/crypto-policies/back-ends/opensslcnf.config') do\n      its('MinProtocol') { should be_in ['TLSv1.2', 'TLSv1.3'] }\n    end\n  else\n    describe parse_config_file('/etc/crypto-policies/back-ends/opensslcnf.config') do\n      its(['TLS.MinProtocol']) { should be_in ['TLSv1.2', 'TLSv1.3'] }\n      its(['DTLS.MinProtocol']) { should be_in ['DTLSv1.2', 'DTLSv1.3'] }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230255.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/crypto-policies/back-ends/opensslcnf.config [\"TLS.MinProtocol\"] is expected to be in \"TLSv1.2\" and \"TLSv1.3\"",
+              "run_time": 0.000275,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/crypto-policies/back-ends/opensslcnf.config\"]",
+              "resource_id": "/etc/crypto-policies/back-ends/opensslcnf.config"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/crypto-policies/back-ends/opensslcnf.config [\"DTLS.MinProtocol\"] is expected to be in \"DTLSv1.2\" and \"DTLSv1.3\"",
+              "run_time": 0.000236,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/crypto-policies/back-ends/opensslcnf.config\"]",
+              "resource_id": "/etc/crypto-policies/back-ends/opensslcnf.config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230256",
+          "title": "The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the GnuTLS package.",
+          "desc": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Transport Layer Security (TLS) encryption is a required security setting as\na number of known vulnerabilities have been reported against Secure Sockets\nLayer (SSL) and earlier versions of TLS. Encryption of private information is\nessential to ensuring data confidentiality. If private information is not\nencrypted, it can be intercepted and easily read by an unauthorized party. SQL\nServer must use a minimum of FIPS 140-2-approved TLS version 1.2, and all\nnon-FIPS-approved SSL and TLS versions must be disabled. NIST SP 800-52\nspecifies the preferred configurations for government systems.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    The GnuTLS library offers an API to access secure communications protocols.\n SSLv2 is not available in the GnuTLS library.  The RHEL 8 system-wide crypto\npolicy defines employed algorithms in the\n/etc/crypto-policies/back-ends/gnutls.config file.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Transport Layer Security (TLS) encryption is a required security setting as\na number of known vulnerabilities have been reported against Secure Sockets\nLayer (SSL) and earlier versions of TLS. Encryption of private information is\nessential to ensuring data confidentiality. If private information is not\nencrypted, it can be intercepted and easily read by an unauthorized party. SQL\nServer must use a minimum of FIPS 140-2-approved TLS version 1.2, and all\nnon-FIPS-approved SSL and TLS versions must be disabled. NIST SP 800-52\nspecifies the preferred configurations for government systems.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    The GnuTLS library offers an API to access secure communications protocols.\n SSLv2 is not available in the GnuTLS library.  The RHEL 8 system-wide crypto\npolicy defines employed algorithms in the\n/etc/crypto-policies/back-ends/gnutls.config file."
+            },
+            {
+              "label": "check",
+              "data": "Verify the GnuTLS library is configured to only allow DoD-approved SSL/TLS Versions:\n\n$ sudo grep -io +vers.*  /etc/crypto-policies/back-ends/gnutls.config\n\n+VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:+COMP-NULL:%PROFILE_MEDIUM\n\nIf the \"gnutls.config\" does not list \"-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\" to disable unapproved SSL/TLS versions, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the RHEL 8 GnuTLS library to use only DoD-approved encryption by\nadding the following line to \"/etc/crypto-policies/back-ends/gnutls.config\":\n\n    +VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\n\n    A reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "satisfies": [
+              "SRG-OS-000250-GPOS-00093",
+              "SRG-OS-000423-GPOS-00187"
+            ],
+            "gid": "V-230256",
+            "rid": "SV-230256r877394_rule",
+            "stig_id": "RHEL-08-010295",
+            "fix_id": "F-32900r567515_fix",
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230256' do\n  title 'The RHEL 8 operating system must implement DoD-approved TLS encryption\nin the GnuTLS package.'\n  desc 'Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Transport Layer Security (TLS) encryption is a required security setting as\na number of known vulnerabilities have been reported against Secure Sockets\nLayer (SSL) and earlier versions of TLS. Encryption of private information is\nessential to ensuring data confidentiality. If private information is not\nencrypted, it can be intercepted and easily read by an unauthorized party. SQL\nServer must use a minimum of FIPS 140-2-approved TLS version 1.2, and all\nnon-FIPS-approved SSL and TLS versions must be disabled. NIST SP 800-52\nspecifies the preferred configurations for government systems.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    The GnuTLS library offers an API to access secure communications protocols.\n SSLv2 is not available in the GnuTLS library.  The RHEL 8 system-wide crypto\npolicy defines employed algorithms in the\n/etc/crypto-policies/back-ends/gnutls.config file.'\n  desc 'check', 'Verify the GnuTLS library is configured to only allow DoD-approved SSL/TLS Versions:\n\n$ sudo grep -io +vers.*  /etc/crypto-policies/back-ends/gnutls.config\n\n+VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0:+COMP-NULL:%PROFILE_MEDIUM\n\nIf the \"gnutls.config\" does not list \"-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\" to disable unapproved SSL/TLS versions, this is a finding.'\n  desc 'fix', 'Configure the RHEL 8 GnuTLS library to use only DoD-approved encryption by\nadding the following line to \"/etc/crypto-policies/back-ends/gnutls.config\":\n\n    +VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000423-GPOS-00187']\n  tag gid: 'V-230256'\n  tag rid: 'SV-230256r877394_rule'\n  tag stig_id: 'RHEL-08-010295'\n  tag fix_id: 'F-32900r567515_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container'\n\n  gnutls = file('/etc/crypto-policies/back-ends/gnutls.config').content.strip.split(':')\n  unapproved_versions = input('unapproved_ssl_tls_versions') # \"-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0\".split(':')\n  failing_versions = unapproved_versions - gnutls\n\n  describe 'GnuTLS' do\n    it 'should disable unapproved SSL/TLS versions' do\n      expect(failing_versions).to be_empty, \"GnuTLS should not allow:\\n\\t- #{failing_versions.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230256.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "GnuTLS should disable unapproved SSL/TLS versions",
+              "run_time": 0.013339,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "GnuTLS"
+            }
+          ]
+        },
+        {
+          "id": "SV-230257",
+          "title": "RHEL 8 system commands must have mode 755 or less permissive.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system commands contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -exec ls -l {} \\;\n\nIf any system commands are found to be group-writable or world-writable, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system commands to be protected from unauthorized access.\n\nRun the following command, replacing \"[FILE]\" with any system command with a mode more permissive than \"755\".\n\n$ sudo chmod 755 [FILE]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-230257",
+            "rid": "SV-230257r792862_rule",
+            "stig_id": "RHEL-08-010300",
+            "fix_id": "F-32901r792861_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230257' do\n  title 'RHEL 8 system commands must have mode 755 or less permissive.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system commands contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin -perm /022 -exec ls -l {} \\\\;\n\nIf any system commands are found to be group-writable or world-writable, this is a finding.'\n  desc 'fix', 'Configure the system commands to be protected from unauthorized access.\n\nRun the following command, replacing \"[FILE]\" with any system command with a mode more permissive than \"755\".\n\n$ sudo chmod 755 [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230257'\n  tag rid: 'SV-230257r792862_rule'\n  tag stig_id: 'RHEL-08-010300'\n  tag fix_id: 'F-32901r792861_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_command_dirs').join(' ')} -perm /0022 -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System commands' do\n    it \"should have mode '0755' or less permissive\" do\n      expect(failing_files).to be_empty, \"Files with excessive permissions:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230257.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System commands should have mode '0755' or less permissive",
+              "run_time": 0.00874,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "Files with excessive permissions:\n\t- /bin/miniterm-3.6.py\n\t- /bin/easy_install-3\n\t- /usr/bin/miniterm-3.6.py\n\t- /usr/bin/easy_install-3",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System commands"
+            }
+          ]
+        },
+        {
+          "id": "SV-230258",
+          "title": "RHEL 8 system commands must be owned by root.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system commands contained in the following directories are owned\nby \"root\" with the following command:\n\n    $ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin\n! -user root -exec ls -l {} \\;\n\n    If any system commands are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not owned by \"root\".\n\n    $ sudo chown root [FILE]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-230258",
+            "rid": "SV-230258r627750_rule",
+            "stig_id": "RHEL-08-010310",
+            "fix_id": "F-32902r567521_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230258' do\n  title 'RHEL 8 system commands must be owned by root.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system commands contained in the following directories are owned\nby \"root\" with the following command:\n\n    $ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin\n! -user root -exec ls -l {} \\\\;\n\n    If any system commands are returned, this is a finding.'\n  desc 'fix', 'Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not owned by \"root\".\n\n    $ sudo chown root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230258'\n  tag rid: 'SV-230258r627750_rule'\n  tag stig_id: 'RHEL-08-010310'\n  tag fix_id: 'F-32902r567521_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_command_dirs').join(' ')} ! -user root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System commands' do\n    it 'should be owned by root' do\n      expect(failing_files).to be_empty, \"Files not owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230258.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System commands should be owned by root",
+              "run_time": 0.003811,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System commands"
+            }
+          ]
+        },
+        {
+          "id": "SV-230259",
+          "title": "RHEL 8 system commands must be group-owned by root or a system\naccount.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system commands contained in the following directories are group-owned by \"root\", or a required system account, with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -exec ls -l {} \\;\n\nIf any system commands are returned and is not group-owned by a required system account, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not group-owned by \"root\" or a required system account.\n\n    $ sudo chgrp root [FILE]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-230259",
+            "rid": "SV-230259r792864_rule",
+            "stig_id": "RHEL-08-010320",
+            "fix_id": "F-32903r567524_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230259' do\n  title 'RHEL 8 system commands must be group-owned by root or a system\naccount.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system commands contained in the following directories are group-owned by \"root\", or a required system account, with the following command:\n\n$ sudo find -L /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin ! -group root -exec ls -l {} \\\\;\n\nIf any system commands are returned and is not group-owned by a required system account, this is a finding.'\n  desc 'fix', 'Configure the system commands to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any system command\nfile not group-owned by \"root\" or a required system account.\n\n    $ sudo chgrp root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230259'\n  tag rid: 'SV-230259r792864_rule'\n  tag stig_id: 'RHEL-08-010320'\n  tag fix_id: 'F-32903r567524_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_command_dirs').join(' ')} ! -group root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System commands' do\n    it 'should be group-owned by root' do\n      expect(failing_files).to be_empty, \"Files not group-owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230259.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System commands should be group-owned by root",
+              "run_time": 0.003572,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "Files not group-owned by root:\n\t- /bin/write\n\t- /sbin/postqueue\n\t- /sbin/postdrop\n\t- /usr/bin/write\n\t- /usr/sbin/postqueue\n\t- /usr/sbin/postdrop",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System commands"
+            }
+          ]
+        },
+        {
+          "id": "SV-230260",
+          "title": "RHEL 8 library files must have mode 755 or less permissive.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system-wide shared library files contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec ls -l {} \\;\n\nIf any system-wide shared library file is found to be group-writable or world-writable, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the library files to be protected from unauthorized access. Run the following command, replacing \"[FILE]\" with any library file with a mode more permissive than 755.\n\n$ sudo chmod 755 [FILE]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-230260",
+            "rid": "SV-230260r792867_rule",
+            "stig_id": "RHEL-08-010330",
+            "fix_id": "F-32904r792866_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230260' do\n  title 'RHEL 8 library files must have mode 755 or less permissive.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system-wide shared library files contained in the following directories have mode \"755\" or less permissive with the following command:\n\n$ sudo find -L /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type f -exec ls -l {} \\\\;\n\nIf any system-wide shared library file is found to be group-writable or world-writable, this is a finding.'\n  desc 'fix', 'Configure the library files to be protected from unauthorized access. Run the following command, replacing \"[FILE]\" with any library file with a mode more permissive than 755.\n\n$ sudo chmod 755 [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230260'\n  tag rid: 'SV-230260r792867_rule'\n  tag stig_id: 'RHEL-08-010330'\n  tag fix_id: 'F-32904r792866_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_libraries').join(' ')} -perm /0022 -type f -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System libraries' do\n    it \"should have mode '0755' or less permissive\" do\n      expect(failing_files).to be_empty, \"Files with excessive permissions:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230260.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System libraries should have mode '0755' or less permissive",
+              "run_time": 0.002791,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System libraries"
+            }
+          ]
+        },
+        {
+          "id": "SV-230261",
+          "title": "RHEL 8 library files must be owned by root.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system-wide shared library files are owned by \"root\" with the\nfollowing command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -user root -exec ls -l {}\n\\;\n\n    If any system wide shared library file is returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\nowned by \"root\".\n\n    $ sudo chown root [FILE]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-230261",
+            "rid": "SV-230261r627750_rule",
+            "stig_id": "RHEL-08-010340",
+            "fix_id": "F-32905r567530_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230261' do\n  title 'RHEL 8 library files must be owned by root.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system-wide shared library files are owned by \"root\" with the\nfollowing command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -user root -exec ls -l {}\n\\\\;\n\n    If any system wide shared library file is returned, this is a finding.'\n  desc 'fix', 'Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\nowned by \"root\".\n\n    $ sudo chown root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230261'\n  tag rid: 'SV-230261r627750_rule'\n  tag stig_id: 'RHEL-08-010340'\n  tag fix_id: 'F-32905r567530_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_libraries').join(' ')} ! -user root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System libraries' do\n    it 'should be owned by root' do\n      expect(failing_files).to be_empty, \"Files not owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230261.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System libraries should be owned by root",
+              "run_time": 0.002932,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System libraries"
+            }
+          ]
+        },
+        {
+          "id": "SV-230262",
+          "title": "RHEL 8 library files must be group-owned by root or a system account.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system-wide shared library files are group-owned by \"root\"\nwith the following command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -group root -exec ls -l {}\n\\;\n\n    If any system wide shared library file is returned and is not group-owned\nby a required system account, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\ngroup-owned by \"root\".\n\n    $ sudo chgrp root [FILE]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-230262",
+            "rid": "SV-230262r627750_rule",
+            "stig_id": "RHEL-08-010350",
+            "fix_id": "F-32906r567533_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-230262' do\n  title 'RHEL 8 library files must be group-owned by root or a system account.'\n  desc 'If RHEL 8 were to allow any user to make changes to software\nlibraries, then those changes might be implemented without undergoing the\nappropriate testing and approvals that are part of a robust change management\nprocess.\n\n    This requirement applies to RHEL 8 with software libraries that are\naccessible and configurable, as in the case of interpreted languages. Software\nlibraries also include privileged programs that execute with escalated\nprivileges. Only qualified and authorized individuals will be allowed to obtain\naccess to information system components for purposes of initiating changes,\nincluding upgrades and modifications.'\n  desc 'check', 'Verify the system-wide shared library files are group-owned by \"root\"\nwith the following command:\n\n    $ sudo find -L /lib /lib64 /usr/lib /usr/lib64 ! -group root -exec ls -l {}\n\\\\;\n\n    If any system wide shared library file is returned and is not group-owned\nby a required system account, this is a finding.'\n  desc 'fix', 'Configure the system-wide shared library files (/lib, /lib64, /usr/lib and\n/usr/lib64) to be protected from unauthorized access.\n\n    Run the following command, replacing \"[FILE]\" with any library file not\ngroup-owned by \"root\".\n\n    $ sudo chgrp root [FILE]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-230262'\n  tag rid: 'SV-230262r627750_rule'\n  tag stig_id: 'RHEL-08-010350'\n  tag fix_id: 'F-32906r567533_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  failing_files = command(\"find -L #{input('system_libraries').join(' ')} ! -group root -exec ls -d {} \\\\;\").stdout.split(\"\\n\")\n\n  describe 'System libraries' do\n    it 'should be group-owned by root' do\n      expect(failing_files).to be_empty, \"Files not group-owned by root:\\n\\t- #{failing_files.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230262.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System libraries should be group-owned by root",
+              "run_time": 0.002898,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "Files not group-owned by root:\n\t- /lib/.build-id/d9/244f8e130254fbcf33792728fc3ad35401f338\n\t- /lib/.build-id/eb/c1b3659ff640f84f3db168e72867ca6871c718\n\t- /lib/.build-id/91/24b78265f3d396f1a919676ff64958d07d9d95\n\t- /lib/.build-id/e4/f3a1395752122633cfc6c760e84d1d28056884\n\t- /lib/.build-id/93/ee3aada1c5729008aa17ada443ea7bf50a0a04\n\t- /lib/.build-id/17/d904ce8506673ae7259126bd92fe0b90b6bdd5\n\t- /usr/lib/.build-id/d9/244f8e130254fbcf33792728fc3ad35401f338\n\t- /usr/lib/.build-id/eb/c1b3659ff640f84f3db168e72867ca6871c718\n\t- /usr/lib/.build-id/91/24b78265f3d396f1a919676ff64958d07d9d95\n\t- /usr/lib/.build-id/e4/f3a1395752122633cfc6c760e84d1d28056884\n\t- /usr/lib/.build-id/93/ee3aada1c5729008aa17ada443ea7bf50a0a04\n\t- /usr/lib/.build-id/17/d904ce8506673ae7259126bd92fe0b90b6bdd5",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System libraries"
+            }
+          ]
+        },
+        {
+          "id": "SV-230263",
+          "title": "The RHEL 8 file integrity tool must notify the system administrator\nwhen changes to the baseline configuration or anomalies in the operation of any\nsecurity functions are discovered within an organizationally defined frequency.",
+          "desc": "Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information System Security Manager (ISSM)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\n\nNotifications provided by information systems include messages to local computer consoles, and/or hardware indications, such as lights.\n\nThis capability must take into account operational requirements for availability for selecting an appropriate response. The organization may choose to shut down or restart the information system upon security function anomaly detection.\n\nRHEL 8 comes with many optional software packages. A file integrity tool called Advanced Intrusion Detection Environment (AIDE) is one of those optional packages. This requirement assumes the use of AIDE; however, a different tool may be used if the requirements are met. Note that AIDE does not have a configuration that will send a notification, so a cron job is recommended that uses the mail application on the system to email the results of the file integrity check.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information System Security Manager (ISSM)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\n\nNotifications provided by information systems include messages to local computer consoles, and/or hardware indications, such as lights.\n\nThis capability must take into account operational requirements for availability for selecting an appropriate response. The organization may choose to shut down or restart the information system upon security function anomaly detection.\n\nRHEL 8 comes with many optional software packages. A file integrity tool called Advanced Intrusion Detection Environment (AIDE) is one of those optional packages. This requirement assumes the use of AIDE; however, a different tool may be used if the requirements are met. Note that AIDE does not have a configuration that will send a notification, so a cron job is recommended that uses the mail application on the system to email the results of the file integrity check."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system routinely checks the baseline configuration for unauthorized changes and notifies the system administrator when anomalies in the operation of any security functions are discovered.\n\nCheck that RHEL 8 routinely executes a file integrity scan for changes to the system baseline. The command used in the example will use a daily occurrence.\n\nCheck the cron directories for scripts controlling the execution and notification of results of the file integrity application. For example, if AIDE is installed on the system, use the following commands:\n\n     $ sudo ls -al /etc/cron.* | grep aide\n\n     -rwxr-xr-x 1 root root 29 Nov 22 2015 aide\n\n     $ sudo grep aide /etc/crontab /var/spool/cron/root\n\n     /etc/crontab: 30 04 * * * root /usr/sbin/aide\n     /var/spool/cron/root: 30 04 * * * root /usr/sbin/aide\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nIf the file integrity application does not exist, or a script file controlling the execution of the file integrity application does not exist, or the file integrity application does not notify designated personnel of changes, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the file integrity tool to run automatically on the system at least weekly and to notify designated personnel if baseline configurations are changed in an unauthorized manner. The AIDE tool can be configured to email designated personnel with the use of the cron system.\n\nThe following example output is generic. It will set cron to run AIDE daily and to send email at the completion of the analysis.\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nNote: Per requirement RHEL-08-010358, the \"mailx\" package must be installed on the system to enable email functionality."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000363-GPOS-00150",
+            "satisfies": [
+              "SRG-OS-000363-GPOS-00150",
+              "SRG-OS-000446-GPOS-00200",
+              "SRG-OS-000447-GPOS-00201"
+            ],
+            "gid": "V-230263",
+            "rid": "SV-230263r902716_rule",
+            "stig_id": "RHEL-08-010360",
+            "fix_id": "F-32907r902715_fix",
+            "cci": [
+              "CCI-001744"
+            ],
+            "nist": [
+              "CM-3 (5)"
+            ]
+          },
+          "code": "control 'SV-230263' do\n  title 'The RHEL 8 file integrity tool must notify the system administrator\nwhen changes to the baseline configuration or anomalies in the operation of any\nsecurity functions are discovered within an organizationally defined frequency.'\n  desc \"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's Information System Security Manager (ISSM)/Information System Security Officer (ISSO) and System Administrators (SAs) must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\n\nNotifications provided by information systems include messages to local computer consoles, and/or hardware indications, such as lights.\n\nThis capability must take into account operational requirements for availability for selecting an appropriate response. The organization may choose to shut down or restart the information system upon security function anomaly detection.\n\nRHEL 8 comes with many optional software packages. A file integrity tool called Advanced Intrusion Detection Environment (AIDE) is one of those optional packages. This requirement assumes the use of AIDE; however, a different tool may be used if the requirements are met. Note that AIDE does not have a configuration that will send a notification, so a cron job is recommended that uses the mail application on the system to email the results of the file integrity check.\"\n  desc 'check', 'Verify the operating system routinely checks the baseline configuration for unauthorized changes and notifies the system administrator when anomalies in the operation of any security functions are discovered.\n\nCheck that RHEL 8 routinely executes a file integrity scan for changes to the system baseline. The command used in the example will use a daily occurrence.\n\nCheck the cron directories for scripts controlling the execution and notification of results of the file integrity application. For example, if AIDE is installed on the system, use the following commands:\n\n     $ sudo ls -al /etc/cron.* | grep aide\n\n     -rwxr-xr-x 1 root root 29 Nov 22 2015 aide\n\n     $ sudo grep aide /etc/crontab /var/spool/cron/root\n\n     /etc/crontab: 30 04 * * * root /usr/sbin/aide\n     /var/spool/cron/root: 30 04 * * * root /usr/sbin/aide\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nIf the file integrity application does not exist, or a script file controlling the execution of the file integrity application does not exist, or the file integrity application does not notify designated personnel of changes, this is a finding.'\n  desc 'fix', 'Configure the file integrity tool to run automatically on the system at least weekly and to notify designated personnel if baseline configurations are changed in an unauthorized manner. The AIDE tool can be configured to email designated personnel with the use of the cron system.\n\nThe following example output is generic. It will set cron to run AIDE daily and to send email at the completion of the analysis.\n\n     $ sudo more /etc/cron.daily/aide\n\n     #!/bin/bash\n\n     /usr/sbin/aide --check | /bin/mail -s \"$HOSTNAME - Daily AIDE integrity check run\" root@example_server_name.mil\n\nNote: Per requirement RHEL-08-010358, the \"mailx\" package must be installed on the system to enable email functionality.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000363-GPOS-00150'\n  tag satisfies: ['SRG-OS-000363-GPOS-00150', 'SRG-OS-000446-GPOS-00200', 'SRG-OS-000447-GPOS-00201']\n  tag gid: 'V-230263'\n  tag rid: 'SV-230263r902716_rule'\n  tag stig_id: 'RHEL-08-010360'\n  tag fix_id: 'F-32907r902715_fix'\n  tag cci: ['CCI-001744']\n  tag nist: ['CM-3 (5)']\n\n  file_integrity_tool = input('file_integrity_tool')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package(file_integrity_tool) do\n      it { should be_installed }\n    end\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        its('content') { should match %r{/bin/mail} }\n      end\n      describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n        its('content') { should match %r{/bin/mail} }\n      end\n      describe crontab('root').where { command =~ /#{file_integrity_tool}/ } do\n        its('commands.flatten') { should include(match %r{/bin/mail}) }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('commands') { should include(match %r{/bin/mail}) }\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230263.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System Package aide is expected to be installed",
+              "run_time": 0.000168,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "expected that `System Package aide` is installed",
+              "resource_class": "package",
+              "resource_params": "[\"aide\"]",
+              "resource_id": "aide"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File /etc/cron.daily/aide content is expected to match /\\/bin\\/mail/",
+              "run_time": 0.000121,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "expected nil to match /\\/bin\\/mail/",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/cron.daily/aide\"]",
+              "resource_id": "/etc/cron.daily/aide"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File /etc/cron.weekly/aide content is expected to match /\\/bin\\/mail/",
+              "run_time": 6.7e-05,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "expected nil to match /\\/bin\\/mail/",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/cron.weekly/aide\"]",
+              "resource_id": "/etc/cron.weekly/aide"
+            },
+            {
+              "status": "failed",
+              "code_desc": "crontab for user root with command =~ /aide/ commands.flatten is expected to include (match /\\/bin\\/mail/)",
+              "run_time": 0.001665,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "expected [] to include (match /\\/bin\\/mail/)",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230264",
+          "title": "RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components from a repository without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.",
+          "desc": "Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents the installation of patches, service packs, device drivers, or operating system components from a repository without verification that they have been digitally signed using a certificate that is recognized and approved by the organization.\n\nCheck that YUM verifies the signature of packages from a repository prior to install with the following command:\n\n     $ sudo grep -E '^\\[.*\\]|gpgcheck' /etc/yum.repos.d/*.repo\n\n     /etc/yum.repos.d/appstream.repo:[appstream]\n     /etc/yum.repos.d/appstream.repo:gpgcheck=1\n     /etc/yum.repos.d/baseos.repo:[baseos]\n     /etc/yum.repos.d/baseos.repo:gpgcheck=1\n\nIf \"gpgcheck\" is not set to \"1\", or if options are missing or commented out, ask the System Administrator how the certificates for patches and other operating system components are verified.\n\nIf there is no process to validate certificates that is approved by the organization, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to verify the signature of packages from a\nrepository prior to install by setting the following option in the\n\"/etc/yum.repos.d/[your_repo_name].repo\" file:\n\n    gpgcheck=1"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000366-GPOS-00153",
+            "gid": "V-230264",
+            "rid": "SV-230264r880711_rule",
+            "stig_id": "RHEL-08-010370",
+            "fix_id": "F-32908r880710_fix",
+            "cci": [
+              "CCI-001749"
+            ],
+            "nist": [
+              "CM-5 (3)"
+            ]
+          },
+          "code": "control 'SV-230264' do\n  title 'RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components from a repository without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.'\n  desc 'Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.'\n  desc 'check', %q(Verify the operating system prevents the installation of patches, service packs, device drivers, or operating system components from a repository without verification that they have been digitally signed using a certificate that is recognized and approved by the organization.\n\nCheck that YUM verifies the signature of packages from a repository prior to install with the following command:\n\n     $ sudo grep -E '^\\[.*\\]|gpgcheck' /etc/yum.repos.d/*.repo\n\n     /etc/yum.repos.d/appstream.repo:[appstream]\n     /etc/yum.repos.d/appstream.repo:gpgcheck=1\n     /etc/yum.repos.d/baseos.repo:[baseos]\n     /etc/yum.repos.d/baseos.repo:gpgcheck=1\n\nIf \"gpgcheck\" is not set to \"1\", or if options are missing or commented out, ask the System Administrator how the certificates for patches and other operating system components are verified.\n\nIf there is no process to validate certificates that is approved by the organization, this is a finding.)\n  desc 'fix', 'Configure the operating system to verify the signature of packages from a\nrepository prior to install by setting the following option in the\n\"/etc/yum.repos.d/[your_repo_name].repo\" file:\n\n    gpgcheck=1'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag gid: 'V-230264'\n  tag rid: 'SV-230264r880711_rule'\n  tag stig_id: 'RHEL-08-010370'\n  tag fix_id: 'F-32908r880710_fix'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n\n  gpgcheck_entry_list = command('ls /etc/yum.repos.d/*.repo').stdout.split(\"\\n\")\n\n  gpgcheck_entry_list.each do |gpgcheck_entry|\n    describe \"Repo file #{gpgcheck_entry}\" do\n      subject { file(gpgcheck_entry) }\n      its('content') { should match(/gpgcheck\\s*=\\s*1/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230264.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Repo file /etc/yum.repos.d/redhat-rhui-client-config.repo content is expected to match /gpgcheck\\s*=\\s*1/",
+              "run_time": 0.090087,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "content"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Repo file /etc/yum.repos.d/redhat-rhui.repo content is expected to match /gpgcheck\\s*=\\s*1/",
+              "run_time": 0.13123,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "content"
+            }
+          ]
+        },
+        {
+          "id": "SV-230265",
+          "title": "RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components of local packages without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.",
+          "desc": "Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components from a repository without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check if YUM is configured to perform a signature check on local packages\nwith the following command:\n\n    $ sudo grep -i localpkg_gpgcheck /etc/dnf/dnf.conf\n\n    localpkg_gpgcheck =True\n\n    If \"localpkg_gpgcheck\" is not set to either \"1\", \"True\", or \"yes\",\ncommented out, or is missing from \"/etc/dnf/dnf.conf\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"localpkg_gpgcheck\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    localpkg_gpgcheck=True"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000366-GPOS-00153",
+            "gid": "V-230265",
+            "rid": "SV-230265r877463_rule",
+            "stig_id": "RHEL-08-010371",
+            "fix_id": "F-32909r567542_fix",
+            "cci": [
+              "CCI-001749"
+            ],
+            "nist": [
+              "CM-5 (3)"
+            ]
+          },
+          "code": "control 'SV-230265' do\n  title 'RHEL 8 must prevent the installation of software, patches, service\npacks, device drivers, or operating system components of local packages without\nverification they have been digitally signed using a certificate that is issued\nby a Certificate Authority (CA) that is recognized and approved by the\norganization.'\n  desc 'Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.'\n  desc 'check', 'Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components from a repository without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check if YUM is configured to perform a signature check on local packages\nwith the following command:\n\n    $ sudo grep -i localpkg_gpgcheck /etc/dnf/dnf.conf\n\n    localpkg_gpgcheck =True\n\n    If \"localpkg_gpgcheck\" is not set to either \"1\", \"True\", or \"yes\",\ncommented out, or is missing from \"/etc/dnf/dnf.conf\", this is a finding.'\n  desc 'fix', 'Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"localpkg_gpgcheck\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    localpkg_gpgcheck=True'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag gid: 'V-230265'\n  tag rid: 'SV-230265r877463_rule'\n  tag stig_id: 'RHEL-08-010371'\n  tag fix_id: 'F-32909r567542_fix'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n\n  describe.one do\n    describe parse_config_file('/etc/dnf/dnf.conf') do\n      its('main.localpkg_gpgcheck') { should cmp 'True' }\n    end\n    describe parse_config_file('/etc/dnf/dnf.conf') do\n      its('main.localpkg_gpgcheck') { should cmp 1 }\n    end\n    describe parse_config_file('/etc/dnf/dnf.conf') do\n      its('main.localpkg_gpgcheck') { should cmp 'yes' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230265.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/dnf/dnf.conf main.localpkg_gpgcheck is expected to cmp == 1",
+              "run_time": 0.000474,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/dnf/dnf.conf\"]",
+              "resource_id": "/etc/dnf/dnf.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230266",
+          "title": "RHEL 8 must prevent the loading of a new kernel for later execution.",
+          "desc": "Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.\n\nDisabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.\n\nDisabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured to disable kernel image loading with the following commands:\n\nCheck the status of the kernel.kexec_load_disabled kernel parameter.\n\n$ sudo sysctl kernel.kexec_load_disabled\n\nkernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.kexec_load_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable kernel image loading.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.kexec_load_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000366-GPOS-00153",
+            "gid": "V-230266",
+            "rid": "SV-230266r877463_rule",
+            "stig_id": "RHEL-08-010372",
+            "fix_id": "F-32910r858747_fix",
+            "cci": [
+              "CCI-001749"
+            ],
+            "nist": [
+              "CM-5 (3)"
+            ]
+          },
+          "code": "control 'SV-230266' do\n  title 'RHEL 8 must prevent the loading of a new kernel for later execution.'\n  desc 'Changes to any software components can have significant effects on the overall security of the operating system. This requirement ensures the software has not been tampered with and that it has been provided by a trusted vendor.\n\nDisabling kexec_load prevents an unsigned kernel image (that could be a windows kernel or modified vulnerable kernel) from being loaded. Kexec can be used subvert the entire secureboot process and should be avoided at all costs especially since it can load unsigned kernel images.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to disable kernel image loading with the following commands:\n\nCheck the status of the kernel.kexec_load_disabled kernel parameter.\n\n$ sudo sysctl kernel.kexec_load_disabled\n\nkernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.kexec_load_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.kexec_load_disabled = 1\n\nIf \"kernel.kexec_load_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable kernel image loading.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.kexec_load_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag gid: 'V-230266'\n  tag rid: 'SV-230266r877463_rule'\n  tag stig_id: 'RHEL-08-010372'\n  tag fix_id: 'F-32910r858747_fix'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.kexec_load_disabled') do\n      its('value') { should eq 1 }\n    end\n\n    describe command('grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf') do\n      its('stdout') { should match(/kernel.kexec_load_disabled(\\s+)?=(\\s+)?1$/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230266.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.kexec_load_disabled value is expected to eq 1",
+              "run_time": 0.191072,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.kexec_load_disabled\"]",
+              "resource_id": "kernel.kexec_load_disabled"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf` stdout is expected to match /kernel.kexec_load_disabled(\\s+)?=(\\s+)?1$/",
+              "run_time": 0.140818,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf\"]",
+              "resource_id": "Command: `grep -r ^kernel.kexec_load_disabled /etc/sysctl.conf /etc/sysctl.d/*.conf`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230267",
+          "title": "RHEL 8 must enable kernel parameters to enforce discretionary access\ncontrol on symlinks.",
+          "desc": "Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\nWhen discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\nBy enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the UID of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\nWhen discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\nBy enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the UID of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured to enable DAC on symlinks with the following commands:\n\nCheck the status of the fs.protected_symlinks kernel parameter.\n\n$ sudo sysctl fs.protected_symlinks\n\nfs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r fs.protected_symlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:fs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable DAC on symlinks.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nfs.protected_symlinks = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000312-GPOS-00122",
+            "satisfies": [
+              "SRG-OS-000312-GPOS-00122",
+              "SRG-OS-000312-GPOS-00123",
+              "SRG-OS-000312-GPOS-00124",
+              "SRG-OS-000324-GPOS-00125"
+            ],
+            "gid": "V-230267",
+            "rid": "SV-230267r858751_rule",
+            "stig_id": "RHEL-08-010373",
+            "fix_id": "F-32911r858750_fix",
+            "cci": [
+              "CCI-002165"
+            ],
+            "nist": [
+              "AC-3 (4)"
+            ]
+          },
+          "code": "control 'SV-230267' do\n  title 'RHEL 8 must enable kernel parameters to enforce discretionary access\ncontrol on symlinks.'\n  desc %q(Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\nWhen discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\nBy enabling the fs.protected_symlinks kernel parameter, symbolic links are permitted to be followed only when outside a sticky world-writable directory, or when the UID of the link and follower match, or when the directory owner matches the symlink's owner. Disallowing such symlinks helps mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf)\n  desc 'check', 'Verify the operating system is configured to enable DAC on symlinks with the following commands:\n\nCheck the status of the fs.protected_symlinks kernel parameter.\n\n$ sudo sysctl fs.protected_symlinks\n\nfs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r fs.protected_symlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:fs.protected_symlinks = 1\n\nIf \"fs.protected_symlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable DAC on symlinks.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nfs.protected_symlinks = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000312-GPOS-00122'\n  tag satisfies: ['SRG-OS-000312-GPOS-00122', 'SRG-OS-000312-GPOS-00123', 'SRG-OS-000312-GPOS-00124', 'SRG-OS-000324-GPOS-00125']\n  tag gid: 'V-230267'\n  tag rid: 'SV-230267r858751_rule'\n  tag stig_id: 'RHEL-08-010373'\n  tag fix_id: 'F-32911r858750_fix'\n  tag cci: ['CCI-002165']\n  tag nist: ['AC-3 (4)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('fs.protected_symlinks') do\n      its('value') { should cmp 1 }\n    end\n\n    describe command('grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf') do\n      its('stdout') { should match(/fs.protected_symlinks(\\s+)=(\\s+)1$/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230267.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter fs.protected_symlinks value is expected to cmp == 1",
+              "run_time": 0.12895,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"fs.protected_symlinks\"]",
+              "resource_id": "fs.protected_symlinks"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Command: `grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf` stdout is expected to match /fs.protected_symlinks(\\s+)=(\\s+)1$/",
+              "run_time": 0.171813,
+              "start_time": "2024-01-09T19:40:40-05:00",
+              "message": "expected \"/etc/sysctl.conf:fs.protected_symlinks=1\\n/etc/sysctl.d/99-sysctl.conf:fs.protected_symlinks=1\\n\" to match /fs.protected_symlinks(\\s+)=(\\s+)1$/",
+              "resource_class": "command",
+              "resource_params": "[\"grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf\"]",
+              "resource_id": "Command: `grep -r ^fs.protected_symlinks /etc/sysctl.conf /etc/sysctl.d/*.conf`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230268",
+          "title": "RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.",
+          "desc": "Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\n    When discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\n    By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\n    The sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\n    When discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\n    By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\n    The sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured to enable DAC on hardlinks with the following commands:\n\n  Check the status of the fs.protected_hardlinks kernel parameter.\n\n  $ sudo sysctl fs.protected_hardlinks\n\n  fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\" or is missing, this is a finding.\n\n  Check that the configuration files are present to enable this kernel parameter.\n\n  $ sudo grep -r fs.protected_hardlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n  /etc/sysctl.d/99-sysctl.conf:fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\n  If conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable DAC on hardlinks.\n\n  Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n  fs.protected_hardlinks = 1\n\n  Remove any configurations that conflict with the above from the following locations:\n  /run/sysctl.d/*.conf\n  /usr/local/lib/sysctl.d/*.conf\n  /usr/lib/sysctl.d/*.conf\n  /lib/sysctl.d/*.conf\n  /etc/sysctl.conf\n  /etc/sysctl.d/*.conf\n\n  Load settings from all system configuration files with the following command:\n\n  $ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000312-GPOS-00122",
+            "satisfies": [
+              "SRG-OS-000312-GPOS-00122",
+              "SRG-OS-000312-GPOS-00123",
+              "SRG-OS-000312-GPOS-00124",
+              "SRG-OS-000324-GPOS-00125"
+            ],
+            "gid": "V-230268",
+            "rid": "SV-230268r858754_rule",
+            "stig_id": "RHEL-08-010374",
+            "fix_id": "F-32912r858753_fix",
+            "cci": [
+              "CCI-002165"
+            ],
+            "nist": [
+              "AC-3 (4)"
+            ]
+          },
+          "code": "control 'SV-230268' do\n  title 'RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks.'\n  desc 'Discretionary Access Control (DAC) is based on the notion that individual users are \"owners\" of objects and therefore have discretion over who should be authorized to access the object and in which mode (e.g., read or write). Ownership is usually acquired as a consequence of creating the object or via specified ownership assignment. DAC allows the owner to determine who will have access to objects they control. An example of DAC includes user-controlled file permissions.\n\n    When discretionary access control policies are implemented, subjects are not constrained with regard to what actions they can take with information for which they have already been granted access. Thus, subjects that have been granted access to information are not prevented from passing (i.e., the subjects have the discretion to pass) the information to other subjects or objects. A subject that is constrained in its operation by Mandatory Access Control policies is still able to operate under the less rigorous constraints of this requirement. Thus, while Mandatory Access Control imposes constraints preventing a subject from passing information to another subject operating at a different sensitivity level, this requirement permits the subject to pass the information to any subject at the same sensitivity level. The policy is bounded by the information system boundary. Once the information is passed outside the control of the information system, additional means may be required to ensure the constraints remain in effect. While the older, more traditional definitions of discretionary access control require identity-based access control, that limitation is not required for this use of discretionary access control.\n\n    By enabling the fs.protected_hardlinks kernel parameter, users can no longer create soft or hard links to files they do not own. Disallowing such hardlinks mitigate vulnerabilities based on insecure file system accessed by privileged programs, avoiding an exploitation vector exploiting unsafe use of open() or creat().\n\n    The sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to enable DAC on hardlinks with the following commands:\n\n  Check the status of the fs.protected_hardlinks kernel parameter.\n\n  $ sudo sysctl fs.protected_hardlinks\n\n  fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\" or is missing, this is a finding.\n\n  Check that the configuration files are present to enable this kernel parameter.\n\n  $ sudo grep -r fs.protected_hardlinks /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n  /etc/sysctl.d/99-sysctl.conf:fs.protected_hardlinks = 1\n\n  If \"fs.protected_hardlinks\" is not set to \"1\", is missing or commented out, this is a finding.\n\n  If conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable DAC on hardlinks.\n\n  Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n  fs.protected_hardlinks = 1\n\n  Remove any configurations that conflict with the above from the following locations:\n  /run/sysctl.d/*.conf\n  /usr/local/lib/sysctl.d/*.conf\n  /usr/lib/sysctl.d/*.conf\n  /lib/sysctl.d/*.conf\n  /etc/sysctl.conf\n  /etc/sysctl.d/*.conf\n\n  Load settings from all system configuration files with the following command:\n\n  $ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000312-GPOS-00122'\n  tag satisfies: ['SRG-OS-000312-GPOS-00122', 'SRG-OS-000312-GPOS-00123', 'SRG-OS-000312-GPOS-00124', 'SRG-OS-000324-GPOS-00125']\n  tag gid: 'V-230268'\n  tag rid: 'SV-230268r858754_rule'\n  tag stig_id: 'RHEL-08-010374'\n  tag fix_id: 'F-32912r858753_fix'\n  tag cci: ['CCI-002165']\n  tag nist: ['AC-3 (4)']\n\n  # Define the kernel parameter to be checked\n  parameter = 'fs.protected_hardlinks'\n  action = 'enforce discretionary access control on hardlinks'\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe action.to_s do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp 0\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=0` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'have a single unique entry' do\n            expect(config_values.values.flatten.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it \"do not have more then one #{action} value\" do\n            expect(config_values.values.flatten.all? { |v| v == '0' }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230268.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "enforce discretionary access control on hardlinks is disabled in sysctl -a",
+              "run_time": 0.138785,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "\nexpected: 0\n     got: 1\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "enforce discretionary access control on hardlinks"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Configuration files for enforce discretionary access control on hardlinks have a single unique entry",
+              "run_time": 0.000179,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "Expected one unique configuration, but got {\"/etc/sysctl.d/99-sysctl.conf\"=>[\"1\"], \"/usr/lib/sysctl.d/50-default.conf\"=>[\" 1\"], \"/lib/sysctl.d/50-default.conf\"=>[\" 1\"], \"/etc/sysctl.conf\"=>[\"1\"]}",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for enforce discretionary access control on hardlinks"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Configuration files for enforce discretionary access control on hardlinks do not have more then one enforce discretionary access control on hardlinks value",
+              "run_time": 0.002782,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "\nexpected true\n     got false\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for enforce discretionary access control on hardlinks"
+            }
+          ]
+        },
+        {
+          "id": "SV-230269",
+          "title": "RHEL 8 must restrict access to the kernel message buffer.",
+          "desc": "Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nRestricting access to the kernel message buffer limits access to only root. This prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nRestricting access to the kernel message buffer limits access to only root. This prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:\n\nCheck the status of the kernel.dmesg_restrict kernel parameter.\n\n$ sudo sysctl kernel.dmesg_restrict\n\nkernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.dmesg_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to restrict access to the kernel message buffer.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.dmesg_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000138-GPOS-00069",
+            "gid": "V-230269",
+            "rid": "SV-230269r858756_rule",
+            "stig_id": "RHEL-08-010375",
+            "fix_id": "F-32913r858755_fix",
+            "cci": [
+              "CCI-001090"
+            ],
+            "nist": [
+              "SC-4"
+            ]
+          },
+          "code": "control 'SV-230269' do\n  title 'RHEL 8 must restrict access to the kernel message buffer.'\n  desc 'Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nRestricting access to the kernel message buffer limits access to only root. This prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to restrict access to the kernel message buffer with the following commands:\n\nCheck the status of the kernel.dmesg_restrict kernel parameter.\n\n$ sudo sysctl kernel.dmesg_restrict\n\nkernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.dmesg_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.dmesg_restrict = 1\n\nIf \"kernel.dmesg_restrict\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to restrict access to the kernel message buffer.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.dmesg_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000138-GPOS-00069'\n  tag gid: 'V-230269'\n  tag rid: 'SV-230269r858756_rule'\n  tag stig_id: 'RHEL-08-010375'\n  tag fix_id: 'F-32913r858755_fix'\n  tag cci: ['CCI-001090']\n  tag nist: ['SC-4']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.dmesg_restrict') do\n      its('value') { should eq 1 }\n    end\n\n    describe parse_config(command('grep -rh ^kernel.dmesg_restrict /etc/sysctl.conf /etc/sysctl.d/*.conf').stdout.strip) do\n      its(['kernel.dmesg_restrict']) { should cmp 1 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230269.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.dmesg_restrict value is expected to eq 1",
+              "run_time": 0.129519,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.dmesg_restrict\"]",
+              "resource_id": "kernel.dmesg_restrict"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Parse Config  [\"kernel.dmesg_restrict\"] is expected to cmp == 1",
+              "run_time": 0.000371,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernel.dmesg_restrict=1\\nkernel.dmesg_restrict=1\"]",
+              "resource_id": "kernel.dmesg_restrict=1\nkernel.dmesg_restrict=1"
+            }
+          ]
+        },
+        {
+          "id": "SV-230270",
+          "title": "RHEL 8 must prevent kernel profiling by unprivileged users.",
+          "desc": "Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nSetting the kernel.perf_event_paranoid kernel parameter to \"2\" prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nSetting the kernel.perf_event_paranoid kernel parameter to \"2\" prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured to prevent kernel profiling by unprivileged users with the following commands:\n\nCheck the status of the kernel.perf_event_paranoid kernel parameter.\n\n$ sudo sysctl kernel.perf_event_paranoid\n\nkernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.perf_event_paranoid /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent kernel profiling by unprivileged users.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.perf_event_paranoid = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000138-GPOS-00069",
+            "gid": "V-230270",
+            "rid": "SV-230270r858758_rule",
+            "stig_id": "RHEL-08-010376",
+            "fix_id": "F-32914r858757_fix",
+            "cci": [
+              "CCI-001090"
+            ],
+            "nist": [
+              "SC-4"
+            ]
+          },
+          "code": "control 'SV-230270' do\n  title 'RHEL 8 must prevent kernel profiling by unprivileged users.'\n  desc 'Preventing unauthorized information transfers mitigates the risk of information, including encrypted representations of information, produced by the actions of prior users/roles (or the actions of processes acting on behalf of prior users/roles) from being available to any current users/roles (or current processes) that obtain access to shared system resources (e.g., registers, main memory, hard disks) after those resources have been released back to information systems. The control of information in shared resources is also commonly referred to as object reuse and residual information protection.\n\nThis requirement generally applies to the design of an information technology product, but it can also apply to the configuration of particular information system components that are, or use, such products. This can be verified by acceptance/validation processes in DoD or other government agencies.\n\nThere may be shared resources with configurable protections (e.g., files in storage) that may be assessed on specific information system components.\n\nSetting the kernel.perf_event_paranoid kernel parameter to \"2\" prevents attackers from gaining additional system information as a non-privileged user.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify the operating system is configured to prevent kernel profiling by unprivileged users with the following commands:\n\nCheck the status of the kernel.perf_event_paranoid kernel parameter.\n\n$ sudo sysctl kernel.perf_event_paranoid\n\nkernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\" or is missing, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.perf_event_paranoid /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.perf_event_paranoid = 2\n\nIf \"kernel.perf_event_paranoid\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to prevent kernel profiling by unprivileged users.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.perf_event_paranoid = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000138-GPOS-00069'\n  tag gid: 'V-230270'\n  tag rid: 'SV-230270r858758_rule'\n  tag stig_id: 'RHEL-08-010376'\n  tag fix_id: 'F-32914r858757_fix'\n  tag cci: ['CCI-001090']\n  tag nist: ['SC-4']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.perf_event_paranoid') do\n      its('value') { should eq 2 }\n    end\n\n    describe parse_config(command('grep -rh ^kernel.perf_event_paranoid /etc/sysctl.conf /etc/sysctl.d/*.conf').stdout.strip) do\n      its(['kernel.perf_event_paranoid']) { should cmp 2 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230270.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.perf_event_paranoid value is expected to eq 2",
+              "run_time": 0.138308,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.perf_event_paranoid\"]",
+              "resource_id": "kernel.perf_event_paranoid"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Parse Config  [\"kernel.perf_event_paranoid\"] is expected to cmp == 2",
+              "run_time": 0.000312,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernel.perf_event_paranoid=2\\nkernel.perf_event_paranoid=2\"]",
+              "resource_id": "kernel.perf_event_paranoid=2\nkernel.perf_event_paranoid=2"
+            }
+          ]
+        },
+        {
+          "id": "SV-230271",
+          "title": "RHEL 8 must require users to provide a password for privilege\nescalation.",
+          "desc": "Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate."
+            },
+            {
+              "label": "check",
+              "data": "Verify that \"/etc/sudoers\" has no occurrences of \"NOPASSWD\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of \"NOPASSWD\" by\nrunning the following command:\n\n    $ sudo grep -i nopasswd /etc/sudoers /etc/sudoers.d/*\n\n    %admin ALL=(ALL) NOPASSWD: ALL\n\n    If any occurrences of \"NOPASSWD\" are returned from the command and have\nnot been documented with the ISSO as an organizationally defined administrative\ngroup utilizing MFA, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove any occurrence of \"NOPASSWD\" found in \"/etc/sudoers\"\nfile or files in the \"/etc/sudoers.d\" directory."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000373-GPOS-00156",
+            "satisfies": [
+              "SRG-OS-000373-GPOS-00156",
+              "SRG-OS-000373-GPOS-00157",
+              "SRG-OS-000373-GPOS-00158"
+            ],
+            "gid": "V-230271",
+            "rid": "SV-230271r854026_rule",
+            "stig_id": "RHEL-08-010380",
+            "fix_id": "F-32915r854025_fix",
+            "cci": [
+              "CCI-002038"
+            ],
+            "nist": [
+              "IA-11"
+            ]
+          },
+          "code": "control 'SV-230271' do\n  title 'RHEL 8 must require users to provide a password for privilege\nescalation.'\n  desc 'Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.'\n  desc 'check', 'Verify that \"/etc/sudoers\" has no occurrences of \"NOPASSWD\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of \"NOPASSWD\" by\nrunning the following command:\n\n    $ sudo grep -i nopasswd /etc/sudoers /etc/sudoers.d/*\n\n    %admin ALL=(ALL) NOPASSWD: ALL\n\n    If any occurrences of \"NOPASSWD\" are returned from the command and have\nnot been documented with the ISSO as an organizationally defined administrative\ngroup utilizing MFA, this is a finding.'\n  desc 'fix', 'Remove any occurrence of \"NOPASSWD\" found in \"/etc/sudoers\"\nfile or files in the \"/etc/sudoers.d\" directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag satisfies: ['SRG-OS-000373-GPOS-00156', 'SRG-OS-000373-GPOS-00157', 'SRG-OS-000373-GPOS-00158']\n  tag gid: 'V-230271'\n  tag rid: 'SV-230271r854026_rule'\n  tag stig_id: 'RHEL-08-010380'\n  tag fix_id: 'F-32915r854025_fix'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe \"Control not applicable within a container & sudo doesn't exist\" do\n      skip \"Control not applicable within a container & sudo doesn't exist\"\n    end\n  elsif input('skip_password_privilege_escalation')\n    impact 0.0\n    describe 'Users are not required to provide a password for privilege escalation as agreed to by the approval authority. This requirement is not applicable.' do\n      skip 'Users are not required to provide a password for privilege escalation as agreed to by the approval authority. This requirement is not applicable.'\n    end\n  else\n    processed = []\n    to_process = ['/etc/sudoers', '/etc/sudoers.d']\n\n    until to_process.empty?\n      in_process = to_process.pop\n      next if processed.include? in_process\n\n      processed.push in_process\n\n      if file(in_process).directory?\n        to_process.concat(\n          command(\"find #{in_process} -maxdepth 1 -mindepth 1\")\n            .stdout.strip.split(\"\\n\")\n            .select { |f| file(f).file? }\n        )\n      elsif file(in_process).file?\n        to_process.concat(\n          command(\"grep -E '#include\\\\s+' #{in_process} | sed 's/.*#include[[:space:]]*//g'\")\n            .stdout.strip.split(\"\\n\")\n            .map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }\n            .select { |f| file(f).exist? }\n        )\n        to_process.concat(\n          command(\"grep -E '#includedir\\\\s+' #{in_process} | sed 's/.*#includedir[[:space:]]*//g'\")\n            .stdout.strip.split(\"\\n\")\n            .map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }\n            .select { |f| file(f).exist? }\n        )\n      end\n    end\n\n    sudoers = processed.select { |f| file(f).file? }\n\n    sudoers.each do |sudoer|\n      sudo_content = file(sudoer).content.strip.split(\"\\n\")\n      nopasswd_lines = sudo_content.select { |l| l.match?(/^[^#].*NOPASSWD/) }\n      describe \"#{sudoer} rules containing NOPASSWD\" do\n        subject { nopasswd_lines }\n        it { should be_empty }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230271.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "/etc/sudoers.d/90-cloud-init-users rules containing NOPASSWD is expected to be empty",
+              "run_time": 0.009834,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected `[\"ec2-user ALL=(ALL) NOPASSWD:ALL\"].empty?` to be truthy, got false",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/etc/sudoers.d/90-cloud-init-users rules containing NOPASSWD"
+            },
+            {
+              "status": "passed",
+              "code_desc": "/etc/sudoers rules containing NOPASSWD is expected to be empty",
+              "run_time": 0.012929,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/etc/sudoers rules containing NOPASSWD"
+            }
+          ]
+        },
+        {
+          "id": "SV-230272",
+          "title": "RHEL 8 must require users to reauthenticate for privilege escalation.",
+          "desc": "Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate."
+            },
+            {
+              "label": "check",
+              "data": "Verify that \"/etc/sudoers\" has no occurrences of \"!authenticate\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of\n\"!authenticate\" by running the following command:\n\n    $ sudo grep -i !authenticate /etc/sudoers /etc/sudoers.d/*\n\n    If any occurrences of \"!authenticate\" return from the command, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove any occurrence of \"!authenticate\" found in\n\"/etc/sudoers\" file or files in the \"/etc/sudoers.d\" directory."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000373-GPOS-00156",
+            "satisfies": [
+              "SRG-OS-000373-GPOS-00156",
+              "SRG-OS-000373-GPOS-00157",
+              "SRG-OS-000373-GPOS-00158"
+            ],
+            "gid": "V-230272",
+            "rid": "SV-230272r854027_rule",
+            "stig_id": "RHEL-08-010381",
+            "fix_id": "F-32916r567563_fix",
+            "cci": [
+              "CCI-002038"
+            ],
+            "nist": [
+              "IA-11"
+            ]
+          },
+          "code": "control 'SV-230272' do\n  title 'RHEL 8 must require users to reauthenticate for privilege escalation.'\n  desc 'Without reauthentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.'\n  desc 'check', 'Verify that \"/etc/sudoers\" has no occurrences of \"!authenticate\".\n\n    Check that the \"/etc/sudoers\" file has no occurrences of\n\"!authenticate\" by running the following command:\n\n    $ sudo grep -i !authenticate /etc/sudoers /etc/sudoers.d/*\n\n    If any occurrences of \"!authenticate\" return from the command, this is a\nfinding.'\n  desc 'fix', 'Remove any occurrence of \"!authenticate\" found in\n\"/etc/sudoers\" file or files in the \"/etc/sudoers.d\" directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag satisfies: ['SRG-OS-000373-GPOS-00156', 'SRG-OS-000373-GPOS-00157', 'SRG-OS-000373-GPOS-00158']\n  tag gid: 'V-230272'\n  tag rid: 'SV-230272r854027_rule'\n  tag stig_id: 'RHEL-08-010381'\n  tag fix_id: 'F-32916r567563_fix'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -ir authenticate /etc/sudoers /etc/sudoers.d/*') do\n      its('stdout') { should_not match(/!authenticate/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230272.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep -ir authenticate /etc/sudoers /etc/sudoers.d/*` stdout is expected not to match /!authenticate/",
+              "run_time": 0.152027,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep -ir authenticate /etc/sudoers /etc/sudoers.d/*\"]",
+              "resource_id": "Command: `grep -ir authenticate /etc/sudoers /etc/sudoers.d/*`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230273",
+          "title": "RHEL 8 must have the packages required for multifactor authentication\n    installed.",
+          "desc": "Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    A privileged account is defined as an information system account with\n    authorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\n    authorized user (or an information system) communicating through an external,\n    non-organization-controlled network. Remote access methods include, for\n    example, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\n    function of the device or has the concept of an organizational user (e.g., VPN,\n    proxy capability). This does not apply to authentication for the purpose of\n    configuring the device itself (management).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    A privileged account is defined as an information system account with\n    authorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\n    authorized user (or an information system) communicating through an external,\n    non-organization-controlled network. Remote access methods include, for\n    example, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\n    function of the device or has the concept of an organizational user (e.g., VPN,\n    proxy capability). This does not apply to authentication for the purpose of\n    configuring the device itself (management)."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system has the packages required for multifactor\n    authentication installed with the following commands:\n\n        $ sudo yum list installed openssl-pkcs11\n\n        openssl-pkcs11.x86_64          0.4.8-2.el8          @anaconda\n\n    If the \"openssl-pkcs11\" package is not installed, ask the administrator\n    to indicate what type of multifactor authentication is being utilized and what\n    packages are installed to support it.  If there is no evidence of multifactor\n    authentication being used, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to implement multifactor authentication by\n    installing the required package with the following command:\n\n        $ sudo yum install openssl-pkcs11"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000375-GPOS-00160",
+            "gid": "V-230273",
+            "rid": "SV-230273r854028_rule",
+            "stig_id": "RHEL-08-010390",
+            "fix_id": "F-32917r743942_fix",
+            "cci": [
+              "CCI-001948"
+            ],
+            "nist": [
+              "IA-2 (11)"
+            ]
+          },
+          "code": "control 'SV-230273' do\n  title 'RHEL 8 must have the packages required for multifactor authentication\n    installed.'\n  desc 'Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    A privileged account is defined as an information system account with\n    authorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\n    authorized user (or an information system) communicating through an external,\n    non-organization-controlled network. Remote access methods include, for\n    example, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\n    function of the device or has the concept of an organizational user (e.g., VPN,\n    proxy capability). This does not apply to authentication for the purpose of\n    configuring the device itself (management).'\n  desc 'check', 'Verify the operating system has the packages required for multifactor\n    authentication installed with the following commands:\n\n        $ sudo yum list installed openssl-pkcs11\n\n        openssl-pkcs11.x86_64          0.4.8-2.el8          @anaconda\n\n    If the \"openssl-pkcs11\" package is not installed, ask the administrator\n    to indicate what type of multifactor authentication is being utilized and what\n    packages are installed to support it.  If there is no evidence of multifactor\n    authentication being used, this is a finding.'\n  desc 'fix', 'Configure the operating system to implement multifactor authentication by\n    installing the required package with the following command:\n\n        $ sudo yum install openssl-pkcs11'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000375-GPOS-00160'\n  tag gid: 'V-230273'\n  tag rid: 'SV-230273r854028_rule'\n  tag stig_id: 'RHEL-08-010390'\n  tag fix_id: 'F-32917r743942_fix'\n  tag cci: ['CCI-001948']\n  tag nist: ['IA-2 (11)']\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('smart_card_enabled')\n    describe package('openssl-pkcs11') do\n      it { should be_installed }\n    end\n  else\n    impact 0.0\n    describe 'The system is not smartcard enabled thus this control is Not Applicable' do\n      skip 'The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230273.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system is not smartcard enabled thus this control is Not Applicable",
+              "run_time": 0.00023,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource": "",
+              "skip_message": "The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system is not smartcard enabled thus this control is Not Applicable"
+            }
+          ]
+        },
+        {
+          "id": "SV-230274",
+          "title": "RHEL 8 must implement certificate status checking for multifactor authentication.",
+          "desc": "Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    RHEL 8 includes multiple options for configuring certificate status\nchecking, but for this requirement focuses on the System Security Services\nDaemon (SSSD). By default, sssd performs Online Certificate Status Protocol\n(OCSP) checking and certificate verification using a sha256 digest function.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    RHEL 8 includes multiple options for configuring certificate status\nchecking, but for this requirement focuses on the System Security Services\nDaemon (SSSD). By default, sssd performs Online Certificate Status Protocol\n(OCSP) checking and certificate verification using a sha256 digest function."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system implements certificate status checking for multifactor authentication.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck to see if Online Certificate Status Protocol (OCSP) is enabled and using the proper digest value on the system with the following command:\n\n$ sudo grep certificate_verification /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf | grep -v \"^#\"\n\ncertificate_verification = ocsp_dgst=sha1\n\nIf the certificate_verification line is missing from the [sssd] section, or is missing \"ocsp_dgst=sha1\", ask the administrator to indicate what type of multifactor authentication is being utilized and how the system implements certificate status checking.  If there is no evidence of certificate status checking being used, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to implement certificate status checking for multifactor authentication.\n\nReview the \"/etc/sssd/sssd.conf\" file to determine if the system is configured to prevent OCSP or certificate verification.\n\nAdd the following line to the [sssd] section of the \"/etc/sssd/sssd.conf\" file:\n\ncertificate_verification = ocsp_dgst=sha1\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000375-GPOS-00160",
+            "satisfies": [
+              "SRG-OS-000375-GPOS-00160",
+              "SRG-OS-000377-GPOS-00162"
+            ],
+            "gid": "V-230274",
+            "rid": "SV-230274r858741_rule",
+            "stig_id": "RHEL-08-010400",
+            "fix_id": "F-32918r809280_fix",
+            "cci": [
+              "CCI-001948"
+            ],
+            "nist": [
+              "IA-2 (11)"
+            ]
+          },
+          "code": "control 'SV-230274' do\n  title 'RHEL 8 must implement certificate status checking for multifactor authentication.'\n  desc 'Using an authentication device, such as a DoD Common Access Card (CAC)\n    or token that is separate from the information system, ensures that even if the\n    information system is compromised, credentials stored on the authentication\n    device will not be affected.\n\n    Multifactor solutions that require devices separate from information\n    systems gaining access include, for example, hardware tokens providing\n    time-based or challenge-response authenticators and smart cards such as the\n    U.S. Government Personal Identity Verification (PIV) card and the DoD CAC.\n\n    RHEL 8 includes multiple options for configuring certificate status\nchecking, but for this requirement focuses on the System Security Services\nDaemon (SSSD). By default, sssd performs Online Certificate Status Protocol\n(OCSP) checking and certificate verification using a sha256 digest function.'\n  desc 'check', 'Verify the operating system implements certificate status checking for multifactor authentication.\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\nCheck to see if Online Certificate Status Protocol (OCSP) is enabled and using the proper digest value on the system with the following command:\n\n$ sudo grep certificate_verification /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf | grep -v \"^#\"\n\ncertificate_verification = ocsp_dgst=sha1\n\nIf the certificate_verification line is missing from the [sssd] section, or is missing \"ocsp_dgst=sha1\", ask the administrator to indicate what type of multifactor authentication is being utilized and how the system implements certificate status checking.  If there is no evidence of certificate status checking being used, this is a finding.'\n  desc 'fix', 'Configure the operating system to implement certificate status checking for multifactor authentication.\n\nReview the \"/etc/sssd/sssd.conf\" file to determine if the system is configured to prevent OCSP or certificate verification.\n\nAdd the following line to the [sssd] section of the \"/etc/sssd/sssd.conf\" file:\n\ncertificate_verification = ocsp_dgst=sha1\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000375-GPOS-00160'\n  tag satisfies: ['SRG-OS-000375-GPOS-00160', 'SRG-OS-000377-GPOS-00162']\n  tag gid: 'V-230274'\n  tag rid: 'SV-230274r858741_rule'\n  tag stig_id: 'RHEL-08-010400'\n  tag fix_id: 'F-32918r809280_fix'\n  tag cci: ['CCI-001948']\n  tag nist: ['IA-2 (11)']\n\n  only_if('This requirement is Not Applicable inside the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe file('/etc/sssd/sssd.conf') do\n    it { should exist }\n  end\n\n  sssd_conf_file_contents = command('cat /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf').stdout.strip\n  sssd_certificate_verification = input('sssd_certificate_verification')\n\n  if sssd_conf_file_contents.empty?\n    describe 'Unable to verify the SSSD Configuration for OCSP MFA Validation' do\n      skip 'Unable to verify the SSSD Configuration for OCSP MFA Validation, please review this Requirement Manually'\n    end\n  else\n    describe ini({ command: 'cat /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf' }) do\n      its('sssd.certificate_verification') { should cmp sssd_certificate_verification }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230274.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File /etc/sssd/sssd.conf is expected to exist",
+              "run_time": 0.133493,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected File /etc/sssd/sssd.conf to exist",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sssd/sssd.conf\"]",
+              "resource_id": "/etc/sssd/sssd.conf"
+            },
+            {
+              "status": "skipped",
+              "code_desc": "Unable to verify the SSSD Configuration for OCSP MFA Validation",
+              "run_time": 1.0e-05,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource": "",
+              "skip_message": "Unable to verify the SSSD Configuration for OCSP MFA Validation, please review this Requirement Manually",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Unable to verify the SSSD Configuration for OCSP MFA Validation"
+            }
+          ]
+        },
+        {
+          "id": "SV-230275",
+          "title": "RHEL 8 must accept Personal Identity Verification (PIV) credentials.",
+          "desc": "The use of PIV credentials facilitates standardization and reduces the\n    risk of unauthorized access.\n\n    The DoD has mandated the use of the Common Access Card (CAC) to support\n    identity management and personal authentication for systems covered under\n    Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a\n    primary component of layered protection for national security systems.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of PIV credentials facilitates standardization and reduces the\n    risk of unauthorized access.\n\n    The DoD has mandated the use of the Common Access Card (CAC) to support\n    identity management and personal authentication for systems covered under\n    Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a\n    primary component of layered protection for national security systems."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 accepts PIV credentials.\n\n    Check that the \"opensc\" package is installed on the system with the\n    following command:\n\n        $ sudo yum list installed opensc\n\n        opensc.x86_64     0.19.0-5.el8     @anaconda\n\n    Check that \"opensc\" accepts PIV cards with the following command:\n\n        $ sudo opensc-tool --list-drivers | grep -i piv\n\n          PIV-II     Personal Identity Verification Card\n\n    If the \"opensc\" package is not installed and the \"opensc-tool\" driver\n    list does not include \"PIV-II\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to accept PIV credentials.\n\n    Install the \"opensc\" package using the following command:\n\n        $ sudo yum install opensc"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000376-GPOS-00161",
+            "gid": "V-230275",
+            "rid": "SV-230275r854030_rule",
+            "stig_id": "RHEL-08-010410",
+            "fix_id": "F-32919r567572_fix",
+            "cci": [
+              "CCI-001953"
+            ],
+            "nist": [
+              "IA-2 (12)"
+            ]
+          },
+          "code": "control 'SV-230275' do\n  title 'RHEL 8 must accept Personal Identity Verification (PIV) credentials.'\n  desc 'The use of PIV credentials facilitates standardization and reduces the\n    risk of unauthorized access.\n\n    The DoD has mandated the use of the Common Access Card (CAC) to support\n    identity management and personal authentication for systems covered under\n    Homeland Security Presidential Directive (HSPD) 12, as well as making the CAC a\n    primary component of layered protection for national security systems.'\n  desc 'check', 'Verify RHEL 8 accepts PIV credentials.\n\n    Check that the \"opensc\" package is installed on the system with the\n    following command:\n\n        $ sudo yum list installed opensc\n\n        opensc.x86_64     0.19.0-5.el8     @anaconda\n\n    Check that \"opensc\" accepts PIV cards with the following command:\n\n        $ sudo opensc-tool --list-drivers | grep -i piv\n\n          PIV-II     Personal Identity Verification Card\n\n    If the \"opensc\" package is not installed and the \"opensc-tool\" driver\n    list does not include \"PIV-II\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to accept PIV credentials.\n\n    Install the \"opensc\" package using the following command:\n\n        $ sudo yum install opensc'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000376-GPOS-00161'\n  tag gid: 'V-230275'\n  tag rid: 'SV-230275r854030_rule'\n  tag stig_id: 'RHEL-08-010410'\n  tag fix_id: 'F-32919r567572_fix'\n  tag cci: ['CCI-001953']\n  tag nist: ['IA-2 (12)']\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('smart_card_enabled')\n    describe package('opensc') do\n      it { should be_installed }\n    end\n    describe command('opensc-tool --list-drivers | grep -i piv') do\n      its('stdout') { should match(/PIV-II/) }\n    end\n  else\n    impact 0.0\n    describe 'The system is not utilizing smart card authentication' do\n      skip 'The system is not utilizing smart card authentication, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230275.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system is not utilizing smart card authentication",
+              "run_time": 5.0e-06,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource": "",
+              "skip_message": "The system is not utilizing smart card authentication, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system is not utilizing smart card authentication"
+            }
+          ]
+        },
+        {
+          "id": "SV-230276",
+          "title": "RHEL 8 must implement non-executable data to protect its memory from\nunauthorized code execution.",
+          "desc": "Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Examples of attacks are buffer overflow attacks.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Examples of attacks are buffer overflow attacks."
+            },
+            {
+              "label": "check",
+              "data": "Verify the NX (no-execution) bit flag is set on the system.\n\n    Check that the no-execution bit flag is set with the following commands:\n\n    $ sudo dmesg | grep NX\n\n    [ 0.000000] NX (Execute Disable) protection: active\n\n    If \"dmesg\" does not show \"NX (Execute Disable) protection\" active,\ncheck the cpuinfo settings with the following command:\n\n    $ sudo less /proc/cpuinfo | grep -i flags\n    flags : fpu vme de pse tsc ms nx rdtscp lm constant_tsc\n\n    If \"flags\" does not contain the \"nx\" flag, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "The NX bit execute protection must be enabled in the system\nBIOS."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000433-GPOS-00192",
+            "gid": "V-230276",
+            "rid": "SV-230276r854031_rule",
+            "stig_id": "RHEL-08-010420",
+            "fix_id": "F-32920r567575_fix",
+            "cci": [
+              "CCI-002824"
+            ],
+            "nist": [
+              "SI-16"
+            ]
+          },
+          "code": "control 'SV-230276' do\n  title 'RHEL 8 must implement non-executable data to protect its memory from\nunauthorized code execution.'\n  desc 'Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Examples of attacks are buffer overflow attacks.'\n  desc 'check', 'Verify the NX (no-execution) bit flag is set on the system.\n\n    Check that the no-execution bit flag is set with the following commands:\n\n    $ sudo dmesg | grep NX\n\n    [ 0.000000] NX (Execute Disable) protection: active\n\n    If \"dmesg\" does not show \"NX (Execute Disable) protection\" active,\ncheck the cpuinfo settings with the following command:\n\n    $ sudo less /proc/cpuinfo | grep -i flags\n    flags : fpu vme de pse tsc ms nx rdtscp lm constant_tsc\n\n    If \"flags\" does not contain the \"nx\" flag, this is a finding.'\n  desc 'fix', 'The NX bit execute protection must be enabled in the system\nBIOS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000433-GPOS-00192'\n  tag gid: 'V-230276'\n  tag rid: 'SV-230276r854031_rule'\n  tag stig_id: 'RHEL-08-010420'\n  tag fix_id: 'F-32920r567575_fix'\n  tag cci: ['CCI-002824']\n  tag nist: ['SI-16']\n\n  options = {\n    assignment_regex: /^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/\n  }\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe command('dmesg | grep NX') do\n        it('stdout') { should match(/.+(NX \\(Execute Disable\\) protection: active)/) }\n      end\n      describe parse_config_file('/proc/cpuinfo', options) do\n        its('flags.split') { should include 'nx' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230276.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /proc/cpuinfo flags.split is expected to include \"nx\"",
+              "run_time": 0.000287,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/proc/cpuinfo\", {:assignment_regex=>/^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/}]",
+              "resource_id": "/proc/cpuinfo"
+            }
+          ]
+        },
+        {
+          "id": "SV-230277",
+          "title": "RHEL 8 must clear the page allocator to prevent use-after-free\nattacks.",
+          "desc": "Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory."
+            },
+            {
+              "label": "check",
+              "data": "Verify that GRUB 2 is configured to enable page poisoning to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has page poisoning enabled:\n\n$ sudo grub2-editenv list | grep page_poison\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"page_poison\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that page poisoning is enabled by default to persist in kernel updates:\n\n$ sudo grep page_poison /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"page_poison=1\"\n\nIf \"page_poison\" is not set to \"1\", is missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to enable page poisoning with the following commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"page_poison=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"page_poison=1\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000134-GPOS-00068",
+            "satisfies": [
+              "SRG-OS-000134-GPOS-00068",
+              "SRG-OS-000433-GPOS-00192"
+            ],
+            "gid": "V-230277",
+            "rid": "SV-230277r792884_rule",
+            "stig_id": "RHEL-08-010421",
+            "fix_id": "F-32921r567578_fix",
+            "cci": [
+              "CCI-001084"
+            ],
+            "nist": [
+              "SC-3"
+            ]
+          },
+          "code": "control 'SV-230277' do\n  title 'RHEL 8 must clear the page allocator to prevent use-after-free\nattacks.'\n  desc 'Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.'\n  desc 'check', 'Verify that GRUB 2 is configured to enable page poisoning to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has page poisoning enabled:\n\n$ sudo grub2-editenv list | grep page_poison\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"page_poison\" is not set to \"1\" or is missing, this is a finding.\n\nCheck that page poisoning is enabled by default to persist in kernel updates:\n\n$ sudo grep page_poison /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"page_poison=1\"\n\nIf \"page_poison\" is not set to \"1\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable page poisoning with the following commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"page_poison=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"page_poison=1\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']\n  tag gid: 'V-230277'\n  tag rid: 'SV-230277r792884_rule'\n  tag stig_id: 'RHEL-08-010421'\n  tag fix_id: 'F-32921r567578_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/page_poison=1/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/page_poison=1/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230277.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  kernelopts is expected to match /page_poison=1/",
+              "run_time": 0.003445,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /page_poison=1/",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]",
+              "resource_id": "kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /page_poison=1/",
+              "run_time": 0.002497,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /page_poison=1/",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/default/grub\"]",
+              "resource_id": "/etc/default/grub"
+            }
+          ]
+        },
+        {
+          "id": "SV-230278",
+          "title": "RHEL 8 must disable virtual syscalls.",
+          "desc": "Syscalls are special routines in the Linux kernel, which userspace\napplications ask to do privileged tasks.  Invoking a system call is an\nexpensive operation because the processor must interrupt the currently\nexecuting task and switch context to kernel mode and then back to userspace\nafter the system call completes.  Virtual Syscalls map into user space a page\nthat contains some variables and the implementation of some system calls.  This\nallows the system calls to be executed in userspace to alleviate the context\nswitching expense.\n\n    Virtual Syscalls provide an opportunity of attack for a user who has\ncontrol of the return instruction pointer.  Disabling vsyscalls help to prevent\nreturn oriented programming (ROP) attacks via buffer overflows and overruns. If\nthe system intends to run containers based on RHEL 6 components, then virtual\nsyscalls will need enabled so the components function properly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Syscalls are special routines in the Linux kernel, which userspace\napplications ask to do privileged tasks.  Invoking a system call is an\nexpensive operation because the processor must interrupt the currently\nexecuting task and switch context to kernel mode and then back to userspace\nafter the system call completes.  Virtual Syscalls map into user space a page\nthat contains some variables and the implementation of some system calls.  This\nallows the system calls to be executed in userspace to alleviate the context\nswitching expense.\n\n    Virtual Syscalls provide an opportunity of attack for a user who has\ncontrol of the return instruction pointer.  Disabling vsyscalls help to prevent\nreturn oriented programming (ROP) attacks via buffer overflows and overruns. If\nthe system intends to run containers based on RHEL 6 components, then virtual\nsyscalls will need enabled so the components function properly."
+            },
+            {
+              "label": "check",
+              "data": "Verify that GRUB 2 is configured to disable vsyscalls with the following commands:\n\nCheck that the current GRUB 2 configuration disables vsyscalls:\n\n$ sudo grub2-editenv list | grep vsyscall\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"vsyscall\" is not set to \"none\" or is missing, this is a finding.\n\nCheck that vsyscalls are disabled by default to persist in kernel updates:\n\n$ sudo grep vsyscall /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"vsyscall=none\"\n\nIf \"vsyscall\" is not set to \"none\", is missing or commented out and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the use of vsyscalls with the ISSO as an operational requirement\nor disable them with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"vsyscall=none\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"vsyscall=none\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000134-GPOS-00068",
+            "satisfies": [
+              "SRG-OS-000134-GPOS-00068",
+              "SRG-OS-000433-GPOS-00192"
+            ],
+            "gid": "V-230278",
+            "rid": "SV-230278r792886_rule",
+            "stig_id": "RHEL-08-010422",
+            "fix_id": "F-32922r743947_fix",
+            "cci": [
+              "CCI-001084"
+            ],
+            "nist": [
+              "SC-3"
+            ]
+          },
+          "code": "control 'SV-230278' do\n  title 'RHEL 8 must disable virtual syscalls.'\n  desc 'Syscalls are special routines in the Linux kernel, which userspace\napplications ask to do privileged tasks.  Invoking a system call is an\nexpensive operation because the processor must interrupt the currently\nexecuting task and switch context to kernel mode and then back to userspace\nafter the system call completes.  Virtual Syscalls map into user space a page\nthat contains some variables and the implementation of some system calls.  This\nallows the system calls to be executed in userspace to alleviate the context\nswitching expense.\n\n    Virtual Syscalls provide an opportunity of attack for a user who has\ncontrol of the return instruction pointer.  Disabling vsyscalls help to prevent\nreturn oriented programming (ROP) attacks via buffer overflows and overruns. If\nthe system intends to run containers based on RHEL 6 components, then virtual\nsyscalls will need enabled so the components function properly.'\n  desc 'check', 'Verify that GRUB 2 is configured to disable vsyscalls with the following commands:\n\nCheck that the current GRUB 2 configuration disables vsyscalls:\n\n$ sudo grub2-editenv list | grep vsyscall\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"vsyscall\" is not set to \"none\" or is missing, this is a finding.\n\nCheck that vsyscalls are disabled by default to persist in kernel updates:\n\n$ sudo grep vsyscall /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"vsyscall=none\"\n\nIf \"vsyscall\" is not set to \"none\", is missing or commented out and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Document the use of vsyscalls with the ISSO as an operational requirement\nor disable them with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"vsyscall=none\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"vsyscall=none\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']\n  tag gid: 'V-230278'\n  tag rid: 'SV-230278r792886_rule'\n  tag stig_id: 'RHEL-08-010422'\n  tag fix_id: 'F-32922r743947_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/vsyscall=none/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/vsyscall=none/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230278.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  kernelopts is expected to match /vsyscall=none/",
+              "run_time": 0.002027,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /vsyscall=none/",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]",
+              "resource_id": "kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /vsyscall=none/",
+              "run_time": 0.003203,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /vsyscall=none/",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/default/grub\"]",
+              "resource_id": "/etc/default/grub"
+            }
+          ]
+        },
+        {
+          "id": "SV-230279",
+          "title": "RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.",
+          "desc": "Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.\n\n    SLAB objects are blocks of physically-contiguous memory.  SLUB is the\nunqueued SLAB allocator.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.\n\n    SLAB objects are blocks of physically-contiguous memory.  SLUB is the\nunqueued SLAB allocator."
+            },
+            {
+              "label": "check",
+              "data": "Verify that GRUB 2 is configured to enable poisoning of SLUB/SLAB objects to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has poisoning of SLUB/SLAB objects enabled:\n\n$ sudo grub2-editenv list | grep slub_debug\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 slub_debug=P page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"slub_debug\" is not set to \"P\" or is missing, this is a finding.\n\nCheck that poisoning of SLUB/SLAB objects is enabled by default to persist in kernel updates:\n\n$ sudo grep slub_debug /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"slub_debug=P\"\n\nIf \"slub_debug\" is not set to \"P\", is missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to enable poisoning of SLUB/SLAB objects with the\nfollowing commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"slub_debug=P\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"slub_debug=P\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000134-GPOS-00068",
+            "satisfies": [
+              "SRG-OS-000134-GPOS-00068",
+              "SRG-OS-000433-GPOS-00192"
+            ],
+            "gid": "V-230279",
+            "rid": "SV-230279r792888_rule",
+            "stig_id": "RHEL-08-010423",
+            "fix_id": "F-32923r567584_fix",
+            "cci": [
+              "CCI-001084"
+            ],
+            "nist": [
+              "SC-3"
+            ]
+          },
+          "code": "control 'SV-230279' do\n  title 'RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks.'\n  desc 'Some adversaries launch attacks with the intent of executing code in\nnon-executable regions of memory or in memory locations that are prohibited.\nSecurity safeguards employed to protect memory include, for example, data\nexecution prevention and address space layout randomization. Data execution\nprevention safeguards can be either hardware-enforced or software-enforced with\nhardware providing the greater strength of mechanism.\n\n    Poisoning writes an arbitrary value to freed pages, so any modification or\nreference to that page after being freed or before being initialized will be\ndetected and prevented. This prevents many types of use-after-free\nvulnerabilities at little performance cost. Also prevents leak of data and\ndetection of corrupted memory.\n\n    SLAB objects are blocks of physically-contiguous memory.  SLUB is the\nunqueued SLAB allocator.'\n  desc 'check', 'Verify that GRUB 2 is configured to enable poisoning of SLUB/SLAB objects to mitigate use-after-free vulnerabilities with the following commands:\n\nCheck that the current GRUB 2 configuration has poisoning of SLUB/SLAB objects enabled:\n\n$ sudo grub2-editenv list | grep slub_debug\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 slub_debug=P page_poison=1 vsyscall=none audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf \"slub_debug\" is not set to \"P\" or is missing, this is a finding.\n\nCheck that poisoning of SLUB/SLAB objects is enabled by default to persist in kernel updates:\n\n$ sudo grep slub_debug /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"slub_debug=P\"\n\nIf \"slub_debug\" is not set to \"P\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable poisoning of SLUB/SLAB objects with the\nfollowing commands:\n\n    $ sudo grubby --update-kernel=ALL --args=\"slub_debug=P\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"slub_debug=P\"'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000134-GPOS-00068'\n  tag satisfies: ['SRG-OS-000134-GPOS-00068', 'SRG-OS-000433-GPOS-00192']\n  tag gid: 'V-230279'\n  tag rid: 'SV-230279r792888_rule'\n  tag stig_id: 'RHEL-08-010423'\n  tag fix_id: 'F-32923r567584_fix'\n  tag cci: ['CCI-001084']\n  tag nist: ['SC-3']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/slub_debug=P/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/slub_debug=P/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230279.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  kernelopts is expected to match /slub_debug=P/",
+              "run_time": 0.011754,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /slub_debug=P/",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]",
+              "resource_id": "kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /slub_debug=P/",
+              "run_time": 0.001129,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "message": "expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /slub_debug=P/",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/default/grub\"]",
+              "resource_id": "/etc/default/grub"
+            }
+          ]
+        },
+        {
+          "id": "SV-230280",
+          "title": "RHEL 8 must implement address space layout randomization (ASLR) to\nprotect its memory from unauthorized code execution.",
+          "desc": "Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.\n\nExamples of attacks are buffer overflow attacks.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.\n\nExamples of attacks are buffer overflow attacks.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 implements ASLR with the following command:\n\n$ sudo sysctl kernel.randomize_va_space\n\nkernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.randomize_va_space /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to implement virtual address space randomization.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.randomize_va_space=2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nIssue the following command to make the changes take effect:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000433-GPOS-00193",
+            "gid": "V-230280",
+            "rid": "SV-230280r858767_rule",
+            "stig_id": "RHEL-08-010430",
+            "fix_id": "F-32924r858766_fix",
+            "cci": [
+              "CCI-002824"
+            ],
+            "nist": [
+              "SI-16"
+            ]
+          },
+          "code": "control 'SV-230280' do\n  title 'RHEL 8 must implement address space layout randomization (ASLR) to\nprotect its memory from unauthorized code execution.'\n  desc 'Some adversaries launch attacks with the intent of executing code in non-executable regions of memory or in memory locations that are prohibited. Security safeguards employed to protect memory include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be either hardware-enforced or software-enforced with hardware providing the greater strength of mechanism.\n\nExamples of attacks are buffer overflow attacks.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 implements ASLR with the following command:\n\n$ sudo sysctl kernel.randomize_va_space\n\nkernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.randomize_va_space /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.randomize_va_space = 2\n\nIf \"kernel.randomize_va_space\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to implement virtual address space randomization.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.randomize_va_space=2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nIssue the following command to make the changes take effect:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000433-GPOS-00193'\n  tag gid: 'V-230280'\n  tag rid: 'SV-230280r858767_rule'\n  tag stig_id: 'RHEL-08-010430'\n  tag fix_id: 'F-32924r858766_fix'\n  tag cci: ['CCI-002824']\n  tag nist: ['SI-16']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.randomize_va_space') do\n      its('value') { should eq 2 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230280.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.randomize_va_space value is expected to eq 2",
+              "run_time": 0.095266,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.randomize_va_space\"]",
+              "resource_id": "kernel.randomize_va_space"
+            }
+          ]
+        },
+        {
+          "id": "SV-230281",
+          "title": "YUM must remove all software components after updated versions have\nbeen installed on RHEL 8.",
+          "desc": "Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system removes all software components after updated\nversions have been installed.\n\n    Check if YUM is configured to remove unneeded packages with the following\ncommand:\n\n    $ sudo grep -i clean_requirements_on_remove /etc/dnf/dnf.conf\n\n    clean_requirements_on_remove=True\n\n    If \"clean_requirements_on_remove\" is not set to either \"1\", \"True\",\nor \"yes\", commented out, or is missing from \"/etc/dnf/dnf.conf\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"clean_requirements_on_remove\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    clean_requirements_on_remove=True"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000437-GPOS-00194",
+            "gid": "V-230281",
+            "rid": "SV-230281r854034_rule",
+            "stig_id": "RHEL-08-010440",
+            "fix_id": "F-32925r567590_fix",
+            "cci": [
+              "CCI-002617"
+            ],
+            "nist": [
+              "SI-2 (6)"
+            ]
+          },
+          "code": "control 'SV-230281' do\n  title 'YUM must remove all software components after updated versions have\nbeen installed on RHEL 8.'\n  desc 'Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system.'\n  desc 'check', 'Verify the operating system removes all software components after updated\nversions have been installed.\n\n    Check if YUM is configured to remove unneeded packages with the following\ncommand:\n\n    $ sudo grep -i clean_requirements_on_remove /etc/dnf/dnf.conf\n\n    clean_requirements_on_remove=True\n\n    If \"clean_requirements_on_remove\" is not set to either \"1\", \"True\",\nor \"yes\", commented out, or is missing from \"/etc/dnf/dnf.conf\", this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \"clean_requirements_on_remove\" option to \"True\" in the\n\"/etc/dnf/dnf.conf\" file:\n\n    clean_requirements_on_remove=True'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000437-GPOS-00194'\n  tag gid: 'V-230281'\n  tag rid: 'SV-230281r854034_rule'\n  tag stig_id: 'RHEL-08-010440'\n  tag fix_id: 'F-32925r567590_fix'\n  tag cci: ['CCI-002617']\n  tag nist: ['SI-2 (6)']\n\n  describe parse_config_file('/etc/dnf/dnf.conf') do\n    its('main.clean_requirements_on_remove') { should match(/1|True|yes/i) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230281.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/dnf/dnf.conf main.clean_requirements_on_remove is expected to match /1|True|yes/i",
+              "run_time": 0.002434,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/dnf/dnf.conf\"]",
+              "resource_id": "/etc/dnf/dnf.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230282",
+          "title": "RHEL 8 must enable the SELinux targeted policy.",
+          "desc": "Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality."
+            },
+            {
+              "label": "check",
+              "data": "Ensure the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and is enforcing the targeted policy with\nthe following command:\n\n    $ sudo sestatus\n\n    SELinux status: enabled\n    SELinuxfs mount: /sys/fs/selinux\n    SELinux root directory: /etc/selinux\n    Loaded policy name: targeted\n    Current mode: enforcing\n    Mode from config file: enforcing\n    Policy MLS status: enabled\n    Policy deny_unknown status: allowed\n    Memory protection checking: actual (secure)\n    Max kernel policy version: 31\n\n    If the \"Loaded policy name\" is not set to \"targeted\", this is a finding.\n\n    Verify that the /etc/selinux/config file is configured to the\n\"SELINUXTYPE\" to \"targeted\":\n\n    $ sudo grep -i \"selinuxtype\" /etc/selinux/config | grep -v '^#'\n\n    SELINUXTYPE = targeted\n\n    If no results are returned or \"SELINUXTYPE\" is not set to \"targeted\",\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinuxtype\" to the \"targeted\" policy by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUXTYPE=targeted\n\n    A reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000445-GPOS-00199",
+            "gid": "V-230282",
+            "rid": "SV-230282r854035_rule",
+            "stig_id": "RHEL-08-010450",
+            "fix_id": "F-32926r567593_fix",
+            "cci": [
+              "CCI-002696"
+            ],
+            "nist": [
+              "SI-6 a"
+            ]
+          },
+          "code": "control 'SV-230282' do\n  title 'RHEL 8 must enable the SELinux targeted policy.'\n  desc 'Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.'\n  desc 'check', %q(Ensure the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \"SELinux\" is active and is enforcing the targeted policy with\nthe following command:\n\n    $ sudo sestatus\n\n    SELinux status: enabled\n    SELinuxfs mount: /sys/fs/selinux\n    SELinux root directory: /etc/selinux\n    Loaded policy name: targeted\n    Current mode: enforcing\n    Mode from config file: enforcing\n    Policy MLS status: enabled\n    Policy deny_unknown status: allowed\n    Memory protection checking: actual (secure)\n    Max kernel policy version: 31\n\n    If the \"Loaded policy name\" is not set to \"targeted\", this is a finding.\n\n    Verify that the /etc/selinux/config file is configured to the\n\"SELINUXTYPE\" to \"targeted\":\n\n    $ sudo grep -i \"selinuxtype\" /etc/selinux/config | grep -v '^#'\n\n    SELINUXTYPE = targeted\n\n    If no results are returned or \"SELINUXTYPE\" is not set to \"targeted\",\nthis is a finding.)\n  desc 'fix', 'Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \"SELinuxtype\" to the \"targeted\" policy by modifying the\n\"/etc/selinux/config\" file to have the following line:\n\n    SELINUXTYPE=targeted\n\n    A reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000445-GPOS-00199'\n  tag gid: 'V-230282'\n  tag rid: 'SV-230282r854035_rule'\n  tag stig_id: 'RHEL-08-010450'\n  tag fix_id: 'F-32926r567593_fix'\n  tag cci: ['CCI-002696']\n  tag nist: ['SI-6 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('sestatus') do\n      its('stdout') { should match(/^Loaded\\spolicy\\sname:\\s+targeted\\n?$/) }\n    end\n\n    describe parse_config_file('/etc/selinux/config') do\n      its('SELINUXTYPE') { should eq 'targeted' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230282.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `sestatus` stdout is expected to match /^Loaded\\spolicy\\sname:\\s+targeted\\n?$/",
+              "run_time": 0.000541,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"sestatus\"]",
+              "resource_id": "Command: `sestatus`"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/selinux/config SELINUXTYPE is expected to eq \"targeted\"",
+              "run_time": 0.000271,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/selinux/config\"]",
+              "resource_id": "/etc/selinux/config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230283",
+          "title": "There must be no shosts.equiv files on the RHEL 8 operating system.",
+          "desc": "The \"shosts.equiv\" files are used to configure host-based\nauthentication for the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"shosts.equiv\" files are used to configure host-based\nauthentication for the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication."
+            },
+            {
+              "label": "check",
+              "data": "Verify there are no \"shosts.equiv\" files on RHEL 8 with the following\ncommand:\n\n    $ sudo find / -name shosts.equiv\n\n    If a \"shosts.equiv\" file is found, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove any found \"shosts.equiv\" files from the system.\n\n$ sudo rm /etc/ssh/shosts.equiv"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230283",
+            "rid": "SV-230283r627750_rule",
+            "stig_id": "RHEL-08-010460",
+            "fix_id": "F-32927r567596_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230283' do\n  title 'There must be no shosts.equiv files on the RHEL 8 operating system.'\n  desc 'The \"shosts.equiv\" files are used to configure host-based\nauthentication for the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.'\n  desc 'check', 'Verify there are no \"shosts.equiv\" files on RHEL 8 with the following\ncommand:\n\n    $ sudo find / -name shosts.equiv\n\n    If a \"shosts.equiv\" file is found, this is a finding.'\n  desc 'fix', 'Remove any found \"shosts.equiv\" files from the system.\n\n$ sudo rm /etc/ssh/shosts.equiv'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230283'\n  tag rid: 'SV-230283r627750_rule'\n  tag stig_id: 'RHEL-08-010460'\n  tag fix_id: 'F-32927r567596_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe command('find / -xdev -xautofs -name shosts.equiv') do\n    its('stdout') { should be_empty }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230283.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `find / -xdev -xautofs -name shosts.equiv` stdout is expected to be empty",
+              "run_time": 0.576112,
+              "start_time": "2024-01-09T19:40:41-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"find / -xdev -xautofs -name shosts.equiv\"]",
+              "resource_id": "Command: `find / -xdev -xautofs -name shosts.equiv`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230284",
+          "title": "There must be no .shosts files on the RHEL 8 operating system.",
+          "desc": "The \".shosts\" files are used to configure host-based authentication\nfor individual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \".shosts\" files are used to configure host-based authentication\nfor individual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication."
+            },
+            {
+              "label": "check",
+              "data": "Verify there are no \".shosts\" files on RHEL 8 with the following command:\n\n$ sudo find / -name '*.shosts'\n\nIf any \".shosts\" files are found, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove any found \".shosts\" files from the system.\n\n$ sudo rm /[path]/[to]/[file]/.shosts"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230284",
+            "rid": "SV-230284r627750_rule",
+            "stig_id": "RHEL-08-010470",
+            "fix_id": "F-32928r567599_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230284' do\n  title 'There must be no .shosts files on the RHEL 8 operating system.'\n  desc 'The \".shosts\" files are used to configure host-based authentication\nfor individual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.'\n  desc 'check', %q(Verify there are no \".shosts\" files on RHEL 8 with the following command:\n\n$ sudo find / -name '*.shosts'\n\nIf any \".shosts\" files are found, this is a finding.)\n  desc 'fix', 'Remove any found \".shosts\" files from the system.\n\n$ sudo rm /[path]/[to]/[file]/.shosts'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230284'\n  tag rid: 'SV-230284r627750_rule'\n  tag stig_id: 'RHEL-08-010470'\n  tag fix_id: 'F-32928r567599_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe command('find / -xdev -xautofs -name .shosts') do\n    its('stdout') { should be_empty }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230284.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `find / -xdev -xautofs -name .shosts` stdout is expected to be empty",
+              "run_time": 0.690886,
+              "start_time": "2024-01-09T19:40:42-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"find / -xdev -xautofs -name .shosts\"]",
+              "resource_id": "Command: `find / -xdev -xautofs -name .shosts`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230285",
+          "title": "RHEL 8 must enable the hardware random number generator entropy\ngatherer service.",
+          "desc": "The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.\n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.\n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers)."
+            },
+            {
+              "label": "check",
+              "data": "Note: For RHEL versions 8.4 and above running with kernel FIPS mode enabled as specified by RHEL-08-010020, this requirement is Not Applicable.\n\nCheck that  RHEL 8 has enabled the hardware random number generator entropy gatherer service.\n\nVerify the rngd service is enabled and active with the following commands:\n\n     $ sudo systemctl is-enabled rngd\n     enabled\n\n     $ sudo systemctl is-active rngd\n     active\n\nIf the service is not \"enabled\" and \"active\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Start the rngd service and enable the rngd service with the following commands:\n\n     $ sudo systemctl start rngd.service\n\n     $ sudo systemctl enable rngd.service"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230285",
+            "rid": "SV-230285r928587_rule",
+            "stig_id": "RHEL-08-010471",
+            "fix_id": "F-32929r917875_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230285' do\n  title 'RHEL 8 must enable the hardware random number generator entropy\ngatherer service.'\n  desc 'The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness.  The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.\n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).'\n  desc 'check', 'Note: For RHEL versions 8.4 and above running with kernel FIPS mode enabled as specified by RHEL-08-010020, this requirement is Not Applicable.\n\nCheck that  RHEL 8 has enabled the hardware random number generator entropy gatherer service.\n\nVerify the rngd service is enabled and active with the following commands:\n\n     $ sudo systemctl is-enabled rngd\n     enabled\n\n     $ sudo systemctl is-active rngd\n     active\n\nIf the service is not \"enabled\" and \"active\", this is a finding.'\n  desc 'fix', 'Start the rngd service and enable the rngd service with the following commands:\n\n     $ sudo systemctl start rngd.service\n\n     $ sudo systemctl enable rngd.service'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230285'\n  tag rid: 'SV-230285r928587_rule'\n  tag stig_id: 'RHEL-08-010471'\n  tag fix_id: 'F-32929r917875_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe service('rngd') do\n      it { should be_enabled }\n      it { should be_running }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230285.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Service rngd is expected to be enabled",
+              "run_time": 0.492748,
+              "start_time": "2024-01-09T19:40:43-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"rngd\"]",
+              "resource_id": "rngd"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service rngd is expected to be running",
+              "run_time": 0.00033,
+              "start_time": "2024-01-09T19:40:43-05:00",
+              "message": "expected that `Service rngd` is running",
+              "resource_class": "service",
+              "resource_params": "[\"rngd\"]",
+              "resource_id": "rngd"
+            }
+          ]
+        },
+        {
+          "id": "SV-230286",
+          "title": "The RHEL 8 SSH public host key files must have mode 0644 or less\npermissive.",
+          "desc": "If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH public host key files have mode \"0644\" or less permissive\nwith the following command:\n\n    $ sudo ls -l /etc/ssh/*.pub\n\n    -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub\n    -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub\n    -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub\n\n    If any key.pub file has a mode more permissive than \"0644\", this is a\nfinding.\n\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation."
+            },
+            {
+              "label": "fix",
+              "data": "Change the mode of public host key files under \"/etc/ssh\" to \"0644\"\nwith the following command:\n\n    $ sudo chmod 0644 /etc/ssh/*key.pub\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230286",
+            "rid": "SV-230286r627750_rule",
+            "stig_id": "RHEL-08-010480",
+            "fix_id": "F-32930r567605_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230286' do\n  title 'The RHEL 8 SSH public host key files must have mode 0644 or less\npermissive.'\n  desc 'If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised.'\n  desc 'check', 'Verify the SSH public host key files have mode \"0644\" or less permissive\nwith the following command:\n\n    $ sudo ls -l /etc/ssh/*.pub\n\n    -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub\n    -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub\n    -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub\n\n    If any key.pub file has a mode more permissive than \"0644\", this is a\nfinding.\n\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation.'\n  desc 'fix', 'Change the mode of public host key files under \"/etc/ssh\" to \"0644\"\nwith the following command:\n\n    $ sudo chmod 0644 /etc/ssh/*key.pub\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230286'\n  tag rid: 'SV-230286r627750_rule'\n  tag stig_id: 'RHEL-08-010480'\n  tag fix_id: 'F-32930r567605_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !directory('/etc/ssh').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    pub_files = command(\"find /etc/ssh -xdev -name '*.pub' -perm /133\").stdout.split(\"\\n\")\n    if !pub_files.nil? && !pub_files.empty?\n      pub_files.each do |pubfile|\n        describe file(pubfile) do\n          it { should_not be_more_permissive_than('0644') }\n        end\n      end\n    else\n      describe 'No files have a more permissive mode.' do\n        subject { pub_files.nil? || pub_files.empty? }\n        it { should eq true }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230286.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "No files have a more permissive mode. is expected to eq true",
+              "run_time": 0.000225,
+              "start_time": "2024-01-09T19:40:43-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No files have a more permissive mode."
+            }
+          ]
+        },
+        {
+          "id": "SV-230287",
+          "title": "The RHEL 8 SSH private host key files must have mode 0640 or less permissive.",
+          "desc": "If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH private host key files have mode \"0640\" or less permissive with the following command:\n\n     $ sudo ls -l /etc/ssh/ssh_host*key\n\n     -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key\n     -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key\n     -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key\n\nIf any private host key file has a mode more permissive than \"0640\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the mode of SSH private host key files under \"/etc/ssh\" to \"0640\" with the following command:\n\n     $ sudo chmod 0640 /etc/ssh/ssh_host*key\n\nThe SSH daemon must be restarted for the changes to take effect. To restart the SSH daemon, run the following command:\n\n     $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230287",
+            "rid": "SV-230287r880714_rule",
+            "stig_id": "RHEL-08-010490",
+            "fix_id": "F-32931r880713_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230287' do\n  title 'The RHEL 8 SSH private host key files must have mode 0640 or less permissive.'\n  desc 'If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated.'\n  desc 'check', 'Verify the SSH private host key files have mode \"0640\" or less permissive with the following command:\n\n     $ sudo ls -l /etc/ssh/ssh_host*key\n\n     -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key\n     -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key\n     -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key\n\nIf any private host key file has a mode more permissive than \"0640\", this is a finding.'\n  desc 'fix', 'Configure the mode of SSH private host key files under \"/etc/ssh\" to \"0640\" with the following command:\n\n     $ sudo chmod 0640 /etc/ssh/ssh_host*key\n\nThe SSH daemon must be restarted for the changes to take effect. To restart the SSH daemon, run the following command:\n\n     $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230287'\n  tag rid: 'SV-230287r880714_rule'\n  tag stig_id: 'RHEL-08-010490'\n  tag fix_id: 'F-32931r880713_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !directory('/etc/ssh').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    key_files = command(\"find /etc/ssh -xdev -name '*ssh_host*key'\").stdout.split(\"\\n\")\n    if !key_files.nil? && !key_files.empty?\n      key_files.each do |keyfile|\n        describe file(keyfile) do\n          it { should_not be_more_permissive_than('0640') }\n        end\n      end\n    else\n      describe 'No files have a more permissive mode.' do\n        subject { key_files.nil? || key_files.empty? }\n        it { should eq true }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230287.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /etc/ssh/ssh_host_rsa_key is expected not to be more permissive than \"0640\"",
+              "run_time": 0.262204,
+              "start_time": "2024-01-09T19:40:43-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/ssh/ssh_host_rsa_key\"]",
+              "resource_id": "/etc/ssh/ssh_host_rsa_key"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /etc/ssh/ssh_host_ecdsa_key is expected not to be more permissive than \"0640\"",
+              "run_time": 0.319644,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/ssh/ssh_host_ecdsa_key\"]",
+              "resource_id": "/etc/ssh/ssh_host_ecdsa_key"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /etc/ssh/ssh_host_ed25519_key is expected not to be more permissive than \"0640\"",
+              "run_time": 0.24319,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/ssh/ssh_host_ed25519_key\"]",
+              "resource_id": "/etc/ssh/ssh_host_ed25519_key"
+            }
+          ]
+        },
+        {
+          "id": "SV-230288",
+          "title": "The RHEL 8 SSH daemon must perform strict mode checking of home\ndirectory configuration files.",
+          "desc": "If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH daemon performs strict mode checking of home directory configuration files with the following command:\n\n$ sudo grep -ir strictmodes /etc/ssh/sshd_config*\n\nStrictModes yes\n\nIf \"StrictModes\" is set to \"no\", is missing, or the returned line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure SSH to perform strict mode checking of home directory\nconfiguration files. Uncomment the \"StrictModes\" keyword in\n\"/etc/ssh/sshd_config\" and set the value to \"yes\":\n\n    StrictModes yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230288",
+            "rid": "SV-230288r858701_rule",
+            "stig_id": "RHEL-08-010500",
+            "fix_id": "F-32932r567611_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230288' do\n  title 'The RHEL 8 SSH daemon must perform strict mode checking of home\ndirectory configuration files.'\n  desc 'If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user.'\n  desc 'check', 'Verify the SSH daemon performs strict mode checking of home directory configuration files with the following command:\n\n$ sudo grep -ir strictmodes /etc/ssh/sshd_config*\n\nStrictModes yes\n\nIf \"StrictModes\" is set to \"no\", is missing, or the returned line is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure SSH to perform strict mode checking of home directory\nconfiguration files. Uncomment the \"StrictModes\" keyword in\n\"/etc/ssh/sshd_config\" and set the value to \"yes\":\n\n    StrictModes yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230288'\n  tag rid: 'SV-230288r858701_rule'\n  tag stig_id: 'RHEL-08-010500'\n  tag fix_id: 'F-32932r567611_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('StrictModes') { should cmp 'yes' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230288.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration StrictModes is expected to cmp == \"yes\"",
+              "run_time": 0.000665,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230290",
+          "title": "The RHEL 8 SSH daemon must not allow authentication using known host’s\nauthentication.",
+          "desc": "Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH daemon does not allow authentication using known host’s authentication with the following command:\n\n$ sudo grep -ir IgnoreUserKnownHosts /etc/ssh/sshd_config*\n\nIgnoreUserKnownHosts yes\n\nIf the value is returned as \"no\", the returned line is commented out, or no output is returned, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSH daemon to not allow authentication using known host’s\nauthentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"yes\":\n\n    IgnoreUserKnownHosts yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230290",
+            "rid": "SV-230290r858705_rule",
+            "stig_id": "RHEL-08-010520",
+            "fix_id": "F-32934r567617_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230290' do\n  title 'The RHEL 8 SSH daemon must not allow authentication using known host’s\nauthentication.'\n  desc 'Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.'\n  desc 'check', 'Verify the SSH daemon does not allow authentication using known host’s authentication with the following command:\n\n$ sudo grep -ir IgnoreUserKnownHosts /etc/ssh/sshd_config*\n\nIgnoreUserKnownHosts yes\n\nIf the value is returned as \"no\", the returned line is commented out, or no output is returned, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to not allow authentication using known host’s\nauthentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"yes\":\n\n    IgnoreUserKnownHosts yes\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230290'\n  tag rid: 'SV-230290r858705_rule'\n  tag stig_id: 'RHEL-08-010520'\n  tag fix_id: 'F-32934r567617_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('IgnoreUserKnownHosts') { should cmp 'yes' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230290.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration IgnoreUserKnownHosts is expected to cmp == \"yes\"",
+              "run_time": 0.000415,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230291",
+          "title": "The RHEL 8 SSH daemon must not allow Kerberos authentication, except\nto fulfill documented and validated mission requirements.",
+          "desc": "Configuring these settings for the SSH daemon provides additional\nassurance that remote logon via SSH will not use unused methods of\nauthentication, even in the event of misconfiguration elsewhere.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring these settings for the SSH daemon provides additional\nassurance that remote logon via SSH will not use unused methods of\nauthentication, even in the event of misconfiguration elsewhere."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH daemon does not allow Kerberos authentication with the following command:\n\n$ sudo grep -ir KerberosAuthentication  /etc/ssh/sshd_config*\n\nKerberosAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSH daemon to not allow Kerberos authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    KerberosAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230291",
+            "rid": "SV-230291r858707_rule",
+            "stig_id": "RHEL-08-010521",
+            "fix_id": "F-32935r743956_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230291' do\n  title 'The RHEL 8 SSH daemon must not allow Kerberos authentication, except\nto fulfill documented and validated mission requirements.'\n  desc 'Configuring these settings for the SSH daemon provides additional\nassurance that remote logon via SSH will not use unused methods of\nauthentication, even in the event of misconfiguration elsewhere.'\n  desc 'check', 'Verify the SSH daemon does not allow Kerberos authentication with the following command:\n\n$ sudo grep -ir KerberosAuthentication  /etc/ssh/sshd_config*\n\nKerberosAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to not allow Kerberos authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    KerberosAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230291'\n  tag rid: 'SV-230291r858707_rule'\n  tag stig_id: 'RHEL-08-010521'\n  tag fix_id: 'F-32935r743956_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('KerberosAuthentication') { should cmp 'no' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230291.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration KerberosAuthentication is expected to cmp == \"no\"",
+              "run_time": 0.000465,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230292",
+          "title": "RHEL 8 must use a separate file system for /var.",
+          "desc": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a separate file system has been created for \"/var\".\n\nCheck that a file system has been created for \"/var\" with the following command:\n\n     $ sudo grep /var /etc/fstab\n\n     /dev/mapper/...   /var   xfs   defaults,nodev 0 0\n\nIf a separate entry for \"/var\" is not in use, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Migrate the \"/var\" path onto a separate file system."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230292",
+            "rid": "SV-230292r902718_rule",
+            "stig_id": "RHEL-08-010540",
+            "fix_id": "F-32936r567623_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230292' do\n  title 'RHEL 8 must use a separate file system for /var.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system has been created for \"/var\".\n\nCheck that a file system has been created for \"/var\" with the following command:\n\n     $ sudo grep /var /etc/fstab\n\n     /dev/mapper/...   /var   xfs   defaults,nodev 0 0\n\nIf a separate entry for \"/var\" is not in use, this is a finding.'\n  desc 'fix', 'Migrate the \"/var\" path onto a separate file system.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230292'\n  tag rid: 'SV-230292r902718_rule'\n  tag stig_id: 'RHEL-08-010540'\n  tag fix_id: 'F-32936r567623_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe mount('/var') do\n      it { should be_mounted }\n    end\n    describe etc_fstab.where { mount_point == '/var' } do\n      it { should exist }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230292.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Mount /var is expected to be mounted",
+              "run_time": 0.124152,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "message": "\nMount /var is not mounted\n",
+              "resource_class": "mount",
+              "resource_params": "[\"/var\"]",
+              "resource_id": "/var"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var\" is expected to exist",
+              "run_time": 0.000644,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "message": "expected File System Table File (fstab) with mount_point == \"/var\" to exist",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230293",
+          "title": "RHEL 8 must use a separate file system for /var/log.",
+          "desc": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a separate file system has been created for \"/var/log\".\n\nCheck that a file system has been created for \"/var/log\" with the following command:\n\n     $ sudo grep /var/log /etc/fstab\n\n     /dev/mapper/...   /var/log   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/log\" is not in use, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Migrate the \"/var/log\" path onto a separate file system."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230293",
+            "rid": "SV-230293r902720_rule",
+            "stig_id": "RHEL-08-010541",
+            "fix_id": "F-32937r567626_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230293' do\n  title 'RHEL 8 must use a separate file system for /var/log.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system has been created for \"/var/log\".\n\nCheck that a file system has been created for \"/var/log\" with the following command:\n\n     $ sudo grep /var/log /etc/fstab\n\n     /dev/mapper/...   /var/log   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/log\" is not in use, this is a finding.'\n  desc 'fix', 'Migrate the \"/var/log\" path onto a separate file system.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230293'\n  tag rid: 'SV-230293r902720_rule'\n  tag stig_id: 'RHEL-08-010541'\n  tag fix_id: 'F-32937r567626_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      it { should exist }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230293.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log\" is expected to exist",
+              "run_time": 0.000169,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "message": "expected File System Table File (fstab) with mount_point == \"/var/log\" to exist",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230294",
+          "title": "RHEL 8 must use a separate file system for the system audit data path.",
+          "desc": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a separate file system/partition has been created for the\nsystem audit data path with the following command:\n\n    Note: /var/log/audit is used as the example as it is a common location.\n\n    $ sudo grep /var/log/audit /etc/fstab\n\n    UUID=3645951a /var/log/audit xfs defaults 1 2\n\n    If an entry for \"/var/log/audit\" does not exist, ask the System\nAdministrator if the system audit logs are being written to a different file\nsystem/partition on the system, then grep for that file system/partition.\n\n    If a separate file system/partition does not exist for the system audit\ndata path, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Migrate the system audit data path onto a separate file system."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230294",
+            "rid": "SV-230294r627750_rule",
+            "stig_id": "RHEL-08-010542",
+            "fix_id": "F-32938r567629_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230294' do\n  title 'RHEL 8 must use a separate file system for the system audit data path.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system/partition has been created for the\nsystem audit data path with the following command:\n\n    Note: /var/log/audit is used as the example as it is a common location.\n\n    $ sudo grep /var/log/audit /etc/fstab\n\n    UUID=3645951a /var/log/audit xfs defaults 1 2\n\n    If an entry for \"/var/log/audit\" does not exist, ask the System\nAdministrator if the system audit logs are being written to a different file\nsystem/partition on the system, then grep for that file system/partition.\n\n    If a separate file system/partition does not exist for the system audit\ndata path, this is a finding.'\n  desc 'fix', 'Migrate the system audit data path onto a separate file system.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230294'\n  tag rid: 'SV-230294r627750_rule'\n  tag stig_id: 'RHEL-08-010542'\n  tag fix_id: 'F-32938r567629_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  audit_data_path = command(\"dirname #{auditd_conf.log_file}\").stdout.strip\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == audit_data_path } do\n      it { should exist }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230294.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log/audit\" is expected to exist",
+              "run_time": 0.000201,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "message": "expected File System Table File (fstab) with mount_point == \"/var/log/audit\" to exist",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230295",
+          "title": "A separate RHEL 8 filesystem must be used for the /tmp directory.",
+          "desc": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a separate file system/partition has been created for\nnon-privileged local interactive user home directories.\n\n    $ sudo grep /tmp /etc/fstab\n\n    /dev/mapper/rhel-tmp  /tmp  xfs   defaults,nodev,nosuid,noexec 0 0\n\n    If a separate entry for the file system/partition \"/tmp\" does not exist,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Migrate the \"/tmp\" directory onto a separate file\nsystem/partition."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230295",
+            "rid": "SV-230295r627750_rule",
+            "stig_id": "RHEL-08-010543",
+            "fix_id": "F-32939r567632_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230295' do\n  title 'A separate RHEL 8 filesystem must be used for the /tmp directory.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system/partition has been created for\nnon-privileged local interactive user home directories.\n\n    $ sudo grep /tmp /etc/fstab\n\n    /dev/mapper/rhel-tmp  /tmp  xfs   defaults,nodev,nosuid,noexec 0 0\n\n    If a separate entry for the file system/partition \"/tmp\" does not exist,\nthis is a finding.'\n  desc 'fix', 'Migrate the \"/tmp\" directory onto a separate file\nsystem/partition.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230295'\n  tag rid: 'SV-230295r627750_rule'\n  tag stig_id: 'RHEL-08-010543'\n  tag fix_id: 'F-32939r567632_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      it { should exist }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230295.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/tmp\" is expected to exist",
+              "run_time": 0.000335,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "message": "expected File System Table File (fstab) with mount_point == \"/tmp\" to exist",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230296",
+          "title": "RHEL 8 must not permit direct logons to the root account using remote\naccess via SSH.",
+          "desc": "Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system."
+            },
+            {
+              "label": "check",
+              "data": "Verify remote access using SSH prevents users from logging on directly as \"root\".\n\nCheck that SSH prevents users from logging on directly as \"root\" with the following command:\n\n$ sudo grep -ir PermitRootLogin /etc/ssh/sshd_config*\n\nPermitRootLogin no\n\nIf the \"PermitRootLogin\" keyword is set to \"yes\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to stop users from logging on remotely as the \"root\"\nuser via SSH.\n\n    Edit the appropriate \"/etc/ssh/sshd_config\" file to uncomment or add the\nline for the \"PermitRootLogin\" keyword and set its value to \"no\":\n\n    PermitRootLogin no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000109-GPOS-00056",
+            "gid": "V-230296",
+            "rid": "SV-230296r858711_rule",
+            "stig_id": "RHEL-08-010550",
+            "fix_id": "F-32940r567635_fix",
+            "cci": [
+              "CCI-000770"
+            ],
+            "nist": [
+              "IA-2 (5)"
+            ]
+          },
+          "code": "control 'SV-230296' do\n  title 'RHEL 8 must not permit direct logons to the root account using remote\naccess via SSH.'\n  desc 'Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system.'\n  desc 'check', 'Verify remote access using SSH prevents users from logging on directly as \"root\".\n\nCheck that SSH prevents users from logging on directly as \"root\" with the following command:\n\n$ sudo grep -ir PermitRootLogin /etc/ssh/sshd_config*\n\nPermitRootLogin no\n\nIf the \"PermitRootLogin\" keyword is set to \"yes\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to stop users from logging on remotely as the \"root\"\nuser via SSH.\n\n    Edit the appropriate \"/etc/ssh/sshd_config\" file to uncomment or add the\nline for the \"PermitRootLogin\" keyword and set its value to \"no\":\n\n    PermitRootLogin no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000109-GPOS-00056'\n  tag gid: 'V-230296'\n  tag rid: 'SV-230296r858711_rule'\n  tag stig_id: 'RHEL-08-010550'\n  tag fix_id: 'F-32940r567635_fix'\n  tag cci: ['CCI-000770']\n  tag nist: ['IA-2 (5)']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config('/etc/ssh/sshd_config') do\n      its('PermitRootLogin') { should cmp input('permit_root_login') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230296.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration PermitRootLogin is expected to cmp == \"no\"",
+              "run_time": 0.00179,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[\"/etc/ssh/sshd_config\"]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230298",
+          "title": "The rsyslog service must be running in RHEL 8.",
+          "desc": "Configuring RHEL 8 to implement organization-wide security\nimplementation guides and security checklists ensures compliance with federal\nstandards and establishes a common security baseline across the DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example: registry\nsettings; account, file, directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring RHEL 8 to implement organization-wide security\nimplementation guides and security checklists ensures compliance with federal\nstandards and establishes a common security baseline across the DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example: registry\nsettings; account, file, directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections."
+            },
+            {
+              "label": "check",
+              "data": "Verify the rsyslog service is enabled and active with the following\ncommands:\n\n    $ sudo systemctl is-enabled rsyslog\n\n    enabled\n\n    $ sudo systemctl is-active rsyslog\n\n    active\n\n    If the service is not \"enabled\" and \"active\" this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Start the auditd service, and enable the rsyslog service with the following\ncommands:\n\n    $ sudo systemctl start rsyslog.service\n\n    $ sudo systemctl enable rsyslog.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230298",
+            "rid": "SV-230298r627750_rule",
+            "stig_id": "RHEL-08-010561",
+            "fix_id": "F-32942r567641_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230298' do\n  title 'The rsyslog service must be running in RHEL 8.'\n  desc 'Configuring RHEL 8 to implement organization-wide security\nimplementation guides and security checklists ensures compliance with federal\nstandards and establishes a common security baseline across the DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example: registry\nsettings; account, file, directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.'\n  desc 'check', 'Verify the rsyslog service is enabled and active with the following\ncommands:\n\n    $ sudo systemctl is-enabled rsyslog\n\n    enabled\n\n    $ sudo systemctl is-active rsyslog\n\n    active\n\n    If the service is not \"enabled\" and \"active\" this is a finding.'\n  desc 'fix', 'Start the auditd service, and enable the rsyslog service with the following\ncommands:\n\n    $ sudo systemctl start rsyslog.service\n\n    $ sudo systemctl enable rsyslog.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230298'\n  tag rid: 'SV-230298r627750_rule'\n  tag stig_id: 'RHEL-08-010561'\n  tag fix_id: 'F-32942r567641_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe service('rsyslog') do\n      it { should be_enabled }\n      it { should be_running }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230298.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Service rsyslog is expected to be enabled",
+              "run_time": 0.467183,
+              "start_time": "2024-01-09T19:40:44-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"rsyslog\"]",
+              "resource_id": "rsyslog"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Service rsyslog is expected to be running",
+              "run_time": 0.000127,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"rsyslog\"]",
+              "resource_id": "rsyslog"
+            }
+          ]
+        },
+        {
+          "id": "SV-230299",
+          "title": "RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that contain user home directories.",
+          "desc": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify file systems that contain user home directories are mounted with the\n\"nosuid\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"nosuid\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home xfs\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"nosuid\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that contain user home directories for interactive users."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230299",
+            "rid": "SV-230299r627750_rule",
+            "stig_id": "RHEL-08-010570",
+            "fix_id": "F-32943r567644_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230299' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that contain user home directories.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', %q(Verify file systems that contain user home directories are mounted with the\n\"nosuid\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"nosuid\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home xfs\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"nosuid\" option set, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that contain user home directories for interactive users.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230299'\n  tag rid: 'SV-230299r627750_rule'\n  tag stig_id: 'RHEL-08-010570'\n  tag fix_id: 'F-32943r567644_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    home_dirs = []\n    iuser_entries = passwd.where { uid.to_i >= 1000 && shell !~ /nologin/ }\n    iuser_entries.entries.each do |ie|\n      username_size = ie.user.length\n      home_dirs.append(ie.home[0..ie.home.length - (username_size + 2)])\n    end\n    home_dirs.uniq.each do |home_dir|\n      describe 'User home directories should not be mounted under root' do\n        subject { home_dir }\n        it { should_not eq '/' }\n      end\n      describe etc_fstab.where { mount_point == home_dir } do\n        it { should be_configured }\n        its('mount_options.first') { should include 'nosuid' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230299.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "User home directories should not be mounted under root is expected not to eq \"/\"",
+              "run_time": 9.0e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "User home directories should not be mounted under root"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/home\" is expected to be configured",
+              "run_time": 0.003081,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "expected `File System Table File (fstab) with mount_point == \"/home\".configured?` to be truthy, got false",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/home\" mount_options.first is expected to include \"nosuid\"",
+              "run_time": 0.00014,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "expected nil to include \"nosuid\", but it does not respond to `include?`",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230300",
+          "title": "RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot directory.",
+          "desc": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "For systems that use UEFI, this is Not Applicable.\n\n    Verify the /boot directory is mounted with the \"nosuid\" option with the\nfollowing command:\n\n    $ sudo mount | grep '\\s/boot\\s'\n\n    /dev/sda1 on /boot type xfs\n(rw,nosuid,relatime,seclabe,attr2,inode64,noquota)\n\n    If the /boot file system does not have the \"nosuid\" option set, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot directory."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230300",
+            "rid": "SV-230300r743959_rule",
+            "stig_id": "RHEL-08-010571",
+            "fix_id": "F-32944r567647_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230300' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot directory.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', %q(For systems that use UEFI, this is Not Applicable.\n\n    Verify the /boot directory is mounted with the \"nosuid\" option with the\nfollowing command:\n\n    $ sudo mount | grep '\\s/boot\\s'\n\n    /dev/sda1 on /boot type xfs\n(rw,nosuid,relatime,seclabe,attr2,inode64,noquota)\n\n    If the /boot file system does not have the \"nosuid\" option set, this is a\nfinding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230300'\n  tag rid: 'SV-230300r743959_rule'\n  tag stig_id: 'RHEL-08-010571'\n  tag fix_id: 'F-32944r567647_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe 'System running UEFI' do\n      skip 'The System is running UEFI, this control is Not Applicable.'\n    end\n  else\n    describe mount('/boot') do\n      it { should be_mounted }\n      its('options') { should include 'nosuid' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230300.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Mount /boot is expected to be mounted",
+              "run_time": 0.200747,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "\nMount /boot is not mounted\n",
+              "resource_class": "mount",
+              "resource_params": "[\"/boot\"]",
+              "resource_id": "/boot"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Mount /boot options is expected to include \"nosuid\"",
+              "run_time": 0.000222,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "expected nil to include \"nosuid\", but it does not respond to `include?`",
+              "resource_class": "mount",
+              "resource_params": "[\"/boot\"]",
+              "resource_id": "/boot"
+            }
+          ]
+        },
+        {
+          "id": "SV-230301",
+          "title": "RHEL 8 must prevent special devices on non-root local partitions.",
+          "desc": "The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.  The only legitimate\nlocation for device files is the /dev directory located on the root partition.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.  The only legitimate\nlocation for device files is the /dev directory located on the root partition."
+            },
+            {
+              "label": "check",
+              "data": "Verify all non-root local partitions are mounted with the \"nodev\" option\nwith the following command:\n\n    $ sudo mount | grep '^/dev\\S* on /\\S' | grep --invert-match 'nodev'\n\n    If any output is produced, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nodev\" option on all\nnon-root local partitions."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230301",
+            "rid": "SV-230301r627750_rule",
+            "stig_id": "RHEL-08-010580",
+            "fix_id": "F-32945r567650_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230301' do\n  title 'RHEL 8 must prevent special devices on non-root local partitions.'\n  desc 'The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.  The only legitimate\nlocation for device files is the /dev directory located on the root partition.'\n  desc 'check', %q(Verify all non-root local partitions are mounted with the \"nodev\" option\nwith the following command:\n\n    $ sudo mount | grep '^/dev\\S* on /\\S' | grep --invert-match 'nodev'\n\n    If any output is produced, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nodev\" option on all\nnon-root local partitions.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230301'\n  tag rid: 'SV-230301r627750_rule'\n  tag stig_id: 'RHEL-08-010580'\n  tag fix_id: 'F-32945r567650_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  mount_points = command(\"mount \\| grep '^/dev\\\\S* on /\\\\S' \\| grep --invert-match 'nodev'\").stdout\n\n  describe \"List of devices mounted without 'nodev' option outside root /dev directory\" do\n    subject { mount_points }\n    it { should be_empty }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230301.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "List of devices mounted without 'nodev' option outside root /dev directory is expected to be empty",
+              "run_time": 0.003871,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "List of devices mounted without 'nodev' option outside root /dev directory"
+            }
+          ]
+        },
+        {
+          "id": "SV-230302",
+          "title": "RHEL 8 must prevent code from being executed on file systems that\ncontain user home directories.",
+          "desc": "The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify file systems that contain user home directories are mounted with the\n\"noexec\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"noexec\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home ext4\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 2\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"noexec\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that contain user home directories for interactive users."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230302",
+            "rid": "SV-230302r627750_rule",
+            "stig_id": "RHEL-08-010590",
+            "fix_id": "F-32946r567653_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230302' do\n  title 'RHEL 8 must prevent code from being executed on file systems that\ncontain user home directories.'\n  desc 'The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.'\n  desc 'check', %q(Verify file systems that contain user home directories are mounted with the\n\"noexec\" option.\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \"/\"), this is\nautomatically a finding as the \"noexec\" option cannot be used on the \"/\"\nsystem.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n    smithj:1001: /home/smithj\n    robinst:1002: /home/robinst\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    $ sudo more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home ext4\nrw,relatime,discard,data=ordered,nosuid,nodev,noexec 0 2\n\n    If a file system found in \"/etc/fstab\" refers to the user home directory\nfile system and it does not have the \"noexec\" option set, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that contain user home directories for interactive users.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230302'\n  tag rid: 'SV-230302r627750_rule'\n  tag stig_id: 'RHEL-08-010590'\n  tag fix_id: 'F-32946r567653_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    home_dirs = []\n    iuser_entries = passwd.where { uid.to_i >= 1000 && shell !~ /nologin/ }\n    iuser_entries.entries.each do |ie|\n      username_size = ie.user.length\n      home_dirs.append(ie.home[0..ie.home.length - (username_size + 2)])\n    end\n    home_dirs.uniq.each do |home_dir|\n      describe 'User home directories should not be mounted under root' do\n        subject { home_dir }\n        it { should_not eq '/' }\n      end\n      describe etc_fstab.where { mount_point == home_dir } do\n        it { should be_configured }\n        its('mount_options.first') { should include 'noexec' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230302.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "User home directories should not be mounted under root is expected not to eq \"/\"",
+              "run_time": 7.0e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "User home directories should not be mounted under root"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/home\" is expected to be configured",
+              "run_time": 0.003199,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "expected `File System Table File (fstab) with mount_point == \"/home\".configured?` to be truthy, got false",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/home\" mount_options.first is expected to include \"noexec\"",
+              "run_time": 9.8e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "expected nil to include \"noexec\", but it does not respond to `include?`",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230303",
+          "title": "RHEL 8 must prevent special devices on file systems that are used with\nremovable media.",
+          "desc": "The \"nodev\" mount option causes the system not to interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nodev\" mount option causes the system not to interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify file systems that are used for removable media are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nodev\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are associated with removable media."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230303",
+            "rid": "SV-230303r627750_rule",
+            "stig_id": "RHEL-08-010600",
+            "fix_id": "F-32947r567656_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230303' do\n  title 'RHEL 8 must prevent special devices on file systems that are used with\nremovable media.'\n  desc 'The \"nodev\" mount option causes the system not to interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are used for removable media are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nodev\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are associated with removable media.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230303'\n  tag rid: 'SV-230303r627750_rule'\n  tag stig_id: 'RHEL-08-010600'\n  tag fix_id: 'F-32947r567656_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  file_systems = etc_fstab.params\n\n  if !file_systems.nil? && !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !input('non_removable_media_fs').include?(file_sys_line['mount_point'])\n        describe \"The mount point #{file_sys_line['mount_point']}\" do\n          subject { file_sys_line['mount_options'] }\n          it { should include 'nodev' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['mount_point']}\\\" does not correspond to removable media.\" do\n          subject { input('non_removable_media_fs').include?(file_sys_line['mount_point']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe 'No file systems were found.' do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230303.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File system \"/\" does not correspond to removable media. is expected to eq true",
+              "run_time": 8.6e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "File system \"/\" does not correspond to removable media."
+            }
+          ]
+        },
+        {
+          "id": "SV-230304",
+          "title": "RHEL 8 must prevent code from being executed on file systems that are\nused with removable media.",
+          "desc": "The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify file systems that are used for removable media are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"noexec\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are associated with removable media."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230304",
+            "rid": "SV-230304r627750_rule",
+            "stig_id": "RHEL-08-010610",
+            "fix_id": "F-32948r567659_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230304' do\n  title 'RHEL 8 must prevent code from being executed on file systems that are\nused with removable media.'\n  desc 'The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files, as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are used for removable media are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"noexec\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are associated with removable media.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230304'\n  tag rid: 'SV-230304r627750_rule'\n  tag stig_id: 'RHEL-08-010610'\n  tag fix_id: 'F-32948r567659_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  file_systems = etc_fstab.params\n\n  if !file_systems.nil? && !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !input('non_removable_media_fs').include?(file_sys_line['mount_point'])\n        describe \"The mount point #{file_sys_line['mount_point']}\" do\n          subject { file_sys_line['mount_options'] }\n          it { should include 'noexec' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['mount_point']}\\\" does not correspond to removable media.\" do\n          subject { input('non_removable_media_fs').include?(file_sys_line['mount_point']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe 'No file systems were found.' do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230304.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File system \"/\" does not correspond to removable media. is expected to eq true",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "File system \"/\" does not correspond to removable media."
+            }
+          ]
+        },
+        {
+          "id": "SV-230305",
+          "title": "RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are used with removable media.",
+          "desc": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify file systems that are used for removable media are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nosuid\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are associated with removable media."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230305",
+            "rid": "SV-230305r627750_rule",
+            "stig_id": "RHEL-08-010620",
+            "fix_id": "F-32949r567662_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230305' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are used with removable media.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are used for removable media are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid,nodev,noexec 0 0\n\n    If a file system found in \"/etc/fstab\" refers to removable media and it\ndoes not have the \"nosuid\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are associated with removable media.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230305'\n  tag rid: 'SV-230305r627750_rule'\n  tag stig_id: 'RHEL-08-010620'\n  tag fix_id: 'F-32949r567662_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  file_systems = etc_fstab.params\n\n  if !file_systems.nil? && !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !input('non_removable_media_fs').include?(file_sys_line['mount_point'])\n        describe \"The mount point #{file_sys_line['mount_point']}\" do\n          subject { file_sys_line['mount_options'] }\n          it { should include 'nosuid' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['mount_point']}\\\" does not correspond to removable media.\" do\n          subject { input('non_removable_media_fs').include?(file_sys_line['mount_point']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe 'No file systems were found.' do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230305.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File system \"/\" does not correspond to removable media. is expected to eq true",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "File system \"/\" does not correspond to removable media."
+            }
+          ]
+        },
+        {
+          "id": "SV-230306",
+          "title": "RHEL 8 must prevent code from being executed on file systems that are\nimported via Network File System (NFS).",
+          "desc": "The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary as they may be incompatible. Executing files from untrusted\nfile systems increases the opportunity for unprivileged users to attain\nunauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary as they may be incompatible. Executing files from untrusted\nfile systems increases the opportunity for unprivileged users to attain\nunauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify that  file systems being imported via NFS are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep noexec\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"noexec\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are being imported via NFS."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230306",
+            "rid": "SV-230306r627750_rule",
+            "stig_id": "RHEL-08-010630",
+            "fix_id": "F-32950r567665_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230306' do\n  title 'RHEL 8 must prevent code from being executed on file systems that are\nimported via Network File System (NFS).'\n  desc 'The \"noexec\" mount option causes the system not to execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary as they may be incompatible. Executing files from untrusted\nfile systems increases the opportunity for unprivileged users to attain\nunauthorized administrative access.'\n  desc 'check', 'Verify that  file systems being imported via NFS are mounted with the\n\"noexec\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep noexec\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"noexec\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"noexec\" option on\nfile systems that are being imported via NFS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230306'\n  tag rid: 'SV-230306r627750_rule'\n  tag stig_id: 'RHEL-08-010630'\n  tag fix_id: 'F-32950r567665_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n\n  if !nfs_systems.nil? && !nfs_systems.empty?\n    nfs_systems.each do |nfs_system|\n      describe \"Network File System mounted on #{nfs_system['mount_point']}\" do\n        subject { nfs_system }\n        its('mount_options') { should include 'noexec' }\n      end\n    end\n  else\n    describe 'No NFS file systems were found' do\n      subject { nfs_systems.nil? || nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230306.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "No NFS file systems were found is expected to eq true",
+              "run_time": 4.5e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No NFS file systems were found"
+            }
+          ]
+        },
+        {
+          "id": "SV-230307",
+          "title": "RHEL 8 must prevent special devices on file systems that are imported\nvia Network File System (NFS).",
+          "desc": "The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify file systems that are being NFS-imported are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nodev\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nodev\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are being imported via NFS."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230307",
+            "rid": "SV-230307r627750_rule",
+            "stig_id": "RHEL-08-010640",
+            "fix_id": "F-32951r567668_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230307' do\n  title 'RHEL 8 must prevent special devices on file systems that are imported\nvia Network File System (NFS).'\n  desc 'The \"nodev\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.'\n  desc 'check', 'Verify file systems that are being NFS-imported are mounted with the\n\"nodev\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nodev\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nodev\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nodev\" option on\nfile systems that are being imported via NFS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230307'\n  tag rid: 'SV-230307r627750_rule'\n  tag stig_id: 'RHEL-08-010640'\n  tag fix_id: 'F-32951r567668_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n\n  if !nfs_systems.nil? && !nfs_systems.empty?\n    nfs_systems.each do |nfs_system|\n      describe \"Network File System mounted on #{nfs_system['mount_point']}\" do\n        subject { nfs_system }\n        its('mount_options') { should include 'nodev' }\n      end\n    end\n  else\n    describe 'No NFS file systems were found' do\n      subject { nfs_systems.nil? || nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230307.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "No NFS file systems were found is expected to eq true",
+              "run_time": 4.3e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No NFS file systems were found"
+            }
+          ]
+        },
+        {
+          "id": "SV-230308",
+          "title": "RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are imported via Network File System (NFS).",
+          "desc": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify that file systems being imported via NFS are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nosuid\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nosuid\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are being imported via NFS."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230308",
+            "rid": "SV-230308r627750_rule",
+            "stig_id": "RHEL-08-010650",
+            "fix_id": "F-32952r567671_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230308' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on file systems that are imported via Network File System (NFS).'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify that file systems being imported via NFS are mounted with the\n\"nosuid\" option with the following command:\n\n    $ sudo grep nfs /etc/fstab | grep nosuid\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid,nodev,noexec\n0 0\n\n    If a file system found in \"/etc/fstab\" refers to NFS and it does not have\nthe \"nosuid\" option set, this is a finding.'\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nfile systems that are being imported via NFS.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230308'\n  tag rid: 'SV-230308r627750_rule'\n  tag stig_id: 'RHEL-08-010650'\n  tag fix_id: 'F-32952r567671_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n\n  if !nfs_systems.nil? && !nfs_systems.empty?\n    nfs_systems.each do |nfs_system|\n      describe \"Network File System mounted on #{nfs_system['mount_point']}\" do\n        subject { nfs_system }\n        its('mount_options') { should include 'nosuid' }\n      end\n    end\n  else\n    describe 'No NFS file systems were found' do\n      subject { nfs_systems.nil? || nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230308.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "No NFS file systems were found is expected to eq true",
+              "run_time": 4.3e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No NFS file systems were found"
+            }
+          ]
+        },
+        {
+          "id": "SV-230309",
+          "title": "Local RHEL 8 initialization files must not execute world-writable\nprograms.",
+          "desc": "If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level."
+            },
+            {
+              "label": "check",
+              "data": "Verify that local initialization files do not execute world-writable\nprograms.\n\n    Check the system for world-writable files.\n\n    The following command will discover and print world-writable files. Run it\nonce for each local partition [PART]:\n\n    $ sudo find [PART] -xdev -type f -perm -0002 -print\n\n    For all files listed, check for their presence in the local initialization\nfiles with the following commands:\n\n    Note: The example will be for a system that is configured to create user\nhome directories in the \"/home\" directory.\n\n    $ sudo grep <file> /home/*/.*\n\n    If any local initialization files are found to reference world-writable\nfiles, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Set the mode on files being executed by the local initialization files with\nthe following command:\n\n    $ sudo chmod 0755 <file>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230309",
+            "rid": "SV-230309r627750_rule",
+            "stig_id": "RHEL-08-010660",
+            "fix_id": "F-32953r567674_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230309' do\n  title 'Local RHEL 8 initialization files must not execute world-writable\nprograms.'\n  desc 'If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level.'\n  desc 'check', 'Verify that local initialization files do not execute world-writable\nprograms.\n\n    Check the system for world-writable files.\n\n    The following command will discover and print world-writable files. Run it\nonce for each local partition [PART]:\n\n    $ sudo find [PART] -xdev -type f -perm -0002 -print\n\n    For all files listed, check for their presence in the local initialization\nfiles with the following commands:\n\n    Note: The example will be for a system that is configured to create user\nhome directories in the \"/home\" directory.\n\n    $ sudo grep <file> /home/*/.*\n\n    If any local initialization files are found to reference world-writable\nfiles, this is a finding.'\n  desc 'fix', 'Set the mode on files being executed by the local initialization files with\nthe following command:\n\n    $ sudo chmod 0755 <file>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230309'\n  tag rid: 'SV-230309r627750_rule'\n  tag stig_id: 'RHEL-08-010660'\n  tag fix_id: 'F-32953r567674_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('disable_slow_controls')\n    describe 'This control consistently takes a long to run and has been disabled using the disable_slow_controls attribute.' do\n      skip 'This control consistently takes a long to run and has been disabled using the disable_slow_controls attribute. You must enable this control for a full accredidation for production.'\n    end\n  else\n    ignore_shells = input('non_interactive_shells').join('|')\n\n    # Get home directory for users with UID >= 1000 or UID == 0 and support interactive logins.\n    dotfiles = Set[]\n    u = users.where { !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries\n    # For each user, build and execute a find command that identifies initialization files\n    # in a user's home directory.\n    u.each do |user|\n      dotfiles += command(\"find #{user.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n    end\n    ww_files = command('find / -xdev -perm -002 -type f -exec ls {} \\;').stdout.lines\n\n    # To reduce the number of commands ran, we use a pattern file in the grep command below\n    # So we don't have too long of a grep command, we chunk the list of ww_files\n    # into strings not longer than PATTERN_FILE_MAX_LENGTH\n    # Based on MAX_ARG_STRLEN, /usr/include/linux/binfmts.h\n    # We cut off 100 to leave room for the rest of the arguments\n    PATTERN_FILE_MAX_LENGTH = command('getconf PAGE_SIZE').stdout.to_i * 32 - 100\n    ww_chunked = ['']\n    ww_files.each do |item|\n      item = item.strip\n      raise 'Single pattern is longer than PATTERN_FILE_MAX_LENGTH' if item.length + \"\\n\".length > PATTERN_FILE_MAX_LENGTH\n\n      ww_chunked.append('') if ww_chunked[-1].length + \"\\n\".length + item.length > PATTERN_FILE_MAX_LENGTH\n      ww_chunked[-1] += \"\\n#{item}\" # This will leave an extra newline at the beginning of chunks\n    end\n    ww_chunked = ww_chunked.map(&:strip) # This gets rid of the beginning newlines\n    if ww_chunked[0] == ''\n      ww_chunked = [] # If we didn't have any ww_files, this will prevent an empty grep pattern\n    end\n\n    # Check each dotfile for existence of each world-writeable file\n    findings = Set[]\n    dotfiles.each do |dotfile|\n      dotfile = dotfile.strip\n      ww_chunked.each do |ww_pattern_file|\n        count = command(\"grep -c -f <(echo \\\"#{ww_pattern_file}\\\") \\\"#{dotfile}\\\"\").stdout.strip.to_i\n        findings << dotfile if count.positive?\n      end\n    end\n    describe 'Local initialization files that are found to reference world-writable files' do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230309.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Local initialization files that are found to reference world-writable files is expected to be empty",
+              "run_time": 0.003084,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Local initialization files that are found to reference world-writable files"
+            }
+          ]
+        },
+        {
+          "id": "SV-230310",
+          "title": "RHEL 8 must disable kernel dumps unless needed.",
+          "desc": "Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\n\n    RHEL 8 installation media presents the option to enable or disable the\nkdump service at the time of system installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\n\n    RHEL 8 installation media presents the option to enable or disable the\nkdump service at the time of system installation."
+            },
+            {
+              "label": "check",
+              "data": "Verify that kernel core dumps are disabled unless needed with the following\ncommand:\n\n    $ sudo systemctl status kdump.service\n\n    kdump.service - Crash recovery kernel arming\n    Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled; vendor\npreset: enabled)\n    Active: active (exited) since Mon 2020-05-04 16:08:09 EDT; 3min ago\n    Main PID: 1130 (code=exited, status=0/SUCCESS)\n\n    If the \"kdump\" service is active, ask the System Administrator if the use\nof the service is required and documented with the Information System Security\nOfficer (ISSO).\n\n    If the service is active and is not documented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "If kernel core dumps are not required, disable the \"kdump\" service with\nthe following command:\n\n    # systemctl disable kdump.service\n\n    If kernel core dumps are required, document the need with the ISSO."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230310",
+            "rid": "SV-230310r627750_rule",
+            "stig_id": "RHEL-08-010670",
+            "fix_id": "F-32954r567677_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230310' do\n  title 'RHEL 8 must disable kernel dumps unless needed.'\n  desc 'Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\n\n    RHEL 8 installation media presents the option to enable or disable the\nkdump service at the time of system installation.'\n  desc 'check', 'Verify that kernel core dumps are disabled unless needed with the following\ncommand:\n\n    $ sudo systemctl status kdump.service\n\n    kdump.service - Crash recovery kernel arming\n    Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled; vendor\npreset: enabled)\n    Active: active (exited) since Mon 2020-05-04 16:08:09 EDT; 3min ago\n    Main PID: 1130 (code=exited, status=0/SUCCESS)\n\n    If the \"kdump\" service is active, ask the System Administrator if the use\nof the service is required and documented with the Information System Security\nOfficer (ISSO).\n\n    If the service is active and is not documented, this is a finding.'\n  desc 'fix', 'If kernel core dumps are not required, disable the \"kdump\" service with\nthe following command:\n\n    # systemctl disable kdump.service\n\n    If kernel core dumps are required, document the need with the ISSO.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230310'\n  tag rid: 'SV-230310r627750_rule'\n  tag stig_id: 'RHEL-08-010670'\n  tag fix_id: 'F-32954r567677_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe systemd_service('kdump.service') do\n      it { should_not be_running }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230310.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Service kdump.service is expected not to be running",
+              "run_time": 0.449392,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "expected Service kdump.service not to be running",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"kdump.service\"]",
+              "resource_id": "kdump.service"
+            }
+          ]
+        },
+        {
+          "id": "SV-230311",
+          "title": "RHEL 8 must disable the kernel.core_pattern.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 disables storing core dumps with the following commands:\n\n$ sudo sysctl kernel.core_pattern\n\nkernel.core_pattern = |/bin/false\n\nIf the returned line does not have a value of \"|/bin/false\", or a line is not returned and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.core_pattern /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.core_pattern = |/bin/false\n\nIf \"kernel.core_pattern\" is not set to \"|/bin/false\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to disable storing core dumps.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.core_pattern = |/bin/false\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230311",
+            "rid": "SV-230311r858769_rule",
+            "stig_id": "RHEL-08-010671",
+            "fix_id": "F-32955r858768_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "legacy": [],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230311' do\n  title 'RHEL 8 must disable the kernel.core_pattern.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 disables storing core dumps with the following commands:\n\n$ sudo sysctl kernel.core_pattern\n\nkernel.core_pattern = |/bin/false\n\nIf the returned line does not have a value of \"|/bin/false\", or a line is not returned and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this kernel parameter.\n\n$ sudo grep -r kernel.core_pattern /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf:kernel.core_pattern = |/bin/false\n\nIf \"kernel.core_pattern\" is not set to \"|/bin/false\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to disable storing core dumps.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nkernel.core_pattern = |/bin/false\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230311'\n  tag rid: 'SV-230311r858769_rule'\n  tag stig_id: 'RHEL-08-010671'\n  tag fix_id: 'F-32955r858768_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.core_pattern') do\n      its('value') { should eq '|/bin/false' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230311.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.core_pattern value is expected to eq \"|/bin/false\"",
+              "run_time": 0.117071,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.core_pattern\"]",
+              "resource_id": "kernel.core_pattern"
+            }
+          ]
+        },
+        {
+          "id": "SV-230312",
+          "title": "RHEL 8 must disable acquiring, saving, and processing core dumps.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.\n\n    When the kernel invokes systemd-coredumpt to handle a core dump, it runs in\nprivileged mode, and will connect to the socket created by the\nsystemd-coredump.socket unit. This, in turn,  will spawn an unprivileged\nsystemd-coredump@.service instance to process the core dump.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.\n\n    When the kernel invokes systemd-coredumpt to handle a core dump, it runs in\nprivileged mode, and will connect to the socket created by the\nsystemd-coredump.socket unit. This, in turn,  will spawn an unprivileged\nsystemd-coredump@.service instance to process the core dump."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is not configured to acquire, save, or process core dumps with the following command:\n\n$ sudo systemctl status systemd-coredump.socket\n\nsystemd-coredump.socket\nLoaded: masked (Reason: Unit systemd-coredump.socket is masked.)\nActive: inactive (dead)\n\nIf the \"systemd-coredump.socket\" is loaded and not masked and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to disable the systemd-coredump.socket with the following commands:\n\n$ sudo systemctl disable --now systemd-coredump.socket\n\n$ sudo systemctl mask systemd-coredump.socket\n\nCreated symlink /etc/systemd/system/systemd-coredump.socket -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230312",
+            "rid": "SV-230312r833308_rule",
+            "stig_id": "RHEL-08-010672",
+            "fix_id": "F-32956r833307_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "legacy": [],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230312' do\n  title 'RHEL 8 must disable acquiring, saving, and processing core dumps.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.\n\n    When the kernel invokes systemd-coredumpt to handle a core dump, it runs in\nprivileged mode, and will connect to the socket created by the\nsystemd-coredump.socket unit. This, in turn,  will spawn an unprivileged\nsystemd-coredump@.service instance to process the core dump.'\n  desc 'check', 'Verify RHEL 8 is not configured to acquire, save, or process core dumps with the following command:\n\n$ sudo systemctl status systemd-coredump.socket\n\nsystemd-coredump.socket\nLoaded: masked (Reason: Unit systemd-coredump.socket is masked.)\nActive: inactive (dead)\n\nIf the \"systemd-coredump.socket\" is loaded and not masked and the need for core dumps is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the system to disable the systemd-coredump.socket with the following commands:\n\n$ sudo systemctl disable --now systemd-coredump.socket\n\n$ sudo systemctl mask systemd-coredump.socket\n\nCreated symlink /etc/systemd/system/systemd-coredump.socket -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230312'\n  tag rid: 'SV-230312r833308_rule'\n  tag stig_id: 'RHEL-08-010672'\n  tag fix_id: 'F-32956r833307_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  s = systemd_service('systemd-coredump.socket')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe s do\n        its('params.LoadState') { should eq 'masked' }\n      end\n      describe s do\n        its('params.LoadState') { should eq 'not-found' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230312.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Service systemd-coredump.socket params.LoadState is expected to eq \"masked\"",
+              "run_time": 0.000823,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "\nexpected: \"masked\"\n     got: \"loaded\"\n\n(compared using ==)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"systemd-coredump.socket\"]",
+              "resource_id": "systemd-coredump.socket"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service systemd-coredump.socket params.LoadState is expected to eq \"not-found\"",
+              "run_time": 0.000539,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "\nexpected: \"not-found\"\n     got: \"loaded\"\n\n(compared using ==)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"systemd-coredump.socket\"]",
+              "resource_id": "systemd-coredump.socket"
+            }
+          ]
+        },
+        {
+          "id": "SV-230313",
+          "title": "RHEL 8 must disable core dumps for all users.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables core dumps for all users by issuing\nthe following command:\n\n    $ sudo grep -r -s '^[^#].*core' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard core 0\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"core\" item is missing, commented out, or the value is anything\nother than \"0\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable core dumps for all users.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard core 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230313",
+            "rid": "SV-230313r627750_rule",
+            "stig_id": "RHEL-08-010673",
+            "fix_id": "F-32957r619861_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "legacy": [],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230313' do\n  title 'RHEL 8 must disable core dumps for all users.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.'\n  desc 'check', %q(Verify the operating system disables core dumps for all users by issuing\nthe following command:\n\n    $ sudo grep -r -s '^[^#].*core' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard core 0\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"core\" item is missing, commented out, or the value is anything\nother than \"0\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding.)\n  desc 'fix', 'Configure the operating system to disable core dumps for all users.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard core 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230313'\n  tag rid: 'SV-230313r627750_rule'\n  tag stig_id: 'RHEL-08-010673'\n  tag fix_id: 'F-32957r619861_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  limits_files = command('find /etc/security/limits.d/ -name *.conf').stdout.strip.split\n  limits_files.append('/etc/security/limits.conf')\n  describe.one do\n    limits_files.each do |lf|\n      describe limits_conf(lf) do\n        its('*') { should include %w[hard core 0] }\n      end\n    end\n  end\n  limits_files.each do |lf|\n    lines = limits_conf(lf).read_params.values.flatten(1)\n    lines.each do |line|\n      l = { type: line[0], item: line[1], value: line[2] }\n      next unless l[:item].eql?('core')\n\n      describe \"#{lf} entries\" do\n        subject { l }\n        its([:value]) { should cmp 0 }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230313.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "limits.conf * is expected to include [\"hard\", \"core\", \"0\"]",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "limits_conf",
+              "resource_params": "[\"/etc/security/limits.conf\"]",
+              "resource_id": "/etc/security/limits.conf"
+            },
+            {
+              "status": "passed",
+              "code_desc": "/etc/security/limits.conf entries [:value] is expected to cmp == 0",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "[:value]"
+            }
+          ]
+        },
+        {
+          "id": "SV-230314",
+          "title": "RHEL 8 must disable storing core dumps.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables storing core dumps for all users by\nissuing the following command:\n\n    $ sudo grep -i storage /etc/systemd/coredump.conf\n\n    Storage=none\n\n    If the \"Storage\" item is missing, commented out, or the value is anything\nother than \"none\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable storing core dumps for all users.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nStorage=none"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230314",
+            "rid": "SV-230314r627750_rule",
+            "stig_id": "RHEL-08-010674",
+            "fix_id": "F-32958r567689_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "legacy": [],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230314' do\n  title 'RHEL 8 must disable storing core dumps.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.'\n  desc 'check', 'Verify the operating system disables storing core dumps for all users by\nissuing the following command:\n\n    $ sudo grep -i storage /etc/systemd/coredump.conf\n\n    Storage=none\n\n    If the \"Storage\" item is missing, commented out, or the value is anything\nother than \"none\" and the need for core dumps is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement for\nall domains that have the \"core\" item assigned, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable storing core dumps for all users.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nStorage=none'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230314'\n  tag rid: 'SV-230314r627750_rule'\n  tag stig_id: 'RHEL-08-010674'\n  tag fix_id: 'F-32958r567689_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  describe parse_config_file('/etc/systemd/coredump.conf') do\n    its('Coredump.Storage') { should cmp 'none' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230314.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/systemd/coredump.conf Coredump.Storage is expected to cmp == \"none\"",
+              "run_time": 7.2e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/systemd/coredump.conf\"]",
+              "resource_id": "/etc/systemd/coredump.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230315",
+          "title": "RHEL 8 must disable core dump backtraces.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables core dump backtraces by issuing the\nfollowing command:\n\n    $ sudo grep -i ProcessSizeMax /etc/systemd/coredump.conf\n\n    ProcessSizeMax=0\n\n    If the \"ProcessSizeMax\" item is missing, commented out, or the value is\nanything other than \"0\" and the need for core dumps is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement\nfor all domains that have the \"core\" item assigned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable core dump backtraces.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nProcessSizeMax=0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230315",
+            "rid": "SV-230315r627750_rule",
+            "stig_id": "RHEL-08-010675",
+            "fix_id": "F-32959r567692_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "legacy": [],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230315' do\n  title 'RHEL 8 must disable core dump backtraces.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    A core dump includes a memory image taken at the time the operating system\nterminates an application. The memory image could contain sensitive data and is\ngenerally useful only for developers trying to debug problems.'\n  desc 'check', 'Verify the operating system disables core dump backtraces by issuing the\nfollowing command:\n\n    $ sudo grep -i ProcessSizeMax /etc/systemd/coredump.conf\n\n    ProcessSizeMax=0\n\n    If the \"ProcessSizeMax\" item is missing, commented out, or the value is\nanything other than \"0\" and the need for core dumps is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement\nfor all domains that have the \"core\" item assigned, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable core dump backtraces.\n\nAdd or modify the following line in /etc/systemd/coredump.conf:\n\nProcessSizeMax=0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230315'\n  tag rid: 'SV-230315r627750_rule'\n  tag stig_id: 'RHEL-08-010675'\n  tag fix_id: 'F-32959r567692_fix'\n  tag cci: ['CCI-000366']\n  tag legacy: []\n  tag nist: ['CM-6 b']\n\n  describe parse_config_file('/etc/systemd/coredump.conf') do\n    its('Coredump.ProcessSizeMax') { should cmp '0' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230315.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/systemd/coredump.conf Coredump.ProcessSizeMax is expected to cmp == \"0\"",
+              "run_time": 6.6e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/systemd/coredump.conf\"]",
+              "resource_id": "/etc/systemd/coredump.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230316",
+          "title": "For RHEL 8 systems using Domain Name Servers (DNS) resolution, at\nleast two name servers must be configured.",
+          "desc": "To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging."
+            },
+            {
+              "label": "check",
+              "data": "Determine whether the system is using local or DNS name resolution with the\nfollowing command:\n\n    $ sudo grep hosts /etc/nsswitch.conf\n\n    hosts: files dns\n\n    If the DNS entry is missing from the host's line in the\n\"/etc/nsswitch.conf\" file, the \"/etc/resolv.conf\" file must be empty.\n\n    Verify the \"/etc/resolv.conf\" file is empty with the following command:\n\n    $ sudo ls -al /etc/resolv.conf\n\n    -rw-r--r-- 1 root root 0 Aug 19 08:31 resolv.conf\n\n    If local host authentication is being used and the \"/etc/resolv.conf\"\nfile is not empty, this is a finding.\n\n    If the DNS entry is found on the host's line of the \"/etc/nsswitch.conf\"\nfile, verify the operating system is configured to use two or more name servers\nfor DNS resolution.\n\n    Determine the name servers used by the system with the following command:\n\n    $ sudo grep nameserver /etc/resolv.conf\n\n    nameserver 192.168.1.2\n    nameserver 192.168.1.3\n\n    If less than two lines are returned that are not commented out, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to use two or more name servers for DNS\nresolution.\n\n    By default, \"NetworkManager\" on RHEL 8 dynamically updates the\n/etc/resolv.conf file with the DNS settings from active \"NetworkManager\"\nconnection profiles. However, this feature can be disabled to allow manual\nconfigurations.\n\n    If manually configuring DNS, edit the \"/etc/resolv.conf\" file to\nuncomment or add the two or more \"nameserver\" option lines with the IP\naddress of local authoritative name servers. If local host resolution is being\nperformed, the \"/etc/resolv.conf\" file must be empty. An empty\n\"/etc/resolv.conf\" file can be created as follows:\n\n    $ sudo echo -n > /etc/resolv.conf"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230316",
+            "rid": "SV-230316r627750_rule",
+            "stig_id": "RHEL-08-010680",
+            "fix_id": "F-32960r567695_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230316' do\n  title 'For RHEL 8 systems using Domain Name Servers (DNS) resolution, at\nleast two name servers must be configured.'\n  desc 'To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging.'\n  desc 'check', %q(Determine whether the system is using local or DNS name resolution with the\nfollowing command:\n\n    $ sudo grep hosts /etc/nsswitch.conf\n\n    hosts: files dns\n\n    If the DNS entry is missing from the host's line in the\n\"/etc/nsswitch.conf\" file, the \"/etc/resolv.conf\" file must be empty.\n\n    Verify the \"/etc/resolv.conf\" file is empty with the following command:\n\n    $ sudo ls -al /etc/resolv.conf\n\n    -rw-r--r-- 1 root root 0 Aug 19 08:31 resolv.conf\n\n    If local host authentication is being used and the \"/etc/resolv.conf\"\nfile is not empty, this is a finding.\n\n    If the DNS entry is found on the host's line of the \"/etc/nsswitch.conf\"\nfile, verify the operating system is configured to use two or more name servers\nfor DNS resolution.\n\n    Determine the name servers used by the system with the following command:\n\n    $ sudo grep nameserver /etc/resolv.conf\n\n    nameserver 192.168.1.2\n    nameserver 192.168.1.3\n\n    If less than two lines are returned that are not commented out, this is a\nfinding.)\n  desc 'fix', 'Configure the operating system to use two or more name servers for DNS\nresolution.\n\n    By default, \"NetworkManager\" on RHEL 8 dynamically updates the\n/etc/resolv.conf file with the DNS settings from active \"NetworkManager\"\nconnection profiles. However, this feature can be disabled to allow manual\nconfigurations.\n\n    If manually configuring DNS, edit the \"/etc/resolv.conf\" file to\nuncomment or add the two or more \"nameserver\" option lines with the IP\naddress of local authoritative name servers. If local host resolution is being\nperformed, the \"/etc/resolv.conf\" file must be empty. An empty\n\"/etc/resolv.conf\" file can be created as follows:\n\n    $ sudo echo -n > /etc/resolv.conf'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230316'\n  tag rid: 'SV-230316r627750_rule'\n  tag stig_id: 'RHEL-08-010680'\n  tag fix_id: 'F-32960r567695_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  dns_in_host_line = parse_config_file('/etc/nsswitch.conf',\n                                       comment_char: '#',\n                                       assignment_regex: /^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/).params['hosts'].include?('dns')\n\n  unless dns_in_host_line\n    describe 'If `local` resolution is being used, a `hosts` entry in /etc/nsswitch.conf having `dns`' do\n      subject { dns_in_host_line }\n      it { should be false }\n    end\n  end\n\n  unless dns_in_host_line\n    describe 'If `local` resoultion is being used, the /etc/resolv.conf file should' do\n      subject { parse_config_file('/etc/resolv.conf', comment_char: '#').params }\n      it { should be_empty }\n    end\n  end\n\n  nameservers = parse_config_file('/etc/resolv.conf',\n                                  comment_char: '#').params.keys.grep(/nameserver/)\n\n  if dns_in_host_line\n    describe \"The system's nameservers: #{nameservers}\" do\n      subject { nameservers }\n      it { should_not be nil }\n    end\n  end\n\n  if dns_in_host_line\n    describe 'The number of nameservers' do\n      subject { nameservers.count }\n      it { should cmp >= 2 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230316.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The system's nameservers: [\"nameserver 172.31.0.2\"] is expected not to equal nil",
+              "run_time": 6.8e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system's nameservers: [\"nameserver 172.31.0.2\"]"
+            },
+            {
+              "status": "failed",
+              "code_desc": "The number of nameservers is expected to cmp >= 2",
+              "run_time": 0.000122,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "message": "\nexpected it to be >= 2\n     got: 1\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The number of nameservers"
+            }
+          ]
+        },
+        {
+          "id": "SV-230317",
+          "title": "Executable search paths within the initialization files of all local\ninteractive RHEL 8 users must only contain paths that resolve to the system\ndefault or the users home directory.",
+          "desc": "The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO)."
+            },
+            {
+              "label": "check",
+              "data": "Verify that all local interactive user initialization file executable search path statements do not contain statements that will reference a working directory other than user home directories with the following commands:\n\n$ sudo grep -i path= /home/*/.*\n\n/home/[localinteractiveuser]/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin\n\nIf any local interactive user initialization files have executable search path statements that include directories outside of their home directory and is not documented with the ISSO as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the local interactive user initialization files to change any PATH\nvariable statements that reference directories other than their home directory.\n\n    If a local interactive user requires path variables to reference a\ndirectory owned by the application, it must be documented with the ISSO."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230317",
+            "rid": "SV-230317r792896_rule",
+            "stig_id": "RHEL-08-010690",
+            "fix_id": "F-32961r567698_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230317' do\n  title 'Executable search paths within the initialization files of all local\ninteractive RHEL 8 users must only contain paths that resolve to the system\ndefault or the users home directory.'\n  desc \"The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO).\"\n  desc 'check', 'Verify that all local interactive user initialization file executable search path statements do not contain statements that will reference a working directory other than user home directories with the following commands:\n\n$ sudo grep -i path= /home/*/.*\n\n/home/[localinteractiveuser]/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin\n\nIf any local interactive user initialization files have executable search path statements that include directories outside of their home directory and is not documented with the ISSO as an operational requirement, this is a finding.'\n  desc 'fix', 'Edit the local interactive user initialization files to change any PATH\nvariable statements that reference directories other than their home directory.\n\n    If a local interactive user requires path variables to reference a\ndirectory owned by the application, it must be documented with the ISSO.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230317'\n  tag rid: 'SV-230317r792896_rule'\n  tag stig_id: 'RHEL-08-010690'\n  tag fix_id: 'F-32961r567698_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  findings = Set[]\n  users.where { !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    next if input('exempt_home_users').include?(user_info.username.to_s)\n\n    grep_results = command(\"grep -i path --exclude=\\\".bash_history\\\" #{user_info.home}/.*\").stdout.split('\\\\n')\n    grep_results.each do |result|\n      result.slice! 'PATH='\n      # Case when last value in exec search path is :\n      result += ' ' if result[-1] == ':'\n      result.slice! '$PATH:'\n      result.gsub! '$HOME', user_info.home.to_s\n      result.gsub! '~', user_info.home.to_s\n      line_arr = result.split(':')\n      line_arr.delete_at(0)\n      line_arr.each do |line|\n        # Don't run test on line that exports PATH and is not commented out\n        next unless !line.start_with?('export') && !line.start_with?('#')\n\n        # Case when :: found in exec search path or : found at beginning\n        if line.strip.empty?\n          curr_work_dir = command('pwd').stdout.delete(\"\\n\")\n          line = curr_work_dir if curr_work_dir.start_with?(user_info.home.to_s)\n        end\n        # This will fail if non-home directory found in path\n        findings.add(line) unless line.start_with?(user_info.home)\n      end\n    end\n  end\n  describe.one do\n    describe etc_fstab do\n      its('home_mount_options') { should include 'nosuid' }\n    end\n    describe 'Initialization files that include executable search paths that include directories outside their home directories' do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230317.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Initialization files that include executable search paths that include directories outside their home directories is expected to be empty",
+              "run_time": 7.4e-05,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Initialization files that include executable search paths that include directories outside their home directories"
+            }
+          ]
+        },
+        {
+          "id": "SV-230318",
+          "title": "All RHEL 8 world-writable directories must be owned by root, sys, bin,\nor an application user.",
+          "desc": "If a world-writable directory is not owned by root, sys, bin, or an\napplication User Identifier (UID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a world-writable directory is not owned by root, sys, bin, or an\napplication User Identifier (UID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access."
+            },
+            {
+              "label": "check",
+              "data": "The following command will discover and print world-writable directories\nthat are not owned by a system account, given the assumption that only system\naccounts have a uid lower than 1000. Run it once for each local partition\n[PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -uid +999 -print\n\n    If there is output, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "All directories in local partitions which are world-writable\nshould be owned by root or another system account. If any world-writable\ndirectories are not owned by a system account, this should be investigated.\nFollowing this, the files should be deleted or assigned to an appropriate\ngroup."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230318",
+            "rid": "SV-230318r743960_rule",
+            "stig_id": "RHEL-08-010700",
+            "fix_id": "F-32962r567701_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230318' do\n  title 'All RHEL 8 world-writable directories must be owned by root, sys, bin,\nor an application user.'\n  desc 'If a world-writable directory is not owned by root, sys, bin, or an\napplication User Identifier (UID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.'\n  desc 'check', 'The following command will discover and print world-writable directories\nthat are not owned by a system account, given the assumption that only system\naccounts have a uid lower than 1000. Run it once for each local partition\n[PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -uid +999 -print\n\n    If there is output, this is a finding.'\n  desc 'fix', 'All directories in local partitions which are world-writable\nshould be owned by root or another system account. If any world-writable\ndirectories are not owned by a system account, this should be investigated.\nFollowing this, the files should be deleted or assigned to an appropriate\ngroup.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230318'\n  tag rid: 'SV-230318r743960_rule'\n  tag stig_id: 'RHEL-08-010700'\n  tag fix_id: 'F-32962r567701_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ww_dirs = Set[]\n  partitions = etc_fstab.params.map { |partition| partition['mount_point'] }.uniq\n  partitions.each do |part|\n    cmd = \"find #{part} -xdev -type d -perm -0002 -uid +999 -print\"\n    ww_dirs += command(cmd).stdout.split(\"\\n\")\n  end\n\n  describe 'List of world-writeable directories which are not owned by system accounts across all partitions' do\n    subject { ww_dirs.to_a }\n    it { should be_empty }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230318.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "List of world-writeable directories which are not owned by system accounts across all partitions is expected to be empty",
+              "run_time": 0.002972,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "List of world-writeable directories which are not owned by system accounts across all partitions"
+            }
+          ]
+        },
+        {
+          "id": "SV-230319",
+          "title": "All RHEL 8 world-writable directories must be group-owned by root,\nsys, bin, or an application group.",
+          "desc": "If a world-writable directory is not group-owned by root, sys, bin, or\nan application Group Identifier (GID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a world-writable directory is not group-owned by root, sys, bin, or\nan application Group Identifier (GID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access."
+            },
+            {
+              "label": "check",
+              "data": "The following command will discover and print world-writable directories\nthat are not group-owned by a system account, given the assumption that only\nsystem accounts have a gid lower than 1000. Run it once for each local\npartition [PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -gid +999 -print\n\n    If there is output, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "All directories in local partitions which are world-writable\nmust be group-owned by root or another system account.  If any world-writable\ndirectories are not group-owned by a system account, this must be investigated.\n Following this, the directories must be deleted or assigned to an appropriate\ngroup."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230319",
+            "rid": "SV-230319r743961_rule",
+            "stig_id": "RHEL-08-010710",
+            "fix_id": "F-32963r567704_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230319' do\n  title 'All RHEL 8 world-writable directories must be group-owned by root,\nsys, bin, or an application group.'\n  desc 'If a world-writable directory is not group-owned by root, sys, bin, or\nan application Group Identifier (GID), unauthorized users may be able to modify\nfiles created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.'\n  desc 'check', 'The following command will discover and print world-writable directories\nthat are not group-owned by a system account, given the assumption that only\nsystem accounts have a gid lower than 1000. Run it once for each local\npartition [PART]:\n\n    $ sudo find [PART] -xdev -type d -perm -0002 -gid +999 -print\n\n    If there is output, this is a finding.'\n  desc 'fix', 'All directories in local partitions which are world-writable\nmust be group-owned by root or another system account.  If any world-writable\ndirectories are not group-owned by a system account, this must be investigated.\n Following this, the directories must be deleted or assigned to an appropriate\ngroup.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230319'\n  tag rid: 'SV-230319r743961_rule'\n  tag stig_id: 'RHEL-08-010710'\n  tag fix_id: 'F-32963r567704_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ww_dirs = Set[]\n  partitions = etc_fstab.params.map { |partition| partition['mount_point'] }.uniq\n  partitions.each do |part|\n    cmd = \"find #{part} -xdev -type d -perm -0002 -gid +999 -print\"\n    ww_dirs += command(cmd).stdout.split(\"\\n\")\n  end\n\n  ww_dirs = ww_dirs.to_a\n\n  describe 'World-writeable directories across all partitions' do\n    it 'should be group-owned by system accounts ' do\n      expect(ww_dirs).to be_empty, \"World-writeable directories non group-owned by system accounts:\\n\\t- #{ww_dirs.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230319.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "World-writeable directories across all partitions should be group-owned by system accounts ",
+              "run_time": 0.002625,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "World-writeable directories across all partitions"
+            }
+          ]
+        },
+        {
+          "id": "SV-230320",
+          "title": "All RHEL 8 local interactive users must have a home directory assigned\nin the /etc/passwd file.",
+          "desc": "If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own."
+            },
+            {
+              "label": "check",
+              "data": "Verify local interactive users on RHEL 8 have a home directory assigned\nwith the following command:\n\n    $ sudo pwck -r\n\n    user 'lp': directory '/var/spool/lpd' does not exist\n    user 'news': directory '/var/spool/news' does not exist\n    user 'uucp': directory '/var/spool/uucp' does not exist\n    user 'www-data': directory '/var/www' does not exist\n\n    Ask the System Administrator (SA) if any users found without home\ndirectories are local interactive users. If the SA is unable to provide a\nresponse, check for users with a User Identifier (UID) of 1000 or greater with\nthe following command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd\n\n    If any interactive users do not have a home directory assigned, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Assign home directories to all local interactive users on RHEL\n8 that currently do not have a home directory assigned."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230320",
+            "rid": "SV-230320r627750_rule",
+            "stig_id": "RHEL-08-010720",
+            "fix_id": "F-32964r567707_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230320' do\n  title 'All RHEL 8 local interactive users must have a home directory assigned\nin the /etc/passwd file.'\n  desc 'If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.'\n  desc 'check', \"Verify local interactive users on RHEL 8 have a home directory assigned\nwith the following command:\n\n    $ sudo pwck -r\n\n    user 'lp': directory '/var/spool/lpd' does not exist\n    user 'news': directory '/var/spool/news' does not exist\n    user 'uucp': directory '/var/spool/uucp' does not exist\n    user 'www-data': directory '/var/www' does not exist\n\n    Ask the System Administrator (SA) if any users found without home\ndirectories are local interactive users. If the SA is unable to provide a\nresponse, check for users with a User Identifier (UID) of 1000 or greater with\nthe following command:\n\n    $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1, $3, $6}' /etc/passwd\n\n    If any interactive users do not have a home directory assigned, this is a\nfinding.\"\n  desc 'fix', 'Assign home directories to all local interactive users on RHEL\n8 that currently do not have a home directory assigned.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230320'\n  tag rid: 'SV-230320r627750_rule'\n  tag stig_id: 'RHEL-08-010720'\n  tag fix_id: 'F-32964r567707_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  exempt_users = input('exempt_home_users')\n  ignore_shells = input('non_interactive_shells').join('|')\n  actvite_users_without_homedir = users.where { !shell.match(ignore_shells) && home.nil? }.entries\n\n  # only_if(\"This control is Not Applicable since no 'non-exempt' users were found\", impact: 0.0) { !active_home.empty? }\n\n  describe 'All non-exempt users' do\n    it 'have an assinded home directory that exists' do\n      failure_message = \"The following users do not have an assigned home directory: #{actvite_users_without_homedir.join(', ')}\"\n      expect(actvite_users_without_homedir).to be_empty, failure_message\n    end\n  end\n  describe 'Note: `exempt_home_users` skipped user' do\n    exempt_users.each do |u|\n      next if exempt_users.empty?\n\n      it u.to_s do\n        expect(user(u).username).to be_truthy.or be_nil\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230320.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "All non-exempt users have an assinded home directory that exists",
+              "run_time": 0.002491,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All non-exempt users"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Note: `exempt_home_users` skipped user root",
+              "run_time": 0.002771,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Note: `exempt_home_users` skipped user"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Note: `exempt_home_users` skipped user vagrant",
+              "run_time": 0.103,
+              "start_time": "2024-01-09T19:40:45-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Note: `exempt_home_users` skipped user"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Note: `exempt_home_users` skipped user ec2-user",
+              "run_time": 0.000259,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Note: `exempt_home_users` skipped user"
+            }
+          ]
+        },
+        {
+          "id": "SV-230321",
+          "title": "All RHEL 8 local interactive user home directories must have mode 0750\nor less permissive.",
+          "desc": "Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users."
+            },
+            {
+              "label": "check",
+              "data": "Verify the assigned home directory of all local interactive users has a\nmode of \"0750\" or less permissive with the following command:\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    If home directories referenced in \"/etc/passwd\" do not have a mode of\n\"0750\" or less permissive, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the mode of interactive user’s home directories to \"0750\". To\nchange the mode of a local interactive user’s home directory, use the following\ncommand:\n\n    Note: The example will be for the user \"smithj\".\n\n    $ sudo chmod 0750 /home/smithj"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230321",
+            "rid": "SV-230321r627750_rule",
+            "stig_id": "RHEL-08-010730",
+            "fix_id": "F-32965r567710_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230321' do\n  title 'All RHEL 8 local interactive user home directories must have mode 0750\nor less permissive.'\n  desc 'Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.'\n  desc 'check', %q(Verify the assigned home directory of all local interactive users has a\nmode of \"0750\" or less permissive with the following command:\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    If home directories referenced in \"/etc/passwd\" do not have a mode of\n\"0750\" or less permissive, this is a finding.)\n  desc 'fix', 'Change the mode of interactive user’s home directories to \"0750\". To\nchange the mode of a local interactive user’s home directory, use the following\ncommand:\n\n    Note: The example will be for the user \"smithj\".\n\n    $ sudo chmod 0750 /home/smithj'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230321'\n  tag rid: 'SV-230321r627750_rule'\n  tag stig_id: 'RHEL-08-010730'\n  tag fix_id: 'F-32965r567710_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  exempt_home_users = input('exempt_home_users')\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  iuser_entries = passwd.where { uid.to_i >= uid_min && shell !~ /nologin/ && !exempt_home_users.include?(user) }\n\n  if !iuser_entries.users.nil? && !iuser_entries.users.empty?\n    iuser_entries.homes.each do |home_dir|\n      describe file(home_dir) do\n        it { should_not be_more_permissive_than('0750') }\n      end\n    end\n  else\n    describe 'No non-exempt interactive user accounts were detected on the system' do\n      subject { true }\n      it { should be true }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230321.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "No non-exempt interactive user accounts were detected on the system is expected to equal true",
+              "run_time": 0.000105,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No non-exempt interactive user accounts were detected on the system"
+            }
+          ]
+        },
+        {
+          "id": "SV-230322",
+          "title": "All RHEL 8 local interactive user home directories must be group-owned\nby the home directory owner’s primary group.",
+          "desc": "If the Group Identifier (GID) of a local interactive user’s home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user’s files, and users that share the same group\nmay not be able to access files that they legitimately should.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the Group Identifier (GID) of a local interactive user’s home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user’s files, and users that share the same group\nmay not be able to access files that they legitimately should."
+            },
+            {
+              "label": "check",
+              "data": "Verify the assigned home directory of all local interactive users is group-owned by that user’s primary GID with the following command:\n\nNote: This may miss local interactive users that have been assigned a privileged UID. Evidence of interactive use may be obtained from a number of log files containing system logon information. The returned directory \"/home/smithj\" is used as an example.\n\n     $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)\n\n     drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\nCheck the user's primary group with the following command:\n\n     $ sudo grep $(grep smithj /etc/passwd | awk -F: '{print $4}') /etc/group\n\n     admin:x:250:smithj,jonesj,jacksons\n\nIf the user home directory referenced in \"/etc/passwd\" is not group-owned by that user’s primary GID, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the group owner of a local interactive user’s home directory to the\ngroup found in \"/etc/passwd\". To change the group owner of a local\ninteractive user’s home directory, use the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\", and has a primary group of users.\n\n    $ sudo chgrp users /home/smithj"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230322",
+            "rid": "SV-230322r880717_rule",
+            "stig_id": "RHEL-08-010740",
+            "fix_id": "F-32966r880716_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230322' do\n  title 'All RHEL 8 local interactive user home directories must be group-owned\nby the home directory owner’s primary group.'\n  desc 'If the Group Identifier (GID) of a local interactive user’s home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user’s files, and users that share the same group\nmay not be able to access files that they legitimately should.'\n  desc 'check', %q(Verify the assigned home directory of all local interactive users is group-owned by that user’s primary GID with the following command:\n\nNote: This may miss local interactive users that have been assigned a privileged UID. Evidence of interactive use may be obtained from a number of log files containing system logon information. The returned directory \"/home/smithj\" is used as an example.\n\n     $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}' /etc/passwd)\n\n     drwxr-x--- 2 smithj admin 4096 Jun 5 12:41 smithj\n\nCheck the user's primary group with the following command:\n\n     $ sudo grep $(grep smithj /etc/passwd | awk -F: '{print $4}') /etc/group\n\n     admin:x:250:smithj,jonesj,jacksons\n\nIf the user home directory referenced in \"/etc/passwd\" is not group-owned by that user’s primary GID, this is a finding.)\n  desc 'fix', 'Change the group owner of a local interactive user’s home directory to the\ngroup found in \"/etc/passwd\". To change the group owner of a local\ninteractive user’s home directory, use the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\", and has a primary group of users.\n\n    $ sudo chgrp users /home/smithj'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230322'\n  tag rid: 'SV-230322r880717_rule'\n  tag stig_id: 'RHEL-08-010740'\n  tag fix_id: 'F-32966r880716_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where { !shell.match(ignore_shells) && (uid >= uid_min || uid.zero?) }.entries.each do |user_info|\n    next if input('exempt_home_users').include?(user_info.username.to_s)\n\n    findings += command(\"find #{user_info.home} -maxdepth 0 -not -gid #{user_info.gid}\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories that are not group-owned by the user's primary GID\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230322.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Home directories that are not group-owned by the user's primary GID is expected to be empty",
+              "run_time": 0.003936,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Home directories that are not group-owned by the user's primary GID"
+            }
+          ]
+        },
+        {
+          "id": "SV-230323",
+          "title": "All RHEL 8 local interactive user home directories defined in the\n/etc/passwd file must exist.",
+          "desc": "If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the \"/\" directory as the current\nworking directory upon logon. This could create a denial of service because the\nuser would not be able to access their logon configuration files, and it may\ngive them visibility to system files they normally would not be able to access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the \"/\" directory as the current\nworking directory upon logon. This could create a denial of service because the\nuser would not be able to access their logon configuration files, and it may\ngive them visibility to system files they normally would not be able to access."
+            },
+            {
+              "label": "check",
+              "data": "Verify the assigned home directory of all local interactive users on RHEL 8\nexists with the following command:\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-xr-x 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser ID (UID). Evidence of interactive use may be obtained from a number of log\nfiles containing system logon information.\n\n    Check that all referenced home directories exist with the following command:\n\n    $ sudo pwck -r\n\n    user 'smithj': directory '/home/smithj' does not exist\n\n    If any home directories referenced in \"/etc/passwd\" are returned as not\ndefined, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Create home directories to all local interactive users that currently do\nnot have a home directory assigned. Use the following commands to create the\nuser home directory assigned in \"/etc/ passwd\":\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\", a UID of \"smithj\", and a Group Identifier (GID) of \"users\nassigned\" in \"/etc/passwd\".\n\n    $ sudo mkdir /home/smithj\n    $ sudo chown smithj /home/smithj\n    $ sudo chgrp users /home/smithj\n    $ sudo chmod 0750 /home/smithj"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230323",
+            "rid": "SV-230323r627750_rule",
+            "stig_id": "RHEL-08-010750",
+            "fix_id": "F-32967r567716_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230323' do\n  title 'All RHEL 8 local interactive user home directories defined in the\n/etc/passwd file must exist.'\n  desc 'If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the \"/\" directory as the current\nworking directory upon logon. This could create a denial of service because the\nuser would not be able to access their logon configuration files, and it may\ngive them visibility to system files they normally would not be able to access.'\n  desc 'check', %q(Verify the assigned home directory of all local interactive users on RHEL 8\nexists with the following command:\n\n    $ sudo ls -ld $(awk -F: '($3>=1000)&&($7 !~ /nologin/){print $6}'\n/etc/passwd)\n\n    drwxr-xr-x 2 smithj admin 4096 Jun 5 12:41 smithj\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser ID (UID). Evidence of interactive use may be obtained from a number of log\nfiles containing system logon information.\n\n    Check that all referenced home directories exist with the following command:\n\n    $ sudo pwck -r\n\n    user 'smithj': directory '/home/smithj' does not exist\n\n    If any home directories referenced in \"/etc/passwd\" are returned as not\ndefined, this is a finding.)\n  desc 'fix', 'Create home directories to all local interactive users that currently do\nnot have a home directory assigned. Use the following commands to create the\nuser home directory assigned in \"/etc/ passwd\":\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\", a UID of \"smithj\", and a Group Identifier (GID) of \"users\nassigned\" in \"/etc/passwd\".\n\n    $ sudo mkdir /home/smithj\n    $ sudo chown smithj /home/smithj\n    $ sudo chgrp users /home/smithj\n    $ sudo chmod 0750 /home/smithj'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230323'\n  tag rid: 'SV-230323r627750_rule'\n  tag stig_id: 'RHEL-08-010750'\n  tag fix_id: 'F-32967r567716_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  iuser_entries = passwd.where { uid.to_i >= 1000 && shell !~ /nologin/ }\n  iuser_entries.homes.each do |home_dir|\n    describe directory(home_dir) do\n      it { should exist }\n    end\n  end\n\n  if iuser_entries.entries.empty?\n    describe 'Test skipped because no directories were found' do\n      skip 'This test is skipped since the user directory search returned an empty list'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230323.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /home/ec2-user is expected to exist",
+              "run_time": 0.339303,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/home/ec2-user\"]",
+              "resource_id": "/home/ec2-user"
+            }
+          ]
+        },
+        {
+          "id": "SV-230324",
+          "title": "All RHEL 8 local interactive user accounts must be assigned a home\ndirectory upon creation.",
+          "desc": "If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own."
+            },
+            {
+              "label": "check",
+              "data": "Verify all local interactive users on RHEL 8 are assigned a home directory\nupon creation with the following command:\n\n    $ sudo grep -i create_home /etc/login.defs\n\n    CREATE_HOME yes\n\n    If the value for \"CREATE_HOME\" parameter is not set to \"yes\", the line\nis missing, or the line is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to assign home directories to all new local interactive\nusers by setting the \"CREATE_HOME\" parameter in \"/etc/login.defs\" to\n\"yes\" as follows.\n\n    CREATE_HOME yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230324",
+            "rid": "SV-230324r627750_rule",
+            "stig_id": "RHEL-08-010760",
+            "fix_id": "F-32968r567719_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230324' do\n  title 'All RHEL 8 local interactive user accounts must be assigned a home\ndirectory upon creation.'\n  desc 'If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.'\n  desc 'check', 'Verify all local interactive users on RHEL 8 are assigned a home directory\nupon creation with the following command:\n\n    $ sudo grep -i create_home /etc/login.defs\n\n    CREATE_HOME yes\n\n    If the value for \"CREATE_HOME\" parameter is not set to \"yes\", the line\nis missing, or the line is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to assign home directories to all new local interactive\nusers by setting the \"CREATE_HOME\" parameter in \"/etc/login.defs\" to\n\"yes\" as follows.\n\n    CREATE_HOME yes'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230324'\n  tag rid: 'SV-230324r627750_rule'\n  tag stig_id: 'RHEL-08-010760'\n  tag fix_id: 'F-32968r567719_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe login_defs do\n    its('CREATE_HOME') { should eq 'yes' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230324.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "login.defs CREATE_HOME is expected to eq \"yes\"",
+              "run_time": 0.001359,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "resource_class": "login_defs",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs"
+            }
+          ]
+        },
+        {
+          "id": "SV-230325",
+          "title": "All RHEL 8 local initialization files must have mode 0740 or less\npermissive.",
+          "desc": "Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon."
+            },
+            {
+              "label": "check",
+              "data": "Verify that all local initialization files have a mode of \"0740\" or less permissive with the following command:\n\nNote: The example will be for the \"smithj\" user, who has a home directory of \"/home/smithj\".\n\n     $ sudo ls -al /home/smithj/.[^.]* | more\n\n     -rw-------. 1 smithj users 2984 Apr 27 19:02 .bash_history\n     -rw-r--r--. 1 smithj users   18 Aug 21  2019 .bash_logout\n     -rw-r--r--. 1 smithj users  193 Aug 21  2019 .bash_profile\n\nIf any local initialization files have a mode more permissive than \"0740\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Set the mode of the local initialization files to \"0740\" with the\nfollowing command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\"/home/smithj\".\n\n    $ sudo chmod 0740 /home/smithj/.<INIT_FILE>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230325",
+            "rid": "SV-230325r917879_rule",
+            "stig_id": "RHEL-08-010770",
+            "fix_id": "F-32969r917878_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230325' do\n  title 'All RHEL 8 local initialization files must have mode 0740 or less\npermissive.'\n  desc \"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.\"\n  desc 'check', 'Verify that all local initialization files have a mode of \"0740\" or less permissive with the following command:\n\nNote: The example will be for the \"smithj\" user, who has a home directory of \"/home/smithj\".\n\n     $ sudo ls -al /home/smithj/.[^.]* | more\n\n     -rw-------. 1 smithj users 2984 Apr 27 19:02 .bash_history\n     -rw-r--r--. 1 smithj users   18 Aug 21  2019 .bash_logout\n     -rw-r--r--. 1 smithj users  193 Aug 21  2019 .bash_profile\n\nIf any local initialization files have a mode more permissive than \"0740\", this is a finding.'\n  desc 'fix', 'Set the mode of the local initialization files to \"0740\" with the\nfollowing command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\"/home/smithj\".\n\n    $ sudo chmod 0740 /home/smithj/.<INIT_FILE>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230325'\n  tag rid: 'SV-230325r917879_rule'\n  tag stig_id: 'RHEL-08-010770'\n  tag fix_id: 'F-32969r917878_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  findings = Set[]\n  users.where { !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    findings += command(\"find #{user_info.home} -xdev -maxdepth 1 -name '.*' -type f -perm /037\").stdout.split(\"\\n\")\n  end\n  describe findings do\n    it { should be_empty }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230325.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "#<Set: {\"/root/.bash_logout\", \"/root/.bash_profile\", \"/root/.bashrc\", \"/root/.cshrc\", \"/root/.tcshrc\", \"/home/ec2-user/.bash_logout\", \"/home/ec2-user/.bash_profile\", \"/home/ec2-user/.bashrc\"}> is expected to be empty",
+              "run_time": 0.008466,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "message": "expected `#<Set: {\"/root/.bash_logout\", \"/root/.bash_profile\", \"/root/.bashrc\", \"/root/.cshrc\", \"/root/.tcshrc\", \"/home/ec2-user/.bash_logout\", \"/home/ec2-user/.bash_profile\", \"/home/ec2-user/.bashrc\"}>.empty?` to be truthy, got false",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230326",
+          "title": "All RHEL 8 local files and directories must have a valid owner.",
+          "desc": "Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \"UID\" as the UID of the un-owned\nfiles.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \"UID\" as the UID of the un-owned\nfiles."
+            },
+            {
+              "label": "check",
+              "data": "Verify all local files and directories on RHEL 8 have a valid owner with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nouser\n\n    If any files on the system do not have an assigned owner, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories."
+            },
+            {
+              "label": "fix",
+              "data": "Either remove all files and directories from the system that do not have a\nvalid user, or assign a valid user to all unowned files and directories on RHEL\n8 with the \"chown\" command:\n\n    $ sudo chown <user> <file>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230326",
+            "rid": "SV-230326r627750_rule",
+            "stig_id": "RHEL-08-010780",
+            "fix_id": "F-32970r567725_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230326' do\n  title 'All RHEL 8 local files and directories must have a valid owner.'\n  desc 'Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \"UID\" as the UID of the un-owned\nfiles.'\n  desc 'check', 'Verify all local files and directories on RHEL 8 have a valid owner with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nouser\n\n    If any files on the system do not have an assigned owner, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories.'\n  desc 'fix', 'Either remove all files and directories from the system that do not have a\nvalid user, or assign a valid user to all unowned files and directories on RHEL\n8 with the \"chown\" command:\n\n    $ sudo chown <user> <file>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230326'\n  tag rid: 'SV-230326r627750_rule'\n  tag stig_id: 'RHEL-08-010780'\n  tag fix_id: 'F-32970r567725_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'')\n    .stdout.strip.split(\"\\n\").each do |fs|\n    describe command(\"find / -xdev -xautofs -fstype #{fs} -nouser\") do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230326.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `find / -xdev -xautofs -fstype xfs -nouser` stdout.strip is expected to be empty",
+              "run_time": 1.723498,
+              "start_time": "2024-01-09T19:40:46-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"find / -xdev -xautofs -fstype xfs -nouser\"]",
+              "resource_id": "Command: `find / -xdev -xautofs -fstype xfs -nouser`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230327",
+          "title": "All RHEL 8 local files and directories must have a valid group owner.",
+          "desc": "Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner."
+            },
+            {
+              "label": "check",
+              "data": "Verify all local files and directories on RHEL 8 have a valid group with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nogroup\n\n    If any files on the system do not have an assigned group, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories."
+            },
+            {
+              "label": "fix",
+              "data": "Either remove all files and directories from RHEL 8 that do not have a\nvalid group, or assign a valid group to all files and directories on the system\nwith the \"chgrp\" command:\n\n    $ sudo chgrp <group> <file>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230327",
+            "rid": "SV-230327r627750_rule",
+            "stig_id": "RHEL-08-010790",
+            "fix_id": "F-32971r567728_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230327' do\n  title 'All RHEL 8 local files and directories must have a valid group owner.'\n  desc 'Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner.'\n  desc 'check', 'Verify all local files and directories on RHEL 8 have a valid group with\nthe following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    $ sudo find / -fstype xfs -nogroup\n\n    If any files on the system do not have an assigned group, this is a finding.\n\n    Note: Command may produce error messages from the /proc and /sys\ndirectories.'\n  desc 'fix', 'Either remove all files and directories from RHEL 8 that do not have a\nvalid group, or assign a valid group to all files and directories on the system\nwith the \"chgrp\" command:\n\n    $ sudo chgrp <group> <file>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230327'\n  tag rid: 'SV-230327r627750_rule'\n  tag stig_id: 'RHEL-08-010790'\n  tag fix_id: 'F-32971r567728_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'')\n    .stdout.strip.split(\"\\n\").each do |fs|\n    describe command(\"find / -xdev -xautofs -fstype #{fs} -nogroup\") do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230327.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `find / -xdev -xautofs -fstype xfs -nogroup` stdout.strip is expected to be empty",
+              "run_time": 1.72076,
+              "start_time": "2024-01-09T19:40:48-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"find / -xdev -xautofs -fstype xfs -nogroup\"]",
+              "resource_id": "Command: `find / -xdev -xautofs -fstype xfs -nogroup`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230328",
+          "title": "A separate RHEL 8 filesystem must be used for user home directories\n(such as /home or an equivalent).",
+          "desc": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a separate file system has been created for non-privileged local interactive user home directories.\n\n  Check the home directory assignment for all non-privileged users, users with a User Identifier (UID) greater than 1000, on the system with the following command:\n\n     $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n     doej 1001 /home/doej\n     publicj 1002 /home/publicj\n     smithj 1003 /home/smithj\n\nThe output of the command will give the directory/partition that contains the home directories for the non-privileged users on the system (in this example, \"/home\") and users’ shell. All accounts with a valid shell (such as /bin/bash) are considered interactive users.\n\nCheck that a file system/partition has been created for the nonprivileged interactive users with the following command:\n\nNote: The partition of \"/home\" is used in the example.\n\n     $ sudo grep /home /etc/fstab\n\n     /dev/mapper/...   /home   xfs   defaults,noexec,nosuid,nodev 0 0\n\nIf a separate entry for the file system/partition containing the nonprivileged interactive user home directories does not exist, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Migrate the \"/home\" directory onto a separate file system."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230328",
+            "rid": "SV-230328r902723_rule",
+            "stig_id": "RHEL-08-010800",
+            "fix_id": "F-32972r902722_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230328' do\n  title 'A separate RHEL 8 filesystem must be used for user home directories\n(such as /home or an equivalent).'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', %q(Verify that a separate file system has been created for non-privileged local interactive user home directories.\n\n  Check the home directory assignment for all non-privileged users, users with a User Identifier (UID) greater than 1000, on the system with the following command:\n\n     $ sudo awk -F: '($3>=1000)&&($7 !~ /nologin/){print $1,$3,$6}' /etc/passwd\n\n     doej 1001 /home/doej\n     publicj 1002 /home/publicj\n     smithj 1003 /home/smithj\n\nThe output of the command will give the directory/partition that contains the home directories for the non-privileged users on the system (in this example, \"/home\") and users’ shell. All accounts with a valid shell (such as /bin/bash) are considered interactive users.\n\nCheck that a file system/partition has been created for the nonprivileged interactive users with the following command:\n\nNote: The partition of \"/home\" is used in the example.\n\n     $ sudo grep /home /etc/fstab\n\n     /dev/mapper/...   /home   xfs   defaults,noexec,nosuid,nodev 0 0\n\nIf a separate entry for the file system/partition containing the nonprivileged interactive user home directories does not exist, this is a finding.)\n  desc 'fix', 'Migrate the \"/home\" directory onto a separate file system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230328'\n  tag rid: 'SV-230328r902723_rule'\n  tag stig_id: 'RHEL-08-010800'\n  tag fix_id: 'F-32972r902722_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  only_if('This requirement is Not Applicable inside a container, the containers host manages the containers filesystems') {\n    !virtualization.system.eql?('docker')\n  }\n\n  ignore_shells = input('non_interactive_shells').join('|')\n  homes = users.where { uid >= 1000 && !shell.match(ignore_shells) }.homes\n  root_device = etc_fstab.where { mount_point == '/' }.device_name\n\n  if input('seperate_filesystem_exempt')\n    impact 0.0\n    describe 'This system is not required to have sperate filesystems for each mount point' do\n      skip 'The system is managing filesystems and space via other mechinisums, this requirement is Not Applicable'\n    end\n  else\n    homes.each do |home|\n      pn_parent = Pathname.new(home).parent.to_s\n      home_device = etc_fstab.where { mount_point == pn_parent }.device_name\n\n      describe \"The '#{pn_parent}' mount point\" do\n        subject { home_device }\n\n        it 'is not on the same partition as the root partition' do\n          is_expected.not_to equal(root_device)\n        end\n\n        it 'has its own partition' do\n          is_expected.not_to be_empty\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230328.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This system is not required to have sperate filesystems for each mount point",
+              "run_time": 6.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "",
+              "skip_message": "The system is managing filesystems and space via other mechinisums, this requirement is Not Applicable",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This system is not required to have sperate filesystems for each mount point"
+            }
+          ]
+        },
+        {
+          "id": "SV-230329",
+          "title": "Unattended or automatic logon via the RHEL 8 graphical user interface\nmust not be allowed.",
+          "desc": "Failure to restrict system access to authenticated users negatively\nimpacts operating system security.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Failure to restrict system access to authenticated users negatively\nimpacts operating system security."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system does not allow an unattended or automatic logon\nto the system via a graphical user interface.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check for the value of the \"AutomaticLoginEnable\" in the\n\"/etc/gdm/custom.conf\" file with the following command:\n\n    $ sudo grep -i automaticloginenable /etc/gdm/custom.conf\n\n    AutomaticLoginEnable=false\n\n    If the value of \"AutomaticLoginEnable\" is not set to \"false\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to not allow an unattended or automatic\nlogon to the system via a graphical user interface.\n\n    Add or edit the line for the \"AutomaticLoginEnable\" parameter in the\n[daemon] section of the \"/etc/gdm/custom.conf\" file to \"false\":\n\n    [daemon]\n    AutomaticLoginEnable=false"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00229",
+            "gid": "V-230329",
+            "rid": "SV-230329r877377_rule",
+            "stig_id": "RHEL-08-010820",
+            "fix_id": "F-32973r567734_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230329' do\n  title 'Unattended or automatic logon via the RHEL 8 graphical user interface\nmust not be allowed.'\n  desc 'Failure to restrict system access to authenticated users negatively\nimpacts operating system security.'\n  desc 'check', 'Verify the operating system does not allow an unattended or automatic logon\nto the system via a graphical user interface.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check for the value of the \"AutomaticLoginEnable\" in the\n\"/etc/gdm/custom.conf\" file with the following command:\n\n    $ sudo grep -i automaticloginenable /etc/gdm/custom.conf\n\n    AutomaticLoginEnable=false\n\n    If the value of \"AutomaticLoginEnable\" is not set to \"false\", this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to not allow an unattended or automatic\nlogon to the system via a graphical user interface.\n\n    Add or edit the line for the \"AutomaticLoginEnable\" parameter in the\n[daemon] section of the \"/etc/gdm/custom.conf\" file to \"false\":\n\n    [daemon]\n    AutomaticLoginEnable=false'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00229'\n  tag gid: 'V-230329'\n  tag rid: 'SV-230329r877377_rule'\n  tag stig_id: 'RHEL-08-010820'\n  tag fix_id: 'F-32973r567734_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  custom_conf = '/etc/gdm/custom.conf'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    if (f = file(custom_conf)).exist?\n      describe parse_config_file(custom_conf) do\n        its('daemon.AutomaticLoginEnable') { cmp false }\n      end\n    else\n      describe f do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GDM installed' do\n      skip 'The system does not have GDM installed, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230329.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have GDM installed",
+              "run_time": 1.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "",
+              "skip_message": "The system does not have GDM installed, this requirement is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have GDM installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230330",
+          "title": "RHEL 8 must not allow users to override SSH environment variables.",
+          "desc": "SSH environment options potentially allow users to bypass access\nrestriction in some configurations.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH environment options potentially allow users to bypass access\nrestriction in some configurations."
+            },
+            {
+              "label": "check",
+              "data": "Verify that unattended or automatic logon via ssh is disabled with the following command:\n\n$ sudo grep -ir PermitUserEnvironment /etc/ssh/sshd_config*\n\nPermitUserEnvironment no\n\nIf \"PermitUserEnvironment\" is set to \"yes\", is missing completely, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to allow the SSH daemon to not allow unattended or\nautomatic logon to the system.\n\n    Add or edit the following line in the \"/etc/ssh/sshd_config\" file:\n\n    PermitUserEnvironment no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00229",
+            "gid": "V-230330",
+            "rid": "SV-230330r877377_rule",
+            "stig_id": "RHEL-08-010830",
+            "fix_id": "F-32974r567737_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230330' do\n  title 'RHEL 8 must not allow users to override SSH environment variables.'\n  desc 'SSH environment options potentially allow users to bypass access\nrestriction in some configurations.'\n  desc 'check', 'Verify that unattended or automatic logon via ssh is disabled with the following command:\n\n$ sudo grep -ir PermitUserEnvironment /etc/ssh/sshd_config*\n\nPermitUserEnvironment no\n\nIf \"PermitUserEnvironment\" is set to \"yes\", is missing completely, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allow the SSH daemon to not allow unattended or\nautomatic logon to the system.\n\n    Add or edit the following line in the \"/etc/ssh/sshd_config\" file:\n\n    PermitUserEnvironment no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00229'\n  tag gid: 'V-230330'\n  tag rid: 'SV-230330r877377_rule'\n  tag stig_id: 'RHEL-08-010830'\n  tag fix_id: 'F-32974r567737_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('PermitUserEnvironment') { should eq 'no' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230330.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration PermitUserEnvironment is expected to eq \"no\"",
+              "run_time": 0.000372,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230331",
+          "title": "RHEL 8 temporary user accounts must be provisioned with an expiration\ntime of 72 hours or less.",
+          "desc": "If temporary user accounts remain active when no longer needed or for\nan excessive period, these accounts may be used to gain unauthorized access. To\nmitigate this risk, automated termination of all temporary accounts must be set\nupon account creation.\n\n    Temporary accounts are established as part of normal account activation\nprocedures when there is a need for short-term accounts without the demand for\nimmediacy in account activation.\n\n    If temporary accounts are used, RHEL 8 must be configured to automatically\nterminate these types of accounts after a DoD-defined time period of 72 hours.\n\n    To address access requirements, many RHEL 8 operating systems may be\nintegrated with enterprise-level authentication/access mechanisms that meet or\nexceed access control policy requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If temporary user accounts remain active when no longer needed or for\nan excessive period, these accounts may be used to gain unauthorized access. To\nmitigate this risk, automated termination of all temporary accounts must be set\nupon account creation.\n\n    Temporary accounts are established as part of normal account activation\nprocedures when there is a need for short-term accounts without the demand for\nimmediacy in account activation.\n\n    If temporary accounts are used, RHEL 8 must be configured to automatically\nterminate these types of accounts after a DoD-defined time period of 72 hours.\n\n    To address access requirements, many RHEL 8 operating systems may be\nintegrated with enterprise-level authentication/access mechanisms that meet or\nexceed access control policy requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify that temporary accounts have been provisioned with an expiration\ndate of 72 hours.\n\n    For every existing temporary account, run the following command to obtain\nits account expiration information.\n\n    $ sudo chage -l system_account_name\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire\nwithin 72 hours, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "If a temporary account must be created configure the system to terminate\nthe account after a 72 hour time period with the following command to set an\nexpiration date on it. Substitute \"system_account_name\" with the account to\nbe created.\n\n    $ sudo chage -E `date -d \"+3 days\" +%Y-%m-%d` system_account_name"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000002-GPOS-00002",
+            "gid": "V-230331",
+            "rid": "SV-230331r627750_rule",
+            "stig_id": "RHEL-08-020000",
+            "fix_id": "F-32975r567740_fix",
+            "cci": [
+              "CCI-000016"
+            ],
+            "nist": [
+              "AC-2 (2)"
+            ]
+          },
+          "code": "control 'SV-230331' do\n  title 'RHEL 8 temporary user accounts must be provisioned with an expiration\ntime of 72 hours or less.'\n  desc 'If temporary user accounts remain active when no longer needed or for\nan excessive period, these accounts may be used to gain unauthorized access. To\nmitigate this risk, automated termination of all temporary accounts must be set\nupon account creation.\n\n    Temporary accounts are established as part of normal account activation\nprocedures when there is a need for short-term accounts without the demand for\nimmediacy in account activation.\n\n    If temporary accounts are used, RHEL 8 must be configured to automatically\nterminate these types of accounts after a DoD-defined time period of 72 hours.\n\n    To address access requirements, many RHEL 8 operating systems may be\nintegrated with enterprise-level authentication/access mechanisms that meet or\nexceed access control policy requirements.'\n  desc 'check', 'Verify that temporary accounts have been provisioned with an expiration\ndate of 72 hours.\n\n    For every existing temporary account, run the following command to obtain\nits account expiration information.\n\n    $ sudo chage -l system_account_name\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire\nwithin 72 hours, this is a finding.'\n  desc 'fix', 'If a temporary account must be created configure the system to terminate\nthe account after a 72 hour time period with the following command to set an\nexpiration date on it. Substitute \"system_account_name\" with the account to\nbe created.\n\n    $ sudo chage -E `date -d \"+3 days\" +%Y-%m-%d` system_account_name'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000002-GPOS-00002'\n  tag gid: 'V-230331'\n  tag rid: 'SV-230331r627750_rule'\n  tag stig_id: 'RHEL-08-020000'\n  tag fix_id: 'F-32975r567740_fix'\n  tag cci: ['CCI-000016']\n  tag nist: ['AC-2 (2)']\n\n  if input('temporary_accounts').empty?\n    describe 'Temporary accounts' do\n      subject { input('temporary_accounts') }\n      it { should be_empty }\n    end\n  else\n    input('temporary_accounts').each do |acct|\n      describe user(acct.to_s) do\n        its('maxdays') { should cmp <= 3 }\n        its('maxdays') { should cmp.positive? }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230331.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Temporary accounts is expected to be empty",
+              "run_time": 0.002632,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Temporary accounts"
+            }
+          ]
+        },
+        {
+          "id": "SV-230332",
+          "title": "RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Check that the system locks an account after three unsuccessful logon\nattempts with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230332",
+            "rid": "SV-230332r627750_rule",
+            "stig_id": "RHEL-08-020010",
+            "fix_id": "F-32976r567743_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230332' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system locks an account after three unsuccessful logon\nattempts with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\") on the\n\"preauth\" line with the \"pam_faillock.so\" module, or is missing from this\nline, this is a finding.\n\n    If any line referencing the \"pam_faillock.so\" module is commented out,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230332'\n  tag rid: 'SV-230332r627750_rule'\n  tag stig_id: 'RHEL-08-020010'\n  tag fix_id: 'F-32976r567743_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  unsuccessful_attempts = input('unsuccessful_attempts')\n  pam_auth_files = input('pam_auth_files')\n\n  only_if('This system uses Centralized Account Management to manage this requirement', impact: 0.0) {\n    !input('central_account_management')\n  }\n\n  if os.release.to_f >= 8.2\n    impact 0.0\n    describe 'This requirement only applies to RHEL 8 version(s) 8.0 and 8.1' do\n      skip \"Currently on release #{os.release}, this control is Not Applicable.\"\n    end\n  else\n    [\n      pam_auth_files['password-auth'],\n      pam_auth_files['system-auth']\n    ].each do |path|\n      describe pam(path) do\n        its('lines') {\n          should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('deny',\n                                                                                                            '<=', unsuccessful_attempts)\n        }\n        its('lines') {\n          should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('deny',\n                                                                                                            '>=', 0)\n        }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230332.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This requirement only applies to RHEL 8 version(s) 8.0 and 8.1",
+              "run_time": 2.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "",
+              "skip_message": "Currently on release 8.9, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This requirement only applies to RHEL 8 version(s) 8.0 and 8.1"
+            }
+          ]
+        },
+        {
+          "id": "SV-230333",
+          "title": "RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts:\n\n    $ sudo grep 'deny =' /etc/security/faillock.conf\n\n    deny = 3\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\"), is\nmissing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    deny = 3"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230333",
+            "rid": "SV-230333r743966_rule",
+            "stig_id": "RHEL-08-020011",
+            "fix_id": "F-32977r743965_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230333' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts:\n\n    $ sudo grep 'deny =' /etc/security/faillock.conf\n\n    deny = 3\n\n    If the \"deny\" option is not set to \"3\" or less (but not \"0\"), is\nmissing or commented out, this is a finding.)\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    deny = 3'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230333'\n  tag rid: 'SV-230333r743966_rule'\n  tag stig_id: 'RHEL-08-020011'\n  tag fix_id: 'F-32977r743965_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  # NOTE: This check applies to RHEL versions 8.2 or newer,\n  # if the system is RHEL version 8.0 or 8.1,\n  # this check is not applicable.\n\n  if os.release.to_f < 8.2\n    impact 0.0\n    describe 'This requirement only applies to RHEL 8 Systems 8.2 and newer' do\n      skip \"Currently on release #{os.release}, this control is Not Applicable.\"\n    end\n  else\n    describe parse_config_file('/etc/security/faillock.conf') do\n      its('deny') { should cmp <= input('unsuccessful_attempts') }\n      its('deny') { should_not cmp 0 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230333.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf deny is expected to cmp <= 3",
+              "run_time": 0.000138,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected it to be <= 3\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf deny is expected not to cmp == 0",
+              "run_time": 6.7e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230334",
+          "title": "RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230334",
+            "rid": "SV-230334r627750_rule",
+            "stig_id": "RHEL-08-020012",
+            "fix_id": "F-32978r567749_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230334' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"fail_interval\" option is not set to \"900\" or less (but not\n\"0\") on the \"preauth\" lines with the \"pam_faillock.so\" module, or is\nmissing from this line, this is a finding.'\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230334'\n  tag rid: 'SV-230334r627750_rule'\n  tag stig_id: 'RHEL-08-020012'\n  tag fix_id: 'F-32978r567749_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL version 8.2 and later. If the system is\n  not RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('fail_interval',\n                                                                                                        '<=', input('fail_interval'))\n    }\n  end\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_integer_arg('fail_interval',\n                                                                                                        '<=', input('fail_interval'))\n    }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230334.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so preauth, all with integer arg fail_interval <= 900",
+              "run_time": 0.000283,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so preauth, all with integer arg fail_interval <= 900",
+              "run_time": 0.000403,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230335",
+          "title": "RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts within 15 minutes:\n\n    $ sudo grep 'fail_interval =' /etc/security/faillock.conf\n\n    fail_interval = 900\n\n    If the \"fail_interval\" option is not set to \"900\" or more, is missing\nor commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    fail_interval = 900"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230335",
+            "rid": "SV-230335r743969_rule",
+            "stig_id": "RHEL-08-020013",
+            "fix_id": "F-32979r743968_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230335' do\n  title 'RHEL 8 must automatically lock an account when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount after three unsuccessful logon attempts within 15 minutes:\n\n    $ sudo grep 'fail_interval =' /etc/security/faillock.conf\n\n    fail_interval = 900\n\n    If the \"fail_interval\" option is not set to \"900\" or more, is missing\nor commented out, this is a finding.)\n  desc 'fix', 'Configure the operating system to lock an account when three unsuccessful\nlogon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    fail_interval = 900'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230335'\n  tag rid: 'SV-230335r743969_rule'\n  tag stig_id: 'RHEL-08-020013'\n  tag fix_id: 'F-32979r743968_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file(input('security_faillock_conf')) do\n    its('fail_interval') { should cmp >= input('fail_interval') }\n    its('fail_interval') { should_not cmp 0 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230335.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf fail_interval is expected to cmp >= 900",
+              "run_time": 8.6e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected it to be >= 900\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf fail_interval is expected not to cmp == 0",
+              "run_time": 6.9e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230336",
+          "title": "RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes until released by an administrator with\nthe following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230336",
+            "rid": "SV-230336r627750_rule",
+            "stig_id": "RHEL-08-020014",
+            "fix_id": "F-32980r567755_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230336' do\n  title 'RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system locks an account after three unsuccessful logon\nattempts within a period of 15 minutes until released by an administrator with\nthe following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"unlock_time\" option is not set to \"0\" on the \"preauth\" and\n\"authfail\" lines with the \"pam_faillock.so\" module, or is missing from\nthese lines, this is a finding.'\n  desc 'fix', 'Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230336'\n  tag rid: 'SV-230336r627750_rule'\n  tag stig_id: 'RHEL-08-020014'\n  tag fix_id: 'F-32980r567755_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL version 8.2 and later. If the system is\n  not RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') do\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n        (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '<=',\n                                                                                            604_800).and \\\n                                                                                              match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '>=',\n                                                                                                                                                                                 input('lockout_time')))\n    end\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') do\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n        (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '<=',\n                                                                                            604_800).and \\\n                                                                                              match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '>=',\n                                                                                                                                                                                 input('lockout_time')))\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230336.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time <= 604800 and include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time >= 604800",
+              "run_time": 0.000245,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time <= 604800 and include auth [default=die]|required pam_faillock.so, all with integer arg unlock_time >= 604800",
+              "run_time": 0.000216,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230337",
+          "title": "RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount until released by an administrator after three unsuccessful logon\nattempts:\n\n    $ sudo grep 'unlock_time =' /etc/security/faillock.conf\n\n    unlock_time = 0\n\n    If the \"unlock_time\" option is not set to \"0\", is missing or commented\nout, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    unlock_time = 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230337",
+            "rid": "SV-230337r743972_rule",
+            "stig_id": "RHEL-08-020015",
+            "fix_id": "F-32981r743971_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230337' do\n  title 'RHEL 8 must automatically lock an account until the locked account is\nreleased by an administrator when three unsuccessful logon attempts occur\nduring a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to lock an\naccount until released by an administrator after three unsuccessful logon\nattempts:\n\n    $ sudo grep 'unlock_time =' /etc/security/faillock.conf\n\n    unlock_time = 0\n\n    If the \"unlock_time\" option is not set to \"0\", is missing or commented\nout, this is a finding.)\n  desc 'fix', 'Configure the operating system to lock an account until released by an\nadministrator when three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    unlock_time = 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230337'\n  tag rid: 'SV-230337r743972_rule'\n  tag stig_id: 'RHEL-08-020015'\n  tag fix_id: 'F-32981r743971_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe.one do\n    describe parse_config_file('/etc/security/faillock.conf') do\n      its('unlock_time') { should cmp 0 }\n    end\n    describe parse_config_file('/etc/security/faillock.conf') do\n      its('unlock_time') { should cmp >= input('lockout_time') }\n      its('unlock_time') { should cmp <= 604_800 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230337.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf unlock_time is expected to cmp == 0",
+              "run_time": 9.9e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf unlock_time is expected to cmp >= #<Inspec::Input::NO_VALUE_SET:0x00000001170dd708 @name=\"lockout_time\">",
+              "run_time": 7.1e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected it to be >= #<Inspec::Input::NO_VALUE_SET:0x00000001170dd708 @name=\"lockout_time\">\n     got: \n\n(compared using `cmp` matcher)\n\n\n\nexpected it to be >= 604800\n     got: \n\n(compared using `cmp` matcher)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf unlock_time is expected to cmp <= 604800",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected it to be <= 604800\n     got: \n\n(compared using `cmp` matcher)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230338",
+          "title": "RHEL 8 must ensure account lockouts persist.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Check that the faillock directory contents persists after a reboot with the\nfollowing commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    Note: Using the default faillock directory of /var/run/faillock will result\nin the contents being cleared in the event of a reboot.\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230338",
+            "rid": "SV-230338r627750_rule",
+            "stig_id": "RHEL-08-020016",
+            "fix_id": "F-32982r567761_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230338' do\n  title 'RHEL 8 must ensure account lockouts persist.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the faillock directory contents persists after a reboot with the\nfollowing commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory on the \"preauth\" and \"authfail\" lines with the\n\"pam_faillock.so\" module, or is missing from these lines, this is a finding.'\n  desc 'fix', 'Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    Note: Using the default faillock directory of /var/run/faillock will result\nin the contents being cleared in the event of a reboot.\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230338'\n  tag rid: 'SV-230338r627750_rule'\n  tag stig_id: 'RHEL-08-020016'\n  tag fix_id: 'F-32982r567761_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args(\"dir=#{input('log_directory')}\")\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args(\"dir=#{input('log_directory')}\")\n    }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230338.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 3.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-230339",
+          "title": "RHEL 8 must ensure account lockouts persist.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer. If the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured use a\nnon-default faillock directory to ensure contents persist after reboot:\n\n    $ sudo grep 'dir =' /etc/security/faillock.conf\n\n    dir = /var/log/faillock\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory, is missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    dir = /var/log/faillock"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230339",
+            "rid": "SV-230339r743975_rule",
+            "stig_id": "RHEL-08-020017",
+            "fix_id": "F-32983r743974_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230339' do\n  title 'RHEL 8 must ensure account lockouts persist.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', %q(Note: This check applies to RHEL versions 8.2 or newer. If the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured use a\nnon-default faillock directory to ensure contents persist after reboot:\n\n    $ sudo grep 'dir =' /etc/security/faillock.conf\n\n    dir = /var/log/faillock\n\n    If the \"dir\" option is not set to a non-default documented tally log\ndirectory, is missing or commented out, this is a finding.)\n  desc 'fix', 'Configure the operating system maintain the contents of the faillock\ndirectory after a reboot.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    dir = /var/log/faillock'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230339'\n  tag rid: 'SV-230339r743975_rule'\n  tag stig_id: 'RHEL-08-020017'\n  tag fix_id: 'F-32983r743974_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer. If the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('dir') { should cmp input('log_directory') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230339.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf dir is expected to cmp == \"/var/log/faillock\"",
+              "run_time": 7.3e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected: /var/log/faillock\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230340",
+          "title": "RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Check that the system prevents informative messages from being presented to\nthe user pertaining to logon information with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230340",
+            "rid": "SV-230340r627750_rule",
+            "stig_id": "RHEL-08-020018",
+            "fix_id": "F-32984r567767_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230340' do\n  title 'RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Check that the system prevents informative messages from being presented to\nthe user pertaining to logon information with the following commands:\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    Note: This check applies to RHEL versions 8.0 and 8.1, if the system is\nRHEL version 8.2 or newer, this check is not applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"silent\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.'\n  desc 'fix', 'Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230340'\n  tag rid: 'SV-230340r627750_rule'\n  tag stig_id: 'RHEL-08-020018'\n  tag fix_id: 'F-32984r567767_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('silent')\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('silent')\n    }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230340.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 2.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: This check applies to RHEL versions 8.0 and 8.1, if the system is\n    RHEL version 8.2 or newer, this check is not applicable.",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-230341",
+          "title": "RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to prevent\ninformative messages from being presented at logon attempts:\n\n    $ sudo grep silent /etc/security/faillock.conf\n\n    silent\n\n    If the \"silent\" option is not set, is missing or commented out, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    silent"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230341",
+            "rid": "SV-230341r743978_rule",
+            "stig_id": "RHEL-08-020019",
+            "fix_id": "F-32985r743977_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230341' do\n  title 'RHEL 8 must prevent system messages from being presented when three\nunsuccessful logon attempts occur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to prevent\ninformative messages from being presented at logon attempts:\n\n    $ sudo grep silent /etc/security/faillock.conf\n\n    silent\n\n    If the \"silent\" option is not set, is missing or commented out, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent informative messages from being\npresented at logon attempts.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    silent'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230341'\n  tag rid: 'SV-230341r743978_rule'\n  tag stig_id: 'RHEL-08-020019'\n  tag fix_id: 'F-32985r743977_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('silent') { should_not be nil }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230341.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf silent is expected not to equal nil",
+              "run_time": 9.1e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230342",
+          "title": "RHEL 8 must log user name information when unsuccessful logon attempts\noccur.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout."
+            },
+            {
+              "label": "check",
+              "data": "Check that the system logs user name information when unsuccessful logon\nattempts occur with the following commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230342",
+            "rid": "SV-230342r646872_rule",
+            "stig_id": "RHEL-08-020020",
+            "fix_id": "F-32986r567773_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230342' do\n  title 'RHEL 8 must log user name information when unsuccessful logon attempts\noccur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.'\n  desc 'check', 'Check that the system logs user name information when unsuccessful logon\nattempts occur with the following commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"audit\" option is missing from the \"preauth\" line with the\n\"pam_faillock.so\" module, this is a finding.'\n  desc 'fix', 'Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230342'\n  tag rid: 'SV-230342r646872_rule'\n  tag stig_id: 'RHEL-08-020020'\n  tag fix_id: 'F-32986r567773_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('If the system is RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('audit')\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('audit')\n    }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230342.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 2.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: If the system is RHEL version 8.2 or newer, this check is not applicable.",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-230343",
+          "title": "RHEL 8 must log user name information when unsuccessful logon attempts\noccur.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep audit /etc/security/faillock.conf\n\n    audit\n\n    If the \"audit\" option is not set, is missing or commented out, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    audit"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230343",
+            "rid": "SV-230343r743981_rule",
+            "stig_id": "RHEL-08-020021",
+            "fix_id": "F-32987r743980_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230343' do\n  title 'RHEL 8 must log user name information when unsuccessful logon attempts\noccur.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep audit /etc/security/faillock.conf\n\n    audit\n\n    If the \"audit\" option is not set, is missing or commented out, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to log user name information when\nunsuccessful logon attempts occur.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    audit'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230343'\n  tag rid: 'SV-230343r743981_rule'\n  tag stig_id: 'RHEL-08-020021'\n  tag fix_id: 'F-32987r743980_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('audit') { should_not be nil }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230343.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf audit is expected not to equal nil",
+              "run_time": 5.3e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230344",
+          "title": "RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout."
+            },
+            {
+              "label": "check",
+              "data": "Check that the system includes the root account when locking an account\nafter three unsuccessful logon attempts within a period of 15 minutes with the\nfollowing commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230344",
+            "rid": "SV-230344r646874_rule",
+            "stig_id": "RHEL-08-020022",
+            "fix_id": "F-32988r567779_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230344' do\n  title 'RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    RHEL 8 can utilize the \"pam_faillock.so\" for this purpose. Note that\nmanual changes to the listed files may be overwritten by the \"authselect\"\nprogram.\n\n    From \"Pam_Faillock\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.'\n  desc 'check', 'Check that the system includes the root account when locking an account\nafter three unsuccessful logon attempts within a period of 15 minutes with the\nfollowing commands:\n\n    If the system is RHEL version 8.2 or newer, this check is not applicable.\n\n    Note: If the System Administrator demonstrates the use of an approved\ncentralized account management method that locks an account after three\nunsuccessful logon attempts within a period of 15 minutes, this requirement is\nnot applicable.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding.\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    If the \"even_deny_root\" option is missing from the \"preauth\" line with\nthe \"pam_faillock.so\" module, this is a finding.'\n  desc 'fix', 'Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/password-auth\" files to match the following lines:\n\n    auth required pam_faillock.so preauth dir=/var/log/faillock silent audit\ndeny=3 even_deny_root fail_interval=900 unlock_time=0\n    auth required pam_faillock.so authfail dir=/var/log/faillock unlock_time=0\n    account required pam_faillock.so\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230344'\n  tag rid: 'SV-230344r646874_rule'\n  tag stig_id: 'RHEL-08-020022'\n  tag fix_id: 'F-32988r567779_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('If the system is RHEL version 8.2 or newer, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) < 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('even_deny_root')\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so preauth').all_with_args('even_deny_root')\n    }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230344.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 2.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: If the system is RHEL version 8.2 or newer, this check is not applicable.",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-230345",
+          "title": "RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep even_deny_root /etc/security/faillock.conf\n\n    even_deny_root\n\n    If the \"even_deny_root\" option is not set, is missing or commented out,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    even_deny_root"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-230345",
+            "rid": "SV-230345r743984_rule",
+            "stig_id": "RHEL-08-020023",
+            "fix_id": "F-32989r743983_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'SV-230345' do\n  title 'RHEL 8 must include root when automatically locking an account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts occur during a 15-minute time period.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the \"/etc/security/faillock.conf\" file is configured to log user\nname information when unsuccessful logon attempts occur:\n\n    $ sudo grep even_deny_root /etc/security/faillock.conf\n\n    even_deny_root\n\n    If the \"even_deny_root\" option is not set, is missing or commented out,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to include root when locking an account\nafter three unsuccessful logon attempts occur in 15 minutes.\n\n    Add/Modify the \"/etc/security/faillock.conf\" file to match the following\nline:\n\n    even_deny_root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-230345'\n  tag rid: 'SV-230345r743984_rule'\n  tag stig_id: 'RHEL-08-020023'\n  tag fix_id: 'F-32989r743983_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('even_deny_root') { should_not be nil }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230345.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf even_deny_root is expected not to equal nil",
+              "run_time": 4.8e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "message": "\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230346",
+          "title": "RHEL 8 must limit the number of concurrent sessions to ten for all\naccounts and/or account types.",
+          "desc": "Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system limits the number of concurrent sessions to\n\"10\" for all accounts and/or account types by issuing the following command:\n\n    $ sudo grep -r -s '^[^#].*maxlogins' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard maxlogins 10\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"maxlogins\" item is missing, commented out, or the value is set\ngreater than \"10\" and is not documented with the Information System Security\nOfficer (ISSO) as an operational requirement for all domains that have the\n\"maxlogins\" item assigned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to limit the number of concurrent sessions\nto \"10\" for all accounts and/or account types.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard maxlogins 10"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000027-GPOS-00008",
+            "gid": "V-230346",
+            "rid": "SV-230346r877399_rule",
+            "stig_id": "RHEL-08-020024",
+            "fix_id": "F-32990r619863_fix",
+            "cci": [
+              "CCI-000054"
+            ],
+            "nist": [
+              "AC-10"
+            ]
+          },
+          "code": "control 'SV-230346' do\n  title 'RHEL 8 must limit the number of concurrent sessions to ten for all\naccounts and/or account types.'\n  desc 'Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system.'\n  desc 'check', %q(Verify the operating system limits the number of concurrent sessions to\n\"10\" for all accounts and/or account types by issuing the following command:\n\n    $ sudo grep -r -s '^[^#].*maxlogins' /etc/security/limits.conf\n/etc/security/limits.d/*.conf\n\n    * hard maxlogins 10\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \"maxlogins\" item is missing, commented out, or the value is set\ngreater than \"10\" and is not documented with the Information System Security\nOfficer (ISSO) as an operational requirement for all domains that have the\n\"maxlogins\" item assigned, this is a finding.)\n  desc 'fix', 'Configure the operating system to limit the number of concurrent sessions\nto \"10\" for all accounts and/or account types.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\".conf\" file defined in /etc/security/limits.d/:\n\n    * hard maxlogins 10'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000027-GPOS-00008'\n  tag gid: 'V-230346'\n  tag rid: 'SV-230346r877399_rule'\n  tag stig_id: 'RHEL-08-020024'\n  tag fix_id: 'F-32990r619863_fix'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  # Collect any files under limits.d if they exist\n  limits_files = directory('/etc/security/limits.d').exist? ? command('ls /etc/security/limits.d/*.conf').stdout.strip.lines : []\n  # Add limits.conf to the list\n  limits_files.push('/etc/security/limits.conf')\n  compliant_files = []\n  noncompliant_files = []\n\n  limits_files.each do |limits_file|\n    # Get any universal limits from each file\n    local_limits = limits_conf(limits_file).*\n    # If we got an array (results) check further\n    next unless local_limits.is_a?(Array)\n\n    local_limits.each do |temp_limit|\n      # For each result check if it is a 'hard' limit for 'maxlogins'\n      if temp_limit.include?('hard') && temp_limit.include?('maxlogins')\n        # If the limit is in range, push to compliant files\n        if temp_limit[-1].to_i <= input('maxlogins_limit')\n          compliant_files.push(limits_file)\n          # Otherwise add to noncompliant files\n        else\n          noncompliant_files.push(limits_file)\n        end\n      end\n    end\n  end\n\n  # It is required that at least 1 file contain compliant configuration\n  describe \"Files configuring maxlogins less than or equal to #{input('maxlogins_limit')}\" do\n    subject { compliant_files.length }\n    it { should be_positive }\n  end\n\n  # No files should set 'hard' 'maxlogins' to any noncompliant value\n  describe \"Files configuring maxlogins greater than #{input('maxlogins_limit')}\" do\n    subject { noncompliant_files }\n    it { should cmp [] }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230346.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Files configuring maxlogins less than or equal to 10 is expected to be positive",
+              "run_time": 0.002353,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Files configuring maxlogins less than or equal to 10"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Files configuring maxlogins greater than 10 is expected to cmp == []",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Files configuring maxlogins greater than 10"
+            }
+          ]
+        },
+        {
+          "id": "SV-230347",
+          "title": "RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ngraphical user sessions.",
+          "desc": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system enables a user's session lock until that user\nre-establishes access using established identification and authentication\nprocedures with the following command:\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-enabled\n\n    true\n\n    If the setting is \"false\", this is a finding.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable a user's session lock until that\nuser re-establishes access using established identification and authentication\nprocedures.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following example:\n\n    $ sudo vi /etc/dconf/db/local.d/00-screensaver\n\n    Edit the \"[org/gnome/desktop/screensaver]\" section of the database file\nand add or update the following lines:\n\n    # Set this to true to lock the screen when the screensaver activates\n    lock-enabled=true\n\n    Update the system databases:\n\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000028-GPOS-00009",
+            "satisfies": [
+              "SRG-OS-000028-GPOS-00009",
+              "SRG-OS-000030-GPOS-00011"
+            ],
+            "gid": "V-230347",
+            "rid": "SV-230347r627750_rule",
+            "stig_id": "RHEL-08-020030",
+            "fix_id": "F-32991r567788_fix",
+            "cci": [
+              "CCI-000056"
+            ],
+            "nist": [
+              "AC-11 b"
+            ]
+          },
+          "code": "control 'SV-230347' do\n  title 'RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ngraphical user sessions.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system.'\n  desc 'check', %q(Verify the operating system enables a user's session lock until that user\nre-establishes access using established identification and authentication\nprocedures with the following command:\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-enabled\n\n    true\n\n    If the setting is \"false\", this is a finding.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.)\n  desc 'fix', %q(Configure the operating system to enable a user's session lock until that\nuser re-establishes access using established identification and authentication\nprocedures.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following example:\n\n    $ sudo vi /etc/dconf/db/local.d/00-screensaver\n\n    Edit the \"[org/gnome/desktop/screensaver]\" section of the database file\nand add or update the following lines:\n\n    # Set this to true to lock the screen when the screensaver activates\n    lock-enabled=true\n\n    Update the system databases:\n\n    $ sudo dconf update)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230347'\n  tag rid: 'SV-230347r627750_rule'\n  tag stig_id: 'RHEL-08-020030'\n  tag fix_id: 'F-32991r567788_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command('gsettings get org.gnome.desktop.screensaver lock-enabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230347.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have GNOME installed",
+              "run_time": 3.0e-06,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource": "",
+              "skip_message": "The system does not have GNOME installed, this requirement is Not\n        Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have GNOME installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230348",
+          "title": "RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ncommand line sessions.",
+          "desc": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system enables the user to manually initiate a session lock with the following command:\n\n     $ sudo grep -Ei 'lock-command|lock-session' /etc/tmux.conf\n\n     set -g lock-command vlock\n     bind X lock-session\n\nIf the \"lock-command\" is not set and \"lock-session\" is not bound to a specific keyboard key in the global settings, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable a user to manually initiate a session lock via tmux. This configuration binds the uppercase letter \"X\" to manually initiate a session lock after the prefix key \"Ctrl + b\" has been sent. The complete key sequence is thus \"Ctrl + b\" then \"Shift + x\" to lock tmux.\n\nCreate a global configuration file \"/etc/tmux.conf\" and add the following lines:\n\n     set -g lock-command vlock\n     bind X lock-session\n\nReload tmux configuration to take effect. This can be performed in tmux while it is running:\n\n     $ tmux source-file /etc/tmux.conf"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000028-GPOS-00009",
+            "satisfies": [
+              "SRG-OS-000028-GPOS-00009",
+              "SRG-OS-000030-GPOS-00011"
+            ],
+            "gid": "V-230348",
+            "rid": "SV-230348r902725_rule",
+            "stig_id": "RHEL-08-020040",
+            "fix_id": "F-32992r880719_fix",
+            "cci": [
+              "CCI-000056"
+            ],
+            "nist": [
+              "AC-11 b"
+            ]
+          },
+          "code": "control 'SV-230348' do\n  title 'RHEL 8 must enable a user session lock until that user re-establishes\naccess using established identification and authentication procedures for\ncommand line sessions.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.'\n  desc 'check', %q(Verify the operating system enables the user to manually initiate a session lock with the following command:\n\n     $ sudo grep -Ei 'lock-command|lock-session' /etc/tmux.conf\n\n     set -g lock-command vlock\n     bind X lock-session\n\nIf the \"lock-command\" is not set and \"lock-session\" is not bound to a specific keyboard key in the global settings, this is a finding.)\n  desc 'fix', 'Configure the operating system to enable a user to manually initiate a session lock via tmux. This configuration binds the uppercase letter \"X\" to manually initiate a session lock after the prefix key \"Ctrl + b\" has been sent. The complete key sequence is thus \"Ctrl + b\" then \"Shift + x\" to lock tmux.\n\nCreate a global configuration file \"/etc/tmux.conf\" and add the following lines:\n\n     set -g lock-command vlock\n     bind X lock-session\n\nReload tmux configuration to take effect. This can be performed in tmux while it is running:\n\n     $ tmux source-file /etc/tmux.conf'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230348'\n  tag rid: 'SV-230348r902725_rule'\n  tag stig_id: 'RHEL-08-020040'\n  tag fix_id: 'F-32992r880719_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i lock-command /etc/tmux.conf') do\n      its('stdout.strip') { should cmp 'set -g lock-command vlock' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230348.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep -i lock-command /etc/tmux.conf` stdout.strip is expected to cmp == \"set -g lock-command vlock\"",
+              "run_time": 0.233508,
+              "start_time": "2024-01-09T19:40:49-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep -i lock-command /etc/tmux.conf\"]",
+              "resource_id": "Command: `grep -i lock-command /etc/tmux.conf`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230349",
+          "title": "RHEL 8 must ensure session control is automatically started at shell\ninitialization.",
+          "desc": "Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system shell initialization file is configured to start each shell with the tmux terminal multiplexer with the following commands:\n\nDetermine if tmux is currently running:\n     $ sudo ps all | grep tmux | grep -v grep\n\nIf the command does not produce output, this is a finding.\n\nDetermine the location of the tmux script:\n     $ sudo grep -r tmux /etc/bashrc /etc/profile.d\n\n     /etc/profile.d/tmux.sh:  case \"$name\" in (sshd|login) tmux ;; esac\n\nReview the tmux script by using the following example:\n     $ sudo cat /etc/profile.d/tmux.sh\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nIf \"tmux\" is not configured as the example above, is commented out, or is missing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to initialize the tmux terminal multiplexer as each shell is called by adding the following lines to a custom.sh shell script in the /etc/profile.d/ directory:\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nThis setting will take effect at next logon."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000028-GPOS-00009",
+            "satisfies": [
+              "SRG-OS-000028-GPOS-00009",
+              "SRG-OS-000030-GPOS-00011"
+            ],
+            "gid": "V-230349",
+            "rid": "SV-230349r917920_rule",
+            "stig_id": "RHEL-08-020041",
+            "fix_id": "F-32993r880735_fix",
+            "cci": [
+              "CCI-000056"
+            ],
+            "nist": [
+              "AC-11 b"
+            ]
+          },
+          "code": "control 'SV-230349' do\n  title 'RHEL 8 must ensure session control is automatically started at shell\ninitialization.'\n  desc 'Tmux is a terminal multiplexer that enables a number of terminals to be created, accessed, and controlled from a single screen. Red Hat endorses tmux as the recommended session controlling package.'\n  desc 'check', 'Verify the operating system shell initialization file is configured to start each shell with the tmux terminal multiplexer with the following commands:\n\nDetermine if tmux is currently running:\n     $ sudo ps all | grep tmux | grep -v grep\n\nIf the command does not produce output, this is a finding.\n\nDetermine the location of the tmux script:\n     $ sudo grep -r tmux /etc/bashrc /etc/profile.d\n\n     /etc/profile.d/tmux.sh:  case \"$name\" in (sshd|login) tmux ;; esac\n\nReview the tmux script by using the following example:\n     $ sudo cat /etc/profile.d/tmux.sh\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nIf \"tmux\" is not configured as the example above, is commented out, or is missing, this is a finding.'\n  desc 'fix', 'Configure the operating system to initialize the tmux terminal multiplexer as each shell is called by adding the following lines to a custom.sh shell script in the /etc/profile.d/ directory:\n\nif [ \"$PS1\" ]; then\nparent=$(ps -o ppid= -p $$)\nname=$(ps -o comm= -p $parent)\ncase \"$name\" in (sshd|login) tmux ;; esac\nfi\n\nThis setting will take effect at next logon.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230349'\n  tag rid: 'SV-230349r917920_rule'\n  tag stig_id: 'RHEL-08-020041'\n  tag fix_id: 'F-32993r880735_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i tmux /etc/bashrc') do\n      its('stdout.strip') { should cmp '[ -n \"$PS1\" -a -z \"$TMUX\" ] && exec tmux' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230349.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Command: `grep -i tmux /etc/bashrc` stdout.strip is expected to cmp == \"[ -n \\\"$PS1\\\" -a -z \\\"$TMUX\\\" ] && exec tmux\"",
+              "run_time": 0.125746,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "\nexpected: [ -n \"$PS1\" -a -z \"$TMUX\" ] && exec tmux\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "command",
+              "resource_params": "[\"grep -i tmux /etc/bashrc\"]",
+              "resource_id": "Command: `grep -i tmux /etc/bashrc`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230350",
+          "title": "RHEL 8 must prevent users from disabling session control mechanisms.",
+          "desc": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents users from disabling the tmux terminal\nmultiplexer with the following command:\n\n    $ sudo grep -i tmux /etc/shells\n\n    If any output is produced, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent users from disabling\nthe tmux terminal multiplexer by editing the \"/etc/shells\" configuration file\nto remove any instances of tmux."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000028-GPOS-00009",
+            "satisfies": [
+              "SRG-OS-000028-GPOS-00009",
+              "SRG-OS-000030-GPOS-00011"
+            ],
+            "gid": "V-230350",
+            "rid": "SV-230350r627750_rule",
+            "stig_id": "RHEL-08-020042",
+            "fix_id": "F-32994r567797_fix",
+            "cci": [
+              "CCI-000056"
+            ],
+            "nist": [
+              "AC-11 b"
+            ]
+          },
+          "code": "control 'SV-230350' do\n  title 'RHEL 8 must prevent users from disabling session control mechanisms.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.'\n  desc 'check', 'Verify the operating system prevents users from disabling the tmux terminal\nmultiplexer with the following command:\n\n    $ sudo grep -i tmux /etc/shells\n\n    If any output is produced, this is a finding.'\n  desc 'fix', 'Configure the operating system to prevent users from disabling\nthe tmux terminal multiplexer by editing the \"/etc/shells\" configuration file\nto remove any instances of tmux.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230350'\n  tag rid: 'SV-230350r627750_rule'\n  tag stig_id: 'RHEL-08-020042'\n  tag fix_id: 'F-32994r567797_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i tmux /etc/shells') do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230350.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Command: `grep -i tmux /etc/shells` stdout.strip is expected to be empty",
+              "run_time": 0.192982,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected `\"/usr/bin/tmux\\n/bin/tmux\".empty?` to be truthy, got false",
+              "resource_class": "command",
+              "resource_params": "[\"grep -i tmux /etc/shells\"]",
+              "resource_id": "Command: `grep -i tmux /etc/shells`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230351",
+          "title": "RHEL 8 must be able to initiate directly a session lock for all\n    connection types using smartcard when the smartcard is removed.",
+          "desc": "A session lock is a temporary action taken when a user stops work and\n    moves away from the immediate physical vicinity of the information system but\n    does not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\n    determined. Rather than be forced to wait for a period of time to expire before\n    the user session can be locked, RHEL 8 needs to provide users with the ability\n    to manually invoke a session lock so users can secure their session if it is\n    necessary to temporarily vacate the immediate physical vicinity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session lock is a temporary action taken when a user stops work and\n    moves away from the immediate physical vicinity of the information system but\n    does not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\n    determined. Rather than be forced to wait for a period of time to expire before\n    the user session can be locked, RHEL 8 needs to provide users with the ability\n    to manually invoke a session lock so users can secure their session if it is\n    necessary to temporarily vacate the immediate physical vicinity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system enables a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user interface,\n    Gnome Shell. If the system does not have any graphical user interface installed,\n    this requirement is Not Applicable.\n\n    $ sudo grep -R removal-action /etc/dconf/db/*\n\n    /etc/dconf/db/distro.d/20-authselect:removal-action='lock-screen'\n\n    If the \"removal-action='lock-screen'\" setting is missing or commented out from\n    the dconf database files, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures.\n\n    Select/Create an authselect profile and incorporate the\n    \"with-smartcard-lock-on-removal\" feature with the following example:\n\n    $sudo authselect select sssd with-smartcard with-smartcard-lock-on-removal\n\n    Alternatively, the dconf settings can be edited in the /etc/dconf/db/* location.\n\n    Edit or add the \"[org/gnome/settings-daemon/peripherals/smartcard]\" section of\n    the database file and add or update the following lines:\n\n    removal-action='lock-screen'\n\n    Update the system databases:\n\n    $sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000028-GPOS-00009",
+            "satisfies": [
+              "SRG-OS-000028-GPOS-00009",
+              "SRG-OS-000030-GPOS-00011"
+            ],
+            "gid": "V-230351",
+            "rid": "SV-230351r792899_rule",
+            "stig_id": "RHEL-08-020050",
+            "fix_id": "F-32995r792898_fix",
+            "cci": [
+              "CCI-000056"
+            ],
+            "nist": [
+              "AC-11 b"
+            ]
+          },
+          "code": "control 'SV-230351' do\n  title 'RHEL 8 must be able to initiate directly a session lock for all\n    connection types using smartcard when the smartcard is removed.'\n  desc 'A session lock is a temporary action taken when a user stops work and\n    moves away from the immediate physical vicinity of the information system but\n    does not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\n    determined. Rather than be forced to wait for a period of time to expire before\n    the user session can be locked, RHEL 8 needs to provide users with the ability\n    to manually invoke a session lock so users can secure their session if it is\n    necessary to temporarily vacate the immediate physical vicinity.'\n  desc 'check', %q(Verify the operating system enables a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user interface,\n    Gnome Shell. If the system does not have any graphical user interface installed,\n    this requirement is Not Applicable.\n\n    $ sudo grep -R removal-action /etc/dconf/db/*\n\n    /etc/dconf/db/distro.d/20-authselect:removal-action='lock-screen'\n\n    If the \"removal-action='lock-screen'\" setting is missing or commented out from\n    the dconf database files, this is a finding.)\n  desc 'fix', %q(Configure the operating system to enable a user's session lock\n    until that user re-establishes access using established identification and\n    authentication procedures.\n\n    Select/Create an authselect profile and incorporate the\n    \"with-smartcard-lock-on-removal\" feature with the following example:\n\n    $sudo authselect select sssd with-smartcard with-smartcard-lock-on-removal\n\n    Alternatively, the dconf settings can be edited in the /etc/dconf/db/* location.\n\n    Edit or add the \"[org/gnome/settings-daemon/peripherals/smartcard]\" section of\n    the database file and add or update the following lines:\n\n    removal-action='lock-screen'\n\n    Update the system databases:\n\n    $sudo dconf update)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-230351'\n  tag rid: 'SV-230351r792899_rule'\n  tag stig_id: 'RHEL-08-020050'\n  tag fix_id: 'F-32995r792898_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if !input('smart_card_enabled')\n    impact 0.0\n    describe \"The system is not smartcard enabled thus this control is Not\n    Applicable\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA\n      requirement, this control is Not Applicable.\"\n    end\n  elsif !package('gnome-desktop3').installed?\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  else\n    describe command('grep -R removal-action /etc/dconf/db/*') do\n      its('stdout.strip') { should match(/^[^#].*:\\s*removal-action\\s*=[\\s']*lock-screen[\\s']*$/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230351.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system is not smartcard enabled thus this control is Not\n    Applicable",
+              "run_time": 4.0e-06,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource": "",
+              "skip_message": "The system is not using Smartcards / PIVs to fulfil the MFA\n      requirement, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system is not smartcard enabled thus this control is Not\n    Applicable"
+            }
+          ]
+        },
+        {
+          "id": "SV-230352",
+          "title": "RHEL 8 must automatically lock graphical user sessions after 15\nminutes of inactivity.",
+          "desc": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system initiates a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces with the following commands:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.session idle-delay\n\n    uint32 900\n\n    If \"idle-delay\" is set to \"0\" or a value greater than \"900\", this is\na finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to initiate a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following\nlines:\n\n    [org/gnome/desktop/session]\n    # Set the lock time out to 900 seconds before the session is considered idle\n    idle-delay=uint32 900\n\n    Update the system databases:\n\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-GPOS-00010",
+            "satisfies": [
+              "SRG-OS-000029-GPOS-00010",
+              "SRG-OS-000031-GPOS-00012"
+            ],
+            "gid": "V-230352",
+            "rid": "SV-230352r646876_rule",
+            "stig_id": "RHEL-08-020060",
+            "fix_id": "F-32996r567803_fix",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ]
+          },
+          "code": "control 'SV-230352' do\n  title 'RHEL 8 must automatically lock graphical user sessions after 15\nminutes of inactivity.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.'\n  desc 'check', 'Verify the operating system initiates a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces with the following commands:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.session idle-delay\n\n    uint32 900\n\n    If \"idle-delay\" is set to \"0\" or a value greater than \"900\", this is\na finding.'\n  desc 'fix', 'Configure the operating system to initiate a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following\nlines:\n\n    [org/gnome/desktop/session]\n    # Set the lock time out to 900 seconds before the session is considered idle\n    idle-delay=uint32 900\n\n    Update the system databases:\n\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012']\n  tag gid: 'V-230352'\n  tag rid: 'SV-230352r646876_rule'\n  tag stig_id: 'RHEL-08-020060'\n  tag fix_id: 'F-32996r567803_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command(\"gsettings get org.gnome.desktop.session idle-delay | cut -d ' ' -f2\") do\n      its('stdout.strip') { should cmp <= 900 }\n      its('stdout.strip') { should cmp >= 0 }\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230352.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have GNOME installed",
+              "run_time": 2.0e-06,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource": "",
+              "skip_message": "The system does not have GNOME installed, this requirement is Not\n        Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have GNOME installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230353",
+          "title": "RHEL 8 must automatically lock command line user sessions after 15\nminutes of inactivity.",
+          "desc": "Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system initiates a session lock after 15 minutes of\ninactivity.\n\n    Check the value of the system inactivity timeout with the following command:\n\n    $ sudo grep -i lock-after-time /etc/tmux.conf\n\n    set -g lock-after-time 900\n\n    If \"lock-after-time\" is not set to \"900\" or less in the global tmux\nconfiguration file to enforce session lock after inactivity, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce session lock after a period of 15\nminutes of inactivity by adding the following line to the \"/etc/tmux.conf\"\nglobal configuration file:\n\n    set -g lock-after-time 900"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-GPOS-00010",
+            "satisfies": [
+              "SRG-OS-000029-GPOS-00010",
+              "SRG-OS-000031-GPOS-00012"
+            ],
+            "gid": "V-230353",
+            "rid": "SV-230353r627750_rule",
+            "stig_id": "RHEL-08-020070",
+            "fix_id": "F-32997r567806_fix",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ]
+          },
+          "code": "control 'SV-230353' do\n  title 'RHEL 8 must automatically lock command line user sessions after 15\nminutes of inactivity.'\n  desc 'Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.'\n  desc 'check', 'Verify the operating system initiates a session lock after 15 minutes of\ninactivity.\n\n    Check the value of the system inactivity timeout with the following command:\n\n    $ sudo grep -i lock-after-time /etc/tmux.conf\n\n    set -g lock-after-time 900\n\n    If \"lock-after-time\" is not set to \"900\" or less in the global tmux\nconfiguration file to enforce session lock after inactivity, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce session lock after a period of 15\nminutes of inactivity by adding the following line to the \"/etc/tmux.conf\"\nglobal configuration file:\n\n    set -g lock-after-time 900'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012']\n  tag gid: 'V-230353'\n  tag rid: 'SV-230353r627750_rule'\n  tag stig_id: 'RHEL-08-020070'\n  tag fix_id: 'F-32997r567806_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command(\"grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4\") do\n      its('stdout.strip') { should cmp <= input('system_inactivity_timeout') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230353.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4` stdout.strip is expected to cmp <= 900",
+              "run_time": 0.192269,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4\"]",
+              "resource_id": "Command: `grep -i lock-after-time /etc/tmux.conf | cut -d ' ' -f4`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230354",
+          "title": "RHEL 8 must prevent a user from overriding the session lock-delay\nsetting for the graphical user interface.",
+          "desc": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-delay /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-delay\n\n    If the command does not return at least the example result, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-delay"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-GPOS-00010",
+            "satisfies": [
+              "SRG-OS-000029-GPOS-00010",
+              "SRG-OS-000031-GPOS-00012",
+              "SRG-OS-000480-GPOS-00227"
+            ],
+            "gid": "V-230354",
+            "rid": "SV-230354r743990_rule",
+            "stig_id": "RHEL-08-020080",
+            "fix_id": "F-32998r743989_fix",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ]
+          },
+          "code": "control 'SV-230354' do\n  title 'RHEL 8 must prevent a user from overriding the session lock-delay\nsetting for the graphical user interface.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.\"\n  desc 'check', 'Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-delay /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-delay\n\n    If the command does not return at least the example result, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-delay'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-230354'\n  tag rid: 'SV-230354r743990_rule'\n  tag stig_id: 'RHEL-08-020080'\n  tag fix_id: 'F-32998r743989_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command('grep -i lock-delay /etc/dconf/db/local.d/locks/*') do\n      its('stdout.split') { should include '/org/gnome/desktop/screensaver/lock-delay' }\n    end\n  else\n    impact 0.0\n    describe 'The GNOME desktop is not installed' do\n      skip 'The GNOME desktop is not installed, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230354.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The GNOME desktop is not installed",
+              "run_time": 5.0e-06,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource": "",
+              "skip_message": "The GNOME desktop is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The GNOME desktop is not installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230355",
+          "title": "RHEL 8 must map the authenticated identity to the user or group\naccount for PKI-based authentication.",
+          "desc": "Without mapping the certificate used to authenticate to the user\naccount, the ability to determine the identity of the individual user or group\nwill not be available for forensic analysis.\n\n    There are various methods of mapping certificates to user/group accounts\nfor RHEL 8. For the purposes of this requirement, the check and fix will\naccount for Active Directory mapping. Some of the other possible methods\ninclude joining the system to a domain and utilizing a Red Hat idM server, or a\nlocal system mapping, where the system is not part of a domain.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without mapping the certificate used to authenticate to the user\naccount, the ability to determine the identity of the individual user or group\nwill not be available for forensic analysis.\n\n    There are various methods of mapping certificates to user/group accounts\nfor RHEL 8. For the purposes of this requirement, the check and fix will\naccount for Active Directory mapping. Some of the other possible methods\ninclude joining the system to a domain and utilizing a Red Hat idM server, or a\nlocal system mapping, where the system is not part of a domain."
+            },
+            {
+              "label": "check",
+              "data": "Verify the certificate of the user or group is mapped to the corresponding user or group in the \"sssd.conf\" file with the following command:\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\n$ sudo cat /etc/sssd/sssd.conf\n\n[sssd]\nconfig_file_version = 2\nservices = pam, sudo, ssh\ndomains = testing.test\n\n[pam]\npam_cert_auth = True\n\n[domain/testing.test]\nid_provider = ldap\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nIf the certmap section does not exist, ask the System Administrator to indicate how certificates are mapped to accounts. If there is no evidence of certificate mapping, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to map the authenticated identity to the user or group account by adding or modifying the certmap section of the \"/etc/sssd/sssd.conf file based on the following example:\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000068-GPOS-00036",
+            "gid": "V-230355",
+            "rid": "SV-230355r858743_rule",
+            "stig_id": "RHEL-08-020090",
+            "fix_id": "F-32999r818835_fix",
+            "cci": [
+              "CCI-000187"
+            ],
+            "nist": [
+              "IA-5 (2) (c)",
+              "IA-5 (2) (a) (2)"
+            ]
+          },
+          "code": "control 'SV-230355' do\n  title 'RHEL 8 must map the authenticated identity to the user or group\naccount for PKI-based authentication.'\n  desc 'Without mapping the certificate used to authenticate to the user\naccount, the ability to determine the identity of the individual user or group\nwill not be available for forensic analysis.\n\n    There are various methods of mapping certificates to user/group accounts\nfor RHEL 8. For the purposes of this requirement, the check and fix will\naccount for Active Directory mapping. Some of the other possible methods\ninclude joining the system to a domain and utilizing a Red Hat idM server, or a\nlocal system mapping, where the system is not part of a domain.'\n  desc 'check', 'Verify the certificate of the user or group is mapped to the corresponding user or group in the \"sssd.conf\" file with the following command:\n\nNote: If the System Administrator demonstrates the use of an approved alternate multifactor authentication method, this requirement is not applicable.\n\n$ sudo cat /etc/sssd/sssd.conf\n\n[sssd]\nconfig_file_version = 2\nservices = pam, sudo, ssh\ndomains = testing.test\n\n[pam]\npam_cert_auth = True\n\n[domain/testing.test]\nid_provider = ldap\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nIf the certmap section does not exist, ask the System Administrator to indicate how certificates are mapped to accounts. If there is no evidence of certificate mapping, this is a finding.'\n  desc 'fix', 'Configure the operating system to map the authenticated identity to the user or group account by adding or modifying the certmap section of the \"/etc/sssd/sssd.conf file based on the following example:\n\n[certmap/testing.test/rule_name]\nmatchrule =<SAN>.*EDIPI@mil\nmaprule = (userCertificate;binary={cert!bin})\ndomains = testing.test\n\nThe \"sssd\" service must be restarted for the changes to take effect. To restart the \"sssd\" service, run the following command:\n\n$ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000068-GPOS-00036'\n  tag gid: 'V-230355'\n  tag rid: 'SV-230355r858743_rule'\n  tag stig_id: 'RHEL-08-020090'\n  tag fix_id: 'F-32999r818835_fix'\n  tag cci: ['CCI-000187']\n  tag nist: ['IA-5 (2) (c)', 'IA-5 (2) (a) (2)']\n\n  if virtualization.system.eql?('docker') && !file('/etc/sssd/sssd.conf').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/etc/sssd/sssd.conf') do\n      it { should exist }\n      its('content') { should match(/^\\s*\\[certmap.*\\]\\s*$/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230355.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File /etc/sssd/sssd.conf is expected to exist",
+              "run_time": 0.000132,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected File /etc/sssd/sssd.conf to exist",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sssd/sssd.conf\"]",
+              "resource_id": "/etc/sssd/sssd.conf"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File /etc/sssd/sssd.conf content is expected to match /^\\s*\\[certmap.*\\]\\s*$/",
+              "run_time": 0.121926,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected nil to match /^\\s*\\[certmap.*\\]\\s*$/",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sssd/sssd.conf\"]",
+              "resource_id": "/etc/sssd/sssd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230356",
+          "title": "RHEL 8 must ensure the password complexity module is enabled in the password-auth file.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000069-GPOS-00037",
+            "gid": "V-230356",
+            "rid": "SV-230356r902728_rule",
+            "stig_id": "RHEL-08-020100",
+            "fix_id": "F-33000r902727_fix",
+            "cci": [
+              "CCI-000192",
+              "CCI-000366"
+            ],
+            "nist": [
+              "IA-5 (1) (a)",
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230356' do\n  title 'RHEL 8 must ensure the password complexity module is enabled in the password-auth file.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth'\n  desc 'check', 'Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-GPOS-00037'\n  tag gid: 'V-230356'\n  tag rid: 'SV-230356r902728_rule'\n  tag stig_id: 'RHEL-08-020100'\n  tag fix_id: 'F-33000r902727_fix'\n  tag cci: ['CCI-000192', 'CCI-000366']\n  tag nist: ['IA-5 (1) (a)', 'CM-6 b']\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so') }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '>=', 1)\n    }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '<=',\n                                                                                                   input('max_retry'))\n    }\n  end\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so') }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '>=', 1)\n    }\n    its('lines') {\n      should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '<=',\n                                                                                                   input('max_retry'))\n    }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230356.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite) pam_pwquality.so",
+              "run_time": 0.00023,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1",
+              "run_time": 0.000222,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3",
+              "run_time": 0.000208,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite) pam_pwquality.so",
+              "run_time": 0.000131,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1",
+              "run_time": 0.000176,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry >= 1",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3",
+              "run_time": 0.00022,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected \"password requisite pam_pwquality.so local_users_only\" to include password (required|requisite) pam_pwquality.so, all with integer arg retry <= 3",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230357",
+          "title": "RHEL 8 must enforce password complexity by requiring that at least one\nuppercase character be used.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require uppercase characters, without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require uppercase characters, without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."
+            },
+            {
+              "label": "check",
+              "data": "Verify the value for \"ucredit\" with the following command:\n\n$ sudo grep -r ucredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ucredit = -1\n\nIf the value of \"ucredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce password complexity by requiring that at least one uppercase character be used by setting the \"ucredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nucredit = -1\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000069-GPOS-00037",
+            "gid": "V-230357",
+            "rid": "SV-230357r858771_rule",
+            "stig_id": "RHEL-08-020110",
+            "fix_id": "F-33001r858770_fix",
+            "cci": [
+              "CCI-000192"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230357' do\n  title 'RHEL 8 must enforce password complexity by requiring that at least one\nuppercase character be used.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require uppercase characters, without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"ucredit\" with the following command:\n\n$ sudo grep -r ucredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ucredit = -1\n\nIf the value of \"ucredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one uppercase character be used by setting the \"ucredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nucredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-GPOS-00037'\n  tag gid: 'V-230357'\n  tag rid: 'SV-230357r858771_rule'\n  tag stig_id: 'RHEL-08-020110'\n  tag fix_id: 'F-33001r858770_fix'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe 'pwquality.conf:' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting) { 'ucredit' }\n    let(:value) { Array(config.params[setting]) }\n\n    it 'has `ucredit` set' do\n      expect(value).not_to be_empty, 'ucredit is not set in pwquality.conf'\n    end\n\n    it 'only sets `ucredit` once' do\n      expect(value.length).to eq(1), 'ucredit is commented or set more than once in pwquality.conf'\n    end\n\n    it 'does not set `ucredit` to a positive value' do\n      expect(value.first.to_i).to cmp < 0, 'ucredit is not set to a negative value in pwquality.conf'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230357.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf: has `ucredit` set",
+              "run_time": 0.002777,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf:"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf: only sets `ucredit` once",
+              "run_time": 0.000217,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf:"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf: does not set `ucredit` to a positive value",
+              "run_time": 0.000182,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf:"
+            }
+          ]
+        },
+        {
+          "id": "SV-230358",
+          "title": "RHEL 8 must enforce password complexity by requiring that at least one\nlower-case character be used.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require lower-case characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require lower-case characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."
+            },
+            {
+              "label": "check",
+              "data": "Verify the value for \"lcredit\" with the following command:\n\n$ sudo grep -r lcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:lcredit = -1\n\nIf the value of \"lcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce password complexity by requiring that at least one lower-case character be used by setting the \"lcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nlcredit = -1\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000070-GPOS-00038",
+            "gid": "V-230358",
+            "rid": "SV-230358r858773_rule",
+            "stig_id": "RHEL-08-020120",
+            "fix_id": "F-33002r858772_fix",
+            "cci": [
+              "CCI-000193"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230358' do\n  title 'RHEL 8 must enforce password complexity by requiring that at least one\nlower-case character be used.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes pwquality as a mechanism to enforce password complexity.\nNote that in order to require lower-case characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"lcredit\" with the following command:\n\n$ sudo grep -r lcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:lcredit = -1\n\nIf the value of \"lcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one lower-case character be used by setting the \"lcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nlcredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000070-GPOS-00038'\n  tag gid: 'V-230358'\n  tag rid: 'SV-230358r858773_rule'\n  tag stig_id: 'RHEL-08-020120'\n  tag fix_id: 'F-33002r858772_fix'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting) { 'lcredit' }\n    let(:value) { Array(config.params[setting]) }\n\n    it 'has `lcredit` set' do\n      expect(value).not_to be_empty, 'lcredit is not set in pwquality.conf'\n    end\n\n    it 'only sets `lcredit` once' do\n      expect(value.length).to eq(1), 'lcredit is commented or set more than once in pwquality.conf'\n    end\n\n    it 'does not set `lcredit` to a positive value' do\n      expect(value.first.to_i).to be < 0, 'lcredit is not set to a negative value in pwquality.conf'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230358.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `lcredit` set",
+              "run_time": 0.002303,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `lcredit` once",
+              "run_time": 0.000156,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `lcredit` to a positive value",
+              "run_time": 0.000167,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230359",
+          "title": "RHEL 8 must enforce password complexity by requiring that at least one\nnumeric character be used.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that in order to require numeric characters, without degrading\nthe minlen value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that in order to require numeric characters, without degrading\nthe minlen value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."
+            },
+            {
+              "label": "check",
+              "data": "Verify the value for \"dcredit\" with the following command:\n\n$ sudo grep -r dcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dcredit = -1\n\nIf the value of \"dcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce password complexity by requiring that at least one numeric character be used by setting the \"dcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\ndcredit = -1\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000071-GPOS-00039",
+            "gid": "V-230359",
+            "rid": "SV-230359r858775_rule",
+            "stig_id": "RHEL-08-020130",
+            "fix_id": "F-33003r858774_fix",
+            "cci": [
+              "CCI-000194"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230359' do\n  title 'RHEL 8 must enforce password complexity by requiring that at least one\nnumeric character be used.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that in order to require numeric characters, without degrading\nthe minlen value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"dcredit\" with the following command:\n\n$ sudo grep -r dcredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dcredit = -1\n\nIf the value of \"dcredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one numeric character be used by setting the \"dcredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\ndcredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000071-GPOS-00039'\n  tag gid: 'V-230359'\n  tag rid: 'SV-230359r858775_rule'\n  tag stig_id: 'RHEL-08-020130'\n  tag fix_id: 'F-33003r858774_fix'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting) { 'dcredit' }\n    let(:value) { Array(config.params[setting]) }\n\n    it 'has `dcredit` set' do\n      expect(value).not_to be_empty, 'dcredit is not set in pwquality.conf'\n    end\n\n    it 'only sets `dcredit` once' do\n      expect(value.length).to eq(1), 'dcredit is commented or set more than once in pwquality.conf'\n    end\n\n    it 'does not set `dcredit` to a positive value' do\n      expect(value.first.to_i).to be < 0, 'dcredit is not set to a negative value in pwquality.conf'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230359.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `dcredit` set",
+              "run_time": 0.002277,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `dcredit` once",
+              "run_time": 0.00015,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `dcredit` to a positive value",
+              "run_time": 0.000235,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230360",
+          "title": "RHEL 8 must require the maximum number of repeating characters of the\nsame character class be limited to four when passwords are changed.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxclassrepeat\" option sets the maximum number of allowed\nsame consecutive characters in the same class in the new password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxclassrepeat\" option sets the maximum number of allowed\nsame consecutive characters in the same class in the new password."
+            },
+            {
+              "label": "check",
+              "data": "Check for the value of the \"maxclassrepeat\" option with the following command:\n\n$ sudo grep -r maxclassrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxclassrepeat = 4\n\nIf the value of \"maxclassrepeat\" is set to \"0\", more than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to require the change of the number of repeating characters of the same character class when passwords are changed by setting the \"maxclassrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" conf (or modify the line to have the required value):\n\nmaxclassrepeat = 4\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000072-GPOS-00040",
+            "gid": "V-230360",
+            "rid": "SV-230360r858777_rule",
+            "stig_id": "RHEL-08-020140",
+            "fix_id": "F-33004r858776_fix",
+            "cci": [
+              "CCI-000195"
+            ],
+            "nist": [
+              "IA-5 (1) (b)"
+            ]
+          },
+          "code": "control 'SV-230360' do\n  title 'RHEL 8 must require the maximum number of repeating characters of the\nsame character class be limited to four when passwords are changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxclassrepeat\" option sets the maximum number of allowed\nsame consecutive characters in the same class in the new password.'\n  desc 'check', 'Check for the value of the \"maxclassrepeat\" option with the following command:\n\n$ sudo grep -r maxclassrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxclassrepeat = 4\n\nIf the value of \"maxclassrepeat\" is set to \"0\", more than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of the number of repeating characters of the same character class when passwords are changed by setting the \"maxclassrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" conf (or modify the line to have the required value):\n\nmaxclassrepeat = 4\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230360'\n  tag rid: 'SV-230360r858777_rule'\n  tag stig_id: 'RHEL-08-020140'\n  tag fix_id: 'F-33004r858776_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('maxclassrepeat')\n  setting = 'maxclassrepeat'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230360.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `maxclassrepeat` set",
+              "run_time": 0.002481,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `maxclassrepeat` once",
+              "run_time": 0.000194,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `maxclassrepeat` to more than 4",
+              "run_time": 0.000141,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230361",
+          "title": "RHEL 8 must require the maximum number of repeating characters be\nlimited to three when passwords are changed.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxrepeat\" option sets the maximum number of allowed same\nconsecutive characters in a new password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxrepeat\" option sets the maximum number of allowed same\nconsecutive characters in a new password."
+            },
+            {
+              "label": "check",
+              "data": "Check for the value of the \"maxrepeat\" option with the following command:\n\n$ sudo grep -r maxrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxrepeat = 3\n\nIf the value of \"maxrepeat\" is set to more than \"3\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to require the change of the number of repeating consecutive characters when passwords are changed by setting the \"maxrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nmaxrepeat = 3\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000072-GPOS-00040",
+            "gid": "V-230361",
+            "rid": "SV-230361r858779_rule",
+            "stig_id": "RHEL-08-020150",
+            "fix_id": "F-33005r858778_fix",
+            "cci": [
+              "CCI-000195"
+            ],
+            "nist": [
+              "IA-5 (1) (b)"
+            ]
+          },
+          "code": "control 'SV-230361' do\n  title 'RHEL 8 must require the maximum number of repeating characters be\nlimited to three when passwords are changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"maxrepeat\" option sets the maximum number of allowed same\nconsecutive characters in a new password.'\n  desc 'check', 'Check for the value of the \"maxrepeat\" option with the following command:\n\n$ sudo grep -r maxrepeat /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:maxrepeat = 3\n\nIf the value of \"maxrepeat\" is set to more than \"3\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of the number of repeating consecutive characters when passwords are changed by setting the \"maxrepeat\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nmaxrepeat = 3\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230361'\n  tag rid: 'SV-230361r858779_rule'\n  tag stig_id: 'RHEL-08-020150'\n  tag fix_id: 'F-33005r858778_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('maxrepeat')\n  setting = 'maxrepeat'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230361.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `maxrepeat` set",
+              "run_time": 0.002375,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `maxrepeat` once",
+              "run_time": 0.000153,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `maxrepeat` to more than 3",
+              "run_time": 0.000194,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230362",
+          "title": "RHEL 8 must require the change of at least four character classes when passwords are changed.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"minclass\" option sets the minimum number of required classes\nof characters for the new password (digits, uppercase, lowercase, others).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"minclass\" option sets the minimum number of required classes\nof characters for the new password (digits, uppercase, lowercase, others)."
+            },
+            {
+              "label": "check",
+              "data": "Verify the value of the \"minclass\" option with the following command:\n\n$ sudo grep -r minclass /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minclass = 4\n\nIf the value of \"minclass\" is set to less than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to require the change of at least four character classes when passwords are changed by setting the \"minclass\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nminclass = 4\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000072-GPOS-00040",
+            "gid": "V-230362",
+            "rid": "SV-230362r858781_rule",
+            "stig_id": "RHEL-08-020160",
+            "fix_id": "F-33006r858780_fix",
+            "cci": [
+              "CCI-000195"
+            ],
+            "nist": [
+              "IA-5 (1) (b)"
+            ]
+          },
+          "code": "control 'SV-230362' do\n  title 'RHEL 8 must require the change of at least four character classes when passwords are changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"minclass\" option sets the minimum number of required classes\nof characters for the new password (digits, uppercase, lowercase, others).'\n  desc 'check', 'Verify the value of the \"minclass\" option with the following command:\n\n$ sudo grep -r minclass /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minclass = 4\n\nIf the value of \"minclass\" is set to less than \"4\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of at least four character classes when passwords are changed by setting the \"minclass\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf conf\" (or modify the line to have the required value):\n\nminclass = 4\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230362'\n  tag rid: 'SV-230362r858781_rule'\n  tag stig_id: 'RHEL-08-020160'\n  tag fix_id: 'F-33006r858780_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('minclass')\n  setting = 'minclass'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230362.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `minclass` set",
+              "run_time": 0.002285,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `minclass` once",
+              "run_time": 0.00036,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `minclass` to more than 4",
+              "run_time": 0.000152,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230363",
+          "title": "RHEL 8 must require the change of at least 8 characters when passwords\nare changed.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"difok\" option sets the number of characters in a password\nthat must not be present in the old password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"difok\" option sets the number of characters in a password\nthat must not be present in the old password."
+            },
+            {
+              "label": "check",
+              "data": "Verify the value of the \"difok\" option with the following command:\n\n$ sudo grep -r difok /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:difok = 8\n\nIf the value of \"difok\" is set to less than \"8\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to require the change of at least eight of the total number of characters when passwords are changed by setting the \"difok\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\ndifok = 8\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000072-GPOS-00040",
+            "gid": "V-230363",
+            "rid": "SV-230363r858783_rule",
+            "stig_id": "RHEL-08-020170",
+            "fix_id": "F-33007r858782_fix",
+            "cci": [
+              "CCI-000195"
+            ],
+            "nist": [
+              "IA-5 (1) (b)"
+            ]
+          },
+          "code": "control 'SV-230363' do\n  title 'RHEL 8 must require the change of at least 8 characters when passwords\nare changed.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. The \"difok\" option sets the number of characters in a password\nthat must not be present in the old password.'\n  desc 'check', 'Verify the value of the \"difok\" option with the following command:\n\n$ sudo grep -r difok /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:difok = 8\n\nIf the value of \"difok\" is set to less than \"8\" or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to require the change of at least eight of the total number of characters when passwords are changed by setting the \"difok\" option.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\ndifok = 8\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000072-GPOS-00040'\n  tag gid: 'V-230363'\n  tag rid: 'SV-230363r858783_rule'\n  tag stig_id: 'RHEL-08-020170'\n  tag fix_id: 'F-33007r858782_fix'\n  tag cci: ['CCI-000195']\n  tag nist: ['IA-5 (1) (b)']\n\n  value = input('difok')\n  setting = 'difok'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to more than #{value}\" do\n      expect(setting_value.first.to_i).to be <= value.to_i, \"#{setting} is set to a value greater than #{value} in pwquality.conf\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230363.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `difok` set",
+              "run_time": 0.002303,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `difok` once",
+              "run_time": 0.000194,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `difok` to more than 8",
+              "run_time": 0.000143,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230364",
+          "title": "RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime\nrestriction in /etc/shadow.",
+          "desc": "Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse."
+            },
+            {
+              "label": "check",
+              "data": "Check whether the minimum time period between password changes for each\nuser account is one day or greater.\n\n    $ sudo awk -F: '$4 < 1 {print $1 \" \" $4}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure non-compliant accounts to enforce a 24 hours/1 day minimum\npassword lifetime:\n\n    $ sudo chage -m 1 [user]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000075-GPOS-00043",
+            "gid": "V-230364",
+            "rid": "SV-230364r627750_rule",
+            "stig_id": "RHEL-08-020180",
+            "fix_id": "F-33008r567839_fix",
+            "cci": [
+              "CCI-000198"
+            ],
+            "nist": [
+              "IA-5 (1) (d)"
+            ]
+          },
+          "code": "control 'SV-230364' do\n  title 'RHEL 8 passwords must have a 24 hours/1 day minimum password lifetime\nrestriction in /etc/shadow.'\n  desc \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc 'check', %q(Check whether the minimum time period between password changes for each\nuser account is one day or greater.\n\n    $ sudo awk -F: '$4 < 1 {print $1 \" \" $4}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.)\n  desc 'fix', 'Configure non-compliant accounts to enforce a 24 hours/1 day minimum\npassword lifetime:\n\n    $ sudo chage -m 1 [user]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000075-GPOS-00043'\n  tag gid: 'V-230364'\n  tag rid: 'SV-230364r627750_rule'\n  tag stig_id: 'RHEL-08-020180'\n  tag fix_id: 'F-33008r567839_fix'\n  tag cci: ['CCI-000198']\n  tag nist: ['IA-5 (1) (d)']\n\n  # TODO: add inputs for a frequecny\n\n  bad_users = users.where { uid >= 1000 }.where { mindays < 1 }.usernames\n  in_scope_users = bad_users - input('exempt_home_users')\n\n  describe 'Users should not' do\n    it 'be able to change their password more then once a 24 hour period' do\n      failure_message = \"The following users can update their password more then once a day: #{in_scope_users.join(', ')}\"\n      expect(in_scope_users).to be_empty, failure_message\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230364.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Users should not be able to change their password more then once a 24 hour period",
+              "run_time": 0.002131,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "The following users can update their password more then once a day: nobody",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Users should not"
+            }
+          ]
+        },
+        {
+          "id": "SV-230365",
+          "title": "RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.",
+          "desc": "Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system enforces 24 hours/1 day as the minimum password\nlifetime for new user accounts.\n\n    Check for the value of \"PASS_MIN_DAYS\" in \"/etc/login.defs\" with the\nfollowing command:\n\n    $ sudo grep -i pass_min_days /etc/login.defs\n    PASS_MIN_DAYS 1\n\n    If the \"PASS_MIN_DAYS\" parameter value is not \"1\" or greater, or is\ncommented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce 24 hours/1 day as the minimum\npassword lifetime.\n\n    Add the following line in \"/etc/login.defs\" (or modify the line to have\nthe required value):\n\n    PASS_MIN_DAYS 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000075-GPOS-00043",
+            "gid": "V-230365",
+            "rid": "SV-230365r858727_rule",
+            "stig_id": "RHEL-08-020190",
+            "fix_id": "F-33009r567842_fix",
+            "cci": [
+              "CCI-000198"
+            ],
+            "nist": [
+              "IA-5 (1) (d)"
+            ]
+          },
+          "code": "control 'SV-230365' do\n  title 'RHEL 8 passwords for new users or password changes must have a 24 hours/1 day minimum password lifetime restriction in /etc/login.defs.'\n  desc \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc 'check', 'Verify the operating system enforces 24 hours/1 day as the minimum password\nlifetime for new user accounts.\n\n    Check for the value of \"PASS_MIN_DAYS\" in \"/etc/login.defs\" with the\nfollowing command:\n\n    $ sudo grep -i pass_min_days /etc/login.defs\n    PASS_MIN_DAYS 1\n\n    If the \"PASS_MIN_DAYS\" parameter value is not \"1\" or greater, or is\ncommented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce 24 hours/1 day as the minimum\npassword lifetime.\n\n    Add the following line in \"/etc/login.defs\" (or modify the line to have\nthe required value):\n\n    PASS_MIN_DAYS 1'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000075-GPOS-00043'\n  tag gid: 'V-230365'\n  tag rid: 'SV-230365r858727_rule'\n  tag stig_id: 'RHEL-08-020190'\n  tag fix_id: 'F-33009r567842_fix'\n  tag cci: ['CCI-000198']\n  tag nist: ['IA-5 (1) (d)']\n\n  value = input('pass_min_days')\n  setting = input_object('pass_min_days').name.upcase\n\n  describe \"/etc/login.defs does not have `#{setting}` configured\" do\n    let(:config) { login_defs.read_params[setting] }\n    it \"greater than #{value} day\" do\n      expect(config).to cmp <= value\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230365.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "/etc/login.defs does not have `PASS_MIN_DAYS` configured greater than 1 day",
+              "run_time": 0.000237,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs does not have `PASS_MIN_DAYS` configured"
+            }
+          ]
+        },
+        {
+          "id": "SV-230366",
+          "title": "RHEL 8 user account passwords must have a 60-day maximum password\nlifetime restriction.",
+          "desc": "Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised."
+            },
+            {
+              "label": "check",
+              "data": "Verify that RHEL 8 enforces a 60-day maximum password lifetime for new user\naccounts by running the following command:\n\n    $ sudo grep -i pass_max_days /etc/login.defs\n    PASS_MAX_DAYS 60\n\n    If the \"PASS_MAX_DAYS\" parameter value is greater than \"60\", or\ncommented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to enforce a 60-day maximum password lifetime.\n\nAdd, or modify the following line in the \"/etc/login.defs\" file:\n\nPASS_MAX_DAYS 60"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000076-GPOS-00044",
+            "gid": "V-230366",
+            "rid": "SV-230366r646878_rule",
+            "stig_id": "RHEL-08-020200",
+            "fix_id": "F-33010r567845_fix",
+            "cci": [
+              "CCI-000199"
+            ],
+            "nist": [
+              "IA-5 (1) (d)"
+            ]
+          },
+          "code": "control 'SV-230366' do\n  title 'RHEL 8 user account passwords must have a 60-day maximum password\nlifetime restriction.'\n  desc 'Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.'\n  desc 'check', 'Verify that RHEL 8 enforces a 60-day maximum password lifetime for new user\naccounts by running the following command:\n\n    $ sudo grep -i pass_max_days /etc/login.defs\n    PASS_MAX_DAYS 60\n\n    If the \"PASS_MAX_DAYS\" parameter value is greater than \"60\", or\ncommented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enforce a 60-day maximum password lifetime.\n\nAdd, or modify the following line in the \"/etc/login.defs\" file:\n\nPASS_MAX_DAYS 60'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000076-GPOS-00044'\n  tag gid: 'V-230366'\n  tag rid: 'SV-230366r646878_rule'\n  tag stig_id: 'RHEL-08-020200'\n  tag fix_id: 'F-33010r567845_fix'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  value = input('pass_max_days')\n  setting = input_object('pass_max_days').name.upcase\n\n  describe \"/etc/login.defs does not have `#{setting}` configured\" do\n    let(:config) { login_defs.read_params[setting] }\n    it \"greater than #{value} day\" do\n      expect(config).to cmp <= value\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230366.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "/etc/login.defs does not have `PASS_MAX_DAYS` configured greater than 60 day",
+              "run_time": 0.000223,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs does not have `PASS_MAX_DAYS` configured"
+            }
+          ]
+        },
+        {
+          "id": "SV-230367",
+          "title": "RHEL 8 user account passwords must be configured so that existing\npasswords are restricted to a 60-day maximum lifetime.",
+          "desc": "Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised."
+            },
+            {
+              "label": "check",
+              "data": "Check whether the maximum time period for existing passwords is restricted\nto 60 days with the following commands:\n\n    $ sudo awk -F: '$5 > 60 {print $1 \" \" $5}' /etc/shadow\n\n    $ sudo awk -F: '$5 <= 0 {print $1 \" \" $5}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure non-compliant accounts to enforce a 60-day maximum password\nlifetime restriction.\n\n    $ sudo chage -M 60 [user]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000076-GPOS-00044",
+            "gid": "V-230367",
+            "rid": "SV-230367r627750_rule",
+            "stig_id": "RHEL-08-020210",
+            "fix_id": "F-33011r567848_fix",
+            "cci": [
+              "CCI-000199"
+            ],
+            "nist": [
+              "IA-5 (1) (d)"
+            ]
+          },
+          "code": "control 'SV-230367' do\n  title 'RHEL 8 user account passwords must be configured so that existing\npasswords are restricted to a 60-day maximum lifetime.'\n  desc 'Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If RHEL 8 does not limit\nthe lifetime of passwords and force users to change their passwords, there is\nthe risk that RHEL 8 passwords could be compromised.'\n  desc 'check', %q(Check whether the maximum time period for existing passwords is restricted\nto 60 days with the following commands:\n\n    $ sudo awk -F: '$5 > 60 {print $1 \" \" $5}' /etc/shadow\n\n    $ sudo awk -F: '$5 <= 0 {print $1 \" \" $5}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.)\n  desc 'fix', 'Configure non-compliant accounts to enforce a 60-day maximum password\nlifetime restriction.\n\n    $ sudo chage -M 60 [user]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000076-GPOS-00044'\n  tag gid: 'V-230367'\n  tag rid: 'SV-230367r627750_rule'\n  tag stig_id: 'RHEL-08-020210'\n  tag fix_id: 'F-33011r567848_fix'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  value = input('pass_max_days')\n\n  bad_users = users.where { uid >= 1000 }.where { value > 60 or maxdays.negative? }.usernames\n  in_scope_users = bad_users - input('exempt_home_users')\n\n  describe 'Users are not be able' do\n    it \"to retain passwords for more then #{value} day(s)\" do\n      failure_message = \"The following users can update their password more then every #{value} day(s): #{in_scope_users.join(', ')}\"\n      expect(in_scope_users).to be_empty, failure_message\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230367.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Users are not be able to retain passwords for more then 60 day(s)",
+              "run_time": 0.002085,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Users are not be able"
+            }
+          ]
+        },
+        {
+          "id": "SV-230368",
+          "title": "RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.",
+          "desc": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\n  RHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\n  RHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/password-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/password-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/password-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000077-GPOS-00045",
+            "gid": "V-230368",
+            "rid": "SV-230368r902759_rule",
+            "stig_id": "RHEL-08-020220",
+            "fix_id": "F-33012r902757_fix",
+            "cci": [
+              "CCI-000200"
+            ],
+            "nist": [
+              "IA-5 (1) (e)"
+            ]
+          },
+          "code": "control 'SV-230368' do\n  title 'RHEL 8 must be configured in the password-auth file to prohibit password reuse for a minimum of five generations.'\n  desc 'Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\n  RHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.'\n  desc 'check', 'Verify the operating system is configured in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/password-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/password-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding.'\n  desc 'fix', 'Configure the operating system in the password-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/password-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-GPOS-00045'\n  tag gid: 'V-230368'\n  tag rid: 'SV-230368r902759_rule'\n  tag stig_id: 'RHEL-08-020220'\n  tag fix_id: 'F-33012r902757_fix'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['password-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite|sufficient) pam_pwhistory.so').any_with_integer_arg('remember', '>=', input('min_reuse_generations')) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230368.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5",
+              "run_time": 0.000461,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230369",
+          "title": "RHEL 8 passwords must have a minimum of 15 characters.",
+          "desc": "The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Configurations are set in the \"etc/security/pwquality.conf\" file.\n\n    The \"minlen\", sometimes noted as minimum length, acts as a \"score\" of\ncomplexity based on the credit components of the \"pwquality\" module. By\nsetting the credit components to a negative value, not only will those\ncomponents be required, they will not count towards the total \"score\" of\n\"minlen\". This will enable \"minlen\" to require a 15-character minimum.\n\n    The DoD minimum password requirement is 15 characters.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Configurations are set in the \"etc/security/pwquality.conf\" file.\n\n    The \"minlen\", sometimes noted as minimum length, acts as a \"score\" of\ncomplexity based on the credit components of the \"pwquality\" module. By\nsetting the credit components to a negative value, not only will those\ncomponents be required, they will not count towards the total \"score\" of\n\"minlen\". This will enable \"minlen\" to require a 15-character minimum.\n\n    The DoD minimum password requirement is 15 characters."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system enforces a minimum 15-character password length. The \"minlen\" option sets the minimum number of characters in a new password.\n\nCheck for the value of the \"minlen\" option with the following command:\n\n$ sudo grep -r minlen /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minlen = 15\n\nIf the command does not return a \"minlen\" value of 15 or greater, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure operating system to enforce a minimum 15-character password length.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\nminlen = 15\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000078-GPOS-00046",
+            "gid": "V-230369",
+            "rid": "SV-230369r858785_rule",
+            "stig_id": "RHEL-08-020230",
+            "fix_id": "F-33013r858784_fix",
+            "cci": [
+              "CCI-000205"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230369' do\n  title 'RHEL 8 passwords must have a minimum of 15 characters.'\n  desc 'The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Configurations are set in the \"etc/security/pwquality.conf\" file.\n\n    The \"minlen\", sometimes noted as minimum length, acts as a \"score\" of\ncomplexity based on the credit components of the \"pwquality\" module. By\nsetting the credit components to a negative value, not only will those\ncomponents be required, they will not count towards the total \"score\" of\n\"minlen\". This will enable \"minlen\" to require a 15-character minimum.\n\n    The DoD minimum password requirement is 15 characters.'\n  desc 'check', 'Verify the operating system enforces a minimum 15-character password length. The \"minlen\" option sets the minimum number of characters in a new password.\n\nCheck for the value of the \"minlen\" option with the following command:\n\n$ sudo grep -r minlen /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:minlen = 15\n\nIf the command does not return a \"minlen\" value of 15 or greater, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure operating system to enforce a minimum 15-character password length.\n\nAdd the following line to \"/etc/security/pwquality.conf\" (or modify the line to have the required value):\n\nminlen = 15\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000078-GPOS-00046'\n  tag gid: 'V-230369'\n  tag rid: 'SV-230369r858785_rule'\n  tag stig_id: 'RHEL-08-020230'\n  tag fix_id: 'F-33013r858784_fix'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  describe parse_config_file('/etc/security/pwquality.conf') do\n    its('minlen.to_i') { should cmp >= input('pass_min_len') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230369.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/security/pwquality.conf minlen.to_i is expected to cmp >= 15",
+              "run_time": 7.8e-05,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/pwquality.conf\"]",
+              "resource_id": "/etc/security/pwquality.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230370",
+          "title": "RHEL 8 passwords for new users must have a minimum of 15 characters.",
+          "desc": "The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    The DoD minimum password requirement is 15 characters.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    The DoD minimum password requirement is 15 characters."
+            },
+            {
+              "label": "check",
+              "data": "Verify that RHEL 8 enforces a minimum 15-character password length for new\nuser accounts by running the following command:\n\n    $ sudo grep -i  pass_min_len /etc/login.defs\n\n    PASS_MIN_LEN 15\n\n    If the \"PASS_MIN_LEN\" parameter value is less than \"15\", or commented\nout, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure operating system to enforce a minimum 15-character password\nlength for new user accounts.\n\n    Add, or modify the following line in the \"/etc/login.defs\" file:\n\n    PASS_MIN_LEN 15"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000078-GPOS-00046",
+            "gid": "V-230370",
+            "rid": "SV-230370r627750_rule",
+            "stig_id": "RHEL-08-020231",
+            "fix_id": "F-33014r567857_fix",
+            "cci": [
+              "CCI-000205"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230370' do\n  title 'RHEL 8 passwords for new users must have a minimum of 15 characters.'\n  desc 'The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nincrease exponentially the time and/or resources required to compromise the\npassword.\n\n    The DoD minimum password requirement is 15 characters.'\n  desc 'check', 'Verify that RHEL 8 enforces a minimum 15-character password length for new\nuser accounts by running the following command:\n\n    $ sudo grep -i  pass_min_len /etc/login.defs\n\n    PASS_MIN_LEN 15\n\n    If the \"PASS_MIN_LEN\" parameter value is less than \"15\", or commented\nout, this is a finding.'\n  desc 'fix', 'Configure operating system to enforce a minimum 15-character password\nlength for new user accounts.\n\n    Add, or modify the following line in the \"/etc/login.defs\" file:\n\n    PASS_MIN_LEN 15'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000078-GPOS-00046'\n  tag gid: 'V-230370'\n  tag rid: 'SV-230370r627750_rule'\n  tag stig_id: 'RHEL-08-020231'\n  tag fix_id: 'F-33014r567857_fix'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  value = input('pass_min_len')\n  setting = input_object('pass_min_len').name.upcase\n\n  describe \"/etc/login.defs does not have `#{setting}` configured\" do\n    let(:config) { login_defs.read_params[setting] }\n    it \"greater than #{value} day\" do\n      expect(config).to cmp >= value\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230370.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "/etc/login.defs does not have `PASS_MIN_LEN` configured greater than 15 day",
+              "run_time": 0.000263,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs does not have `PASS_MIN_LEN` configured"
+            }
+          ]
+        },
+        {
+          "id": "SV-230371",
+          "title": "RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.",
+          "desc": "To ensure accountability and prevent unauthenticated access,\ninteractive users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Interactive users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nInteractive users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication; and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To ensure accountability and prevent unauthenticated access,\ninteractive users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Interactive users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nInteractive users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication; and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify that RHEL 8 contains no duplicate User IDs (UIDs) for interactive\nusers.\n\n    Check that the operating system contains no duplicate UIDs for interactive\nusers with the following command:\n\n    $ sudo awk -F \":\" 'list[$3]++{print $1, $3}' /etc/passwd\n\n    If output is produced, and the accounts listed are interactive user\naccounts, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the file \"/etc/passwd\" and provide each interactive user\naccount that has a duplicate User ID (UID) with a unique UID."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000104-GPOS-00051",
+            "satisfies": [
+              "SRG-OS-000104-GPOS-00051",
+              "SRG-OS-000121-GPOS-00062",
+              "SRG-OS-000042-GPOS-00020"
+            ],
+            "gid": "V-230371",
+            "rid": "SV-230371r627750_rule",
+            "stig_id": "RHEL-08-020240",
+            "fix_id": "F-33015r567860_fix",
+            "cci": [
+              "CCI-000764"
+            ],
+            "nist": [
+              "IA-2"
+            ]
+          },
+          "code": "control 'SV-230371' do\n  title 'RHEL 8 duplicate User IDs (UIDs) must not exist for interactive users.'\n  desc 'To ensure accountability and prevent unauthenticated access,\ninteractive users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Interactive users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nInteractive users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication; and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity.'\n  desc 'check', %q(Verify that RHEL 8 contains no duplicate User IDs (UIDs) for interactive\nusers.\n\n    Check that the operating system contains no duplicate UIDs for interactive\nusers with the following command:\n\n    $ sudo awk -F \":\" 'list[$3]++{print $1, $3}' /etc/passwd\n\n    If output is produced, and the accounts listed are interactive user\naccounts, this is a finding.)\n  desc 'fix', 'Edit the file \"/etc/passwd\" and provide each interactive user\naccount that has a duplicate User ID (UID) with a unique UID.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000104-GPOS-00051'\n  tag satisfies: ['SRG-OS-000104-GPOS-00051', 'SRG-OS-000121-GPOS-00062', 'SRG-OS-000042-GPOS-00020']\n  tag gid: 'V-230371'\n  tag rid: 'SV-230371r627750_rule'\n  tag stig_id: 'RHEL-08-020240'\n  tag fix_id: 'F-33015r567860_fix'\n  tag cci: ['CCI-000764']\n  tag nist: ['IA-2']\n\n  user_count = passwd.where { uid.to_i >= 1000 }.entries.length\n\n  describe \"Count of interactive unique user IDs should match interactive user count (#{user_count}): UID count\" do\n    subject { passwd.where { uid.to_i >= 1000 }.uids.uniq.length }\n    it { should eq user_count }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230371.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Count of interactive unique user IDs should match interactive user count (2): UID count is expected to eq 2",
+              "run_time": 0.000152,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Count of interactive unique user IDs should match interactive user count (2): UID count"
+            }
+          ]
+        },
+        {
+          "id": "SV-230372",
+          "title": "RHEL 8 must implement smart card logon for multifactor authentication\nfor access to interactive accounts.",
+          "desc": "Using an authentication device, such as a Common Access Card (CAC) or\ntoken that is separate from the information system, ensures that even if the\ninformation system is compromised, that compromise will not affect credentials\nstored on the authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD CAC.\n\n    There are various methods of implementing multifactor authentication for\nRHEL 8. Some methods include a local system multifactor account mapping or\njoining the system to a domain and utilizing a Red Hat idM server or Microsoft\nWindows Active Directory server. Any of these methods will require that the\nclient operating system handle the multifactor authentication correctly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Using an authentication device, such as a Common Access Card (CAC) or\ntoken that is separate from the information system, ensures that even if the\ninformation system is compromised, that compromise will not affect credentials\nstored on the authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD CAC.\n\n    There are various methods of implementing multifactor authentication for\nRHEL 8. Some methods include a local system multifactor account mapping or\njoining the system to a domain and utilizing a Red Hat idM server or Microsoft\nWindows Active Directory server. Any of these methods will require that the\nclient operating system handle the multifactor authentication correctly."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 uses multifactor authentication for local access to accounts.\n\n    Note: If the System Administrator demonstrates the use of an approved\nalternate multifactor authentication method, this requirement is not applicable.\n\n    Check that the \"pam_cert_auth\" setting is set to \"true\" in the\n\"/etc/sssd/sssd.conf\" file.\n\n    Check that the \"try_cert_auth\" or \"require_cert_auth\" options are\nconfigured in both \"/etc/pam.d/system-auth\" and \"/etc/pam.d/smartcard-auth\"\nfiles with the following command:\n\n    $ sudo grep cert_auth /etc/sssd/sssd.conf /etc/pam.d/*\n\n    /etc/sssd/sssd.conf:pam_cert_auth = True\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    If \"pam_cert_auth\" is not set to \"true\" in \"/etc/sssd/sssd.conf\",\nthis is a finding.\n\n    If \"pam_sss.so\" is not set to \"try_cert_auth\" or \"require_cert_auth\"\nin both the \"/etc/pam.d/smartcard-auth\" and \"/etc/pam.d/system-auth\" files,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to use multifactor authentication for local access to\naccounts.\n\n    Add or update the \"pam_cert_auth\" setting in the \"/etc/sssd/sssd.conf\"\nfile to match the following line:\n\n    [pam]\n    pam_cert_auth = True\n\n    Add or update \"pam_sss.so\" with \"try_cert_auth\" or\n\"require_cert_auth\" in the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/smartcard-auth\" files based on the following examples:\n\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000105-GPOS-00052",
+            "satisfies": [
+              "SRG-OS-000105-GPOS-00052",
+              "SRG-OS-000106-GPOS-00053",
+              "SRG-OS-000107-GPOS-00054",
+              "SRG-OS-000108-GPOS-00055"
+            ],
+            "gid": "V-230372",
+            "rid": "SV-230372r627750_rule",
+            "stig_id": "RHEL-08-020250",
+            "fix_id": "F-33016r567863_fix",
+            "cci": [
+              "CCI-000765"
+            ],
+            "nist": [
+              "IA-2 (1)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-230372' do\n  title 'RHEL 8 must implement smart card logon for multifactor authentication\nfor access to interactive accounts.'\n  desc 'Using an authentication device, such as a Common Access Card (CAC) or\ntoken that is separate from the information system, ensures that even if the\ninformation system is compromised, that compromise will not affect credentials\nstored on the authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD CAC.\n\n    There are various methods of implementing multifactor authentication for\nRHEL 8. Some methods include a local system multifactor account mapping or\njoining the system to a domain and utilizing a Red Hat idM server or Microsoft\nWindows Active Directory server. Any of these methods will require that the\nclient operating system handle the multifactor authentication correctly.'\n  desc 'check', 'Verify RHEL 8 uses multifactor authentication for local access to accounts.\n\n    Note: If the System Administrator demonstrates the use of an approved\nalternate multifactor authentication method, this requirement is not applicable.\n\n    Check that the \"pam_cert_auth\" setting is set to \"true\" in the\n\"/etc/sssd/sssd.conf\" file.\n\n    Check that the \"try_cert_auth\" or \"require_cert_auth\" options are\nconfigured in both \"/etc/pam.d/system-auth\" and \"/etc/pam.d/smartcard-auth\"\nfiles with the following command:\n\n    $ sudo grep cert_auth /etc/sssd/sssd.conf /etc/pam.d/*\n\n    /etc/sssd/sssd.conf:pam_cert_auth = True\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    If \"pam_cert_auth\" is not set to \"true\" in \"/etc/sssd/sssd.conf\",\nthis is a finding.\n\n    If \"pam_sss.so\" is not set to \"try_cert_auth\" or \"require_cert_auth\"\nin both the \"/etc/pam.d/smartcard-auth\" and \"/etc/pam.d/system-auth\" files,\nthis is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use multifactor authentication for local access to\naccounts.\n\n    Add or update the \"pam_cert_auth\" setting in the \"/etc/sssd/sssd.conf\"\nfile to match the following line:\n\n    [pam]\n    pam_cert_auth = True\n\n    Add or update \"pam_sss.so\" with \"try_cert_auth\" or\n\"require_cert_auth\" in the \"/etc/pam.d/system-auth\" and\n\"/etc/pam.d/smartcard-auth\" files based on the following examples:\n\n    /etc/pam.d/smartcard-auth:auth   sufficient   pam_sss.so try_cert_auth\n\n    /etc/pam.d/system-auth:auth   [success=done authinfo_unavail=ignore\nignore=ignore default=die]   pam_sss.so try_cert_auth\n\n    The \"sssd\" service must be restarted for the changes to take effect. To\nrestart the \"sssd\" service, run the following command:\n\n    $ sudo systemctl restart sssd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000105-GPOS-00052'\n  tag satisfies: ['SRG-OS-000105-GPOS-00052', 'SRG-OS-000106-GPOS-00053', 'SRG-OS-000107-GPOS-00054', 'SRG-OS-000108-GPOS-00055']\n  tag gid: 'V-230372'\n  tag rid: 'SV-230372r627750_rule'\n  tag stig_id: 'RHEL-08-020250'\n  tag fix_id: 'F-33016r567863_fix'\n  tag cci: ['CCI-000765']\n  tag nist: ['IA-2 (1)']\n  tag 'host'\n\n  only_if('If the System Administrator demonstrates the use of an approved\n    alternate multifactor authentication method, this requirement is not applicable.', impact: 0.0) {\n    !input('smart_card_enabled')\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file(input('sssd_conf_path')) do\n      its('pam') { should include('pam_cert_auth' => 'True') }\n    end\n    describe service('sssd') do\n      it { should be_installed }\n      it { should be_enabled }\n      it { should be_running }\n    end\n\n    [pam_auth_files['system-auth'], pam_auth_files['smartcard-auth']].each do |path|\n      describe pam(path) do\n        its('lines') { should match_pam_rule('.* .* pam_sss.so (try_cert_auth|require_cert_auth)') }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230372.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "Parse Config File /etc/sssd/sssd.conf",
+              "run_time": 3.0e-06,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource": "Parse Config File /etc/sssd/sssd.conf",
+              "skip_message": "Can't find file: /etc/sssd/sssd.conf",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/sssd/sssd.conf\"]",
+              "resource_id": "/etc/sssd/sssd.conf"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Service sssd is expected to be installed",
+              "run_time": 0.427462,
+              "start_time": "2024-01-09T19:40:50-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"sssd\"]",
+              "resource_id": "sssd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Service sssd is expected to be enabled",
+              "run_time": 0.000106,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"sssd\"]",
+              "resource_id": "sssd"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service sssd is expected to be running",
+              "run_time": 8.4e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected that `Service sssd` is running",
+              "resource_class": "service",
+              "resource_params": "[\"sssd\"]",
+              "resource_id": "sssd"
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)",
+              "run_time": 0.000588,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/smartcard-auth] lines is expected to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)",
+              "run_time": 0.000128,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected \"auth required pam_debug.so auth=authinfo_unavail\" to include .* .* pam_sss.so (try_cert_auth|require_cert_auth)",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/smartcard-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230373",
+          "title": "RHEL 8 account identifiers (individuals, groups, roles, and devices)\n    must be disabled after 35 days of inactivity.",
+          "desc": "Inactive identifiers pose a risk to systems and applications because\n    attackers may exploit an inactive identifier and potentially obtain undetected\n    access to the system. Owners of inactive accounts will not notice if\n    unauthorized access to their user account has been obtained.\n\n    RHEL 8 needs to track periods of inactivity and disable application\n    identifiers after 35 days of inactivity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Inactive identifiers pose a risk to systems and applications because\n    attackers may exploit an inactive identifier and potentially obtain undetected\n    access to the system. Owners of inactive accounts will not notice if\n    unauthorized access to their user account has been obtained.\n\n    RHEL 8 needs to track periods of inactivity and disable application\n    identifiers after 35 days of inactivity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the account identifiers (individuals, groups, roles, and devices)\n    are disabled after 35 days of inactivity with the following command:\n\n    Check the account inactivity value by performing the following command:\n\n        $ sudo grep -i inactive /etc/default/useradd\n\n        INACTIVE=35\n\n    If \"INACTIVE\" is set to \"-1\", a value greater than \"35\", or is\n    commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to disable account identifiers after 35 days of inactivity\n    after the password expiration.\n\n    Run the following command to change the configuration for useradd:\n\n      $ sudo useradd -D -f 35\n\n    DoD recommendation is 35 days, but a lower value is acceptable. The value \"-1\" will\n    disable this feature, and \"0\" will disable the account immediately after the\n    password expires."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000118-GPOS-00060",
+            "gid": "V-230373",
+            "rid": "SV-230373r627750_rule",
+            "stig_id": "RHEL-08-020260",
+            "fix_id": "F-33017r567866_fix",
+            "cci": [
+              "CCI-000795"
+            ],
+            "nist": [
+              "IA-4 e"
+            ]
+          },
+          "code": "control 'SV-230373' do\n  title 'RHEL 8 account identifiers (individuals, groups, roles, and devices)\n    must be disabled after 35 days of inactivity.'\n  desc 'Inactive identifiers pose a risk to systems and applications because\n    attackers may exploit an inactive identifier and potentially obtain undetected\n    access to the system. Owners of inactive accounts will not notice if\n    unauthorized access to their user account has been obtained.\n\n    RHEL 8 needs to track periods of inactivity and disable application\n    identifiers after 35 days of inactivity.'\n  desc 'check', 'Verify the account identifiers (individuals, groups, roles, and devices)\n    are disabled after 35 days of inactivity with the following command:\n\n    Check the account inactivity value by performing the following command:\n\n        $ sudo grep -i inactive /etc/default/useradd\n\n        INACTIVE=35\n\n    If \"INACTIVE\" is set to \"-1\", a value greater than \"35\", or is\n    commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to disable account identifiers after 35 days of inactivity\n    after the password expiration.\n\n    Run the following command to change the configuration for useradd:\n\n      $ sudo useradd -D -f 35\n\n    DoD recommendation is 35 days, but a lower value is acceptable. The value \"-1\" will\n    disable this feature, and \"0\" will disable the account immediately after the\n    password expires.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000118-GPOS-00060'\n  tag gid: 'V-230373'\n  tag rid: 'SV-230373r627750_rule'\n  tag stig_id: 'RHEL-08-020260'\n  tag fix_id: 'F-33017r567866_fix'\n  tag cci: ['CCI-000795']\n  tag nist: ['IA-4 e']\n\n  days_of_inactivity = input('days_of_inactivity')\n\n  describe 'Useradd configuration' do\n    useradd_config = parse_config_file('/etc/default/useradd')\n\n    context 'when INACTIVE is set' do\n      it 'should exist' do\n        expect(useradd_config.params).to include('INACTIVE')\n      end\n\n      it 'should not be nil' do\n        expect(useradd_config.params['INACTIVE']).not_to be_nil\n      end\n\n      it 'should have INACTIVE greater than or equal to 0' do\n        expect(useradd_config.params['INACTIVE'].to_i).to be >= 0\n      end\n\n      it 'should have INACTIVE less than or equal to days_of_inactivity' do\n        expect(useradd_config.params['INACTIVE'].to_i).to be <= days_of_inactivity\n      end\n\n      it 'should not have INACTIVE equal to -1' do\n        expect(useradd_config.params['INACTIVE']).not_to eq '-1'\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230373.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Useradd configuration when INACTIVE is set should exist",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "when INACTIVE is set"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Useradd configuration when INACTIVE is set should not be nil",
+              "run_time": 3.8e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "when INACTIVE is set"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Useradd configuration when INACTIVE is set should have INACTIVE greater than or equal to 0",
+              "run_time": 6.0e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected: >= 0\n     got:    -1",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "when INACTIVE is set"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Useradd configuration when INACTIVE is set should have INACTIVE less than or equal to days_of_inactivity",
+              "run_time": 3.0e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "when INACTIVE is set"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Useradd configuration when INACTIVE is set should not have INACTIVE equal to -1",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "\nexpected: value != \"-1\"\n     got: \"-1\"\n\n(compared using ==)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "when INACTIVE is set"
+            }
+          ]
+        },
+        {
+          "id": "SV-230374",
+          "title": "RHEL 8 must automatically expire temporary accounts within 72 hours.",
+          "desc": "Temporary accounts are privileged or nonprivileged accounts that are\n    established during pressing circumstances, such as new software or hardware\n    configuration or an incident response, where the need for prompt account\n    activation requires bypassing normal account authorization procedures.\n\n    If any inactive temporary accounts are left enabled on the system and are\n    not either manually removed or automatically expired within 72 hours, the\n    security posture of the system will be degraded and exposed to exploitation\n    by unauthorized users or insider threat actors.\n\n    Temporary accounts are different from emergency accounts. Emergency accounts,\n    also known as \"last resort\" or \"break glass\" accounts, are local logon accounts\n    enabled on the system for emergency use by authorized system administrators\n    to manage a system when standard logon methods are failing or not available.\n\n    Emergency accounts are not subject to manual removal or scheduled expiration\n    requirements.\n\n    The automatic expiration of temporary accounts may be extended as needed by\n    the circumstances but it must not be extended indefinitely. A documented\n    permanent account should be established for privileged users who need long-term\n    maintenance accounts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Temporary accounts are privileged or nonprivileged accounts that are\n    established during pressing circumstances, such as new software or hardware\n    configuration or an incident response, where the need for prompt account\n    activation requires bypassing normal account authorization procedures.\n\n    If any inactive temporary accounts are left enabled on the system and are\n    not either manually removed or automatically expired within 72 hours, the\n    security posture of the system will be degraded and exposed to exploitation\n    by unauthorized users or insider threat actors.\n\n    Temporary accounts are different from emergency accounts. Emergency accounts,\n    also known as \"last resort\" or \"break glass\" accounts, are local logon accounts\n    enabled on the system for emergency use by authorized system administrators\n    to manage a system when standard logon methods are failing or not available.\n\n    Emergency accounts are not subject to manual removal or scheduled expiration\n    requirements.\n\n    The automatic expiration of temporary accounts may be extended as needed by\n    the circumstances but it must not be extended indefinitely. A documented\n    permanent account should be established for privileged users who need long-term\n    maintenance accounts."
+            },
+            {
+              "label": "check",
+              "data": "Verify temporary accounts have been provisioned with an\n    expiration date of 72 hours.\n\n    For every existing temporary account, run the following command to obtain its\n    account expiration information:\n\n    $ sudo chage -l <temporary_account_name> | grep -i \"account expires\"\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire within\n    72 hours, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to expire temporary accounts after\n    72 hours with the following command:\n\n    $ sudo chage -E $(date -d +3days +%Y-%m-%d) <temporary_account_name>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000123-GPOS-00064",
+            "gid": "V-230374",
+            "rid": "SV-230374r903129_rule",
+            "stig_id": "RHEL-08-020270",
+            "fix_id": "F-33018r902730_fix",
+            "cci": [
+              "CCI-001682"
+            ],
+            "nist": [
+              "AC-2 (2)"
+            ]
+          },
+          "code": "control 'SV-230374' do\n  title 'RHEL 8 must automatically expire temporary accounts within 72 hours.'\n  desc 'Temporary accounts are privileged or nonprivileged accounts that are\n    established during pressing circumstances, such as new software or hardware\n    configuration or an incident response, where the need for prompt account\n    activation requires bypassing normal account authorization procedures.\n\n    If any inactive temporary accounts are left enabled on the system and are\n    not either manually removed or automatically expired within 72 hours, the\n    security posture of the system will be degraded and exposed to exploitation\n    by unauthorized users or insider threat actors.\n\n    Temporary accounts are different from emergency accounts. Emergency accounts,\n    also known as \"last resort\" or \"break glass\" accounts, are local logon accounts\n    enabled on the system for emergency use by authorized system administrators\n    to manage a system when standard logon methods are failing or not available.\n\n    Emergency accounts are not subject to manual removal or scheduled expiration\n    requirements.\n\n    The automatic expiration of temporary accounts may be extended as needed by\n    the circumstances but it must not be extended indefinitely. A documented\n    permanent account should be established for privileged users who need long-term\n    maintenance accounts.'\n  desc 'check', 'Verify temporary accounts have been provisioned with an\n    expiration date of 72 hours.\n\n    For every existing temporary account, run the following command to obtain its\n    account expiration information:\n\n    $ sudo chage -l <temporary_account_name> | grep -i \"account expires\"\n\n    Verify each of these accounts has an expiration date set within 72 hours.\n\n    If any temporary accounts have no expiration date set or do not expire within\n    72 hours, this is a finding.'\n  desc 'fix', 'Configure the operating system to expire temporary accounts after\n    72 hours with the following command:\n\n    $ sudo chage -E $(date -d +3days +%Y-%m-%d) <temporary_account_name>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000123-GPOS-00064'\n  tag gid: 'V-230374'\n  tag rid: 'SV-230374r903129_rule'\n  tag stig_id: 'RHEL-08-020270'\n  tag fix_id: 'F-33018r902730_fix'\n  tag cci: ['CCI-001682']\n  tag nist: ['AC-2 (2)']\n\n  temp_accounts = input('temporary_accounts')\n\n  if temp_accounts.empty?\n    describe 'Temporary accounts' do\n      it 'should be empty' do\n        expect(temp_accounts).to be_empty\n      end\n    end\n  else\n    temp_accounts.each do |acct|\n      context \"User #{acct}\" do\n        it 'should have maxdays less than or equal to 3' do\n          expect(user(acct.to_s).maxdays).to be <= 3\n        end\n\n        it 'should have maxdays greater than 0' do\n          expect(user(acct.to_s).maxdays).to be > 0\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230374.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Temporary accounts should be empty",
+              "run_time": 0.003362,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Temporary accounts"
+            }
+          ]
+        },
+        {
+          "id": "SV-230375",
+          "title": "All RHEL 8 passwords must contain at least one special character.",
+          "desc": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that to require special characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that to require special characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\"."
+            },
+            {
+              "label": "check",
+              "data": "Verify the value for \"ocredit\" with the following command:\n\n$ sudo grep -r ocredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ocredit = -1\n\nIf the value of \"ocredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce password complexity by requiring that at least one special character be used by setting the \"ocredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nocredit = -1\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000266-GPOS-00101",
+            "gid": "V-230375",
+            "rid": "SV-230375r858787_rule",
+            "stig_id": "RHEL-08-020280",
+            "fix_id": "F-33019r858786_fix",
+            "cci": [
+              "CCI-001619"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230375' do\n  title 'All RHEL 8 passwords must contain at least one special character.'\n  desc 'Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n\n    RHEL 8 utilizes \"pwquality\" as a mechanism to enforce password\ncomplexity. Note that to require special characters without degrading the\n\"minlen\" value, the credit value must be expressed as a negative number in\n\"/etc/security/pwquality.conf\".'\n  desc 'check', 'Verify the value for \"ocredit\" with the following command:\n\n$ sudo grep -r ocredit /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:ocredit = -1\n\nIf the value of \"ocredit\" is a positive number or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce password complexity by requiring that at least one special character be used by setting the \"ocredit\" option.\n\nAdd the following line to /etc/security/pwquality.conf (or modify the line to have the required value):\n\nocredit = -1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000266-GPOS-00101'\n  tag gid: 'V-230375'\n  tag rid: 'SV-230375r858787_rule'\n  tag stig_id: 'RHEL-08-020280'\n  tag fix_id: 'F-33019r858786_fix'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  # value = input('ocredit')\n  setting = 'ocredit'\n\n  describe 'pwquality.conf settings' do\n    let(:config) { parse_config_file('/etc/security/pwquality.conf', multiple_values: true) }\n    let(:setting_value) { config.params[setting].is_a?(Integer) ? [config.params[setting]] : Array(config.params[setting]) }\n\n    it \"has `#{setting}` set\" do\n      expect(setting_value).not_to be_empty, \"#{setting} is not set in pwquality.conf\"\n    end\n\n    it \"only sets `#{setting}` once\" do\n      expect(setting_value.length).to eq(1), \"#{setting} is commented or set more than once in pwquality.conf\"\n    end\n\n    it \"does not set `#{setting}` to a positive value\" do\n      expect(setting_value.first.to_i).to be <= 0, \"#{setting} is set to a positive value in pwquality.conf\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230375.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings has `ocredit` set",
+              "run_time": 0.002876,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings only sets `ocredit` once",
+              "run_time": 0.000196,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            },
+            {
+              "status": "passed",
+              "code_desc": "pwquality.conf settings does not set `ocredit` to a positive value",
+              "run_time": 0.000231,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "pwquality.conf settings"
+            }
+          ]
+        },
+        {
+          "id": "SV-230376",
+          "title": "RHEL 8 must prohibit the use of cached authentications after one day.",
+          "desc": "If cached authentication information is out-of-date, the validity of\nthe authentication information may be questionable.\n\nRHEL 8 includes multiple options for configuring authentication, but this\nrequirement will be focus on the System Security Services Daemon (SSSD). By\ndefault sssd does not cache credentials.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If cached authentication information is out-of-date, the validity of\nthe authentication information may be questionable.\n\nRHEL 8 includes multiple options for configuring authentication, but this\nrequirement will be focus on the System Security Services Daemon (SSSD). By\ndefault sssd does not cache credentials."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the SSSD prohibits the use of cached authentications\nafter one day.\n\nNote: If smart card authentication is not being used on the system this\nitem is Not Applicable.\n\nCheck that SSSD allows cached authentications with the following command:\n\n$sudo grep cache_credentials /etc/sssd/sssd.conf\n\ncache_credentials = true\n\nIf \"cache_credentials\" is set to \"false\" or missing from the\nconfiguration file, this is not a finding and no further checks are required.\n\nIf \"cache_credentials\" is set to \"true\", check that SSSD prohibits the\nuse of cached authentications after one day with the following command:\n\n$sudo grep offline_credentials_expiration  /etc/sssd/sssd.conf\n\noffline_credentials_expiration = 1\n\nIf \"offline_credentials_expiration\" is not set to a value of \"1\", this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSSD to prohibit the use of cached authentications\nafter one day.\n\nAdd or change the following line in \"/etc/sssd/sssd.conf\" just below the\nline \"[pam]\".\n\noffline_credentials_expiration = 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000383-GPOS-00166",
+            "gid": "V-230376",
+            "rid": "SV-230376r854036_rule",
+            "stig_id": "RHEL-08-020290",
+            "fix_id": "F-33020r567875_fix",
+            "cci": [
+              "CCI-002007"
+            ],
+            "nist": [
+              "IA-5 (13)"
+            ]
+          },
+          "code": "control 'SV-230376' do\n  title 'RHEL 8 must prohibit the use of cached authentications after one day.'\n  desc 'If cached authentication information is out-of-date, the validity of\nthe authentication information may be questionable.\n\nRHEL 8 includes multiple options for configuring authentication, but this\nrequirement will be focus on the System Security Services Daemon (SSSD). By\ndefault sssd does not cache credentials.'\n  desc 'check', 'Verify that the SSSD prohibits the use of cached authentications\nafter one day.\n\nNote: If smart card authentication is not being used on the system this\nitem is Not Applicable.\n\nCheck that SSSD allows cached authentications with the following command:\n\n$sudo grep cache_credentials /etc/sssd/sssd.conf\n\ncache_credentials = true\n\nIf \"cache_credentials\" is set to \"false\" or missing from the\nconfiguration file, this is not a finding and no further checks are required.\n\nIf \"cache_credentials\" is set to \"true\", check that SSSD prohibits the\nuse of cached authentications after one day with the following command:\n\n$sudo grep offline_credentials_expiration  /etc/sssd/sssd.conf\n\noffline_credentials_expiration = 1\n\nIf \"offline_credentials_expiration\" is not set to a value of \"1\", this\nis a finding.'\n  desc 'fix', 'Configure the SSSD to prohibit the use of cached authentications\nafter one day.\n\nAdd or change the following line in \"/etc/sssd/sssd.conf\" just below the\nline \"[pam]\".\n\noffline_credentials_expiration = 1'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000383-GPOS-00166'\n  tag gid: 'V-230376'\n  tag rid: 'SV-230376r854036_rule'\n  tag stig_id: 'RHEL-08-020290'\n  tag fix_id: 'F-33020r567875_fix'\n  tag cci: ['CCI-002007']\n  tag nist: ['IA-5 (13)']\n\n  sssd_config = parse_config_file('/etc/sssd/sssd.conf')\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('smart_card_enabled')\n    impact 0.0\n    describe 'The system is not utilizing smart card authentication' do\n      skip 'The system is not utilizing smart card authentication, this control\n      is Not Applicable.'\n    end\n  else\n    describe.one do\n      describe 'Cache credentials enabled' do\n        subject { sssd_config.content }\n        it { should_not match(/cache_credentials\\s*=\\s*true/) }\n      end\n      describe 'Offline credentials expiration' do\n        subject { sssd_config }\n        its('pam.offline_credentials_expiration') { should cmp '1' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230376.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Cache credentials enabled is expected not to match /cache_credentials\\s*=\\s*true/",
+              "run_time": 4.5e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Cache credentials enabled"
+            }
+          ]
+        },
+        {
+          "id": "SV-230377",
+          "title": "RHEL 8 must prevent the use of dictionary words for passwords.",
+          "desc": "If RHEL 8 allows the user to select passwords based on dictionary\nwords, this increases the chances of password compromise by increasing the\nopportunity for successful guesses, and brute-force attacks.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 allows the user to select passwords based on dictionary\nwords, this increases the chances of password compromise by increasing the\nopportunity for successful guesses, and brute-force attacks."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 prevents the use of dictionary words for passwords.\n\nDetermine if the field \"dictcheck\" is set with the following command:\n\n$ sudo grep -r dictcheck /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dictcheck=1\n\nIf the \"dictcheck\" parameter is not set to \"1\", or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent the use of dictionary words for passwords.\n\nAdd or update the following line in the \"/etc/security/pwquality.conf\" file or a configuration file in the /etc/pwquality.conf.d/ directory to contain the \"dictcheck\" parameter:\n\ndictcheck=1\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00225",
+            "gid": "V-230377",
+            "rid": "SV-230377r858789_rule",
+            "stig_id": "RHEL-08-020300",
+            "fix_id": "F-33021r858788_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230377' do\n  title 'RHEL 8 must prevent the use of dictionary words for passwords.'\n  desc 'If RHEL 8 allows the user to select passwords based on dictionary\nwords, this increases the chances of password compromise by increasing the\nopportunity for successful guesses, and brute-force attacks.'\n  desc 'check', 'Verify RHEL 8 prevents the use of dictionary words for passwords.\n\nDetermine if the field \"dictcheck\" is set with the following command:\n\n$ sudo grep -r dictcheck /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:dictcheck=1\n\nIf the \"dictcheck\" parameter is not set to \"1\", or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent the use of dictionary words for passwords.\n\nAdd or update the following line in the \"/etc/security/pwquality.conf\" file or a configuration file in the /etc/pwquality.conf.d/ directory to contain the \"dictcheck\" parameter:\n\ndictcheck=1\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00225'\n  tag gid: 'V-230377'\n  tag rid: 'SV-230377r858789_rule'\n  tag stig_id: 'RHEL-08-020300'\n  tag fix_id: 'F-33021r858788_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe parse_config_file('/etc/security/pwquality.conf') do\n    its('dictcheck') { should eq '1' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230377.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/security/pwquality.conf dictcheck is expected to eq \"1\"",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/pwquality.conf\"]",
+              "resource_id": "/etc/security/pwquality.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230378",
+          "title": "RHEL 8 must enforce a delay of at least four seconds between logon\nprompts following a failed logon attempt.",
+          "desc": "Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across the DoD\nthat reflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across the DoD\nthat reflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system enforces a delay of at least four seconds\nbetween console logon prompts following a failed logon attempt with the\nfollowing command:\n\n    $ sudo grep -i fail_delay /etc/login.defs\n\n    FAIL_DELAY 4\n\n    If the value of \"FAIL_DELAY\" is not set to \"4\" or greater, or the line\nis commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enforce a delay of at least four seconds\nbetween logon prompts following a failed console logon attempt.\n\n    Modify the \"/etc/login.defs\" file to set the \"FAIL_DELAY\" parameter to\n\"4\" or greater:\n\n    FAIL_DELAY 4"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00226",
+            "gid": "V-230378",
+            "rid": "SV-230378r627750_rule",
+            "stig_id": "RHEL-08-020310",
+            "fix_id": "F-33022r567881_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230378' do\n  title 'RHEL 8 must enforce a delay of at least four seconds between logon\nprompts following a failed logon attempt.'\n  desc 'Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across the DoD\nthat reflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.'\n  desc 'check', 'Verify the operating system enforces a delay of at least four seconds\nbetween console logon prompts following a failed logon attempt with the\nfollowing command:\n\n    $ sudo grep -i fail_delay /etc/login.defs\n\n    FAIL_DELAY 4\n\n    If the value of \"FAIL_DELAY\" is not set to \"4\" or greater, or the line\nis commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to enforce a delay of at least four seconds\nbetween logon prompts following a failed console logon attempt.\n\n    Modify the \"/etc/login.defs\" file to set the \"FAIL_DELAY\" parameter to\n\"4\" or greater:\n\n    FAIL_DELAY 4'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00226'\n  tag gid: 'V-230378'\n  tag rid: 'SV-230378r627750_rule'\n  tag stig_id: 'RHEL-08-020310'\n  tag fix_id: 'F-33022r567881_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe login_defs do\n    its('FAIL_DELAY.to_i') { should cmp >= 4 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230378.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "login.defs FAIL_DELAY.to_i is expected to cmp >= 4",
+              "run_time": 0.000276,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "login_defs",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs"
+            }
+          ]
+        },
+        {
+          "id": "SV-230379",
+          "title": "RHEL 8 must not have unnecessary accounts.",
+          "desc": "Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system."
+            },
+            {
+              "label": "check",
+              "data": "Verify all accounts on the system are assigned to an active system,\napplication, or user account.\n\n    Obtain the list of authorized system accounts from the Information System\nSecurity Officer (ISSO).\n\n    Check the system accounts on the system with the following command:\n\n    $ sudo more /etc/passwd\n\n    root:x:0:0:root:/root:/bin/bash\n    bin:x:1:1:bin:/bin:/sbin/nologin\n    daemon:x:2:2:daemon:/sbin:/sbin/nologin\n    sync:x:5:0:sync:/sbin:/bin/sync\n    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\n    halt:x:7:0:halt:/sbin:/sbin/halt\n    games:x:12:100:games:/usr/games:/sbin/nologin\n    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin\n\n    Accounts such as \"games\" and \"gopher\" are not authorized accounts as\nthey do not support authorized system functions.\n\n    If the accounts on the system do not match the provided documentation, or\naccounts that do not support an authorized system function are present, this is\na finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so all accounts on the system are assigned to an\nactive system, application, or user account.\n\n    Remove accounts that do not support approved system activities or that\nallow for a normal user to perform administrative-level actions.\n\n    Document all authorized accounts on the system."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230379",
+            "rid": "SV-230379r627750_rule",
+            "stig_id": "RHEL-08-020320",
+            "fix_id": "F-33023r567884_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230379' do\n  title 'RHEL 8 must not have unnecessary accounts.'\n  desc 'Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system.'\n  desc 'check', 'Verify all accounts on the system are assigned to an active system,\napplication, or user account.\n\n    Obtain the list of authorized system accounts from the Information System\nSecurity Officer (ISSO).\n\n    Check the system accounts on the system with the following command:\n\n    $ sudo more /etc/passwd\n\n    root:x:0:0:root:/root:/bin/bash\n    bin:x:1:1:bin:/bin:/sbin/nologin\n    daemon:x:2:2:daemon:/sbin:/sbin/nologin\n    sync:x:5:0:sync:/sbin:/bin/sync\n    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\n    halt:x:7:0:halt:/sbin:/sbin/halt\n    games:x:12:100:games:/usr/games:/sbin/nologin\n    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin\n\n    Accounts such as \"games\" and \"gopher\" are not authorized accounts as\nthey do not support authorized system functions.\n\n    If the accounts on the system do not match the provided documentation, or\naccounts that do not support an authorized system function are present, this is\na finding.'\n  desc 'fix', 'Configure the system so all accounts on the system are assigned to an\nactive system, application, or user account.\n\n    Remove accounts that do not support approved system activities or that\nallow for a normal user to perform administrative-level actions.\n\n    Document all authorized accounts on the system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230379'\n  tag rid: 'SV-230379r627750_rule'\n  tag stig_id: 'RHEL-08-020320'\n  tag fix_id: 'F-33023r567884_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  passwd.users.each do |user|\n    describe user do\n      it 'should be listed in allowed users.' do\n        expect(subject).to(be_in((input('known_system_accounts') + input('user_accounts')).uniq))\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230379.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "root should be listed in allowed users.",
+              "run_time": 8.5e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "root"
+            },
+            {
+              "status": "passed",
+              "code_desc": "bin should be listed in allowed users.",
+              "run_time": 5.3e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "bin"
+            },
+            {
+              "status": "passed",
+              "code_desc": "daemon should be listed in allowed users.",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "daemon"
+            },
+            {
+              "status": "passed",
+              "code_desc": "adm should be listed in allowed users.",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "adm"
+            },
+            {
+              "status": "passed",
+              "code_desc": "lp should be listed in allowed users.",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "lp"
+            },
+            {
+              "status": "passed",
+              "code_desc": "sync should be listed in allowed users.",
+              "run_time": 4.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "sync"
+            },
+            {
+              "status": "passed",
+              "code_desc": "shutdown should be listed in allowed users.",
+              "run_time": 0.000194,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "shutdown"
+            },
+            {
+              "status": "passed",
+              "code_desc": "halt should be listed in allowed users.",
+              "run_time": 8.4e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "halt"
+            },
+            {
+              "status": "passed",
+              "code_desc": "mail should be listed in allowed users.",
+              "run_time": 5.8e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "mail"
+            },
+            {
+              "status": "passed",
+              "code_desc": "operator should be listed in allowed users.",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "operator"
+            },
+            {
+              "status": "failed",
+              "code_desc": "games should be listed in allowed users.",
+              "run_time": 7.5e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `games` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "games"
+            },
+            {
+              "status": "failed",
+              "code_desc": "ftp should be listed in allowed users.",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `ftp` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "ftp"
+            },
+            {
+              "status": "passed",
+              "code_desc": "nobody should be listed in allowed users.",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "nobody"
+            },
+            {
+              "status": "passed",
+              "code_desc": "dbus should be listed in allowed users.",
+              "run_time": 7.8e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "dbus"
+            },
+            {
+              "status": "failed",
+              "code_desc": "systemd-coredump should be listed in allowed users.",
+              "run_time": 6.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `systemd-coredump` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "systemd-coredump"
+            },
+            {
+              "status": "failed",
+              "code_desc": "systemd-resolve should be listed in allowed users.",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `systemd-resolve` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "systemd-resolve"
+            },
+            {
+              "status": "failed",
+              "code_desc": "tss should be listed in allowed users.",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `tss` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "tss"
+            },
+            {
+              "status": "passed",
+              "code_desc": "polkitd should be listed in allowed users.",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "polkitd"
+            },
+            {
+              "status": "failed",
+              "code_desc": "unbound should be listed in allowed users.",
+              "run_time": 5.8e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `unbound` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "unbound"
+            },
+            {
+              "status": "passed",
+              "code_desc": "sssd should be listed in allowed users.",
+              "run_time": 4.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "sssd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "chrony should be listed in allowed users.",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "chrony"
+            },
+            {
+              "status": "passed",
+              "code_desc": "sshd should be listed in allowed users.",
+              "run_time": 4.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "sshd"
+            },
+            {
+              "status": "failed",
+              "code_desc": "ec2-user should be listed in allowed users.",
+              "run_time": 5.8e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "expected `ec2-user` to be in the list: `[\"adm\", \"bin\", \"chrony\", \"daemon\", \"dbus\", \"halt\", \"lp\", \"mail\", \"nobody\", \"ntp\", \"operator\", \"polkitd\", \"postfix\", \"root\", \"shutdown\", \"sshd\", \"sssd\", \"sync\", \"systemd-bus-proxy\", \"systemd-network\", \"vagrant\"]`",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "ec2-user"
+            },
+            {
+              "status": "passed",
+              "code_desc": "postfix should be listed in allowed users.",
+              "run_time": 4.6e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "postfix"
+            }
+          ]
+        },
+        {
+          "id": "SV-230380",
+          "title": "RHEL 8 must not allow accounts configured with blank or null\npasswords.",
+          "desc": "If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments."
+            },
+            {
+              "label": "check",
+              "data": "To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -ir permitemptypasswords /etc/ssh/sshd_config*\n\nPermitEmptyPasswords no\n\nIf \"PermitEmptyPasswords\" is set to \"yes\", this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the following line in \"etc/ssh/sshd_config\" to prevent logons with\nempty passwords.\n\n    PermitEmptyPasswords no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230380",
+            "rid": "SV-230380r858715_rule",
+            "stig_id": "RHEL-08-020330",
+            "fix_id": "F-33024r743992_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230380' do\n  title 'RHEL 8 must not allow accounts configured with blank or null\npasswords.'\n  desc 'If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.'\n  desc 'check', 'To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -ir permitemptypasswords /etc/ssh/sshd_config*\n\nPermitEmptyPasswords no\n\nIf \"PermitEmptyPasswords\" is set to \"yes\", this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Edit the following line in \"etc/ssh/sshd_config\" to prevent logons with\nempty passwords.\n\n    PermitEmptyPasswords no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230380'\n  tag rid: 'SV-230380r858715_rule'\n  tag stig_id: 'RHEL-08-020330'\n  tag fix_id: 'F-33024r743992_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('PermitEmptyPasswords') { should cmp 'no' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230380.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "SSHD Configuration PermitEmptyPasswords is expected to cmp == \"no\"",
+              "run_time": 0.000342,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "\nexpected: no\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230381",
+          "title": "RHEL 8 must display the date and time of the last successful account\nlogon upon logon.",
+          "desc": "Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use."
+            },
+            {
+              "label": "check",
+              "data": "Verify users are provided with feedback on when account accesses last\noccurred with the following command:\n\n    $ sudo grep pam_lastlog /etc/pam.d/postlogin\n\n    session required pam_lastlog.so showfailed\n\n    If \"pam_lastlog\" is missing from \"/etc/pam.d/postlogin\" file, or the\nsilent option is present, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to provide users with feedback on when\naccount accesses last occurred by setting the required configuration options in\n\"/etc/pam.d/postlogin\".\n\n    Add the following line to the top of \"/etc/pam.d/postlogin\":\n\n    session required pam_lastlog.so showfailed"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230381",
+            "rid": "SV-230381r858726_rule",
+            "stig_id": "RHEL-08-020340",
+            "fix_id": "F-33025r567890_fix",
+            "cci": [
+              "CCI-000366",
+              "CCI-000052"
+            ],
+            "nist": [
+              "CM-6 b",
+              "AC-9"
+            ]
+          },
+          "code": "control 'SV-230381' do\n  title 'RHEL 8 must display the date and time of the last successful account\nlogon upon logon.'\n  desc 'Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use.'\n  desc 'check', 'Verify users are provided with feedback on when account accesses last\noccurred with the following command:\n\n    $ sudo grep pam_lastlog /etc/pam.d/postlogin\n\n    session required pam_lastlog.so showfailed\n\n    If \"pam_lastlog\" is missing from \"/etc/pam.d/postlogin\" file, or the\nsilent option is present, this is a finding.'\n  desc 'fix', 'Configure the operating system to provide users with feedback on when\naccount accesses last occurred by setting the required configuration options in\n\"/etc/pam.d/postlogin\".\n\n    Add the following line to the top of \"/etc/pam.d/postlogin\":\n\n    session required pam_lastlog.so showfailed'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230381'\n  tag rid: 'SV-230381r858726_rule'\n  tag stig_id: 'RHEL-08-020340'\n  tag fix_id: 'F-33025r567890_fix'\n  tag cci: ['CCI-000366', 'CCI-000052']\n  tag nist: ['CM-6 b', 'AC-9']\n\n  describe pam('/etc/pam.d/postlogin') do\n    its('lines') { should match_pam_rule('session .* pam_lastlog.so').all_with_args('showfailed') }\n    its('lines') { should_not match_pam_rule('session .* pam_lastlog.so').all_without_args('silent') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230381.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/postlogin] lines is expected to include session .* pam_lastlog.so, all with args showfailed",
+              "run_time": 0.000156,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/postlogin\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/postlogin] lines is expected not to include session .* pam_lastlog.so, all without args silent",
+              "run_time": 0.000146,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/postlogin\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230382",
+          "title": "RHEL 8 must display the date and time of the last successful account\nlogon upon an SSH logon.",
+          "desc": "Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse."
+            },
+            {
+              "label": "check",
+              "data": "Verify SSH provides users with feedback on when account accesses last occurred with the following command:\n\n$ sudo grep -ir printlastlog /etc/ssh/sshd_config*\n\nPrintLastLog yes\n\nIf the \"PrintLastLog\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure SSH to provide users with feedback on when account accesses last\noccurred by setting the required configuration options in \"/etc/pam.d/sshd\"\nor in the \"sshd_config\" file used by the system (\"/etc/ssh/sshd_config\"\nwill be used in the example) (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor).\n\n    Modify the \"PrintLastLog\" line in \"/etc/ssh/sshd_config\" to match the\nfollowing:\n\n    PrintLastLog yes\n\n    The SSH service must be restarted for changes to \"sshd_config\" to take\neffect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230382",
+            "rid": "SV-230382r858717_rule",
+            "stig_id": "RHEL-08-020350",
+            "fix_id": "F-33026r567893_fix",
+            "cci": [
+              "CCI-000366",
+              "CCI-000052"
+            ],
+            "nist": [
+              "CM-6 b",
+              "AC-9"
+            ]
+          },
+          "code": "control 'SV-230382' do\n  title 'RHEL 8 must display the date and time of the last successful account\nlogon upon an SSH logon.'\n  desc 'Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse.'\n  desc 'check', 'Verify SSH provides users with feedback on when account accesses last occurred with the following command:\n\n$ sudo grep -ir printlastlog /etc/ssh/sshd_config*\n\nPrintLastLog yes\n\nIf the \"PrintLastLog\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure SSH to provide users with feedback on when account accesses last\noccurred by setting the required configuration options in \"/etc/pam.d/sshd\"\nor in the \"sshd_config\" file used by the system (\"/etc/ssh/sshd_config\"\nwill be used in the example) (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor).\n\n    Modify the \"PrintLastLog\" line in \"/etc/ssh/sshd_config\" to match the\nfollowing:\n\n    PrintLastLog yes\n\n    The SSH service must be restarted for changes to \"sshd_config\" to take\neffect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230382'\n  tag rid: 'SV-230382r858717_rule'\n  tag stig_id: 'RHEL-08-020350'\n  tag fix_id: 'F-33026r567893_fix'\n  tag cci: ['CCI-000366', 'CCI-000052']\n  tag nist: ['CM-6 b', 'AC-9']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('PrintLastLog') { should cmp 'yes' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230382.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration PrintLastLog is expected to cmp == \"yes\"",
+              "run_time": 0.000314,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230383",
+          "title": "RHEL 8 must define default permissions for all authenticated users in\nsuch a way that the user can only read and modify their own files.",
+          "desc": "Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system defines default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Check for the value of the \"UMASK\" parameter in \"/etc/login.defs\" file\nwith the following command:\n\n    Note: If the value of the \"UMASK\" parameter is set to \"000\" in\n\"/etc/login.defs\" file, the Severity is raised to a CAT I.\n\n    # grep -i umask /etc/login.defs\n\n    UMASK 077\n\n    If the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\"\nparameter is missing or is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to define default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Add or edit the line for the \"UMASK\" parameter in \"/etc/login.defs\"\nfile to \"077\":\n\n    UMASK 077"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00228",
+            "gid": "V-230383",
+            "rid": "SV-230383r627750_rule",
+            "stig_id": "RHEL-08-020351",
+            "fix_id": "F-33027r567896_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230383' do\n  title 'RHEL 8 must define default permissions for all authenticated users in\nsuch a way that the user can only read and modify their own files.'\n  desc 'Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access.'\n  desc 'check', 'Verify the operating system defines default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Check for the value of the \"UMASK\" parameter in \"/etc/login.defs\" file\nwith the following command:\n\n    Note: If the value of the \"UMASK\" parameter is set to \"000\" in\n\"/etc/login.defs\" file, the Severity is raised to a CAT I.\n\n    # grep -i umask /etc/login.defs\n\n    UMASK 077\n\n    If the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\"\nparameter is missing or is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to define default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Add or edit the line for the \"UMASK\" parameter in \"/etc/login.defs\"\nfile to \"077\":\n\n    UMASK 077'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00228'\n  tag gid: 'V-230383'\n  tag rid: 'SV-230383r627750_rule'\n  tag stig_id: 'RHEL-08-020351'\n  tag fix_id: 'F-33027r567896_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  permissions_for_shells = input('permissions_for_shells')\n\n  impact 0.7 if login_defs.read_params['UMASK'].eql?('000')\n  describe login_defs do\n    its('UMASK') { should cmp permissions_for_shells['default_umask'] }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230383.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "login.defs UMASK is expected to cmp == \"077\"",
+              "run_time": 0.000167,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "login_defs",
+              "resource_params": "[]",
+              "resource_id": "/etc/login.defs"
+            }
+          ]
+        },
+        {
+          "id": "SV-230384",
+          "title": "RHEL 8 must set the umask value to 077 for all local interactive user\naccounts.",
+          "desc": "The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the default umask for all local interactive users is \"077\".\n\nIdentify the locations of all local interactive user home directories by looking at the \"/etc/passwd\" file.\n\nCheck all local interactive user initialization files for interactive users with the following command:\n\nNote: The example is for a system that is configured to create users home directories in the \"/home\" directory.\n\n$ sudo grep -ir ^umask /home | grep -v '.bash_history'\n\nIf any local interactive user initialization files are found to have a umask statement that has a value less restrictive than \"077\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove the umask statement from all local interactive user's initialization\nfiles.\n\n    If the account is for an application, the requirement for a umask less\nrestrictive than \"077\" can be documented with the Information System Security\nOfficer, but the user agreement for access to the account must specify that the\nlocal interactive user must log on to their account first and then switch the\nuser to the application account with the correct option to gain the account's\nenvironment variables."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00228",
+            "gid": "V-230384",
+            "rid": "SV-230384r858732_rule",
+            "stig_id": "RHEL-08-020352",
+            "fix_id": "F-33028r567899_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230384' do\n  title 'RHEL 8 must set the umask value to 077 for all local interactive user\naccounts.'\n  desc 'The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.'\n  desc 'check', %q(Verify that the default umask for all local interactive users is \"077\".\n\nIdentify the locations of all local interactive user home directories by looking at the \"/etc/passwd\" file.\n\nCheck all local interactive user initialization files for interactive users with the following command:\n\nNote: The example is for a system that is configured to create users home directories in the \"/home\" directory.\n\n$ sudo grep -ir ^umask /home | grep -v '.bash_history'\n\nIf any local interactive user initialization files are found to have a umask statement that has a value less restrictive than \"077\", this is a finding.)\n  desc 'fix', %q(Remove the umask statement from all local interactive user's initialization\nfiles.\n\n    If the account is for an application, the requirement for a umask less\nrestrictive than \"077\" can be documented with the Information System Security\nOfficer, but the user agreement for access to the account must specify that the\nlocal interactive user must log on to their account first and then switch the\nuser to the application account with the correct option to gain the account's\nenvironment variables.)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00228'\n  tag gid: 'V-230384'\n  tag rid: 'SV-230384r858732_rule'\n  tag stig_id: 'RHEL-08-020352'\n  tag fix_id: 'F-33028r567899_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  ignore_shells = input('non_interactive_shells').join('|')\n\n  # Get home directory for users with UID >= 1000 or UID == 0 and support interactive logins.\n  findings = Set[]\n  dotfiles = Set[]\n  umasks = {}\n  umask_findings = Set[]\n\n  uid_min = login_defs.UID_MIN.to_i\n\n  interactive_users = users.where { !shell.match(ignore_shells) && (uid >= uid_min || uid.zero?) }.entries\n\n  # For each user, build and execute a find command that identifies initialization files\n  # in a user's home directory.\n  interactive_users.each do |u|\n    # Only check if the home directory is local\n    is_local = command(\"df -l #{u.home}\").exit_status\n\n    if is_local.zero?\n      # Get user's initialization files\n      dotfiles += command(\"find #{u.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n\n      # Get user's umask\n      umasks.store(u.username, command(\"su -c 'umask' -l #{u.username}\").stdout.chomp(\"\\n\"))\n\n      # Check all local initialization files to see whether or not they are less restrictive than 077.\n      dotfiles.each do |df|\n        findings += df if file(df).more_permissive_than?('0077')\n      end\n\n      # Check umask for all interactive users\n      umasks.each do |key, value|\n        max_mode = '0077'.to_i(8)\n        inv_mode = 0o777 ^ max_mode\n        umask_findings += key if inv_mode & value.to_i(8) != 0\n      end\n    else\n      describe 'This control skips non-local filesystems' do\n        skip \"This control has skipped the #{u.home} home directory for #{u.username} because it is not a local filesystem.\"\n      end\n    end\n  end\n\n  # Report on any interactive files that are less restrictive than 077.\n  describe 'No interactive user initialization files with a less restrictive umask were found.' do\n    subject { findings.empty? }\n    it { should eq true }\n  end\n\n  # Report on any interactive users that have a umask less restrictive than 077.\n  describe 'No users were found with a less restrictive umask were found.' do\n    subject { umask_findings.empty? }\n    it { should eq true }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230384.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "No interactive user initialization files with a less restrictive umask were found. is expected to eq true",
+              "run_time": 4.8e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No interactive user initialization files with a less restrictive umask were found."
+            },
+            {
+              "status": "passed",
+              "code_desc": "No users were found with a less restrictive umask were found. is expected to eq true",
+              "run_time": 3.5e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No users were found with a less restrictive umask were found."
+            }
+          ]
+        },
+        {
+          "id": "SV-230385",
+          "title": "RHEL 8 must define default permissions for logon and non-logon shells.",
+          "desc": "The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the umask default for installed shells is \"077\".\n\nCheck for the value of the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\" files with the following command:\n\nNote: If the value of the \"UMASK\" parameter is set to \"000\" in the \"/etc/bashrc\" the \"/etc/csh.cshrc\" or the \"/etc/profile\" files, the Severity is raised to a CAT I.\n\n# grep -i umask /etc/bashrc /etc/csh.cshrc /etc/profile\n\n/etc/bashrc:          umask 077\n/etc/bashrc:          umask 077\n/etc/csh.cshrc:      umask 077\n/etc/csh.cshrc:      umask 077\n/etc/profile:      umask 077\n/etc/profile:      umask 077\n\nIf the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\" parameter is missing or is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to define default permissions for all authenticated users in such a way that the user can only read and modify their own files.\n\nAdd or edit the lines for the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\"files to \"077\":\n\nUMASK 077"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230385",
+            "rid": "SV-230385r792902_rule",
+            "stig_id": "RHEL-08-020353",
+            "fix_id": "F-33029r792901_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230385' do\n  title 'RHEL 8 must define default permissions for logon and non-logon shells.'\n  desc 'The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 600 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \"0\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.'\n  desc 'check', 'Verify that the umask default for installed shells is \"077\".\n\nCheck for the value of the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\" files with the following command:\n\nNote: If the value of the \"UMASK\" parameter is set to \"000\" in the \"/etc/bashrc\" the \"/etc/csh.cshrc\" or the \"/etc/profile\" files, the Severity is raised to a CAT I.\n\n# grep -i umask /etc/bashrc /etc/csh.cshrc /etc/profile\n\n/etc/bashrc:          umask 077\n/etc/bashrc:          umask 077\n/etc/csh.cshrc:      umask 077\n/etc/csh.cshrc:      umask 077\n/etc/profile:      umask 077\n/etc/profile:      umask 077\n\nIf the value for the \"UMASK\" parameter is not \"077\", or the \"UMASK\" parameter is missing or is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to define default permissions for all authenticated users in such a way that the user can only read and modify their own files.\n\nAdd or edit the lines for the \"UMASK\" parameter in the \"/etc/bashrc\", \"/etc/csh.cshrc\" and \"/etc/profile\"files to \"077\":\n\nUMASK 077'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230385'\n  tag rid: 'SV-230385r792902_rule'\n  tag stig_id: 'RHEL-08-020353'\n  tag fix_id: 'F-33029r792901_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  umask_regexp = /umask\\s*(?<umask_code>\\d\\d\\d)/\n\n  bashrc_umask = file('/etc/bashrc').content.match(umask_regexp)[:umask_code]\n  cshrc_umask = file('/etc/csh.cshrc').content.match(umask_regexp)[:umask_code]\n\n  if bashrc_umask == '000' || cshrc_umask == '000'\n    impact 0.7\n    tag severity: 'high'\n  end\n\n  describe 'umask value defined in /etc/bashrc' do\n    subject { bashrc_umask }\n    it { should cmp input('permissions_for_shells')['bashrc_umask'] }\n  end\n  describe 'umask value defined in /etc/csh.cshrc' do\n    subject { cshrc_umask }\n    it { should cmp input('permissions_for_shells')['cshrc_umask'] }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230385.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "umask value defined in /etc/bashrc is expected to cmp == \"077\"",
+              "run_time": 0.000107,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "\nexpected: 077\n     got: 02\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "umask value defined in /etc/bashrc"
+            },
+            {
+              "status": "failed",
+              "code_desc": "umask value defined in /etc/csh.cshrc is expected to cmp == \"077\"",
+              "run_time": 7.0e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "message": "\nexpected: 077\n     got: 02\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "umask value defined in /etc/csh.cshrc"
+            }
+          ]
+        },
+        {
+          "id": "SV-230386",
+          "title": "The RHEL 8 audit system must be configured to audit the execution of\nprivileged functions and prevent all software from executing at higher\nprivilege levels than users executing the software.",
+          "desc": "Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 audits the execution of privileged functions.\n\n    Check if RHEL 8 is configured to audit the execution of the \"execve\"\nsystem call, by running the following command:\n\n    $ sudo grep execve /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    If the command does not return all lines, or the lines are commented out,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to audit the execution of the \"execve\" system call.\n\n    Add or update the following file system rules to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000326-GPOS-00126",
+            "satisfies": [
+              "SRG-OS-000326-GPOS-00126",
+              "SRG-OS-000327-GPOS-00127"
+            ],
+            "gid": "V-230386",
+            "rid": "SV-230386r854037_rule",
+            "stig_id": "RHEL-08-030000",
+            "fix_id": "F-33030r567905_fix",
+            "cci": [
+              "CCI-002233"
+            ],
+            "nist": [
+              "AC-6 (8)"
+            ]
+          },
+          "code": "control 'SV-230386' do\n  title 'The RHEL 8 audit system must be configured to audit the execution of\nprivileged functions and prevent all software from executing at higher\nprivilege levels than users executing the software.'\n  desc 'Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat.'\n  desc 'check', 'Verify RHEL 8 audits the execution of privileged functions.\n\n    Check if RHEL 8 is configured to audit the execution of the \"execve\"\nsystem call, by running the following command:\n\n    $ sudo grep execve /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    If the command does not return all lines, or the lines are commented out,\nthis is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit the execution of the \"execve\" system call.\n\n    Add or update the following file system rules to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv\n\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000326-GPOS-00126'\n  tag satisfies: ['SRG-OS-000326-GPOS-00126', 'SRG-OS-000327-GPOS-00127']\n  tag gid: 'V-230386'\n  tag rid: 'SV-230386r854037_rule'\n  tag stig_id: 'RHEL-08-030000'\n  tag fix_id: 'F-33030r567905_fix'\n  tag cci: ['CCI-002233']\n  tag nist: ['AC-6 (8)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # All execve calls should use 'always,exit'\n    describe auditd.syscall('execve') do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n\n    # Work with the SUID rules\n    describe auditd.syscall('execve').where { fields.include?('euid=0') } do\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n    end\n\n    # Work with the SGID rules\n    describe auditd.syscall('execve').where { fields.include?('egid=0') } do\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230386.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"execve\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.6e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"execve\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.3e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"execve\" fields include? \"euid=0\" arch.uniq is expected to include \"b32\"",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"execve\" fields include? \"euid=0\" arch.uniq is expected to include \"b64\"",
+              "run_time": 4.4e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"execve\" fields include? \"egid=0\" arch.uniq is expected to include \"b32\"",
+              "run_time": 4.3e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"execve\" fields include? \"egid=0\" arch.uniq is expected to include \"b64\"",
+              "run_time": 4.2e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230387",
+          "title": "Cron logging must be implemented in RHEL 8.",
+          "desc": "Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users."
+            },
+            {
+              "label": "check",
+              "data": "Verify that \"rsyslog\" is configured to log cron events with the following\ncommand:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/*.conf\" files.\n\n    $ sudo grep -s cron /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n    /etc/rsyslog.conf:# Log cron stuff\n    /etc/rsyslog.conf:cron.*\n                                                /var/log/cron\n\n    If the command does not return a response, check for cron logging all\nfacilities with the following command.\n\n    $ sudo grep -s /var/log/messages /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n\n    If \"rsyslog\" is not logging messages for the cron facility or all\nfacilities, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure \"rsyslog\" to log all cron messages by adding or updating the\nfollowing line to \"/etc/rsyslog.conf\" or a configuration file in the\n/etc/rsyslog.d/ directory:\n\n    cron.* /var/log/cron\n\n    The rsyslog daemon must be restarted for the changes to take effect:\n    $ sudo systemctl restart rsyslog.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230387",
+            "rid": "SV-230387r743996_rule",
+            "stig_id": "RHEL-08-030010",
+            "fix_id": "F-33031r743995_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230387' do\n  title 'Cron logging must be implemented in RHEL 8.'\n  desc 'Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users.'\n  desc 'check', 'Verify that \"rsyslog\" is configured to log cron events with the following\ncommand:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/*.conf\" files.\n\n    $ sudo grep -s cron /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n    /etc/rsyslog.conf:# Log cron stuff\n    /etc/rsyslog.conf:cron.*\n                                                /var/log/cron\n\n    If the command does not return a response, check for cron logging all\nfacilities with the following command.\n\n    $ sudo grep -s /var/log/messages /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:*.info;mail.none;authpriv.none;cron.none\n        /var/log/messages\n\n    If \"rsyslog\" is not logging messages for the cron facility or all\nfacilities, this is a finding.'\n  desc 'fix', 'Configure \"rsyslog\" to log all cron messages by adding or updating the\nfollowing line to \"/etc/rsyslog.conf\" or a configuration file in the\n/etc/rsyslog.d/ directory:\n\n    cron.* /var/log/cron\n\n    The rsyslog daemon must be restarted for the changes to take effect:\n    $ sudo systemctl restart rsyslog.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230387'\n  tag rid: 'SV-230387r743996_rule'\n  tag stig_id: 'RHEL-08-030010'\n  tag fix_id: 'F-33031r743995_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe command('grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron') do\n        its('stdout') { should match %r{cron\\.\\*\\s*/var/log/cron} }\n      end\n      describe command('grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages') do\n        its('stdout') { should match %r{\\*.info;mail.none;authpriv.none;cron.none\\s*/var/log/messages} }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230387.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron` stdout is expected to match /cron\\.\\*\\s*\\/var\\/log\\/cron/",
+              "run_time": 4.0e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep  -hsv \\\"^#\\\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron\"]",
+              "resource_id": "Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep ^cron`"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages` stdout is expected to match /\\*.info;mail.none;authpriv.none;cron.none\\s*\\/var\\/log\\/messages/",
+              "run_time": 3.4e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep  -hsv \\\"^#\\\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages\"]",
+              "resource_id": "Command: `grep  -hsv \"^#\" /etc/rsyslog.conf /etc/rsyslog.d/*.conf| grep /var/log/messages`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230388",
+          "title": "The RHEL 8 System Administrator (SA) and Information System Security\nOfficer (ISSO) (at a minimum) must be alerted of an audit processing failure\nevent.",
+          "desc": "It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the SA and ISSO (at a minimum) are notified in the event of an\naudit processing failure.\n\n    Check that RHEL 8 notifies the SA and ISSO (at a minimum) in the event of\nan audit processing failure with the following command:\n\n    $ sudo grep action_mail_acct /etc/audit/auditd.conf\n\n    action_mail_acct = root\n\n    If the value of the \"action_mail_acct\" keyword is not set to \"root\"\nand/or other accounts for security personnel, the \"action_mail_acct\" keyword\nis missing, or the retuned line is commented out, ask the system administrator\nto indicate how they and the ISSO are notified of an audit process failure.  If\nthere is no evidence of the proper personnel being notified of an audit\nprocessing failure, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure \"auditd\" service to notify the SA and ISSO in the event of an\naudit processing failure.\n\n    Edit the following line in \"/etc/audit/auditd.conf\" to ensure that\nadministrators are notified via email for those situations:\n\n    action_mail_acct = root"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000046-GPOS-00022",
+            "gid": "V-230388",
+            "rid": "SV-230388r627750_rule",
+            "stig_id": "RHEL-08-030020",
+            "fix_id": "F-33032r567911_fix",
+            "cci": [
+              "CCI-000139"
+            ],
+            "nist": [
+              "AU-5 a"
+            ]
+          },
+          "code": "control 'SV-230388' do\n  title 'The RHEL 8 System Administrator (SA) and Information System Security\nOfficer (ISSO) (at a minimum) must be alerted of an audit processing failure\nevent.'\n  desc 'It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.'\n  desc 'check', 'Verify that the SA and ISSO (at a minimum) are notified in the event of an\naudit processing failure.\n\n    Check that RHEL 8 notifies the SA and ISSO (at a minimum) in the event of\nan audit processing failure with the following command:\n\n    $ sudo grep action_mail_acct /etc/audit/auditd.conf\n\n    action_mail_acct = root\n\n    If the value of the \"action_mail_acct\" keyword is not set to \"root\"\nand/or other accounts for security personnel, the \"action_mail_acct\" keyword\nis missing, or the retuned line is commented out, ask the system administrator\nto indicate how they and the ISSO are notified of an audit process failure.  If\nthere is no evidence of the proper personnel being notified of an audit\nprocessing failure, this is a finding.'\n  desc 'fix', 'Configure \"auditd\" service to notify the SA and ISSO in the event of an\naudit processing failure.\n\n    Edit the following line in \"/etc/audit/auditd.conf\" to ensure that\nadministrators are notified via email for those situations:\n\n    action_mail_acct = root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000046-GPOS-00022'\n  tag gid: 'V-230388'\n  tag rid: 'SV-230388r627750_rule'\n  tag stig_id: 'RHEL-08-030020'\n  tag fix_id: 'F-33032r567911_fix'\n  tag cci: ['CCI-000139']\n  tag nist: ['AU-5 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('action_mail_acct') { should cmp 'root' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230388.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Audit Daemon Config action_mail_acct is expected to cmp == \"root\"",
+              "run_time": 0.000136,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "auditd_conf",
+              "resource_params": "[]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230389",
+          "title": "The RHEL 8 Information System Security Officer (ISSO) and System\nAdministrator (SA) (at a minimum) must have mail aliases to be notified of an\naudit processing failure.",
+          "desc": "It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the administrators are notified in the event of an audit\nprocessing failure.\n\n    Check that the \"/etc/aliases\" file has a defined value for \"root\".\n\n    $ sudo grep \"postmaster:\\s*root$\" /etc/aliases\n\n    If the command does not return a line, or the line is commented out, ask\nthe system administrator to indicate how they and the ISSO are notified of an\naudit process failure.  If there is no evidence of the proper personnel being\nnotified of an audit processing failure, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to notify administrators in the event of an audit\nprocessing failure.\n\n    Add/update the following line in \"/etc/aliases\":\n\n    postmaster: root"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000046-GPOS-00022",
+            "gid": "V-230389",
+            "rid": "SV-230389r627750_rule",
+            "stig_id": "RHEL-08-030030",
+            "fix_id": "F-33033r567914_fix",
+            "cci": [
+              "CCI-000139"
+            ],
+            "nist": [
+              "AU-5 a"
+            ]
+          },
+          "code": "control 'SV-230389' do\n  title 'The RHEL 8 Information System Security Officer (ISSO) and System\nAdministrator (SA) (at a minimum) must have mail aliases to be notified of an\naudit processing failure.'\n  desc 'It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.'\n  desc 'check', 'Verify that the administrators are notified in the event of an audit\nprocessing failure.\n\n    Check that the \"/etc/aliases\" file has a defined value for \"root\".\n\n    $ sudo grep \"postmaster:\\\\s*root$\" /etc/aliases\n\n    If the command does not return a line, or the line is commented out, ask\nthe system administrator to indicate how they and the ISSO are notified of an\naudit process failure.  If there is no evidence of the proper personnel being\nnotified of an audit processing failure, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to notify administrators in the event of an audit\nprocessing failure.\n\n    Add/update the following line in \"/etc/aliases\":\n\n    postmaster: root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000046-GPOS-00022'\n  tag gid: 'V-230389'\n  tag rid: 'SV-230389r627750_rule'\n  tag stig_id: 'RHEL-08-030030'\n  tag fix_id: 'F-33033r567914_fix'\n  tag cci: ['CCI-000139']\n  tag nist: ['AU-5 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep \"postmaster:\\s*root$\" /etc/aliases') do\n      its('stdout.strip') { should match(/postmaster:\\s*root/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230389.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep \"postmaster:\\s*root$\" /etc/aliases` stdout.strip is expected to match /postmaster:\\s*root/",
+              "run_time": 0.108281,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep \\\"postmaster:\\\\s*root$\\\" /etc/aliases\"]",
+              "resource_id": "Command: `grep \"postmaster:\\s*root$\" /etc/aliases`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230390",
+          "title": "The RHEL 8 System must take appropriate action when an audit\nprocessing failure occurs.",
+          "desc": "It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 takes the appropriate action when an audit processing failure\noccurs.\n\n    Check that RHEL 8 takes the appropriate action when an audit processing\nfailure occurs with the following command:\n\n    $ sudo grep disk_error_action /etc/audit/auditd.conf\n\n    disk_error_action = HALT\n\n    If the value of the \"disk_error_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nprocess failure occurs.  If there is no evidence of appropriate action, this is\na finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_error_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_error_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_error_action\" to \"SYSLOG\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000047-GPOS-00023",
+            "gid": "V-230390",
+            "rid": "SV-230390r627750_rule",
+            "stig_id": "RHEL-08-030040",
+            "fix_id": "F-33034r567917_fix",
+            "cci": [
+              "CCI-000140"
+            ],
+            "nist": [
+              "AU-5 b"
+            ]
+          },
+          "code": "control 'SV-230390' do\n  title 'The RHEL 8 System must take appropriate action when an audit\nprocessing failure occurs.'\n  desc 'It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.'\n  desc 'check', 'Verify RHEL 8 takes the appropriate action when an audit processing failure\noccurs.\n\n    Check that RHEL 8 takes the appropriate action when an audit processing\nfailure occurs with the following command:\n\n    $ sudo grep disk_error_action /etc/audit/auditd.conf\n\n    disk_error_action = HALT\n\n    If the value of the \"disk_error_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nprocess failure occurs.  If there is no evidence of appropriate action, this is\na finding.'\n  desc 'fix', 'Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_error_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_error_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_error_action\" to \"SYSLOG\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000047-GPOS-00023'\n  tag gid: 'V-230390'\n  tag rid: 'SV-230390r627750_rule'\n  tag stig_id: 'RHEL-08-030040'\n  tag fix_id: 'F-33034r567917_fix'\n  tag cci: ['CCI-000140']\n  tag nist: ['AU-5 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('disk_error_action') { should be_in input('disk_error_action') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230390.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Audit Daemon Config disk_error_action is expected to be in \"SYSLOG\", \"SINGLE\", and \"HALT\"",
+              "run_time": 0.000289,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "auditd_conf",
+              "resource_params": "[]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230392",
+          "title": "The RHEL 8 audit system must take appropriate action when the audit\nstorage volume is full.",
+          "desc": "It is critical that when RHEL 8 is at risk of failing to process audit\nlogs as required, it takes action to mitigate the failure. Audit processing\nfailures include software/hardware errors; failures in the audit capturing\nmechanisms; and audit storage capacity being reached or exceeded. Responses to\naudit failure depend upon the nature of the failure mode.\n\n    When availability is an overriding concern, other approved actions in\nresponse to an audit failure are as follows:\n\n    1) If the failure was caused by the lack of audit record storage capacity,\nRHEL 8 must continue generating audit records if possible (automatically\nrestarting the audit service if necessary) and overwriting the oldest audit\nrecords in a first-in-first-out manner.\n\n    2) If audit records are sent to a centralized collection server and\ncommunication with this server is lost or the server fails, RHEL 8 must queue\naudit records locally until communication is restored or until the audit\nrecords are retrieved manually. Upon restoration of the connection to the\ncentralized collection server, action should be taken to synchronize the local\naudit data with the collection server.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is critical that when RHEL 8 is at risk of failing to process audit\nlogs as required, it takes action to mitigate the failure. Audit processing\nfailures include software/hardware errors; failures in the audit capturing\nmechanisms; and audit storage capacity being reached or exceeded. Responses to\naudit failure depend upon the nature of the failure mode.\n\n    When availability is an overriding concern, other approved actions in\nresponse to an audit failure are as follows:\n\n    1) If the failure was caused by the lack of audit record storage capacity,\nRHEL 8 must continue generating audit records if possible (automatically\nrestarting the audit service if necessary) and overwriting the oldest audit\nrecords in a first-in-first-out manner.\n\n    2) If audit records are sent to a centralized collection server and\ncommunication with this server is lost or the server fails, RHEL 8 must queue\naudit records locally until communication is restored or until the audit\nrecords are retrieved manually. Upon restoration of the connection to the\ncentralized collection server, action should be taken to synchronize the local\naudit data with the collection server."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 takes the appropriate action when the audit storage volume is\nfull.\n\n    Check that RHEL 8 takes the appropriate action when the audit storage\nvolume is full with the following command:\n\n    $ sudo grep disk_full_action /etc/audit/auditd.conf\n\n    disk_full_action = HALT\n\n    If the value of the \"disk_full_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nstorage volume is full.  If there is no evidence of appropriate action, this is\na finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_full_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_full_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_full_action\" to \"SYSLOG\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000047-GPOS-00023",
+            "gid": "V-230392",
+            "rid": "SV-230392r627750_rule",
+            "stig_id": "RHEL-08-030060",
+            "fix_id": "F-33036r567923_fix",
+            "cci": [
+              "CCI-000140"
+            ],
+            "nist": [
+              "AU-5 b"
+            ]
+          },
+          "code": "control 'SV-230392' do\n  title 'The RHEL 8 audit system must take appropriate action when the audit\nstorage volume is full.'\n  desc 'It is critical that when RHEL 8 is at risk of failing to process audit\nlogs as required, it takes action to mitigate the failure. Audit processing\nfailures include software/hardware errors; failures in the audit capturing\nmechanisms; and audit storage capacity being reached or exceeded. Responses to\naudit failure depend upon the nature of the failure mode.\n\n    When availability is an overriding concern, other approved actions in\nresponse to an audit failure are as follows:\n\n    1) If the failure was caused by the lack of audit record storage capacity,\nRHEL 8 must continue generating audit records if possible (automatically\nrestarting the audit service if necessary) and overwriting the oldest audit\nrecords in a first-in-first-out manner.\n\n    2) If audit records are sent to a centralized collection server and\ncommunication with this server is lost or the server fails, RHEL 8 must queue\naudit records locally until communication is restored or until the audit\nrecords are retrieved manually. Upon restoration of the connection to the\ncentralized collection server, action should be taken to synchronize the local\naudit data with the collection server.'\n  desc 'check', 'Verify RHEL 8 takes the appropriate action when the audit storage volume is\nfull.\n\n    Check that RHEL 8 takes the appropriate action when the audit storage\nvolume is full with the following command:\n\n    $ sudo grep disk_full_action /etc/audit/auditd.conf\n\n    disk_full_action = HALT\n\n    If the value of the \"disk_full_action\" option is not \"SYSLOG\",\n\"SINGLE\", or \"HALT\", or the line is commented out, ask the system\nadministrator to indicate how the system takes appropriate action when an audit\nstorage volume is full.  If there is no evidence of appropriate action, this is\na finding.'\n  desc 'fix', 'Configure RHEL 8 to shut down by default upon audit failure (unless\navailability is an overriding concern).\n\n    Add or update the following line (depending on configuration\n\"disk_full_action\" can be set to \"SYSLOG\" or \"SINGLE\" depending on\nconfiguration) in \"/etc/audit/auditd.conf\" file:\n\n    disk_full_action = HALT\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nby setting the \"disk_full_action\" to \"SYSLOG\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000047-GPOS-00023'\n  tag gid: 'V-230392'\n  tag rid: 'SV-230392r627750_rule'\n  tag stig_id: 'RHEL-08-030060'\n  tag fix_id: 'F-33036r567923_fix'\n  tag cci: ['CCI-000140']\n  tag nist: ['AU-5 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('disk_full_action') { should be_in input('disk_full_action') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230392.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Audit Daemon Config disk_full_action is expected to be in \"SYSLOG\", \"SINGLE\", and \"HALT\"",
+              "run_time": 0.000224,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "auditd_conf",
+              "resource_params": "[]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230393",
+          "title": "The RHEL 8 audit system must audit local events.",
+          "desc": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked."
+            },
+            {
+              "label": "check",
+              "data": "Verify the RHEL 8 Audit Daemon is configured to include local events, with\nthe following command:\n\n    $ sudo grep local_events /etc/audit/auditd.conf\n\n    local_events = yes\n\n    If the value of the \"local_events\" option is not set to \"yes\", or the\nline is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to audit local events on the system.\n\nAdd or update the following line in \"/etc/audit/auditd.conf\" file:\n\nlocal_events = yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230393",
+            "rid": "SV-230393r627750_rule",
+            "stig_id": "RHEL-08-030061",
+            "fix_id": "F-33037r567926_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230393' do\n  title 'The RHEL 8 audit system must audit local events.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.'\n  desc 'check', 'Verify the RHEL 8 Audit Daemon is configured to include local events, with\nthe following command:\n\n    $ sudo grep local_events /etc/audit/auditd.conf\n\n    local_events = yes\n\n    If the value of the \"local_events\" option is not set to \"yes\", or the\nline is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit local events on the system.\n\nAdd or update the following line in \"/etc/audit/auditd.conf\" file:\n\nlocal_events = yes'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230393'\n  tag rid: 'SV-230393r627750_rule'\n  tag stig_id: 'RHEL-08-030061'\n  tag fix_id: 'F-33037r567926_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('local_events') { should eq 'yes' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230393.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/audit/auditd.conf local_events is expected to eq \"yes\"",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/audit/auditd.conf\"]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230394",
+          "title": "RHEL 8 must label all off-loaded audit logs before sending them to the\ncentral log server.",
+          "desc": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging is needed to determine who, what, and when events occur on\na system.  Without this, determining root cause of an event will be much more\ndifficult.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging is needed to determine who, what, and when events occur on\na system.  Without this, determining root cause of an event will be much more\ndifficult.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the RHEL 8 Audit Daemon is configured to label all off-loaded audit\nlogs, with the following command:\n\n    $ sudo grep \"name_format\" /etc/audit/auditd.conf\n\n    name_format = hostname\n\n    If the \"name_format\" option is not \"hostname\", \"fqd\", or \"numeric\",\nor the line is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the /etc/audit/auditd.conf file and add or update the \"name_format\"\noption:\n\n    name_format = hostname\n\n    The audit daemon must be restarted for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-GPOS-00133",
+            "gid": "V-230394",
+            "rid": "SV-230394r877390_rule",
+            "stig_id": "RHEL-08-030062",
+            "fix_id": "F-33038r567929_fix",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'SV-230394' do\n  title 'RHEL 8 must label all off-loaded audit logs before sending them to the\ncentral log server.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging is needed to determine who, what, and when events occur on\na system.  Without this, determining root cause of an event will be much more\ndifficult.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system.'\n  desc 'check', 'Verify the RHEL 8 Audit Daemon is configured to label all off-loaded audit\nlogs, with the following command:\n\n    $ sudo grep \"name_format\" /etc/audit/auditd.conf\n\n    name_format = hostname\n\n    If the \"name_format\" option is not \"hostname\", \"fqd\", or \"numeric\",\nor the line is commented out, this is a finding.'\n  desc 'fix', 'Edit the /etc/audit/auditd.conf file and add or update the \"name_format\"\noption:\n\n    name_format = hostname\n\n    The audit daemon must be restarted for changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag gid: 'V-230394'\n  tag rid: 'SV-230394r877390_rule'\n  tag stig_id: 'RHEL-08-030062'\n  tag fix_id: 'F-33038r567929_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif file('/etc/audit/auditd.conf').exist?\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('name_format') { should match(/^hostname$|^fqd$|^numeric$/i) }\n    end\n  else\n    describe \"File '/etc/audit/auditd.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audit/auditd.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230394.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/audit/auditd.conf name_format is expected to match /^hostname$|^fqd$|^numeric$/i",
+              "run_time": 5.0e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/audit/auditd.conf\"]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230395",
+          "title": "RHEL 8 must resolve audit information before writing to disk.",
+          "desc": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging aids in making sense of who, what, and when events occur\non a system.  Without this, determining root cause of an event will be much\nmore difficult.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging aids in making sense of who, what, and when events occur\non a system.  Without this, determining root cause of an event will be much\nmore difficult."
+            },
+            {
+              "label": "check",
+              "data": "Verify the RHEL 8 Audit Daemon is configured to resolve audit information\nbefore writing to disk, with the following command:\n\n    $ sudo grep \"log_format\" /etc/audit/auditd.conf\n\n    log_format = ENRICHED\n\n    If the \"log_format\" option is not \"ENRICHED\", or the line is commented\nout, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the /etc/audit/auditd.conf file and add or update the \"log_format\"\noption:\n\n    log_format = ENRICHED\n\n    The audit daemon must be restarted for changes to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230395",
+            "rid": "SV-230395r627750_rule",
+            "stig_id": "RHEL-08-030063",
+            "fix_id": "F-33039r567932_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230395' do\n  title 'RHEL 8 must resolve audit information before writing to disk.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Enriched logging aids in making sense of who, what, and when events occur\non a system.  Without this, determining root cause of an event will be much\nmore difficult.'\n  desc 'check', 'Verify the RHEL 8 Audit Daemon is configured to resolve audit information\nbefore writing to disk, with the following command:\n\n    $ sudo grep \"log_format\" /etc/audit/auditd.conf\n\n    log_format = ENRICHED\n\n    If the \"log_format\" option is not \"ENRICHED\", or the line is commented\nout, this is a finding.'\n  desc 'fix', 'Edit the /etc/audit/auditd.conf file and add or update the \"log_format\"\noption:\n\n    log_format = ENRICHED\n\n    The audit daemon must be restarted for changes to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230395'\n  tag rid: 'SV-230395r627750_rule'\n  tag stig_id: 'RHEL-08-030063'\n  tag fix_id: 'F-33039r567932_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('log_format') { should eq 'ENRICHED' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230395.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/audit/auditd.conf log_format is expected to eq \"ENRICHED\"",
+              "run_time": 4.7e-05,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/audit/auditd.conf\"]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230396",
+          "title": "RHEL 8 audit logs must have a mode of 0600 or less permissive to\nprevent unauthorized read access.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit logs have a mode of \"0600\" or less permissive.\n\n    First, determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, check if the audit log has a mode\nof \"0600\" or less permissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit/audit.log\n\n    600 /var/log/audit/audit.log\n\n    If the audit log has a mode more permissive than \"0600\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit log to be protected from unauthorized read access by setting the correct permissive mode with the following command:\n\n$ sudo chmod 0600 /var/log/audit/audit.log"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029",
+              "SRG-OS-000206-GPOS-00084"
+            ],
+            "gid": "V-230396",
+            "rid": "SV-230396r902733_rule",
+            "stig_id": "RHEL-08-030070",
+            "fix_id": "F-33040r902732_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230396' do\n  title 'RHEL 8 audit logs must have a mode of 0600 or less permissive to\nprevent unauthorized read access.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the audit logs have a mode of \"0600\" or less permissive.\n\n    First, determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, check if the audit log has a mode\nof \"0600\" or less permissive with the following command:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit/audit.log\n\n    600 /var/log/audit/audit.log\n\n    If the audit log has a mode more permissive than \"0600\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access by setting the correct permissive mode with the following command:\n\n$ sudo chmod 0600 /var/log/audit/audit.log'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029', 'SRG-OS-000206-GPOS-00084']\n  tag gid: 'V-230396'\n  tag rid: 'SV-230396r902733_rule'\n  tag stig_id: 'RHEL-08-030070'\n  tag fix_id: 'F-33040r902732_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  log_file = auditd_conf('/etc/audit/auditd.conf').log_file\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(log_file) do\n      it { should_not be_more_permissive_than('0600') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230396.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/audit/audit.log is expected not to be more permissive than \"0600\"",
+              "run_time": 0.278196,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/audit/audit.log\"]",
+              "resource_id": "/var/log/audit/audit.log"
+            }
+          ]
+        },
+        {
+          "id": "SV-230397",
+          "title": "RHEL 8 audit logs must be owned by root to prevent unauthorized read\naccess.",
+          "desc": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit logs are owned by \"root\". First, determine where the\naudit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\nowned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not owned by \"root\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_file]\n\n    Replace \"[audit_log_file]\" to the correct audit log path, by default this\nlocation is \"/var/log/audit/audit.log\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029",
+              "SRG-OS-000206-GPOS-00084"
+            ],
+            "gid": "V-230397",
+            "rid": "SV-230397r627750_rule",
+            "stig_id": "RHEL-08-030080",
+            "fix_id": "F-33041r567938_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230397' do\n  title 'RHEL 8 audit logs must be owned by root to prevent unauthorized read\naccess.'\n  desc \"Only authorized personnel should be aware of errors and the details of\nthe errors. Error messages are an indicator of an organization's operational\nstate or can identify the RHEL 8 system or platform. Additionally, Personally\nIdentifiable Information (PII) and operational information must not be revealed\nthrough error messages to unauthorized personnel or their designated\nrepresentatives.\n\n    The structure and content of error messages must be carefully considered by\nthe organization and development team. The extent to which the information\nsystem is able to identify and handle error conditions is guided by\norganizational policy and operational requirements.\"\n  desc 'check', 'Verify the audit logs are owned by \"root\". First, determine where the\naudit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\nowned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_file]\n\n    Replace \"[audit_log_file]\" to the correct audit log path, by default this\nlocation is \"/var/log/audit/audit.log\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029', 'SRG-OS-000206-GPOS-00084']\n  tag gid: 'V-230397'\n  tag rid: 'SV-230397r627750_rule'\n  tag stig_id: 'RHEL-08-030080'\n  tag fix_id: 'F-33041r567938_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  log_file = auditd_conf('/etc/audit/auditd.conf').log_file\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(log_file) do\n      its('owner') { should eq 'root' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230397.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/audit/audit.log owner is expected to eq \"root\"",
+              "run_time": 0.000229,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/audit/audit.log\"]",
+              "resource_id": "/var/log/audit/audit.log"
+            }
+          ]
+        },
+        {
+          "id": "SV-230398",
+          "title": "RHEL 8 audit logs must be group-owned by root to prevent unauthorized\nread access.",
+          "desc": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit logs are group-owned by \"root\". First determine where\nthe audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\ngroup-owned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not group-owned by \"root\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit log to be owned by root by configuring the log group in\nthe /etc/audit/auditd.conf file:\n\n    log_group = root"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029"
+            ],
+            "gid": "V-230398",
+            "rid": "SV-230398r627750_rule",
+            "stig_id": "RHEL-08-030090",
+            "fix_id": "F-33042r567941_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230398' do\n  title 'RHEL 8 audit logs must be group-owned by root to prevent unauthorized\nread access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.'\n  desc 'check', 'Verify the audit logs are group-owned by \"root\". First determine where\nthe audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log file, determine if the audit log is\ngroup-owned by \"root\" using the following command:\n\n    $ sudo ls -al /var/log/audit/audit.log\n\n    rw------- 2 root root 23 Jun 11 11:56 /var/log/audit/audit.log\n\n    If the audit log is not group-owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit log to be owned by root by configuring the log group in\nthe /etc/audit/auditd.conf file:\n\n    log_group = root'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230398'\n  tag rid: 'SV-230398r627750_rule'\n  tag stig_id: 'RHEL-08-030090'\n  tag fix_id: 'F-33042r567941_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(auditd_conf('/etc/audit/auditd.conf').log_file) do\n      its('group') { should be_in input('var_log_audit_group') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230398.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/audit/audit.log group is expected to be in \"root\"",
+              "run_time": 0.000297,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/audit/audit.log\"]",
+              "resource_id": "/var/log/audit/audit.log"
+            }
+          ]
+        },
+        {
+          "id": "SV-230399",
+          "title": "RHEL 8 audit log directory must be owned by root to prevent\nunauthorized read access.",
+          "desc": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit log directory is owned by \"root\" to prevent unauthorized\nread access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the owner of the audit log directory by using the output of the\nabove command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not owned by \"root\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029"
+            ],
+            "gid": "V-230399",
+            "rid": "SV-230399r627750_rule",
+            "stig_id": "RHEL-08-030100",
+            "fix_id": "F-33043r567944_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230399' do\n  title 'RHEL 8 audit log directory must be owned by root to prevent\nunauthorized read access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.'\n  desc 'check', 'Verify the audit log directory is owned by \"root\" to prevent unauthorized\nread access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the owner of the audit log directory by using the output of the\nabove command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access, by\nsetting the correct owner as \"root\" with the following command:\n\n    $ sudo chown root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230399'\n  tag rid: 'SV-230399r627750_rule'\n  tag stig_id: 'RHEL-08-030100'\n  tag fix_id: 'F-33043r567944_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    log_dir = auditd_conf('/etc/audit/auditd.conf').log_file.split('/')[0..-2].join('/')\n    describe directory(log_dir) do\n      its('owner') { should eq 'root' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230399.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /var/log/audit owner is expected to eq \"root\"",
+              "run_time": 0.121332,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/var/log/audit\"]",
+              "resource_id": "/var/log/audit"
+            }
+          ]
+        },
+        {
+          "id": "SV-230400",
+          "title": "RHEL 8 audit log directory must be group-owned by root to prevent\nunauthorized read access.",
+          "desc": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit log directory is group-owned by \"root\" to prevent\nunauthorized read access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the group owner of the audit log directory by using the output of\nthe above command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not group-owned by \"root\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit log to be protected from unauthorized read access by\nsetting the correct group-owner as \"root\" with the following command:\n\n    $ sudo chgrp root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029"
+            ],
+            "gid": "V-230400",
+            "rid": "SV-230400r627750_rule",
+            "stig_id": "RHEL-08-030110",
+            "fix_id": "F-33044r567947_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230400' do\n  title 'RHEL 8 audit log directory must be group-owned by root to prevent\nunauthorized read access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 activity.'\n  desc 'check', 'Verify the audit log directory is group-owned by \"root\" to prevent\nunauthorized read access.\n\n    Determine where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Determine the group owner of the audit log directory by using the output of\nthe above command (ex: \"/var/log/audit/\"). Run the following command with the\ncorrect audit log directory path:\n\n    $ sudo ls -ld /var/log/audit\n\n    drw------- 2 root root 23 Jun 11 11:56 /var/log/audit\n\n    If the audit log directory is not group-owned by \"root\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit log to be protected from unauthorized read access by\nsetting the correct group-owner as \"root\" with the following command:\n\n    $ sudo chgrp root [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" with the correct audit log directory\npath, by default this location is usually \"/var/log/audit\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230400'\n  tag rid: 'SV-230400r627750_rule'\n  tag stig_id: 'RHEL-08-030110'\n  tag fix_id: 'F-33044r567947_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe directory(auditd_conf('/etc/audit/auditd.conf').log_file.split('/')[0..-2].join('/')) do\n      its('group') { should be_in input('var_log_audit_group') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230400.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /var/log/audit group is expected to be in \"root\"",
+              "run_time": 0.000391,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/var/log/audit\"]",
+              "resource_id": "/var/log/audit"
+            }
+          ]
+        },
+        {
+          "id": "SV-230401",
+          "title": "RHEL 8 audit log directory must have a mode of 0700 or less permissive\nto prevent unauthorized read access.",
+          "desc": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit log directories have a mode of \"0700\" or less permissive\nby first determining where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log, determine the directory where the\naudit logs are stored (ex: \"/var/log/audit\"). Run the following command to\ndetermine the permissions for the audit log folder:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit\n\n    700 /var/log/audit\n\n    If the audit log directory has a mode more permissive than \"0700\", this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit log directory to be protected from unauthorized read\naccess by setting the correct permissive mode with the following command:\n\n    $ sudo chmod 0700 [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" to the correct audit log directory path,\nby default this location is \"/var/log/audit\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029"
+            ],
+            "gid": "V-230401",
+            "rid": "SV-230401r627750_rule",
+            "stig_id": "RHEL-08-030120",
+            "fix_id": "F-33045r567950_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230401' do\n  title 'RHEL 8 audit log directory must have a mode of 0700 or less permissive\nto prevent unauthorized read access.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.'\n  desc 'check', 'Verify the audit log directories have a mode of \"0700\" or less permissive\nby first determining where the audit logs are stored with the following command:\n\n    $ sudo grep -iw log_file /etc/audit/auditd.conf\n\n    log_file = /var/log/audit/audit.log\n\n    Using the location of the audit log, determine the directory where the\naudit logs are stored (ex: \"/var/log/audit\"). Run the following command to\ndetermine the permissions for the audit log folder:\n\n    $ sudo stat -c \"%a %n\" /var/log/audit\n\n    700 /var/log/audit\n\n    If the audit log directory has a mode more permissive than \"0700\", this\nis a finding.'\n  desc 'fix', 'Configure the audit log directory to be protected from unauthorized read\naccess by setting the correct permissive mode with the following command:\n\n    $ sudo chmod 0700 [audit_log_directory]\n\n    Replace \"[audit_log_directory]\" to the correct audit log directory path,\nby default this location is \"/var/log/audit\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230401'\n  tag rid: 'SV-230401r627750_rule'\n  tag stig_id: 'RHEL-08-030120'\n  tag fix_id: 'F-33045r567950_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  log_dir = command(\"dirname #{auditd_conf('/etc/audit/auditd.conf').log_file}\").stdout.strip\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe directory(log_dir) do\n      it { should_not be_more_permissive_than('0700') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230401.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Directory /var/log/audit is expected not to be more permissive than \"0700\"",
+              "run_time": 0.176809,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "directory",
+              "resource_params": "[\"/var/log/audit\"]",
+              "resource_id": "/var/log/audit"
+            }
+          ]
+        },
+        {
+          "id": "SV-230402",
+          "title": "RHEL 8 audit system must protect auditing rules from unauthorized\nchange.",
+          "desc": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit system prevents unauthorized changes with the following\ncommand:\n\n    $ sudo grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1\n\n    -e 2\n\n    If the audit system is not set to be immutable by adding the \"-e 2\"\noption to the \"/etc/audit/audit.rules\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to set the audit rules to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    -e 2\n\n    Note: Once set, the system must be rebooted for auditing to be changed.  It\nis recommended to add this option as the last step in securing the system."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029"
+            ],
+            "gid": "V-230402",
+            "rid": "SV-230402r627750_rule",
+            "stig_id": "RHEL-08-030121",
+            "fix_id": "F-33046r567953_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230402' do\n  title 'RHEL 8 audit system must protect auditing rules from unauthorized\nchange.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.'\n  desc 'check', 'Verify the audit system prevents unauthorized changes with the following\ncommand:\n\n    $ sudo grep \"^\\\\s*[^#]\" /etc/audit/audit.rules | tail -1\n\n    -e 2\n\n    If the audit system is not set to be immutable by adding the \"-e 2\"\noption to the \"/etc/audit/audit.rules\", this is a finding.'\n  desc 'fix', 'Configure the audit system to set the audit rules to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    -e 2\n\n    Note: Once set, the system must be rebooted for auditing to be changed.  It\nis recommended to add this option as the last step in securing the system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230402'\n  tag rid: 'SV-230402r627750_rule'\n  tag stig_id: 'RHEL-08-030121'\n  tag fix_id: 'F-33046r567953_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1') do\n      its('stdout.strip') { should cmp '-e 2' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230402.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1` stdout.strip is expected to cmp == \"-e 2\"",
+              "run_time": 0.127244,
+              "start_time": "2024-01-09T19:40:51-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep \\\"^\\\\s*[^#]\\\" /etc/audit/audit.rules | tail -1\"]",
+              "resource_id": "Command: `grep \"^\\s*[^#]\" /etc/audit/audit.rules | tail -1`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230403",
+          "title": "RHEL 8 audit system must protect logon UIDs from unauthorized change.",
+          "desc": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit system prevents unauthorized changes to logon UIDs with\nthe following command:\n\n    $ sudo grep -i immutable /etc/audit/audit.rules\n\n    --loginuid-immutable\n\n    If the login UIDs are not set to be immutable by adding the\n\"--loginuid-immutable\" option to the \"/etc/audit/audit.rules\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to set the logon UIDs to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    --loginuid-immutable"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000057-GPOS-00027",
+            "satisfies": [
+              "SRG-OS-000057-GPOS-00027",
+              "SRG-OS-000058-GPOS-00028",
+              "SRG-OS-000059-GPOS-00029"
+            ],
+            "gid": "V-230403",
+            "rid": "SV-230403r627750_rule",
+            "stig_id": "RHEL-08-030122",
+            "fix_id": "F-33047r567956_fix",
+            "cci": [
+              "CCI-000162"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230403' do\n  title 'RHEL 8 audit system must protect logon UIDs from unauthorized change.'\n  desc 'Unauthorized disclosure of audit records can reveal system and\nconfiguration data to attackers, thus compromising its confidentiality.\n\n    Audit information includes all information (e.g., audit records, audit\nsettings, audit reports) needed to successfully audit RHEL 8 system activity.\n\n    In immutable mode, unauthorized users cannot execute changes to the audit\nsystem to potentially hide malicious activity and then put the audit rules\nback.  A system reboot would be noticeable and a system administrator could\nthen investigate the unauthorized changes.'\n  desc 'check', 'Verify the audit system prevents unauthorized changes to logon UIDs with\nthe following command:\n\n    $ sudo grep -i immutable /etc/audit/audit.rules\n\n    --loginuid-immutable\n\n    If the login UIDs are not set to be immutable by adding the\n\"--loginuid-immutable\" option to the \"/etc/audit/audit.rules\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit system to set the logon UIDs to be immutable by adding\nthe following line to \"/etc/audit/rules.d/audit.rules\"\n\n    --loginuid-immutable'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000057-GPOS-00027'\n  tag satisfies: ['SRG-OS-000057-GPOS-00027', 'SRG-OS-000058-GPOS-00028', 'SRG-OS-000059-GPOS-00029']\n  tag gid: 'V-230403'\n  tag rid: 'SV-230403r627750_rule'\n  tag stig_id: 'RHEL-08-030122'\n  tag fix_id: 'F-33047r567956_fix'\n  tag cci: ['CCI-000162']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep -i immutable /etc/audit/audit.rules') do\n      its('stdout.strip') { should cmp '--loginuid-immutable' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230403.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `grep -i immutable /etc/audit/audit.rules` stdout.strip is expected to cmp == \"--loginuid-immutable\"",
+              "run_time": 0.173741,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"grep -i immutable /etc/audit/audit.rules\"]",
+              "resource_id": "Command: `grep -i immutable /etc/audit/audit.rules`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230404",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/shadow.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/shadow /etc/audit/audit.rules\n\n    -w /etc/shadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/shadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000466-GPOS-00210",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230404",
+            "rid": "SV-230404r627750_rule",
+            "stig_id": "RHEL-08-030130",
+            "fix_id": "F-33048r567959_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230404' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/shadow.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/shadow /etc/audit/audit.rules\n\n    -w /etc/shadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/shadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/shadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230404'\n  tag rid: 'SV-230404r627750_rule'\n  tag stig_id: 'RHEL-08-030130'\n  tag fix_id: 'F-33048r567959_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/shadow'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230404.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/shadow\" permissions is expected not to cmp == []",
+              "run_time": 0.002233,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/shadow\" action is expected not to include \"never\"",
+              "run_time": 0.000602,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/shadow\" key is expected to cmp == \"identity\"",
+              "run_time": 0.00037,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 0.000199,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 0.000123,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230405",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n/etc/security/opasswd.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/security/opasswd /etc/audit/audit.rules\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230405",
+            "rid": "SV-230405r627750_rule",
+            "stig_id": "RHEL-08-030140",
+            "fix_id": "F-33049r567962_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230405' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n/etc/security/opasswd.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/security/opasswd /etc/audit/audit.rules\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/security/opasswd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230405'\n  tag rid: 'SV-230405r627750_rule'\n  tag stig_id: 'RHEL-08-030140'\n  tag fix_id: 'F-33049r567962_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/security/opasswd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230405.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/security/opasswd\" permissions is expected not to cmp == []",
+              "run_time": 0.000517,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/security/opasswd\" action is expected not to include \"never\"",
+              "run_time": 0.000155,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/security/opasswd\" key is expected to cmp == \"identity\"",
+              "run_time": 0.00016,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 0.000115,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 0.000103,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230406",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/passwd.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/passwd /etc/audit/audit.rules\n\n    -w /etc/passwd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/passwd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000466-GPOS-00210",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230406",
+            "rid": "SV-230406r627750_rule",
+            "stig_id": "RHEL-08-030150",
+            "fix_id": "F-33050r567965_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230406' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/passwd.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/passwd /etc/audit/audit.rules\n\n    -w /etc/passwd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/passwd\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/passwd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230406'\n  tag rid: 'SV-230406r627750_rule'\n  tag stig_id: 'RHEL-08-030150'\n  tag fix_id: 'F-33050r567965_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = auditd.file('/etc/passwd')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe audit_file do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp input('audit_passwd_key') }\n    end\n\n    # Resource creates data structure including all usages of file\n    audit_file.permissions.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230406.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/passwd\" permissions is expected not to cmp == []",
+              "run_time": 0.000188,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/passwd\" action is expected not to include \"never\"",
+              "run_time": 0.000134,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/passwd\" key is expected to cmp == \"identity\"",
+              "run_time": 0.000262,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 9.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 8.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230407",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/gshadow.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/gshadow /etc/audit/audit.rules\n\n    -w /etc/gshadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/gshadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000466-GPOS-00210",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230407",
+            "rid": "SV-230407r627750_rule",
+            "stig_id": "RHEL-08-030160",
+            "fix_id": "F-33051r567968_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230407' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/gshadow.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/gshadow /etc/audit/audit.rules\n\n    -w /etc/gshadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/gshadow\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/gshadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230407'\n  tag rid: 'SV-230407r627750_rule'\n  tag stig_id: 'RHEL-08-030160'\n  tag fix_id: 'F-33051r567968_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/gshadow'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230407.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/gshadow\" permissions is expected not to cmp == []",
+              "run_time": 0.00014,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/gshadow\" action is expected not to include \"never\"",
+              "run_time": 0.000122,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/gshadow\" key is expected to cmp == \"identity\"",
+              "run_time": 0.000124,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 9.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 8.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230408",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/group.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/group /etc/audit/audit.rules\n\n    -w /etc/group -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/group -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "CCI-002884",
+              "SRG-OS-000466-GPOS-00210",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230408",
+            "rid": "SV-230408r627750_rule",
+            "stig_id": "RHEL-08-030170",
+            "fix_id": "F-33052r567971_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230408' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/group.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/group /etc/audit/audit.rules\n\n    -w /etc/group -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/group\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/group -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'CCI-002884', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230408'\n  tag rid: 'SV-230408r627750_rule'\n  tag stig_id: 'RHEL-08-030170'\n  tag fix_id: 'F-33052r567971_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = auditd.file('/etc/group')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe audit_file do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp input('audit_group_key') }\n    end\n\n    # Resource creates data structure including all usages of file\n    audit_file.permissions.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230408.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/group\" permissions is expected not to cmp == []",
+              "run_time": 0.00014,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/group\" action is expected not to include \"never\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/group\" key is expected to cmp == \"identity\"",
+              "run_time": 0.000159,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 9.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 8.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230409",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers /etc/audit/audit.rules\n\n    -w /etc/sudoers -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "CCI-002884",
+              "SRG-OS-000466-GPOS-00210",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230409",
+            "rid": "SV-230409r627750_rule",
+            "stig_id": "RHEL-08-030171",
+            "fix_id": "F-33053r567974_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230409' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers /etc/audit/audit.rules\n\n    -w /etc/sudoers -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect \"/etc/sudoers\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'CCI-002884', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230409'\n  tag rid: 'SV-230409r627750_rule'\n  tag stig_id: 'RHEL-08-030171'\n  tag fix_id: 'F-33053r567974_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/sudoers'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230409.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/sudoers\" permissions is expected not to cmp == []",
+              "run_time": 0.000141,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/sudoers\" action is expected not to include \"never\"",
+              "run_time": 9.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/sudoers\" key is expected to cmp == \"identity\"",
+              "run_time": 0.000127,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 8.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 8.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230410",
+          "title": "RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.d/.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers.d/ /etc/audit/audit.rules\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000004-GPOS-00004",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000304-GPOS-00121",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000470-GPOS-00214",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000239-GPOS-00089",
+              "SRG-OS-000240-GPOS-00090",
+              "SRG-OS-000241-GPOS-00091",
+              "SRG-OS-000303-GPOS-00120",
+              "SRG-OS-000304-GPOS-00121",
+              "CCI-002884",
+              "SRG-OS-000466-GPOS-00210",
+              "SRG-OS-000476-GPOS-00221"
+            ],
+            "gid": "V-230410",
+            "rid": "SV-230410r627750_rule",
+            "stig_id": "RHEL-08-030172",
+            "fix_id": "F-33054r567977_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230410' do\n  title 'RHEL 8 must generate audit records for all account creations,\nmodifications, disabling, and termination events that affect /etc/sudoers.d/.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).'\n  desc 'check', 'Verify RHEL 8 generates audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Check the auditing rules in \"/etc/audit/audit.rules\" with the following\ncommand:\n\n    $ sudo grep /etc/sudoers.d/ /etc/audit/audit.rules\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records for all account creations,\nmodifications, disabling, and termination events that affect\n\"/etc/sudoers.d/\".\n\n    Add or update the following file system rule to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -w /etc/sudoers.d/ -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000004-GPOS-00004', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000304-GPOS-00121', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000470-GPOS-00214', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000239-GPOS-00089', 'SRG-OS-000240-GPOS-00090', 'SRG-OS-000241-GPOS-00091', 'SRG-OS-000303-GPOS-00120', 'SRG-OS-000304-GPOS-00121', 'CCI-002884', 'SRG-OS-000466-GPOS-00210', 'SRG-OS-000476-GPOS-00221']\n  tag gid: 'V-230410'\n  tag rid: 'SV-230410r627750_rule'\n  tag stig_id: 'RHEL-08-030172'\n  tag fix_id: 'F-33054r567977_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/etc/sudoers.d'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n      its('key') { should cmp 'identity' }\n    end\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230410.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/sudoers.d\" permissions is expected not to cmp == []",
+              "run_time": 0.000317,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/sudoers.d\" action is expected not to include \"never\"",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/etc/sudoers.d\" key is expected to cmp == \"identity\"",
+              "run_time": 0.00012,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"w\"",
+              "run_time": 9.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"w\", \"a\"] is expected to include \"a\"",
+              "run_time": 8.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230411",
+          "title": "The RHEL 8 audit package must be installed.",
+          "desc": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit service is configured to produce audit records.\n\nCheck that the audit service is installed with the following command:\n\n$ sudo yum list installed audit\n\nIf the \"audit\" package is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred.\n\n    Install the audit service (if the audit service is not already installed)\nwith the following command:\n\n    $ sudo yum install audit"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000038-GPOS-00016",
+              "SRG-OS-000039-GPOS-00017",
+              "SRG-OS-000040-GPOS-00018",
+              "SRG-OS-000041-GPOS-00019",
+              "SRG-OS-000042-GPOS-00021",
+              "SRG-OS-000051-GPOS-00024",
+              "SRG-OS-000054-GPOS-00025",
+              "SRG-OS-000122-GPOS-00063",
+              "SRG-OS-000254-GPOS-00095",
+              "SRG-OS-000255-GPOS-00096",
+              "SRG-OS-000337-GPOS-00129",
+              "SRG-OS-000348-GPOS-00136",
+              "SRG-OS-000349-GPOS-00137",
+              "SRG-OS-000350-GPOS-00138",
+              "SRG-OS-000351-GPOS-00139",
+              "SRG-OS-000352-GPOS-00140",
+              "SRG-OS-000353-GPOS-00141",
+              "SRG-OS-000354-GPOS-00142",
+              "SRG-OS-000358-GPOS-00145",
+              "SRG-OS-000365-GPOS-00152",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000475-GPOS-00220"
+            ],
+            "gid": "V-230411",
+            "rid": "SV-230411r744000_rule",
+            "stig_id": "RHEL-08-030180",
+            "fix_id": "F-33055r646880_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230411' do\n  title 'The RHEL 8 audit package must be installed.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.'\n  desc 'check', 'Verify the audit service is configured to produce audit records.\n\nCheck that the audit service is installed with the following command:\n\n$ sudo yum list installed audit\n\nIf the \"audit\" package is not installed, this is a finding.'\n  desc 'fix', 'Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred.\n\n    Install the audit service (if the audit service is not already installed)\nwith the following command:\n\n    $ sudo yum install audit'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000038-GPOS-00016', 'SRG-OS-000039-GPOS-00017', 'SRG-OS-000040-GPOS-00018', 'SRG-OS-000041-GPOS-00019', 'SRG-OS-000042-GPOS-00021', 'SRG-OS-000051-GPOS-00024', 'SRG-OS-000054-GPOS-00025', 'SRG-OS-000122-GPOS-00063', 'SRG-OS-000254-GPOS-00095', 'SRG-OS-000255-GPOS-00096', 'SRG-OS-000337-GPOS-00129', 'SRG-OS-000348-GPOS-00136', 'SRG-OS-000349-GPOS-00137', 'SRG-OS-000350-GPOS-00138', 'SRG-OS-000351-GPOS-00139', 'SRG-OS-000352-GPOS-00140', 'SRG-OS-000353-GPOS-00141', 'SRG-OS-000354-GPOS-00142', 'SRG-OS-000358-GPOS-00145', 'SRG-OS-000365-GPOS-00152', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000475-GPOS-00220']\n  tag gid: 'V-230411'\n  tag rid: 'SV-230411r744000_rule'\n  tag stig_id: 'RHEL-08-030180'\n  tag fix_id: 'F-33055r646880_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('audit') do\n      it { should be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230411.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package audit is expected to be installed",
+              "run_time": 0.123754,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"audit\"]",
+              "resource_id": "audit"
+            }
+          ]
+        },
+        {
+          "id": "SV-230412",
+          "title": "Successful/unsuccessful uses of the su command in RHEL 8 must generate\nan audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"su\" command allows a\nuser to run commands with a substitute user and group ID.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"su\" command allows a\nuser to run commands with a substitute user and group ID.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates audit records when successful/unsuccessful attempts\nto use the \"su\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/su /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to generate audit records when successful/unsuccessful\nattempts to use the \"su\" command occur by adding or updating the following\nrule in \"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000064-GPOS-0003",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230412",
+            "rid": "SV-230412r627750_rule",
+            "stig_id": "RHEL-08-030190",
+            "fix_id": "F-33056r567983_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230412' do\n  title 'Successful/unsuccessful uses of the su command in RHEL 8 must generate\nan audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"su\" command allows a\nuser to run commands with a substitute user and group ID.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates audit records when successful/unsuccessful attempts\nto use the \"su\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/su /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to generate audit records when successful/unsuccessful\nattempts to use the \"su\" command occur by adding or updating the following\nrule in \"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000064-GPOS-0003', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230412'\n  tag rid: 'SV-230412r627750_rule'\n  tag stig_id: 'RHEL-08-030190'\n  tag fix_id: 'F-33056r567983_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/su'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230412.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/su\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.000367,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/su\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 0.000131,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/su\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 0.000104,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/su\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000338,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/su\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/su\" key.uniq is expected to cmp == \"priv_cmd\"",
+              "run_time": 0.000268,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "\nexpected: priv_cmd\n     got: [\"privileged-priv_change\"]\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230413",
+          "title": "The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.",
+          "desc": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter).\n\n\"Setxattr\" is a system call used to set an extended attribute value.\n\"Fsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a file.\n\"Lsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a symbolic link.\n\"Removexattr\" is a system call that removes extended attributes.\n\"Fremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from a file.\n\"Lremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter).\n\n\"Setxattr\" is a system call used to set an extended attribute value.\n\"Fsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a file.\n\"Lsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a symbolic link.\n\"Removexattr\" is a system call that removes extended attributes.\n\"Fremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from a file.\n\"Lremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."
+            },
+            {
+              "label": "check",
+              "data": "Verify if RHEL 8 is configured to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by running the following command:\n\n$ sudo grep xattr /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nIf the command does not return an audit rule for \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" or any of the lines returned are commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by adding or updating the following lines to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000458-GPOS-00203",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000463-GPOS-00207",
+              "SRG-OS-000468-GPOS-00212",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000474-GPOS-00219",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230413",
+            "rid": "SV-230413r810463_rule",
+            "stig_id": "RHEL-08-030200",
+            "fix_id": "F-33057r809294_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230413' do\n  title 'The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter).\n\n\"Setxattr\" is a system call used to set an extended attribute value.\n\"Fsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a file.\n\"Lsetxattr\" is a system call used to set an extended attribute value. This is used to set extended attributes on a symbolic link.\n\"Removexattr\" is a system call that removes extended attributes.\n\"Fremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from a file.\n\"Lremovexattr\" is a system call that removes extended attributes. This is used for removal of extended attributes from symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify if RHEL 8 is configured to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by running the following command:\n\n$ sudo grep xattr /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nIf the command does not return an audit rule for \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit the execution of the \"setxattr\", \"fsetxattr\", \"lsetxattr\", \"removexattr\", \"fremovexattr\", and \"lremovexattr\" system calls by adding or updating the following lines to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod\n\n-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000458-GPOS-00203', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000463-GPOS-00207', 'SRG-OS-000468-GPOS-00212', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000474-GPOS-00219', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230413'\n  tag rid: 'SV-230413r810463_rule'\n  tag stig_id: 'RHEL-08-030200'\n  tag fix_id: 'F-33057r809294_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'lremovexattr'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230413.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 0.000107,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 8.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" arch.uniq is expected to include \"b32\"",
+              "run_time": 0.000104,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" arch.uniq is expected to include \"b64\"",
+              "run_time": 0.000108,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000104,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 9.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"lremovexattr\" key.uniq is expected to cmp == \"perm_mod\"",
+              "run_time": 0.000327,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230418",
+          "title": "Successful/unsuccessful uses of the chage command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chage\" command is\nused to change or view user password expiry information.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chage\" command is\nused to change or view user password expiry information.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"chage\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"chage\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000468-GPOS-00212",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230418",
+            "rid": "SV-230418r627750_rule",
+            "stig_id": "RHEL-08-030250",
+            "fix_id": "F-33062r568001_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230418' do\n  title 'Successful/unsuccessful uses of the chage command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chage\" command is\nused to change or view user password expiry information.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"chage\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"chage\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-chage\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000468-GPOS-00212', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230418'\n  tag rid: 'SV-230418r627750_rule'\n  tag stig_id: 'RHEL-08-030250'\n  tag fix_id: 'F-33062r568001_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chage'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-chage' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230418.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chage\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.000121,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chage\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 0.0001,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chage\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 9.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chage\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chage\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 0.000106,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chage\" key.uniq is expected to cmp == \"privileged-chage\"",
+              "run_time": 0.000312,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230419",
+          "title": "Successful/unsuccessful uses of the chcon command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chcon\" command is\nused to change file SELinux security context.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chcon\" command is\nused to change file SELinux security context.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chcon\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chcon /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chcon\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000468-GPOS-00212",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230419",
+            "rid": "SV-230419r627750_rule",
+            "stig_id": "RHEL-08-030260",
+            "fix_id": "F-33063r568004_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230419' do\n  title 'Successful/unsuccessful uses of the chcon command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chcon\" command is\nused to change file SELinux security context.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chcon\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chcon /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chcon\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000468-GPOS-00212', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230419'\n  tag rid: 'SV-230419r627750_rule'\n  tag stig_id: 'RHEL-08-030260'\n  tag fix_id: 'F-33063r568004_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chcon'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230419.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chcon\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.000195,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chcon\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 0.000117,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chcon\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 9.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chcon\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000104,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chcon\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 9.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chcon\" key.uniq is expected to cmp == \"perm_mod\"",
+              "run_time": 0.00014,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230421",
+          "title": "Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate\nan audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-agent\" is a\nprogram to hold private keys used for public key authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-agent\" is a\nprogram to hold private keys used for public key authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-agent\" by performing the following command to check\nthe file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-agent /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-agent\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230421",
+            "rid": "SV-230421r627750_rule",
+            "stig_id": "RHEL-08-030280",
+            "fix_id": "F-33065r568010_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230421' do\n  title 'Successful/unsuccessful uses of the ssh-agent in RHEL 8 must generate\nan audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-agent\" is a\nprogram to hold private keys used for public key authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-agent\" by performing the following command to check\nthe file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-agent /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-agent\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230421'\n  tag rid: 'SV-230421r627750_rule'\n  tag stig_id: 'RHEL-08-030280'\n  tag fix_id: 'F-33065r568010_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/ssh-agent'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-ssh' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230421.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/ssh-agent\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/ssh-agent\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 8.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/ssh-agent\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 8.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/ssh-agent\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 9.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/ssh-agent\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 9.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/ssh-agent\" key.uniq is expected to cmp == \"privileged-ssh\"",
+              "run_time": 0.000112,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230422",
+          "title": "Successful/unsuccessful uses of the passwd command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"passwd\" command is\nused to change passwords for user accounts.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"passwd\" command is\nused to change passwords for user accounts.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"passwd\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w passwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"passwd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230422",
+            "rid": "SV-230422r627750_rule",
+            "stig_id": "RHEL-08-030290",
+            "fix_id": "F-33066r568013_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230422' do\n  title 'Successful/unsuccessful uses of the passwd command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"passwd\" command is\nused to change passwords for user accounts.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"passwd\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w passwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"passwd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230422'\n  tag rid: 'SV-230422r627750_rule'\n  tag stig_id: 'RHEL-08-030290'\n  tag fix_id: 'F-33066r568013_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/passwd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-passwd' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230422.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/passwd\" permissions.flatten is expected to include \"x\"",
+              "run_time": 8.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/passwd\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 7.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/passwd\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 0.000154,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/passwd\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000224,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/passwd\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/passwd\" key.uniq is expected to cmp == \"privileged-passwd\"",
+              "run_time": 0.000208,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230423",
+          "title": "Successful/unsuccessful uses of the mount command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" command is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" command is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/mount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230423",
+            "rid": "SV-230423r627750_rule",
+            "stig_id": "RHEL-08-030300",
+            "fix_id": "F-33067r568016_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230423' do\n  title 'Successful/unsuccessful uses of the mount command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" command is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/mount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230423'\n  tag rid: 'SV-230423r627750_rule'\n  tag stig_id: 'RHEL-08-030300'\n  tag fix_id: 'F-33067r568016_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/mount'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-mount' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230423.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/mount\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/mount\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 9.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/mount\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 0.000179,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/mount\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 8.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/mount\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 7.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/mount\" key.uniq is expected to cmp == \"privileged-mount\"",
+              "run_time": 0.000119,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230424",
+          "title": "Successful/unsuccessful uses of the umount command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"umount\" command is\nused to unmount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"umount\" command is\nused to unmount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"umount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/umount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"umount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230424",
+            "rid": "SV-230424r627750_rule",
+            "stig_id": "RHEL-08-030301",
+            "fix_id": "F-33068r568019_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230424' do\n  title 'Successful/unsuccessful uses of the umount command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"umount\" command is\nused to unmount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"umount\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w /usr/bin/umount /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"umount\" command by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230424'\n  tag rid: 'SV-230424r627750_rule'\n  tag stig_id: 'RHEL-08-030301'\n  tag fix_id: 'F-33068r568019_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/umount'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-mount' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230424.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/umount\" permissions.flatten is expected to include \"x\"",
+              "run_time": 8.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/umount\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 7.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/umount\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 7.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/umount\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 7.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/umount\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 7.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/umount\" key.uniq is expected to cmp == \"privileged-mount\"",
+              "run_time": 0.000165,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230425",
+          "title": "Successful/unsuccessful uses of the mount syscall in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" syscall is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" syscall is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" syscall by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"\\-S mount\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" syscall by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230425",
+            "rid": "SV-230425r627750_rule",
+            "stig_id": "RHEL-08-030302",
+            "fix_id": "F-33069r568022_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230425' do\n  title 'Successful/unsuccessful uses of the mount syscall in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"mount\" syscall is\nused to mount a filesystem.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"mount\" syscall by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"\\\\-S mount\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"mount\" syscall by adding or updating the\nfollowing rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230425'\n  tag rid: 'SV-230425r627750_rule'\n  tag stig_id: 'RHEL-08-030302'\n  tag fix_id: 'F-33069r568022_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'mount'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-mount' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230425.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 7.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 7.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" arch.uniq is expected to include \"b32\"",
+              "run_time": 8.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" arch.uniq is expected to include \"b64\"",
+              "run_time": 7.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 8.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 8.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"mount\" key.uniq is expected to cmp == \"privileged-mount\"",
+              "run_time": 0.000123,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230426",
+          "title": "Successful/unsuccessful uses of the unix_update in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\"Unix_update\" is a helper program for the \"pam_unix\" module that updates\nthe password for a given user. It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\"Unix_update\" is a helper program for the \"pam_unix\" module that updates\nthe password for a given user. It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"unix_update\" by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_update\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_update\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230426",
+            "rid": "SV-230426r627750_rule",
+            "stig_id": "RHEL-08-030310",
+            "fix_id": "F-33070r568025_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230426' do\n  title 'Successful/unsuccessful uses of the unix_update in RHEL 8 must\ngenerate an audit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\"Unix_update\" is a helper program for the \"pam_unix\" module that updates\nthe password for a given user. It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"unix_update\" by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_update\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_update\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230426'\n  tag rid: 'SV-230426r627750_rule'\n  tag stig_id: 'RHEL-08-030310'\n  tag fix_id: 'F-33070r568025_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/unix_update'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230426.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_update\" permissions.flatten is expected to include \"x\"",
+              "run_time": 8.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_update\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 7.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_update\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 7.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_update\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 7.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_update\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 7.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_update\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 0.000113,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230427",
+          "title": "Successful/unsuccessful uses of postdrop in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postdrop\" command creates a file in the maildrop directory and copies\nits standard input to the file.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postdrop\" command creates a file in the maildrop directory and copies\nits standard input to the file.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"postdrop\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postdrop\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postdrop\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230427",
+            "rid": "SV-230427r627750_rule",
+            "stig_id": "RHEL-08-030311",
+            "fix_id": "F-33071r568028_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230427' do\n  title 'Successful/unsuccessful uses of postdrop in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postdrop\" command creates a file in the maildrop directory and copies\nits standard input to the file.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"postdrop\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postdrop\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postdrop\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230427'\n  tag rid: 'SV-230427r627750_rule'\n  tag stig_id: 'RHEL-08-030311'\n  tag fix_id: 'F-33071r568028_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/postdrop'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230427.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postdrop\" permissions.flatten is expected to include \"x\"",
+              "run_time": 8.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postdrop\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 7.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postdrop\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 6.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postdrop\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 6.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postdrop\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 7.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postdrop\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 9.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230428",
+          "title": "Successful/unsuccessful uses of postqueue in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postqueue\" command implements the Postfix user interface for queue\nmanagement.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postqueue\" command implements the Postfix user interface for queue\nmanagement.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"postqueue\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postqueue\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postqueue\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230428",
+            "rid": "SV-230428r627750_rule",
+            "stig_id": "RHEL-08-030312",
+            "fix_id": "F-33072r568031_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230428' do\n  title 'Successful/unsuccessful uses of postqueue in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"postqueue\" command implements the Postfix user interface for queue\nmanagement.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"postqueue\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"postqueue\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"postqueue\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230428'\n  tag rid: 'SV-230428r627750_rule'\n  tag stig_id: 'RHEL-08-030312'\n  tag fix_id: 'F-33072r568031_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/postqueue'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230428.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postqueue\" permissions.flatten is expected to include \"x\"",
+              "run_time": 8.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postqueue\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 8.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postqueue\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 7.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postqueue\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 8.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postqueue\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 7.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/postqueue\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 0.00013,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230429",
+          "title": "Successful/unsuccessful uses of semanage in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"semanage\" command is used to configure certain elements of SELinux\npolicy without requiring modification to or recompilation from policy sources.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"semanage\" command is used to configure certain elements of SELinux\npolicy without requiring modification to or recompilation from policy sources.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"semanage\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"semanage\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"semanage\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230429",
+            "rid": "SV-230429r627750_rule",
+            "stig_id": "RHEL-08-030313",
+            "fix_id": "F-33073r568034_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230429' do\n  title 'Successful/unsuccessful uses of semanage in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"semanage\" command is used to configure certain elements of SELinux\npolicy without requiring modification to or recompilation from policy sources.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"semanage\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"semanage\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"semanage\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230429'\n  tag rid: 'SV-230429r627750_rule'\n  tag stig_id: 'RHEL-08-030313'\n  tag fix_id: 'F-33073r568034_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/semanage'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230429.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/semanage\" permissions.flatten is expected to include \"x\"",
+              "run_time": 8.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/semanage\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 6.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/semanage\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 6.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/semanage\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 9.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/semanage\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 8.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/semanage\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 0.000127,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230430",
+          "title": "Successful/unsuccessful uses of setfiles in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setfiles\" command is primarily used to initialize the security context\nfields (extended attributes) on one or more filesystems (or parts of them).\nUsually it is initially run as part of the SELinux installation process (a step\ncommonly known as labeling).\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setfiles\" command is primarily used to initialize the security context\nfields (extended attributes) on one or more filesystems (or parts of them).\nUsually it is initially run as part of the SELinux installation process (a step\ncommonly known as labeling).\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"setfiles\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setfiles\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setfiles\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230430",
+            "rid": "SV-230430r627750_rule",
+            "stig_id": "RHEL-08-030314",
+            "fix_id": "F-33074r568037_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230430' do\n  title 'Successful/unsuccessful uses of setfiles in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setfiles\" command is primarily used to initialize the security context\nfields (extended attributes) on one or more filesystems (or parts of them).\nUsually it is initially run as part of the SELinux installation process (a step\ncommonly known as labeling).\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"setfiles\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setfiles\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setfiles\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230430'\n  tag rid: 'SV-230430r627750_rule'\n  tag stig_id: 'RHEL-08-030314'\n  tag fix_id: 'F-33074r568037_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/setfiles'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230430.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setfiles\" permissions.flatten is expected to include \"x\"",
+              "run_time": 9.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setfiles\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 7.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setfiles\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 0.000175,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setfiles\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 7.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setfiles\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 7.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setfiles\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230431",
+          "title": "Successful/unsuccessful uses of userhelper in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"userhelper\" command is not intended to be run interactively.\n\"Userhelper\" provides a basic interface to change a user's password, gecos\ninformation, and shell.  The main difference between this program and its\ntraditional equivalents (passwd, chfn, chsh) is that prompts are written to\nstandard out to make it easy for a graphical user interface wrapper to\ninterface to it as a child process.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"userhelper\" command is not intended to be run interactively.\n\"Userhelper\" provides a basic interface to change a user's password, gecos\ninformation, and shell.  The main difference between this program and its\ntraditional equivalents (passwd, chfn, chsh) is that prompts are written to\nstandard out to make it easy for a graphical user interface wrapper to\ninterface to it as a child process.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"userhelper\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"userhelper\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"userhelper\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230431",
+            "rid": "SV-230431r627750_rule",
+            "stig_id": "RHEL-08-030315",
+            "fix_id": "F-33075r568040_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230431' do\n  title 'Successful/unsuccessful uses of userhelper in RHEL 8 must generate an\naudit record.'\n  desc %q(Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"userhelper\" command is not intended to be run interactively.\n\"Userhelper\" provides a basic interface to change a user's password, gecos\ninformation, and shell.  The main difference between this program and its\ntraditional equivalents (passwd, chfn, chsh) is that prompts are written to\nstandard out to make it easy for a graphical user interface wrapper to\ninterface to it as a child process.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.)\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"userhelper\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"userhelper\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"userhelper\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230431'\n  tag rid: 'SV-230431r627750_rule'\n  tag stig_id: 'RHEL-08-030315'\n  tag fix_id: 'F-33075r568040_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/userhelper'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230431.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/userhelper\" permissions.flatten is expected to include \"x\"",
+              "run_time": 7.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/userhelper\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 6.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/userhelper\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/userhelper\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 6.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/userhelper\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 6.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/userhelper\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230432",
+          "title": "Successful/unsuccessful uses of setsebool in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setsebool\" command sets the current state of a particular SELinux\nboolean or a list of booleans to a given value.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setsebool\" command sets the current state of a particular SELinux\nboolean or a list of booleans to a given value.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"setsebool\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setsebool\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setsebool\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230432",
+            "rid": "SV-230432r627750_rule",
+            "stig_id": "RHEL-08-030316",
+            "fix_id": "F-33076r568043_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230432' do\n  title 'Successful/unsuccessful uses of setsebool in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"setsebool\" command sets the current state of a particular SELinux\nboolean or a list of booleans to a given value.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"setsebool\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"setsebool\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"setsebool\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230432'\n  tag rid: 'SV-230432r627750_rule'\n  tag stig_id: 'RHEL-08-030316'\n  tag fix_id: 'F-33076r568043_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/setsebool'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230432.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setsebool\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.007013,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setsebool\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setsebool\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 6.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setsebool\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 7.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setsebool\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 6.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/setsebool\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 0.000123,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230433",
+          "title": "Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an\naudit record.",
+          "desc": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"unix_chkpwd\" command is a helper program for the pam_unix module that\nverifies the password of the current user.  It also checks password and account\nexpiration dates in shadow.  It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"unix_chkpwd\" command is a helper program for the pam_unix module that\nverifies the password of the current user.  It also checks password and account\nexpiration dates in shadow.  It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof \"unix_chkpwd\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_chkpwd\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_chkpwd\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230433",
+            "rid": "SV-230433r627750_rule",
+            "stig_id": "RHEL-08-030317",
+            "fix_id": "F-33077r568046_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230433' do\n  title 'Successful/unsuccessful uses of unix_chkpwd in RHEL 8 must generate an\naudit record.'\n  desc 'Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\nThe \"unix_chkpwd\" command is a helper program for the pam_unix module that\nverifies the password of the current user.  It also checks password and account\nexpiration dates in shadow.  It is not intended to be run directly from the\ncommand line and logs a security violation if done so.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof \"unix_chkpwd\" by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"unix_chkpwd\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"unix_chkpwd\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-unix-update\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230433'\n  tag rid: 'SV-230433r627750_rule'\n  tag stig_id: 'RHEL-08-030317'\n  tag fix_id: 'F-33077r568046_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/unix_chkpwd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-unix-update' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230433.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" permissions.flatten is expected to include \"x\"",
+              "run_time": 7.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 6.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 6.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000298,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/unix_chkpwd\" key.uniq is expected to cmp == \"privileged-unix-update\"",
+              "run_time": 9.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230434",
+          "title": "Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-keysign\" program\nis an SSH helper program for host-based authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-keysign\" program\nis an SSH helper program for host-based authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-keysign\" by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-keysign /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-keysign\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230434",
+            "rid": "SV-230434r744002_rule",
+            "stig_id": "RHEL-08-030320",
+            "fix_id": "F-33078r744001_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230434' do\n  title 'Successful/unsuccessful uses of the ssh-keysign in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"ssh-keysign\" program\nis an SSH helper program for host-based authentication.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"ssh-keysign\" by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep ssh-keysign /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"ssh-keysign\" by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230434'\n  tag rid: 'SV-230434r744002_rule'\n  tag stig_id: 'RHEL-08-030320'\n  tag fix_id: 'F-33078r744001_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/libexec/openssh/ssh-keysign'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-ssh' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230434.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" permissions.flatten is expected to include \"x\"",
+              "run_time": 6.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 6.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/libexec/openssh/ssh-keysign\" key.uniq is expected to cmp == \"privileged-ssh\"",
+              "run_time": 0.000209,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230435",
+          "title": "Successful/unsuccessful uses of the setfacl command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"setfacl\" command is\nused to set file access control lists.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"setfacl\" command is\nused to set file access control lists.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"setfacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w setfacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"setfacl\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230435",
+            "rid": "SV-230435r627750_rule",
+            "stig_id": "RHEL-08-030330",
+            "fix_id": "F-33079r568052_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230435' do\n  title 'Successful/unsuccessful uses of the setfacl command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"setfacl\" command is\nused to set file access control lists.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"setfacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w setfacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"setfacl\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230435'\n  tag rid: 'SV-230435r627750_rule'\n  tag stig_id: 'RHEL-08-030330'\n  tag fix_id: 'F-33079r568052_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/setfacl'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230435.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/setfacl\" permissions.flatten is expected to include \"x\"",
+              "run_time": 6.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/setfacl\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/setfacl\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/setfacl\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/setfacl\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/setfacl\" key.uniq is expected to cmp == \"perm_mod\"",
+              "run_time": 9.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230436",
+          "title": "Successful/unsuccessful uses of the pam_timestamp_check command in\nRHEL 8 must generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"pam_timestamp_check\"\ncommand is used to check if the default timestamp is valid.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"pam_timestamp_check\"\ncommand is used to check if the default timestamp is valid.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"pam_timestamp_check\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w pam_timestamp_check /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"pam_timestamp_check\" command by adding\nor updating the following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230436",
+            "rid": "SV-230436r627750_rule",
+            "stig_id": "RHEL-08-030340",
+            "fix_id": "F-33080r568055_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230436' do\n  title 'Successful/unsuccessful uses of the pam_timestamp_check command in\nRHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"pam_timestamp_check\"\ncommand is used to check if the default timestamp is valid.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"pam_timestamp_check\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w pam_timestamp_check /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"pam_timestamp_check\" command by adding\nor updating the following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F\nauid>=1000 -F auid!=unset -k privileged-pam_timestamp_check\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230436'\n  tag rid: 'SV-230436r627750_rule'\n  tag stig_id: 'RHEL-08-030340'\n  tag fix_id: 'F-33080r568055_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/pam_timestamp_check'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-pam_timestamp_check' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230436.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" permissions.flatten is expected to include \"x\"",
+              "run_time": 6.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 0.000168,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/pam_timestamp_check\" key.uniq is expected to cmp == \"privileged-pam_timestamp_check\"",
+              "run_time": 7.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230437",
+          "title": "Successful/unsuccessful uses of the newgrp command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"newgrp\" command is\nused to change the current group ID during a login session.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"newgrp\" command is\nused to change the current group ID during a login session.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"newgrp\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w newgrp /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"newgrp\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230437",
+            "rid": "SV-230437r627750_rule",
+            "stig_id": "RHEL-08-030350",
+            "fix_id": "F-33081r568058_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230437' do\n  title 'Successful/unsuccessful uses of the newgrp command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"newgrp\" command is\nused to change the current group ID during a login session.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"newgrp\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w newgrp /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"newgrp\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F\nauid!=unset -k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230437'\n  tag rid: 'SV-230437r627750_rule'\n  tag stig_id: 'RHEL-08-030350'\n  tag fix_id: 'F-33081r568058_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/newgrp'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230437.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/newgrp\" permissions.flatten is expected to include \"x\"",
+              "run_time": 5.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/newgrp\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/newgrp\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/newgrp\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/newgrp\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/newgrp\" key.uniq is expected to cmp == \"priv_cmd\"",
+              "run_time": 7.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230438",
+          "title": "Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"init_module\" and \"finit_module\" system calls are used to load a kernel module.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"init_module\" and \"finit_module\" system calls are used to load a kernel module.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"init_module\" and \"finit_module\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep init_module /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nIf the command does not return an audit rule for \"init_module\" and \"finit_module\" or any of the lines returned are commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"init_module\" and \"finit_module\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nThe audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230438",
+            "rid": "SV-230438r810464_rule",
+            "stig_id": "RHEL-08-030360",
+            "fix_id": "F-33082r810448_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230438' do\n  title 'Successful/unsuccessful uses of the init_module and finit_module system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"init_module\" and \"finit_module\" system calls are used to load a kernel module.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"init_module\" and \"finit_module\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep init_module /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nIf the command does not return an audit rule for \"init_module\" and \"finit_module\" or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"init_module\" and \"finit_module\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230438'\n  tag rid: 'SV-230438r810464_rule'\n  tag stig_id: 'RHEL-08-030360'\n  tag fix_id: 'F-33082r810448_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'init_module'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'module_chng' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230438.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" arch.uniq is expected to include \"b32\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" arch.uniq is expected to include \"b64\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"init_module\" key.uniq is expected to cmp == \"module_chng\"",
+              "run_time": 0.000198,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230439",
+          "title": "Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"rename\" system call will rename the specified files by replacing the first occurrence of expression in their name by replacement.\n\nThe \"unlink\" system call deletes a name from the filesystem. If that name was the last link to a file and no processes have the file open, the file is deleted and the space it was using is made available for reuse.\nThe \"rmdir\" system call removes empty directories.\nThe \"renameat\" system call renames a file, moving it between directories if required.\nThe \"unlinkat\" system call operates in exactly the same way as either \"unlink\" or \"rmdir\" except for the differences described in the manual page.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"rename\" system call will rename the specified files by replacing the first occurrence of expression in their name by replacement.\n\nThe \"unlink\" system call deletes a name from the filesystem. If that name was the last link to a file and no processes have the file open, the file is deleted and the space it was using is made available for reuse.\nThe \"rmdir\" system call removes empty directories.\nThe \"renameat\" system call renames a file, moving it between directories if required.\nThe \"unlinkat\" system call operates in exactly the same way as either \"unlink\" or \"rmdir\" except for the differences described in the manual page.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'rename\\|unlink\\|rmdir' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nIf the command does not return an audit rule for \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" or any of the lines returned are commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nThe audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230439",
+            "rid": "SV-230439r810465_rule",
+            "stig_id": "RHEL-08-030361",
+            "fix_id": "F-33083r809301_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230439' do\n  title 'Successful/unsuccessful uses of the rename, unlink, rmdir, renameat, and unlinkat system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"rename\" system call will rename the specified files by replacing the first occurrence of expression in their name by replacement.\n\nThe \"unlink\" system call deletes a name from the filesystem. If that name was the last link to a file and no processes have the file open, the file is deleted and the space it was using is made available for reuse.\nThe \"rmdir\" system call removes empty directories.\nThe \"renameat\" system call renames a file, moving it between directories if required.\nThe \"unlinkat\" system call operates in exactly the same way as either \"unlink\" or \"rmdir\" except for the differences described in the manual page.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', %q(Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'rename\\|unlink\\|rmdir' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nIf the command does not return an audit rule for \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" or any of the lines returned are commented out, this is a finding.)\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"rename\", \"unlink\", \"rmdir\", \"renameat\", and \"unlinkat\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n-a always,exit -F arch=b64 -S rename,unlink,rmdir,renameat,unlinkat -F auid>=1000 -F auid!=unset -k delete\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230439'\n  tag rid: 'SV-230439r810465_rule'\n  tag stig_id: 'RHEL-08-030361'\n  tag fix_id: 'F-33083r809301_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'rename'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'delete' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230439.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 6.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" arch.uniq is expected to include \"b32\"",
+              "run_time": 7.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" arch.uniq is expected to include \"b64\"",
+              "run_time": 5.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Auditd Rules with syscall == \"rename\" key.uniq is expected to cmp == \"delete\"",
+              "run_time": 0.000386,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "\nexpected: delete\n     got: [\"module_chng\"]\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230444",
+          "title": "Successful/unsuccessful uses of the gpasswd command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"gpasswd\" command is\nused to administer /etc/group and /etc/gshadow. Every group can have\nadministrators, members and a password.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"gpasswd\" command is\nused to administer /etc/group and /etc/gshadow. Every group can have\nadministrators, members and a password.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"gpasswd\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w gpasswd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"gpasswd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230444",
+            "rid": "SV-230444r627750_rule",
+            "stig_id": "RHEL-08-030370",
+            "fix_id": "F-33088r568079_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230444' do\n  title 'Successful/unsuccessful uses of the gpasswd command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"gpasswd\" command is\nused to administer /etc/group and /etc/gshadow. Every group can have\nadministrators, members and a password.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"gpasswd\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w gpasswd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"gpasswd\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-gpasswd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230444'\n  tag rid: 'SV-230444r627750_rule'\n  tag stig_id: 'RHEL-08-030370'\n  tag fix_id: 'F-33088r568079_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/gpasswd'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-gpasswd' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230444.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/gpasswd\" permissions.flatten is expected to include \"x\"",
+              "run_time": 0.00017,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/gpasswd\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 8.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/gpasswd\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/gpasswd\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 7.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/gpasswd\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/gpasswd\" key.uniq is expected to cmp == \"privileged-gpasswd\"",
+              "run_time": 9.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230446",
+          "title": "Successful/unsuccessful uses of the delete_module command in RHEL 8\nmust generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"delete_module\"\ncommand is used to unload a kernel module.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"delete_module\"\ncommand is used to unload a kernel module.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"delete_module\" command by performing the following\ncommand to check the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"delete_module\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"delete_module\" command by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230446",
+            "rid": "SV-230446r627750_rule",
+            "stig_id": "RHEL-08-030390",
+            "fix_id": "F-33090r568085_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230446' do\n  title 'Successful/unsuccessful uses of the delete_module command in RHEL 8\nmust generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"delete_module\"\ncommand is used to unload a kernel module.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"delete_module\" command by performing the following\ncommand to check the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w \"delete_module\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"delete_module\" command by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n    -a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k\nmodule_chng\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230446'\n  tag rid: 'SV-230446r627750_rule'\n  tag stig_id: 'RHEL-08-030390'\n  tag fix_id: 'F-33090r568085_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'delete_module'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'module_chng' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230446.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" arch.uniq is expected to include \"b32\"",
+              "run_time": 5.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" arch.uniq is expected to include \"b64\"",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"delete_module\" key.uniq is expected to cmp == \"module_chng\"",
+              "run_time": 8.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230447",
+          "title": "Successful/unsuccessful uses of the crontab command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"crontab\" command is\nused to maintain crontab files for individual users. Crontab is the program\nused to install, remove, or list the tables used to drive the cron daemon. This\nis similar to the task scheduler used in other operating systems.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"crontab\" command is\nused to maintain crontab files for individual users. Crontab is the program\nused to install, remove, or list the tables used to drive the cron daemon. This\nis similar to the task scheduler used in other operating systems.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"crontab\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w crontab /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"crontab\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230447",
+            "rid": "SV-230447r627750_rule",
+            "stig_id": "RHEL-08-030400",
+            "fix_id": "F-33091r568088_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230447' do\n  title 'Successful/unsuccessful uses of the crontab command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"crontab\" command is\nused to maintain crontab files for individual users. Crontab is the program\nused to install, remove, or list the tables used to drive the cron daemon. This\nis similar to the task scheduler used in other operating systems.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"crontab\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w crontab /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"crontab\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-crontab\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230447'\n  tag rid: 'SV-230447r627750_rule'\n  tag stig_id: 'RHEL-08-030400'\n  tag fix_id: 'F-33091r568088_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/crontab'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-crontab' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230447.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/crontab\" permissions.flatten is expected to include \"x\"",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/crontab\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/crontab\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/crontab\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/crontab\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/crontab\" key.uniq is expected to cmp == \"privileged-crontab\"",
+              "run_time": 7.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230448",
+          "title": "Successful/unsuccessful uses of the chsh command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chsh\" command is\nused to change the login shell.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chsh\" command is\nused to change the login shell.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chsh\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chsh /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chsh\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230448",
+            "rid": "SV-230448r627750_rule",
+            "stig_id": "RHEL-08-030410",
+            "fix_id": "F-33092r568091_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230448' do\n  title 'Successful/unsuccessful uses of the chsh command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chsh\" command is\nused to change the login shell.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chsh\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chsh /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chsh\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230448'\n  tag rid: 'SV-230448r627750_rule'\n  tag stig_id: 'RHEL-08-030410'\n  tag fix_id: 'F-33092r568091_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chsh'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230448.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chsh\" permissions.flatten is expected to include \"x\"",
+              "run_time": 6.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chsh\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chsh\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chsh\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 6.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chsh\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chsh\" key.uniq is expected to cmp == \"priv_cmd\"",
+              "run_time": 7.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230449",
+          "title": "Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"truncate\" and \"ftruncate\" functions are used to truncate a file to a specified length.\n\nThe \"creat\" system call is used to open and possibly create a file or device.\nThe \"open\" system call opens a file specified by a pathname. If the specified file does not exist, it may optionally be created by \"open\".\nThe \"openat\" system call opens a file specified by a relative pathname.\nThe \"name_to_handle_at\" and \"open_by_handle_at\" system calls split the functionality of \"openat\" into two parts: \"name_to_handle_at\" returns an opaque handle that corresponds to a specified file; \"open_by_handle_at\" opens the file corresponding to a handle returned by a previous call to \"name_to_handle_at\" and returns an open file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"truncate\" and \"ftruncate\" functions are used to truncate a file to a specified length.\n\nThe \"creat\" system call is used to open and possibly create a file or device.\nThe \"open\" system call opens a file specified by a pathname. If the specified file does not exist, it may optionally be created by \"open\".\nThe \"openat\" system call opens a file specified by a relative pathname.\nThe \"name_to_handle_at\" and \"open_by_handle_at\" system calls split the functionality of \"openat\" into two parts: \"name_to_handle_at\" returns an opaque handle that corresponds to a specified file; \"open_by_handle_at\" opens the file corresponding to a handle returned by a previous call to \"name_to_handle_at\" and returns an open file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'open\\|truncate\\|creat' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nIf the output does not produce rules containing \"-F exit=-EPERM\", this is a finding.\nIf the output does not produce rules containing \"-F exit=-EACCES\", this is a finding.\nIf the command does not return an audit rule for \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" or any of the lines returned are commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nThe audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000064-GPOS-00033"
+            ],
+            "gid": "V-230449",
+            "rid": "SV-230449r810455_rule",
+            "stig_id": "RHEL-08-030420",
+            "fix_id": "F-33093r809304_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230449' do\n  title 'Successful/unsuccessful uses of the truncate, ftruncate, creat, open, openat, and open_by_handle_at system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"truncate\" and \"ftruncate\" functions are used to truncate a file to a specified length.\n\nThe \"creat\" system call is used to open and possibly create a file or device.\nThe \"open\" system call opens a file specified by a pathname. If the specified file does not exist, it may optionally be created by \"open\".\nThe \"openat\" system call opens a file specified by a relative pathname.\nThe \"name_to_handle_at\" and \"open_by_handle_at\" system calls split the functionality of \"openat\" into two parts: \"name_to_handle_at\" returns an opaque handle that corresponds to a specified file; \"open_by_handle_at\" opens the file corresponding to a handle returned by a previous call to \"name_to_handle_at\" and returns an open file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', %q(Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep 'open\\|truncate\\|creat' /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nIf the output does not produce rules containing \"-F exit=-EPERM\", this is a finding.\nIf the output does not produce rules containing \"-F exit=-EACCES\", this is a finding.\nIf the command does not return an audit rule for \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" or any of the lines returned are commented out, this is a finding.)\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"truncate\", \"ftruncate\", \"creat\", \"open\", \"openat\", and \"open_by_handle_at\" system calls by adding or updating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access\n\n-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000064-GPOS-00033']\n  tag gid: 'V-230449'\n  tag rid: 'SV-230449r810455_rule'\n  tag stig_id: 'RHEL-08-030420'\n  tag fix_id: 'F-33093r809304_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'truncate'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'exit=-EACCES' }\n      its('fields.flatten') { should include 'exit=-EPERM' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_access' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230449.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 6.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" arch.uniq is expected to include \"b32\"",
+              "run_time": 6.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" arch.uniq is expected to include \"b64\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"exit=-EACCES\"",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"exit=-EPERM\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"truncate\" key.uniq is expected to cmp == \"perm_access\"",
+              "run_time": 7.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230455",
+          "title": "Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chown\" command is used to change file owner and group.\n\nThe \"fchown\" system call is used to change the ownership of a file referred to by the open file descriptor.\nThe \"fchownat\" system call is used to change ownership of a file relative to a directory file descriptor.\nThe \"lchown\" system call is used to change the ownership of the file specified by a path, which does not dereference symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chown\" command is used to change file owner and group.\n\nThe \"fchown\" system call is used to change the ownership of a file referred to by the open file descriptor.\nThe \"fchownat\" system call is used to change ownership of a file relative to a directory file descriptor.\nThe \"lchown\" system call is used to change the ownership of the file specified by a path, which does not dereference symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chown\", \"fchown\", \"fchownat\" and \"lchown\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chown /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf audit rules are not defined for \"chown\", \"fchown\", \"fchownat\", and \"lchown\" or any of the lines returned are commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chown\", \"fchown\", \"fchownat\", and \"lchown\" system calls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000064-GPOS-00033",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230455",
+            "rid": "SV-230455r810459_rule",
+            "stig_id": "RHEL-08-030480",
+            "fix_id": "F-33099r809307_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230455' do\n  title 'Successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chown\" command is used to change file owner and group.\n\nThe \"fchown\" system call is used to change the ownership of a file referred to by the open file descriptor.\nThe \"fchownat\" system call is used to change ownership of a file relative to a directory file descriptor.\nThe \"lchown\" system call is used to change the ownership of the file specified by a path, which does not dereference symbolic links.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. The performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chown\", \"fchown\", \"fchownat\" and \"lchown\" system calls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chown /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf audit rules are not defined for \"chown\", \"fchown\", \"fchownat\", and \"lchown\" or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chown\", \"fchown\", \"fchownat\", and \"lchown\" system calls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000064-GPOS-00033', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230455'\n  tag rid: 'SV-230455r810459_rule'\n  tag stig_id: 'RHEL-08-030480'\n  tag fix_id: 'F-33099r809307_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'chown'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230455.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" arch.uniq is expected to include \"b32\"",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" arch.uniq is expected to include \"b64\"",
+              "run_time": 5.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chown\" key.uniq is expected to cmp == \"perm_mod\"",
+              "run_time": 7.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230456",
+          "title": "Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chmod\" system call changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.\n\nThe \"fchmod\" system call is used to change permissions of a file.\nThe \"fchmodat\" system call is used to change permissions of a file relative to a directory file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chmod\" system call changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.\n\nThe \"fchmod\" system call is used to change permissions of a file.\nThe \"fchmodat\" system call is used to change permissions of a file relative to a directory file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chmod /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf the command does not return an audit rule for \"chmod\", \"fchmod\", and \"fchmodat\", or any of the lines returned are commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000064-GPOS-00033",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230456",
+            "rid": "SV-230456r810462_rule",
+            "stig_id": "RHEL-08-030490",
+            "fix_id": "F-33100r809310_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230456' do\n  title 'Successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls in RHEL 8 must generate an audit record.'\n  desc 'Without generating audit records that are specific to the security and mission needs of the organization, it would be difficult to establish, correlate, and investigate the events relating to an incident or identify those responsible for one.\n\nAudit records can be generated from various components within the information system (e.g., module or policy filter). The \"chmod\" system call changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.\n\nThe \"fchmod\" system call is used to change permissions of a file.\nThe \"fchmodat\" system call is used to change permissions of a file relative to a directory file descriptor.\n\nWhen a user logs on, the AUID is set to the UID of the account that is being authenticated. Daemons are not user sessions and have the loginuid set to \"-1\". The AUID representation is an unsigned 32-bit integer, which equals \"4294967295\". The audit system interprets \"-1\", \"4294967295\", and \"unset\" in the same way.\n\nThe system call rules are loaded into a matching engine that intercepts each syscall made by all programs on the system. Therefore, it is very important to use syscall rules only when absolutely necessary since these affect performance. The more rules, the bigger the performance hit. Performance can be helped, however, by combining syscalls into one rule whenever possible.'\n  desc 'check', 'Verify RHEL 8 generates an audit record upon successful/unsuccessful attempts to use the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by using the following command to check the file system rules in \"/etc/audit/audit.rules\":\n\n$ sudo grep chmod /etc/audit/audit.rules\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nIf the command does not return an audit rule for \"chmod\", \"fchmod\", and \"fchmodat\", or any of the lines returned are commented out, this is a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any successful/unsuccessful use of the \"chmod\", \"fchmod\", and \"fchmodat\" syscalls by adding or updating the following line to \"/etc/audit/rules.d/audit.rules\":\n\n-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod\n\nThe audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000064-GPOS-00033', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230456'\n  tag rid: 'SV-230456r810462_rule'\n  tag stig_id: 'RHEL-08-030490'\n  tag fix_id: 'F-33100r809310_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_syscall = 'chmod'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.syscall(audit_syscall) do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('arch.uniq') { should include 'b32' }\n      its('arch.uniq') { should include 'b64' }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230456.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 5.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 0.000172,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" arch.uniq is expected to include \"b32\"",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" arch.uniq is expected to include \"b64\"",
+              "run_time": 4.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with syscall == \"chmod\" key.uniq is expected to cmp == \"perm_mod\"",
+              "run_time": 6.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230462",
+          "title": "Successful/unsuccessful uses of the sudo command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"sudo\" command allows\na permitted user to execute a command as the superuser or another user, as\nspecified by the security policy.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"sudo\" command allows\na permitted user to execute a command as the superuser or another user, as\nspecified by the security policy.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"sudo\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w sudo /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"sudo\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230462",
+            "rid": "SV-230462r627750_rule",
+            "stig_id": "RHEL-08-030550",
+            "fix_id": "F-33106r568133_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230462' do\n  title 'Successful/unsuccessful uses of the sudo command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"sudo\" command allows\na permitted user to execute a command as the superuser or another user, as\nspecified by the security policy.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"sudo\" command by performing the following command to check the file\nsystem rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w sudo /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"sudo\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset\n-k priv_cmd\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230462'\n  tag rid: 'SV-230462r627750_rule'\n  tag stig_id: 'RHEL-08-030550'\n  tag fix_id: 'F-33106r568133_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/sudo'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'priv_cmd' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230462.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/sudo\" permissions.flatten is expected to include \"x\"",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/sudo\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 4.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/sudo\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/sudo\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 0.000174,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/sudo\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/sudo\" key.uniq is expected to cmp == \"priv_cmd\"",
+              "run_time": 7.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230463",
+          "title": "Successful/unsuccessful uses of the usermod command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"usermod\" command\nmodifies the system account files to reflect the changes that are specified on\nthe command line.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"usermod\" command\nmodifies the system account files to reflect the changes that are specified on\nthe command line.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify that an audit event is generated for any successful/unsuccessful use\nof the \"usermod\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w usermod /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"usermod\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230463",
+            "rid": "SV-230463r627750_rule",
+            "stig_id": "RHEL-08-030560",
+            "fix_id": "F-33107r568136_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230463' do\n  title 'Successful/unsuccessful uses of the usermod command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"usermod\" command\nmodifies the system account files to reflect the changes that are specified on\nthe command line.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify that an audit event is generated for any successful/unsuccessful use\nof the \"usermod\" command by performing the following command to check the\nfile system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w usermod /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful uses of the \"usermod\" command by adding or updating\nthe following rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F\nauid!=unset -k privileged-usermod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230463'\n  tag rid: 'SV-230463r627750_rule'\n  tag stig_id: 'RHEL-08-030560'\n  tag fix_id: 'F-33107r568136_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/sbin/usermod'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'privileged-usermod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230463.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/usermod\" permissions.flatten is expected to include \"x\"",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/usermod\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 4.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/usermod\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/usermod\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/usermod\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/sbin/usermod\" key.uniq is expected to cmp == \"privileged-usermod\"",
+              "run_time": 0.00016,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230464",
+          "title": "Successful/unsuccessful uses of the chacl command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chacl\" command is\nused to change the access control list of a file or directory.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chacl\" command is\nused to change the access control list of a file or directory.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chacl\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000466-GPOS-00210"
+            ],
+            "gid": "V-230464",
+            "rid": "SV-230464r627750_rule",
+            "stig_id": "RHEL-08-030570",
+            "fix_id": "F-33108r568139_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230464' do\n  title 'Successful/unsuccessful uses of the chacl command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"chacl\" command is\nused to change the access control list of a file or directory.\n\n    When a user logs on, the AUID is set to the UID of the account that is\nbeing authenticated. Daemons are not user sessions and have the loginuid set to\n\"-1\". The AUID representation is an unsigned 32-bit integer, which equals\n\"4294967295\". The audit system interprets \"-1\", \"4294967295\", and\n\"unset\" in the same way.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nattempts to use the \"chacl\" command by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w chacl /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful use of the \"chacl\" command by adding or updating the\nfollowing rule in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F\nauid!=unset -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000466-GPOS-00210']\n  tag gid: 'V-230464'\n  tag rid: 'SV-230464r627750_rule'\n  tag stig_id: 'RHEL-08-030570'\n  tag fix_id: 'F-33108r568139_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/chacl'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'perm_mod' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230464.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chacl\" permissions.flatten is expected to include \"x\"",
+              "run_time": 5.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chacl\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 4.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chacl\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 4.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chacl\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chacl\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 4.8e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/chacl\" key.uniq is expected to cmp == \"perm_mod\"",
+              "run_time": 6.5e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230465",
+          "title": "Successful/unsuccessful uses of the kmod command in RHEL 8 must\ngenerate an audit record.",
+          "desc": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"kmod\" command is\nused to control Linux Kernel modules.\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"kmod\" command is\nused to control Linux Kernel modules.\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."
+            },
+            {
+              "label": "check",
+              "data": "Verify if RHEL 8 is configured to audit the execution of the module\nmanagement program \"kmod\", by running the following command:\n\n    $ sudo grep \"/usr/bin/kmod\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to audit the execution of the module management program\n\"kmod\" by adding or updating the following line to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000471-GPOS-00216",
+              "SRG-OS-000477-GPOS-00222"
+            ],
+            "gid": "V-230465",
+            "rid": "SV-230465r627750_rule",
+            "stig_id": "RHEL-08-030580",
+            "fix_id": "F-33109r568142_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230465' do\n  title 'Successful/unsuccessful uses of the kmod command in RHEL 8 must\ngenerate an audit record.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter). The \"kmod\" command is\nused to control Linux Kernel modules.\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify if RHEL 8 is configured to audit the execution of the module\nmanagement program \"kmod\", by running the following command:\n\n    $ sudo grep \"/usr/bin/kmod\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit the execution of the module management program\n\"kmod\" by adding or updating the following line to\n\"/etc/audit/rules.d/audit.rules\":\n\n    -a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset\n-k modules\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000471-GPOS-00216', 'SRG-OS-000477-GPOS-00222']\n  tag gid: 'V-230465'\n  tag rid: 'SV-230465r627750_rule'\n  tag stig_id: 'RHEL-08-030580'\n  tag fix_id: 'F-33109r568142_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/usr/bin/kmod'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'x' }\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('fields.flatten') { should include 'auid>=1000' }\n      its('fields.flatten') { should include 'auid!=-1' }\n      its('key.uniq') { should cmp 'modules' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230465.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/kmod\" permissions.flatten is expected to include \"x\"",
+              "run_time": 5.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/kmod\" action.uniq is expected to eq [\"always\"]",
+              "run_time": 4.6e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/kmod\" list.uniq is expected to eq [\"exit\"]",
+              "run_time": 5.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/kmod\" fields.flatten is expected to include \"auid>=1000\"",
+              "run_time": 6.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/kmod\" fields.flatten is expected to include \"auid!=-1\"",
+              "run_time": 6.3e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/usr/bin/kmod\" key.uniq is expected to cmp == \"modules\"",
+              "run_time": 9.0e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230466",
+          "title": "Successful/unsuccessful modifications to the faillock log file in RHEL\n8 must generate an audit record.",
+          "desc": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.\n\n    From \"Pam_Faillock man\" pages: Note the default directory that\npam_faillock uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.\n\n    From \"Pam_Faillock man\" pages: Note the default directory that\npam_faillock uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"faillock\" file occur. First, determine where the\nfaillock tallies are stored with the following commands:\n\n    For RHEL versions 8.0 and 8.1:\n\n    $ sudo grep -i pam_faillock.so /etc/pam.d/system-auth\n\n    auth     required          pam_faillock.so preauth dir=/var/log/faillock\nsilent deny=3 fail_interval=900 even_deny_root\n\n    For RHEL versions 8.2 and newer:\n\n    $ sudo grep dir /etc/security/faillock.conf\n\n    dir=/var/log/faillock\n\n    Using the location of the faillock log file, check that the following calls\nare being audited by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w faillock /etc/audit/audit.rules\n\n    -w /var/log/faillock -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"faillock\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/faillock -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000473-GPOS-00218"
+            ],
+            "gid": "V-230466",
+            "rid": "SV-230466r627750_rule",
+            "stig_id": "RHEL-08-030590",
+            "fix_id": "F-33110r568145_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230466' do\n  title 'Successful/unsuccessful modifications to the faillock log file in RHEL\n8 must generate an audit record.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.\n\n    From \"Pam_Faillock man\" pages: Note the default directory that\npam_faillock uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"faillock\" file occur. First, determine where the\nfaillock tallies are stored with the following commands:\n\n    For RHEL versions 8.0 and 8.1:\n\n    $ sudo grep -i pam_faillock.so /etc/pam.d/system-auth\n\n    auth     required          pam_faillock.so preauth dir=/var/log/faillock\nsilent deny=3 fail_interval=900 even_deny_root\n\n    For RHEL versions 8.2 and newer:\n\n    $ sudo grep dir /etc/security/faillock.conf\n\n    dir=/var/log/faillock\n\n    Using the location of the faillock log file, check that the following calls\nare being audited by performing the following command to check the file system\nrules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w faillock /etc/audit/audit.rules\n\n    -w /var/log/faillock -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"faillock\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/faillock -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218']\n  tag gid: 'V-230466'\n  tag rid: 'SV-230466r627750_rule'\n  tag stig_id: 'RHEL-08-030590'\n  tag fix_id: 'F-33110r568145_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  if os.release.to_f < 8.2\n    m = /dir=(?<dir>\\S*)/\n    s = command('grep -i pam_faillock.so /etc/pam.d/system-auth').stdout\n    dir_match = m.match(s)\n    audit_file = (dir_match[:dir] if dir_match)\n  else\n    audit_file = parse_config_file('/etc/security/faillock.conf').params('dir')\n  end\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif audit_file\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'w' }\n      its('permissions.flatten') { should include 'a' }\n      its('key') { should cmp 'logins' }\n    end\n  else\n    describe 'No faillock logfile found' do\n      subject { audit_file }\n      it { should_not be nil }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230466.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "No faillock logfile found is expected not to equal nil",
+              "run_time": 9.7e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No faillock logfile found"
+            }
+          ]
+        },
+        {
+          "id": "SV-230467",
+          "title": "Successful/unsuccessful modifications to the lastlog file in RHEL 8\nmust generate an audit record.",
+          "desc": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"lastlog\" file by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w lastlog /etc/audit/audit.rules\n\n    -w /var/log/lastlog -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"lastlog\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/lastlog -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000473-GPOS-00218"
+            ],
+            "gid": "V-230467",
+            "rid": "SV-230467r627750_rule",
+            "stig_id": "RHEL-08-030600",
+            "fix_id": "F-33111r568148_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230467' do\n  title 'Successful/unsuccessful modifications to the lastlog file in RHEL 8\nmust generate an audit record.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify RHEL 8 generates an audit record when successful/unsuccessful\nmodifications to the \"lastlog\" file by performing the following command to\ncheck the file system rules in \"/etc/audit/audit.rules\":\n\n    $ sudo grep -w lastlog /etc/audit/audit.rules\n\n    -w /var/log/lastlog -p wa -k logins\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.'\n  desc 'fix', 'Configure the audit system to generate an audit event for any\nsuccessful/unsuccessful modifications to the \"lastlog\" file by adding or\nupdating the following rules in the \"/etc/audit/rules.d/audit.rules\" file:\n\n    -w /var/log/lastlog -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218']\n  tag gid: 'V-230467'\n  tag rid: 'SV-230467r627750_rule'\n  tag stig_id: 'RHEL-08-030600'\n  tag fix_id: 'F-33111r568148_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  audit_file = '/var/log/lastlog'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd.file(audit_file) do\n      its('permissions.flatten') { should include 'w' }\n      its('permissions.flatten') { should include 'a' }\n      its('key') { should cmp 'logins' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230467.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/var/log/lastlog\" permissions.flatten is expected to include \"w\"",
+              "run_time": 7.1e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/var/log/lastlog\" permissions.flatten is expected to include \"a\"",
+              "run_time": 5.2e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "Auditd Rules with file == \"/var/log/lastlog\" key is expected to cmp == \"logins\"",
+              "run_time": 7.4e-05,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230468",
+          "title": "RHEL 8 must enable auditing of processes that start prior to the audit\ndaemon.",
+          "desc": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 enables auditing of processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit\" entry does not equal \"1\", is missing, or the line is commented out, this is a finding.\n\nCheck that auditing is enabled by default to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit=1\"\n\nIf \"audit\" is not set to \"1\", is missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to audit processes that start prior to the audit daemon\nwith the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit=1\""
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000042-GPOS-00020",
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000462-GPOS-00206",
+              "SRG-OS-000471-GPOS-00215",
+              "SRG-OS-000473-GPOS-00218"
+            ],
+            "gid": "V-230468",
+            "rid": "SV-230468r792904_rule",
+            "stig_id": "RHEL-08-030601",
+            "fix_id": "F-33112r568151_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230468' do\n  title 'RHEL 8 must enable auditing of processes that start prior to the audit\ndaemon.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify RHEL 8 enables auditing of processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit\" entry does not equal \"1\", is missing, or the line is commented out, this is a finding.\n\nCheck that auditing is enabled by default to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit=1\"\n\nIf \"audit\" is not set to \"1\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to audit processes that start prior to the audit daemon\nwith the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit=1\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit=1\"'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000042-GPOS-00020', 'SRG-OS-000062-GPOS-00031', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000462-GPOS-00206', 'SRG-OS-000471-GPOS-00215', 'SRG-OS-000473-GPOS-00218']\n  tag gid: 'V-230468'\n  tag rid: 'SV-230468r792904_rule'\n  tag stig_id: 'RHEL-08-030601'\n  tag fix_id: 'F-33112r568151_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  grub_config = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_config) do\n      its('kernelopts') { should match(/audit=1/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/audit=1/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230468.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  kernelopts is expected to match /audit=1/",
+              "run_time": 0.001395,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /audit=1/",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]",
+              "resource_id": "kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /audit=1/",
+              "run_time": 0.000956,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /audit=1/",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/default/grub\"]",
+              "resource_id": "/etc/default/grub"
+            }
+          ]
+        },
+        {
+          "id": "SV-230469",
+          "title": "RHEL 8 must allocate an audit_backlog_limit of sufficient size to\ncapture processes that start prior to the audit daemon.",
+          "desc": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    Allocating an audit_backlog_limit of sufficient size is critical in\nmaintaining a stable boot process.  With an insufficient limit allocated, the\nsystem is susceptible to boot failures and crashes.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    Allocating an audit_backlog_limit of sufficient size is critical in\nmaintaining a stable boot process.  With an insufficient limit allocated, the\nsystem is susceptible to boot failures and crashes."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 allocates a sufficient audit_backlog_limit to capture processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit_backlog_limit\" entry does not equal \"8192\" or greater, is missing, or the line is commented out, this is a finding.\n\nCheck the audit_backlog_limit is set to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\"\n\nIf \"audit_backlog_limit\" is not set to \"8192\" or greater, is missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to allocate sufficient audit_backlog_limit to capture\nprocesses that start prior to the audit daemon with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit_backlog_limit=8192\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\""
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000341-GPOS-00132",
+            "gid": "V-230469",
+            "rid": "SV-230469r877391_rule",
+            "stig_id": "RHEL-08-030602",
+            "fix_id": "F-33113r568154_fix",
+            "cci": [
+              "CCI-001849"
+            ],
+            "nist": [
+              "AU-4"
+            ]
+          },
+          "code": "control 'SV-230469' do\n  title 'RHEL 8 must allocate an audit_backlog_limit of sufficient size to\ncapture processes that start prior to the audit daemon.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    Allocating an audit_backlog_limit of sufficient size is critical in\nmaintaining a stable boot process.  With an insufficient limit allocated, the\nsystem is susceptible to boot failures and crashes.'\n  desc 'check', 'Verify RHEL 8 allocates a sufficient audit_backlog_limit to capture processes that start prior to the audit daemon with the following commands:\n\n$ sudo grub2-editenv list | grep audit\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"audit_backlog_limit\" entry does not equal \"8192\" or greater, is missing, or the line is commented out, this is a finding.\n\nCheck the audit_backlog_limit is set to persist in kernel updates:\n\n$ sudo grep audit /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\"\n\nIf \"audit_backlog_limit\" is not set to \"8192\" or greater, is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allocate sufficient audit_backlog_limit to capture\nprocesses that start prior to the audit daemon with the following command:\n\n    $ sudo grubby --update-kernel=ALL --args=\"audit_backlog_limit=8192\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"audit_backlog_limit=8192\"'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000341-GPOS-00132'\n  tag gid: 'V-230469'\n  tag rid: 'SV-230469r877391_rule'\n  tag stig_id: 'RHEL-08-030602'\n  tag fix_id: 'F-33113r568154_fix'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    grub_config = command('grub2-editenv - list').stdout\n    kernelopts = parse_config(grub_config)['kernelopts'].strip.gsub(' ', \"\\n\")\n    grub_cmdline_linux = parse_config_file('/etc/default/grub')['GRUB_CMDLINE_LINUX'].strip.gsub(' ', \"\\n\").gsub('\"',\n                                                                                                                 '')\n\n    describe 'kernelopts' do\n      subject { parse_config(kernelopts) }\n      its('audit_backlog_limit') { should cmp >= 8192 }\n    end\n\n    describe 'persistant kernelopts' do\n      subject { parse_config(grub_cmdline_linux) }\n      its('audit_backlog_limit') { should cmp >= 8192 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230469.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "kernelopts audit_backlog_limit is expected to cmp >= 8192",
+              "run_time": 0.000216,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "\nexpected it to be >= 8192\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "audit_backlog_limit"
+            },
+            {
+              "status": "failed",
+              "code_desc": "persistant kernelopts audit_backlog_limit is expected to cmp >= 8192",
+              "run_time": 0.000385,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "message": "\nexpected it to be >= 8192\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "audit_backlog_limit"
+            }
+          ]
+        },
+        {
+          "id": "SV-230470",
+          "title": "RHEL 8 must enable Linux audit logging for the USBGuard daemon.",
+          "desc": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 enables Linux audit logging of the USBGuard daemon with the\nfollowing commands:\n\n    Note: If the USBGuard daemon is not installed and enabled, this requirement\nis not applicable.\n\n    $ sudo grep -i auditbackend /etc/usbguard/usbguard-daemon.conf\n\n    AuditBackend=LinuxAudit\n\n    If the \"AuditBackend\" entry does not equal \"LinuxAudit\", is missing, or\nthe line is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to enable Linux audit logging of the USBGuard daemon by\nadding or modifying the following line in\n\"/etc/usbguard/usbguard-daemon.conf\":\n\n    AuditBackend=LinuxAudit"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000471-GPOS-00215"
+            ],
+            "gid": "V-230470",
+            "rid": "SV-230470r744006_rule",
+            "stig_id": "RHEL-08-030603",
+            "fix_id": "F-33114r744005_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ]
+          },
+          "code": "control 'SV-230470' do\n  title 'RHEL 8 must enable Linux audit logging for the USBGuard daemon.'\n  desc 'Without the capability to generate audit records, it would be\ndifficult to establish, correlate, and investigate the events relating to an\nincident or identify those responsible for one.\n\n    If auditing is enabled late in the startup process, the actions of some\nstartup processes may not be audited. Some audit systems also maintain state\ninformation only available if auditing is enabled before a given process is\ncreated.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n    The list of audited events is the set of events for which audits are to be\ngenerated. This set of events is typically a subset of the list of all events\nfor which the system is capable of generating audit records.\n\n    DoD has defined the list of events for which RHEL 8 will provide an audit\nrecord generation capability as the following:\n\n    1) Successful and unsuccessful attempts to access, modify, or delete\nprivileges, security objects, security levels, or categories of information\n(e.g., classification levels);\n\n    2) Access actions, such as successful and unsuccessful logon attempts,\nprivileged activities or other system-level access, starting and ending time\nfor user access to the system, concurrent logons from different workstations,\nsuccessful and unsuccessful accesses to objects, all program initiations, and\nall direct access to the information system;\n\n    3) All account creations, modifications, disabling, and terminations; and\n\n    4) All kernel module load, unload, and restart actions.'\n  desc 'check', 'Verify RHEL 8 enables Linux audit logging of the USBGuard daemon with the\nfollowing commands:\n\n    Note: If the USBGuard daemon is not installed and enabled, this requirement\nis not applicable.\n\n    $ sudo grep -i auditbackend /etc/usbguard/usbguard-daemon.conf\n\n    AuditBackend=LinuxAudit\n\n    If the \"AuditBackend\" entry does not equal \"LinuxAudit\", is missing, or\nthe line is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable Linux audit logging of the USBGuard daemon by\nadding or modifying the following line in\n\"/etc/usbguard/usbguard-daemon.conf\":\n\n    AuditBackend=LinuxAudit'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000471-GPOS-00215']\n  tag gid: 'V-230470'\n  tag rid: 'SV-230470r744006_rule'\n  tag stig_id: 'RHEL-08-030603'\n  tag fix_id: 'F-33114r744005_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/usbguard/usbguard-daemon.conf') do\n      its('AuditBackend') { should cmp 'LinuxAudit' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230470.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "Parse Config File /etc/usbguard/usbguard-daemon.conf",
+              "run_time": 5.0e-06,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource": "Parse Config File /etc/usbguard/usbguard-daemon.conf",
+              "skip_message": "Can't find file: /etc/usbguard/usbguard-daemon.conf",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/usbguard/usbguard-daemon.conf\"]",
+              "resource_id": "/etc/usbguard/usbguard-daemon.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230471",
+          "title": "RHEL 8 must allow only the Information System Security Manager (ISSM)\n(or individuals or roles appointed by the ISSM) to select which auditable\nevents are to be audited.",
+          "desc": "Without the capability to restrict the roles and individuals that can\nselect which events are audited, unauthorized personnel may be able to prevent\nthe auditing of critical events. Misconfigured audits may degrade the system's\nperformance by overwhelming the audit log. Misconfigured audits may also make\nit more difficult to establish, correlate, and investigate the events relating\nto an incident or identify those responsible for one.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the capability to restrict the roles and individuals that can\nselect which events are audited, unauthorized personnel may be able to prevent\nthe auditing of critical events. Misconfigured audits may degrade the system's\nperformance by overwhelming the audit log. Misconfigured audits may also make\nit more difficult to establish, correlate, and investigate the events relating\nto an incident or identify those responsible for one."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the files in directory \"/etc/audit/rules.d/\" and\n\"/etc/audit/auditd.conf\" file have a mode of \"0640\" or less permissive by\nusing the following commands:\n\n    $ sudo ls -al /etc/audit/rules.d/*.rules\n\n    -rw-r----- 1 root root 1280 Feb 16 17:09 audit.rules\n\n    $ sudo ls -l /etc/audit/auditd.conf\n\n    -rw-r----- 1 root root 621 Sep 22 17:19 auditd.conf\n\n    If the files in the \"/etc/audit/rules.d/\" directory or the\n\"/etc/audit/auditd.conf\" file have a mode more permissive than \"0640\", this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the files in directory \"/etc/audit/rules.d/\" and the\n\"/etc/audit/auditd.conf\" file to have a mode of \"0640\" with the following\ncommands:\n\n    $ sudo chmod 0640 /etc/audit/rules.d/audit.rules\n    $ sudo chmod 0640 /etc/audit/rules.d/[customrulesfile].rules\n    $ sudo chmod 0640 /etc/audit/auditd.conf"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000063-GPOS-00032",
+            "gid": "V-230471",
+            "rid": "SV-230471r627750_rule",
+            "stig_id": "RHEL-08-030610",
+            "fix_id": "F-33115r568160_fix",
+            "cci": [
+              "CCI-000171"
+            ],
+            "nist": [
+              "AU-12 b"
+            ]
+          },
+          "code": "control 'SV-230471' do\n  title 'RHEL 8 must allow only the Information System Security Manager (ISSM)\n(or individuals or roles appointed by the ISSM) to select which auditable\nevents are to be audited.'\n  desc \"Without the capability to restrict the roles and individuals that can\nselect which events are audited, unauthorized personnel may be able to prevent\nthe auditing of critical events. Misconfigured audits may degrade the system's\nperformance by overwhelming the audit log. Misconfigured audits may also make\nit more difficult to establish, correlate, and investigate the events relating\nto an incident or identify those responsible for one.\"\n  desc 'check', 'Verify that the files in directory \"/etc/audit/rules.d/\" and\n\"/etc/audit/auditd.conf\" file have a mode of \"0640\" or less permissive by\nusing the following commands:\n\n    $ sudo ls -al /etc/audit/rules.d/*.rules\n\n    -rw-r----- 1 root root 1280 Feb 16 17:09 audit.rules\n\n    $ sudo ls -l /etc/audit/auditd.conf\n\n    -rw-r----- 1 root root 621 Sep 22 17:19 auditd.conf\n\n    If the files in the \"/etc/audit/rules.d/\" directory or the\n\"/etc/audit/auditd.conf\" file have a mode more permissive than \"0640\", this\nis a finding.'\n  desc 'fix', 'Configure the files in directory \"/etc/audit/rules.d/\" and the\n\"/etc/audit/auditd.conf\" file to have a mode of \"0640\" with the following\ncommands:\n\n    $ sudo chmod 0640 /etc/audit/rules.d/audit.rules\n    $ sudo chmod 0640 /etc/audit/rules.d/[customrulesfile].rules\n    $ sudo chmod 0640 /etc/audit/auditd.conf'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000063-GPOS-00032'\n  tag gid: 'V-230471'\n  tag rid: 'SV-230471r627750_rule'\n  tag stig_id: 'RHEL-08-030610'\n  tag fix_id: 'F-33115r568160_fix'\n  tag cci: ['CCI-000171']\n  tag nist: ['AU-12 b']\n\n  rules_files = bash('ls -d /etc/audit/rules.d/*.rules').stdout.strip.split.append('/etc/audit/auditd.conf')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    rules_files.each do |rf|\n      describe file(rf) do\n        it { should_not be_more_permissive_than('0640') }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230471.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /etc/audit/rules.d/audit.rules is expected not to be more permissive than \"0640\"",
+              "run_time": 0.261202,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/audit/rules.d/audit.rules\"]",
+              "resource_id": "/etc/audit/rules.d/audit.rules"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /etc/audit/auditd.conf is expected not to be more permissive than \"0640\"",
+              "run_time": 0.003173,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/audit/auditd.conf\"]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230472",
+          "title": "RHEL 8 audit tools must have a mode of 0755 or less permissive.",
+          "desc": "Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit tools are protected from unauthorized access, deletion, or\nmodification by checking the permissive mode.\n\n    Check the octal permission of each audit tool by running the following\ncommand:\n\n    $ sudo stat -c \"%a %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    755 /sbin/auditctl\n    755 /sbin/aureport\n    755 /sbin/ausearch\n    750 /sbin/autrace\n    755 /sbin/auditd\n    755 /sbin/rsyslogd\n    755 /sbin/augenrules\n\n    If any of the audit tools has a mode more permissive than \"0755\", this is\na finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit tools to be protected from unauthorized access by\nsetting the correct permissive mode using the following command:\n\n    $ sudo chmod 0755 [audit_tool]\n\n    Replace \"[audit_tool]\" with the audit tool that does not have the correct\npermissive mode."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000256-GPOS-00097",
+            "gid": "V-230472",
+            "rid": "SV-230472r627750_rule",
+            "stig_id": "RHEL-08-030620",
+            "fix_id": "F-33116r568163_fix",
+            "cci": [
+              "CCI-001493"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230472' do\n  title 'RHEL 8 audit tools must have a mode of 0755 or less permissive.'\n  desc 'Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.'\n  desc 'check', 'Verify the audit tools are protected from unauthorized access, deletion, or\nmodification by checking the permissive mode.\n\n    Check the octal permission of each audit tool by running the following\ncommand:\n\n    $ sudo stat -c \"%a %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    755 /sbin/auditctl\n    755 /sbin/aureport\n    755 /sbin/ausearch\n    750 /sbin/autrace\n    755 /sbin/auditd\n    755 /sbin/rsyslogd\n    755 /sbin/augenrules\n\n    If any of the audit tools has a mode more permissive than \"0755\", this is\na finding.'\n  desc 'fix', 'Configure the audit tools to be protected from unauthorized access by\nsetting the correct permissive mode using the following command:\n\n    $ sudo chmod 0755 [audit_tool]\n\n    Replace \"[audit_tool]\" with the audit tool that does not have the correct\npermissive mode.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000256-GPOS-00097'\n  tag gid: 'V-230472'\n  tag rid: 'SV-230472r627750_rule'\n  tag stig_id: 'RHEL-08-030620'\n  tag fix_id: 'F-33116r568163_fix'\n  tag cci: ['CCI-001493']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/sbin/auditctl') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/aureport') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/ausearch') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/autrace') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/auditd') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/rsyslogd') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n    describe file('/sbin/augenrules') do\n      it { should_not be_more_permissive_than('0755') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230472.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/auditctl is expected not to be more permissive than \"0755\"",
+              "run_time": 0.234372,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/auditctl\"]",
+              "resource_id": "/sbin/auditctl"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/aureport is expected not to be more permissive than \"0755\"",
+              "run_time": 0.288544,
+              "start_time": "2024-01-09T19:40:52-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/aureport\"]",
+              "resource_id": "/sbin/aureport"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/ausearch is expected not to be more permissive than \"0755\"",
+              "run_time": 0.239236,
+              "start_time": "2024-01-09T19:40:53-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/ausearch\"]",
+              "resource_id": "/sbin/ausearch"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/autrace is expected not to be more permissive than \"0755\"",
+              "run_time": 0.282851,
+              "start_time": "2024-01-09T19:40:53-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/autrace\"]",
+              "resource_id": "/sbin/autrace"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/auditd is expected not to be more permissive than \"0755\"",
+              "run_time": 0.251061,
+              "start_time": "2024-01-09T19:40:53-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/auditd\"]",
+              "resource_id": "/sbin/auditd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/rsyslogd is expected not to be more permissive than \"0755\"",
+              "run_time": 0.325094,
+              "start_time": "2024-01-09T19:40:53-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/rsyslogd\"]",
+              "resource_id": "/sbin/rsyslogd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/augenrules is expected not to be more permissive than \"0755\"",
+              "run_time": 0.232184,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/augenrules\"]",
+              "resource_id": "/sbin/augenrules"
+            }
+          ]
+        },
+        {
+          "id": "SV-230473",
+          "title": "RHEL 8 audit tools must be owned by root.",
+          "desc": "Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit tools are owned by \"root\" to prevent any unauthorized\naccess, deletion, or modification.\n\n    Check the owner of each audit tool by running the following command:\n\n    $ sudo stat -c \"%U %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not owned by \"root\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit tools to be owned by \"root\", by running the following\ncommand:\n\n    $ sudo chown root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not owned by \"root\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000256-GPOS-00097",
+            "satisfies": [
+              "SRG-OS-000256-GPOS-00097",
+              "SRG-OS-000257-GPOS-00098",
+              "SRG-OS-000258-GPOS-00099"
+            ],
+            "gid": "V-230473",
+            "rid": "SV-230473r744008_rule",
+            "stig_id": "RHEL-08-030630",
+            "fix_id": "F-33117r568166_fix",
+            "cci": [
+              "CCI-001493"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230473' do\n  title 'RHEL 8 audit tools must be owned by root.'\n  desc 'Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.'\n  desc 'check', 'Verify the audit tools are owned by \"root\" to prevent any unauthorized\naccess, deletion, or modification.\n\n    Check the owner of each audit tool by running the following command:\n\n    $ sudo stat -c \"%U %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not owned by \"root\", this is a finding.'\n  desc 'fix', 'Configure the audit tools to be owned by \"root\", by running the following\ncommand:\n\n    $ sudo chown root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not owned by \"root\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000256-GPOS-00097'\n  tag satisfies: ['SRG-OS-000256-GPOS-00097', 'SRG-OS-000257-GPOS-00098', 'SRG-OS-000258-GPOS-00099']\n  tag gid: 'V-230473'\n  tag rid: 'SV-230473r744008_rule'\n  tag stig_id: 'RHEL-08-030630'\n  tag fix_id: 'F-33117r568166_fix'\n  tag cci: ['CCI-001493']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/sbin/auditctl') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/aureport') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/ausearch') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/autrace') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/auditd') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/rsyslogd') do\n      it { should be_owned_by 'root' }\n    end\n    describe file('/sbin/augenrules') do\n      it { should be_owned_by 'root' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230473.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/auditctl is expected to be owned by \"root\"",
+              "run_time": 0.003199,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/auditctl\"]",
+              "resource_id": "/sbin/auditctl"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/aureport is expected to be owned by \"root\"",
+              "run_time": 0.002602,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/aureport\"]",
+              "resource_id": "/sbin/aureport"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/ausearch is expected to be owned by \"root\"",
+              "run_time": 0.002606,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/ausearch\"]",
+              "resource_id": "/sbin/ausearch"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/autrace is expected to be owned by \"root\"",
+              "run_time": 0.002512,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/autrace\"]",
+              "resource_id": "/sbin/autrace"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/auditd is expected to be owned by \"root\"",
+              "run_time": 0.002501,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/auditd\"]",
+              "resource_id": "/sbin/auditd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/rsyslogd is expected to be owned by \"root\"",
+              "run_time": 0.002465,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/rsyslogd\"]",
+              "resource_id": "/sbin/rsyslogd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/augenrules is expected to be owned by \"root\"",
+              "run_time": 0.002542,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/augenrules\"]",
+              "resource_id": "/sbin/augenrules"
+            }
+          ]
+        },
+        {
+          "id": "SV-230474",
+          "title": "RHEL 8 audit tools must be group-owned by root.",
+          "desc": "Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit tools are group-owned by \"root\" to prevent any\nunauthorized access, deletion, or modification.\n\n    Check the owner of each audit tool by running the following commands:\n\n    $ sudo stat -c \"%G %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not group-owned by \"root\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit tools to be group-owned by \"root\", by running the\nfollowing command:\n\n    $ sudo chgrp root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not group-owned by \"root\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000256-GPOS-00097",
+            "satisfies": [
+              "SRG-OS-000256-GPOS-00097",
+              "SRG-OS-000257-GPOS-00098",
+              "SRG-OS-000258-GPOS-00099"
+            ],
+            "gid": "V-230474",
+            "rid": "SV-230474r627750_rule",
+            "stig_id": "RHEL-08-030640",
+            "fix_id": "F-33118r568169_fix",
+            "cci": [
+              "CCI-001493"
+            ],
+            "nist": [
+              "AU-9",
+              "AU-9 a"
+            ]
+          },
+          "code": "control 'SV-230474' do\n  title 'RHEL 8 audit tools must be group-owned by root.'\n  desc 'Protecting audit information also includes identifying and protecting\nthe tools used to view and manipulate log data. Therefore, protecting audit\ntools is necessary to prevent unauthorized operation on audit information.\n\n    RHEL 8 systems providing tools to interface with audit information will\nleverage user permissions and roles identifying the user accessing the tools,\nand the corresponding rights the user enjoys, to make access decisions\nregarding the access to audit tools.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.'\n  desc 'check', 'Verify the audit tools are group-owned by \"root\" to prevent any\nunauthorized access, deletion, or modification.\n\n    Check the owner of each audit tool by running the following commands:\n\n    $ sudo stat -c \"%G %n\" /sbin/auditctl /sbin/aureport /sbin/ausearch\n/sbin/autrace /sbin/auditd /sbin/rsyslogd /sbin/augenrules\n\n    root /sbin/auditctl\n    root /sbin/aureport\n    root /sbin/ausearch\n    root /sbin/autrace\n    root /sbin/auditd\n    root /sbin/rsyslogd\n    root /sbin/augenrules\n\n    If any of the audit tools are not group-owned by \"root\", this is a\nfinding.'\n  desc 'fix', 'Configure the audit tools to be group-owned by \"root\", by running the\nfollowing command:\n\n    $ sudo chgrp root [audit_tool]\n\n    Replace \"[audit_tool]\" with each audit tool not group-owned by \"root\".'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000256-GPOS-00097'\n  tag satisfies: ['SRG-OS-000256-GPOS-00097', 'SRG-OS-000257-GPOS-00098', 'SRG-OS-000258-GPOS-00099']\n  tag gid: 'V-230474'\n  tag rid: 'SV-230474r627750_rule'\n  tag stig_id: 'RHEL-08-030640'\n  tag fix_id: 'F-33118r568169_fix'\n  tag cci: ['CCI-001493']\n  tag nist: ['AU-9', 'AU-9 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file('/sbin/auditctl') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/aureport') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/ausearch') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/autrace') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/auditd') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/rsyslogd') do\n      it { should be_grouped_into 'root' }\n    end\n    describe file('/sbin/augenrules') do\n      it { should be_grouped_into 'root' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230474.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/auditctl is expected to be grouped into \"root\"",
+              "run_time": 0.002517,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/auditctl\"]",
+              "resource_id": "/sbin/auditctl"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/aureport is expected to be grouped into \"root\"",
+              "run_time": 0.002374,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/aureport\"]",
+              "resource_id": "/sbin/aureport"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/ausearch is expected to be grouped into \"root\"",
+              "run_time": 0.002454,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/ausearch\"]",
+              "resource_id": "/sbin/ausearch"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/autrace is expected to be grouped into \"root\"",
+              "run_time": 0.002414,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/autrace\"]",
+              "resource_id": "/sbin/autrace"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/auditd is expected to be grouped into \"root\"",
+              "run_time": 0.00228,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/auditd\"]",
+              "resource_id": "/sbin/auditd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/rsyslogd is expected to be grouped into \"root\"",
+              "run_time": 0.002367,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/rsyslogd\"]",
+              "resource_id": "/sbin/rsyslogd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /sbin/augenrules is expected to be grouped into \"root\"",
+              "run_time": 0.002345,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/sbin/augenrules\"]",
+              "resource_id": "/sbin/augenrules"
+            }
+          ]
+        },
+        {
+          "id": "SV-230475",
+          "title": "RHEL 8 must use cryptographic mechanisms to protect the integrity of\naudit tools.",
+          "desc": "Protecting the integrity of the tools used for auditing purposes is a\ncritical step toward ensuring the integrity of audit information. Audit\ninformation includes all information (e.g., audit records, audit settings, and\naudit reports) needed to successfully audit information system activity.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.\n\n    It is not uncommon for attackers to replace the audit tools or inject code\ninto the existing tools with the purpose of providing the capability to hide or\nerase system activity from the audit logs.\n\n    To address this risk, audit tools must be cryptographically signed to\nprovide the capability to identify when the audit tools have been modified,\nmanipulated, or replaced. An example is a checksum hash of the file or files.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Protecting the integrity of the tools used for auditing purposes is a\ncritical step toward ensuring the integrity of audit information. Audit\ninformation includes all information (e.g., audit records, audit settings, and\naudit reports) needed to successfully audit information system activity.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.\n\n    It is not uncommon for attackers to replace the audit tools or inject code\ninto the existing tools with the purpose of providing the capability to hide or\nerase system activity from the audit logs.\n\n    To address this risk, audit tools must be cryptographically signed to\nprovide the capability to identify when the audit tools have been modified,\nmanipulated, or replaced. An example is a checksum hash of the file or files."
+            },
+            {
+              "label": "check",
+              "data": "Verify that Advanced Intrusion Detection Environment (AIDE) is properly configured to use cryptographic mechanisms to protect the integrity of audit tools.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nCheck the selection lines to ensure AIDE is configured to add/check with the following command:\n\n     $ sudo grep -E '(\\/usr\\/sbin\\/(audit|au|rsys))' /etc/aide.conf\n\n     /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512\n\nIf any of the audit tools listed above do not have an appropriate selection line, ask the system administrator to indicate what cryptographic mechanisms are being used to protect the integrity of the audit tools. If there is no evidence of integrity protection, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Add or update the following lines to \"/etc/aide.conf\", to protect the\nintegrity of the audit tools.\n\n    # Audit Tools\n    /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000278-GPOS-00108",
+            "gid": "V-230475",
+            "rid": "SV-230475r880722_rule",
+            "stig_id": "RHEL-08-030650",
+            "fix_id": "F-33119r568172_fix",
+            "cci": [
+              "CCI-001496"
+            ],
+            "nist": [
+              "AU-9 (3)"
+            ]
+          },
+          "code": "control 'SV-230475' do\n  title 'RHEL 8 must use cryptographic mechanisms to protect the integrity of\naudit tools.'\n  desc 'Protecting the integrity of the tools used for auditing purposes is a\ncritical step toward ensuring the integrity of audit information. Audit\ninformation includes all information (e.g., audit records, audit settings, and\naudit reports) needed to successfully audit information system activity.\n\n    Audit tools include, but are not limited to, vendor-provided and open\nsource audit tools needed to successfully view and manipulate audit information\nsystem activity and records. Audit tools include custom queries and report\ngenerators.\n\n    It is not uncommon for attackers to replace the audit tools or inject code\ninto the existing tools with the purpose of providing the capability to hide or\nerase system activity from the audit logs.\n\n    To address this risk, audit tools must be cryptographically signed to\nprovide the capability to identify when the audit tools have been modified,\nmanipulated, or replaced. An example is a checksum hash of the file or files.'\n  desc 'check', \"Verify that Advanced Intrusion Detection Environment (AIDE) is properly configured to use cryptographic mechanisms to protect the integrity of audit tools.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nCheck the selection lines to ensure AIDE is configured to add/check with the following command:\n\n     $ sudo grep -E '(\\\\/usr\\\\/sbin\\\\/(audit|au|rsys))' /etc/aide.conf\n\n     /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n     /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512\n\nIf any of the audit tools listed above do not have an appropriate selection line, ask the system administrator to indicate what cryptographic mechanisms are being used to protect the integrity of the audit tools. If there is no evidence of integrity protection, this is a finding.\"\n  desc 'fix', 'Add or update the following lines to \"/etc/aide.conf\", to protect the\nintegrity of the audit tools.\n\n    # Audit Tools\n    /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/rsyslogd p+i+n+u+g+s+b+acl+xattrs+sha512\n    /usr/sbin/augenrules p+i+n+u+g+s+b+acl+xattrs+sha512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-GPOS-00108'\n  tag gid: 'V-230475'\n  tag rid: 'SV-230475r880722_rule'\n  tag stig_id: 'RHEL-08-030650'\n  tag fix_id: 'F-33119r568172_fix'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  audit_tools = %w[/usr/sbin/auditctl\n                   /usr/sbin/auditd\n                   /usr/sbin/ausearch\n                   /usr/sbin/aureport\n                   /usr/sbin/autrace\n                   /usr/sbin/rsyslogd\n                   /usr/sbin/augenrules]\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('aide').installed?\n    audit_tools.each do |tool|\n      describe \"selection_line: #{tool}\" do\n        subject { aide_conf.where { selection_line.eql?(tool) } }\n        its('rules.flatten') { should include 'p' }\n        its('rules.flatten') { should include 'i' }\n        its('rules.flatten') { should include 'n' }\n        its('rules.flatten') { should include 'u' }\n        its('rules.flatten') { should include 'g' }\n        its('rules.flatten') { should include 's' }\n        its('rules.flatten') { should include 'b' }\n        its('rules.flatten') { should include 'acl' }\n        its('rules.flatten') { should include 'xattrs' }\n        its('rules.flatten') { should include 'sha512' }\n      end\n    end\n  else\n    describe 'The system is not utilizing Advanced Intrusion Detection Environment (AIDE)' do\n      skip 'The system is not utilizing Advanced Intrusion Detection Environment (AIDE), manual review is required.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230475.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system is not utilizing Advanced Intrusion Detection Environment (AIDE)",
+              "run_time": 4.0e-06,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource": "",
+              "skip_message": "The system is not utilizing Advanced Intrusion Detection Environment (AIDE), manual review is required.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system is not utilizing Advanced Intrusion Detection Environment (AIDE)"
+            }
+          ]
+        },
+        {
+          "id": "SV-230476",
+          "title": "RHEL 8 must allocate audit record storage capacity to store at least\none week of audit records, when audit records are not immediately sent to a\ncentral audit record storage facility.",
+          "desc": "To ensure RHEL 8 systems have a sufficient storage capacity in which\nto write the audit logs, RHEL 8 needs to be able to allocate audit record\nstorage capacity.\n\n    The task of allocating audit record storage capacity is usually performed\nduring initial installation of RHEL 8.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To ensure RHEL 8 systems have a sufficient storage capacity in which\nto write the audit logs, RHEL 8 needs to be able to allocate audit record\nstorage capacity.\n\n    The task of allocating audit record storage capacity is usually performed\nduring initial installation of RHEL 8."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 allocates audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility.\n\nDetermine to which partition the audit records are being written with the following command:\n\n$ sudo grep -iw log_file /etc/audit/auditd.conf\nlog_file = /var/log/audit/audit.log\n\nCheck the size of the partition to which audit records are written (with the example being /var/log/audit/) with the following command:\n\n$ sudo df -h /var/log/audit/\n/dev/sda2 24G 10.4G 13.6G 43% /var/log/audit\n\nIf the audit records are not written to a partition made specifically for audit records (/var/log/audit is a separate partition), determine the amount of space being used by other files in the partition with the following command:\n\n$ sudo du -sh [audit_partition]\n1.8G /var/log/audit\n\nIf the audit record partition is not allocated for sufficient storage capacity, this is a finding.\n\nNote: The partition size needed to capture a week of audit records is based on the activity level of the system and the total storage capacity available. Typically 10.0 GB of storage space for audit records should be sufficient."
+            },
+            {
+              "label": "fix",
+              "data": "Allocate enough storage capacity for at least one week of audit records\nwhen audit records are not immediately sent to a central audit record storage\nfacility.\n\n    If audit records are stored on a partition made specifically for audit\nrecords, resize the partition with sufficient space to contain one week of\naudit records.\n\n    If audit records are not stored on a partition made specifically for audit\nrecords, a new partition with sufficient space will need be to be created."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000341-GPOS-00132",
+            "gid": "V-230476",
+            "rid": "SV-230476r877391_rule",
+            "stig_id": "RHEL-08-030660",
+            "fix_id": "F-33120r568175_fix",
+            "cci": [
+              "CCI-001849"
+            ],
+            "nist": [
+              "AU-4"
+            ]
+          },
+          "code": "control 'SV-230476' do\n  title 'RHEL 8 must allocate audit record storage capacity to store at least\none week of audit records, when audit records are not immediately sent to a\ncentral audit record storage facility.'\n  desc 'To ensure RHEL 8 systems have a sufficient storage capacity in which\nto write the audit logs, RHEL 8 needs to be able to allocate audit record\nstorage capacity.\n\n    The task of allocating audit record storage capacity is usually performed\nduring initial installation of RHEL 8.'\n  desc 'check', 'Verify RHEL 8 allocates audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility.\n\nDetermine to which partition the audit records are being written with the following command:\n\n$ sudo grep -iw log_file /etc/audit/auditd.conf\nlog_file = /var/log/audit/audit.log\n\nCheck the size of the partition to which audit records are written (with the example being /var/log/audit/) with the following command:\n\n$ sudo df -h /var/log/audit/\n/dev/sda2 24G 10.4G 13.6G 43% /var/log/audit\n\nIf the audit records are not written to a partition made specifically for audit records (/var/log/audit is a separate partition), determine the amount of space being used by other files in the partition with the following command:\n\n$ sudo du -sh [audit_partition]\n1.8G /var/log/audit\n\nIf the audit record partition is not allocated for sufficient storage capacity, this is a finding.\n\nNote: The partition size needed to capture a week of audit records is based on the activity level of the system and the total storage capacity available. Typically 10.0 GB of storage space for audit records should be sufficient.'\n  desc 'fix', 'Allocate enough storage capacity for at least one week of audit records\nwhen audit records are not immediately sent to a central audit record storage\nfacility.\n\n    If audit records are stored on a partition made specifically for audit\nrecords, resize the partition with sufficient space to contain one week of\naudit records.\n\n    If audit records are not stored on a partition made specifically for audit\nrecords, a new partition with sufficient space will need be to be created.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-GPOS-00132'\n  tag gid: 'V-230476'\n  tag rid: 'SV-230476r877391_rule'\n  tag stig_id: 'RHEL-08-030660'\n  tag fix_id: 'F-33120r568175_fix'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  audit_log_dir = command(\"dirname #{auditd_conf.log_file}\").stdout.strip\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe file(audit_log_dir) do\n      it { should exist }\n      it { should be_directory }\n    end\n\n    # Fetch partition sizes in 1K blocks for consistency\n    partition_info = command(\"df -B 1K #{audit_log_dir}\").stdout.split(\"\\n\")\n    partition_sz_arr = partition_info.last.gsub(/\\s+/m, ' ').strip.split(' ')\n\n    # Get unused space percentage\n    percentage_space_unused = (100 - partition_sz_arr[4].to_i)\n\n    describe \"auditd_conf's space_left threshold should be under the amount of space currently available (in 1K blocks) for the audit log directory:\" do\n      subject { auditd_conf }\n      its('space_left.to_i') { should be <= percentage_space_unused }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230476.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/audit is expected to exist",
+              "run_time": 5.1e-05,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/audit\"]",
+              "resource_id": "/var/log/audit"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /var/log/audit is expected to be directory",
+              "run_time": 0.002337,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/var/log/audit\"]",
+              "resource_id": "/var/log/audit"
+            },
+            {
+              "status": "passed",
+              "code_desc": "auditd_conf's space_left threshold should be under the amount of space currently available (in 1K blocks) for the audit log directory: space_left.to_i is expected to be <= 65",
+              "run_time": 0.000209,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "space_left.to_i"
+            }
+          ]
+        },
+        {
+          "id": "SV-230477",
+          "title": "RHEL 8 must have the packages required for offloading audit logs\ninstalled.",
+          "desc": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system has the packages required for offloading audit\nlogs installed with the following commands:\n\n    $ sudo yum list installed rsyslog\n\n    rsyslog.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog\" package is not installed, ask the administrator to\nindicate how audit logs are being offloaded and what packages are installed to\nsupport it.  If there is no evidence of audit logs being offloaded, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to offload audit logs by installing the\nrequired packages with the following command:\n\n    $ sudo yum install rsyslog"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230477",
+            "rid": "SV-230477r627750_rule",
+            "stig_id": "RHEL-08-030670",
+            "fix_id": "F-33121r568178_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230477' do\n  title 'RHEL 8 must have the packages required for offloading audit logs\ninstalled.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.'\n  desc 'check', 'Verify the operating system has the packages required for offloading audit\nlogs installed with the following commands:\n\n    $ sudo yum list installed rsyslog\n\n    rsyslog.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog\" package is not installed, ask the administrator to\nindicate how audit logs are being offloaded and what packages are installed to\nsupport it.  If there is no evidence of audit logs being offloaded, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to offload audit logs by installing the\nrequired packages with the following command:\n\n    $ sudo yum install rsyslog'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230477'\n  tag rid: 'SV-230477r627750_rule'\n  tag stig_id: 'RHEL-08-030670'\n  tag fix_id: 'F-33121r568178_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('rsyslog') do\n      it { should be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230477.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package rsyslog is expected to be installed",
+              "run_time": 0.080177,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"rsyslog\"]",
+              "resource_id": "rsyslog"
+            }
+          ]
+        },
+        {
+          "id": "SV-230478",
+          "title": "RHEL 8 must have the packages required for encrypting offloaded audit\nlogs installed.",
+          "desc": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"rsyslog-gnutls\" (which is a secure\ncommunications library implementing the SSL, TLS and DTLS protocols), and you\nhave a method to securely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"rsyslog-gnutls\" (which is a secure\ncommunications library implementing the SSL, TLS and DTLS protocols), and you\nhave a method to securely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system has the packages required for encrypting\noffloaded audit logs installed with the following commands:\n\n    $ sudo yum list installed rsyslog-gnutls\n\n    rsyslog-gnutls.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog-gnutls\" package is not installed, ask the administrator\nto indicate how audit logs are being encrypted during offloading and what\npackages are installed to support it.  If there is no evidence of audit logs\nbeing encrypted during offloading, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to encrypt offloaded audit logs by\ninstalling the required packages with the following command:\n\n    $ sudo yum install rsyslog-gnutls"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230478",
+            "rid": "SV-230478r744011_rule",
+            "stig_id": "RHEL-08-030680",
+            "fix_id": "F-33122r744010_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230478' do\n  title 'RHEL 8 must have the packages required for encrypting offloaded audit\nlogs installed.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"rsyslog-gnutls\" (which is a secure\ncommunications library implementing the SSL, TLS and DTLS protocols), and you\nhave a method to securely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.'\n  desc 'check', 'Verify the operating system has the packages required for encrypting\noffloaded audit logs installed with the following commands:\n\n    $ sudo yum list installed rsyslog-gnutls\n\n    rsyslog-gnutls.x86_64          8.1911.0-3.el8          @AppStream\n\n    If the \"rsyslog-gnutls\" package is not installed, ask the administrator\nto indicate how audit logs are being encrypted during offloading and what\npackages are installed to support it.  If there is no evidence of audit logs\nbeing encrypted during offloading, this is a finding.'\n  desc 'fix', 'Configure the operating system to encrypt offloaded audit logs by\ninstalling the required packages with the following command:\n\n    $ sudo yum install rsyslog-gnutls'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230478'\n  tag rid: 'SV-230478r744011_rule'\n  tag stig_id: 'RHEL-08-030680'\n  tag fix_id: 'F-33122r744010_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('rsyslog-gnutls') do\n      it { should be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230478.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package rsyslog-gnutls is expected to be installed",
+              "run_time": 0.190988,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"rsyslog-gnutls\"]",
+              "resource_id": "rsyslog-gnutls"
+            }
+          ]
+        },
+        {
+          "id": "SV-230479",
+          "title": "The RHEL 8 audit records must be off-loaded onto a different system or\nstorage media from the system being audited.",
+          "desc": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit system offloads audit records onto a different system or media from the system being audited with the following command:\n\n     $ sudo grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n     /etc/rsyslog.conf:*.* @@[logaggregationserver.example.mil]:[port]\n\nIf a remote server is not configured, or the line is commented out, ask the system administrator to indicate how the audit logs are offloaded to a different system or media.\n\nIf there is no evidence that the audit logs are being offloaded to another system or media, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to offload audit records onto a different system or media from the system being audited by specifying the remote logging server in \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\" with the name or IP address of the log aggregation server.\n\nFor UDP:\n     *.* @[logaggregationserver.example.mil]:[port]\n\nFor TCP:\n     *.* @@[logaggregationserver.example.mil]:[port]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-GPOS-00133",
+            "satisfies": [
+              "SRG-OS-000342-GPOS-00133",
+              "SRG-OS-000479-GPOS-00224"
+            ],
+            "gid": "V-230479",
+            "rid": "SV-230479r917883_rule",
+            "stig_id": "RHEL-08-030690",
+            "fix_id": "F-33123r917882_fix",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'SV-230479' do\n  title 'The RHEL 8 audit records must be off-loaded onto a different system or\nstorage media from the system being audited.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    Rsyslog provides three ways to forward message: the traditional UDP\ntransport, which is extremely lossy but standard; the plain TCP based\ntransport, which loses messages only during certain situations but is widely\navailable; and the RELP transport, which does not lose messages but is\ncurrently available only as part of the rsyslogd 3.15.0 and above.\n    Examples of each configuration:\n    UDP *.* @remotesystemname\n    TCP *.* @@remotesystemname\n    RELP *.* :omrelp:remotesystemname:2514\n    Note that a port number was given as there is no standard port for RELP.'\n  desc 'check', 'Verify the audit system offloads audit records onto a different system or media from the system being audited with the following command:\n\n     $ sudo grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n     /etc/rsyslog.conf:*.* @@[logaggregationserver.example.mil]:[port]\n\nIf a remote server is not configured, or the line is commented out, ask the system administrator to indicate how the audit logs are offloaded to a different system or media.\n\nIf there is no evidence that the audit logs are being offloaded to another system or media, this is a finding.'\n  desc 'fix', 'Configure the operating system to offload audit records onto a different system or media from the system being audited by specifying the remote logging server in \"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\" with the name or IP address of the log aggregation server.\n\nFor UDP:\n     *.* @[logaggregationserver.example.mil]:[port]\n\nFor TCP:\n     *.* @@[logaggregationserver.example.mil]:[port]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230479'\n  tag rid: 'SV-230479r917883_rule'\n  tag stig_id: 'RHEL-08-030690'\n  tag fix_id: 'F-33123r917882_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf') do\n      its('stdout') { should match(/^.*:\\*\\.\\*\\s*@@[a-z.0-9]*:?[0-9]*?/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230479.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Command: `grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf` stdout is expected to match /^.*:\\*\\.\\*\\s*@@[a-z.0-9]*:?[0-9]*?/",
+              "run_time": 0.123976,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "message": "expected \"\" to match /^.*:\\*\\.\\*\\s*@@[a-z.0-9]*:?[0-9]*?/",
+              "resource_class": "command",
+              "resource_params": "[\"grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\"]",
+              "resource_id": "Command: `grep @@ /etc/rsyslog.conf /etc/rsyslog.d/*.conf`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230480",
+          "title": "RHEL 8 must take appropriate action when the internal event queue is\nfull.",
+          "desc": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit system is configured to take an appropriate action when\nthe internal event queue is full:\n\n    $ sudo grep -i overflow_action /etc/audit/auditd.conf\n\n    overflow_action = syslog\n\n    If the value of the \"overflow_action\" option is not set to \"syslog\",\n\"single\", \"halt\", or the line is commented out, ask the System\nAdministrator to indicate how the audit logs are off-loaded to a different\nsystem or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media takes appropriate action if the internal\nevent queue becomes full, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the /etc/audit/auditd.conf file and add or update the\n\"overflow_action\" option:\n\n    overflow_action = syslog\n\n    The audit daemon must be restarted for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-GPOS-00133",
+            "satisfies": [
+              "SRG-OS-000342-GPOS-00133",
+              "SRG-OS-000479-GPOS-00224"
+            ],
+            "gid": "V-230480",
+            "rid": "SV-230480r877390_rule",
+            "stig_id": "RHEL-08-030700",
+            "fix_id": "F-33124r568187_fix",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'SV-230480' do\n  title 'RHEL 8 must take appropriate action when the internal event queue is\nfull.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.'\n  desc 'check', 'Verify the audit system is configured to take an appropriate action when\nthe internal event queue is full:\n\n    $ sudo grep -i overflow_action /etc/audit/auditd.conf\n\n    overflow_action = syslog\n\n    If the value of the \"overflow_action\" option is not set to \"syslog\",\n\"single\", \"halt\", or the line is commented out, ask the System\nAdministrator to indicate how the audit logs are off-loaded to a different\nsystem or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media takes appropriate action if the internal\nevent queue becomes full, this is a finding.'\n  desc 'fix', 'Edit the /etc/audit/auditd.conf file and add or update the\n\"overflow_action\" option:\n\n    overflow_action = syslog\n\n    The audit daemon must be restarted for changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230480'\n  tag rid: 'SV-230480r877390_rule'\n  tag stig_id: 'RHEL-08-030700'\n  tag fix_id: 'F-33124r568187_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/audit/auditd.conf') do\n      its('overflow_action') { should match(/syslog$|single$|halt$/i) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230480.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/audit/auditd.conf overflow_action is expected to match /syslog$|single$|halt$/i",
+              "run_time": 0.00014,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/audit/auditd.conf\"]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230481",
+          "title": "RHEL 8 must encrypt the transfer of audit records off-loaded onto a\ndifferent system or media from the system being audited.",
+          "desc": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system encrypts audit records off-loaded onto a different system or media from the system being audited with the following commands:\n\n$ sudo grep -i '$DefaultNetstreamDriver' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$DefaultNetstreamDriver gtls\n\nIf the value of the \"$DefaultNetstreamDriver\" option is not set to \"gtls\" or the line is commented out, this is a finding.\n\n$ sudo grep -i '$ActionSendStreamDriverMode' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$ActionSendStreamDriverMode 1\n\nIf the value of the \"$ActionSendStreamDriverMode\" option is not set to \"1\" or the line is commented out, this is a finding.\n\nIf neither of the definitions above are set, ask the System Administrator to indicate how the audit logs are off-loaded to a different system or media.\n\nIf there is no evidence that the transfer of the audit logs being off-loaded to another system or media is encrypted, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to encrypt off-loaded audit records by\nsetting the following options in \"/etc/rsyslog.conf\" or\n\"/etc/rsyslog.d/[customfile].conf\":\n\n    $DefaultNetstreamDriver gtls\n    $ActionSendStreamDriverMode 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-GPOS-00133",
+            "satisfies": [
+              "SRG-OS-000342-GPOS-00133",
+              "SRG-OS-000479-GPOS-00224"
+            ],
+            "gid": "V-230481",
+            "rid": "SV-230481r877390_rule",
+            "stig_id": "RHEL-08-030710",
+            "fix_id": "F-33125r568190_fix",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'SV-230481' do\n  title 'RHEL 8 must encrypt the transfer of audit records off-loaded onto a\ndifferent system or media from the system being audited.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.'\n  desc 'check', %q(Verify the operating system encrypts audit records off-loaded onto a different system or media from the system being audited with the following commands:\n\n$ sudo grep -i '$DefaultNetstreamDriver' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$DefaultNetstreamDriver gtls\n\nIf the value of the \"$DefaultNetstreamDriver\" option is not set to \"gtls\" or the line is commented out, this is a finding.\n\n$ sudo grep -i '$ActionSendStreamDriverMode' /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n\n/etc/rsyslog.conf:$ActionSendStreamDriverMode 1\n\nIf the value of the \"$ActionSendStreamDriverMode\" option is not set to \"1\" or the line is commented out, this is a finding.\n\nIf neither of the definitions above are set, ask the System Administrator to indicate how the audit logs are off-loaded to a different system or media.\n\nIf there is no evidence that the transfer of the audit logs being off-loaded to another system or media is encrypted, this is a finding.)\n  desc 'fix', 'Configure the operating system to encrypt off-loaded audit records by\nsetting the following options in \"/etc/rsyslog.conf\" or\n\"/etc/rsyslog.d/[customfile].conf\":\n\n    $DefaultNetstreamDriver gtls\n    $ActionSendStreamDriverMode 1'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230481'\n  tag rid: 'SV-230481r877390_rule'\n  tag stig_id: 'RHEL-08-030710'\n  tag fix_id: 'F-33125r568190_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe 'rsyslog configuration' do\n      subject {\n        command(\"grep -i '^\\$DefaultNetstreamDriver' /etc/rsyslog.conf /etc/rsyslog.d/* | awk -F ':' '{ print $2 }'\").stdout\n      }\n      it { should match(/\\$DefaultNetstreamDriver\\s+gtls/) }\n    end\n\n    describe 'rsyslog configuration' do\n      subject {\n        command(\"grep -i '^\\$ActionSendStreamDriverMode' /etc/rsyslog.conf /etc/rsyslog.d/* | awk -F ':' '{ print $2 }'\").stdout\n      }\n      it { should match(/\\$ActionSendStreamDriverMode\\s+1/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230481.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "rsyslog configuration is expected to match /\\$DefaultNetstreamDriver\\s+gtls/",
+              "run_time": 0.160526,
+              "start_time": "2024-01-09T19:40:54-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "rsyslog configuration"
+            },
+            {
+              "status": "passed",
+              "code_desc": "rsyslog configuration is expected to match /\\$ActionSendStreamDriverMode\\s+1/",
+              "run_time": 0.168813,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "rsyslog configuration"
+            }
+          ]
+        },
+        {
+          "id": "SV-230482",
+          "title": "RHEL 8 must authenticate the remote logging server for off-loading\naudit logs.",
+          "desc": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    \"Rsyslog\" supported authentication modes include:\n    anon - anonymous authentication\n    x509/fingerprint - certificate fingerprint authentication\n    x509/certvalid - certificate validation only\n    x509/name - certificate validation and subject name authentication.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    \"Rsyslog\" supported authentication modes include:\n    anon - anonymous authentication\n    x509/fingerprint - certificate fingerprint authentication\n    x509/certvalid - certificate validation only\n    x509/name - certificate validation and subject name authentication."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system authenticates the remote logging server for\noff-loading audit logs with the following command:\n\n    $ sudo grep -i '$ActionSendStreamDriverAuthMode' /etc/rsyslog.conf\n/etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:$ActionSendStreamDriverAuthMode x509/name\n\n    If the value of the \"$ActionSendStreamDriverAuthMode\" option is not set\nto \"x509/name\" or the line is commented out, ask the System Administrator to\nindicate how the audit logs are off-loaded to a different system or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media is encrypted, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to authenticate the remote logging server\nfor off-loading audit logs by setting the following option in\n\"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\":\n\n    $ActionSendStreamDriverAuthMode x509/name"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-GPOS-00133",
+            "satisfies": [
+              "SRG-OS-000342-GPOS-00133",
+              "SRG-OS-000479-GPOS-00224"
+            ],
+            "gid": "V-230482",
+            "rid": "SV-230482r877390_rule",
+            "stig_id": "RHEL-08-030720",
+            "fix_id": "F-33126r568193_fix",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'SV-230482' do\n  title 'RHEL 8 must authenticate the remote logging server for off-loading\naudit logs.'\n  desc 'Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    RHEL 8 installation media provides \"rsyslogd\".  \"rsyslogd\" is a system\nutility providing support for message logging.  Support for both internet and\nUNIX domain sockets enables this utility to support both local and remote\nlogging.  Couple this utility with \"gnutls\" (which is a secure communications\nlibrary implementing the SSL, TLS and DTLS protocols), and you have a method to\nsecurely encrypt and off-load auditing.\n\n    \"Rsyslog\" supported authentication modes include:\n    anon - anonymous authentication\n    x509/fingerprint - certificate fingerprint authentication\n    x509/certvalid - certificate validation only\n    x509/name - certificate validation and subject name authentication.'\n  desc 'check', %q(Verify the operating system authenticates the remote logging server for\noff-loading audit logs with the following command:\n\n    $ sudo grep -i '$ActionSendStreamDriverAuthMode' /etc/rsyslog.conf\n/etc/rsyslog.d/*.conf\n\n    /etc/rsyslog.conf:$ActionSendStreamDriverAuthMode x509/name\n\n    If the value of the \"$ActionSendStreamDriverAuthMode\" option is not set\nto \"x509/name\" or the line is commented out, ask the System Administrator to\nindicate how the audit logs are off-loaded to a different system or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media is encrypted, this is a finding.)\n  desc 'fix', 'Configure the operating system to authenticate the remote logging server\nfor off-loading audit logs by setting the following option in\n\"/etc/rsyslog.conf\" or \"/etc/rsyslog.d/[customfile].conf\":\n\n    $ActionSendStreamDriverAuthMode x509/name'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-GPOS-00133'\n  tag satisfies: ['SRG-OS-000342-GPOS-00133', 'SRG-OS-000479-GPOS-00224']\n  tag gid: 'V-230482'\n  tag rid: 'SV-230482r877390_rule'\n  tag stig_id: 'RHEL-08-030720'\n  tag fix_id: 'F-33126r568193_fix'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe 'rsyslog configuration' do\n      subject {\n        command(\"grep -i '^\\$ActionSendStreamDriverAuthMode' /etc/rsyslog.conf /etc/rsyslog.d/* | awk -F ':' '{ print $2 }'\").stdout\n      }\n      it { should match %r{\\$ActionSendStreamDriverAuthMode\\s+x509/name} }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230482.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "rsyslog configuration is expected to match /\\$ActionSendStreamDriverAuthMode\\s+x509\\/name/",
+              "run_time": 0.122329,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "rsyslog configuration"
+            }
+          ]
+        },
+        {
+          "id": "SV-230483",
+          "title": "RHEL 8 must take action when allocated audit record storage volume\n    reaches 75 percent of the repository maximum audit record storage capacity.",
+          "desc": "If security personnel are not notified immediately when storage volume\n    reaches 75 percent utilization, they are unable to plan for audit record\n    storage capacity expansion.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If security personnel are not notified immediately when storage volume\n    reaches 75 percent utilization, they are unable to plan for audit record\n    storage capacity expansion."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 takes action when allocated audit record storage\n    volume reaches 75 percent of the repository maximum audit record storage\n    capacity with the following commands:\n\n        $ sudo grep -w space_left /etc/audit/auditd.conf\n\n        space_left = 25%\n\n    If the value of the \"space_left\" keyword is not set to \"25%\" or if the\n    line is commented out, ask the System Administrator to indicate how the system\n    is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\n    this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to initiate an action to notify the\n    SA and ISSO (at a minimum) when allocated audit record storage volume reaches\n    75 percent of the repository maximum audit record storage capacity by\n    adding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left = 25%\n\n    Note: Option names and values in the auditd.conf file are case insensitive."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000343-GPOS-00134",
+            "gid": "V-230483",
+            "rid": "SV-230483r877389_rule",
+            "stig_id": "RHEL-08-030730",
+            "fix_id": "F-33127r744013_fix",
+            "cci": [
+              "CCI-001855"
+            ],
+            "nist": [
+              "AU-5 (1)"
+            ]
+          },
+          "code": "control 'SV-230483' do\n  title 'RHEL 8 must take action when allocated audit record storage volume\n    reaches 75 percent of the repository maximum audit record storage capacity.'\n  desc 'If security personnel are not notified immediately when storage volume\n    reaches 75 percent utilization, they are unable to plan for audit record\n    storage capacity expansion.'\n  desc 'check', 'Verify RHEL 8 takes action when allocated audit record storage\n    volume reaches 75 percent of the repository maximum audit record storage\n    capacity with the following commands:\n\n        $ sudo grep -w space_left /etc/audit/auditd.conf\n\n        space_left = 25%\n\n    If the value of the \"space_left\" keyword is not set to \"25%\" or if the\n    line is commented out, ask the System Administrator to indicate how the system\n    is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\n    this is a finding.'\n  desc 'fix', 'Configure the operating system to initiate an action to notify the\n    SA and ISSO (at a minimum) when allocated audit record storage volume reaches\n    75 percent of the repository maximum audit record storage capacity by\n    adding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left = 25%\n\n    Note: Option names and values in the auditd.conf file are case insensitive.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000343-GPOS-00134'\n  tag gid: 'V-230483'\n  tag rid: 'SV-230483r877389_rule'\n  tag stig_id: 'RHEL-08-030730'\n  tag fix_id: 'F-33127r744013_fix'\n  tag cci: ['CCI-001855']\n  tag nist: ['AU-5 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe auditd_conf do\n      its('space_left') { should cmp '25%' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230483.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Audit Daemon Config space_left is expected to cmp == \"25%\"",
+              "run_time": 0.00081,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "auditd_conf",
+              "resource_params": "[]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230484",
+          "title": "RHEL 8 must securely compare internal information system clocks at\nleast every 24 hours with a server synchronized to an authoritative time\nsource, such as the United States Naval Observatory (USNO) time servers, or a\ntime server designated for the appropriate DoD network (NIPRNet/SIPRNet),\nand/or the Global Positioning System (GPS).",
+          "desc": "Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n    If time stamps are not consistently applied and there is no common time\nreference, it is difficult to perform forensic analysis.\n\n    Time stamps generated by the operating system include date and time. Time\nis commonly expressed in Coordinated Universal Time (UTC), a modern\ncontinuation of Greenwich Mean Time (GMT), or local time with an offset from\nUTC.\n\n    RHEL 8 utilizes the \"timedatectl\" command to view the status of the\n\"systemd-timesyncd.service\". The \"timedatectl\" status will display the\nlocal time, UTC, and the offset from UTC.\n\n    Note that USNO offers authenticated NTP service to DoD and U.S. Government\nagencies operating on the NIPR and SIPR networks. Visit\nhttps://www.usno.navy.mil/USNO/time/ntp/dod-customers for more information.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n    If time stamps are not consistently applied and there is no common time\nreference, it is difficult to perform forensic analysis.\n\n    Time stamps generated by the operating system include date and time. Time\nis commonly expressed in Coordinated Universal Time (UTC), a modern\ncontinuation of Greenwich Mean Time (GMT), or local time with an offset from\nUTC.\n\n    RHEL 8 utilizes the \"timedatectl\" command to view the status of the\n\"systemd-timesyncd.service\". The \"timedatectl\" status will display the\nlocal time, UTC, and the offset from UTC.\n\n    Note that USNO offers authenticated NTP service to DoD and U.S. Government\nagencies operating on the NIPR and SIPR networks. Visit\nhttps://www.usno.navy.mil/USNO/time/ntp/dod-customers for more information."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is securely comparing internal information system clocks at\nleast every 24 hours with an NTP server with the following commands:\n\n    $ sudo grep maxpoll /etc/chrony.conf\n\n    server 0.us.pool.ntp.mil iburst maxpoll 16\n\n    If the \"maxpoll\" option is set to a number greater than 16 or the line is\ncommented out, this is a finding.\n\n    Verify the \"chrony.conf\" file is configured to an authoritative DoD time\nsource by running the following command:\n\n    $ sudo grep -i server /etc/chrony.conf\n    server 0.us.pool.ntp.mil\n\n    If the parameter \"server\" is not set or is not set to an authoritative\nDoD time source, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to securely compare internal information\nsystem clocks at least every 24 hours with an NTP server by adding/modifying\nthe following line in the /etc/chrony.conf file.\n\n    server [ntp.server.name] iburst maxpoll 16"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000355-GPOS-00143",
+            "satisfies": [
+              "SRG-OS-000355-GPOS-00143",
+              "SRG-OS-000356-GPOS-00144",
+              "SRG-OS-000359-GPOS-00146"
+            ],
+            "gid": "V-230484",
+            "rid": "SV-230484r877038_rule",
+            "stig_id": "RHEL-08-030740",
+            "fix_id": "F-33128r568199_fix",
+            "cci": [
+              "CCI-001891"
+            ],
+            "nist": [
+              "AU-8 (1) (a)"
+            ]
+          },
+          "code": "control 'SV-230484' do\n  title 'RHEL 8 must securely compare internal information system clocks at\nleast every 24 hours with a server synchronized to an authoritative time\nsource, such as the United States Naval Observatory (USNO) time servers, or a\ntime server designated for the appropriate DoD network (NIPRNet/SIPRNet),\nand/or the Global Positioning System (GPS).'\n  desc 'Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n    If time stamps are not consistently applied and there is no common time\nreference, it is difficult to perform forensic analysis.\n\n    Time stamps generated by the operating system include date and time. Time\nis commonly expressed in Coordinated Universal Time (UTC), a modern\ncontinuation of Greenwich Mean Time (GMT), or local time with an offset from\nUTC.\n\n    RHEL 8 utilizes the \"timedatectl\" command to view the status of the\n\"systemd-timesyncd.service\". The \"timedatectl\" status will display the\nlocal time, UTC, and the offset from UTC.\n\n    Note that USNO offers authenticated NTP service to DoD and U.S. Government\nagencies operating on the NIPR and SIPR networks. Visit\nhttps://www.usno.navy.mil/USNO/time/ntp/dod-customers for more information.'\n  desc 'check', 'Verify RHEL 8 is securely comparing internal information system clocks at\nleast every 24 hours with an NTP server with the following commands:\n\n    $ sudo grep maxpoll /etc/chrony.conf\n\n    server 0.us.pool.ntp.mil iburst maxpoll 16\n\n    If the \"maxpoll\" option is set to a number greater than 16 or the line is\ncommented out, this is a finding.\n\n    Verify the \"chrony.conf\" file is configured to an authoritative DoD time\nsource by running the following command:\n\n    $ sudo grep -i server /etc/chrony.conf\n    server 0.us.pool.ntp.mil\n\n    If the parameter \"server\" is not set or is not set to an authoritative\nDoD time source, this is a finding.'\n  desc 'fix', 'Configure the operating system to securely compare internal information\nsystem clocks at least every 24 hours with an NTP server by adding/modifying\nthe following line in the /etc/chrony.conf file.\n\n    server [ntp.server.name] iburst maxpoll 16'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-GPOS-00143'\n  tag satisfies: ['SRG-OS-000355-GPOS-00143', 'SRG-OS-000356-GPOS-00144', 'SRG-OS-000359-GPOS-00146']\n  tag gid: 'V-230484'\n  tag rid: 'SV-230484r877038_rule'\n  tag stig_id: 'RHEL-08-030740'\n  tag fix_id: 'F-33128r568199_fix'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    time_sources = ntp_conf('/etc/chrony.conf').server\n    # Cover case when a single server is defined and resource returns a string and not an array\n    time_sources = [time_sources] if time_sources.is_a? String\n\n    unless time_sources.nil?\n      max_poll_values = time_sources.map { |val|\n        val.match?(/.*maxpoll.*/) ? val.gsub(/.*maxpoll\\s+(\\d+)(\\s+.*|$)/, '\\1').to_i : 10\n      }\n    end\n\n    # Verify the \"chrony.conf\" file is configured to an authoritative DoD time source by running the following command:\n\n    describe ntp_conf('/etc/chrony.conf') do\n      its('server') { should_not be_nil }\n    end\n\n    unless ntp_conf('/etc/chrony.conf').server.nil?\n      if ntp_conf('/etc/chrony.conf').server.is_a? String\n        describe ntp_conf('/etc/chrony.conf') do\n          its('server') { should match input('authoritative_timeserver') }\n        end\n      end\n\n      if ntp_conf('/etc/chrony.conf').server.is_a? Array\n        describe ntp_conf('/etc/chrony.conf') do\n          its('server.join') { should match input('authoritative_timeserver') }\n        end\n      end\n    end\n    # All time sources must contain valid maxpoll entries\n    unless time_sources.nil?\n      describe 'chronyd maxpoll values (99=maxpoll absent)' do\n        subject { max_poll_values }\n        it { should all be < 17 }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230484.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "ntp.conf server is expected not to be nil",
+              "run_time": 0.000352,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "ntp_conf",
+              "resource_params": "[\"/etc/chrony.conf\"]",
+              "resource_id": "/etc/chrony.conf"
+            },
+            {
+              "status": "failed",
+              "code_desc": "ntp.conf server is expected to match \"0.us.pool.ntp.mil\"",
+              "run_time": 0.00055,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "message": "expected \"169.254.169.123 prefer iburst minpoll 4 maxpoll 4\" to match \"0.us.pool.ntp.mil\"",
+              "resource_class": "ntp_conf",
+              "resource_params": "[\"/etc/chrony.conf\"]",
+              "resource_id": "/etc/chrony.conf"
+            },
+            {
+              "status": "passed",
+              "code_desc": "chronyd maxpoll values (99=maxpoll absent) is expected to all be < 17",
+              "run_time": 0.004196,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "chronyd maxpoll values (99=maxpoll absent)"
+            }
+          ]
+        },
+        {
+          "id": "SV-230485",
+          "title": "RHEL 8 must disable the chrony daemon from acting as a server.",
+          "desc": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nMinimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nMinimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information."
+            },
+            {
+              "label": "check",
+              "data": "Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables the chrony daemon from acting as a server with the following command:\n\n     $ sudo grep -w 'port' /etc/chrony.conf\n     port 0\n\nIf the \"port\" option is not set to \"0\", is commented out or missing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the chrony daemon from acting as a server by adding or modifying the following line in the \"/etc/chrony.conf\" file:\n\n     port 0"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230485",
+            "rid": "SV-230485r928590_rule",
+            "stig_id": "RHEL-08-030741",
+            "fix_id": "F-33129r928589_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230485' do\n  title 'RHEL 8 must disable the chrony daemon from acting as a server.'\n  desc 'Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nMinimizing the exposure of the server functionality of the chrony daemon diminishes the attack surface.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.'\n  desc 'check', %q(Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables the chrony daemon from acting as a server with the following command:\n\n     $ sudo grep -w 'port' /etc/chrony.conf\n     port 0\n\nIf the \"port\" option is not set to \"0\", is commented out or missing, this is a finding.)\n  desc 'fix', 'Configure the operating system to disable the chrony daemon from acting as a server by adding or modifying the following line in the \"/etc/chrony.conf\" file:\n\n     port 0'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230485'\n  tag rid: 'SV-230485r928590_rule'\n  tag stig_id: 'RHEL-08-030741'\n  tag fix_id: 'F-33129r928589_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  chrony_conf = ntp_conf('/etc/chrony.conf')\n\n  if virtualization.system.eql?('docker') && !file('/etc/chrony.conf').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe chrony_conf do\n      its('port') { should cmp 0 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230485.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "ntp.conf port is expected to cmp == 0",
+              "run_time": 0.000357,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "message": "\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "ntp_conf",
+              "resource_params": "[\"/etc/chrony.conf\"]",
+              "resource_id": "/etc/chrony.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230486",
+          "title": "RHEL 8 must disable network management of the chrony daemon.",
+          "desc": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nNot exposing the management interface of the chrony daemon on the network diminishes the attack space.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nNot exposing the management interface of the chrony daemon on the network diminishes the attack space.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information."
+            },
+            {
+              "label": "check",
+              "data": "Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables network management of the chrony daemon with the following command:\n\n     $ sudo grep -w 'cmdport' /etc/chrony.conf\n     cmdport 0\n\nIf the \"cmdport\" option is not set to \"0\", is commented out or missing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system disable network management of the chrony daemon by adding or modifying the following line in the \"/etc/chrony.conf\" file.\n\n     cmdport 0"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230486",
+            "rid": "SV-230486r928593_rule",
+            "stig_id": "RHEL-08-030742",
+            "fix_id": "F-33130r928592_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230486' do\n  title 'RHEL 8 must disable network management of the chrony daemon.'\n  desc 'Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside the configured acceptable allowance (drift) may be inaccurate.\n\nNot exposing the management interface of the chrony daemon on the network diminishes the attack space.\n\nRHEL 8 utilizes the \"timedatectl\" command to view the status of the \"systemd-timesyncd.service\". The \"timedatectl\" status will display the local time, UTC, and the offset from UTC.\n\nNote that USNO offers authenticated NTP service to DOD and U.S. Government agencies operating on the NIPR and SIPR networks. Visit https://www.usno.navy.mil/USNO/time/ntp/DOD-customers for more information.'\n  desc 'check', %q(Note: If the system is approved and documented by the information system security officer (ISSO) to function as an NTP time server, this requirement is Not Applicable.\n\nVerify RHEL 8 disables network management of the chrony daemon with the following command:\n\n     $ sudo grep -w 'cmdport' /etc/chrony.conf\n     cmdport 0\n\nIf the \"cmdport\" option is not set to \"0\", is commented out or missing, this is a finding.)\n  desc 'fix', 'Configure the operating system disable network management of the chrony daemon by adding or modifying the following line in the \"/etc/chrony.conf\" file.\n\n     cmdport 0'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230486'\n  tag rid: 'SV-230486r928593_rule'\n  tag stig_id: 'RHEL-08-030742'\n  tag fix_id: 'F-33130r928592_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker') && !file('/etc/chrony.conf').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe ntp_conf('/etc/chrony.conf') do\n      its('cmdport') { should cmp 0 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230486.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "ntp.conf cmdport is expected to cmp == 0",
+              "run_time": 0.000302,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "message": "\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "ntp_conf",
+              "resource_params": "[\"/etc/chrony.conf\"]",
+              "resource_id": "/etc/chrony.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230487",
+          "title": "RHEL 8 must not have the telnet-server package installed.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised."
+            },
+            {
+              "label": "check",
+              "data": "Check to see if the telnet-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed telnet-server\n\n    If the telnet-server package is installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable non-essential capabilities by\nremoving the telnet-server package from the system with the following command:\n\n    $ sudo yum remove telnet-server"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230487",
+            "rid": "SV-230487r627750_rule",
+            "stig_id": "RHEL-08-040000",
+            "fix_id": "F-33131r568208_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230487' do\n  title 'RHEL 8 must not have the telnet-server package installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.'\n  desc 'check', 'Check to see if the telnet-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed telnet-server\n\n    If the telnet-server package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving the telnet-server package from the system with the following command:\n\n    $ sudo yum remove telnet-server'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230487'\n  tag rid: 'SV-230487r627750_rule'\n  tag stig_id: 'RHEL-08-040000'\n  tag fix_id: 'F-33131r568208_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('telnet-server') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230487.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package telnet-server is expected not to be installed",
+              "run_time": 0.124659,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"telnet-server\"]",
+              "resource_id": "telnet-server"
+            }
+          ]
+        },
+        {
+          "id": "SV-230488",
+          "title": "RHEL 8 must not have any automated bug reporting tools installed.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed."
+            },
+            {
+              "label": "check",
+              "data": "Check to see if any automated bug reporting packages are installed with the\nfollowing command:\n\n    $ sudo yum list installed abrt*\n\n    If any automated bug reporting package is installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable non-essential capabilities by\nremoving automated bug reporting packages from the system with the following\ncommand:\n\n    $ sudo yum remove abrt*"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230488",
+            "rid": "SV-230488r627750_rule",
+            "stig_id": "RHEL-08-040001",
+            "fix_id": "F-33132r568211_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230488' do\n  title 'RHEL 8 must not have any automated bug reporting tools installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.'\n  desc 'check', 'Check to see if any automated bug reporting packages are installed with the\nfollowing command:\n\n    $ sudo yum list installed abrt*\n\n    If any automated bug reporting package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving automated bug reporting packages from the system with the following\ncommand:\n\n    $ sudo yum remove abrt*'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230488'\n  tag rid: 'SV-230488r627750_rule'\n  tag stig_id: 'RHEL-08-040001'\n  tag fix_id: 'F-33132r568211_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe packages(/abrt/) do\n    its('statuses') { should_not cmp 'installed' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230488.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Packages /abrt/ statuses is expected not to cmp == \"installed\"",
+              "run_time": 0.000235,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "packages",
+              "resource_params": "[/abrt/]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230489",
+          "title": "RHEL 8 must not have the sendmail package installed.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed."
+            },
+            {
+              "label": "check",
+              "data": "Check to see if the sendmail package is installed with the following\ncommand:\n\n    $ sudo yum list installed sendmail\n\n    If the sendmail package is installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable non-essential capabilities by\nremoving the sendmail package from the system with the following command:\n\n    $ sudo yum remove sendmail"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230489",
+            "rid": "SV-230489r627750_rule",
+            "stig_id": "RHEL-08-040002",
+            "fix_id": "F-33133r568214_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230489' do\n  title 'RHEL 8 must not have the sendmail package installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.'\n  desc 'check', 'Check to see if the sendmail package is installed with the following\ncommand:\n\n    $ sudo yum list installed sendmail\n\n    If the sendmail package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving the sendmail package from the system with the following command:\n\n    $ sudo yum remove sendmail'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230489'\n  tag rid: 'SV-230489r627750_rule'\n  tag stig_id: 'RHEL-08-040002'\n  tag fix_id: 'F-33133r568214_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('sendmail') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230489.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package sendmail is expected not to be installed",
+              "run_time": 0.125388,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"sendmail\"]",
+              "resource_id": "sendmail"
+            }
+          ]
+        },
+        {
+          "id": "SV-230491",
+          "title": "RHEL 8 must enable mitigations against processor-based\nvulnerabilities.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    Kernel page-table isolation is a kernel feature that mitigates the Meltdown\nsecurity vulnerability and hardens the kernel against attempts to bypass kernel\naddress space layout randomization (KASLR).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    Kernel page-table isolation is a kernel feature that mitigates the Meltdown\nsecurity vulnerability and hardens the kernel against attempts to bypass kernel\naddress space layout randomization (KASLR)."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 enables kernel page-table isolation with the following commands:\n\n$ sudo grub2-editenv list | grep pti\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 pti=on boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"pti\" entry does not equal \"on\", is missing, or the line is commented out, this is a finding.\n\nCheck that kernel page-table isolation is enabled by default to persist in kernel updates:\n\n$ sudo grep pti /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"pti=on\"\n\nIf \"pti\" is not set to \"on\", is missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to enable kernel page-table isolation with the following\ncommand:\n\n    $ sudo grubby --update-kernel=ALL --args=\"pti=on\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"pti=on\""
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230491",
+            "rid": "SV-230491r818842_rule",
+            "stig_id": "RHEL-08-040004",
+            "fix_id": "F-33135r568220_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230491' do\n  title 'RHEL 8 must enable mitigations against processor-based\nvulnerabilities.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    Kernel page-table isolation is a kernel feature that mitigates the Meltdown\nsecurity vulnerability and hardens the kernel against attempts to bypass kernel\naddress space layout randomization (KASLR).'\n  desc 'check', 'Verify RHEL 8 enables kernel page-table isolation with the following commands:\n\n$ sudo grub2-editenv list | grep pti\n\nkernelopts=root=/dev/mapper/rhel-root ro crashkernel=auto resume=/dev/mapper/rhel-swap rd.lvm.lv=rhel/root rd.lvm.lv=rhel/swap rhgb quiet fips=1 audit=1 audit_backlog_limit=8192 pti=on boot=UUID=8d171156-cd61-421c-ba41-1c021ac29e82\n\nIf the \"pti\" entry does not equal \"on\", is missing, or the line is commented out, this is a finding.\n\nCheck that kernel page-table isolation is enabled by default to persist in kernel updates:\n\n$ sudo grep pti /etc/default/grub\n\nGRUB_CMDLINE_LINUX=\"pti=on\"\n\nIf \"pti\" is not set to \"on\", is missing or commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable kernel page-table isolation with the following\ncommand:\n\n    $ sudo grubby --update-kernel=ALL --args=\"pti=on\"\n\n    Add or modify the following line in \"/etc/default/grub\" to ensure the\nconfiguration survives kernel updates:\n\n    GRUB_CMDLINE_LINUX=\"pti=on\"'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230491'\n  tag rid: 'SV-230491r818842_rule'\n  tag stig_id: 'RHEL-08-040004'\n  tag fix_id: 'F-33135r568220_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  grub_stdout = command('grub2-editenv - list').stdout\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config(grub_stdout) do\n      its('kernelopts') { should match(/pti=on/) }\n    end\n\n    describe parse_config_file('/etc/default/grub') do\n      its('GRUB_CMDLINE_LINUX') { should match(/pti=on/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230491.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config  kernelopts is expected to match /pti=on/",
+              "run_time": 0.004055,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "message": "expected \"root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\" to match /pti=on/",
+              "resource_class": "parse_config",
+              "resource_params": "[\"kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\\nboot_success=1\\n\"]",
+              "resource_id": "kernelopts=root=UUID=c6ce06eb-ddf1-4629-ad3f-d74d344e36b3 console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\nsaved_entry=63059be94d544ff888ed701147761216-4.18.0-513.9.1.el8_9.x86_64\nboot_success=1\n"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/default/grub GRUB_CMDLINE_LINUX is expected to match /pti=on/",
+              "run_time": 0.001833,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "message": "expected \"\\\"console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto\\\"\" to match /pti=on/",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/default/grub\"]",
+              "resource_id": "/etc/default/grub"
+            }
+          ]
+        },
+        {
+          "id": "SV-230492",
+          "title": "RHEL 8 must not have the rsh-server package installed.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised."
+            },
+            {
+              "label": "check",
+              "data": "Check to see if the rsh-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed rsh-server\n\n    If the rsh-server package is installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable non-essential capabilities by\nremoving the rsh-server package from the system with the following command:\n\n    $ sudo yum remove rsh-server"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "satisfies": [
+              "SRG-OS-000095-GPOS-00049",
+              "SRG-OS-000074-GPOS-00042"
+            ],
+            "gid": "V-230492",
+            "rid": "SV-230492r627750_rule",
+            "stig_id": "RHEL-08-040010",
+            "fix_id": "F-33136r568223_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230492' do\n  title 'RHEL 8 must not have the rsh-server package installed.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.'\n  desc 'check', 'Check to see if the rsh-server package is installed with the following\ncommand:\n\n    $ sudo yum list installed rsh-server\n\n    If the rsh-server package is installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable non-essential capabilities by\nremoving the rsh-server package from the system with the following command:\n\n    $ sudo yum remove rsh-server'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag satisfies: ['SRG-OS-000095-GPOS-00049', 'SRG-OS-000074-GPOS-00042']\n  tag gid: 'V-230492'\n  tag rid: 'SV-230492r627750_rule'\n  tag stig_id: 'RHEL-08-040010'\n  tag fix_id: 'F-33136r568223_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('rsh-server') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230492.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package rsh-server is expected not to be installed",
+              "run_time": 0.213471,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"rsh-server\"]",
+              "resource_id": "rsh-server"
+            }
+          ]
+        },
+        {
+          "id": "SV-230493",
+          "title": "RHEL 8 must cover or disable the built-in or attached camera when not\nin use.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect from collaborative computing devices (i.e., cameras)\ncan result in subsequent compromises of organizational information. Providing\neasy methods to physically disconnect from such devices after a collaborative\ncomputing session helps to ensure participants actually carry out the\ndisconnect activity without having to go through complex and tedious procedures.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect from collaborative computing devices (i.e., cameras)\ncan result in subsequent compromises of organizational information. Providing\neasy methods to physically disconnect from such devices after a collaborative\ncomputing session helps to ensure participants actually carry out the\ndisconnect activity without having to go through complex and tedious procedures."
+            },
+            {
+              "label": "check",
+              "data": "If the device or operating system does not have a camera installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of the camera is a local AO decision.\n\nThis requirement is not applicable to dedicated VTC suites located in approved VTC locations that are centrally managed.\n\nFor an external camera, if there is not a method for the operator to manually disconnect the camera at the end of collaborative computing sessions, this is a finding.\n\nFor a built-in camera, the camera must be protected by a camera cover (e.g., laptop camera cover slide) when not in use. If the built-in camera is not protected with a camera cover, or is not physically disabled, this is a finding.\n\nIf the camera is not disconnected, covered, or physically disabled, determine if it is being disabled via software with the following commands:\n\nVerify the operating system disables the ability to load the uvcvideo kernel module.\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall uvcvideo /bin/true\n\nIf the command does not return any output, or the line is commented out, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the camera is disabled via blacklist with the following command:\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist uvcvideo\n\nIf the command does not return any output or the output is not \"blacklist uvcvideo\", and the collaborative computing device has not been authorized for use, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the built-in or attached camera when not in use.\n\nBuild or modify the \"/etc/modprobe.d/blacklist.conf\" file by using the following example:\n\ninstall uvcvideo /bin/true\nblacklist uvcvideo\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "satisfies": [
+              "SRG-OS-000095-GPOS-00049",
+              "SRG-OS-000370-GPOS-00155"
+            ],
+            "gid": "V-230493",
+            "rid": "SV-230493r809316_rule",
+            "stig_id": "RHEL-08-040020",
+            "fix_id": "F-33137r809315_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230493' do\n  title 'RHEL 8 must cover or disable the built-in or attached camera when not\nin use.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect from collaborative computing devices (i.e., cameras)\ncan result in subsequent compromises of organizational information. Providing\neasy methods to physically disconnect from such devices after a collaborative\ncomputing session helps to ensure participants actually carry out the\ndisconnect activity without having to go through complex and tedious procedures.'\n  desc 'check', 'If the device or operating system does not have a camera installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of the camera is a local AO decision.\n\nThis requirement is not applicable to dedicated VTC suites located in approved VTC locations that are centrally managed.\n\nFor an external camera, if there is not a method for the operator to manually disconnect the camera at the end of collaborative computing sessions, this is a finding.\n\nFor a built-in camera, the camera must be protected by a camera cover (e.g., laptop camera cover slide) when not in use. If the built-in camera is not protected with a camera cover, or is not physically disabled, this is a finding.\n\nIf the camera is not disconnected, covered, or physically disabled, determine if it is being disabled via software with the following commands:\n\nVerify the operating system disables the ability to load the uvcvideo kernel module.\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall uvcvideo /bin/true\n\nIf the command does not return any output, or the line is commented out, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the camera is disabled via blacklist with the following command:\n\n$ sudo grep -r uvcvideo /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist uvcvideo\n\nIf the command does not return any output or the output is not \"blacklist uvcvideo\", and the collaborative computing device has not been authorized for use, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the built-in or attached camera when not in use.\n\nBuild or modify the \"/etc/modprobe.d/blacklist.conf\" file by using the following example:\n\ninstall uvcvideo /bin/true\nblacklist uvcvideo\n\nReboot the system for the settings to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag satisfies: ['SRG-OS-000095-GPOS-00049', 'SRG-OS-000370-GPOS-00155']\n  tag gid: 'V-230493'\n  tag rid: 'SV-230493r809316_rule'\n  tag stig_id: 'RHEL-08-040020'\n  tag fix_id: 'F-33137r809315_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('camera_installed')\n    describe kernel_module('uvcvideo') do\n      it { should_not be_loaded }\n      it { should be_blacklisted }\n    end\n  else\n    impact 0.0\n    describe 'Device or operating system does not have a camera installed' do\n      skip 'Device or operating system does not have a camera installed, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230493.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Module uvcvideo is expected not to be loaded",
+              "run_time": 0.121619,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"uvcvideo\"]",
+              "resource_id": "uvcvideo"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module uvcvideo is expected to be blacklisted",
+              "run_time": 1.070168,
+              "start_time": "2024-01-09T19:40:55-05:00",
+              "message": "expected `Kernel Module uvcvideo.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"uvcvideo\"]",
+              "resource_id": "uvcvideo"
+            }
+          ]
+        },
+        {
+          "id": "SV-230494",
+          "title": "RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Asynchronous Transfer Mode (ATM) is a protocol operating on network,\ndata link, and physical layers, based on virtual circuits and virtual paths.\nDisabling ATM protects the system against exploitation of any laws in its\nimplementation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Asynchronous Transfer Mode (ATM) is a protocol operating on network,\ndata link, and physical layers, based on virtual circuits and virtual paths.\nDisabling ATM protects the system against exploitation of any laws in its\nimplementation."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the ATM protocol kernel module.\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall atm /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the ATM protocol.\n\nCheck to see if the ATM protocol is disabled with the following command:\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist atm\n\nIf the command does not return any output or the output is not \"blacklist atm\", and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the ATM protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall atm /bin/true\nblacklist atm\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230494",
+            "rid": "SV-230494r792911_rule",
+            "stig_id": "RHEL-08-040021",
+            "fix_id": "F-33138r792910_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230494' do\n  title 'RHEL 8 must disable the asynchronous transfer mode (ATM) protocol.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Asynchronous Transfer Mode (ATM) is a protocol operating on network,\ndata link, and physical layers, based on virtual circuits and virtual paths.\nDisabling ATM protects the system against exploitation of any laws in its\nimplementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the ATM protocol kernel module.\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall atm /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the ATM protocol.\n\nCheck to see if the ATM protocol is disabled with the following command:\n\n$ sudo grep -r atm /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist atm\n\nIf the command does not return any output or the output is not \"blacklist atm\", and use of the ATM protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the ATM protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall atm /bin/true\nblacklist atm\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230494'\n  tag rid: 'SV-230494r792911_rule'\n  tag stig_id: 'RHEL-08-040021'\n  tag fix_id: 'F-33138r792910_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('atm') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230494.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module atm is expected to be disabled",
+              "run_time": 0.003304,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module atm.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"atm\"]",
+              "resource_id": "atm"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module atm is expected to be blacklisted",
+              "run_time": 0.004042,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module atm.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"atm\"]",
+              "resource_id": "atm"
+            }
+          ]
+        },
+        {
+          "id": "SV-230495",
+          "title": "RHEL 8 must disable the controller area network (CAN) protocol.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Controller Area Network (CAN) is a serial communications protocol,\nwhich was initially developed for automotive and is now also used in marine,\nindustrial, and medical applications. Disabling CAN protects the system against\nexploitation of any flaws in its implementation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Controller Area Network (CAN) is a serial communications protocol,\nwhich was initially developed for automotive and is now also used in marine,\nindustrial, and medical applications. Disabling CAN protects the system against\nexploitation of any flaws in its implementation."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the CAN protocol kernel module.\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall can /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the CAN protocol.\n\nCheck to see if the CAN protocol is disabled with the following command:\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist can\n\nIf the command does not return any output or the output is not \"blacklist can\", and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the CAN protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall can /bin/true\nblacklist can\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230495",
+            "rid": "SV-230495r792914_rule",
+            "stig_id": "RHEL-08-040022",
+            "fix_id": "F-33139r792913_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230495' do\n  title 'RHEL 8 must disable the controller area network (CAN) protocol.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Controller Area Network (CAN) is a serial communications protocol,\nwhich was initially developed for automotive and is now also used in marine,\nindustrial, and medical applications. Disabling CAN protects the system against\nexploitation of any flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the CAN protocol kernel module.\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall can /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the CAN protocol.\n\nCheck to see if the CAN protocol is disabled with the following command:\n\n$ sudo grep -r can /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist can\n\nIf the command does not return any output or the output is not \"blacklist can\", and use of the CAN protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the CAN protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall can /bin/true\nblacklist can\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230495'\n  tag rid: 'SV-230495r792914_rule'\n  tag stig_id: 'RHEL-08-040022'\n  tag fix_id: 'F-33139r792913_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('can') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230495.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module can is expected to be disabled",
+              "run_time": 0.002773,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module can.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"can\"]",
+              "resource_id": "can"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module can is expected to be blacklisted",
+              "run_time": 0.003998,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module can.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"can\"]",
+              "resource_id": "can"
+            }
+          ]
+        },
+        {
+          "id": "SV-230496",
+          "title": "RHEL 8 must disable the stream control transmission protocol (SCTP).",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Stream Control Transmission Protocol (SCTP) is a transport layer\nprotocol, designed to support the idea of message-oriented communication, with\nseveral streams of messages within one connection. Disabling SCTP protects the\nsystem against exploitation of any flaws in its implementation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Stream Control Transmission Protocol (SCTP) is a transport layer\nprotocol, designed to support the idea of message-oriented communication, with\nseveral streams of messages within one connection. Disabling SCTP protects the\nsystem against exploitation of any flaws in its implementation."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the SCTP kernel module.\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall sctp /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the SCTP.\n\nCheck to see if the SCTP is disabled with the following command:\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist sctp\n\nIf the command does not return any output or the output is not \"blacklist sctp\", and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the SCTP kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall sctp /bin/true\nblacklist sctp\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230496",
+            "rid": "SV-230496r792917_rule",
+            "stig_id": "RHEL-08-040023",
+            "fix_id": "F-33140r792916_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230496' do\n  title 'RHEL 8 must disable the stream control transmission protocol (SCTP).'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Stream Control Transmission Protocol (SCTP) is a transport layer\nprotocol, designed to support the idea of message-oriented communication, with\nseveral streams of messages within one connection. Disabling SCTP protects the\nsystem against exploitation of any flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the SCTP kernel module.\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall sctp /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the SCTP.\n\nCheck to see if the SCTP is disabled with the following command:\n\n$ sudo grep -r sctp /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist sctp\n\nIf the command does not return any output or the output is not \"blacklist sctp\", and use of the SCTP is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the SCTP kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall sctp /bin/true\nblacklist sctp\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230496'\n  tag rid: 'SV-230496r792917_rule'\n  tag stig_id: 'RHEL-08-040023'\n  tag fix_id: 'F-33140r792916_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('sctp') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230496.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module sctp is expected to be disabled",
+              "run_time": 0.0028,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module sctp.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"sctp\"]",
+              "resource_id": "sctp"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module sctp is expected to be blacklisted",
+              "run_time": 0.003977,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module sctp.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"sctp\"]",
+              "resource_id": "sctp"
+            }
+          ]
+        },
+        {
+          "id": "SV-230497",
+          "title": "RHEL 8 must disable the transparent inter-process communication (TIPC)\nprotocol.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Transparent Inter-Process Communication (TIPC) protocol is designed to\nprovide communications between nodes in a cluster. Disabling TIPC protects the\nsystem against exploitation of any flaws in its implementation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Transparent Inter-Process Communication (TIPC) protocol is designed to\nprovide communications between nodes in a cluster. Disabling TIPC protects the\nsystem against exploitation of any flaws in its implementation."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the TIPC protocol kernel module.\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall tipc /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the TIPC protocol.\n\nCheck to see if the TIPC protocol is disabled with the following command:\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist tipc\n\nIf the command does not return any output or the output is not \"blacklist tipc\", and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the TIPC protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall tipc /bin/true\nblacklist tipc\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230497",
+            "rid": "SV-230497r792920_rule",
+            "stig_id": "RHEL-08-040024",
+            "fix_id": "F-33141r792919_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230497' do\n  title 'RHEL 8 must disable the transparent inter-process communication (TIPC)\nprotocol.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Failing to disconnect unused protocols can result in a system compromise.\n\n    The Transparent Inter-Process Communication (TIPC) protocol is designed to\nprovide communications between nodes in a cluster. Disabling TIPC protects the\nsystem against exploitation of any flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the TIPC protocol kernel module.\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall tipc /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the TIPC protocol.\n\nCheck to see if the TIPC protocol is disabled with the following command:\n\n$ sudo grep -r tipc /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist tipc\n\nIf the command does not return any output or the output is not \"blacklist tipc\", and use of the TIPC protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the TIPC protocol kernel module.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall tipc /bin/true\nblacklist tipc\n\nReboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230497'\n  tag rid: 'SV-230497r792920_rule'\n  tag stig_id: 'RHEL-08-040024'\n  tag fix_id: 'F-33141r792919_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('tipc') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230497.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module tipc is expected to be disabled",
+              "run_time": 0.002765,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module tipc.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"tipc\"]",
+              "resource_id": "tipc"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module tipc is expected to be blacklisted",
+              "run_time": 0.004032,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module tipc.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"tipc\"]",
+              "resource_id": "tipc"
+            }
+          ]
+        },
+        {
+          "id": "SV-230498",
+          "title": "RHEL 8 must disable mounting of cramfs.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Removing support for unneeded filesystem types reduces the local attack\nsurface of the server.\n\n    Compressed ROM/RAM file system (or cramfs) is a read-only file system\ndesigned for simplicity and space-efficiency.  It is mainly used in embedded\nand small-footprint systems.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Removing support for unneeded filesystem types reduces the local attack\nsurface of the server.\n\n    Compressed ROM/RAM file system (or cramfs) is a read-only file system\ndesigned for simplicity and space-efficiency.  It is mainly used in embedded\nand small-footprint systems."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the cramfs kernel module.\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall cramfs /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the cramfs protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the cramfs kernel module.\n\nCheck to see if the cramfs kernel module is disabled with the following command:\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist cramfs\n\nIf the command does not return any output or the output is not \"blacklist cramfs\", and use of the cramfs kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the cramfs\nkernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install cramfs /bin/true\n    blacklist cramfs\n\n    Reboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230498",
+            "rid": "SV-230498r792922_rule",
+            "stig_id": "RHEL-08-040025",
+            "fix_id": "F-33142r568241_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230498' do\n  title 'RHEL 8 must disable mounting of cramfs.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Removing support for unneeded filesystem types reduces the local attack\nsurface of the server.\n\n    Compressed ROM/RAM file system (or cramfs) is a read-only file system\ndesigned for simplicity and space-efficiency.  It is mainly used in embedded\nand small-footprint systems.'\n  desc 'check', 'Verify the operating system disables the ability to load the cramfs kernel module.\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall cramfs /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the cramfs protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the cramfs kernel module.\n\nCheck to see if the cramfs kernel module is disabled with the following command:\n\n$ sudo grep -r cramfs /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist cramfs\n\nIf the command does not return any output or the output is not \"blacklist cramfs\", and use of the cramfs kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the cramfs\nkernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install cramfs /bin/true\n    blacklist cramfs\n\n    Reboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230498'\n  tag rid: 'SV-230498r792922_rule'\n  tag stig_id: 'RHEL-08-040025'\n  tag fix_id: 'F-33142r568241_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('cramfs') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230498.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module cramfs is expected to be disabled",
+              "run_time": 0.002735,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module cramfs.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"cramfs\"]",
+              "resource_id": "cramfs"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module cramfs is expected to be blacklisted",
+              "run_time": 0.004046,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module cramfs.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"cramfs\"]",
+              "resource_id": "cramfs"
+            }
+          ]
+        },
+        {
+          "id": "SV-230499",
+          "title": "RHEL 8 must disable IEEE 1394 (FireWire) Support.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time\ncommunication. Disabling FireWire protects the system against exploitation of\nany flaws in its implementation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time\ncommunication. Disabling FireWire protects the system against exploitation of\nany flaws in its implementation."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the firewire-core kernel module.\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall firewire-core /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the firewire-core protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the firewire-core kernel module.\n\nCheck to see if the firewire-core kernel module is disabled with the following command:\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist firewire-core\n\nIf the command does not return any output or the output is not \"blacklist firewire-core\", and use of the firewire-core kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the\nfirewire-core kernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install firewire-core /bin/true\n    blacklist firewire-core\n\n    Reboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000095-GPOS-00049",
+            "gid": "V-230499",
+            "rid": "SV-230499r792924_rule",
+            "stig_id": "RHEL-08-040026",
+            "fix_id": "F-33143r568244_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230499' do\n  title 'RHEL 8 must disable IEEE 1394 (FireWire) Support.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    The IEEE 1394 (FireWire) is a serial bus standard for high-speed real-time\ncommunication. Disabling FireWire protects the system against exploitation of\nany flaws in its implementation.'\n  desc 'check', 'Verify the operating system disables the ability to load the firewire-core kernel module.\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"/bin/true\"\n\ninstall firewire-core /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of the firewire-core protocol is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use the firewire-core kernel module.\n\nCheck to see if the firewire-core kernel module is disabled with the following command:\n\n$ sudo grep -r firewire-core /etc/modprobe.d/* | grep \"blacklist\"\n\nblacklist firewire-core\n\nIf the command does not return any output or the output is not \"blacklist firewire-core\", and use of the firewire-core kernel module is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the\nfirewire-core kernel module.\n\n    Add or update the following lines in the file\n\"/etc/modprobe.d/blacklist.conf\":\n\n    install firewire-core /bin/true\n    blacklist firewire-core\n\n    Reboot the system for the settings to take effect.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000095-GPOS-00049'\n  tag gid: 'V-230499'\n  tag rid: 'SV-230499r792924_rule'\n  tag stig_id: 'RHEL-08-040026'\n  tag fix_id: 'F-33143r568244_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('firewire_core') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230499.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module firewire_core is expected to be disabled",
+              "run_time": 0.002745,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module firewire_core.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"firewire_core\"]",
+              "resource_id": "firewire_core"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module firewire_core is expected to be blacklisted",
+              "run_time": 0.004021,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module firewire_core.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"firewire_core\"]",
+              "resource_id": "firewire_core"
+            }
+          ]
+        },
+        {
+          "id": "SV-230500",
+          "title": "RHEL 8 must be configured to prohibit or restrict the use of\nfunctions, ports, protocols, and/or services, as defined in the Ports,\nProtocols, and Services Management (PPSM) Category Assignments List (CAL) and\nvulnerability assessments.",
+          "desc": "To prevent unauthorized connection of devices, unauthorized transfer\nof information, or unauthorized tunneling (i.e., embedding of data types within\ndata types), organizations must disable or restrict unused or unnecessary\nphysical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality-of-life issues.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To prevent unauthorized connection of devices, unauthorized transfer\nof information, or unauthorized tunneling (i.e., embedding of data types within\ndata types), organizations must disable or restrict unused or unnecessary\nphysical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality-of-life issues."
+            },
+            {
+              "label": "check",
+              "data": "Inspect the firewall configuration and running services to verify it is\nconfigured to prohibit or restrict the use of functions, ports, protocols,\nand/or services that are unnecessary or prohibited.\n\n    Check which services are currently active with the following command:\n\n    $ sudo firewall-cmd --list-all-zones\n\n    custom (active)\n    target: DROP\n    icmp-block-inversion: no\n    interfaces: ens33\n    sources:\n    services: dhcpv6-client dns http https ldaps rpc-bind ssh\n    ports:\n    masquerade: no\n    forward-ports:\n    icmp-blocks:\n    rich rules:\n\n    Ask the System Administrator for the site or program Ports, Protocols, and\nServices Management Component Local Service Assessment (PPSM CLSA). Verify the\nservices allowed by the firewall match the PPSM CLSA.\n\n    If there are additional ports, protocols, or services that are not in the\nPPSM CLSA, or there are ports, protocols, or services that are prohibited by\nthe PPSM Category Assurance List (CAL), this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Update the host's firewall settings and/or running services to\ncomply with the PPSM Component Local Service Assessment (CLSA) for the site or\nprogram and the PPSM CAL."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000096-GPOS-00050",
+            "gid": "V-230500",
+            "rid": "SV-230500r627750_rule",
+            "stig_id": "RHEL-08-040030",
+            "fix_id": "F-33144r568247_fix",
+            "cci": [
+              "CCI-000382"
+            ],
+            "nist": [
+              "CM-7 b"
+            ]
+          },
+          "code": "control 'SV-230500' do\n  title 'RHEL 8 must be configured to prohibit or restrict the use of\nfunctions, ports, protocols, and/or services, as defined in the Ports,\nProtocols, and Services Management (PPSM) Category Assignments List (CAL) and\nvulnerability assessments.'\n  desc 'To prevent unauthorized connection of devices, unauthorized transfer\nof information, or unauthorized tunneling (i.e., embedding of data types within\ndata types), organizations must disable or restrict unused or unnecessary\nphysical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality-of-life issues.'\n  desc 'check', 'Inspect the firewall configuration and running services to verify it is\nconfigured to prohibit or restrict the use of functions, ports, protocols,\nand/or services that are unnecessary or prohibited.\n\n    Check which services are currently active with the following command:\n\n    $ sudo firewall-cmd --list-all-zones\n\n    custom (active)\n    target: DROP\n    icmp-block-inversion: no\n    interfaces: ens33\n    sources:\n    services: dhcpv6-client dns http https ldaps rpc-bind ssh\n    ports:\n    masquerade: no\n    forward-ports:\n    icmp-blocks:\n    rich rules:\n\n    Ask the System Administrator for the site or program Ports, Protocols, and\nServices Management Component Local Service Assessment (PPSM CLSA). Verify the\nservices allowed by the firewall match the PPSM CLSA.\n\n    If there are additional ports, protocols, or services that are not in the\nPPSM CLSA, or there are ports, protocols, or services that are prohibited by\nthe PPSM Category Assurance List (CAL), this is a finding.'\n  desc 'fix', \"Update the host's firewall settings and/or running services to\ncomply with the PPSM Component Local Service Assessment (CLSA) for the site or\nprogram and the PPSM CAL.\"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000096-GPOS-00050'\n  tag gid: 'V-230500'\n  tag rid: 'SV-230500r627750_rule'\n  tag stig_id: 'RHEL-08-040030'\n  tag fix_id: 'F-33144r568247_fix'\n  tag cci: ['CCI-000382']\n  tag nist: ['CM-7 b']\n\n  firewalld_properties = input('firewalld_properties')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe firewalld do\n      it { should be_running }\n      its('default_zone') { should eq firewalld_properties['default_zone'] }\n    end\n    describe firewalld.where { zone == firewalld_properties['default_zone'] } do\n      its('ports') { should cmp [firewalld_properties['ports']] }\n      its('protocols') { should cmp [firewalld_properties['protocols']] }\n      its('services') { should cmp [firewalld_properties['services']] }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230500.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules is expected to be running",
+              "run_time": 0.476668,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected that `Firewall Rules` is running",
+              "resource_class": "firewalld",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules default_zone is expected to eq \"public\"",
+              "run_time": 0.401197,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "\nexpected: \"public\"\n     got: \"Error on command firewall-cmd --get-default-zone: FirewallD is not running\\n\"\n\n(compared using ==)",
+              "resource_class": "firewalld",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules with zone == \"public\" ports is expected to cmp == [[]]",
+              "run_time": 0.000456,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "\nexpected: [[]]\n     got: []\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules with zone == \"public\" protocols is expected to cmp == [[]]",
+              "run_time": 0.000261,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "\nexpected: [[]]\n     got: []\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules with zone == \"public\" services is expected to cmp == [[\"cockpit\", \"dhcpv6-client\", \"ssh\"]]",
+              "run_time": 0.000251,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "\nexpected: [[\"cockpit\", \"dhcpv6-client\", \"ssh\"]]\n     got: []\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230502",
+          "title": "The RHEL 8 file system automounter must be disabled unless required.",
+          "desc": "Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to automount devices.\n\n    Check to see if automounter service is active with the following command:\n\n    Note: If the autofs service is not installed, this requirement is not\napplicable.\n\n    $ sudo systemctl status autofs\n\n    autofs.service - Automounts filesystems on demand\n    Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)\n    Active: inactive (dead)\n\n    If the \"autofs\" status is set to \"active\" and is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to automount devices.\n\n    Turn off the automount service with the following commands:\n\n    $ sudo systemctl stop autofs\n    $ sudo systemctl disable autofs\n\n    If \"autofs\" is required for Network File System (NFS), it must be\ndocumented with the ISSO."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000114-GPOS-00059",
+            "gid": "V-230502",
+            "rid": "SV-230502r627750_rule",
+            "stig_id": "RHEL-08-040070",
+            "fix_id": "F-33146r568253_fix",
+            "cci": [
+              "CCI-000778"
+            ],
+            "nist": [
+              "IA-3"
+            ]
+          },
+          "code": "control 'SV-230502' do\n  title 'The RHEL 8 file system automounter must be disabled unless required.'\n  desc 'Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity.'\n  desc 'check', 'Verify the operating system disables the ability to automount devices.\n\n    Check to see if automounter service is active with the following command:\n\n    Note: If the autofs service is not installed, this requirement is not\napplicable.\n\n    $ sudo systemctl status autofs\n\n    autofs.service - Automounts filesystems on demand\n    Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)\n    Active: inactive (dead)\n\n    If the \"autofs\" status is set to \"active\" and is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to automount devices.\n\n    Turn off the automount service with the following commands:\n\n    $ sudo systemctl stop autofs\n    $ sudo systemctl disable autofs\n\n    If \"autofs\" is required for Network File System (NFS), it must be\ndocumented with the ISSO.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000114-GPOS-00059'\n  tag gid: 'V-230502'\n  tag rid: 'SV-230502r627750_rule'\n  tag stig_id: 'RHEL-08-040070'\n  tag fix_id: 'F-33146r568253_fix'\n  tag cci: ['CCI-000778']\n  tag nist: ['IA-3']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('autofs').installed?\n    describe systemd_service('autofs.service') do\n      it { should_not be_running }\n      it { should_not be_enabled }\n      it { should_not be_installed }\n    end\n  else\n    impact 0.0\n    describe 'The autofs service is not installed' do\n      skip 'The autofs service is not installed, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230502.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The autofs service is not installed",
+              "run_time": 1.5e-05,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "resource": "",
+              "skip_message": "The autofs service is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The autofs service is not installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230503",
+          "title": "RHEL 8 must be configured to disable USB mass storage.",
+          "desc": "USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the ability to load the USB Storage kernel module.\n\n$ sudo grep -r usb-storage /etc/modprobe.d/* | grep -i \"/bin/true\"\n\ninstall usb-storage /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of USB Storage is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use USB mass storage devices.\n\nCheck to see if USB mass storage is disabled with the following command:\n\n$ sudo grep usb-storage /etc/modprobe.d/* | grep -i \"blacklist\"\n\nblacklist usb-storage\n\nIf the command does not return any output or the output is not \"blacklist usb-storage\" and use of USB storage devices is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the ability to use the USB Storage kernel module and the ability to use USB mass storage devices.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall usb-storage /bin/true\nblacklist usb-storage\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000114-GPOS-00059",
+            "satisfies": [
+              "SRG-OS-000114-GPOS-00059",
+              "SRG-OS-000378-GPOS-00163"
+            ],
+            "gid": "V-230503",
+            "rid": "SV-230503r809319_rule",
+            "stig_id": "RHEL-08-040080",
+            "fix_id": "F-33147r809318_fix",
+            "cci": [
+              "CCI-000778"
+            ],
+            "nist": [
+              "IA-3"
+            ]
+          },
+          "code": "control 'SV-230503' do\n  title 'RHEL 8 must be configured to disable USB mass storage.'\n  desc 'USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity.'\n  desc 'check', 'Verify the operating system disables the ability to load the USB Storage kernel module.\n\n$ sudo grep -r usb-storage /etc/modprobe.d/* | grep -i \"/bin/true\"\n\ninstall usb-storage /bin/true\n\nIf the command does not return any output, or the line is commented out, and use of USB Storage is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nVerify the operating system disables the ability to use USB mass storage devices.\n\nCheck to see if USB mass storage is disabled with the following command:\n\n$ sudo grep usb-storage /etc/modprobe.d/* | grep -i \"blacklist\"\n\nblacklist usb-storage\n\nIf the command does not return any output or the output is not \"blacklist usb-storage\" and use of USB storage devices is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the ability to use the USB Storage kernel module and the ability to use USB mass storage devices.\n\nAdd or update the following lines in the file \"/etc/modprobe.d/blacklist.conf\":\n\ninstall usb-storage /bin/true\nblacklist usb-storage\n\nReboot the system for the settings to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000114-GPOS-00059'\n  tag satisfies: ['SRG-OS-000114-GPOS-00059', 'SRG-OS-000378-GPOS-00163']\n  tag gid: 'V-230503'\n  tag rid: 'SV-230503r809319_rule'\n  tag stig_id: 'RHEL-08-040080'\n  tag fix_id: 'F-33147r809318_fix'\n  tag cci: ['CCI-000778']\n  tag nist: ['IA-3']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_module('usb_storage') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230503.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module usb_storage is expected to be disabled",
+              "run_time": 0.008701,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module usb_storage.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"usb_storage\"]",
+              "resource_id": "usb_storage"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module usb_storage is expected to be blacklisted",
+              "run_time": 0.008052,
+              "start_time": "2024-01-09T19:40:57-05:00",
+              "message": "expected `Kernel Module usb_storage.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"usb_storage\"]",
+              "resource_id": "usb_storage"
+            }
+          ]
+        },
+        {
+          "id": "SV-230504",
+          "title": "A RHEL 8 firewall must employ a deny-all, allow-by-exception policy\nfor allowing connections to other systems.",
+          "desc": "Failure to restrict network connectivity only to authorized systems\npermits inbound connections from malicious systems. It also permits outbound\nconnections that may facilitate exfiltration of DoD data.\n\n    RHEL 8 incorporates the \"firewalld\" daemon, which allows for many\ndifferent configurations. One of these configurations is zones. Zones can be\nutilized to a deny-all, allow-by-exception approach. The default \"drop\" zone\nwill drop all incoming network packets unless it is explicitly allowed by the\nconfiguration file or is related to an outgoing network connection.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Failure to restrict network connectivity only to authorized systems\npermits inbound connections from malicious systems. It also permits outbound\nconnections that may facilitate exfiltration of DoD data.\n\n    RHEL 8 incorporates the \"firewalld\" daemon, which allows for many\ndifferent configurations. One of these configurations is zones. Zones can be\nutilized to a deny-all, allow-by-exception approach. The default \"drop\" zone\nwill drop all incoming network packets unless it is explicitly allowed by the\nconfiguration file or is related to an outgoing network connection."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"firewalld\" is configured to employ a deny-all, allow-by-exception\npolicy for allowing connections to other systems with the following commands:\n\n    $ sudo  firewall-cmd --state\n\n    running\n\n    $ sudo firewall-cmd --get-active-zones\n\n    [custom]\n       interfaces: ens33\n\n    $ sudo firewall-cmd --info-zone=[custom] | grep target\n\n       target: DROP\n\n    If no zones are active on the RHEL 8 interfaces or if the target is set to\na different option other than \"DROP\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"firewalld\" daemon to employ a deny-all, allow-by-exception with the following commands:\n\n$ sudo firewall-cmd --permanent --new-zone=[custom]\n\n$ sudo cp /usr/lib/firewalld/zones/drop.xml /etc/firewalld/zones/[custom].xml\n\nThis will provide a clean configuration file to work with that employs a deny-all approach. Note: Add the exceptions that are required for mission functionality and update the short title in the xml file to match the [custom] zone name.\n\nReload the firewall rules to make the new [custom] zone available to load:\n$ sudo firewall-cmd --reload\n\nSet the default zone to the new [custom] zone:\n$ sudo firewall-cmd --set-default-zone=[custom]\n\nNote: This is a runtime and permanent change.\nAdd any interfaces to the new [custom] zone:\n$ sudo firewall-cmd --permanent --zone=[custom] --change-interface=ens33\n\nReload the firewall rules for changes to take effect:\n$ sudo firewall-cmd --reload"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000297-GPOS-00115",
+            "gid": "V-230504",
+            "rid": "SV-230504r854047_rule",
+            "stig_id": "RHEL-08-040090",
+            "fix_id": "F-33148r809320_fix",
+            "cci": [
+              "CCI-002314"
+            ],
+            "legacy": [],
+            "nist": [
+              "AC-17 (1)"
+            ]
+          },
+          "code": "control 'SV-230504' do\n  title 'A RHEL 8 firewall must employ a deny-all, allow-by-exception policy\nfor allowing connections to other systems.'\n  desc 'Failure to restrict network connectivity only to authorized systems\npermits inbound connections from malicious systems. It also permits outbound\nconnections that may facilitate exfiltration of DoD data.\n\n    RHEL 8 incorporates the \"firewalld\" daemon, which allows for many\ndifferent configurations. One of these configurations is zones. Zones can be\nutilized to a deny-all, allow-by-exception approach. The default \"drop\" zone\nwill drop all incoming network packets unless it is explicitly allowed by the\nconfiguration file or is related to an outgoing network connection.'\n  desc 'check', 'Verify \"firewalld\" is configured to employ a deny-all, allow-by-exception\npolicy for allowing connections to other systems with the following commands:\n\n    $ sudo  firewall-cmd --state\n\n    running\n\n    $ sudo firewall-cmd --get-active-zones\n\n    [custom]\n       interfaces: ens33\n\n    $ sudo firewall-cmd --info-zone=[custom] | grep target\n\n       target: DROP\n\n    If no zones are active on the RHEL 8 interfaces or if the target is set to\na different option other than \"DROP\", this is a finding.'\n  desc 'fix', 'Configure the \"firewalld\" daemon to employ a deny-all, allow-by-exception with the following commands:\n\n$ sudo firewall-cmd --permanent --new-zone=[custom]\n\n$ sudo cp /usr/lib/firewalld/zones/drop.xml /etc/firewalld/zones/[custom].xml\n\nThis will provide a clean configuration file to work with that employs a deny-all approach. Note: Add the exceptions that are required for mission functionality and update the short title in the xml file to match the [custom] zone name.\n\nReload the firewall rules to make the new [custom] zone available to load:\n$ sudo firewall-cmd --reload\n\nSet the default zone to the new [custom] zone:\n$ sudo firewall-cmd --set-default-zone=[custom]\n\nNote: This is a runtime and permanent change.\nAdd any interfaces to the new [custom] zone:\n$ sudo firewall-cmd --permanent --zone=[custom] --change-interface=ens33\n\nReload the firewall rules for changes to take effect:\n$ sudo firewall-cmd --reload'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000297-GPOS-00115'\n  tag gid: 'V-230504'\n  tag rid: 'SV-230504r854047_rule'\n  tag stig_id: 'RHEL-08-040090'\n  tag fix_id: 'F-33148r809320_fix'\n  tag cci: ['CCI-002314']\n  tag legacy: []\n  tag nist: ['AC-17 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe firewalld do\n      it { should be_running }\n    end\n\n    describe firewalld.zone do\n      it { should_not be_empty }\n    end\n\n    firewalld.zone.each do |zone|\n      describe \"Firewall zone \\'#{zone}\\' target\" do\n        subject { firewalld.zone(zone).target }\n        it { should cmp 'DROP' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230504.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules is expected to be running",
+              "run_time": 0.000242,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected that `Firewall Rules` is running",
+              "resource_class": "firewalld",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "[\"Error on command firewall-cmd --get-active-zones: FirewallD is not running\"] is expected not to be empty",
+              "run_time": 0.003892,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Firewall zone 'Error on command firewall-cmd --get-active-zones: FirewallD is not running' target is expected to cmp == \"DROP\"",
+              "run_time": 0.000468,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "\nexpected: DROP\n     got: [\"Error on command firewall-cmd --permanent --zone=Error on command firewall-cmd --get-active-zones: FirewallD is not running --get-target: usage: see firewall-cmd man page\\nfirewall-cmd: error: unrecognized arguments: on command firewall-cmd --get-active-zones: FirewallD is not running\"]\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Firewall zone 'Error on command firewall-cmd --get-active-zones: FirewallD is not running' target"
+            }
+          ]
+        },
+        {
+          "id": "SV-230505",
+          "title": "A firewall must be installed on RHEL 8.",
+          "desc": "\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets)."
+            },
+            {
+              "label": "check",
+              "data": "Verify that \"firewalld\" is installed with the following commands:\n\n    $ sudo yum list installed firewalld\n\n    firewalld.noarch     0.7.0-5.el8\n\n    If the \"firewalld\" package is not installed, ask the System Administrator\nif another firewall is installed. If no firewall is installed this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install \"firewalld\" with the following command:\n\n$ sudo yum install firewalld.noarch"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000297-GPOS-00115",
+            "gid": "V-230505",
+            "rid": "SV-230505r854048_rule",
+            "stig_id": "RHEL-08-040100",
+            "fix_id": "F-33149r744019_fix",
+            "cci": [
+              "CCI-002314"
+            ],
+            "nist": [
+              "AC-17 (1)"
+            ]
+          },
+          "code": "control 'SV-230505' do\n  title 'A firewall must be installed on RHEL 8.'\n  desc '\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).'\n  desc 'check', 'Verify that \"firewalld\" is installed with the following commands:\n\n    $ sudo yum list installed firewalld\n\n    firewalld.noarch     0.7.0-5.el8\n\n    If the \"firewalld\" package is not installed, ask the System Administrator\nif another firewall is installed. If no firewall is installed this is a finding.'\n  desc 'fix', 'Install \"firewalld\" with the following command:\n\n$ sudo yum install firewalld.noarch'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000297-GPOS-00115'\n  tag gid: 'V-230505'\n  tag rid: 'SV-230505r854048_rule'\n  tag stig_id: 'RHEL-08-040100'\n  tag fix_id: 'F-33149r744019_fix'\n  tag cci: ['CCI-002314']\n  tag nist: ['AC-17 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('firewalld') do\n      it { should be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230505.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package firewalld is expected to be installed",
+              "run_time": 0.1023,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"firewalld\"]",
+              "resource_id": "firewalld"
+            }
+          ]
+        },
+        {
+          "id": "SV-230506",
+          "title": "RHEL 8 wireless network adapters must be disabled.",
+          "desc": "Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required."
+            },
+            {
+              "label": "check",
+              "data": "Verify there are no wireless interfaces configured on the system with the\nfollowing command:\n\n    Note: This requirement is Not Applicable for systems that do not have\nphysical wireless network radios.\n\n    $ sudo nmcli device status\n\n    DEVICE                    TYPE            STATE\nCONNECTION\n    virbr0                      bridge         connected             virbr0\n    wlp7s0                    wifi              connected            wifiSSID\n    enp6s0                    ethernet     disconnected        --\n    p2p-dev-wlp7s0     wifi-p2p     disconnected        --\n    lo                             loopback    unmanaged           --\n    virbr0-nic                tun              unmanaged          --\n\n    If a wireless interface is configured and has not been documented and\napproved by the Information System Security Officer (ISSO), this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to disable all wireless network interfaces with the\nfollowing command:\n\n    $ sudo nmcli radio all off"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000299-GPOS-00117",
+            "satisfies": [
+              "SRG-OS-000299-GPOS-00117",
+              "SRG-OS-000300-GPOS-00118",
+              "SRG-OS-000481-GPOS-000481"
+            ],
+            "gid": "V-230506",
+            "rid": "SV-230506r627750_rule",
+            "stig_id": "RHEL-08-040110",
+            "fix_id": "F-33150r568265_fix",
+            "cci": [
+              "CCI-001444"
+            ],
+            "nist": [
+              "AC-18 (1)"
+            ]
+          },
+          "code": "control 'SV-230506' do\n  title 'RHEL 8 wireless network adapters must be disabled.'\n  desc 'Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.'\n  desc 'check', 'Verify there are no wireless interfaces configured on the system with the\nfollowing command:\n\n    Note: This requirement is Not Applicable for systems that do not have\nphysical wireless network radios.\n\n    $ sudo nmcli device status\n\n    DEVICE                    TYPE            STATE\nCONNECTION\n    virbr0                      bridge         connected             virbr0\n    wlp7s0                    wifi              connected            wifiSSID\n    enp6s0                    ethernet     disconnected        --\n    p2p-dev-wlp7s0     wifi-p2p     disconnected        --\n    lo                             loopback    unmanaged           --\n    virbr0-nic                tun              unmanaged          --\n\n    If a wireless interface is configured and has not been documented and\napproved by the Information System Security Officer (ISSO), this is a finding.'\n  desc 'fix', 'Configure the system to disable all wireless network interfaces with the\nfollowing command:\n\n    $ sudo nmcli radio all off'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000299-GPOS-00117'\n  tag satisfies: ['SRG-OS-000299-GPOS-00117', 'SRG-OS-000300-GPOS-00118', 'SRG-OS-000481-GPOS-000481']\n  tag gid: 'V-230506'\n  tag rid: 'SV-230506r627750_rule'\n  tag stig_id: 'RHEL-08-040110'\n  tag fix_id: 'F-33150r568265_fix'\n  tag cci: ['CCI-001444']\n  tag nist: ['AC-18 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('nmcli device') do\n      its('stdout.strip') { should_not match(/wifi\\s*connected/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230506.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `nmcli device` stdout.strip is expected not to match /wifi\\s*connected/",
+              "run_time": 0.186117,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"nmcli device\"]",
+              "resource_id": "Command: `nmcli device`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230507",
+          "title": "RHEL 8 Bluetooth must be disabled.",
+          "desc": "Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required."
+            },
+            {
+              "label": "check",
+              "data": "If the device or operating system does not have a Bluetooth adapter installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of Bluetooth is a local AO decision.\n\nDetermine if Bluetooth is disabled with the following command:\n\n$ sudo grep bluetooth /etc/modprobe.d/*\n\n/etc/modprobe.d/bluetooth.conf:install bluetooth /bin/true\n\nIf the Bluetooth driver blacklist entry is missing, a Bluetooth driver is determined to be in use, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the operating system disables the ability to use Bluetooth with the following command:\n\n$ sudo grep -r bluetooth /etc/modprobe.d | grep -i \"blacklist\" | grep -v \"^#\"\n\nblacklist bluetooth\n\nIf the command does not return any output or the output is not \"blacklist bluetooth\", and use of Bluetooth is not documented with the ISSO as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the Bluetooth adapter when not in use.\n\nBuild or modify the \"/etc/modprobe.d/bluetooth.conf\" file with the following line:\n\ninstall bluetooth /bin/true\n\nDisable the ability to use the Bluetooth kernel module.\n\n$ sudo vi /etc/modprobe.d/blacklist.conf\n\nAdd or update the line:\n\nblacklist bluetooth\n\nReboot the system for the settings to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000300-GPOS-00118",
+            "gid": "V-230507",
+            "rid": "SV-230507r833336_rule",
+            "stig_id": "RHEL-08-040111",
+            "fix_id": "F-33151r833335_fix",
+            "cci": [
+              "CCI-001443"
+            ],
+            "nist": [
+              "AC-18 (1)"
+            ]
+          },
+          "code": "control 'SV-230507' do\n  title 'RHEL 8 Bluetooth must be disabled.'\n  desc 'Without protection of communications with wireless peripherals,\nconfidentiality and integrity may be compromised because unprotected\ncommunications can be intercepted and either read, altered, or used to\ncompromise the RHEL 8 operating system.\n\n    This requirement applies to wireless peripheral technologies (e.g.,\nwireless mice, keyboards, displays, etc.) used with RHEL 8 systems. Wireless\nperipherals (e.g., Wi-Fi/Bluetooth/IR Keyboards, Mice, and Pointing Devices and\nNear Field Communications [NFC]) present a unique challenge by creating an\nopen, unsecured port on a computer. Wireless peripherals must meet DoD\nrequirements for wireless data transmission and be approved for use by the\nAuthorizing Official (AO). Even though some wireless peripherals, such as mice\nand pointing devices, do not ordinarily carry information that need to be\nprotected, modification of communications with these wireless peripherals may\nbe used to compromise the RHEL 8 operating system. Communication paths outside\nthe physical protection of a controlled boundary are exposed to the possibility\nof interception and modification.\n\n    Protecting the confidentiality and integrity of communications with\nwireless peripherals can be accomplished by physical means (e.g., employing\nphysical barriers to wireless radio frequencies) or by logical means (e.g.,\nemploying cryptographic techniques). If physical means of protection are\nemployed, then logical means (cryptography) do not have to be employed, and\nvice versa. If the wireless peripheral is only passing telemetry data,\nencryption of the data may not be required.'\n  desc 'check', 'If the device or operating system does not have a Bluetooth adapter installed, this requirement is not applicable.\n\nThis requirement is not applicable to mobile devices (smartphones and tablets), where the use of Bluetooth is a local AO decision.\n\nDetermine if Bluetooth is disabled with the following command:\n\n$ sudo grep bluetooth /etc/modprobe.d/*\n\n/etc/modprobe.d/bluetooth.conf:install bluetooth /bin/true\n\nIf the Bluetooth driver blacklist entry is missing, a Bluetooth driver is determined to be in use, and the collaborative computing device has not been authorized for use, this is a finding.\n\nVerify the operating system disables the ability to use Bluetooth with the following command:\n\n$ sudo grep -r bluetooth /etc/modprobe.d | grep -i \"blacklist\" | grep -v \"^#\"\n\nblacklist bluetooth\n\nIf the command does not return any output or the output is not \"blacklist bluetooth\", and use of Bluetooth is not documented with the ISSO as an operational requirement, this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the Bluetooth adapter when not in use.\n\nBuild or modify the \"/etc/modprobe.d/bluetooth.conf\" file with the following line:\n\ninstall bluetooth /bin/true\n\nDisable the ability to use the Bluetooth kernel module.\n\n$ sudo vi /etc/modprobe.d/blacklist.conf\n\nAdd or update the line:\n\nblacklist bluetooth\n\nReboot the system for the settings to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000300-GPOS-00118'\n  tag gid: 'V-230507'\n  tag rid: 'SV-230507r833336_rule'\n  tag stig_id: 'RHEL-08-040111'\n  tag fix_id: 'F-33151r833335_fix'\n  tag cci: ['CCI-001443']\n  tag nist: ['AC-18 (1)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('bluetooth_installed')\n    describe kernel_module('bluetooth') do\n      it { should be_disabled }\n      it { should be_blacklisted }\n    end\n  else\n    impact 0.0\n    describe 'Device or operating system does not have a Bluetooth adapter installed' do\n      skip 'If the device or operating system does not have a Bluetooth adapter installed, this requirement is not applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230507.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module bluetooth is expected to be disabled",
+              "run_time": 0.009446,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected `Kernel Module bluetooth.disabled?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"bluetooth\"]",
+              "resource_id": "bluetooth"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Kernel Module bluetooth is expected to be blacklisted",
+              "run_time": 0.009043,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected `Kernel Module bluetooth.blacklisted?` to be truthy, got false",
+              "resource_class": "kernel_module",
+              "resource_params": "[\"bluetooth\"]",
+              "resource_id": "bluetooth"
+            }
+          ]
+        },
+        {
+          "id": "SV-230508",
+          "title": "RHEL 8 must mount /dev/shm with the nodev option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/dev/shm\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\"option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /dev/shm\nis mounted without the \"nodev\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /dev/shm is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230508",
+            "rid": "SV-230508r854049_rule",
+            "stig_id": "RHEL-08-040120",
+            "fix_id": "F-33152r568271_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230508' do\n  title 'RHEL 8 must mount /dev/shm with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/dev/shm\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\"option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /dev/shm\nis mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /dev/shm is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230508'\n  tag rid: 'SV-230508r854049_rule'\n  tag stig_id: 'RHEL-08-040120'\n  tag fix_id: 'F-33152r568271_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  describe etc_fstab.where { mount_point == '/dev/shm' } do\n    its('mount_options.flatten') { should include 'nodev' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230508.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/dev/shm\" mount_options.flatten is expected to include \"nodev\"",
+              "run_time": 0.000268,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nodev\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230509",
+          "title": "RHEL 8 must mount /dev/shm with the nosuid option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/dev/shm\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/dev/shm is mounted without the \"nosuid\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /dev/shm is mounted with the  \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230509",
+            "rid": "SV-230509r854050_rule",
+            "stig_id": "RHEL-08-040121",
+            "fix_id": "F-33153r568274_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230509' do\n  title 'RHEL 8 must mount /dev/shm with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/dev/shm\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/dev/shm is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /dev/shm is mounted with the  \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230509'\n  tag rid: 'SV-230509r854050_rule'\n  tag stig_id: 'RHEL-08-040121'\n  tag fix_id: 'F-33153r568274_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  describe etc_fstab.where { mount_point == '/dev/shm' } do\n    its('mount_options.flatten') { should include 'nosuid' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230509.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/dev/shm\" mount_options.flatten is expected to include \"nosuid\"",
+              "run_time": 0.000122,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nosuid\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230510",
+          "title": "RHEL 8 must mount /dev/shm with the noexec option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/dev/shm\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" options is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/dev/shm is mounted without the \"noexec\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /dev/shm is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230510",
+            "rid": "SV-230510r854051_rule",
+            "stig_id": "RHEL-08-040122",
+            "fix_id": "F-33154r568277_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230510' do\n  title 'RHEL 8 must mount /dev/shm with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/dev/shm\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /dev/shm\n\n    tmpfs on /dev/shm type tmpfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" options is configured for /dev/shm:\n\n    $ sudo cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/dev/shm is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /dev/shm is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230510'\n  tag rid: 'SV-230510r854051_rule'\n  tag stig_id: 'RHEL-08-040122'\n  tag fix_id: 'F-33154r568277_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  describe etc_fstab.where { mount_point == '/dev/shm' } do\n    its('mount_options.flatten') { should include 'noexec' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230510.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/dev/shm\" mount_options.flatten is expected to include \"noexec\"",
+              "run_time": 0.00011,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"noexec\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230511",
+          "title": "RHEL 8 must mount /tmp with the nodev option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/tmp\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /tmp is\nmounted without the \"nodev\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /tmp is mounted with the \"nodev\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230511",
+            "rid": "SV-230511r854052_rule",
+            "stig_id": "RHEL-08-040123",
+            "fix_id": "F-33155r568280_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230511' do\n  title 'RHEL 8 must mount /tmp with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/tmp\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /tmp is\nmounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /tmp is mounted with the \"nodev\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230511'\n  tag rid: 'SV-230511r854052_rule'\n  tag stig_id: 'RHEL-08-040123'\n  tag fix_id: 'F-33155r568280_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('skip_mount_tmp')['nodev']\n    impact 0.0\n    describe 'The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.' do\n      skip 'The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230511.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.",
+              "run_time": 8.0e-06,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource": "",
+              "skip_message": "The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The requirement to add nodev to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization."
+            }
+          ]
+        },
+        {
+          "id": "SV-230512",
+          "title": "RHEL 8 must mount /tmp with the nosuid option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/tmp\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if /tmp is\nmounted without the \"nosuid\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /tmp is mounted with the \"nosuid\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230512",
+            "rid": "SV-230512r854053_rule",
+            "stig_id": "RHEL-08-040124",
+            "fix_id": "F-33156r568283_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230512' do\n  title 'RHEL 8 must mount /tmp with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/tmp\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if /tmp is\nmounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /tmp is mounted with the \"nosuid\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230512'\n  tag rid: 'SV-230512r854053_rule'\n  tag stig_id: 'RHEL-08-040124'\n  tag fix_id: 'F-33156r568283_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('skip_mount_tmp')['nosuid']\n    impact 0.0\n    describe 'The requirement to add nosuid to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.' do\n      skip 'The requirement to add nosuid to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230512.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The requirement to add nosuid to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization.",
+              "run_time": 4.0e-06,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource": "",
+              "skip_message": "The requirement to add nosuid to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The requirement to add nosuid to the /tmp mount is determined to be not applicable by agreement with the approval authority of the organization."
+            }
+          ]
+        },
+        {
+          "id": "SV-230513",
+          "title": "RHEL 8 must mount /tmp with the noexec option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/tmp\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if /tmp is\nmounted without the \"noexec\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /tmp is mounted with the \"noexec\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230513",
+            "rid": "SV-230513r854054_rule",
+            "stig_id": "RHEL-08-040125",
+            "fix_id": "F-33157r568286_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230513' do\n  title 'RHEL 8 must mount /tmp with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/tmp\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /tmp\n\n    /dev/mapper/rhel-tmp on /tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /tmp:\n\n    $ sudo cat /etc/fstab | grep /tmp\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if /tmp is\nmounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /tmp is mounted with the \"noexec\" option by\nadding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-tmp /tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230513'\n  tag rid: 'SV-230513r854054_rule'\n  tag stig_id: 'RHEL-08-040125'\n  tag fix_id: 'F-33157r568286_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('skip_mount_tmp')['noexec']\n    impact 0.0\n    describe 'The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.' do\n      skip 'The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230513.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.",
+              "run_time": 6.0e-06,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource": "",
+              "skip_message": "The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The requirement to add noexec to the /tmp mount is determined to be not applicable by by agreement with the approval authority of the organization."
+            }
+          ]
+        },
+        {
+          "id": "SV-230514",
+          "title": "RHEL 8 must mount /var/log with the nodev option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/log\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /var/log\nis mounted without the \"nodev\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/log is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230514",
+            "rid": "SV-230514r854055_rule",
+            "stig_id": "RHEL-08-040126",
+            "fix_id": "F-33158r568289_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230514' do\n  title 'RHEL 8 must mount /var/log with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if /var/log\nis mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log is mounted with the \"nodev\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230514'\n  tag rid: 'SV-230514r854055_rule'\n  tag stig_id: 'RHEL-08-040126'\n  tag fix_id: 'F-33158r568289_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230514.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log\" mount_options.flatten is expected to include \"nodev\"",
+              "run_time": 0.000115,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nodev\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230515",
+          "title": "RHEL 8 must mount /var/log with the nosuid option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/log\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log is mounted without the \"nosuid\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/log is mounted with the \"nosuid\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230515",
+            "rid": "SV-230515r854056_rule",
+            "stig_id": "RHEL-08-040127",
+            "fix_id": "F-33159r568292_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230515' do\n  title 'RHEL 8 must mount /var/log with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log is mounted with the \"nosuid\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230515'\n  tag rid: 'SV-230515r854056_rule'\n  tag stig_id: 'RHEL-08-040127'\n  tag fix_id: 'F-33159r568292_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230515.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log\" mount_options.flatten is expected to include \"nosuid\"",
+              "run_time": 0.000108,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nosuid\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230516",
+          "title": "RHEL 8 must mount /var/log with the noexec option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/log\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log is mounted without the \"noexec\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/log is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230516",
+            "rid": "SV-230516r854057_rule",
+            "stig_id": "RHEL-08-040128",
+            "fix_id": "F-33160r568295_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230516' do\n  title 'RHEL 8 must mount /var/log with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log\n\n    /dev/mapper/rhel-var-log on /var/log type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log:\n\n    $ sudo cat /etc/fstab | grep /var/log\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log is mounted with the \"noexec\" option\nby adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log /var/log xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230516'\n  tag rid: 'SV-230516r854057_rule'\n  tag stig_id: 'RHEL-08-040128'\n  tag fix_id: 'F-33160r568295_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230516.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log\" mount_options.flatten is expected to include \"noexec\"",
+              "run_time": 0.000105,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"noexec\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230517",
+          "title": "RHEL 8 must mount /var/log/audit with the nodev option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/log/audit\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if\n/var/log/audit is mounted without the \"nodev\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/log/audit is mounted with the \"nodev\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230517",
+            "rid": "SV-230517r854058_rule",
+            "stig_id": "RHEL-08-040129",
+            "fix_id": "F-33161r568298_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230517' do\n  title 'RHEL 8 must mount /var/log/audit with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log/audit\" is mounted with the \"nodev\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nodev\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nodev\" option is missing, or if\n/var/log/audit is mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log/audit is mounted with the \"nodev\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230517'\n  tag rid: 'SV-230517r854058_rule'\n  tag stig_id: 'RHEL-08-040129'\n  tag fix_id: 'F-33161r568298_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log/audit' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230517.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log/audit\" mount_options.flatten is expected to include \"nodev\"",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nodev\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230518",
+          "title": "RHEL 8 must mount /var/log/audit with the nosuid option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/log/audit\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log/audit is mounted without the \"nosuid\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/log/audit is mounted with the \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230518",
+            "rid": "SV-230518r854059_rule",
+            "stig_id": "RHEL-08-040130",
+            "fix_id": "F-33162r568301_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230518' do\n  title 'RHEL 8 must mount /var/log/audit with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log/audit\" is mounted with the \"nosuid\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"nosuid\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"nosuid\" option is missing, or if\n/var/log/audit is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log/audit is mounted with the \"nosuid\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230518'\n  tag rid: 'SV-230518r854059_rule'\n  tag stig_id: 'RHEL-08-040130'\n  tag fix_id: 'F-33162r568301_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log/audit' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230518.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log/audit\" mount_options.flatten is expected to include \"nosuid\"",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nosuid\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230519",
+          "title": "RHEL 8 must mount /var/log/audit with the noexec option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/log/audit\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log/audit is mounted without the \"noexec\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/log/audit is mounted with the \"noexec\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230519",
+            "rid": "SV-230519r854060_rule",
+            "stig_id": "RHEL-08-040131",
+            "fix_id": "F-33163r568304_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230519' do\n  title 'RHEL 8 must mount /var/log/audit with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/log/audit\" is mounted with the \"noexec\" option:\n\n    $ sudo mount | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit on /var/log/audit type xfs\n(rw,nodev,nosuid,noexec,seclabel)\n\n    Verify that the \"noexec\" option is configured for /var/log/audit:\n\n    $ sudo cat /etc/fstab | grep /var/log/audit\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0\n\n    If results are returned and the \"noexec\" option is missing, or if\n/var/log/audit is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/log/audit is mounted with the \"noexec\"\noption by adding /modifying the /etc/fstab with the following line:\n\n    /dev/mapper/rhel-var-log-audit /var/log/audit xfs\ndefaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230519'\n  tag rid: 'SV-230519r854060_rule'\n  tag stig_id: 'RHEL-08-040131'\n  tag fix_id: 'F-33163r568304_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/log/audit' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230519.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/log/audit\" mount_options.flatten is expected to include \"noexec\"",
+              "run_time": 0.000105,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"noexec\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230520",
+          "title": "RHEL 8 must mount /var/tmp with the nodev option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/tmp\" is mounted with the \"nodev\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nodev\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nodev\" option is missing, or if /var/tmp is mounted without the \"nodev\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/tmp is mounted with the \"nodev\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230520",
+            "rid": "SV-230520r854061_rule",
+            "stig_id": "RHEL-08-040132",
+            "fix_id": "F-33164r792926_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230520' do\n  title 'RHEL 8 must mount /var/tmp with the nodev option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/tmp\" is mounted with the \"nodev\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nodev\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nodev\" option is missing, or if /var/tmp is mounted without the \"nodev\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/tmp is mounted with the \"nodev\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230520'\n  tag rid: 'SV-230520r854061_rule'\n  tag stig_id: 'RHEL-08-040132'\n  tag fix_id: 'F-33164r792926_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/tmp' } do\n      its('mount_options.flatten') { should include 'nodev' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230520.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/tmp\" mount_options.flatten is expected to include \"nodev\"",
+              "run_time": 0.000101,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nodev\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230521",
+          "title": "RHEL 8 must mount /var/tmp with the nosuid option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/tmp\" is mounted with the \"nosuid\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nosuid\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nosuid\" option is missing, or if /var/tmp is mounted without the \"nosuid\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/tmp is mounted with the \"nosuid\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230521",
+            "rid": "SV-230521r854062_rule",
+            "stig_id": "RHEL-08-040133",
+            "fix_id": "F-33165r792929_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230521' do\n  title 'RHEL 8 must mount /var/tmp with the nosuid option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/tmp\" is mounted with the \"nosuid\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"nosuid\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"nosuid\" option is missing, or if /var/tmp is mounted without the \"nosuid\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/tmp is mounted with the \"nosuid\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230521'\n  tag rid: 'SV-230521r854062_rule'\n  tag stig_id: 'RHEL-08-040133'\n  tag fix_id: 'F-33165r792929_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/tmp' } do\n      its('mount_options.flatten') { should include 'nosuid' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230521.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/tmp\" mount_options.flatten is expected to include \"nosuid\"",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"nosuid\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230522",
+          "title": "RHEL 8 must mount /var/tmp with the noexec option.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"/var/tmp\" is mounted with the \"noexec\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"noexec\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"noexec\" option is missing, or if /var/tmp is mounted without the \"noexec\" option, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system so that /var/tmp is mounted with the \"noexec\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "gid": "V-230522",
+            "rid": "SV-230522r854063_rule",
+            "stig_id": "RHEL-08-040134",
+            "fix_id": "F-33166r792932_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230522' do\n  title 'RHEL 8 must mount /var/tmp with the noexec option.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    The \"noexec\" mount option causes the system to not execute binary files.\nThis option must be used for mounting any file system not containing approved\nbinary files, as they may be incompatible. Executing files from untrusted file\nsystems increases the opportunity for unprivileged users to attain unauthorized\nadministrative access.\n\n    The \"nodev\" mount option causes the system to not interpret character or\nblock special devices. Executing character or block special devices from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\n\n    The \"nosuid\" mount option causes the system to not execute \"setuid\" and\n\"setgid\" files with owner privileges. This option must be used for mounting\nany file system not containing approved \"setuid\" and \"setguid\" files.\nExecuting files from untrusted file systems increases the opportunity for\nunprivileged users to attain unauthorized administrative access.'\n  desc 'check', 'Verify \"/var/tmp\" is mounted with the \"noexec\" option:\n\n$ sudo mount | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp on /var/tmp type xfs (rw,nodev,nosuid,noexec,seclabel)\n\nVerify that the \"noexec\" option is configured for /var/tmp:\n\n$ sudo cat /etc/fstab | grep /var/tmp\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0\n\nIf results are returned and the \"noexec\" option is missing, or if /var/tmp is mounted without the \"noexec\" option, this is a finding.'\n  desc 'fix', 'Configure the system so that /var/tmp is mounted with the \"noexec\" option by adding /modifying the /etc/fstab with the following line:\n\n/dev/mapper/rhel-var-tmp /var/tmp xfs defaults,nodev,nosuid,noexec 0 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag gid: 'V-230522'\n  tag rid: 'SV-230522r854063_rule'\n  tag stig_id: 'RHEL-08-040134'\n  tag fix_id: 'F-33166r792932_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe etc_fstab.where { mount_point == '/var/tmp' } do\n      its('mount_options.flatten') { should include 'noexec' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230522.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/tmp\" mount_options.flatten is expected to include \"noexec\"",
+              "run_time": 0.000104,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected [] to include \"noexec\"",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230523",
+          "title": "The RHEL 8 fapolicy module must be installed.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers."
+            },
+            {
+              "label": "check",
+              "data": "Verify the RHEL 8 \"fapolicyd\" is installed.\n\nCheck that \"fapolicyd\" is installed with the following command:\n\n$ sudo yum list installed fapolicyd\n\nInstalled Packages\nfapolicyd.x86_64\n\nIf fapolicyd is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install \"fapolicyd\" with the following command:\n\n$ sudo yum install fapolicyd.x86_64"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "satisfies": [
+              "SRG-OS-000368-GPOS-00154",
+              "SRG-OS-000370-GPOS-00155",
+              "SRG-OS-000480-GPOS-00232"
+            ],
+            "gid": "V-230523",
+            "rid": "SV-230523r854064_rule",
+            "stig_id": "RHEL-08-040135",
+            "fix_id": "F-33167r744022_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-230523' do\n  title 'The RHEL 8 fapolicy module must be installed.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.'\n  desc 'check', 'Verify the RHEL 8 \"fapolicyd\" is installed.\n\nCheck that \"fapolicyd\" is installed with the following command:\n\n$ sudo yum list installed fapolicyd\n\nInstalled Packages\nfapolicyd.x86_64\n\nIf fapolicyd is not installed, this is a finding.'\n  desc 'fix', 'Install \"fapolicyd\" with the following command:\n\n$ sudo yum install fapolicyd.x86_64'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag satisfies: ['SRG-OS-000368-GPOS-00154', 'SRG-OS-000370-GPOS-00155', 'SRG-OS-000480-GPOS-00232']\n  tag gid: 'V-230523'\n  tag rid: 'SV-230523r854064_rule'\n  tag stig_id: 'RHEL-08-040135'\n  tag fix_id: 'F-33167r744022_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  if !input('use_fapolicyd')\n    impact 0.0\n    describe 'The organization is not using the Fapolicyd service to manage firewall servies, this control is Not Applicable' do\n      skip 'The organization is not using the Fapolicyd service to manage firewall servies, this control is Not Applicable'\n    end\n  elsif virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('fapolicyd') do\n      it { should be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230523.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System Package fapolicyd is expected to be installed",
+              "run_time": 0.168746,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected that `System Package fapolicyd` is installed",
+              "resource_class": "package",
+              "resource_params": "[\"fapolicyd\"]",
+              "resource_id": "fapolicyd"
+            }
+          ]
+        },
+        {
+          "id": "SV-230524",
+          "title": "RHEL 8 must block unauthorized peripherals before establishing a\nconnection.",
+          "desc": "Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices."
+            },
+            {
+              "label": "check",
+              "data": "Verify the USBGuard has a policy configured with the following command:\n\n    $ sudo usbguard list-rules\n\n    If the command does not return results or an error is returned, ask the SA\nto indicate how unauthorized peripherals are being blocked.\n\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable the blocking of unauthorized\nperipherals with the following command:\n    This command must be run from a root shell and will create an allow list\nfor any usb devices currently connect to the system.\n\n    # usbguard generate-policy > /etc/usbguard/rules.conf\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000378-GPOS-00163",
+            "gid": "V-230524",
+            "rid": "SV-230524r854065_rule",
+            "stig_id": "RHEL-08-040140",
+            "fix_id": "F-33168r744025_fix",
+            "cci": [
+              "CCI-001958"
+            ],
+            "nist": [
+              "IA-3"
+            ]
+          },
+          "code": "control 'SV-230524' do\n  title 'RHEL 8 must block unauthorized peripherals before establishing a\nconnection.'\n  desc 'Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.'\n  desc 'check', 'Verify the USBGuard has a policy configured with the following command:\n\n    $ sudo usbguard list-rules\n\n    If the command does not return results or an error is returned, ask the SA\nto indicate how unauthorized peripherals are being blocked.\n\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable the blocking of unauthorized\nperipherals with the following command:\n    This command must be run from a root shell and will create an allow list\nfor any usb devices currently connect to the system.\n\n    # usbguard generate-policy > /etc/usbguard/rules.conf\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000378-GPOS-00163'\n  tag gid: 'V-230524'\n  tag rid: 'SV-230524r854065_rule'\n  tag stig_id: 'RHEL-08-040140'\n  tag fix_id: 'F-33168r744025_fix'\n  tag cci: ['CCI-001958']\n  tag nist: ['IA-3']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('usbguard list-rules') do\n      its('stdout') { should_not be_empty }\n      its('exit_status') { should eq 0 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230524.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Command: `usbguard list-rules` stdout is expected not to be empty",
+              "run_time": 0.10905,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "expected `\"\".empty?` to be falsey, got true",
+              "resource_class": "command",
+              "resource_params": "[\"usbguard list-rules\"]",
+              "resource_id": "Command: `usbguard list-rules`"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Command: `usbguard list-rules` exit_status is expected to eq 0",
+              "run_time": 9.8e-05,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "message": "\nexpected: 0\n     got: 1\n\n(compared using ==)\n",
+              "resource_class": "command",
+              "resource_params": "[\"usbguard list-rules\"]",
+              "resource_id": "Command: `usbguard list-rules`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230525",
+          "title": "A firewall must be able to protect against or limit the effects of\nDenial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting\nmeasures on impacted network interfaces.",
+          "desc": "DoS is a condition when a resource is not available for legitimate\nusers. When this occurs, the organization either cannot accomplish its mission\nor must operate at degraded capacity.\n\n    This requirement addresses the configuration of RHEL 8 to mitigate the\nimpact of DoS attacks that have occurred or are ongoing on system availability.\nFor each system, known and potential DoS attacks must be identified and\nsolutions for each type implemented. A variety of technologies exists to limit\nor, in some cases, eliminate the effects of DoS attacks (e.g., limiting\nprocesses or establishing memory partitions). Employing increased capacity and\nbandwidth, combined with service redundancy, may reduce the susceptibility to\nsome DoS attacks.\n\n    Since version 0.6.0, \"firewalld\" has incorporated \"nftables\" as its\nbackend support. Utilizing the limit statement in \"nftables\" can help to\nmitigate DoS attacks.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "DoS is a condition when a resource is not available for legitimate\nusers. When this occurs, the organization either cannot accomplish its mission\nor must operate at degraded capacity.\n\n    This requirement addresses the configuration of RHEL 8 to mitigate the\nimpact of DoS attacks that have occurred or are ongoing on system availability.\nFor each system, known and potential DoS attacks must be identified and\nsolutions for each type implemented. A variety of technologies exists to limit\nor, in some cases, eliminate the effects of DoS attacks (e.g., limiting\nprocesses or establishing memory partitions). Employing increased capacity and\nbandwidth, combined with service redundancy, may reduce the susceptibility to\nsome DoS attacks.\n\n    Since version 0.6.0, \"firewalld\" has incorporated \"nftables\" as its\nbackend support. Utilizing the limit statement in \"nftables\" can help to\nmitigate DoS attacks."
+            },
+            {
+              "label": "check",
+              "data": "Verify \"nftables\" is configured to allow rate limits on any connection to\nthe system with the following command:\n\n    Verify \"firewalld\" has \"nftables\" set as the default backend:\n\n    $ sudo grep -i firewallbackend /etc/firewalld/firewalld.conf\n\n    # FirewallBackend\n    FirewallBackend=nftables\n\n    If the \"nftables\" is not set as the \"firewallbackend\" default, this is\na finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure \"nftables\" to be the default \"firewallbackend\" for \"firewalld\" by adding or editing the following line in \"/etc/firewalld/firewalld.conf\":\n\nFirewallBackend=nftables\n\nEstablish rate-limiting rules based on organization-defined types of DoS attacks on impacted network interfaces."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000420-GPOS-00186",
+            "gid": "V-230525",
+            "rid": "SV-230525r902735_rule",
+            "stig_id": "RHEL-08-040150",
+            "fix_id": "F-33169r902734_fix",
+            "cci": [
+              "CCI-002385"
+            ],
+            "nist": [
+              "SC-5",
+              "SC-5 a"
+            ]
+          },
+          "code": "control 'SV-230525' do\n  title 'A firewall must be able to protect against or limit the effects of\nDenial of Service (DoS) attacks by ensuring RHEL 8 can implement rate-limiting\nmeasures on impacted network interfaces.'\n  desc 'DoS is a condition when a resource is not available for legitimate\nusers. When this occurs, the organization either cannot accomplish its mission\nor must operate at degraded capacity.\n\n    This requirement addresses the configuration of RHEL 8 to mitigate the\nimpact of DoS attacks that have occurred or are ongoing on system availability.\nFor each system, known and potential DoS attacks must be identified and\nsolutions for each type implemented. A variety of technologies exists to limit\nor, in some cases, eliminate the effects of DoS attacks (e.g., limiting\nprocesses or establishing memory partitions). Employing increased capacity and\nbandwidth, combined with service redundancy, may reduce the susceptibility to\nsome DoS attacks.\n\n    Since version 0.6.0, \"firewalld\" has incorporated \"nftables\" as its\nbackend support. Utilizing the limit statement in \"nftables\" can help to\nmitigate DoS attacks.'\n  desc 'check', 'Verify \"nftables\" is configured to allow rate limits on any connection to\nthe system with the following command:\n\n    Verify \"firewalld\" has \"nftables\" set as the default backend:\n\n    $ sudo grep -i firewallbackend /etc/firewalld/firewalld.conf\n\n    # FirewallBackend\n    FirewallBackend=nftables\n\n    If the \"nftables\" is not set as the \"firewallbackend\" default, this is\na finding.'\n  desc 'fix', 'Configure \"nftables\" to be the default \"firewallbackend\" for \"firewalld\" by adding or editing the following line in \"/etc/firewalld/firewalld.conf\":\n\nFirewallBackend=nftables\n\nEstablish rate-limiting rules based on organization-defined types of DoS attacks on impacted network interfaces.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000420-GPOS-00186'\n  tag gid: 'V-230525'\n  tag rid: 'SV-230525r902735_rule'\n  tag stig_id: 'RHEL-08-040150'\n  tag fix_id: 'F-33169r902734_fix'\n  tag cci: ['CCI-002385']\n  tag nist: ['SC-5', 'SC-5 a']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/firewalld/firewalld.conf') do\n      its('FirewallBackend') { should eq 'nftables' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230525.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/firewalld/firewalld.conf FirewallBackend is expected to eq \"nftables\"",
+              "run_time": 4.9e-05,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/firewalld/firewalld.conf\"]",
+              "resource_id": "/etc/firewalld/firewalld.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230526",
+          "title": "All RHEL 8 networked systems must have and implement SSH to protect\nthe confidentiality and integrity of transmitted and received information, as\nwell as information during preparation for transmission.",
+          "desc": "Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa."
+            },
+            {
+              "label": "check",
+              "data": "Verify SSH is loaded and active with the following command:\n\n    $ sudo systemctl status sshd\n\n    sshd.service - OpenSSH server daemon\n    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)\n    Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days\nago\n    Main PID: 1348 (sshd)\n    CGroup: /system.slice/sshd.service\n    1053 /usr/sbin/sshd -D\n\n    If \"sshd\" does not show a status of \"active\" and \"running\", this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSH service to automatically start after reboot with the\nfollowing command:\n\n    $ sudo systemctl enable sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-GPOS-00187",
+            "satisfies": [
+              "SRG-OS-000423-GPOS-00187",
+              "SRG-OS-000424-GPOS-00188",
+              "SRG-OS-000425-GPOS-00189",
+              "SRG-OS-000426-GPOS-00190"
+            ],
+            "gid": "V-230526",
+            "rid": "SV-230526r916422_rule",
+            "stig_id": "RHEL-08-040160",
+            "fix_id": "F-33170r744031_fix",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'SV-230526' do\n  title 'All RHEL 8 networked systems must have and implement SSH to protect\nthe confidentiality and integrity of transmitted and received information, as\nwell as information during preparation for transmission.'\n  desc 'Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.'\n  desc 'check', 'Verify SSH is loaded and active with the following command:\n\n    $ sudo systemctl status sshd\n\n    sshd.service - OpenSSH server daemon\n    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)\n    Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days\nago\n    Main PID: 1348 (sshd)\n    CGroup: /system.slice/sshd.service\n    1053 /usr/sbin/sshd -D\n\n    If \"sshd\" does not show a status of \"active\" and \"running\", this is a\nfinding.'\n  desc 'fix', 'Configure the SSH service to automatically start after reboot with the\nfollowing command:\n\n    $ sudo systemctl enable sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-GPOS-00187'\n  tag satisfies: ['SRG-OS-000423-GPOS-00187', 'SRG-OS-000424-GPOS-00188', 'SRG-OS-000425-GPOS-00189', 'SRG-OS-000426-GPOS-00190']\n  tag gid: 'V-230526'\n  tag rid: 'SV-230526r916422_rule'\n  tag stig_id: 'RHEL-08-040160'\n  tag fix_id: 'F-33170r744031_fix'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe systemd_service('sshd.service') do\n      it { should be_running }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230526.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Service sshd.service is expected to be running",
+              "run_time": 0.426598,
+              "start_time": "2024-01-09T19:40:58-05:00",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"sshd.service\"]",
+              "resource_id": "sshd.service"
+            }
+          ]
+        },
+        {
+          "id": "SV-230527",
+          "title": "RHEL 8 must force a frequent session key renegotiation for SSH\nconnections to the server.",
+          "desc": "Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n    Session key regeneration limits the chances of a session key becoming\ncompromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n    Session key regeneration limits the chances of a session key becoming\ncompromised."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH server is configured to force frequent session key renegotiation with the following command:\n\n$ sudo grep -ir RekeyLimit /etc/ssh/sshd_config*\n\nRekeyLimit 1G 1h\n\nIf \"RekeyLimit\" does not have a maximum data amount and maximum time defined, is missing or commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to force a frequent session key renegotiation for SSH\nconnections to the server by add or modifying the following line in the\n\"/etc/ssh/sshd_config\" file:\n\n    RekeyLimit 1G 1h\n\n    Restart the SSH daemon for the settings to take effect.\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000033-GPOS-00014",
+            "satisfies": [
+              "SRG-OS-000033-GPOS-00014",
+              "SRG-OS-000420-GPOS-00186",
+              "SRG-OS-000424-GPOS-00188"
+            ],
+            "gid": "V-230527",
+            "rid": "SV-230527r877398_rule",
+            "stig_id": "RHEL-08-040161",
+            "fix_id": "F-33171r568328_fix",
+            "cci": [
+              "CCI-000068"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ]
+          },
+          "code": "control 'SV-230527' do\n  title 'RHEL 8 must force a frequent session key renegotiation for SSH\nconnections to the server.'\n  desc 'Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n    Session key regeneration limits the chances of a session key becoming\ncompromised.'\n  desc 'check', 'Verify the SSH server is configured to force frequent session key renegotiation with the following command:\n\n$ sudo grep -ir RekeyLimit /etc/ssh/sshd_config*\n\nRekeyLimit 1G 1h\n\nIf \"RekeyLimit\" does not have a maximum data amount and maximum time defined, is missing or commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the system to force a frequent session key renegotiation for SSH\nconnections to the server by add or modifying the following line in the\n\"/etc/ssh/sshd_config\" file:\n\n    RekeyLimit 1G 1h\n\n    Restart the SSH daemon for the settings to take effect.\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000033-GPOS-00014'\n  tag satisfies: ['SRG-OS-000033-GPOS-00014', 'SRG-OS-000420-GPOS-00186', 'SRG-OS-000424-GPOS-00188']\n  tag gid: 'V-230527'\n  tag rid: 'SV-230527r877398_rule'\n  tag stig_id: 'RHEL-08-040161'\n  tag fix_id: 'F-33171r568328_fix'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('RekeyLimit') { should cmp '1G 1h' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230527.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration RekeyLimit is expected to cmp == \"1G 1h\"",
+              "run_time": 0.000355,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230529",
+          "title": "The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.",
+          "desc": "A locally logged-on user, who presses Ctrl-Alt-Delete when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A locally logged-on user, who presses Ctrl-Alt-Delete when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed with the following command:\n\n    $ sudo systemctl status ctrl-alt-del.target\n\n    ctrl-alt-del.target\n    Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\n    Active: inactive (dead)\n\n    If the \"ctrl-alt-del.target\" is loaded and not masked, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to disable the Ctrl-Alt-Delete sequence for the command line with the following commands:\n\n$ sudo systemctl disable ctrl-alt-del.target\n\n$ sudo systemctl mask ctrl-alt-del.target\n\nCreated symlink /etc/systemd/system/ctrl-alt-del.target -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230529",
+            "rid": "SV-230529r833338_rule",
+            "stig_id": "RHEL-08-040170",
+            "fix_id": "F-33173r833337_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230529' do\n  title 'The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 8.'\n  desc 'A locally logged-on user, who presses Ctrl-Alt-Delete when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.'\n  desc 'check', 'Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed with the following command:\n\n    $ sudo systemctl status ctrl-alt-del.target\n\n    ctrl-alt-del.target\n    Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\n    Active: inactive (dead)\n\n    If the \"ctrl-alt-del.target\" is loaded and not masked, this is a finding.'\n  desc 'fix', 'Configure the system to disable the Ctrl-Alt-Delete sequence for the command line with the following commands:\n\n$ sudo systemctl disable ctrl-alt-del.target\n\n$ sudo systemctl mask ctrl-alt-del.target\n\nCreated symlink /etc/systemd/system/ctrl-alt-del.target -> /dev/null\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230529'\n  tag rid: 'SV-230529r833338_rule'\n  tag stig_id: 'RHEL-08-040170'\n  tag fix_id: 'F-33173r833337_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  c = systemd_service('ctrl-alt-del.target')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe c do\n        its('params.LoadState') { should eq 'masked' }\n      end\n      describe c do\n        its('params.LoadState') { should eq 'not-found' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230529.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Service ctrl-alt-del.target params.LoadState is expected to eq \"masked\"",
+              "run_time": 0.000295,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "message": "\nexpected: \"masked\"\n     got: \"loaded\"\n\n(compared using ==)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"ctrl-alt-del.target\"]",
+              "resource_id": "ctrl-alt-del.target"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service ctrl-alt-del.target params.LoadState is expected to eq \"not-found\"",
+              "run_time": 0.000152,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "message": "\nexpected: \"not-found\"\n     got: \"loaded\"\n\n(compared using ==)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"ctrl-alt-del.target\"]",
+              "resource_id": "ctrl-alt-del.target"
+            }
+          ]
+        },
+        {
+          "id": "SV-230530",
+          "title": "The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a\ngraphical user interface is installed.",
+          "desc": "A locally logged-on user, who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A locally logged-on user, who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed when using a graphical user interface with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo grep logout /etc/dconf/db/local.d/*\n\n    logout=''\n\n    If the \"logout\" key is bound to an action, is commented out, or is\nmissing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to disable the Ctrl-Alt-Delete sequence when using a\ngraphical user interface by creating or editing the\n/etc/dconf/db/local.d/00-disable-CAD file.\n\n    Add the setting to disable the Ctrl-Alt-Delete sequence for a graphical\nuser interface:\n\n    [org/gnome/settings-daemon/plugins/media-keys]\n    logout=''\n\n    Note: The value above is set to two single quotations.\n\n    Then update the dconf settings:\n\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230530",
+            "rid": "SV-230530r646883_rule",
+            "stig_id": "RHEL-08-040171",
+            "fix_id": "F-33174r568337_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230530' do\n  title 'The x86 Ctrl-Alt-Delete key sequence in RHEL 8 must be disabled if a\ngraphical user interface is installed.'\n  desc 'A locally logged-on user, who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.'\n  desc 'check', %q(Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed when using a graphical user interface with the following command:\n\n    This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo grep logout /etc/dconf/db/local.d/*\n\n    logout=''\n\n    If the \"logout\" key is bound to an action, is commented out, or is\nmissing, this is a finding.)\n  desc 'fix', \"Configure the system to disable the Ctrl-Alt-Delete sequence when using a\ngraphical user interface by creating or editing the\n/etc/dconf/db/local.d/00-disable-CAD file.\n\n    Add the setting to disable the Ctrl-Alt-Delete sequence for a graphical\nuser interface:\n\n    [org/gnome/settings-daemon/plugins/media-keys]\n    logout=''\n\n    Note: The value above is set to two single quotations.\n\n    Then update the dconf settings:\n\n    $ sudo dconf update\"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230530'\n  tag rid: 'SV-230530r646883_rule'\n  tag stig_id: 'RHEL-08-040171'\n  tag fix_id: 'F-33174r568337_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif package('gnome-desktop3').installed?\n    describe command('grep logout /etc/dconf/db/local.d/*') do\n      its('stdout.strip') { should cmp \"logout=''\" }\n    end\n  else\n    impact 0.0\n    describe 'The system does not have GNOME installed' do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230530.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have GNOME installed",
+              "run_time": 4.0e-06,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource": "",
+              "skip_message": "The system does not have GNOME installed, this requirement is Not\n        Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have GNOME installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230531",
+          "title": "The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be\ndisabled.",
+          "desc": "A locally logged-on user who presses Ctrl-Alt-Delete when at the\nconsole can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A locally logged-on user who presses Ctrl-Alt-Delete when at the\nconsole can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed seven times within two seconds with the following command:\n\n    $ sudo grep -i ctrl /etc/systemd/system.conf\n\n    CtrlAltDelBurstAction=none\n\n    If the \"CtrlAltDelBurstAction\" is not set to \"none\", commented out, or\nis missing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to disable the CtrlAltDelBurstAction by added or\nmodifying the following line in the \"/etc/systemd/system.conf\" configuration\nfile:\n\n    CtrlAltDelBurstAction=none\n\n    Reload the daemon for this change to take effect.\n\n    $ sudo systemctl daemon-reload"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230531",
+            "rid": "SV-230531r627750_rule",
+            "stig_id": "RHEL-08-040172",
+            "fix_id": "F-33175r619890_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230531' do\n  title 'The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be\ndisabled.'\n  desc 'A locally logged-on user who presses Ctrl-Alt-Delete when at the\nconsole can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In a graphical user\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.'\n  desc 'check', 'Verify RHEL 8 is not configured to reboot the system when Ctrl-Alt-Delete\nis pressed seven times within two seconds with the following command:\n\n    $ sudo grep -i ctrl /etc/systemd/system.conf\n\n    CtrlAltDelBurstAction=none\n\n    If the \"CtrlAltDelBurstAction\" is not set to \"none\", commented out, or\nis missing, this is a finding.'\n  desc 'fix', 'Configure the system to disable the CtrlAltDelBurstAction by added or\nmodifying the following line in the \"/etc/systemd/system.conf\" configuration\nfile:\n\n    CtrlAltDelBurstAction=none\n\n    Reload the daemon for this change to take effect.\n\n    $ sudo systemctl daemon-reload'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230531'\n  tag rid: 'SV-230531r627750_rule'\n  tag stig_id: 'RHEL-08-040172'\n  tag fix_id: 'F-33175r619890_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe parse_config_file('/etc/systemd/system.conf') do\n      its('Manager') { should include('CtrlAltDelBurstAction' => 'none') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230531.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/systemd/system.conf Manager is expected to include {\"CtrlAltDelBurstAction\" => \"none\"}",
+              "run_time": 0.000265,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "message": "expected {\"DefaultLimitCORE\" => \"0:infinity\"} to include {\"CtrlAltDelBurstAction\" => \"none\"}",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/systemd/system.conf\"]",
+              "resource_id": "/etc/systemd/system.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-230532",
+          "title": "The debug-shell systemd service must be disabled on RHEL 8.",
+          "desc": "The debug-shell requires no authentication and provides root\nprivileges to anyone who has physical access to the machine.  While this\nfeature is disabled by default, masking it adds an additional layer of\nassurance that it will not be enabled via a dependency in systemd.  This also\nprevents attackers with physical access from trivially bypassing security on\nthe machine through valid troubleshooting configurations and gaining root\naccess when the system is rebooted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The debug-shell requires no authentication and provides root\nprivileges to anyone who has physical access to the machine.  While this\nfeature is disabled by default, masking it adds an additional layer of\nassurance that it will not be enabled via a dependency in systemd.  This also\nprevents attackers with physical access from trivially bypassing security on\nthe machine through valid troubleshooting configurations and gaining root\naccess when the system is rebooted."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is configured to mask the debug-shell systemd service with\nthe following command:\n\n    $ sudo systemctl status debug-shell.service\n\n    debug-shell.service\n    Loaded: masked (Reason: Unit debug-shell.service is masked.)\n    Active: inactive (dead)\n\n    If the \"debug-shell.service\" is loaded and not masked, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to mask the debug-shell systemd service with the\nfollowing command:\n\n    $ sudo systemctl mask debug-shell.service\n\n    Created symlink /etc/systemd/system/debug-shell.service -> /dev/null\n\n    Reload the daemon to take effect.\n\n    $ sudo systemctl daemon-reload"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230532",
+            "rid": "SV-230532r627750_rule",
+            "stig_id": "RHEL-08-040180",
+            "fix_id": "F-33176r619892_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230532' do\n  title 'The debug-shell systemd service must be disabled on RHEL 8.'\n  desc 'The debug-shell requires no authentication and provides root\nprivileges to anyone who has physical access to the machine.  While this\nfeature is disabled by default, masking it adds an additional layer of\nassurance that it will not be enabled via a dependency in systemd.  This also\nprevents attackers with physical access from trivially bypassing security on\nthe machine through valid troubleshooting configurations and gaining root\naccess when the system is rebooted.'\n  desc 'check', 'Verify RHEL 8 is configured to mask the debug-shell systemd service with\nthe following command:\n\n    $ sudo systemctl status debug-shell.service\n\n    debug-shell.service\n    Loaded: masked (Reason: Unit debug-shell.service is masked.)\n    Active: inactive (dead)\n\n    If the \"debug-shell.service\" is loaded and not masked, this is a finding.'\n  desc 'fix', 'Configure the system to mask the debug-shell systemd service with the\nfollowing command:\n\n    $ sudo systemctl mask debug-shell.service\n\n    Created symlink /etc/systemd/system/debug-shell.service -> /dev/null\n\n    Reload the daemon to take effect.\n\n    $ sudo systemctl daemon-reload'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230532'\n  tag rid: 'SV-230532r627750_rule'\n  tag stig_id: 'RHEL-08-040180'\n  tag fix_id: 'F-33176r619892_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  d = systemd_service('debug-shell.service')\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe.one do\n      describe d do\n        its('params.LoadState') { should eq 'masked' }\n      end\n      describe d do\n        its('params.LoadState') { should eq 'not-found' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230532.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Service debug-shell.service params.LoadState is expected to eq \"masked\"",
+              "run_time": 0.000597,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "message": "\nexpected: \"masked\"\n     got: \"loaded\"\n\n(compared using ==)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"debug-shell.service\"]",
+              "resource_id": "debug-shell.service"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service debug-shell.service params.LoadState is expected to eq \"not-found\"",
+              "run_time": 0.000388,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "message": "\nexpected: \"not-found\"\n     got: \"loaded\"\n\n(compared using ==)\n",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "systemd_service",
+              "resource_params": "[\"debug-shell.service\"]",
+              "resource_id": "debug-shell.service"
+            }
+          ]
+        },
+        {
+          "id": "SV-230533",
+          "title": "The Trivial File Transfer Protocol (TFTP) server package must not be\ninstalled if not required for RHEL 8 operational support.",
+          "desc": "If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established."
+            },
+            {
+              "label": "check",
+              "data": "Verify a TFTP server has not been installed on the system with the\nfollowing command:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64   5.2-24.el8\n\n    If TFTP is installed and the requirement for TFTP is not documented with\nthe ISSO, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove the TFTP package from the system with the following command:\n\n$ sudo yum remove tftp-server"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230533",
+            "rid": "SV-230533r627750_rule",
+            "stig_id": "RHEL-08-040190",
+            "fix_id": "F-33177r568346_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230533' do\n  title 'The Trivial File Transfer Protocol (TFTP) server package must not be\ninstalled if not required for RHEL 8 operational support.'\n  desc 'If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established.'\n  desc 'check', 'Verify a TFTP server has not been installed on the system with the\nfollowing command:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64   5.2-24.el8\n\n    If TFTP is installed and the requirement for TFTP is not documented with\nthe ISSO, this is a finding.'\n  desc 'fix', 'Remove the TFTP package from the system with the following command:\n\n$ sudo yum remove tftp-server'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230533'\n  tag rid: 'SV-230533r627750_rule'\n  tag stig_id: 'RHEL-08-040190'\n  tag fix_id: 'F-33177r568346_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('tftp-server') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230533.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package tftp-server is expected not to be installed",
+              "run_time": 0.000115,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"tftp-server\"]",
+              "resource_id": "tftp-server"
+            }
+          ]
+        },
+        {
+          "id": "SV-230534",
+          "title": "The root account must be the only account having unrestricted access\nto the RHEL 8 system.",
+          "desc": "If an account other than root also has a User Identifier (UID) of\n\"0\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \"0\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an account other than root also has a User Identifier (UID) of\n\"0\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \"0\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount."
+            },
+            {
+              "label": "check",
+              "data": "Check the system for duplicate UID \"0\" assignments with the following\ncommand:\n\n    $ sudo awk -F: '$3 == 0 {print $1}' /etc/passwd\n\n    If any accounts other than root have a UID of \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the UID of any account on the system, other than root, that has a\nUID of \"0\".\n\n    If the account is associated with system commands or applications, the UID\nshould be changed to one greater than \"0\" but less than \"1000\". Otherwise,\nassign a UID of greater than \"1000\" that has not already been assigned."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230534",
+            "rid": "SV-230534r627750_rule",
+            "stig_id": "RHEL-08-040200",
+            "fix_id": "F-33178r568349_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230534' do\n  title 'The root account must be the only account having unrestricted access\nto the RHEL 8 system.'\n  desc 'If an account other than root also has a User Identifier (UID) of\n\"0\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \"0\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount.'\n  desc 'check', %q(Check the system for duplicate UID \"0\" assignments with the following\ncommand:\n\n    $ sudo awk -F: '$3 == 0 {print $1}' /etc/passwd\n\n    If any accounts other than root have a UID of \"0\", this is a finding.)\n  desc 'fix', 'Change the UID of any account on the system, other than root, that has a\nUID of \"0\".\n\n    If the account is associated with system commands or applications, the UID\nshould be changed to one greater than \"0\" but less than \"1000\". Otherwise,\nassign a UID of greater than \"1000\" that has not already been assigned.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230534'\n  tag rid: 'SV-230534r627750_rule'\n  tag stig_id: 'RHEL-08-040200'\n  tag fix_id: 'F-33178r568349_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe passwd.uids(0) do\n    its('users') { should cmp 'root' }\n    its('entries.length') { should eq 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230534.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "/etc/passwd with uid == 0 users is expected to cmp == \"root\"",
+              "run_time": 6.8e-05,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "/etc/passwd with uid == 0 entries.length is expected to eq 1",
+              "run_time": 4.8e-05,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-230535",
+          "title": "RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.",
+          "desc": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 will not accept IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_redirects\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_redirects = 0\n\nIf \"net.ipv6.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent IPv6 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230535",
+            "rid": "SV-230535r858793_rule",
+            "stig_id": "RHEL-08-040210",
+            "fix_id": "F-33179r858792_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230535' do\n  title 'RHEL 8 must prevent IPv6 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 will not accept IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_redirects\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_redirects = 0\n\nIf \"net.ipv6.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent IPv6 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230535'\n  tag rid: 'SV-230535r858793_rule'\n  tag stig_id: 'RHEL-08-040210'\n  tag fix_id: 'F-33179r858792_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230535.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.default.accept_redirects value is expected to eq 0",
+              "run_time": 0.109396,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.default.accept_redirects\"]",
+              "resource_id": "net.ipv6.conf.default.accept_redirects"
+            }
+          ]
+        },
+        {
+          "id": "SV-230536",
+          "title": "RHEL 8 must not send Internet Control Message Protocol (ICMP)\nredirects.",
+          "desc": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not IPv4 ICMP redirect messages.\n\nCheck the value of the \"all send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.send_redirects\n\nnet.ipv4.conf.all.send_redirects = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.send_redirects = 0\n\nIf \"net.ipv4.conf.all.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not allow interfaces to perform IPv4 ICMP redirects.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.send_redirects=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230536",
+            "rid": "SV-230536r858795_rule",
+            "stig_id": "RHEL-08-040220",
+            "fix_id": "F-33180r858794_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230536' do\n  title 'RHEL 8 must not send Internet Control Message Protocol (ICMP)\nredirects.'\n  desc %q(ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf)\n  desc 'check', 'Verify RHEL 8 does not IPv4 ICMP redirect messages.\n\nCheck the value of the \"all send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.send_redirects\n\nnet.ipv4.conf.all.send_redirects = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.send_redirects = 0\n\nIf \"net.ipv4.conf.all.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow interfaces to perform IPv4 ICMP redirects.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.send_redirects=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230536'\n  tag rid: 'SV-230536r858795_rule'\n  tag stig_id: 'RHEL-08-040220'\n  tag fix_id: 'F-33180r858794_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv4_enabled')\n    describe kernel_parameter('net.ipv4.conf.all.send_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv4 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv4 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230536.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.all.send_redirects value is expected to eq 0",
+              "run_time": 0.111888,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.all.send_redirects\"]",
+              "resource_id": "net.ipv4.conf.all.send_redirects"
+            }
+          ]
+        },
+        {
+          "id": "SV-230537",
+          "title": "RHEL 8 must not respond to Internet Control Message Protocol (ICMP)\nechoes sent to a broadcast address.",
+          "desc": "Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). IPv6 does not implement the same method of broadcast as IPv4. Instead, IPv6 uses multicast addressing to the all-hosts multicast group. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). IPv6 does not implement the same method of broadcast as IPv4. Instead, IPv6 uses multicast addressing to the all-hosts multicast group. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not respond to ICMP echoes sent to a broadcast address.\n\nCheck the value of the \"icmp_echo_ignore_broadcasts\" variable with the following command:\n\n$ sudo sysctl net.ipv4.icmp_echo_ignore_broadcasts\n\nnet.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf the returned line does not have a value of \"1\", a line is not returned, or the retuned line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.icmp_echo_ignore_broadcasts /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf \"net.ipv4.icmp_echo_ignore_broadcasts\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not respond to IPv4 ICMP echoes sent to a broadcast address.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.icmp_echo_ignore_broadcasts=1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230537",
+            "rid": "SV-230537r858797_rule",
+            "stig_id": "RHEL-08-040230",
+            "fix_id": "F-33181r858796_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230537' do\n  title 'RHEL 8 must not respond to Internet Control Message Protocol (ICMP)\nechoes sent to a broadcast address.'\n  desc 'Responding to broadcast ICMP echoes facilitates network mapping and provides a vector for amplification attacks.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). IPv6 does not implement the same method of broadcast as IPv4. Instead, IPv6 uses multicast addressing to the all-hosts multicast group. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not respond to ICMP echoes sent to a broadcast address.\n\nCheck the value of the \"icmp_echo_ignore_broadcasts\" variable with the following command:\n\n$ sudo sysctl net.ipv4.icmp_echo_ignore_broadcasts\n\nnet.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf the returned line does not have a value of \"1\", a line is not returned, or the retuned line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.icmp_echo_ignore_broadcasts /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.icmp_echo_ignore_broadcasts = 1\n\nIf \"net.ipv4.icmp_echo_ignore_broadcasts\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not respond to IPv4 ICMP echoes sent to a broadcast address.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.icmp_echo_ignore_broadcasts=1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230537'\n  tag rid: 'SV-230537r858797_rule'\n  tag stig_id: 'RHEL-08-040230'\n  tag fix_id: 'F-33181r858796_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv4_enabled')\n    describe kernel_parameter('net.ipv4.icmp_echo_ignore_broadcasts') do\n      its('value') { should eq 1 }\n    end\n  else\n    impact 0.0\n    describe 'IPv4 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv4 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230537.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.icmp_echo_ignore_broadcasts value is expected to eq 1",
+              "run_time": 0.116828,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.icmp_echo_ignore_broadcasts\"]",
+              "resource_id": "net.ipv4.icmp_echo_ignore_broadcasts"
+            }
+          ]
+        },
+        {
+          "id": "SV-230538",
+          "title": "RHEL 8 must not forward IPv6 source-routed packets.",
+          "desc": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not accept IPv6 source-routed packets.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_source_route\n\nnet.ipv6.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_source_route = 0\n\nIf \"net.ipv6.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not forward IPv6 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230538",
+            "rid": "SV-230538r858801_rule",
+            "stig_id": "RHEL-08-040240",
+            "fix_id": "F-33182r858800_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230538' do\n  title 'RHEL 8 must not forward IPv6 source-routed packets.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv6 source-routed packets.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_source_route\n\nnet.ipv6.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_source_route = 0\n\nIf \"net.ipv6.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv6 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230538'\n  tag rid: 'SV-230538r858801_rule'\n  tag stig_id: 'RHEL-08-040240'\n  tag fix_id: 'F-33182r858800_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_source_route') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230538.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.default.accept_source_route value is expected to eq 0",
+              "run_time": 0.335214,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.default.accept_source_route\"]",
+              "resource_id": "net.ipv6.conf.default.accept_source_route"
+            }
+          ]
+        },
+        {
+          "id": "SV-230539",
+          "title": "RHEL 8 must not forward IPv6 source-routed packets by default.",
+          "desc": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not accept IPv6 source-routed packets by default.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_source_route\n\nnet.ipv6.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_source_route = 0\n\nIf \"net.ipv6.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not forward IPv6 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230539",
+            "rid": "SV-230539r861085_rule",
+            "stig_id": "RHEL-08-040250",
+            "fix_id": "F-33183r858805_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230539' do\n  title 'RHEL 8 must not forward IPv6 source-routed packets by default.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv6 source-routed packets by default.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv6.conf.default.accept_source_route\n\nnet.ipv6.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_source_route = 0\n\nIf \"net.ipv6.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv6 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230539'\n  tag rid: 'SV-230539r861085_rule'\n  tag stig_id: 'RHEL-08-040250'\n  tag fix_id: 'F-33183r858805_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_source_route') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230539.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.default.accept_source_route value is expected to eq 0",
+              "run_time": 0.000305,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.default.accept_source_route\"]",
+              "resource_id": "net.ipv6.conf.default.accept_source_route"
+            }
+          ]
+        },
+        {
+          "id": "SV-230540",
+          "title": "RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.",
+          "desc": "Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is not performing IPv6 packet forwarding, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck that IPv6 forwarding is disabled using the following commands:\n\n$ sudo sysctl net.ipv6.conf.all.forwarding\n\nnet.ipv6.conf.all.forwarding = 0\n\nIf the IPv6 forwarding value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.forwarding = 0\n\nIf \"net.ipv6.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not allow IPv6 packet forwarding, unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.forwarding=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230540",
+            "rid": "SV-230540r858810_rule",
+            "stig_id": "RHEL-08-040260",
+            "fix_id": "F-33184r858809_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230540' do\n  title 'RHEL 8 must not enable IPv6 packet forwarding unless the system is a router.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 is not performing IPv6 packet forwarding, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck that IPv6 forwarding is disabled using the following commands:\n\n$ sudo sysctl net.ipv6.conf.all.forwarding\n\nnet.ipv6.conf.all.forwarding = 0\n\nIf the IPv6 forwarding value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.forwarding = 0\n\nIf \"net.ipv6.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow IPv6 packet forwarding, unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.forwarding=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230540'\n  tag rid: 'SV-230540r858810_rule'\n  tag stig_id: 'RHEL-08-040260'\n  tag fix_id: 'F-33184r858809_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('net.ipv4.ip_forward') do\n      its('value') { should eq 0 }\n    end\n    if input('ipv6_enabled')\n      describe kernel_parameter('net.ipv6.conf.all.forwarding') do\n        its('value') { should eq 0 }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230540.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.ip_forward value is expected to eq 0",
+              "run_time": 0.117127,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.ip_forward\"]",
+              "resource_id": "net.ipv4.ip_forward"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.all.forwarding value is expected to eq 0",
+              "run_time": 0.166548,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.all.forwarding\"]",
+              "resource_id": "net.ipv6.conf.all.forwarding"
+            }
+          ]
+        },
+        {
+          "id": "SV-230541",
+          "title": "RHEL 8 must not accept router advertisements on all IPv6 interfaces.",
+          "desc": "Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.all.accept_ra\n\nnet.ipv6.conf.all.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_ra = 0\n\nIf \"net.ipv6.conf.all.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230541",
+            "rid": "SV-230541r858812_rule",
+            "stig_id": "RHEL-08-040261",
+            "fix_id": "F-33185r858811_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230541' do\n  title 'RHEL 8 must not accept router advertisements on all IPv6 interfaces.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.all.accept_ra\n\nnet.ipv6.conf.all.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_ra = 0\n\nIf \"net.ipv6.conf.all.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230541'\n  tag rid: 'SV-230541r858812_rule'\n  tag stig_id: 'RHEL-08-040261'\n  tag fix_id: 'F-33185r858811_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.all.accept_ra') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 not enabled' do\n      skip 'IPv6 is not enabled, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230541.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.all.accept_ra value is expected to eq 0",
+              "run_time": 0.090956,
+              "start_time": "2024-01-09T19:40:59-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.all.accept_ra\"]",
+              "resource_id": "net.ipv6.conf.all.accept_ra"
+            }
+          ]
+        },
+        {
+          "id": "SV-230542",
+          "title": "RHEL 8 must not accept router advertisements on all IPv6 interfaces by\ndefault.",
+          "desc": "Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces by default, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by default by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.default.accept_ra\n\nnet.ipv6.conf.default.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_ra = 0\n\nIf \"net.ipv6.conf.default.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces by default unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230542",
+            "rid": "SV-230542r858814_rule",
+            "stig_id": "RHEL-08-040262",
+            "fix_id": "F-33186r858813_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230542' do\n  title 'RHEL 8 must not accept router advertisements on all IPv6 interfaces by\ndefault.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network topology information with other routers. If this software is used when not required, system network information may be unnecessarily transmitted across the network.\n\nAn illicit router advertisement message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept router advertisements on all IPv6 interfaces by default, unless the system is a router.\n\nNote: If IPv6 is disabled on the system, this requirement is not applicable.\n\nCheck to see if router advertisements are not accepted by default by using the following command:\n\n$ sudo sysctl  net.ipv6.conf.default.accept_ra\n\nnet.ipv6.conf.default.accept_ra = 0\n\nIf the \"accept_ra\" value is not \"0\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.default.accept_ra /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.default.accept_ra = 0\n\nIf \"net.ipv6.conf.default.accept_ra\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not accept router advertisements on all IPv6 interfaces by default unless the system is a router.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.default.accept_ra=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230542'\n  tag rid: 'SV-230542r858814_rule'\n  tag stig_id: 'RHEL-08-040262'\n  tag fix_id: 'F-33186r858813_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.default.accept_ra') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 not enabled' do\n      skip 'IPv6 is not enabled, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230542.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.default.accept_ra value is expected to eq 0",
+              "run_time": 0.141492,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.default.accept_ra\"]",
+              "resource_id": "net.ipv6.conf.default.accept_ra"
+            }
+          ]
+        },
+        {
+          "id": "SV-230543",
+          "title": "RHEL 8 must not allow interfaces to perform Internet Control Message\nProtocol (ICMP) redirects by default.",
+          "desc": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nCheck the value of the \"default send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.send_redirects\n\nnet.ipv4.conf.default.send_redirects=0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.send_redirects = 0\n\nIf \"net.ipv4.conf.default.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.send_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230543",
+            "rid": "SV-230543r858816_rule",
+            "stig_id": "RHEL-08-040270",
+            "fix_id": "F-33187r858815_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230543' do\n  title 'RHEL 8 must not allow interfaces to perform Internet Control Message\nProtocol (ICMP) redirects by default.'\n  desc %q(ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages contain information from the system's route table, possibly revealing portions of the network topology.\n\nThere are notable differences between Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). There is only a directive to disable sending of IPv4 redirected packets. Refer to RFC4294 for an explanation of \"IPv6 Node Requirements\", which resulted in this difference between IPv4 and IPv6.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf)\n  desc 'check', 'Verify RHEL 8 does not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nCheck the value of the \"default send_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.send_redirects\n\nnet.ipv4.conf.default.send_redirects=0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.send_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.send_redirects = 0\n\nIf \"net.ipv4.conf.default.send_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow interfaces to perform Internet Protocol version 4 (IPv4) ICMP redirects by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.send_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230543'\n  tag rid: 'SV-230543r858816_rule'\n  tag stig_id: 'RHEL-08-040270'\n  tag fix_id: 'F-33187r858815_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv4_enabled')\n    describe kernel_parameter('net.ipv4.conf.default.send_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv4 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv4 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230543.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.default.send_redirects value is expected to eq 0",
+              "run_time": 0.121421,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.default.send_redirects\"]",
+              "resource_id": "net.ipv4.conf.default.send_redirects"
+            }
+          ]
+        },
+        {
+          "id": "SV-230544",
+          "title": "RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP)\nredirect messages.",
+          "desc": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 ignores IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_redirects\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_redirects = 0\n\nIf \"net.ipv6.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to ignore IPv6 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230544",
+            "rid": "SV-230544r858820_rule",
+            "stig_id": "RHEL-08-040280",
+            "fix_id": "F-33188r858819_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230544' do\n  title 'RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP)\nredirect messages.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 ignores IPv6 ICMP redirect messages.\n\nNote: If IPv6 is disabled on the system, this requirement is Not Applicable.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv6.conf.all.accept_redirects\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv6.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv6.conf.all.accept_redirects = 0\n\nIf \"net.ipv6.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to ignore IPv6 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv6.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230544'\n  tag rid: 'SV-230544r858820_rule'\n  tag stig_id: 'RHEL-08-040280'\n  tag fix_id: 'F-33188r858819_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('ipv6_enabled')\n    describe kernel_parameter('net.ipv6.conf.all.accept_redirects') do\n      its('value') { should eq 0 }\n    end\n  else\n    impact 0.0\n    describe 'IPv6 is disabled on the system, this requirement is Not Applicable.' do\n      skip 'IPv6 is disabled on the system, this requirement is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230544.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv6.conf.all.accept_redirects value is expected to eq 0",
+              "run_time": 0.17495,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv6.conf.all.accept_redirects\"]",
+              "resource_id": "net.ipv6.conf.all.accept_redirects"
+            }
+          ]
+        },
+        {
+          "id": "SV-230545",
+          "title": "RHEL 8 must disable access to network bpf syscall from unprivileged\nprocesses.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 prevents privilege escalation thru the kernel by disabling access to the bpf syscall with the following commands:\n\n$ sudo sysctl kernel.unprivileged_bpf_disabled\n\nkernel.unprivileged_bpf_disabled = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.unprivileged_bpf_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.unprivileged_bpf_disabled = 1\n\nIf \"kernel.unprivileged_bpf_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent privilege escalation thru the kernel by disabling access to the bpf syscall by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.unprivileged_bpf_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230545",
+            "rid": "SV-230545r858822_rule",
+            "stig_id": "RHEL-08-040281",
+            "fix_id": "F-33189r858821_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230545' do\n  title 'RHEL 8 must disable access to network bpf syscall from unprivileged\nprocesses.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 prevents privilege escalation thru the kernel by disabling access to the bpf syscall with the following commands:\n\n$ sudo sysctl kernel.unprivileged_bpf_disabled\n\nkernel.unprivileged_bpf_disabled = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.unprivileged_bpf_disabled /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.unprivileged_bpf_disabled = 1\n\nIf \"kernel.unprivileged_bpf_disabled\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent privilege escalation thru the kernel by disabling access to the bpf syscall by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.unprivileged_bpf_disabled = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230545'\n  tag rid: 'SV-230545r858822_rule'\n  tag stig_id: 'RHEL-08-040281'\n  tag fix_id: 'F-33189r858821_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.unprivileged_bpf_disabled') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230545.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.unprivileged_bpf_disabled value is expected to eq 1",
+              "run_time": 0.121666,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.unprivileged_bpf_disabled\"]",
+              "resource_id": "kernel.unprivileged_bpf_disabled"
+            }
+          ]
+        },
+        {
+          "id": "SV-230546",
+          "title": "RHEL 8 must restrict usage of ptrace to descendant  processes.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 restricts usage of ptrace to descendant processes with the following commands:\n\n$ sudo sysctl kernel.yama.ptrace_scope\n\nkernel.yama.ptrace_scope = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.yama.ptrace_scope /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.yama.ptrace_scope = 1\n\nIf \"kernel.yama.ptrace_scope\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to restrict usage of ptrace to descendant processes by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.yama.ptrace_scope = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230546",
+            "rid": "SV-230546r858824_rule",
+            "stig_id": "RHEL-08-040282",
+            "fix_id": "F-33190r858823_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230546' do\n  title 'RHEL 8 must restrict usage of ptrace to descendant  processes.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 restricts usage of ptrace to descendant processes with the following commands:\n\n$ sudo sysctl kernel.yama.ptrace_scope\n\nkernel.yama.ptrace_scope = 1\n\nIf the returned line does not have a value of \"1\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.yama.ptrace_scope /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.yama.ptrace_scope = 1\n\nIf \"kernel.yama.ptrace_scope\" is not set to \"1\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to restrict usage of ptrace to descendant processes by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.yama.ptrace_scope = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230546'\n  tag rid: 'SV-230546r858824_rule'\n  tag stig_id: 'RHEL-08-040282'\n  tag fix_id: 'F-33190r858823_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.yama.ptrace_scope') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230546.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.yama.ptrace_scope value is expected to eq 1",
+              "run_time": 0.140668,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.yama.ptrace_scope\"]",
+              "resource_id": "kernel.yama.ptrace_scope"
+            }
+          ]
+        },
+        {
+          "id": "SV-230547",
+          "title": "RHEL 8 must restrict exposed kernel pointer addresses access.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 restricts exposed kernel pointer addresses access with the following commands:\n\n$ sudo sysctl kernel.kptr_restrict\n\nkernel.kptr_restrict = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.kptr_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.kptr_restrict = 1\n\nIf \"kernel.kptr_restrict\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to restrict exposed kernel pointer addresses access by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.kptr_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230547",
+            "rid": "SV-230547r858826_rule",
+            "stig_id": "RHEL-08-040283",
+            "fix_id": "F-33191r858825_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230547' do\n  title 'RHEL 8 must restrict exposed kernel pointer addresses access.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 restricts exposed kernel pointer addresses access with the following commands:\n\n$ sudo sysctl kernel.kptr_restrict\n\nkernel.kptr_restrict = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r kernel.kptr_restrict /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: kernel.kptr_restrict = 1\n\nIf \"kernel.kptr_restrict\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to restrict exposed kernel pointer addresses access by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nkernel.kptr_restrict = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230547'\n  tag rid: 'SV-230547r858826_rule'\n  tag stig_id: 'RHEL-08-040283'\n  tag fix_id: 'F-33191r858825_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('kernel.kptr_restrict') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230547.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter kernel.kptr_restrict value is expected to eq 1",
+              "run_time": 0.131843,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"kernel.kptr_restrict\"]",
+              "resource_id": "kernel.kptr_restrict"
+            }
+          ]
+        },
+        {
+          "id": "SV-230548",
+          "title": "RHEL 8 must disable the use of user namespaces.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 disables the use of user namespaces with the following commands:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\n$ sudo sysctl user.max_user_namespaces\n\nuser.max_user_namespaces = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r user.max_user_namespaces /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: user.max_user_namespaces = 0\n\nIf \"user.max_user_namespaces\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to disable the use of user namespaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\nuser.max_user_namespaces = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230548",
+            "rid": "SV-230548r858828_rule",
+            "stig_id": "RHEL-08-040284",
+            "fix_id": "F-33192r858827_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230548' do\n  title 'RHEL 8 must disable the use of user namespaces.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 disables the use of user namespaces with the following commands:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\n$ sudo sysctl user.max_user_namespaces\n\nuser.max_user_namespaces = 0\n\nIf the returned line does not have a value of \"0\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r user.max_user_namespaces /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: user.max_user_namespaces = 0\n\nIf \"user.max_user_namespaces\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to disable the use of user namespaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nNote: User namespaces are used primarily for Linux containers. If containers are in use, this requirement is not applicable.\n\nuser.max_user_namespaces = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230548'\n  tag rid: 'SV-230548r858828_rule'\n  tag stig_id: 'RHEL-08-040284'\n  tag fix_id: 'F-33192r858827_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  elsif input('container_host')\n    impact 0.0\n    describe true do\n      skip 'Profile running on a container host -- User namespaces are used primarily for Linux containers.; this control is Not Applicable'\n    end\n  else\n    describe kernel_parameter('user.max_user_namespaces') do\n      its('value') { should be_zero }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230548.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter user.max_user_namespaces value is expected to be zero",
+              "run_time": 0.193388,
+              "start_time": "2024-01-09T19:41:00-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"user.max_user_namespaces\"]",
+              "resource_id": "user.max_user_namespaces"
+            }
+          ]
+        },
+        {
+          "id": "SV-230549",
+          "title": "RHEL 8 must use reverse path filtering on all IPv4 interfaces.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 uses reverse path filtering on all IPv4 interfaces with the following commands:\n\n$ sudo sysctl net.ipv4.conf.all.rp_filter\n\nnet.ipv4.conf.all.rp_filter = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.rp_filter /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.rp_filter = 1\n\nIf \"net.ipv4.conf.all.rp_filter\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to use reverse path filtering on all IPv4 interfaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.ipv4.conf.all.rp_filter = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230549",
+            "rid": "SV-230549r858830_rule",
+            "stig_id": "RHEL-08-040285",
+            "fix_id": "F-33193r858829_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230549' do\n  title 'RHEL 8 must use reverse path filtering on all IPv4 interfaces.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 uses reverse path filtering on all IPv4 interfaces with the following commands:\n\n$ sudo sysctl net.ipv4.conf.all.rp_filter\n\nnet.ipv4.conf.all.rp_filter = 1\n\nIf the returned line does not have a value of \"1\" or \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.rp_filter /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.rp_filter = 1\n\nIf \"net.ipv4.conf.all.rp_filter\" is not set to \"1\" or \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use reverse path filtering on all IPv4 interfaces by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.ipv4.conf.all.rp_filter = 1\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230549'\n  tag rid: 'SV-230549r858830_rule'\n  tag stig_id: 'RHEL-08-040285'\n  tag fix_id: 'F-33193r858829_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe kernel_parameter('net.ipv4.conf.all.rp_filter') do\n      its('value') { should eq 1 }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230549.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.all.rp_filter value is expected to eq 1",
+              "run_time": 0.122098,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.all.rp_filter\"]",
+              "resource_id": "net.ipv4.conf.all.rp_filter"
+            }
+          ]
+        },
+        {
+          "id": "SV-230550",
+          "title": "RHEL 8 must be configured to prevent unrestricted mail relaying.",
+          "desc": "If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system is configured to prevent unrestricted mail relaying.\n\n    Determine if \"postfix\" is installed with the following commands:\n\n    $ sudo yum list installed postfix\n\n    postfix.x86_64  2:3.3.1-9.el8\n\n    If postfix is not installed, this is Not Applicable.\n\n    If postfix is installed, determine if it is configured to reject\nconnections from unknown or untrusted networks with the following command:\n\n    $ sudo postconf -n smtpd_client_restrictions\n\n    smtpd_client_restrictions = permit_mynetworks, reject\n\n    If the \"smtpd_client_restrictions\" parameter contains any entries other\nthan \"permit_mynetworks\" and \"reject\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "If \"postfix\" is installed, modify the \"/etc/postfix/main.cf\" file to\nrestrict client connections to the local network with the following command:\n\n    $ sudo postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230550",
+            "rid": "SV-230550r627750_rule",
+            "stig_id": "RHEL-08-040290",
+            "fix_id": "F-33194r568397_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230550' do\n  title 'RHEL 8 must be configured to prevent unrestricted mail relaying.'\n  desc 'If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity.'\n  desc 'check', 'Verify the system is configured to prevent unrestricted mail relaying.\n\n    Determine if \"postfix\" is installed with the following commands:\n\n    $ sudo yum list installed postfix\n\n    postfix.x86_64  2:3.3.1-9.el8\n\n    If postfix is not installed, this is Not Applicable.\n\n    If postfix is installed, determine if it is configured to reject\nconnections from unknown or untrusted networks with the following command:\n\n    $ sudo postconf -n smtpd_client_restrictions\n\n    smtpd_client_restrictions = permit_mynetworks, reject\n\n    If the \"smtpd_client_restrictions\" parameter contains any entries other\nthan \"permit_mynetworks\" and \"reject\", this is a finding.'\n  desc 'fix', %q(If \"postfix\" is installed, modify the \"/etc/postfix/main.cf\" file to\nrestrict client connections to the local network with the following command:\n\n    $ sudo postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject')\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230550'\n  tag rid: 'SV-230550r627750_rule'\n  tag stig_id: 'RHEL-08-040290'\n  tag fix_id: 'F-33194r568397_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if package('postfix').installed?\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') {\n        should match(/^smtpd_client_restrictions\\s+=\\s+(permit_mynetworks|reject)($|(,\\s*(permit_mynetworks|reject)\\s*$))/i)\n      }\n    end\n  else\n    impact 0.0\n    describe 'The `postfix` package is not installed' do\n      skip 'The `postfix` package is not installed, this control is Not Applicable'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230550.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Command: `postconf -n smtpd_client_restrictions` stdout.strip is expected to match /^smtpd_client_restrictions\\s+=\\s+(permit_mynetworks|reject)($|(,\\s*(permit_mynetworks|reject)\\s*$))/i",
+              "run_time": 0.358658,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "message": "expected \"\" to match /^smtpd_client_restrictions\\s+=\\s+(permit_mynetworks|reject)($|(,\\s*(permit_mynetworks|reject)\\s*$))/i",
+              "resource_class": "command",
+              "resource_params": "[\"postconf -n smtpd_client_restrictions\"]",
+              "resource_id": "Command: `postconf -n smtpd_client_restrictions`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230551",
+          "title": "The RHEL 8 file integrity tool must be configured to verify extended\nattributes.",
+          "desc": "Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE)."
+            },
+            {
+              "label": "check",
+              "data": "Verify the file integrity tool is configured to verify extended attributes.\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    Note: AIDE is highly configurable at install time. This requirement assumes\nthe \"aide.conf\" file is under the \"/etc\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    $ sudo find / -name aide.conf\n\n    Check the \"aide.conf\" file to determine if the \"xattrs\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \"xattrs\" rule follows:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \"xattrs\" rule is not being used on all uncommented selection lines\nin the \"/etc/aide.conf\" file, or extended attributes are not being checked by\nanother file integrity tool, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the file integrity tool to check file and directory extended\nattributes.\n\n    If AIDE is installed, ensure the \"xattrs\" rule is present on all\nuncommented file and directory selection lists."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230551",
+            "rid": "SV-230551r627750_rule",
+            "stig_id": "RHEL-08-040300",
+            "fix_id": "F-33195r568400_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230551' do\n  title 'The RHEL 8 file integrity tool must be configured to verify extended\nattributes.'\n  desc 'Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).'\n  desc 'check', 'Verify the file integrity tool is configured to verify extended attributes.\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    Note: AIDE is highly configurable at install time. This requirement assumes\nthe \"aide.conf\" file is under the \"/etc\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    $ sudo find / -name aide.conf\n\n    Check the \"aide.conf\" file to determine if the \"xattrs\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \"xattrs\" rule follows:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \"xattrs\" rule is not being used on all uncommented selection lines\nin the \"/etc/aide.conf\" file, or extended attributes are not being checked by\nanother file integrity tool, this is a finding.'\n  desc 'fix', 'Configure the file integrity tool to check file and directory extended\nattributes.\n\n    If AIDE is installed, ensure the \"xattrs\" rule is present on all\nuncommented file and directory selection lists.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230551'\n  tag rid: 'SV-230551r627750_rule'\n  tag stig_id: 'RHEL-08-040300'\n  tag fix_id: 'F-33195r568400_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('aide') do\n      it { should be_installed }\n    end\n\n    findings = []\n    aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n      findings.append(selection.selection_line) unless selection.rules.include? 'xattrs'\n    end\n\n    describe \"List of monitored files/directories without 'xattrs' rule\" do\n      subject { findings }\n      it { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230551.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System Package aide is expected to be installed",
+              "run_time": 0.000553,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "message": "expected that `System Package aide` is installed",
+              "resource_class": "package",
+              "resource_params": "[\"aide\"]",
+              "resource_id": "aide"
+            },
+            {
+              "status": "passed",
+              "code_desc": "List of monitored files/directories without 'xattrs' rule is expected to be empty",
+              "run_time": 0.006519,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "List of monitored files/directories without 'xattrs' rule"
+            }
+          ]
+        },
+        {
+          "id": "SV-230552",
+          "title": "The RHEL 8 file integrity tool must be configured to verify Access\nControl Lists (ACLs).",
+          "desc": "ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE)."
+            },
+            {
+              "label": "check",
+              "data": "Verify the file integrity tool is configured to verify ACLs.\n\nNote: AIDE is highly configurable at install time. This requirement assumes the \"aide.conf\" file is under the \"/etc\" directory.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nUse the following command to determine if the file is in a location other than \"/etc/aide/aide.conf\":\n\n     $ sudo find / -name aide.conf\n\nCheck the \"aide.conf\" file to determine if the \"acl\" rule has been added to the rule list being applied to the files and directories selection lists with the following command:\n\n     $ sudo grep -E \"[+]?acl\" /etc/aide.conf\n\n     VarFile = OwnerMode+n+l+X+acl\n\nIf the \"acl\" rule is not being used on all selection lines in the \"/etc/aide.conf\" file, is commented out, or ACLs are not being checked by another file integrity tool, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the file integrity tool to check file and directory ACLs.\n\n    If AIDE is installed, ensure the \"acl\" rule is present on all file and\ndirectory selection lists."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230552",
+            "rid": "SV-230552r880724_rule",
+            "stig_id": "RHEL-08-040310",
+            "fix_id": "F-33196r568403_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230552' do\n  title 'The RHEL 8 file integrity tool must be configured to verify Access\nControl Lists (ACLs).'\n  desc 'ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\n\n    RHEL 8 installation media come with a file integrity tool, Advanced\nIntrusion Detection Environment (AIDE).'\n  desc 'check', 'Verify the file integrity tool is configured to verify ACLs.\n\nNote: AIDE is highly configurable at install time. This requirement assumes the \"aide.conf\" file is under the \"/etc\" directory.\n\nIf AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\nUse the following command to determine if the file is in a location other than \"/etc/aide/aide.conf\":\n\n     $ sudo find / -name aide.conf\n\nCheck the \"aide.conf\" file to determine if the \"acl\" rule has been added to the rule list being applied to the files and directories selection lists with the following command:\n\n     $ sudo grep -E \"[+]?acl\" /etc/aide.conf\n\n     VarFile = OwnerMode+n+l+X+acl\n\nIf the \"acl\" rule is not being used on all selection lines in the \"/etc/aide.conf\" file, is commented out, or ACLs are not being checked by another file integrity tool, this is a finding.'\n  desc 'fix', 'Configure the file integrity tool to check file and directory ACLs.\n\n    If AIDE is installed, ensure the \"acl\" rule is present on all file and\ndirectory selection lists.'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230552'\n  tag rid: 'SV-230552r880724_rule'\n  tag stig_id: 'RHEL-08-040310'\n  tag fix_id: 'F-33196r568403_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe package('aide') do\n      it { should be_installed }\n    end\n\n    findings = []\n    aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n      findings.append(selection.selection_line) unless selection.rules.include? 'acl'\n    end\n\n    describe \"List of monitored files/directories without 'acl' rule\" do\n      subject { findings }\n      it { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230552.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System Package aide is expected to be installed",
+              "run_time": 0.000193,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "message": "expected that `System Package aide` is installed",
+              "resource_class": "package",
+              "resource_params": "[\"aide\"]",
+              "resource_id": "aide"
+            },
+            {
+              "status": "passed",
+              "code_desc": "List of monitored files/directories without 'acl' rule is expected to be empty",
+              "run_time": 0.004793,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "List of monitored files/directories without 'acl' rule"
+            }
+          ]
+        },
+        {
+          "id": "SV-230553",
+          "title": "The graphical display manager must not be installed on RHEL 8 unless\napproved.",
+          "desc": "Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system.\nGraphical display managers have a long history of security vulnerabilities and\nmust not be used, unless approved and documented.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system.\nGraphical display managers have a long history of security vulnerabilities and\nmust not be used, unless approved and documented."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a graphical user interface is not installed:\n\n$ rpm -qa | grep xorg | grep server\n\nAsk the System Administrator if use of a graphical user interface is an operational requirement.\n\nIf the use of a graphical user interface on the system is not documented with the ISSO, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo yum remove xorg-x11-server-Xorg xorg-x11-server-common xorg-x11-server-utils xorg-x11-server-Xwayland\n\nA reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230553",
+            "rid": "SV-230553r809324_rule",
+            "stig_id": "RHEL-08-040320",
+            "fix_id": "F-33197r809323_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230553' do\n  title 'The graphical display manager must not be installed on RHEL 8 unless\napproved.'\n  desc 'Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system.\nGraphical display managers have a long history of security vulnerabilities and\nmust not be used, unless approved and documented.'\n  desc 'check', 'Verify that a graphical user interface is not installed:\n\n$ rpm -qa | grep xorg | grep server\n\nAsk the System Administrator if use of a graphical user interface is an operational requirement.\n\nIf the use of a graphical user interface on the system is not documented with the ISSO, this is a finding.'\n  desc 'fix', 'Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo yum remove xorg-x11-server-Xorg xorg-x11-server-common xorg-x11-server-utils xorg-x11-server-Xwayland\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230553'\n  tag rid: 'SV-230553r809324_rule'\n  tag stig_id: 'RHEL-08-040320'\n  tag fix_id: 'F-33197r809323_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  input('remove_xorg_x11_server_packages').each do |p|\n    describe package(p) do\n      it { should_not be_installed }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230553.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package xorg-x11-server-common is expected not to be installed",
+              "run_time": 0.108045,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"xorg-x11-server-common\"]",
+              "resource_id": "xorg-x11-server-common"
+            },
+            {
+              "status": "passed",
+              "code_desc": "System Package xorg-x11-server-Xorg is expected not to be installed",
+              "run_time": 0.134939,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"xorg-x11-server-Xorg\"]",
+              "resource_id": "xorg-x11-server-Xorg"
+            },
+            {
+              "status": "passed",
+              "code_desc": "System Package xorg-x11-server-utils is expected not to be installed",
+              "run_time": 0.29699,
+              "start_time": "2024-01-09T19:41:01-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"xorg-x11-server-utils\"]",
+              "resource_id": "xorg-x11-server-utils"
+            },
+            {
+              "status": "passed",
+              "code_desc": "System Package xorg-x11-server-Xwayland is expected not to be installed",
+              "run_time": 0.130578,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"xorg-x11-server-Xwayland\"]",
+              "resource_id": "xorg-x11-server-Xwayland"
+            }
+          ]
+        },
+        {
+          "id": "SV-230554",
+          "title": "RHEL 8 network interfaces must not be in promiscuous mode.",
+          "desc": "Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow them to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow them to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel."
+            },
+            {
+              "label": "check",
+              "data": "Verify network interfaces are not in promiscuous mode unless approved by\nthe ISSO and documented.\n\n    Check for the status with the following command:\n\n    $ sudo ip link | grep -i promisc\n\n    If network interfaces are found on the system in promiscuous mode and their\nuse has not been approved by the ISSO and documented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure network interfaces to turn off promiscuous mode unless approved\nby the ISSO and documented.\n\n    Set the promiscuous mode of an interface to off with the following command:\n\n    $ sudo ip link set dev <devicename> multicast off promisc off"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230554",
+            "rid": "SV-230554r627750_rule",
+            "stig_id": "RHEL-08-040330",
+            "fix_id": "F-33198r568409_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230554' do\n  title 'RHEL 8 network interfaces must not be in promiscuous mode.'\n  desc 'Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow them to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel.'\n  desc 'check', 'Verify network interfaces are not in promiscuous mode unless approved by\nthe ISSO and documented.\n\n    Check for the status with the following command:\n\n    $ sudo ip link | grep -i promisc\n\n    If network interfaces are found on the system in promiscuous mode and their\nuse has not been approved by the ISSO and documented, this is a finding.'\n  desc 'fix', 'Configure network interfaces to turn off promiscuous mode unless approved\nby the ISSO and documented.\n\n    Set the promiscuous mode of an interface to off with the following command:\n\n    $ sudo ip link set dev <devicename> multicast off promisc off'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230554'\n  tag rid: 'SV-230554r627750_rule'\n  tag stig_id: 'RHEL-08-040330'\n  tag fix_id: 'F-33198r568409_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe command('ip link | grep -i promisc') do\n      its('stdout.strip') { should match(/^$/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230554.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `ip link | grep -i promisc` stdout.strip is expected to match /^$/",
+              "run_time": 0.141996,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"ip link | grep -i promisc\"]",
+              "resource_id": "Command: `ip link | grep -i promisc`"
+            }
+          ]
+        },
+        {
+          "id": "SV-230555",
+          "title": "RHEL 8 remote X connections for interactive users must be disabled\nunless to fulfill documented and validated mission requirements.",
+          "desc": "The security risk of using X11 forwarding is that the client's X11\ndisplay server may be exposed to attack when the SSH client requests\nforwarding.  A system administrator may have a stance in which they want to\nprotect clients that may expose themselves to attack by unwittingly requesting\nX11 forwarding, which can warrant a \"no\" setting.\n\n    X11 forwarding should be enabled with caution. Users with the ability to\nbypass file permissions on the remote host (for the user's X11 authorization\ndatabase) can access the local X11 display through the forwarded connection. An\nattacker may then be able to perform activities such as keystroke monitoring if\nthe ForwardX11Trusted option is also enabled.\n\n    If X11 services are not required for the system's intended function, they\nshould be disabled or restricted as appropriate to the system’s needs.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The security risk of using X11 forwarding is that the client's X11\ndisplay server may be exposed to attack when the SSH client requests\nforwarding.  A system administrator may have a stance in which they want to\nprotect clients that may expose themselves to attack by unwittingly requesting\nX11 forwarding, which can warrant a \"no\" setting.\n\n    X11 forwarding should be enabled with caution. Users with the ability to\nbypass file permissions on the remote host (for the user's X11 authorization\ndatabase) can access the local X11 display through the forwarded connection. An\nattacker may then be able to perform activities such as keystroke monitoring if\nthe ForwardX11Trusted option is also enabled.\n\n    If X11 services are not required for the system's intended function, they\nshould be disabled or restricted as appropriate to the system’s needs."
+            },
+            {
+              "label": "check",
+              "data": "Verify X11Forwarding is disabled with the following command:\n\n$ sudo grep -ir x11forwarding /etc/ssh/sshd_config* | grep -v \"^#\"\n\nX11Forwarding no\n\nIf the \"X11Forwarding\" keyword is set to \"yes\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement or is missing, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11Forwarding\" keyword and set its value to \"no\" (this file may be named\ndifferently or be in a different location if using a version of SSH that is\nprovided by a third-party vendor):\n\n    X11Forwarding no\n\n    The SSH service must be restarted for changes to take effect:\n\n    $ sudo systemctl restart sshd"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230555",
+            "rid": "SV-230555r858721_rule",
+            "stig_id": "RHEL-08-040340",
+            "fix_id": "F-33199r568412_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230555' do\n  title 'RHEL 8 remote X connections for interactive users must be disabled\nunless to fulfill documented and validated mission requirements.'\n  desc %q(The security risk of using X11 forwarding is that the client's X11\ndisplay server may be exposed to attack when the SSH client requests\nforwarding.  A system administrator may have a stance in which they want to\nprotect clients that may expose themselves to attack by unwittingly requesting\nX11 forwarding, which can warrant a \"no\" setting.\n\n    X11 forwarding should be enabled with caution. Users with the ability to\nbypass file permissions on the remote host (for the user's X11 authorization\ndatabase) can access the local X11 display through the forwarded connection. An\nattacker may then be able to perform activities such as keystroke monitoring if\nthe ForwardX11Trusted option is also enabled.\n\n    If X11 services are not required for the system's intended function, they\nshould be disabled or restricted as appropriate to the system’s needs.)\n  desc 'check', 'Verify X11Forwarding is disabled with the following command:\n\n$ sudo grep -ir x11forwarding /etc/ssh/sshd_config* | grep -v \"^#\"\n\nX11Forwarding no\n\nIf the \"X11Forwarding\" keyword is set to \"yes\" and is not documented with the Information System Security Officer (ISSO) as an operational requirement or is missing, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11Forwarding\" keyword and set its value to \"no\" (this file may be named\ndifferently or be in a different location if using a version of SSH that is\nprovided by a third-party vendor):\n\n    X11Forwarding no\n\n    The SSH service must be restarted for changes to take effect:\n\n    $ sudo systemctl restart sshd'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230555'\n  tag rid: 'SV-230555r858721_rule'\n  tag stig_id: 'RHEL-08-040340'\n  tag fix_id: 'F-33199r568412_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe sshd_config do\n      its('X11Forwarding') { should cmp 'no' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230555.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration X11Forwarding is expected to cmp == \"no\"",
+              "run_time": 0.001396,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230556",
+          "title": "The RHEL 8 SSH daemon must prevent remote hosts from connecting to the\nproxy display.",
+          "desc": "When X11 forwarding is enabled, there may be additional exposure to\nthe server and client displays if the sshd proxy display is configured to\nlisten on the wildcard address.  By default, sshd binds the forwarding server\nto the loopback address and sets the hostname part of the DIPSLAY environment\nvariable to localhost.  This prevents remote hosts from connecting to the proxy\ndisplay.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When X11 forwarding is enabled, there may be additional exposure to\nthe server and client displays if the sshd proxy display is configured to\nlisten on the wildcard address.  By default, sshd binds the forwarding server\nto the loopback address and sets the hostname part of the DIPSLAY environment\nvariable to localhost.  This prevents remote hosts from connecting to the proxy\ndisplay."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH daemon prevents remote hosts from connecting to the proxy display.\n\nCheck the SSH X11UseLocalhost setting with the following command:\n\n# sudo grep -ir x11uselocalhost /etc/ssh/sshd_config*\nX11UseLocalhost yes\n\nIf the \"X11UseLocalhost\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSH daemon to prevent remote hosts from connecting to the\nproxy display.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11UseLocalhost\" keyword and set its value to \"yes\" (this file may be\nnamed differently or be in a different location if using a version of SSH that\nis provided by a third-party vendor):\n\n    X11UseLocalhost yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230556",
+            "rid": "SV-230556r858723_rule",
+            "stig_id": "RHEL-08-040341",
+            "fix_id": "F-33200r568415_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230556' do\n  title 'The RHEL 8 SSH daemon must prevent remote hosts from connecting to the\nproxy display.'\n  desc 'When X11 forwarding is enabled, there may be additional exposure to\nthe server and client displays if the sshd proxy display is configured to\nlisten on the wildcard address.  By default, sshd binds the forwarding server\nto the loopback address and sets the hostname part of the DIPSLAY environment\nvariable to localhost.  This prevents remote hosts from connecting to the proxy\ndisplay.'\n  desc 'check', 'Verify the SSH daemon prevents remote hosts from connecting to the proxy display.\n\nCheck the SSH X11UseLocalhost setting with the following command:\n\n# sudo grep -ir x11uselocalhost /etc/ssh/sshd_config*\nX11UseLocalhost yes\n\nIf the \"X11UseLocalhost\" keyword is set to \"no\", is missing, or is commented out, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to prevent remote hosts from connecting to the\nproxy display.\n\n    Edit the \"/etc/ssh/sshd_config\" file to uncomment or add the line for the\n\"X11UseLocalhost\" keyword and set its value to \"yes\" (this file may be\nnamed differently or be in a different location if using a version of SSH that\nis provided by a third-party vendor):\n\n    X11UseLocalhost yes'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230556'\n  tag rid: 'SV-230556r858723_rule'\n  tag stig_id: 'RHEL-08-040341'\n  tag fix_id: 'F-33200r568415_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if virtualization.system.eql?('docker') && !file('/etc/ssh/sshd_config').exist?\n    impact 0.0\n    describe 'Control not applicable - SSH is not installed within containerized RHEL' do\n      skip 'Control not applicable - SSH is not installed within containerized RHEL'\n    end\n  else\n    describe sshd_config do\n      its('X11UseLocalhost') { should cmp 'yes' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230556.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SSHD Configuration X11UseLocalhost is expected to cmp == \"yes\"",
+              "run_time": 0.000858,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "sshd_config",
+              "resource_params": "[]",
+              "resource_id": "/etc/ssh/sshd_config"
+            }
+          ]
+        },
+        {
+          "id": "SV-230557",
+          "title": "If the Trivial File Transfer Protocol (TFTP) server is required, the\nRHEL 8 TFTP daemon must be configured to operate in secure mode.",
+          "desc": "Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files."
+            },
+            {
+              "label": "check",
+              "data": "Verify the TFTP daemon is configured to operate in secure mode with the\nfollowing commands:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64 x.x-x.el8\n\n    If a TFTP server is not installed, this is Not Applicable.\n\n    If a TFTP server is installed, check for the server arguments with the\nfollowing command:\n\n    $ sudo grep server_args /etc/xinetd.d/tftp\n\n    server_args = -s /var/lib/tftpboot\n\n    If the \"server_args\" line does not have a \"-s\" option, and a\nsubdirectory is not assigned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the TFTP daemon to operate in secure mode by adding the following\nline to \"/etc/xinetd.d/tftp\" (or modify the line to have the required value):\n\n    server_args = -s /var/lib/tftpboot"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230557",
+            "rid": "SV-230557r627750_rule",
+            "stig_id": "RHEL-08-040350",
+            "fix_id": "F-33201r568418_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230557' do\n  title 'If the Trivial File Transfer Protocol (TFTP) server is required, the\nRHEL 8 TFTP daemon must be configured to operate in secure mode.'\n  desc 'Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files.'\n  desc 'check', 'Verify the TFTP daemon is configured to operate in secure mode with the\nfollowing commands:\n\n    $ sudo yum list installed tftp-server\n\n    tftp-server.x86_64 x.x-x.el8\n\n    If a TFTP server is not installed, this is Not Applicable.\n\n    If a TFTP server is installed, check for the server arguments with the\nfollowing command:\n\n    $ sudo grep server_args /etc/xinetd.d/tftp\n\n    server_args = -s /var/lib/tftpboot\n\n    If the \"server_args\" line does not have a \"-s\" option, and a\nsubdirectory is not assigned, this is a finding.'\n  desc 'fix', 'Configure the TFTP daemon to operate in secure mode by adding the following\nline to \"/etc/xinetd.d/tftp\" (or modify the line to have the required value):\n\n    server_args = -s /var/lib/tftpboot'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230557'\n  tag rid: 'SV-230557r627750_rule'\n  tag stig_id: 'RHEL-08-040350'\n  tag fix_id: 'F-33201r568418_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if package('tftp-server').installed?\n    impact 0.5\n    describe command('grep server_args /etc/xinetd.d/tftp') do\n      its('stdout.strip') { should match %r{^\\s*server_args\\s+=\\s+(-s|--secure)\\s(/\\S+)$} }\n    end\n  else\n    impact 0.0\n    describe 'The TFTP package is not installed' do\n      skip 'If a TFTP server is not installed, this is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230557.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The TFTP package is not installed",
+              "run_time": 1.1e-05,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource": "",
+              "skip_message": "If a TFTP server is not installed, this is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The TFTP package is not installed"
+            }
+          ]
+        },
+        {
+          "id": "SV-230558",
+          "title": "A File Transfer Protocol (FTP) server package must not be installed\nunless mission essential on RHEL 8.",
+          "desc": "The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service."
+            },
+            {
+              "label": "check",
+              "data": "Verify an FTP server has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed *ftpd*\n\n    vsftpd.x86_64\n3.0.3-28.el8                                                  appstream\n\n    If an FTP server is installed and is not documented with the Information\nSystem Security Officer (ISSO) as an operational requirement, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the FTP server package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove vsftpd"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230558",
+            "rid": "SV-230558r627750_rule",
+            "stig_id": "RHEL-08-040360",
+            "fix_id": "F-33202r568421_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230558' do\n  title 'A File Transfer Protocol (FTP) server package must not be installed\nunless mission essential on RHEL 8.'\n  desc 'The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service.'\n  desc 'check', 'Verify an FTP server has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed *ftpd*\n\n    vsftpd.x86_64\n3.0.3-28.el8                                                  appstream\n\n    If an FTP server is installed and is not documented with the Information\nSystem Security Officer (ISSO) as an operational requirement, this is a finding.'\n  desc 'fix', 'Document the FTP server package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove vsftpd'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230558'\n  tag rid: 'SV-230558r627750_rule'\n  tag stig_id: 'RHEL-08-040360'\n  tag fix_id: 'F-33202r568421_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('vsftpd') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230558.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package vsftpd is expected not to be installed",
+              "run_time": 0.193907,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"vsftpd\"]",
+              "resource_id": "vsftpd"
+            }
+          ]
+        },
+        {
+          "id": "SV-230559",
+          "title": "The gssproxy package must not be installed unless mission essential on\nRHEL 8.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The gssproxy package is a proxy for GSS API credential handling and could\nexpose secrets on some networks. It is not needed for normal function of the OS.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The gssproxy package is a proxy for GSS API credential handling and could\nexpose secrets on some networks. It is not needed for normal function of the OS."
+            },
+            {
+              "label": "check",
+              "data": "Verify the gssproxy package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed gssproxy\n\n    gssproxy.x86_64\n0.8.0-14.el8                                                  @anaconda\n\n    If the gssproxy package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the gssproxy package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove gssproxy"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230559",
+            "rid": "SV-230559r646887_rule",
+            "stig_id": "RHEL-08-040370",
+            "fix_id": "F-33203r568424_fix",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'SV-230559' do\n  title 'The gssproxy package must not be installed unless mission essential on\nRHEL 8.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The gssproxy package is a proxy for GSS API credential handling and could\nexpose secrets on some networks. It is not needed for normal function of the OS.'\n  desc 'check', 'Verify the gssproxy package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed gssproxy\n\n    gssproxy.x86_64\n0.8.0-14.el8                                                  @anaconda\n\n    If the gssproxy package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the gssproxy package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove gssproxy'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230559'\n  tag rid: 'SV-230559r646887_rule'\n  tag stig_id: 'RHEL-08-040370'\n  tag fix_id: 'F-33203r568424_fix'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe package('gssproxy') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230559.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package gssproxy is expected not to be installed",
+              "run_time": 0.133366,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"gssproxy\"]",
+              "resource_id": "gssproxy"
+            }
+          ]
+        },
+        {
+          "id": "SV-230560",
+          "title": "The iprutils package must not be installed unless mission essential on\nRHEL 8.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The iprutils package provides a suite of utilities to manage and configure\nSCSI devices supported by the ipr SCSI storage device driver.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The iprutils package provides a suite of utilities to manage and configure\nSCSI devices supported by the ipr SCSI storage device driver."
+            },
+            {
+              "label": "check",
+              "data": "Verify the iprutils package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed iprutils\n\n    iprutils.x86_64\n2.4.18.1-1.el8                                                  @anaconda\n\n    If the iprutils package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the iprutils package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove iprutils"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230560",
+            "rid": "SV-230560r627750_rule",
+            "stig_id": "RHEL-08-040380",
+            "fix_id": "F-33204r568427_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230560' do\n  title 'The iprutils package must not be installed unless mission essential on\nRHEL 8.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The iprutils package provides a suite of utilities to manage and configure\nSCSI devices supported by the ipr SCSI storage device driver.'\n  desc 'check', 'Verify the iprutils package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed iprutils\n\n    iprutils.x86_64\n2.4.18.1-1.el8                                                  @anaconda\n\n    If the iprutils package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the iprutils package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    $ sudo yum remove iprutils'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230560'\n  tag rid: 'SV-230560r627750_rule'\n  tag stig_id: 'RHEL-08-040380'\n  tag fix_id: 'F-33204r568427_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('iprutils') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230560.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package iprutils is expected not to be installed",
+              "run_time": 0.12975,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"iprutils\"]",
+              "resource_id": "iprutils"
+            }
+          ]
+        },
+        {
+          "id": "SV-230561",
+          "title": "The tuned package must not be installed unless mission essential on\nRHEL 8.",
+          "desc": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The tuned package contains a daemon that tunes the system settings\ndynamically. It does so by monitoring the usage of several system components\nperiodically. Based on that information, components will then be put into lower\nor higher power savings modes to adapt to the current usage. The tuned package\nis not needed for normal OS operations.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The tuned package contains a daemon that tunes the system settings\ndynamically. It does so by monitoring the usage of several system components\nperiodically. Based on that information, components will then be put into lower\nor higher power savings modes to adapt to the current usage. The tuned package\nis not needed for normal OS operations."
+            },
+            {
+              "label": "check",
+              "data": "Verify the tuned package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed tuned\n\n    tuned.noarch\n2.12.0-3.el8                                                  @anaconda\n\n    If the tuned package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the tuned package with the ISSO as an operational requirement or\nremove it from the system with the following command:\n\n    $ sudo yum remove tuned"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-230561",
+            "rid": "SV-230561r627750_rule",
+            "stig_id": "RHEL-08-040390",
+            "fix_id": "F-33205r568430_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-230561' do\n  title 'The tuned package must not be installed unless mission essential on\nRHEL 8.'\n  desc 'It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The tuned package contains a daemon that tunes the system settings\ndynamically. It does so by monitoring the usage of several system components\nperiodically. Based on that information, components will then be put into lower\nor higher power savings modes to adapt to the current usage. The tuned package\nis not needed for normal OS operations.'\n  desc 'check', 'Verify the tuned package has not been installed on the system with the\nfollowing commands:\n\n    $ sudo yum list installed tuned\n\n    tuned.noarch\n2.12.0-3.el8                                                  @anaconda\n\n    If the tuned package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the tuned package with the ISSO as an operational requirement or\nremove it from the system with the following command:\n\n    $ sudo yum remove tuned'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-230561'\n  tag rid: 'SV-230561r627750_rule'\n  tag stig_id: 'RHEL-08-040390'\n  tag fix_id: 'F-33205r568430_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe package('tuned') do\n    it { should_not be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-230561.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package tuned is expected not to be installed",
+              "run_time": 0.126853,
+              "start_time": "2024-01-09T19:41:02-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"tuned\"]",
+              "resource_id": "tuned"
+            }
+          ]
+        },
+        {
+          "id": "SV-237640",
+          "title": "The krb5-server package must not be installed on RHEL 8.",
+          "desc": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the krb5-server package has not been installed on the system with\nthe following commands:\n\n    If the system is a workstation or is utilizing\nkrb5-server-1.17-18.el8.x86_64 or newer, this is Not Applicable\n\n    $ sudo yum list installed krb5-server\n\n    krb5-server.x86_64 1.17-9.el8 repository\n\n    If the krb5-server package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the krb5-server package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-server"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000120-GPOS-00061",
+            "gid": "V-237640",
+            "rid": "SV-237640r646890_rule",
+            "stig_id": "RHEL-08-010163",
+            "fix_id": "F-40822r646889_fix",
+            "cci": [
+              "CCI-000803"
+            ],
+            "nist": [
+              "IA-7"
+            ]
+          },
+          "code": "control 'SV-237640' do\n  title 'The krb5-server package must not be installed on RHEL 8.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    Currently, Kerberos does not utilize FIPS 140-2 cryptography.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify the krb5-server package has not been installed on the system with\nthe following commands:\n\n    If the system is a workstation or is utilizing\nkrb5-server-1.17-18.el8.x86_64 or newer, this is Not Applicable\n\n    $ sudo yum list installed krb5-server\n\n    krb5-server.x86_64 1.17-9.el8 repository\n\n    If the krb5-server package is installed and is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.'\n  desc 'fix', 'Document the krb5-server package with the ISSO as an operational\nrequirement or remove it from the system with the following command:\n\n    $ sudo yum remove krb5-server'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-237640'\n  tag rid: 'SV-237640r646890_rule'\n  tag stig_id: 'RHEL-08-010163'\n  tag fix_id: 'F-40822r646889_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n\n  describe.one do\n    describe package('krb5-server') do\n      it { should_not be_installed }\n    end\n\n    describe package('krb5-server') do\n      its('version') { should cmp >= '1.17-9.el8' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237640.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package krb5-server is expected not to be installed",
+              "run_time": 0.000996,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"krb5-server\"]",
+              "resource_id": "krb5-server"
+            }
+          ]
+        },
+        {
+          "id": "SV-237641",
+          "title": "RHEL 8 must restrict privilege elevation to authorized personnel.",
+          "desc": "The sudo command allows a user to execute programs with elevated\n(administrator) privileges. It prompts the user for their password and confirms\nyour request to execute a command by checking a file, called sudoers. If the\n\"sudoers\" file is not configured correctly, any user defined on the system\ncan initiate privileged actions on the target system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The sudo command allows a user to execute programs with elevated\n(administrator) privileges. It prompts the user for their password and confirms\nyour request to execute a command by checking a file, called sudoers. If the\n\"sudoers\" file is not configured correctly, any user defined on the system\ncan initiate privileged actions on the target system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the \"sudoers\" file restricts sudo access to authorized personnel.\n$ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*\n\nIf the either of the following entries are returned, this is a finding:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL"
+            },
+            {
+              "label": "fix",
+              "data": "Remove the following entries from the sudoers file:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-237641",
+            "rid": "SV-237641r646893_rule",
+            "stig_id": "RHEL-08-010382",
+            "fix_id": "F-40823r646892_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-237641' do\n  title 'RHEL 8 must restrict privilege elevation to authorized personnel.'\n  desc 'The sudo command allows a user to execute programs with elevated\n(administrator) privileges. It prompts the user for their password and confirms\nyour request to execute a command by checking a file, called sudoers. If the\n\"sudoers\" file is not configured correctly, any user defined on the system\ncan initiate privileged actions on the target system.'\n  desc 'check', %q(Verify the \"sudoers\" file restricts sudo access to authorized personnel.\n$ sudo grep -iw 'ALL' /etc/sudoers /etc/sudoers.d/*\n\nIf the either of the following entries are returned, this is a finding:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL)\n  desc 'fix', 'Remove the following entries from the sudoers file:\nALL     ALL=(ALL) ALL\nALL     ALL=(ALL:ALL) ALL'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-237641'\n  tag rid: 'SV-237641r646893_rule'\n  tag stig_id: 'RHEL-08-010382'\n  tag fix_id: 'F-40823r646892_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  sudoers_files = bash('ls -d /etc/sudoers.d/*').stdout.strip.split.append('/etc/sudoers')\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    sudoers_files.each do |file|\n      describe file(file) do\n        its('content') { should_not match(/^ALL\\s*ALL=\\(ALL\\)\\sALL/) }\n        its('content') { should_not match(/^ALL\\s*ALL=\\(ALL:ALL\\)\\sALL/) }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237641.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /etc/sudoers.d/90-cloud-init-users content is expected not to match /^ALL\\s*ALL=\\(ALL\\)\\sALL/",
+              "run_time": 0.000243,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sudoers.d/90-cloud-init-users\"]",
+              "resource_id": "/etc/sudoers.d/90-cloud-init-users"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /etc/sudoers.d/90-cloud-init-users content is expected not to match /^ALL\\s*ALL=\\(ALL:ALL\\)\\sALL/",
+              "run_time": 0.000125,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sudoers.d/90-cloud-init-users\"]",
+              "resource_id": "/etc/sudoers.d/90-cloud-init-users"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /etc/sudoers content is expected not to match /^ALL\\s*ALL=\\(ALL\\)\\sALL/",
+              "run_time": 0.000139,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sudoers\"]",
+              "resource_id": "/etc/sudoers"
+            },
+            {
+              "status": "passed",
+              "code_desc": "File /etc/sudoers content is expected not to match /^ALL\\s*ALL=\\(ALL:ALL\\)\\sALL/",
+              "run_time": 0.000126,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/sudoers\"]",
+              "resource_id": "/etc/sudoers"
+            }
+          ]
+        },
+        {
+          "id": "SV-237642",
+          "title": "RHEL 8 must use the invoking user's password for privilege escalation\nwhen using \"sudo\".",
+          "desc": "The sudoers security policy requires that users authenticate\nthemselves before they can use sudo. When sudoers requires authentication, it\nvalidates the invoking user's credentials. If the rootpw, targetpw, or runaspw\nflags are defined and not disabled, by default the operating system will prompt\nthe invoking user for the \"root\" user password.\n    For more information on each of the listed configurations, reference the\nsudoers(5) manual page.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The sudoers security policy requires that users authenticate\nthemselves before they can use sudo. When sudoers requires authentication, it\nvalidates the invoking user's credentials. If the rootpw, targetpw, or runaspw\nflags are defined and not disabled, by default the operating system will prompt\nthe invoking user for the \"root\" user password.\n    For more information on each of the listed configurations, reference the\nsudoers(5) manual page."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.\n\n     $ sudo grep -Eir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'\n\n     /etc/sudoers:Defaults !targetpw\n     /etc/sudoers:Defaults !rootpw\n     /etc/sudoers:Defaults !runaspw\n\nIf conflicting results are returned, this is a finding.\nIf \"Defaults !targetpw\" is not defined, this is a finding.\nIf \"Defaults !rootpw\" is not defined, this is a finding.\nIf \"Defaults !runaspw\" is not defined, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:\n     Defaults !targetpw\n     Defaults !rootpw\n     Defaults !runaspw\n\nRemove any configurations that conflict with the above from the following locations:\n     /etc/sudoers\n     /etc/sudoers.d/"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-237642",
+            "rid": "SV-237642r880727_rule",
+            "stig_id": "RHEL-08-010383",
+            "fix_id": "F-40824r880726_fix",
+            "cci": [
+              "CCI-002227"
+            ],
+            "nist": [
+              "AC-6 (5)"
+            ]
+          },
+          "code": "control 'SV-237642' do\n  title %q(RHEL 8 must use the invoking user's password for privilege escalation\nwhen using \"sudo\".)\n  desc %q(The sudoers security policy requires that users authenticate\nthemselves before they can use sudo. When sudoers requires authentication, it\nvalidates the invoking user's credentials. If the rootpw, targetpw, or runaspw\nflags are defined and not disabled, by default the operating system will prompt\nthe invoking user for the \"root\" user password.\n    For more information on each of the listed configurations, reference the\nsudoers(5) manual page.)\n  desc 'check', %q(Verify that the sudoers security policy is configured to use the invoking user's password for privilege escalation.\n\n     $ sudo grep -Eir '(rootpw|targetpw|runaspw)' /etc/sudoers /etc/sudoers.d* | grep -v '#'\n\n     /etc/sudoers:Defaults !targetpw\n     /etc/sudoers:Defaults !rootpw\n     /etc/sudoers:Defaults !runaspw\n\nIf conflicting results are returned, this is a finding.\nIf \"Defaults !targetpw\" is not defined, this is a finding.\nIf \"Defaults !rootpw\" is not defined, this is a finding.\nIf \"Defaults !runaspw\" is not defined, this is a finding.)\n  desc 'fix', 'Define the following in the Defaults section of the /etc/sudoers file or a configuration file in the /etc/sudoers.d/ directory:\n     Defaults !targetpw\n     Defaults !rootpw\n     Defaults !runaspw\n\nRemove any configurations that conflict with the above from the following locations:\n     /etc/sudoers\n     /etc/sudoers.d/'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-237642'\n  tag rid: 'SV-237642r880727_rule'\n  tag stig_id: 'RHEL-08-010383'\n  tag fix_id: 'F-40824r880726_fix'\n  tag cci: ['CCI-002227']\n  tag nist: ['AC-6 (5)']\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    describe bash(\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\") do\n      its('stdout') { should match(/^Defaults !targetpw/) }\n      its('stdout') { should match(/^Defaults !rootpw/) }\n      its('stdout') { should match(/^Defaults !runaspw/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237642.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Bash command egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }' stdout is expected to match /^Defaults !targetpw/",
+              "run_time": 0.210655,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"\" to match /^Defaults !targetpw/",
+              "resource_class": "bash",
+              "resource_params": "[\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\"]",
+              "resource_id": "egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Bash command egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }' stdout is expected to match /^Defaults !rootpw/",
+              "run_time": 0.001112,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"\" to match /^Defaults !rootpw/",
+              "resource_class": "bash",
+              "resource_params": "[\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\"]",
+              "resource_id": "egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Bash command egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }' stdout is expected to match /^Defaults !runaspw/",
+              "run_time": 0.00096,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"\" to match /^Defaults !runaspw/",
+              "resource_class": "bash",
+              "resource_params": "[\"egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'\"]",
+              "resource_id": "egrep -i '(!rootpw|!targetpw|!runaspw)' /etc/sudoers /etc/sudoers.d/* | grep -v '#' |  awk -F ':' '{ print $2 }'"
+            }
+          ]
+        },
+        {
+          "id": "SV-237643",
+          "title": "RHEL 8 must require re-authentication when using the \"sudo\" command.",
+          "desc": "Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the organization requires the user to\nre-authenticate when using the \"sudo\" command.\n\n    If the value is set to an integer less than 0, the user's time stamp will\nnot expire and the user will not have to re-authenticate for privileged actions\nuntil the user's session is terminated.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the organization requires the user to\nre-authenticate when using the \"sudo\" command.\n\n    If the value is set to an integer less than 0, the user's time stamp will\nnot expire and the user will not have to re-authenticate for privileged actions\nuntil the user's session is terminated."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system requires re-authentication when using the \"sudo\" command to elevate privileges.\n\n$ sudo grep -ir 'timestamp_timeout' /etc/sudoers /etc/sudoers.d\n/etc/sudoers:Defaults timestamp_timeout=0\n\nIf conflicting results are returned, this is a finding.\n\nIf \"timestamp_timeout\" is set to a negative number, is commented out, or no results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"sudo\" command to require re-authentication.\nEdit the /etc/sudoers file:\n$ sudo visudo\n\nAdd or modify the following line:\nDefaults timestamp_timeout=[value]\nNote: The \"[value]\" must be a number that is greater than or equal to \"0\".\n\nRemove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/ files."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000373-GPOS-00156",
+            "gid": "V-237643",
+            "rid": "SV-237643r861088_rule",
+            "stig_id": "RHEL-08-010384",
+            "fix_id": "F-40825r858763_fix",
+            "cci": [
+              "CCI-002038"
+            ],
+            "nist": [
+              "IA-11"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-237643' do\n  title 'RHEL 8 must require re-authentication when using the \"sudo\" command.'\n  desc %q(Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the organization requires the user to\nre-authenticate when using the \"sudo\" command.\n\n    If the value is set to an integer less than 0, the user's time stamp will\nnot expire and the user will not have to re-authenticate for privileged actions\nuntil the user's session is terminated.)\n  desc 'check', %q(Verify the operating system requires re-authentication when using the \"sudo\" command to elevate privileges.\n\n$ sudo grep -ir 'timestamp_timeout' /etc/sudoers /etc/sudoers.d\n/etc/sudoers:Defaults timestamp_timeout=0\n\nIf conflicting results are returned, this is a finding.\n\nIf \"timestamp_timeout\" is set to a negative number, is commented out, or no results are returned, this is a finding.)\n  desc 'fix', 'Configure the \"sudo\" command to require re-authentication.\nEdit the /etc/sudoers file:\n$ sudo visudo\n\nAdd or modify the following line:\nDefaults timestamp_timeout=[value]\nNote: The \"[value]\" must be a number that is greater than or equal to \"0\".\n\nRemove any duplicate or conflicting lines from /etc/sudoers and /etc/sudoers.d/ files.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag gid: 'V-237643'\n  tag rid: 'SV-237643r861088_rule'\n  tag stig_id: 'RHEL-08-010384'\n  tag fix_id: 'F-40825r858763_fix'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n  tag 'host', 'container-conditional'\n\n  sudoers_config_files = input('sudoers_config_files').map(&:strip).join(' ')\n  sudo_configs = command(\"cat #{sudoers_config_files}\").stdout\n\n  sudo_config_data = parse_config(sudo_configs).params\n\n  setting = 'timestamp_timeout'\n  value = 0\n\n  sudo_config_hash = Hashie::Mash.new\n  sudo_config_data.each do |k, v|\n    if k.start_with?('Defaults')\n      key_parts = k.split('   ', 2) # split by three spaces\n      sudo_config_hash.Defaults ||= Hashie::Mash.new\n      sudo_config_hash.Defaults[key_parts[1].strip] = v\n    else\n      key_parts = k.split(\"\\t\") # split by tab character\n      sudo_config_hash[key_parts[0]] ||= Hashie::Mash.new\n      sudo_config_hash[key_parts[0]][key_parts[1]] = v\n    end\n  end\n\n  impact 0.0 if virtualization.system.eql?('docker') && !command('sudo').exist?\n\n  describe 'The Sudo Configuration' do\n    if virtualization.system.eql?('docker') && !command('sudo').exist?\n      it 'This requirement is Not Applicable since `sudo` not installed in the container.' do\n        skip 'This requirement is Not Applicable since `sudo` not installed in the container.'\n      end\n    else\n      it 'has a configured non-negative Default timestamp_timeout value' do\n        expect(sudo_config_hash.Defaults[setting]).to be >= 0, \"The Default #{setting} setting is not present or incorrectly configured. Please ensure #{setting} present and is not negative.\"\n      end\n      it 'has the correct Default timestamp_timeout setting' do\n        expect(sudo_config_hash.Defaults[setting.to_s]).to eq(0), \"The Default #{setting} setting is not present or incorrectly configured. Please ensure #{setting} is set to #{value}.\"\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-237643.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "The Sudo Configuration has a configured non-negative Default timestamp_timeout value",
+              "run_time": 0.000128,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "The Default timestamp_timeout setting is not present or incorrectly configured. Please ensure timestamp_timeout present and is not negative.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The Sudo Configuration"
+            },
+            {
+              "status": "failed",
+              "code_desc": "The Sudo Configuration has the correct Default timestamp_timeout setting",
+              "run_time": 7.3e-05,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "The Default timestamp_timeout setting is not present or incorrectly configured. Please ensure timestamp_timeout is set to 0.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The Sudo Configuration"
+            }
+          ]
+        },
+        {
+          "id": "SV-244519",
+          "title": "RHEL 8 must display a banner before granting local or remote access to\nthe system via a graphical user logon.",
+          "desc": "Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 displays a banner before granting access to the operating\nsystem via a graphical user logon.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check to see if the operating system displays a banner at the logon screen\nwith the following command:\n\n    $ sudo grep banner-message-enable /etc/dconf/db/local.d/*\n\n    banner-message-enable=true\n\n    If \"banner-message-enable\" is set to \"false\" or is missing, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to display a banner before granting access\nto the system.\n\n    Note: If the system does not have a graphical user interface installed,\nthis requirement is Not Applicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following lines to the [org/gnome/login-screen] section of the\n\"/etc/dconf/db/local.d/01-banner-message\":\n\n    [org/gnome/login-screen]\n\n    banner-message-enable=true\n\n    Run the following command to update the database:\n\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "satisfies": [
+              "SRG-OS-000023-GPOS-00006",
+              "SRG-OS-000228-GPOS-00088"
+            ],
+            "gid": "V-244519",
+            "rid": "SV-244519r743806_rule",
+            "stig_id": "RHEL-08-010049",
+            "fix_id": "F-47751r743805_fix",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244519' do\n  title \"RHEL 8 must display a banner before granting local or remote access to\nthe system via a graphical user logon.\"\n  desc \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\"\n  desc 'check', 'Verify RHEL 8 displays a banner before granting access to the operating\nsystem via a graphical user logon.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Check to see if the operating system displays a banner at the logon screen\nwith the following command:\n\n    $ sudo grep banner-message-enable /etc/dconf/db/local.d/*\n\n    banner-message-enable=true\n\n    If \"banner-message-enable\" is set to \"false\" or is missing, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to display a banner before granting access\nto the system.\n\n    Note: If the system does not have a graphical user interface installed,\nthis requirement is Not Applicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    $ sudo touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following lines to the [org/gnome/login-screen] section of the\n\"/etc/dconf/db/local.d/01-banner-message\":\n\n    [org/gnome/login-screen]\n\n    banner-message-enable=true\n\n    Run the following command to update the database:\n\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-GPOS-00006'\n  tag satisfies: ['SRG-OS-000023-GPOS-00006', 'SRG-OS-000228-GPOS-00088']\n  tag gid: 'V-244519'\n  tag rid: 'SV-244519r743806_rule'\n  tag stig_id: 'RHEL-08-010049'\n  tag fix_id: 'F-47751r743805_fix'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI Desktop is installed, this control is Not Applicable' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('grep ^banner-message-enable /etc/dconf/db/local.d/*') do\n      its('stdout.strip') { should cmp 'banner-message-enable=true' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244519.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have a GUI Desktop is installed, this control is Not Applicable",
+              "run_time": 9.0e-06,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "A GUI desktop is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have a GUI Desktop is installed, this control is Not Applicable"
+            }
+          ]
+        },
+        {
+          "id": "SV-244521",
+          "title": "RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require a unique superusers name upon booting into\nsingle-user mode and maintenance.",
+          "desc": "If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc."
+            },
+            {
+              "label": "check",
+              "data": "For systems that use BIOS, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/efi/EFI/redhat/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "gid": "V-244521",
+            "rid": "SV-244521r792982_rule",
+            "stig_id": "RHEL-08-010141",
+            "fix_id": "F-47753r743811_fix",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244521' do\n  title 'RHEL 8 operating systems booted with United Extensible Firmware\nInterface (UEFI) must require a unique superusers name upon booting into\nsingle-user mode and maintenance.'\n  desc 'If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.'\n  desc 'check', 'For systems that use BIOS, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/efi/EFI/redhat/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding.'\n  desc 'fix', 'Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-244521'\n  tag rid: 'SV-244521r792982_rule'\n  tag stig_id: 'RHEL-08-010141'\n  tag fix_id: 'F-47753r743811_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if file('/sys/firmware/efi').exist?\n    describe parse_config_file(input('grub_uefi_main_cfg')) do\n      its('set superusers') { should cmp '\"root\"' }\n    end\n  else\n    impact 0.0\n    describe 'System running BIOS' do\n      skip 'The System is running BIOS, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244521.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "System running BIOS",
+              "run_time": 3.0e-06,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "The System is running BIOS, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System running BIOS"
+            }
+          ]
+        },
+        {
+          "id": "SV-244522",
+          "title": "RHEL 8 operating systems booted with a BIOS must require  a unique superusers name upon booting into single-user and maintenance modes.",
+          "desc": "If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc."
+            },
+            {
+              "label": "check",
+              "data": "For systems that use UEFI, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/grub2/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "gid": "V-244522",
+            "rid": "SV-244522r792984_rule",
+            "stig_id": "RHEL-08-010149",
+            "fix_id": "F-47754r743814_fix",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244522' do\n  title 'RHEL 8 operating systems booted with a BIOS must require  a unique superusers name upon booting into single-user and maintenance modes.'\n  desc 'If the system does not require valid authentication before it boots into single-user or maintenance mode, anyone who invokes single-user or maintenance mode is granted privileged access to all files on the system. GRUB 2 is the default boot loader for RHEL 8 and is designed to require a password to boot into single-user mode or make modifications to the boot menu.\n\nThe GRUB 2 superuser account is an account of last resort. Establishing a unique username for this account hardens the boot loader against brute force attacks. Due to the nature of the superuser account database being distinct from the OS account database, this allows the use of a username that is not among those within the OS account database. Examples of non-unique superusers names are root, superuser, unlock, etc.'\n  desc 'check', 'For systems that use UEFI, this is Not Applicable.\n\nVerify that a unique name is set as the \"superusers\" account:\n\n$ sudo grep -iw \"superusers\" /boot/grub2/grub.cfg\nset superusers=\"[someuniquestringhere]\"\nexport superusers\n\nIf \"superusers\" is identical to any OS account name or is missing a name, this is a finding.'\n  desc 'fix', 'Configure the system to have a unique name for the grub superusers account.\n\nEdit the /etc/grub.d/01_users file and add or modify the following lines:\n\nset superusers=\"[someuniquestringhere]\"\nexport superusers\npassword_pbkdf2 [someuniquestringhere] ${GRUB2_PASSWORD}\n\nGenerate a new grub.cfg file with the following command:\n\n$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-244522'\n  tag rid: 'SV-244522r792984_rule'\n  tag stig_id: 'RHEL-08-010149'\n  tag fix_id: 'F-47754r743814_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe 'System running UEFI' do\n      skip 'The System is running UEFI, this control is Not Applicable.'\n    end\n  else\n    describe parse_config_file(input('grub_main_cfg')) do\n      its('set superusers') { should_not be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244522.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /boot/grub2/grub.cfg set superusers is expected not to be empty",
+              "run_time": 0.004265,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected nil to respond to `empty?`",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/boot/grub2/grub.cfg\"]",
+              "resource_id": "/boot/grub2/grub.cfg"
+            }
+          ]
+        },
+        {
+          "id": "SV-244523",
+          "title": "RHEL 8 operating systems must require authentication upon booting into\nemergency mode.",
+          "desc": "If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system."
+            },
+            {
+              "label": "check",
+              "data": "Check to see if the system requires authentication for emergency mode with\nthe following command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/emergency.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell emergency\", commented out, or\nmissing, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system to require authentication upon booting into emergency\nmode by adding the following line to the\n\"/usr/lib/systemd/system/emergency.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "gid": "V-244523",
+            "rid": "SV-244523r743818_rule",
+            "stig_id": "RHEL-08-010152",
+            "fix_id": "F-47755r743817_fix",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244523' do\n  title 'RHEL 8 operating systems must require authentication upon booting into\nemergency mode.'\n  desc 'If the system does not require valid root authentication before it\nboots into emergency or rescue mode, anyone who invokes emergency or rescue\nmode is granted privileged access to all files on the system.'\n  desc 'check', 'Check to see if the system requires authentication for emergency mode with\nthe following command:\n\n    $ sudo grep sulogin-shell /usr/lib/systemd/system/emergency.service\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency\n\n    If the \"ExecStart\" line is configured for anything other than\n\"/usr/lib/systemd/systemd-sulogin-shell emergency\", commented out, or\nmissing, this is a finding.'\n  desc 'fix', 'Configure the system to require authentication upon booting into emergency\nmode by adding the following line to the\n\"/usr/lib/systemd/system/emergency.service\" file.\n\n    ExecStart=-/usr/lib/systemd/systemd-sulogin-shell emergency'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000080-GPOS-00048'\n  tag gid: 'V-244523'\n  tag rid: 'SV-244523r743818_rule'\n  tag stig_id: 'RHEL-08-010152'\n  tag fix_id: 'F-47755r743817_fix'\n  tag cci: ['CCI-000213']\n  tag nist: ['AC-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe service('emergency') do\n    its('params.ExecStart') { should include '/usr/lib/systemd/systemd-sulogin-shell emergency' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244523.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Service emergency params.ExecStart is expected to include \"/usr/lib/systemd/systemd-sulogin-shell emergency\"",
+              "run_time": 0.509036,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"emergency\"]",
+              "resource_id": "emergency"
+            }
+          ]
+        },
+        {
+          "id": "SV-244524",
+          "title": "The RHEL 8 pam_unix.so module must be configured in the system-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.",
+          "desc": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system."
+            },
+            {
+              "label": "check",
+              "data": "Verify that pam_unix.so module is configured to use sha512.\n\nCheck that pam_unix.so module is configured to use sha512 in /etc/pam.d/system-auth with the following command:\n\n$ sudo grep password /etc/pam.d/system-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/system-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000120-GPOS-00061",
+            "gid": "V-244524",
+            "rid": "SV-244524r809331_rule",
+            "stig_id": "RHEL-08-010159",
+            "fix_id": "F-47756r809330_fix",
+            "cci": [
+              "CCI-000803"
+            ],
+            "nist": [
+              "IA-7"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-244524' do\n  title 'The RHEL 8 pam_unix.so module must be configured in the system-auth\nfile to use a FIPS 140-2 approved cryptographic hashing algorithm for system\nauthentication.'\n  desc 'Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    RHEL 8 systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral-purpose computing system.'\n  desc 'check', 'Verify that pam_unix.so module is configured to use sha512.\n\nCheck that pam_unix.so module is configured to use sha512 in /etc/pam.d/system-auth with the following command:\n\n$ sudo grep password /etc/pam.d/system-auth | grep pam_unix\n\npassword sufficient pam_unix.so sha512\n\nIf \"sha512\" is missing, or is commented out, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication.\n\nEdit/modify the following line in the \"/etc/pam.d/system-auth\" file to include the sha512 option for pam_unix.so:\n\npassword sufficient pam_unix.so sha512'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000120-GPOS-00061'\n  tag gid: 'V-244524'\n  tag rid: 'SV-244524r809331_rule'\n  tag stig_id: 'RHEL-08-010159'\n  tag fix_id: 'F-47756r809330_fix'\n  tag cci: ['CCI-000803']\n  tag nist: ['IA-7']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('password sufficient pam_unix.so sha512') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244524.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include password sufficient pam_unix.so sha512",
+              "run_time": 0.000894,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-244525",
+          "title": "RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.",
+          "desc": "Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\nTerminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean that the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\nRHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\nTerminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean that the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\nRHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH server automatically terminates a user session after the SSH client has been unresponsive for 10 minutes.\n\nCheck that the \"ClientAliveInterval\" variable is set to a value of \"600\" or less by performing the following command:\n\n     $ sudo grep -ir clientaliveinterval /etc/ssh/sshd_config*\n\n     ClientAliveInterval 600\n\nIf \"ClientAliveInterval\" does not exist, does not have a value of \"600\" or less in \"/etc/ssh/sshd_config\" or is commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Note: This setting must be applied in conjunction with RHEL-08-010200 to function correctly.\n\nConfigure the SSH server to terminate a user session automatically after the SSH client has been unresponsive for 10 minutes.\n\nModify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n     ClientAliveInterval 600\n\nFor the changes to take effect, the SSH daemon must be restarted.\n\n     $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-GPOS-00072",
+            "satisfies": [
+              "SRG-OS-000163-GPOS-00072",
+              "SRG-OS-000126-GPOS-00066",
+              "SRG-OS-000279-GPOS-00109"
+            ],
+            "gid": "V-244525",
+            "rid": "SV-244525r917886_rule",
+            "stig_id": "RHEL-08-010201",
+            "fix_id": "F-47757r917885_fix",
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-244525' do\n  title 'RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive.'\n  desc 'Terminating an unresponsive SSH session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle SSH session will also free up resources committed by the managed network element.\n\nTerminating network connections associated with communications sessions includes, for example, deallocating associated TCP/IP address/port pairs at the operating system level and deallocating networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. This does not mean that the operating system terminates all sessions or network access; it only ends the unresponsive session and releases the resources associated with that session.\n\nRHEL 8 uses /etc/ssh/sshd_config for configurations of OpenSSH. Within the sshd_config, the product of the values of \"ClientAliveInterval\" and \"ClientAliveCountMax\" is used to establish the inactivity threshold. The \"ClientAliveInterval\" is a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The \"ClientAliveCountMax\" is the number of client alive messages that may be sent without sshd receiving any messages back from the client. If this threshold is met, sshd will disconnect the client. For more information on these settings and others, refer to the sshd_config man pages.'\n  desc 'check', 'Verify the SSH server automatically terminates a user session after the SSH client has been unresponsive for 10 minutes.\n\nCheck that the \"ClientAliveInterval\" variable is set to a value of \"600\" or less by performing the following command:\n\n     $ sudo grep -ir clientaliveinterval /etc/ssh/sshd_config*\n\n     ClientAliveInterval 600\n\nIf \"ClientAliveInterval\" does not exist, does not have a value of \"600\" or less in \"/etc/ssh/sshd_config\" or is commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Note: This setting must be applied in conjunction with RHEL-08-010200 to function correctly.\n\nConfigure the SSH server to terminate a user session automatically after the SSH client has been unresponsive for 10 minutes.\n\nModify or append the following lines in the \"/etc/ssh/sshd_config\" file:\n\n     ClientAliveInterval 600\n\nFor the changes to take effect, the SSH daemon must be restarted.\n\n     $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-GPOS-00072'\n  tag satisfies: ['SRG-OS-000163-GPOS-00072', 'SRG-OS-000126-GPOS-00066', 'SRG-OS-000279-GPOS-00109']\n  tag gid: 'V-244525'\n  tag rid: 'SV-244525r917886_rule'\n  tag stig_id: 'RHEL-08-010201'\n  tag fix_id: 'F-47757r917885_fix'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  setting = 'ClientAliveInterval'\n  gssapi_authentication = input('sshd_config_values')\n  value = gssapi_authentication[setting]\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'the OpenSSH Server is not installed' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'The OpenSSH Server configuration' do\n      it \"has the correct #{setting} configuration\" do\n        expect(sshd_config.params[setting.downcase]).to cmp(value), \"The #{setting} setting in the SSHD config is not correct. Please ensure it set to '#{value}'.\"\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244525.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The OpenSSH Server configuration has the correct ClientAliveInterval configuration",
+              "run_time": 0.001322,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The OpenSSH Server configuration"
+            }
+          ]
+        },
+        {
+          "id": "SV-244526",
+          "title": "The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.",
+          "desc": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/ directory.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/ directory."
+            },
+            {
+              "label": "check",
+              "data": "Verify that system-wide crypto policies are in effect:\n\n$ sudo grep CRYPTO_POLICY /etc/sysconfig/sshd\n\n# CRYPTO_POLICY=\n\nIf the \"CRYPTO_POLICY \" is uncommented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the RHEL 8 SSH daemon to use system-wide crypto policies by adding the following line to /etc/sysconfig/sshd:\n\n# CRYPTO_POLICY=\n\nA reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "satisfies": [
+              "SRG-OS-000250-GPOS-00093",
+              "SRG-OS-000393-GPOS-00173",
+              "SRG-OS-000394-GPOS-00174",
+              "SRG-OS-000125-GPOS-00065"
+            ],
+            "gid": "V-244526",
+            "rid": "SV-244526r877394_rule",
+            "stig_id": "RHEL-08-010287",
+            "fix_id": "F-47758r809333_fix",
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-244526' do\n  title 'The RHEL 8 SSH daemon must be configured to use system-wide crypto policies.'\n  desc \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Remote access (e.g., RDP) is access to DoD nonpublic information systems by\nan authorized user (or an information system) communicating through an\nexternal, non-organization-controlled network. Remote access methods include,\nfor example, dial-up, broadband, and wireless.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the secret key used to generate the hash.\n\n    RHEL 8 incorporates system-wide crypto policies by default. The SSH\nconfiguration file has no effect on the ciphers, MACs, or algorithms unless\nspecifically defined in the /etc/sysconfig/sshd file. The employed algorithms\ncan be viewed in the /etc/crypto-policies/back-ends/ directory.\"\n  desc 'check', 'Verify that system-wide crypto policies are in effect:\n\n$ sudo grep CRYPTO_POLICY /etc/sysconfig/sshd\n\n# CRYPTO_POLICY=\n\nIf the \"CRYPTO_POLICY \" is uncommented, this is a finding.'\n  desc 'fix', \"Configure the RHEL 8 SSH daemon to use system-wide crypto policies by adding the following line to /etc/sysconfig/sshd:\n\n# CRYPTO_POLICY=\n\nA reboot is required for the changes to take effect.\"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag satisfies: ['SRG-OS-000250-GPOS-00093', 'SRG-OS-000393-GPOS-00173', 'SRG-OS-000394-GPOS-00174', 'SRG-OS-000125-GPOS-00065']\n  tag gid: 'V-244526'\n  tag rid: 'SV-244526r877394_rule'\n  tag stig_id: 'RHEL-08-010287'\n  tag fix_id: 'F-47758r809333_fix'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'the OpenSSH Server is not installed' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'The system' do\n      it 'does not have a CRYPTO_POLICY setting configured' do\n        expect(parse_config_file('/etc/sysconfig/sshd').params['CRYPTO_POLICY']).to be_nil, 'The CRYPTO_POLICY setting in the /etc/sysconfig/sshd should not be present. Please ensure it is commented out.'\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244526.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The system does not have a CRYPTO_POLICY setting configured",
+              "run_time": 0.000299,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system"
+            }
+          ]
+        },
+        {
+          "id": "SV-244527",
+          "title": "RHEL 8 must have the packages required to use the hardware random\nnumber generator entropy gatherer service.",
+          "desc": "The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The rngd service feeds random data from hardware device to kernel random\ndevice. Quality (non-predictable) random number generation is important for\nseveral security functions (i.e., ciphers).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The rngd service feeds random data from hardware device to kernel random\ndevice. Quality (non-predictable) random number generation is important for\nseveral security functions (i.e., ciphers)."
+            },
+            {
+              "label": "check",
+              "data": "Check that RHEL 8 has the packages required to enabled the hardware random\nnumber generator entropy gatherer service with the following command:\n\n    $ sudo yum list installed rng-tools\n\n    rng-tools.x86_64                       6.8-3.el8\n@anaconda\n\n    If the \"rng-tools\" package is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install the packages required to enabled the hardware random number\ngenerator entropy gatherer service with the following command:\n\n    $ sudo yum install rng-tools"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244527",
+            "rid": "SV-244527r743830_rule",
+            "stig_id": "RHEL-08-010472",
+            "fix_id": "F-47759r743829_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244527' do\n  title 'RHEL 8 must have the packages required to use the hardware random\nnumber generator entropy gatherer service.'\n  desc 'The most important characteristic of a random number generator is its\nrandomness, namely its ability to deliver random numbers that are impossible to\npredict.  Entropy in computer security is associated with the unpredictability\nof a source of randomness.  The random source with high entropy tends to\nachieve a uniform distribution of random values.  Random number generators are\none of the most important building blocks of cryptosystems.\n\n    The rngd service feeds random data from hardware device to kernel random\ndevice. Quality (non-predictable) random number generation is important for\nseveral security functions (i.e., ciphers).'\n  desc 'check', 'Check that RHEL 8 has the packages required to enabled the hardware random\nnumber generator entropy gatherer service with the following command:\n\n    $ sudo yum list installed rng-tools\n\n    rng-tools.x86_64                       6.8-3.el8\n@anaconda\n\n    If the \"rng-tools\" package is not installed, this is a finding.'\n  desc 'fix', 'Install the packages required to enabled the hardware random number\ngenerator entropy gatherer service with the following command:\n\n    $ sudo yum install rng-tools'\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244527'\n  tag rid: 'SV-244527r743830_rule'\n  tag stig_id: 'RHEL-08-010472'\n  tag fix_id: 'F-47759r743829_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe package('rng-tools') do\n    it { should be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244527.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package rng-tools is expected to be installed",
+              "run_time": 0.126433,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"rng-tools\"]",
+              "resource_id": "rng-tools"
+            }
+          ]
+        },
+        {
+          "id": "SV-244528",
+          "title": "The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.",
+          "desc": "Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere."
+            },
+            {
+              "label": "check",
+              "data": "Verify the SSH daemon does not allow GSSAPI authentication with the following command:\n\n$ sudo grep -ir GSSAPIAuthentication  /etc/ssh/sshd_config*\n\nGSSAPIAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSH daemon to not allow GSSAPI authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    GSSAPIAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244528",
+            "rid": "SV-244528r858709_rule",
+            "stig_id": "RHEL-08-010522",
+            "fix_id": "F-47760r743832_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-244528' do\n  title 'The RHEL 8 SSH daemon must not allow GSSAPI authentication, except to fulfill documented and validated mission requirements.'\n  desc \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc 'check', 'Verify the SSH daemon does not allow GSSAPI authentication with the following command:\n\n$ sudo grep -ir GSSAPIAuthentication  /etc/ssh/sshd_config*\n\nGSSAPIAuthentication no\n\nIf the value is returned as \"yes\", the returned line is commented out, no output is returned, or has not been documented with the ISSO, this is a finding.\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure the SSH daemon to not allow GSSAPI authentication.\n\n    Add the following line in \"/etc/ssh/sshd_config\", or uncomment the line\nand set the value to \"no\":\n\n    GSSAPIAuthentication no\n\n    The SSH daemon must be restarted for the changes to take effect. To restart\nthe SSH daemon, run the following command:\n\n    $ sudo systemctl restart sshd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244528'\n  tag rid: 'SV-244528r858709_rule'\n  tag stig_id: 'RHEL-08-010522'\n  tag fix_id: 'F-47760r743832_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  setting = 'GSSAPIAuthentication'\n  gssapi_authentication = input('sshd_config_values')\n  value = gssapi_authentication[setting]\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'the OpenSSH Server is not installed' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'The OpenSSH Server configuration' do\n      it \"has the correct #{setting} configuration\" do\n        expect(sshd_config.params[setting.downcase]).to cmp(value), \"The #{setting} setting in the SSHD config is not correct. Please ensure it set to '#{value}'.\"\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244528.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "The OpenSSH Server configuration has the correct GSSAPIAuthentication configuration",
+              "run_time": 0.001514,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The OpenSSH Server configuration"
+            }
+          ]
+        },
+        {
+          "id": "SV-244529",
+          "title": "RHEL 8 must use a separate file system for /var/tmp.",
+          "desc": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing."
+            },
+            {
+              "label": "check",
+              "data": "Verify that a separate file system has been created for \"/var/tmp\".\n\nCheck that a file system has been created for \"/var/tmp\" with the following command:\n\n     $ sudo grep /var/tmp /etc/fstab\n\n     /dev/mapper/...   /var/tmp   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/tmp\" is not in use, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Migrate the \"/var/tmp\" path onto a separate file system."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244529",
+            "rid": "SV-244529r902737_rule",
+            "stig_id": "RHEL-08-010544",
+            "fix_id": "F-47761r743835_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244529' do\n  title 'RHEL 8 must use a separate file system for /var/tmp.'\n  desc 'The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.'\n  desc 'check', 'Verify that a separate file system has been created for \"/var/tmp\".\n\nCheck that a file system has been created for \"/var/tmp\" with the following command:\n\n     $ sudo grep /var/tmp /etc/fstab\n\n     /dev/mapper/...   /var/tmp   xfs   defaults,nodev,noexec,nosuid 0 0\n\nIf a separate entry for \"/var/tmp\" is not in use, this is a finding.'\n  desc 'fix', 'Migrate the \"/var/tmp\" path onto a separate file system.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244529'\n  tag rid: 'SV-244529r902737_rule'\n  tag stig_id: 'RHEL-08-010544'\n  tag fix_id: 'F-47761r743835_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe etc_fstab.where { mount_point == '/var/tmp' } do\n    it { should exist }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244529.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File System Table File (fstab) with mount_point == \"/var/tmp\" is expected to exist",
+              "run_time": 0.000408,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected File System Table File (fstab) with mount_point == \"/var/tmp\" to exist",
+              "resource_class": "FilterTable::Table",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-244530",
+          "title": "RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot/efi directory.",
+          "desc": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access."
+            },
+            {
+              "label": "check",
+              "data": "For systems that use BIOS, this is Not Applicable.\n\nVerify the /boot/efi directory is mounted with the \"nosuid\" option with the following command:\n\n$ sudo mount | grep '\\s/boot/efi\\s'\n\n/dev/sda1 on /boot/efi type vfat (rw,nosuid,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=winnt,errors=remount-ro)\n\nIf the /boot/efi file system does not have the \"nosuid\" option set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot/efi directory."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244530",
+            "rid": "SV-244530r809336_rule",
+            "stig_id": "RHEL-08-010572",
+            "fix_id": "F-47762r743838_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244530' do\n  title 'RHEL 8 must prevent files with the setuid and setgid bit set from\nbeing executed on the /boot/efi directory.'\n  desc 'The \"nosuid\" mount option causes the system not to execute\n\"setuid\" and \"setgid\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \"setuid\" and \"setguid\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.'\n  desc 'check', %q(For systems that use BIOS, this is Not Applicable.\n\nVerify the /boot/efi directory is mounted with the \"nosuid\" option with the following command:\n\n$ sudo mount | grep '\\s/boot/efi\\s'\n\n/dev/sda1 on /boot/efi type vfat (rw,nosuid,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=winnt,errors=remount-ro)\n\nIf the /boot/efi file system does not have the \"nosuid\" option set, this is a finding.)\n  desc 'fix', 'Configure the \"/etc/fstab\" to use the \"nosuid\" option on\nthe /boot/efi directory.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244530'\n  tag rid: 'SV-244530r809336_rule'\n  tag stig_id: 'RHEL-08-010572'\n  tag fix_id: 'F-47762r743838_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if file('/sys/firmware/efi').exist?\n    describe mount('/boot/efi') do\n      it { should be_mounted }\n      its('options') { should include 'nosuid' }\n    end\n  else\n    impact 0.0\n    describe 'System running BIOS' do\n      skip 'The System is running a BIOS, this control is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244530.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "System running BIOS",
+              "run_time": 1.2e-05,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "The System is running a BIOS, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System running BIOS"
+            }
+          ]
+        },
+        {
+          "id": "SV-244531",
+          "title": "All RHEL 8 local interactive user home directory files must have mode\n0750 or less permissive.",
+          "desc": "Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users."
+            },
+            {
+              "label": "check",
+              "data": "Verify all files and directories contained in a local interactive user home\ndirectory, excluding local initialization files, have a mode of \"0750\".\n    Files that begin with a \".\" are excluded from this requirement.\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /home/smithj\n    -rwxr-x--- 1 smithj smithj 18 Mar 5 17:06 file1\n    -rwxr----- 1 smithj smithj 193 Mar 5 17:06 file2\n    -rw-r-x--- 1 smithj smithj 231 Mar 5 17:06 file3\n\n    If any files or directories are found with a mode more permissive than\n\"0750\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Set the mode on files and directories in the local interactive user home\ndirectory with the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chmod 0750 /home/smithj/<file or directory>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244531",
+            "rid": "SV-244531r743842_rule",
+            "stig_id": "RHEL-08-010731",
+            "fix_id": "F-47763r743841_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-244531' do\n  title 'All RHEL 8 local interactive user home directory files must have mode\n0750 or less permissive.'\n  desc 'Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.'\n  desc 'check', 'Verify all files and directories contained in a local interactive user home\ndirectory, excluding local initialization files, have a mode of \"0750\".\n    Files that begin with a \".\" are excluded from this requirement.\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /home/smithj\n    -rwxr-x--- 1 smithj smithj 18 Mar 5 17:06 file1\n    -rwxr----- 1 smithj smithj 193 Mar 5 17:06 file2\n    -rw-r-x--- 1 smithj smithj 231 Mar 5 17:06 file3\n\n    If any files or directories are found with a mode more permissive than\n\"0750\", this is a finding.'\n  desc 'fix', 'Set the mode on files and directories in the local interactive user home\ndirectory with the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chmod 0750 /home/smithj/<file or directory>'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244531'\n  tag rid: 'SV-244531r743842_rule'\n  tag stig_id: 'RHEL-08-010731'\n  tag fix_id: 'F-47763r743841_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  ignore_shells = input('non_interactive_shells').join('|')\n  exempt_home_users = input('exempt_home_users').join('|')\n\n  findings = Set[]\n  users.where { !username.match(exempt_home_users) && !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    findings += command(\"find #{user_info.home} -xdev -not -name '.*' -perm /027 -type f\").stdout.split(\"\\n\")\n  end\n  describe 'All files in the users home directory' do\n    it 'are expected to have permissions 0750 or better' do\n      expect(findings).to be_empty, 'Some files in the users home directory do not have correct permissions. Please ensure all files have permissions 0750 or better.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244531.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "All files in the users home directory are expected to have permissions 0750 or better",
+              "run_time": 0.007209,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All files in the users home directory"
+            }
+          ]
+        },
+        {
+          "id": "SV-244532",
+          "title": "RHEL 8 must be configured so that all files and directories contained\nin local interactive user home directories are group-owned by a group of which\nthe home directory owner is a member.",
+          "desc": "If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them."
+            },
+            {
+              "label": "check",
+              "data": "Verify all files and directories in a local interactive user home directory\nare group-owned by a group that the user is a member.\n\n    Check the group owner of all files and directories in a local interactive\nuser's home directory with the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /<home directory>/<users home directory>/\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3\n\n    If any files found with a group-owner different from the home directory\nuser private group, check to see if the user is a member of that group with the\nfollowing command:\n\n    $ sudo grep smithj /etc/group\n    sa:x:100:juan,shelley,bob,smithj\n    smithj:x:521:smithj\n\n    If any files or directories are group owned by a group that the directory\nowner is not a member of, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Change the group of a local interactive user's files and directories to a\ngroup that the interactive user is a member. To change the group owner of a\nlocal interactive user's files and directories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chgrp smithj /home/smithj/<file or directory>"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244532",
+            "rid": "SV-244532r743845_rule",
+            "stig_id": "RHEL-08-010741",
+            "fix_id": "F-47764r743844_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-244532' do\n  title 'RHEL 8 must be configured so that all files and directories contained\nin local interactive user home directories are group-owned by a group of which\nthe home directory owner is a member.'\n  desc \"If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them.\"\n  desc 'check', %q(Verify all files and directories in a local interactive user home directory\nare group-owned by a group that the user is a member.\n\n    Check the group owner of all files and directories in a local interactive\nuser's home directory with the following command:\n\n    Note: The example will be for the user \"smithj\", who has a home directory\nof \"/home/smithj\".\n\n    $ sudo ls -lLR /<home directory>/<users home directory>/\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3\n\n    If any files found with a group-owner different from the home directory\nuser private group, check to see if the user is a member of that group with the\nfollowing command:\n\n    $ sudo grep smithj /etc/group\n    sa:x:100:juan,shelley,bob,smithj\n    smithj:x:521:smithj\n\n    If any files or directories are group owned by a group that the directory\nowner is not a member of, this is a finding.)\n  desc 'fix', %q(Change the group of a local interactive user's files and directories to a\ngroup that the interactive user is a member. To change the group owner of a\nlocal interactive user's files and directories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\"/home/smithj\" and is a member of the users group.\n\n    $ sudo chgrp smithj /home/smithj/<file or directory>)\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244532'\n  tag rid: 'SV-244532r743845_rule'\n  tag stig_id: 'RHEL-08-010741'\n  tag fix_id: 'F-47764r743844_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  ignore_shells = input('non_interactive_shells').join('|')\n  exempt_home_users = input('exempt_home_users').join('|')\n\n  findings = Set[]\n  users.where { !username.match(exempt_home_users) && !shell.match(ignore_shells) && (uid >= 1000 || uid.zero?) }.entries.each do |user_info|\n    findings += command(\"find #{user_info.home} -xdev -not -gid #{user_info.gid}\").stdout.split(\"\\n\")\n  end\n  describe 'All files in the users home directory' do\n    it 'are expected to be owned by the user' do\n      expect(findings).to be_empty, 'Some files in the users home directory are not owned by the user. Please ensure all files are owned by thier user.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244532.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "All files in the users home directory are expected to be owned by the user",
+              "run_time": 0.004768,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All files in the users home directory"
+            }
+          ]
+        },
+        {
+          "id": "SV-244533",
+          "title": "RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/system-auth file.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/system-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/system-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/system-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" file\nto match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-244533",
+            "rid": "SV-244533r743848_rule",
+            "stig_id": "RHEL-08-020025",
+            "fix_id": "F-47765r743847_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-244533' do\n  title 'RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/system-auth file.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module. Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/system-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/system-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding.'\n  desc 'fix', 'Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/system-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/system-auth\" file\nto match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-244533'\n  tag rid: 'SV-244533r743848_rule'\n  tag stig_id: 'RHEL-08-020025'\n  tag fix_id: 'F-47765r743847_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('auth required pam_faillock.so preauth') }\n    its('lines') { should match_pam_rule('auth required pam_faillock.so authfail') }\n    its('lines') { should match_pam_rule('account required pam_faillock.so') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244533.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include auth required pam_faillock.so preauth",
+              "run_time": 0.00093,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so preauth",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include auth required pam_faillock.so authfail",
+              "run_time": 0.000574,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so authfail",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include account required pam_faillock.so",
+              "run_time": 0.000583,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include account required pam_faillock.so",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-244534",
+          "title": "RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/password-auth file.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password."
+            },
+            {
+              "label": "check",
+              "data": "Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/password-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/password-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/password-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/password-auth\"\nfile to match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "satisfies": [
+              "SRG-OS-000021-GPOS-00005",
+              "SRG-OS-000329-GPOS-00128"
+            ],
+            "gid": "V-244534",
+            "rid": "SV-244534r743851_rule",
+            "stig_id": "RHEL-08-020026",
+            "fix_id": "F-47766r743850_fix",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-244534' do\n  title 'RHEL 8 must configure the use of the pam_faillock.so module in the\n/etc/pam.d/password-auth file.'\n  desc 'By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-force attacks, is reduced. Limits are imposed by locking the account.\n\n    In RHEL 8.2 the \"/etc/security/faillock.conf\" file was incorporated to\ncentralize the configuration of the pam_faillock.so module.  Also introduced is\na \"local_users_only\" option that will only track failed user authentication\nattempts for local users in /etc/passwd and ignore centralized (AD, IdM, LDAP,\netc.) users to allow the centralized platform to solely manage user lockout.\n\n    From \"faillock.conf\" man pages: Note that the default directory that\n\"pam_faillock\" uses is usually cleared on system boot so the access will be\nreenabled after system reboot. If that is undesirable a different tally\ndirectory must be set with the \"dir\" option.\n    The preauth argument must be used when the module is called before the\nmodules which ask for the user credentials such as the password.'\n  desc 'check', 'Note: This check applies to RHEL versions 8.2 or newer, if the system is\nRHEL version 8.0 or 8.1, this check is not applicable.\n\n    Verify the pam_faillock.so module is present in the\n\"/etc/pam.d/password-auth\" file:\n\n    $ sudo grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth               required                               pam_faillock.so\npreauth\n    auth               required                               pam_faillock.so\nauthfail\n    account        required                                pam_faillock.so\n\n    If the pam_faillock.so module is not present in the\n\"/etc/pam.d/password-auth\" file with the \"preauth\" line listed before\npam_unix.so, this is a finding.'\n  desc 'fix', 'Configure the operating system to include the use of the pam_faillock.so\nmodule in the /etc/pam.d/password-auth file.\n\n    Add/Modify the appropriate sections of the \"/etc/pam.d/password-auth\"\nfile to match the following lines:\n    Note: The \"preauth\" line must be listed before pam_unix.so.\n\n    auth required pam_faillock.so preauth\n    auth required pam_faillock.so authfail\n    account required pam_faillock.so'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag satisfies: ['SRG-OS-000021-GPOS-00005', 'SRG-OS-000329-GPOS-00128']\n  tag gid: 'V-244534'\n  tag rid: 'SV-244534r743851_rule'\n  tag stig_id: 'RHEL-08-020026'\n  tag fix_id: 'F-47766r743850_fix'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL versions 8.2 or newer, if the system is\n    RHEL version 8.0 or 8.1, this check is not applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe pam('/etc/pam.d/password-auth') do\n    its('lines') { should match_pam_rule('auth required pam_faillock.so preauth') }\n    its('lines') { should match_pam_rule('auth required pam_faillock.so authfail') }\n    its('lines') { should match_pam_rule('account required pam_faillock.so') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244534.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include auth required pam_faillock.so preauth",
+              "run_time": 0.000606,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so preauth",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include auth required pam_faillock.so authfail",
+              "run_time": 0.000564,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include auth required pam_faillock.so authfail",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include account required pam_faillock.so",
+              "run_time": 0.000466,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include account required pam_faillock.so",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-244535",
+          "title": "RHEL 8 must initiate a session lock for graphical user interfaces when\nthe screensaver is activated.",
+          "desc": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system initiates a session lock a for graphical user\ninterfaces when the screensaver is activated with the following command:\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-delay\n\n    uint32 5\n\n    If the \"uint32\" setting is missing, or is not set to \"5\" or less, this\nis a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to initiate a session lock for graphical\nuser interfaces when a screensaver is activated.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    [org/gnome/desktop/screensaver]\n    lock-delay=uint32 5\n\n    The \"uint32\" must be included along with the integer key values as shown.\n\n    Update the system databases:\n\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-GPOS-00010",
+            "satisfies": [
+              "SRG-OS-000029-GPOS-00010",
+              "SRG-OS-000031-GPOS-00012",
+              "SRG-OS-000480-GPOS-00227"
+            ],
+            "gid": "V-244535",
+            "rid": "SV-244535r743854_rule",
+            "stig_id": "RHEL-08-020031",
+            "fix_id": "F-47767r743853_fix",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244535' do\n  title 'RHEL 8 must initiate a session lock for graphical user interfaces when\nthe screensaver is activated.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\"\n  desc 'check', 'Verify the operating system initiates a session lock a for graphical user\ninterfaces when the screensaver is activated with the following command:\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.desktop.screensaver lock-delay\n\n    uint32 5\n\n    If the \"uint32\" setting is missing, or is not set to \"5\" or less, this\nis a finding.'\n  desc 'fix', 'Configure the operating system to initiate a session lock for graphical\nuser interfaces when a screensaver is activated.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/00-screensaver\n\n    [org/gnome/desktop/screensaver]\n    lock-delay=uint32 5\n\n    The \"uint32\" must be included along with the integer key values as shown.\n\n    Update the system databases:\n\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-244535'\n  tag rid: 'SV-244535r743854_rule'\n  tag stig_id: 'RHEL-08-020031'\n  tag fix_id: 'F-47767r743853_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI Desktop is installed, this control is Not Applicable' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('gsettings get org.gnome.desktop.screensaver lock-delay') do\n      its('stdout.strip') { should match(/uint32\\s[0-5]/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244535.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have a GUI Desktop is installed, this control is Not Applicable",
+              "run_time": 6.0e-06,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "A GUI desktop is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have a GUI Desktop is installed, this control is Not Applicable"
+            }
+          ]
+        },
+        {
+          "id": "SV-244536",
+          "title": "RHEL 8 must disable the user list at logon for graphical user\ninterfaces.",
+          "desc": "Leaving the user list enabled is a security risk since it allows\nanyone with physical access to the system to enumerate known user accounts\nwithout authenticated access to the system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Leaving the user list enabled is a security risk since it allows\nanyone with physical access to the system to enumerate known user accounts\nwithout authenticated access to the system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system disables the user logon list for graphical user\ninterfaces with the following command:\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.login-screen disable-user-list\n    true\n\n    If the setting is \"false\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to disable the user list at logon for\ngraphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/02-login-screen\n\n    [org/gnome/login-screen]\n    disable-user-list=true\n\n    Update the system databases:\n    $ sudo dconf update"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244536",
+            "rid": "SV-244536r743857_rule",
+            "stig_id": "RHEL-08-020032",
+            "fix_id": "F-47768r743856_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244536' do\n  title 'RHEL 8 must disable the user list at logon for graphical user\ninterfaces.'\n  desc 'Leaving the user list enabled is a security risk since it allows\nanyone with physical access to the system to enumerate known user accounts\nwithout authenticated access to the system.'\n  desc 'check', 'Verify the operating system disables the user logon list for graphical user\ninterfaces with the following command:\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    $ sudo gsettings get org.gnome.login-screen disable-user-list\n    true\n\n    If the setting is \"false\", this is a finding.'\n  desc 'fix', 'Configure the operating system to disable the user list at logon for\ngraphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/02-login-screen\n\n    [org/gnome/login-screen]\n    disable-user-list=true\n\n    Update the system databases:\n    $ sudo dconf update'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244536'\n  tag rid: 'SV-244536r743857_rule'\n  tag stig_id: 'RHEL-08-020032'\n  tag fix_id: 'F-47768r743856_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI installed, this requirement is Not Applicable.' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('gsettings get org.gnome.login-screen disable-user-list') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244536.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have a GUI installed, this requirement is Not Applicable.",
+              "run_time": 5.0e-06,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "A GUI desktop is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have a GUI installed, this requirement is Not Applicable."
+            }
+          ]
+        },
+        {
+          "id": "SV-244537",
+          "title": "RHEL 8 must have the tmux package installed.",
+          "desc": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 has the \"tmux\" package installed, by running the following\ncommand:\n\n    $ sudo yum list installed tmux\n\n    tmux.x86.64                     2.7-1.el8\n@repository\n\n    If \"tmux\" is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable a user to initiate a session lock\nvia tmux.\n\n    Install the \"tmux\" package, if it is not already installed, by running\nthe following command:\n\n    $ sudo yum install tmux"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000028-GPOS-00009",
+            "satisfies": [
+              "SRG-OS-000028-GPOS-00009",
+              "SRG-OS-000030-GPOS-00011"
+            ],
+            "gid": "V-244537",
+            "rid": "SV-244537r743860_rule",
+            "stig_id": "RHEL-08-020039",
+            "fix_id": "F-47769r743859_fix",
+            "cci": [
+              "CCI-000056"
+            ],
+            "nist": [
+              "AC-11 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244537' do\n  title 'RHEL 8 must have the tmux package installed.'\n  desc 'A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n    The session lock is implemented at the point where session activity can be\ndetermined. Rather than be forced to wait for a period of time to expire before\nthe user session can be locked, RHEL 8 needs to provide users with the ability\nto manually invoke a session lock so users can secure their session if it is\nnecessary to temporarily vacate the immediate physical vicinity.\n    Tmux is a terminal multiplexer that enables a number of terminals to be\ncreated, accessed, and controlled from a single screen.  Red Hat endorses tmux\nas the recommended session controlling package.'\n  desc 'check', 'Verify RHEL 8 has the \"tmux\" package installed, by running the following\ncommand:\n\n    $ sudo yum list installed tmux\n\n    tmux.x86.64                     2.7-1.el8\n@repository\n\n    If \"tmux\" is not installed, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable a user to initiate a session lock\nvia tmux.\n\n    Install the \"tmux\" package, if it is not already installed, by running\nthe following command:\n\n    $ sudo yum install tmux'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000028-GPOS-00009'\n  tag satisfies: ['SRG-OS-000028-GPOS-00009', 'SRG-OS-000030-GPOS-00011']\n  tag gid: 'V-244537'\n  tag rid: 'SV-244537r743860_rule'\n  tag stig_id: 'RHEL-08-020039'\n  tag fix_id: 'F-47769r743859_fix'\n  tag cci: ['CCI-000056']\n  tag nist: ['AC-11 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe package('tmux') do\n    it { should be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244537.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package tmux is expected to be installed",
+              "run_time": 0.105359,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"tmux\"]",
+              "resource_id": "tmux"
+            }
+          ]
+        },
+        {
+          "id": "SV-244538",
+          "title": "RHEL 8 must prevent a user from overriding the session idle-delay\nsetting for the graphical user interface.",
+          "desc": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i idle /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/session/idle-delay\n\n    If the command does not return at least the example result, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/session/idle-delay"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-GPOS-00010",
+            "satisfies": [
+              "SRG-OS-000029-GPOS-00010",
+              "SRG-OS-000031-GPOS-00012",
+              "SRG-OS-000480-GPOS-00227"
+            ],
+            "gid": "V-244538",
+            "rid": "SV-244538r743863_rule",
+            "stig_id": "RHEL-08-020081",
+            "fix_id": "F-47770r743862_fix",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244538' do\n  title 'RHEL 8 must prevent a user from overriding the session idle-delay\nsetting for the graphical user interface.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.\"\n  desc 'check', 'Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i idle /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/session/idle-delay\n\n    If the command does not return at least the example result, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/session/idle-delay'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-244538'\n  tag rid: 'SV-244538r743863_rule'\n  tag stig_id: 'RHEL-08-020081'\n  tag fix_id: 'F-47770r743862_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  no_gui = command('ls /usr/share/xsessions/*').stderr.match?(/No such file or directory/)\n\n  if no_gui\n    impact 0.0\n    describe 'The system does not have a GUI Desktop is installed, this control is Not Applicable' do\n      skip 'A GUI desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('grep -i idle /etc/dconf/db/local.d/locks/*') do\n      it 'checks if idle delay is set' do\n        expect(subject.stdout.split).to include('/org/gnome/desktop/session/idle-delay'), 'The idle delay is not set. Please ensure it is set.'\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244538.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The system does not have a GUI Desktop is installed, this control is Not Applicable",
+              "run_time": 1.6e-05,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "A GUI desktop is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system does not have a GUI Desktop is installed, this control is Not Applicable"
+            }
+          ]
+        },
+        {
+          "id": "SV-244539",
+          "title": "RHEL 8 must prevent a user from overriding the screensaver\nlock-enabled setting for the graphical user interface.",
+          "desc": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n    If the command does not return at least the example result, this is a\nfinding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-enabled"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-GPOS-00010",
+            "satisfies": [
+              "SRG-OS-000029-GPOS-00010",
+              "SRG-OS-000031-GPOS-00012",
+              "SRG-OS-000480-GPOS-00227"
+            ],
+            "gid": "V-244539",
+            "rid": "SV-244539r743866_rule",
+            "stig_id": "RHEL-08-020082",
+            "fix_id": "F-47771r743865_fix",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244539' do\n  title 'RHEL 8 must prevent a user from overriding the screensaver\nlock-enabled setting for the graphical user interface.'\n  desc \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n\n    Implementing session settings will have little value if a user is able to\nmanipulate these settings from the defaults prescribed in the other\nrequirements of this implementation guide.\n\n    Locking these settings from non-privileged users is crucial to maintaining\na protected baseline.\"\n  desc 'check', 'Verify the operating system prevents a user from overriding settings for\ngraphical user interfaces.\n\n    Note: This requirement assumes the use of the RHEL 8 default graphical user\ninterface, Gnome Shell. If the system does not have any graphical user\ninterface installed, this requirement is Not Applicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    $ sudo grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check that graphical settings are locked from non-privileged user\nmodification with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nthe path is \"/etc/dconf/db/local.d\". This path must be modified if a database\nother than \"local\" is being used.\n\n    $ sudo grep -i lock-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n    If the command does not return at least the example result, this is a\nfinding.'\n  desc 'fix', 'Configure the operating system to prevent a user from overriding settings\nfor graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \"local\" for the system, so\nif the system is using another database in \"/etc/dconf/profile/user\", the\nfile should be created under the appropriate subdirectory.\n\n    $ sudo touch /etc/dconf/db/local.d/locks/session\n\n    Add the following setting to prevent non-privileged users from modifying it:\n\n    /org/gnome/desktop/screensaver/lock-enabled'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-GPOS-00010'\n  tag satisfies: ['SRG-OS-000029-GPOS-00010', 'SRG-OS-000031-GPOS-00012', 'SRG-OS-000480-GPOS-00227']\n  tag gid: 'V-244539'\n  tag rid: 'SV-244539r743866_rule'\n  tag stig_id: 'RHEL-08-020082'\n  tag fix_id: 'F-47771r743865_fix'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if !package('gnome-desktop3').installed?\n    impact 0.0\n    describe 'The GNOME desktop is not installed, this control is Not Applicable.' do\n      skip 'The GNOME desktop is not installed, this control is Not Applicable.'\n    end\n  else\n    describe command('grep -i lock-enabled /etc/dconf/db/local.d/locks/*') do\n      its('stdout.split') { should include '/org/gnome/desktop/screensaver/lock-enabled' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244539.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "The GNOME desktop is not installed, this control is Not Applicable.",
+              "run_time": 6.0e-06,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "resource": "",
+              "skip_message": "The GNOME desktop is not installed, this control is Not Applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The GNOME desktop is not installed, this control is Not Applicable."
+            }
+          ]
+        },
+        {
+          "id": "SV-244540",
+          "title": "RHEL 8 must not allow blank or null passwords in the system-auth file.",
+          "desc": "If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments."
+            },
+            {
+              "label": "check",
+              "data": "To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/system-auth\n\nIf output is produced, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/system-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244540",
+            "rid": "SV-244540r743869_rule",
+            "stig_id": "RHEL-08-020331",
+            "fix_id": "F-47772r743868_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-244540' do\n  title 'RHEL 8 must not allow blank or null passwords in the system-auth file.'\n  desc 'If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.'\n  desc 'check', 'To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/system-auth\n\nIf output is produced, this is a finding.'\n  desc 'fix', 'Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/system-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244540'\n  tag rid: 'SV-244540r743869_rule'\n  tag stig_id: 'RHEL-08-020331'\n  tag fix_id: 'F-47772r743868_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  pam_auth_files = input('pam_auth_files')\n  file_list = pam_auth_files.values.join(' ')\n  bad_entries = command(\"grep -i nullok #{file_list}\").stdout.lines.collect(&:squish)\n\n  describe 'The system is configureed' do\n    subject { command(\"grep -i nullok #{file_list}\") }\n    it 'to not allow null passwords' do\n      expect(subject.stdout.strip).to be_empty, \"The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \\n\\t- #{bad_entries.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244540.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "The system is configureed to not allow null passwords",
+              "run_time": 0.007398,
+              "start_time": "2024-01-09T19:41:03-05:00",
+              "message": "The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \n\t- /etc/pam.d/system-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/system-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok\n\t- /etc/pam.d/password-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/password-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system is configureed"
+            }
+          ]
+        },
+        {
+          "id": "SV-244541",
+          "title": "RHEL 8 must not allow blank or null passwords in the password-auth\nfile.",
+          "desc": "If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments."
+            },
+            {
+              "label": "check",
+              "data": "To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/password-auth\n\nIf output is produced, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/password-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244541",
+            "rid": "SV-244541r743872_rule",
+            "stig_id": "RHEL-08-020332",
+            "fix_id": "F-47773r743871_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'SV-244541' do\n  title 'RHEL 8 must not allow blank or null passwords in the password-auth\nfile.'\n  desc 'If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.'\n  desc 'check', 'To verify that null passwords cannot be used, run the following command:\n\n$ sudo grep -i nullok /etc/pam.d/password-auth\n\nIf output is produced, this is a finding.'\n  desc 'fix', 'Remove any instances of the \"nullok\" option in the\n\"/etc/pam.d/password-auth\" file to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed file may be overwritten by the\n\"authselect\" program.'\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244541'\n  tag rid: 'SV-244541r743872_rule'\n  tag stig_id: 'RHEL-08-020332'\n  tag fix_id: 'F-47773r743871_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  pam_auth_files = input('pam_auth_files')\n  file_list = pam_auth_files.values.join(' ')\n  bad_entries = command(\"grep -i nullok #{file_list}\").stdout.lines.collect(&:squish)\n\n  describe 'The system is configureed' do\n    subject { command(\"grep -i nullok #{file_list}\") }\n    it 'to not allow null passwords' do\n      expect(subject.stdout.strip).to be_empty, \"The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \\n\\t- #{bad_entries.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244541.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "The system is configureed to not allow null passwords",
+              "run_time": 0.005198,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "message": "The system is configured to allow null passwords. Please remove any instances of the `nullok` option from: \n\t- /etc/pam.d/system-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/system-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok\n\t- /etc/pam.d/password-auth:auth sufficient pam_unix.so nullok\n\t- /etc/pam.d/password-auth:password sufficient pam_unix.so sha512 shadow nullok use_authtok",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "The system is configureed"
+            }
+          ]
+        },
+        {
+          "id": "SV-244542",
+          "title": "RHEL 8 audit records must contain information to establish what type\nof events occurred, the source of events, where events occurred, and the\noutcome of events.",
+          "desc": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system."
+            },
+            {
+              "label": "check",
+              "data": "Verify the audit service is configured to produce audit records with the following command:\n\n$ sudo systemctl status auditd.service\n\nauditd.service - Security Auditing Service\nLoaded:loaded (/usr/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)\nActive: active (running) since Tues 2020-12-11 12:56:56 EST; 4 weeks 0 days ago\n\nIf the audit service is not \"active\" and \"running\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred with the\nfollowing commands:\n\n    $ sudo systemctl enable auditd.service\n\n    $ sudo systemctl start auditd.service"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000062-GPOS-00031",
+            "satisfies": [
+              "SRG-OS-000062-GPOS-00031",
+              "SRG-OS-000037-GPOS-00015",
+              "SRG-OS-000038-GPOS-00016",
+              "SRG-OS-000039-GPOS-00017",
+              "SRG-OS-000040-GPOS-00018",
+              "SRG-OS-000041-GPOS-00019",
+              "SRG-OS-000042-GPOS-00021",
+              "SRG-OS-000051-GPOS-00024",
+              "SRG-OS-000054-GPOS-00025",
+              "SRG-OS-000122-GPOS-00063",
+              "SRG-OS-000254-GPOS-00095",
+              "SRG-OS-000255-GPOS-00096",
+              "SRG-OS-000337-GPOS-00129",
+              "SRG-OS-000348-GPOS-00136",
+              "SRG-OS-000349-GPOS-00137",
+              "SRG-OS-000350-GPOS-00138",
+              "SRG-OS-000351-GPOS-00139",
+              "SRG-OS-000352-GPOS-00140",
+              "SRG-OS-000353-GPOS-00141",
+              "SRG-OS-000354-GPOS-00142",
+              "SRG-OS-000358-GPOS-00145",
+              "SRG-OS-000365-GPOS-00152",
+              "SRG-OS-000392-GPOS-00172",
+              "SRG-OS-000475-GPOS-00220"
+            ],
+            "gid": "V-244542",
+            "rid": "SV-244542r818838_rule",
+            "stig_id": "RHEL-08-030181",
+            "fix_id": "F-47774r743874_fix",
+            "cci": [
+              "CCI-000169"
+            ],
+            "nist": [
+              "AU-12 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244542' do\n  title 'RHEL 8 audit records must contain information to establish what type\nof events occurred, the source of events, where events occurred, and the\noutcome of events.'\n  desc 'Without establishing what type of events occurred, the source of\nevents, where events occurred, and the outcome of events, it would be difficult\nto establish, correlate, and investigate the events leading up to an outage or\nattack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in RHEL 8 audit logs provides\na means of investigating an attack, recognizing resource utilization or\ncapacity thresholds, or identifying an improperly configured RHEL 8 system.'\n  desc 'check', 'Verify the audit service is configured to produce audit records with the following command:\n\n$ sudo systemctl status auditd.service\n\nauditd.service - Security Auditing Service\nLoaded:loaded (/usr/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)\nActive: active (running) since Tues 2020-12-11 12:56:56 EST; 4 weeks 0 days ago\n\nIf the audit service is not \"active\" and \"running\", this is a finding.'\n  desc 'fix', 'Configure the audit service to produce audit records containing the\ninformation needed to establish when (date and time) an event occurred with the\nfollowing commands:\n\n    $ sudo systemctl enable auditd.service\n\n    $ sudo systemctl start auditd.service'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000062-GPOS-00031'\n  tag satisfies: ['SRG-OS-000062-GPOS-00031', 'SRG-OS-000037-GPOS-00015', 'SRG-OS-000038-GPOS-00016', 'SRG-OS-000039-GPOS-00017', 'SRG-OS-000040-GPOS-00018', 'SRG-OS-000041-GPOS-00019', 'SRG-OS-000042-GPOS-00021', 'SRG-OS-000051-GPOS-00024', 'SRG-OS-000054-GPOS-00025', 'SRG-OS-000122-GPOS-00063', 'SRG-OS-000254-GPOS-00095', 'SRG-OS-000255-GPOS-00096', 'SRG-OS-000337-GPOS-00129', 'SRG-OS-000348-GPOS-00136', 'SRG-OS-000349-GPOS-00137', 'SRG-OS-000350-GPOS-00138', 'SRG-OS-000351-GPOS-00139', 'SRG-OS-000352-GPOS-00140', 'SRG-OS-000353-GPOS-00141', 'SRG-OS-000354-GPOS-00142', 'SRG-OS-000358-GPOS-00145', 'SRG-OS-000365-GPOS-00152', 'SRG-OS-000392-GPOS-00172', 'SRG-OS-000475-GPOS-00220']\n  tag gid: 'V-244542'\n  tag rid: 'SV-244542r818838_rule'\n  tag stig_id: 'RHEL-08-030181'\n  tag fix_id: 'F-47774r743874_fix'\n  tag cci: ['CCI-000169']\n  tag nist: ['AU-12 a']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe service('auditd') do\n    it { should be_enabled }\n    it { should be_running }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244542.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Service auditd is expected to be enabled",
+              "run_time": 0.386387,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"auditd\"]",
+              "resource_id": "auditd"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Service auditd is expected to be running",
+              "run_time": 0.000406,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "resource_class": "service",
+              "resource_params": "[\"auditd\"]",
+              "resource_id": "auditd"
+            }
+          ]
+        },
+        {
+          "id": "SV-244543",
+          "title": "RHEL 8 must notify the System Administrator (SA) and Information\nSystem Security Officer (ISSO) (at a minimum) when allocated audit record\nstorage volume 75 percent utilization.",
+          "desc": "If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion."
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 notifies the SA and ISSO (at a minimum) when allocated audit\nrecord storage volume reaches 75 percent of the repository maximum audit record\nstorage capacity with the following command:\n\n    $ sudo grep -w space_left_action /etc/audit/auditd.conf\n\n    space_left_action = email\n\n    If the value of the \"space_left_action\" is not set to \"email\", or if\nthe line is commented out, ask the System Administrator to indicate how the\nsystem is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\nthis is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to initiate an action to notify the SA and\nISSO (at a minimum) when allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity by\nadding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left_action = email\n\n    Note: Option names and values in the auditd.conf file are case insensitive."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000343-GPOS-00134",
+            "gid": "V-244543",
+            "rid": "SV-244543r877389_rule",
+            "stig_id": "RHEL-08-030731",
+            "fix_id": "F-47775r743877_fix",
+            "cci": [
+              "CCI-001855"
+            ],
+            "nist": [
+              "AU-5 (1)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244543' do\n  title 'RHEL 8 must notify the System Administrator (SA) and Information\nSystem Security Officer (ISSO) (at a minimum) when allocated audit record\nstorage volume 75 percent utilization.'\n  desc 'If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion.'\n  desc 'check', 'Verify RHEL 8 notifies the SA and ISSO (at a minimum) when allocated audit\nrecord storage volume reaches 75 percent of the repository maximum audit record\nstorage capacity with the following command:\n\n    $ sudo grep -w space_left_action /etc/audit/auditd.conf\n\n    space_left_action = email\n\n    If the value of the \"space_left_action\" is not set to \"email\", or if\nthe line is commented out, ask the System Administrator to indicate how the\nsystem is providing real-time alerts to the SA and ISSO.\n\n    If there is no evidence that real-time alerts are configured on the system,\nthis is a finding.'\n  desc 'fix', 'Configure the operating system to initiate an action to notify the SA and\nISSO (at a minimum) when allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity by\nadding/modifying the following line in the /etc/audit/auditd.conf file.\n\n    space_left_action = email\n\n    Note: Option names and values in the auditd.conf file are case insensitive.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000343-GPOS-00134'\n  tag gid: 'V-244543'\n  tag rid: 'SV-244543r877389_rule'\n  tag stig_id: 'RHEL-08-030731'\n  tag fix_id: 'F-47775r743877_fix'\n  tag cci: ['CCI-001855']\n  tag nist: ['AU-5 (1)']\n  tag 'host'\n\n  alert_method = input('alert_method')\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  describe auditd_conf do\n    its('space_left_action.downcase') { should cmp alert_method }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244543.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Audit Daemon Config space_left_action.downcase is expected to cmp == \"email\"",
+              "run_time": 0.000889,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "resource_class": "auditd_conf",
+              "resource_params": "[]",
+              "resource_id": "/etc/audit/auditd.conf"
+            }
+          ]
+        },
+        {
+          "id": "SV-244544",
+          "title": "A firewall must be active on RHEL 8.",
+          "desc": "\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets)."
+            },
+            {
+              "label": "check",
+              "data": "Verify that \"firewalld\" is active with the following commands:\n\n    $ sudo systemctl is-active firewalld\n\n    active\n\n    If the \"firewalld\" package is not \"active\", ask the System\nAdministrator if another firewall is installed. If no firewall is installed and\nactive this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure \"firewalld\" to protect the operating system with the following\ncommand:\n\n    $ sudo systemctl enable firewalld"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000297-GPOS-00115",
+            "gid": "V-244544",
+            "rid": "SV-244544r854073_rule",
+            "stig_id": "RHEL-08-040101",
+            "fix_id": "F-47776r743880_fix",
+            "cci": [
+              "CCI-002314"
+            ],
+            "nist": [
+              "AC-17 (1)"
+            ]
+          },
+          "code": "control 'SV-244544' do\n  title 'A firewall must be active on RHEL 8.'\n  desc '\"Firewalld\" provides an easy and effective way to block/limit remote\naccess to the system via ports, services, and protocols.\n\n    Remote access services, such as those providing remote access to network\ndevices and information systems, which lack automated control capabilities,\nincrease risk and make remote user access management difficult at best.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n    RHEL 8 functionality (e.g., RDP) must be capable of taking enforcement\naction if the audit reveals unauthorized activity. Automated control of remote\naccess sessions allows organizations to ensure ongoing compliance with remote\naccess policies by enforcing connection rules of remote access applications on\na variety of information system components (e.g., servers, workstations,\nnotebook computers, smartphones, and tablets).'\n  desc 'check', 'Verify that \"firewalld\" is active with the following commands:\n\n    $ sudo systemctl is-active firewalld\n\n    active\n\n    If the \"firewalld\" package is not \"active\", ask the System\nAdministrator if another firewall is installed. If no firewall is installed and\nactive this is a finding.'\n  desc 'fix', 'Configure \"firewalld\" to protect the operating system with the following\ncommand:\n\n    $ sudo systemctl enable firewalld'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000297-GPOS-00115'\n  tag gid: 'V-244544'\n  tag rid: 'SV-244544r854073_rule'\n  tag stig_id: 'RHEL-08-040101'\n  tag fix_id: 'F-47776r743880_fix'\n  tag cci: ['CCI-002314']\n  tag nist: ['AC-17 (1)']\n\n  only_if('This requirment is Not Applicable in the container, the container management platform manages the firewall service', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('external_firewall')\n    message = 'This system uses an externally managed firewall service, verify with the system administrator that the firewall is configured to requirements'\n    describe message do\n      skip message\n    end\n  else\n    describe package('firewalld') do\n      it { should be_installed }\n    end\n    describe firewalld do\n      it { should be_installed }\n      it { should be_running }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244544.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package firewalld is expected to be installed",
+              "run_time": 0.000436,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"firewalld\"]",
+              "resource_id": "firewalld"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Firewall Rules is expected to be installed",
+              "run_time": 0.000265,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "resource_class": "firewalld",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Firewall Rules is expected to be running",
+              "run_time": 0.000328,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "message": "expected that `Firewall Rules` is running",
+              "resource_class": "firewalld",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-244545",
+          "title": "The RHEL 8 fapolicy module must be enabled.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers."
+            },
+            {
+              "label": "check",
+              "data": "Verify the RHEL 8 \"fapolicyd\" is enabled and running with the following\ncommand:\n\n    $ sudo systemctl status fapolicyd.service\n\n    fapolicyd.service - File Access Policy Daemon\n    Loaded: loaded (/usr/lib/systemd/system/fapolicyd.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If fapolicyd is not enabled and running, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Enable \"fapolicyd\" using the following command:\n\n$ sudo systemctl enable --now fapolicyd"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "satisfies": [
+              "SRG-OS-000368-GPOS-00154",
+              "SRG-OS-000370-GPOS-00155",
+              "SRG-OS-000480-GPOS-00232"
+            ],
+            "gid": "V-244545",
+            "rid": "SV-244545r854074_rule",
+            "stig_id": "RHEL-08-040136",
+            "fix_id": "F-47777r743883_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244545' do\n  title 'The RHEL 8 fapolicy module must be enabled.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.'\n  desc 'check', 'Verify the RHEL 8 \"fapolicyd\" is enabled and running with the following\ncommand:\n\n    $ sudo systemctl status fapolicyd.service\n\n    fapolicyd.service - File Access Policy Daemon\n    Loaded: loaded (/usr/lib/systemd/system/fapolicyd.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If fapolicyd is not enabled and running, this is a finding.'\n  desc 'fix', 'Enable \"fapolicyd\" using the following command:\n\n$ sudo systemctl enable --now fapolicyd'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag satisfies: ['SRG-OS-000368-GPOS-00154', 'SRG-OS-000370-GPOS-00155', 'SRG-OS-000480-GPOS-00232']\n  tag gid: 'V-244545'\n  tag rid: 'SV-244545r854074_rule'\n  tag stig_id: 'RHEL-08-040136'\n  tag fix_id: 'F-47777r743883_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n  tag 'host'\n\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'This requirement is Not Applicable in the container' do\n      skip 'This requirement is Not Applicable in the container'\n    end\n  elsif !input('use_fapolicyd')\n    impact 0.0\n    describe 'The organization does not use the Fapolicyd service to manage firewall services' do\n      skip 'The organization is not using the Fapolicyd service to manage firewall services, this control is Not Applicable'\n    end\n  else\n    describe service('fapolicyd') do\n      it { should be_enabled }\n      it { should be_running }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244545.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Service fapolicyd is expected to be enabled",
+              "run_time": 0.622238,
+              "start_time": "2024-01-09T19:41:04-05:00",
+              "message": "expected that `Service fapolicyd` is enabled",
+              "resource_class": "service",
+              "resource_params": "[\"fapolicyd\"]",
+              "resource_id": "fapolicyd"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service fapolicyd is expected to be running",
+              "run_time": 0.001345,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "expected that `Service fapolicyd` is running",
+              "resource_class": "service",
+              "resource_params": "[\"fapolicyd\"]",
+              "resource_id": "fapolicyd"
+            }
+          ]
+        },
+        {
+          "id": "SV-244546",
+          "title": "The RHEL 8 fapolicy module must be configured to employ a deny-all,\npermit-by-exception policy to allow the execution of authorized software\nprograms.",
+          "desc": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers."
+            },
+            {
+              "label": "check",
+              "data": "Verify the RHEL 8 \"fapolicyd\" employs a deny-all, permit-by-exception policy.\n\nCheck that \"fapolicyd\" is in enforcement mode with the following command:\n\n$ sudo grep permissive /etc/fapolicyd/fapolicyd.conf\n\npermissive = 0\n\nCheck that fapolicyd employs a deny-all policy on system mounts with the following commands:\n\nFor RHEL 8.4 systems and older:\n$ sudo tail /etc/fapolicyd/fapolicyd.rules\n\nFor RHEL 8.5 systems and newer:\n$ sudo tail /etc/fapolicyd/compiled.rules\n\nallow exe=/usr/bin/python3.7 : ftype=text/x-python\ndeny_audit perm=any pattern=ld_so : all\ndeny perm=any all : all\n\nIf fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to employ a deny-all, permit-by-exception application whitelisting policy with \"fapolicyd\".\n\nWith the \"fapolicyd\" installed and enabled, configure the daemon to function in permissive mode until the whitelist is built correctly to avoid system lockout. Do this by editing the \"/etc/fapolicyd/fapolicyd.conf\" file with the following line:\n\npermissive = 1\n\nFor RHEL 8.4 systems and older:\nBuild the whitelist in the \"/etc/fapolicyd/fapolicyd.rules\" file ensuring the last rule is \"deny perm=any all : all\".\n\nFor RHEL 8.5 systems and newer:\nBuild the whitelist in a file within the \"/etc/fapolicyd/rules.d\" directory ensuring the last rule is \"deny perm=any all : all\".\n\nOnce it is determined the whitelist is built correctly, set the fapolicyd to enforcing mode by editing the \"permissive\" line in the /etc/fapolicyd/fapolicyd.conf file.\n\npermissive = 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000368-GPOS-00154",
+            "satisfies": [
+              "SRG-OS-000368-GPOS-00154",
+              "SRG-OS-000370-GPOS-00155",
+              "SRG-OS-000480-GPOS-00232"
+            ],
+            "gid": "V-244546",
+            "rid": "SV-244546r858730_rule",
+            "stig_id": "RHEL-08-040137",
+            "fix_id": "F-47778r858729_fix",
+            "cci": [
+              "CCI-001764"
+            ],
+            "nist": [
+              "CM-7 (2)"
+            ]
+          },
+          "code": "control 'SV-244546' do\n  title 'The RHEL 8 fapolicy module must be configured to employ a deny-all,\npermit-by-exception policy to allow the execution of authorized software\nprograms.'\n  desc 'The organization must identify authorized software programs and permit\nexecution of authorized software. The process used to identify software\nprograms that are authorized to execute on organizational information systems\nis commonly referred to as whitelisting.\n\n    Utilizing a whitelist provides a configuration management method for\nallowing the execution of only authorized software. Using only authorized\nsoftware decreases risk by limiting the number of potential vulnerabilities.\nVerification of whitelisted software occurs prior to execution or at system\nstartup.\n\n    User home directories/folders may contain information of a sensitive\nnature. Non-privileged users should coordinate any sharing of information with\nan SA through shared resources.\n\n    RHEL 8 ships with many optional packages. One such package is a file access\npolicy daemon called \"fapolicyd\". \"fapolicyd\" is a userspace daemon that\ndetermines access rights to files based on attributes of the process and file.\nIt can be used to either blacklist or whitelist processes or file access.\n\n    Proceed with caution with enforcing the use of this daemon. Improper\nconfiguration may render the system non-functional. The \"fapolicyd\" API is\nnot namespace aware and can cause issues when launching or running containers.'\n  desc 'check', 'Verify the RHEL 8 \"fapolicyd\" employs a deny-all, permit-by-exception policy.\n\nCheck that \"fapolicyd\" is in enforcement mode with the following command:\n\n$ sudo grep permissive /etc/fapolicyd/fapolicyd.conf\n\npermissive = 0\n\nCheck that fapolicyd employs a deny-all policy on system mounts with the following commands:\n\nFor RHEL 8.4 systems and older:\n$ sudo tail /etc/fapolicyd/fapolicyd.rules\n\nFor RHEL 8.5 systems and newer:\n$ sudo tail /etc/fapolicyd/compiled.rules\n\nallow exe=/usr/bin/python3.7 : ftype=text/x-python\ndeny_audit perm=any pattern=ld_so : all\ndeny perm=any all : all\n\nIf fapolicyd is not running in enforcement mode with a deny-all, permit-by-exception policy, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to employ a deny-all, permit-by-exception application whitelisting policy with \"fapolicyd\".\n\nWith the \"fapolicyd\" installed and enabled, configure the daemon to function in permissive mode until the whitelist is built correctly to avoid system lockout. Do this by editing the \"/etc/fapolicyd/fapolicyd.conf\" file with the following line:\n\npermissive = 1\n\nFor RHEL 8.4 systems and older:\nBuild the whitelist in the \"/etc/fapolicyd/fapolicyd.rules\" file ensuring the last rule is \"deny perm=any all : all\".\n\nFor RHEL 8.5 systems and newer:\nBuild the whitelist in a file within the \"/etc/fapolicyd/rules.d\" directory ensuring the last rule is \"deny perm=any all : all\".\n\nOnce it is determined the whitelist is built correctly, set the fapolicyd to enforcing mode by editing the \"permissive\" line in the /etc/fapolicyd/fapolicyd.conf file.\n\npermissive = 0'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000368-GPOS-00154'\n  tag satisfies: ['SRG-OS-000368-GPOS-00154', 'SRG-OS-000370-GPOS-00155', 'SRG-OS-000480-GPOS-00232']\n  tag gid: 'V-244546'\n  tag rid: 'SV-244546r858730_rule'\n  tag stig_id: 'RHEL-08-040137'\n  tag fix_id: 'F-47778r858729_fix'\n  tag cci: ['CCI-001764']\n  tag nist: ['CM-7 (2)']\n\n  # Check if the system is a Docker container or not using Fapolicyd\n  if virtualization.system.eql?('docker') || !input('use_fapolicyd')\n    impact 0.0\n    describe 'Control not applicable' do\n      skip 'The organization is not using the Fapolicyd service to manage firewall services, this control is Not Applicable' unless input('use_fapolicyd')\n      skip 'Control not applicable within a container' if virtualization.system.eql?('docker')\n    end\n  else\n    # Parse the fapolicyd configuration file\n    fapolicyd_config = parse_config_file('/etc/fapolicyd/fapolicyd.conf')\n\n    describe 'Fapolicyd configuration' do\n      it 'permissive should not be commented out' do\n        expect(fapolicyd_config.content).to match(/^permissive\\s*=\\s*0$/), 'permissive is commented out in the fapolicyd.conf file'\n      end\n      it 'should have permissive set to 0' do\n        expect(fapolicyd_config.params['permissive']).to cmp '0'\n      end\n    end\n\n    # Determine the rules file based on the OS release\n    rules_file = os.release.to_f < 8.4 ? '/etc/fapolicyd/fapolicyd.rules' : '/etc/fapolicyd/compiled.rules'\n\n    # Check if the rules file exists\n    describe file(rules_file) do\n      it { should exist }\n    end\n\n    # If the rules file exists, check the last rule\n    if file(rules_file).exist?\n      rules = file(rules_file).content.strip.split(\"\\n\")\n      last_rule = rules.last\n\n      describe 'Last rule in the rules file' do\n        it { expect(last_rule).to cmp 'deny perm=any all : all' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244546.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Fapolicyd configuration permissive should not be commented out",
+              "run_time": 0.000366,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "permissive is commented out in the fapolicyd.conf file",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Fapolicyd configuration"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Fapolicyd configuration should have permissive set to 0",
+              "run_time": 0.00037,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "\nexpected: 0\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Fapolicyd configuration"
+            },
+            {
+              "status": "failed",
+              "code_desc": "File /etc/fapolicyd/compiled.rules is expected to exist",
+              "run_time": 0.000232,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "expected File /etc/fapolicyd/compiled.rules to exist",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/fapolicyd/compiled.rules\"]",
+              "resource_id": "/etc/fapolicyd/compiled.rules"
+            }
+          ]
+        },
+        {
+          "id": "SV-244547",
+          "title": "RHEL 8 must have the USBGuard installed.",
+          "desc": "Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices."
+            },
+            {
+              "label": "check",
+              "data": "Verify USBGuard is installed on the operating system with the following\ncommand:\n\n    $ sudo yum list installed usbguard\n\n    Installed Packages\n    usbguard.x86_64                   0.7.8-7.el8             @ol8_appstream\n\n    If the USBGuard package is not installed, ask the SA to indicate how\nunauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install the USBGuard package with the following command:\n\n$ sudo yum install usbguard.x86_64"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000378-GPOS-00163",
+            "gid": "V-244547",
+            "rid": "SV-244547r854076_rule",
+            "stig_id": "RHEL-08-040139",
+            "fix_id": "F-47779r743889_fix",
+            "cci": [
+              "CCI-001958"
+            ],
+            "nist": [
+              "IA-3"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244547' do\n  title 'RHEL 8 must have the USBGuard installed.'\n  desc 'Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.'\n  desc 'check', 'Verify USBGuard is installed on the operating system with the following\ncommand:\n\n    $ sudo yum list installed usbguard\n\n    Installed Packages\n    usbguard.x86_64                   0.7.8-7.el8             @ol8_appstream\n\n    If the USBGuard package is not installed, ask the SA to indicate how\nunauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding.'\n  desc 'fix', 'Install the USBGuard package with the following command:\n\n$ sudo yum install usbguard.x86_64'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000378-GPOS-00163'\n  tag gid: 'V-244547'\n  tag rid: 'SV-244547r854076_rule'\n  tag stig_id: 'RHEL-08-040139'\n  tag fix_id: 'F-47779r743889_fix'\n  tag cci: ['CCI-001958']\n  tag nist: ['IA-3']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable in the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  peripherals_package = input('peripherals_package')\n\n  describe package(peripherals_package) do\n    it \"is expected to be installed. \\n\\tPlease ensure to configure the service to ensure your devices function as expected.\" do\n      expect(subject.installed?).to be(true), \"The #{peripherals_package} package is not installed\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244547.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System Package usbguard is expected to be installed. \n\tPlease ensure to configure the service to ensure your devices function as expected.",
+              "run_time": 0.207489,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "The usbguard package is not installed",
+              "resource_class": "package",
+              "resource_params": "[\"usbguard\"]",
+              "resource_id": "usbguard"
+            }
+          ]
+        },
+        {
+          "id": "SV-244548",
+          "title": "RHEL 8 must enable the USBGuard.",
+          "desc": "Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system has enabled the use of the USBGuard with the\nfollowing command:\n\n    $ sudo systemctl status usbguard.service\n\n    usbguard.service - USBGuard daemon\n    Loaded: loaded (/usr/lib/systemd/system/usbguard.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If the usbguard.service is not enabled and active, ask the SA to indicate\nhow unauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to enable the blocking of unauthorized\nperipherals with the following commands:\n\n    $ sudo systemctl enable usbguard.service\n\n    $ sudo systemctl start usbguard.service\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000378-GPOS-00163",
+            "gid": "V-244548",
+            "rid": "SV-244548r854077_rule",
+            "stig_id": "RHEL-08-040141",
+            "fix_id": "F-47780r743892_fix",
+            "cci": [
+              "CCI-001958"
+            ],
+            "nist": [
+              "IA-3"
+            ]
+          },
+          "code": "control 'SV-244548' do\n  title 'RHEL 8 must enable the USBGuard.'\n  desc 'Without authenticating devices, unidentified or unknown devices may be\nintroduced, thereby facilitating malicious activity.\n\n    Peripherals include, but are not limited to, such devices as flash drives,\nexternal storage, and printers.\n\n    A new feature that RHEL 8 provides is the USBGuard software framework. The\nUSBguard-daemon is the main component of the USBGuard software framework. It\nruns as a service in the background and enforces the USB device authorization\npolicy for all USB devices. The policy is defined by a set of rules using a\nrule language described in the usbguard-rules.conf file. The policy and the\nauthorization state of USB devices can be modified during runtime using the\nusbguard tool.\n\n    The System Administrator (SA) must work with the site Information System\nSecurity Officer (ISSO) to determine a list of authorized peripherals and\nestablish rules within the USBGuard software framework to allow only authorized\ndevices.'\n  desc 'check', 'Verify the operating system has enabled the use of the USBGuard with the\nfollowing command:\n\n    $ sudo systemctl status usbguard.service\n\n    usbguard.service - USBGuard daemon\n    Loaded: loaded (/usr/lib/systemd/system/usbguard.service; enabled; vendor\npreset: disabled)\n    Active: active (running)\n\n    If the usbguard.service is not enabled and active, ask the SA to indicate\nhow unauthorized peripherals are being blocked.\n    If there is no evidence that unauthorized peripherals are being blocked\nbefore establishing a connection, this is a finding.'\n  desc 'fix', 'Configure the operating system to enable the blocking of unauthorized\nperipherals with the following commands:\n\n    $ sudo systemctl enable usbguard.service\n\n    $ sudo systemctl start usbguard.service\n\n    Note: Enabling and starting usbguard without properly configuring it for an\nindividual system will immediately prevent any access over a usb device such as\na keyboard or mouse'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000378-GPOS-00163'\n  tag gid: 'V-244548'\n  tag rid: 'SV-244548r854077_rule'\n  tag stig_id: 'RHEL-08-040141'\n  tag fix_id: 'F-47780r743892_fix'\n  tag cci: ['CCI-001958']\n  tag nist: ['IA-3']\n\n  only_if('This requirement is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  peripherals_service = input('peripherals_service')\n\n  describe service(peripherals_service) do\n    it \"is expected to be running. \\n\\tPlease ensure to configure the service to ensure your devices function as expected.\" do\n      expect(subject.running?).to be(true), \"The #{peripherals_service} service is not running\"\n    end\n    it \"is expected to be enabled. \\n\\tPlease ensure to configure the service to ensure your devices function as expected.\" do\n      expect(subject.enabled?).to be(true), \"The #{peripherals_service} service is not enabled\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244548.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Service usbguard is expected to be running. \n\tPlease ensure to configure the service to ensure your devices function as expected.",
+              "run_time": 0.355734,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "The usbguard service is not running",
+              "resource_class": "service",
+              "resource_params": "[\"usbguard\"]",
+              "resource_id": "usbguard"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Service usbguard is expected to be enabled. \n\tPlease ensure to configure the service to ensure your devices function as expected.",
+              "run_time": 0.00066,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "message": "The usbguard service is not enabled",
+              "resource_class": "service",
+              "resource_params": "[\"usbguard\"]",
+              "resource_id": "usbguard"
+            }
+          ]
+        },
+        {
+          "id": "SV-244549",
+          "title": "All RHEL 8 networked systems must have SSH installed.",
+          "desc": "Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa."
+            },
+            {
+              "label": "check",
+              "data": "Verify SSH is installed with the following command:\n\n$ sudo yum list installed openssh-server\n\nopenssh-server.x86_64                 8.0p1-5.el8          @anaconda\n\nIf the \"SSH server\" package is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install SSH packages onto the host with the following command:\n\n$ sudo yum install openssh-server.x86_64"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-GPOS-00187",
+            "satisfies": [
+              "SRG-OS-000423-GPOS-00187",
+              "SRG-OS-000424-GPOS-00188",
+              "SRG-OS-000425-GPOS-00189",
+              "SRG-OS-000426-GPOS-00190"
+            ],
+            "gid": "V-244549",
+            "rid": "SV-244549r916422_rule",
+            "stig_id": "RHEL-08-040159",
+            "fix_id": "F-47781r743895_fix",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-244549' do\n  title 'All RHEL 8 networked systems must have SSH installed.'\n  desc \"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\"\n  desc 'check', 'Verify SSH is installed with the following command:\n\n$ sudo yum list installed openssh-server\n\nopenssh-server.x86_64                 8.0p1-5.el8          @anaconda\n\nIf the \"SSH server\" package is not installed, this is a finding.'\n  desc 'fix', \"Install SSH packages onto the host with the following command:\n\n$ sudo yum install openssh-server.x86_64\"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-GPOS-00187'\n  tag satisfies: ['SRG-OS-000423-GPOS-00187', 'SRG-OS-000424-GPOS-00188', 'SRG-OS-000425-GPOS-00189', 'SRG-OS-000426-GPOS-00190']\n  tag gid: 'V-244549'\n  tag rid: 'SV-244549r916422_rule'\n  tag stig_id: 'RHEL-08-040159'\n  tag fix_id: 'F-47781r743895_fix'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n  tag 'host', 'container-conditional'\n\n  impact 0.0 if virtualization.system.eql?('docker') && !package('openssh-server').installed?\n\n  if virtualization.system.eql?('docker')\n    describe 'In a container Environment' do\n      if package('openssh-server').installed?\n        it 'the OpenSSH Server should be installed when allowed in Docker environment' do\n          expect(input('allow_container_openssh_server')).to eq(true), 'OpenSSH Server is installed but not approved for the Docker environment'\n        end\n      else\n        it 'OpenSSH Server is not installed in the container environment' do\n          skip 'This requirement is not applicable as the OpenSSH Server is not installed in the Docker environment.'\n        end\n      end\n    end\n  else\n    describe 'In a machine environment' do\n      it 'the OpenSSH Server should be installed' do\n        expect(package('openssh-server').installed?).to eq(true), 'the OpenSSH Server is not installed'\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244549.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "In a machine environment the OpenSSH Server should be installed",
+              "run_time": 0.218138,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "In a machine environment"
+            }
+          ]
+        },
+        {
+          "id": "SV-244550",
+          "title": "RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.",
+          "desc": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 will not accept IPv4 ICMP redirect messages.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_redirects\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_redirects = 0\n\nIf \"net.ipv4.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent IPv4 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244550",
+            "rid": "SV-244550r858791_rule",
+            "stig_id": "RHEL-08-040209",
+            "fix_id": "F-47782r858790_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244550' do\n  title 'RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP)\nredirect messages from being accepted.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 will not accept IPv4 ICMP redirect messages.\n\nCheck the value of the default \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_redirects\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_redirects = 0\n\nIf \"net.ipv4.conf.default.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent IPv4 ICMP redirect messages from being accepted.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244550'\n  tag rid: 'SV-244550r858791_rule'\n  tag stig_id: 'RHEL-08-040209'\n  tag fix_id: 'F-47782r858790_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.default.accept_redirects'\n  action = 'do not accept IPv4 ICMP redirect messagess'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting setting' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244550.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.default.accept_redirects is disabled in sysctl -a",
+              "run_time": 0.117248,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.default.accept_redirects\"]",
+              "resource_id": "net.ipv4.conf.default.accept_redirects"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for do not accept IPv4 ICMP redirect messagess does not have conflicting setting",
+              "run_time": 0.000168,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for do not accept IPv4 ICMP redirect messagess"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for do not accept IPv4 ICMP redirect messagess does not have more then one value",
+              "run_time": 0.000108,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for do not accept IPv4 ICMP redirect messagess"
+            }
+          ]
+        },
+        {
+          "id": "SV-244551",
+          "title": "RHEL 8 must not forward IPv4 source-routed packets.",
+          "desc": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not accept IPv4 source-routed packets.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_source_route\n\nnet.ipv4.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_source_route = 0\n\nIf \"net.ipv4.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not forward IPv4 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244551",
+            "rid": "SV-244551r858799_rule",
+            "stig_id": "RHEL-08-040239",
+            "fix_id": "F-47783r858798_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244551' do\n  title 'RHEL 8 must not forward IPv4 source-routed packets.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv4 source-routed packets.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_source_route\n\nnet.ipv4.conf.all.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_source_route = 0\n\nIf \"net.ipv4.conf.all.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv4 source-routed packets.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244551'\n  tag rid: 'SV-244551r858799_rule'\n  tag stig_id: 'RHEL-08-040239'\n  tag fix_id: 'F-47783r858798_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This system is acting as a router on the network, this control is Not Applicable', impact: 0.0) {\n    !input('network_router')\n  }\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.all.accept_source_route'\n  action = 'not accept IPv4 source-routed packets'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    # takes the found config values and puts them into a single array with only unique values\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n    # uniq_excluding_value = config_values.values.flatten.map(&:strip).map(&:to_i).uniq.excluding(value)\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244551.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.all.accept_source_route is disabled in sysctl -a",
+              "run_time": 0.128853,
+              "start_time": "2024-01-09T19:41:05-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.all.accept_source_route\"]",
+              "resource_id": "net.ipv4.conf.all.accept_source_route"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for not accept IPv4 source-routed packets does not have conflicting settings",
+              "run_time": 0.003183,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for not accept IPv4 source-routed packets"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for not accept IPv4 source-routed packets does not have more then one value",
+              "run_time": 0.000116,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for not accept IPv4 source-routed packets"
+            }
+          ]
+        },
+        {
+          "id": "SV-244552",
+          "title": "RHEL 8 must not forward IPv4 source-routed packets by default.",
+          "desc": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 does not accept IPv4 source-routed packets by default.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_source_route\n\nnet.ipv4.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_source_route = 0\n\nIf \"net.ipv4.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not forward IPv4 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244552",
+            "rid": "SV-244552r858803_rule",
+            "stig_id": "RHEL-08-040249",
+            "fix_id": "F-47784r858802_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244552' do\n  title 'RHEL 8 must not forward IPv4 source-routed packets by default.'\n  desc 'Source-routed packets allow the source of the packet to suggest that routers forward the packet along a different path than configured on the router, which can be used to bypass network security measures. This requirement applies only to the forwarding of source-routed traffic, such as when forwarding is enabled and the system is functioning as a router.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 does not accept IPv4 source-routed packets by default.\n\nCheck the value of the accept source route variable with the following command:\n\n$ sudo sysctl net.ipv4.conf.default.accept_source_route\n\nnet.ipv4.conf.default.accept_source_route = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.default.accept_source_route /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.default.accept_source_route = 0\n\nIf \"net.ipv4.conf.default.accept_source_route\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not forward IPv4 source-routed packets by default.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.default.accept_source_route=0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244552'\n  tag rid: 'SV-244552r858803_rule'\n  tag stig_id: 'RHEL-08-040249'\n  tag fix_id: 'F-47784r858802_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This system is acting as a router on the network, this control is Not Applicable', impact: 0.0) {\n    !input('network_router')\n  }\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.default.accept_source_route'\n  action = 'not forward IPv4 source-routed packets by default'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244552.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.default.accept_source_route is disabled in sysctl -a",
+              "run_time": 0.121754,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.default.accept_source_route\"]",
+              "resource_id": "net.ipv4.conf.default.accept_source_route"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for not forward IPv4 source-routed packets by default does not have conflicting settings",
+              "run_time": 0.000427,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for not forward IPv4 source-routed packets by default"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for not forward IPv4 source-routed packets by default does not have more then one value",
+              "run_time": 9.9e-05,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for not forward IPv4 source-routed packets by default"
+            }
+          ]
+        },
+        {
+          "id": "SV-244553",
+          "title": "RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.",
+          "desc": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 ignores IPv4 ICMP redirect messages.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_redirects\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_redirects = 0\n\nIf \"net.ipv4.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to ignore IPv4 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244553",
+            "rid": "SV-244553r858818_rule",
+            "stig_id": "RHEL-08-040279",
+            "fix_id": "F-47785r858817_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244553' do\n  title 'RHEL 8 must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages.'\n  desc \"ICMP redirect messages are used by routers to inform hosts that a more direct route exists for a particular destination. These messages modify the host's route table and are unauthenticated. An illicit ICMP redirect message could result in a man-in-the-middle attack.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\"\n  desc 'check', 'Verify RHEL 8 ignores IPv4 ICMP redirect messages.\n\nCheck the value of the \"accept_redirects\" variables with the following command:\n\n$ sudo sysctl net.ipv4.conf.all.accept_redirects\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nIf the returned line does not have a value of \"0\", a line is not returned, or the line is commented out, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.ipv4.conf.all.accept_redirects /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.accept_redirects = 0\n\nIf \"net.ipv4.conf.all.accept_redirects\" is not set to \"0\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to ignore IPv4 ICMP redirect messages.\n\nAdd or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\nnet.ipv4.conf.all.accept_redirects = 0\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nLoad settings from all system configuration files with the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244553'\n  tag rid: 'SV-244553r858818_rule'\n  tag stig_id: 'RHEL-08-040279'\n  tag fix_id: 'F-47785r858817_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.all.accept_redirects'\n  action = 'ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting setting' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244553.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.all.accept_redirects is disabled in sysctl -a",
+              "run_time": 0.155616,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.all.accept_redirects\"]",
+              "resource_id": "net.ipv4.conf.all.accept_redirects"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages does not have conflicting setting",
+              "run_time": 0.00019,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages does not have more then one value",
+              "run_time": 7.2e-05,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages"
+            }
+          ]
+        },
+        {
+          "id": "SV-244554",
+          "title": "RHEL 8 must enable hardening for the Berkeley Packet Filter\nJust-in-time compiler.",
+          "desc": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nEnabling hardening for the Berkeley Packet Filter (BPF) Just-in-time (JIT) compiler aids in mitigating JIT spraying attacks. Setting the value to \"2\" enables JIT hardening for all users.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nEnabling hardening for the Berkeley Packet Filter (BPF) Just-in-time (JIT) compiler aids in mitigating JIT spraying attacks. Setting the value to \"2\" enables JIT hardening for all users.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 enables hardening for the BPF JIT with the following commands:\n\n$ sudo sysctl net.core.bpf_jit_harden\n\nnet.core.bpf_jit_harden = 2\n\nIf the returned line does not have a value of \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.core.bpf_jit_harden /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.core.bpf_jit_harden = 2\n\nIf \"net.core.bpf_jit_harden\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to enable hardening for the BPF JIT compiler by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.core.bpf_jit_harden = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "gid": "V-244554",
+            "rid": "SV-244554r858832_rule",
+            "stig_id": "RHEL-08-040286",
+            "fix_id": "F-47786r858831_fix",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-244554' do\n  title 'RHEL 8 must enable hardening for the Berkeley Packet Filter\nJust-in-time compiler.'\n  desc 'It is detrimental for operating systems to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and therefore may remain unsecured. They increase the risk to the platform by providing additional attack vectors.\n\nEnabling hardening for the Berkeley Packet Filter (BPF) Just-in-time (JIT) compiler aids in mitigating JIT spraying attacks. Setting the value to \"2\" enables JIT hardening for all users.\n\nThe sysctl --system command will load settings from all system configuration files. All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same option, the entry in the file with the lexicographically latest name will take precedence. Files are read from directories in the following list from top to bottom. Once a file of a given filename is loaded, any file of the same name in subsequent directories is ignored.\n/etc/sysctl.d/*.conf\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 enables hardening for the BPF JIT with the following commands:\n\n$ sudo sysctl net.core.bpf_jit_harden\n\nnet.core.bpf_jit_harden = 2\n\nIf the returned line does not have a value of \"2\", or a line is not returned, this is a finding.\n\nCheck that the configuration files are present to enable this network parameter.\n\n$ sudo grep -r net.core.bpf_jit_harden /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n/etc/sysctl.d/99-sysctl.conf: net.core.bpf_jit_harden = 2\n\nIf \"net.core.bpf_jit_harden\" is not set to \"2\", is missing or commented out, this is a finding.\n\nIf conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to enable hardening for the BPF JIT compiler by adding the following line to a file, in the \"/etc/sysctl.d\" directory:\n\nnet.core.bpf_jit_harden = 2\n\nRemove any configurations that conflict with the above from the following locations:\n/run/sysctl.d/*.conf\n/usr/local/lib/sysctl.d/*.conf\n/usr/lib/sysctl.d/*.conf\n/lib/sysctl.d/*.conf\n/etc/sysctl.conf\n/etc/sysctl.d/*.conf\n\nThe system configuration files need to be reloaded for the changes to take effect. To reload the contents of the files, run the following command:\n\n$ sudo sysctl --system'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag gid: 'V-244554'\n  tag rid: 'SV-244554r858832_rule'\n  tag stig_id: 'RHEL-08-040286'\n  tag fix_id: 'F-47786r858831_fix'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.core.bpf_jit_harden'\n  action = 'Enables hardening for the BPF JIT'\n  value = 2\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"do not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-244554.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Kernel Parameter net.core.bpf_jit_harden is disabled in sysctl -a",
+              "run_time": 0.117909,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "message": "\nexpected: 2\n     got: 1\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.core.bpf_jit_harden\"]",
+              "resource_id": "net.core.bpf_jit_harden"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for Enables hardening for the BPF JIT does not have conflicting settings",
+              "run_time": 0.000145,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for Enables hardening for the BPF JIT"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Configuration files for Enables hardening for the BPF JIT does not have more then one value",
+              "run_time": 0.000102,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "for Enables hardening for the BPF JIT"
+            }
+          ]
+        },
+        {
+          "id": "SV-245540",
+          "title": "The RHEL 8 operating system must implement the Endpoint Security for\nLinux Threat Prevention tool.",
+          "desc": "Adding endpoint security tools can provide the capability to\nautomatically take actions in response to malicious behavior, which can provide\nadditional agility in reacting to network threats. These tools also often\ninclude a reporting capability to provide network awareness of the system,\nwhich may not otherwise exist in an organization's systems management regime.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Adding endpoint security tools can provide the capability to\nautomatically take actions in response to malicious behavior, which can provide\nadditional agility in reacting to network threats. These tools also often\ninclude a reporting capability to provide network awareness of the system,\nwhich may not otherwise exist in an organization's systems management regime."
+            },
+            {
+              "label": "check",
+              "data": "Per OPORD 16-0080, the preferred endpoint security tool is McAfee Endpoint\nSecurity for Linux (ENSL) in conjunction with SELinux.\n\n    Procedure:\n    Check that the following package has been installed:\n\n    $ sudo rpm -qa | grep -i mcafeetp\n\n    If the \"mcafeetp\" package is not installed, this is a finding.\n\n    Verify that the daemon is running:\n\n    $ sudo ps -ef | grep -i mfetpd\n\n    If the daemon is not running, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install and enable the latest McAfee ENSLTP package."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000191-GPOS-00080",
+            "gid": "V-245540",
+            "rid": "SV-245540r754730_rule",
+            "stig_id": "RHEL-08-010001",
+            "fix_id": "F-48770r754729_fix",
+            "cci": [
+              "CCI-001233"
+            ],
+            "nist": [
+              "SI-2 (2)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-245540' do\n  title 'The RHEL 8 operating system must implement the Endpoint Security for\nLinux Threat Prevention tool.'\n  desc \"Adding endpoint security tools can provide the capability to\nautomatically take actions in response to malicious behavior, which can provide\nadditional agility in reacting to network threats. These tools also often\ninclude a reporting capability to provide network awareness of the system,\nwhich may not otherwise exist in an organization's systems management regime.\"\n  desc 'check', 'Per OPORD 16-0080, the preferred endpoint security tool is McAfee Endpoint\nSecurity for Linux (ENSL) in conjunction with SELinux.\n\n    Procedure:\n    Check that the following package has been installed:\n\n    $ sudo rpm -qa | grep -i mcafeetp\n\n    If the \"mcafeetp\" package is not installed, this is a finding.\n\n    Verify that the daemon is running:\n\n    $ sudo ps -ef | grep -i mfetpd\n\n    If the daemon is not running, this is a finding.'\n  desc 'fix', 'Install and enable the latest McAfee ENSLTP package.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000191-GPOS-00080'\n  tag gid: 'V-245540'\n  tag rid: 'SV-245540r754730_rule'\n  tag stig_id: 'RHEL-08-010001'\n  tag fix_id: 'F-48770r754729_fix'\n  tag cci: ['CCI-001233']\n  tag nist: ['SI-2 (2)']\n  tag 'host'\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if input('skip_endpoint_security_tool')\n    impact 0.0\n    describe 'Implementing the Endpoint Security for Linux Threat Prevention tool is not applicable by agreement with  the approval authority of the organization.' do\n      skip 'Implementing the Endpoint Security for Linux Threat Prevention tool is not applicable by agreement with  the approval authority of the organization.'\n    end\n  else\n    linux_threat_prevention_package = input('linux_threat_prevention_package')\n    linux_threat_prevention_service = input('linux_threat_prevention_service')\n    describe package(linux_threat_prevention_package) do\n      it { should be_installed }\n    end\n\n    describe processes(linux_threat_prevention_service) do\n      it { should exist }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-245540.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System Package mcafeetp is expected to be installed",
+              "run_time": 0.134239,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "message": "expected that `System Package mcafeetp` is installed",
+              "resource_class": "package",
+              "resource_params": "[\"mcafeetp\"]",
+              "resource_id": "mcafeetp"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Processes mfetpd is expected to exist",
+              "run_time": 0.000456,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "message": "expected Processes mfetpd to exist",
+              "resource_class": "processes",
+              "resource_params": "[\"mfetpd\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-250315",
+          "title": "RHEL 8 systems, versions 8.2 and above, must configure SELinux context\n  type to allow the use of a non-default faillock tally directory.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"faillock.conf\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  re-enabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"faillock.conf\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  re-enabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory."
+            },
+            {
+              "label": "check",
+              "data": "If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.2 or newer. If the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/security/faillock.conf\n\n  dir = /var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to allow the use of a non-default faillock tally\n  directory while SELinux enforces a targeted policy.\n\n  Create a non-default faillock tally directory (if it does not already exist)\n  with the following example:\n\n  $ sudo mkdir /var/log/faillock\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/subdirectories\n  and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-53749r793000_chk",
+            "severity": "medium",
+            "gid": "V-250315",
+            "rid": "SV-250315r854079_rule",
+            "stig_id": "RHEL-08-020027",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "fix_id": "F-53703r793001_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000044",
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 a",
+              "AC-7 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-250315' do\n  title 'RHEL 8 systems, versions 8.2 and above, must configure SELinux context\n  type to allow the use of a non-default faillock tally directory.'\n  desc %q(By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"faillock.conf\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  re-enabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.)\n  desc 'check', 'If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.2 or newer. If the system is\n  RHEL version 8.0 or 8.1, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/security/faillock.conf\n\n  dir = /var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allow the use of a non-default faillock tally\n  directory while SELinux enforces a targeted policy.\n\n  Create a non-default faillock tally directory (if it does not already exist)\n  with the following example:\n\n  $ sudo mkdir /var/log/faillock\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/subdirectories\n  and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock'\n  impact 0.5\n  tag check_id: 'C-53749r793000_chk'\n  tag severity: 'medium'\n  tag gid: 'V-250315'\n  tag rid: 'SV-250315r854079_rule'\n  tag stig_id: 'RHEL-08-020027'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag fix_id: 'F-53703r793001_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000044', 'CCI-002238']\n  tag nist: ['AC-7 a', 'AC-7 b']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL version 8.2 and later. If the system is\n  not RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    (os.release.to_f) >= 8.2\n  }\n\n  describe selinux do\n    it { should be_installed }\n    it { should be_enforcing }\n    it { should_not be_disabled }\n  end\n\n  describe parse_config_file('/etc/security/faillock.conf') do\n    its('dir') { should cmp input('non_default_tally_dir') }\n  end\n\n  faillock_tally = input('faillock_tally')\n\n  describe \"The selected non-default tally directory for PAM: #{input('non_default_tally_dir')}\" do\n    subject { file(input('non_default_tally_dir')) }\n    its('selinux_label') { should match(/#{faillock_tally}/) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-250315.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "SELinux is expected to be installed",
+              "run_time": 0.205833,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "selinux",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "SELinux is expected to be enforcing",
+              "run_time": 0.009937,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "selinux",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "SELinux is expected not to be disabled",
+              "run_time": 0.005224,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "selinux",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/security/faillock.conf dir is expected to cmp == \"/var/log/faillock\"",
+              "run_time": 0.000388,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "message": "\nexpected: /var/log/faillock\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/security/faillock.conf\"]",
+              "resource_id": "/etc/security/faillock.conf"
+            },
+            {
+              "status": "failed",
+              "code_desc": "The selected non-default tally directory for PAM: /var/log/faillock selinux_label is expected to match /faillog_t/",
+              "run_time": 0.104025,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "message": "expected nil to match /faillog_t/",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "selinux_label"
+            }
+          ]
+        },
+        {
+          "id": "SV-250316",
+          "title": "RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory.",
+          "desc": "By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"Pam_Faillock\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  reenabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"Pam_Faillock\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  reenabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory."
+            },
+            {
+              "label": "check",
+              "data": "If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL\n  version 8.2 or newer, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/pam.d/password-auth\n\n  auth   required   pam_faillock.so preauth dir=/var/log/faillock\n  auth   required   pam_faillock.so authfail dir=/var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to allow the use of a non-default faillock\n  tally directory while SELinux enforces a targeted policy.\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/\n  subdirectories and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "check_id": "C-53750r793003_chk",
+            "severity": "medium",
+            "gid": "V-250316",
+            "rid": "SV-250316r854080_rule",
+            "stig_id": "RHEL-08-020028",
+            "gtitle": "SRG-OS-000021-GPOS-00005",
+            "fix_id": "F-53704r793004_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000044",
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 a",
+              "AC-7 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-250316' do\n  title 'RHEL 8 systems below version 8.2 must configure SELinux context type to allow the use of a non-default faillock tally directory.'\n  desc %q(By limiting the number of failed logon attempts, the risk of\n  unauthorized system access via user password guessing, otherwise known as\n  brute-force attacks, is reduced. Limits are imposed by locking the account.\n\n  From \"Pam_Faillock\" man pages: Note that the default directory that\n  \"pam_faillock\" uses is usually cleared on system boot so the access will be\n  reenabled after system reboot. If that is undesirable, a different tally\n  directory must be set with the \"dir\" option.\n\n  SELinux, enforcing a targeted policy, will require any non-default tally\n  directory's security context type to match the default directory's security\n  context type. Without updating the security context type, the pam_faillock\n  module will not write failed login attempts to the non-default tally directory.)\n  desc 'check', 'If the system does not have SELinux enabled and enforcing a\n  targeted policy, or if the pam_faillock module is not configured for use,\n  this requirement is not applicable.\n\n  Note: This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL\n  version 8.2 or newer, this check is not applicable.\n\n  Verify the location of the non-default tally directory for the pam_faillock\n  module with the following command:\n\n  $ sudo grep -w dir /etc/pam.d/password-auth\n\n  auth   required   pam_faillock.so preauth dir=/var/log/faillock\n  auth   required   pam_faillock.so authfail dir=/var/log/faillock\n\n  Check the security context type of the non-default tally directory with the\n  following command:\n\n  $ sudo ls -Zd /var/log/faillock\n\n  unconfined_u:object_r:faillog_t:s0 /var/log/faillock\n\n  If the security context type of the non-default tally directory is not\n  \"faillog_t\", this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to allow the use of a non-default faillock\n  tally directory while SELinux enforces a targeted policy.\n\n  Update the /etc/selinux/targeted/contexts/files/file_contexts.local with\n  \"faillog_t\" context type for the non-default faillock tally directory with\n  the following command:\n\n  $ sudo semanage fcontext -a -t faillog_t \"/var/log/faillock(/.*)?\"\n\n  Next, update the context type of the non-default faillock directory/\n  subdirectories and files with the following command:\n\n  $ sudo restorecon -R -v /var/log/faillock'\n  impact 0.5\n  tag check_id: 'C-53750r793003_chk'\n  tag severity: 'medium'\n  tag gid: 'V-250316'\n  tag rid: 'SV-250316r854080_rule'\n  tag stig_id: 'RHEL-08-020028'\n  tag gtitle: 'SRG-OS-000021-GPOS-00005'\n  tag fix_id: 'F-53704r793004_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000044', 'CCI-002238']\n  tag nist: ['AC-7 a', 'AC-7 b']\n  tag 'host', 'container'\n\n  only_if('This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL version 8.2 or newer, this check is Not Applicable.', impact: 0.0) {\n    os.release.to_f < 8.2\n  }\n\n  describe selinux do\n    it { should be_installed }\n    it { should be_enforcing }\n    it { should_not be_disabled }\n  end\n\n  # TODO: refactor this with the pam resource\n  describe file('/etc/pam.d/password-auth') do\n    its('content') {\n      should match(/auth\\s+required\\s+pam_faillock.so preauth\n    dir=#{input('non_default_tally_dir')}/)\n    }\n    its('content') {\n      should match(/auth\\s+required\\s+pam_faillock.so authfail\n    dir=#{input('non_default_tally_dir')}/)\n    }\n  end\n\n  faillock_tally = input('faillock_tally')\n\n  describe \"The selected non-default tally directory for PAM: #{input('non_default_tally_dir')}\" do\n    subject { file(input('non_default_tally_dir')) }\n    its('selinux_label') { should match(/#{faillock_tally}/) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-250316.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 1.6e-05,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: This check applies to RHEL versions 8.0 and 8.1. If the system is RHEL version 8.2 or newer, this check is Not Applicable.",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-250317",
+          "title": "RHEL 8 must not enable IPv4 packet forwarding unless the system is a router.",
+          "desc": "Routing protocol daemons are typically used on routers to exchange network\n    topology information with other routers. If this software is used when not required,\n    system network information may be unnecessarily transmitted across the network.\n\n    The sysctl --system command will load settings from all system configuration files.\n\n    All configuration files are sorted by their filename in lexicographic order, regardless\n    of which of the directories they reside in. If multiple files specify the same option,\n    the entry in the file with the lexicographically latest name will take precedence.\n\n    Files are read from directories in the following list from top to bottom. Once a file of a\n    given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Routing protocol daemons are typically used on routers to exchange network\n    topology information with other routers. If this software is used when not required,\n    system network information may be unnecessarily transmitted across the network.\n\n    The sysctl --system command will load settings from all system configuration files.\n\n    All configuration files are sorted by their filename in lexicographic order, regardless\n    of which of the directories they reside in. If multiple files specify the same option,\n    the entry in the file with the lexicographically latest name will take precedence.\n\n    Files are read from directories in the following list from top to bottom. Once a file of a\n    given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf"
+            },
+            {
+              "label": "check",
+              "data": "Verify RHEL 8 is not performing IPv4 packet forwarding, unless the system\n    is a router.\n\n    Check that IPv4 forwarding is disabled using the following command:\n\n    $ sudo sysctl net.ipv4.conf.all.forwarding\n\n    net.ipv4.conf.all.forwarding = 0\n\n    If the IPv4 forwarding value is not \"0\" and is not documented with the Information System\n    Security Officer (ISSO) as an operational requirement, this is a finding.\n\n    Check that the configuration files are present to enable this network parameter.\n\n    $ sudo grep -sr net.ipv4.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n    /etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.forwarding = 0\n\n    If \"net.ipv4.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\n    If conflicting results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to not allow IPv4 packet forwarding, unless the system is a router.\n\n    Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n    net.ipv4.conf.all.forwarding=0\n\n    Remove any configurations that conflict with the above from the following locations:\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf\n    /etc/sysctl.d/*.conf\n\n    Load settings from all system configuration files with the following command:\n\n    $ sudo sysctl --system"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-53751r833382_chk",
+            "severity": "medium",
+            "gid": "V-250317",
+            "rid": "SV-250317r858808_rule",
+            "stig_id": "RHEL-08-040259",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-53705r858807_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-250317' do\n  title 'RHEL 8 must not enable IPv4 packet forwarding unless the system is a router.'\n  desc 'Routing protocol daemons are typically used on routers to exchange network\n    topology information with other routers. If this software is used when not required,\n    system network information may be unnecessarily transmitted across the network.\n\n    The sysctl --system command will load settings from all system configuration files.\n\n    All configuration files are sorted by their filename in lexicographic order, regardless\n    of which of the directories they reside in. If multiple files specify the same option,\n    the entry in the file with the lexicographically latest name will take precedence.\n\n    Files are read from directories in the following list from top to bottom. Once a file of a\n    given filename is loaded, any file of the same name in subsequent directories is ignored.\n\n    /etc/sysctl.d/*.conf\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf'\n  desc 'check', 'Verify RHEL 8 is not performing IPv4 packet forwarding, unless the system\n    is a router.\n\n    Check that IPv4 forwarding is disabled using the following command:\n\n    $ sudo sysctl net.ipv4.conf.all.forwarding\n\n    net.ipv4.conf.all.forwarding = 0\n\n    If the IPv4 forwarding value is not \"0\" and is not documented with the Information System\n    Security Officer (ISSO) as an operational requirement, this is a finding.\n\n    Check that the configuration files are present to enable this network parameter.\n\n    $ sudo grep -sr net.ipv4.conf.all.forwarding /run/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf /etc/sysctl.d/*.conf\n\n    /etc/sysctl.d/99-sysctl.conf: net.ipv4.conf.all.forwarding = 0\n\n    If \"net.ipv4.conf.all.forwarding\" is not set to \"0\", is missing or commented out, this is a finding.\n\n    If conflicting results are returned, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to not allow IPv4 packet forwarding, unless the system is a router.\n\n    Add or edit the following line in a system configuration file, in the \"/etc/sysctl.d/\" directory:\n\n    net.ipv4.conf.all.forwarding=0\n\n    Remove any configurations that conflict with the above from the following locations:\n    /run/sysctl.d/*.conf\n    /usr/local/lib/sysctl.d/*.conf\n    /usr/lib/sysctl.d/*.conf\n    /lib/sysctl.d/*.conf\n    /etc/sysctl.conf\n    /etc/sysctl.d/*.conf\n\n    Load settings from all system configuration files with the following command:\n\n    $ sudo sysctl --system'\n  impact 0.5\n  tag check_id: 'C-53751r833382_chk'\n  tag severity: 'medium'\n  tag gid: 'V-250317'\n  tag rid: 'SV-250317r858808_rule'\n  tag stig_id: 'RHEL-08-040259'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-53705r858807_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This system is acting as a router on the network, this control is Not Applicable', impact: 0.0) {\n    !input('network_router')\n  }\n\n  # Define the kernel parameter to be checked\n  parameter = 'net.ipv4.conf.all.forwarding'\n  action = 'IPv4 packet forwarding'\n  value = 0\n\n  # Get the current value of the kernel parameter\n  current_value = kernel_parameter(parameter)\n\n  # Check if the system is a Docker container\n  if virtualization.system.eql?('docker')\n    impact 0.0\n    describe 'Control not applicable within a container' do\n      skip 'Control not applicable within a container'\n    end\n  else\n    # Check if IPv4 packet forwarding is disabled\n    describe kernel_parameter(parameter) do\n      it 'is disabled in sysctl -a' do\n        expect(current_value.value).to cmp value\n        expect(current_value.value).not_to be_nil\n      end\n    end\n\n    # Get the list of sysctl configuration files\n    sysctl_config_files = input('sysctl_conf_files').map(&:strip).join(' ')\n\n    # Search for the kernel parameter in the configuration files\n    search_results = command(\"grep -r #{parameter} #{sysctl_config_files} {} \\;\").stdout.split(\"\\n\")\n\n    # Parse the search results into a hash\n    config_values = search_results.each_with_object({}) do |item, results|\n      file, setting = item.split(':')\n      results[file] ||= []\n      results[file] << setting.split('=').last\n    end\n\n    uniq_config_values = config_values.values.flatten.map(&:strip).map(&:to_i).uniq\n\n    # Check the configuration files\n    describe 'Configuration files' do\n      if search_results.empty?\n        it \"does not have `#{parameter}` disabled directly\" do\n          expect(config_values).not_to be_empty, \"Add the line `#{parameter}=#{value}` to a file in the `/etc/sysctl.d/` directory\"\n        end\n      else\n        describe \"for #{action}\" do\n          it 'does not have conflicting settings' do\n            expect(uniq_config_values.count).to eq(1), \"Expected one unique configuration, but got #{config_values}\"\n          end\n\n          it 'does not have more then one value' do\n            expect(config_values.values.flatten.all? { |v| v.to_i.eql?(value) }).to be true\n          end\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-250317.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Kernel Parameter net.ipv4.conf.all.forwarding is disabled in sysctl -a",
+              "run_time": 0.123778,
+              "start_time": "2024-01-09T19:41:06-05:00",
+              "resource_class": "kernel_parameter",
+              "resource_params": "[\"net.ipv4.conf.all.forwarding\"]",
+              "resource_id": "net.ipv4.conf.all.forwarding"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Configuration files does not have `net.ipv4.conf.all.forwarding` disabled directly",
+              "run_time": 0.007281,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "message": "Add the line `net.ipv4.conf.all.forwarding=0` to a file in the `/etc/sysctl.d/` directory",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Configuration files"
+            }
+          ]
+        },
+        {
+          "id": "SV-251706",
+          "title": "The RHEL 8 operating system must not have accounts configured with blank or null passwords.",
+          "desc": "If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments."
+            },
+            {
+              "label": "check",
+              "data": "Check the \"/etc/shadow\" file for blank passwords with the following command:\n\n$ sudo awk -F: '!$2 {print $1}' /etc/shadow\n\nIf the command returns any results, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure all accounts on the system to have a password or lock the account\nwith the following commands:\n\nPerform a password reset:\n$ sudo passwd [username]\n\nLock an account:\n$ sudo passwd -l [username]"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55143r809340_chk",
+            "severity": "high",
+            "gid": "V-251706",
+            "rid": "SV-251706r809342_rule",
+            "stig_id": "RHEL-08-010121",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55097r809341_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null,
+            "review": null
+          },
+          "code": "control 'SV-251706' do\n  title 'The RHEL 8 operating system must not have accounts configured with blank or null passwords.'\n  desc 'If an account has an empty password, anyone could log on and run commands with the privileges of that account. Accounts with empty passwords should never be used in operational environments.'\n  desc 'check', %q(Check the \"/etc/shadow\" file for blank passwords with the following command:\n\n$ sudo awk -F: '!$2 {print $1}' /etc/shadow\n\nIf the command returns any results, this is a finding.)\n  desc 'fix', 'Configure all accounts on the system to have a password or lock the account\nwith the following commands:\n\nPerform a password reset:\n$ sudo passwd [username]\n\nLock an account:\n$ sudo passwd -l [username]'\n  impact 0.7\n  tag check_id: 'C-55143r809340_chk'\n  tag severity: 'high'\n  tag gid: 'V-251706'\n  tag rid: 'SV-251706r809342_rule'\n  tag stig_id: 'RHEL-08-010121'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55097r809341_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container', 'review'\n\n  users_with_blank_passwords = shadow.where { password.blank? }.users - input('users_allowed_blank_passwords')\n\n  # TODO: is this an NA in containers?\n\n  describe 'All users' do\n    it 'should have a password set' do\n      fail_msg = \"Users with blank passwords:\\n\\t- #{users_with_blank_passwords.join(\"\\n\\t- \")}\"\n      expect(users_with_blank_passwords).to be_empty, fail_msg\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251706.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "All users should have a password set",
+              "run_time": 0.004912,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All users"
+            }
+          ]
+        },
+        {
+          "id": "SV-251707",
+          "title": "RHEL 8 library directories must have mode 755 or less permissive.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software libraries,\n  then those changes might be implemented without undergoing the appropriate\n  testing and approvals that are part of a robust change management process.\n\n  This requirement applies to RHEL 8 with software libraries that are accessible\n  and configurable, as in the case of interpreted languages. Software libraries\n  also include privileged programs that execute with escalated privileges. Only\n  qualified and authorized individuals will be allowed to obtain access to\n  information system components for purposes of initiating changes, including\n  upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software libraries,\n  then those changes might be implemented without undergoing the appropriate\n  testing and approvals that are part of a robust change management process.\n\n  This requirement applies to RHEL 8 with software libraries that are accessible\n  and configurable, as in the case of interpreted languages. Software libraries\n  also include privileged programs that execute with escalated privileges. Only\n  qualified and authorized individuals will be allowed to obtain access to\n  information system components for purposes of initiating changes, including\n  upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system-wide shared library directories within \"/lib\",\n  \"/lib64\", \"/usr/lib\" and \"/usr/lib64\" have mode \"755\" or less permissive with\n  the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec stat -c \"%n %a\" '{}' \\;\n\n  If any system-wide shared library directories are found to be group-writable\n  or world-writable, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the library directories to be protected from unauthorized\n  access. Run the following command, replacing \"[DIRECTORY]\" with any library\n  directory with a mode more permissive than 755.\n\n  $ sudo chmod 755 [DIRECTORY]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "gid": "V-251707",
+            "rid": "SV-251707r809345_rule",
+            "stig_id": "RHEL-08-010331",
+            "fix_id": "F-55098r809344_fix",
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-251707' do\n  title 'RHEL 8 library directories must have mode 755 or less permissive.'\n  desc 'If RHEL 8 were to allow any user to make changes to software libraries,\n  then those changes might be implemented without undergoing the appropriate\n  testing and approvals that are part of a robust change management process.\n\n  This requirement applies to RHEL 8 with software libraries that are accessible\n  and configurable, as in the case of interpreted languages. Software libraries\n  also include privileged programs that execute with escalated privileges. Only\n  qualified and authorized individuals will be allowed to obtain access to\n  information system components for purposes of initiating changes, including\n  upgrades and modifications.'\n  desc 'check', %q(Verify the system-wide shared library directories within \"/lib\",\n  \"/lib64\", \"/usr/lib\" and \"/usr/lib64\" have mode \"755\" or less permissive with\n  the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 -perm /022 -type d -exec stat -c \"%n %a\" '{}' \\;\n\n  If any system-wide shared library directories are found to be group-writable\n  or world-writable, this is a finding.)\n  desc 'fix', 'Configure the library directories to be protected from unauthorized\n  access. Run the following command, replacing \"[DIRECTORY]\" with any library\n  directory with a mode more permissive than 755.\n\n  $ sudo chmod 755 [DIRECTORY]'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag gid: 'V-251707'\n  tag rid: 'SV-251707r809345_rule'\n  tag stig_id: 'RHEL-08-010331'\n  tag fix_id: 'F-55098r809344_fix'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host'\n\n  only_if('This control is does not apply to containers', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  permissions_for_libs = input('permissions_for_libs')\n\n  overly_permissive_libs = input('system_libraries').select { |lib|\n    file(lib).more_permissive_than?(permissions_for_libs)\n  }\n\n  describe 'System libraries' do\n    it \"should not have permissions set higher than #{permissions_for_libs}\" do\n      fail_msg = \"Overly permissive system libraries:\\n\\t- #{overly_permissive_libs.join(\"\\n\\t- \")}\"\n      expect(overly_permissive_libs).to be_empty, fail_msg\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251707.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System libraries should not have permissions set higher than 0755",
+              "run_time": 0.004302,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System libraries"
+            }
+          ]
+        },
+        {
+          "id": "SV-251708",
+          "title": "RHEL 8 library directories must be owned by root.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system-wide shared library directories are owned by \"root\" with\nthe following command:\n\n$ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c \"%n %U\" '{}' \\;\n\nIf any system-wide shared library directory is returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system-wide shared library directories within (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not owned by \"root\".\n\n              $ sudo chown root [DIRECTORY]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55145r810011_chk",
+            "severity": "medium",
+            "gid": "V-251708",
+            "rid": "SV-251708r810012_rule",
+            "stig_id": "RHEL-08-010341",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "fix_id": "F-55099r809347_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null,
+            "review": null
+          },
+          "code": "control 'SV-251708' do\n  title 'RHEL 8 library directories must be owned by root.'\n  desc 'If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.'\n  desc 'check', %q(Verify the system-wide shared library directories are owned by \"root\" with\nthe following command:\n\n$ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -user root -type d -exec stat -c \"%n %U\" '{}' \\;\n\nIf any system-wide shared library directory is returned, this is a finding.)\n  desc 'fix', 'Configure the system-wide shared library directories within (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not owned by \"root\".\n\n              $ sudo chown root [DIRECTORY]'\n  impact 0.5\n  tag check_id: 'C-55145r810011_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251708'\n  tag rid: 'SV-251708r810012_rule'\n  tag stig_id: 'RHEL-08-010341'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag fix_id: 'F-55099r809347_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container', 'review'\n\n  non_root_owned_libs = input('system_libraries').reject { |lib| file(lib).owned_by?('root') }\n\n  # TODO: is this NA in continers?\n\n  describe 'System libraries' do\n    it 'should be owned by root' do\n      fail_msg = \"Libs not owned by root:\\n\\t- #{non_root_owned_libs.join(\"\\n\\t- \")}\"\n      expect(non_root_owned_libs).to be_empty, fail_msg\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251708.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System libraries should be owned by root",
+              "run_time": 0.004067,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System libraries"
+            }
+          ]
+        },
+        {
+          "id": "SV-251709",
+          "title": "RHEL 8 library directories must be group-owned by root or a system account.",
+          "desc": "If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications."
+            },
+            {
+              "label": "check",
+              "data": "Verify the system-wide shared library directories are group-owned\n  by \"root\" with the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c \"%n %G\" '{}' \\;\n\n  If any system-wide shared library directory is returned and is not group-owned\n  by a required system account, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the system-wide shared library directories (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not group-owned by \"root\". $ sudo chgrp root [DIRECTORY]"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55146r810013_chk",
+            "severity": "medium",
+            "gid": "V-251709",
+            "rid": "SV-251709r810014_rule",
+            "stig_id": "RHEL-08-010351",
+            "gtitle": "SRG-OS-000259-GPOS-00100",
+            "fix_id": "F-55100r809350_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-001499"
+            ],
+            "nist": [
+              "CM-5 (6)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-251709' do\n  title 'RHEL 8 library directories must be group-owned by root or a system account.'\n  desc 'If RHEL 8 were to allow any user to make changes to software libraries, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of a robust change management process. This requirement applies to RHEL 8 with software libraries that are accessible and configurable, as in the case of interpreted languages. Software libraries also include privileged programs that execute with escalated privileges. Only qualified and authorized individuals will be allowed to obtain access to information system components for purposes of initiating changes, including upgrades and modifications.'\n  desc 'check', %q(Verify the system-wide shared library directories are group-owned\n  by \"root\" with the following command:\n\n  $ sudo find /lib /lib64 /usr/lib /usr/lib64 ! -group root -type d -exec stat -c \"%n %G\" '{}' \\;\n\n  If any system-wide shared library directory is returned and is not group-owned\n  by a required system account, this is a finding.)\n  desc 'fix', 'Configure the system-wide shared library directories (/lib, /lib64, /usr/lib and /usr/lib64) to be protected from unauthorized access. Run the following command, replacing \"[DIRECTORY]\" with any library directory not group-owned by \"root\". $ sudo chgrp root [DIRECTORY]'\n  impact 0.5\n  tag check_id: 'C-55146r810013_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251709'\n  tag rid: 'SV-251709r810014_rule'\n  tag stig_id: 'RHEL-08-010351'\n  tag gtitle: 'SRG-OS-000259-GPOS-00100'\n  tag fix_id: 'F-55100r809350_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001499']\n  tag nist: ['CM-5 (6)']\n  tag 'host', 'container'\n\n  non_root_owned_libs = input('system_libraries').filter { |lib|\n    !input('required_system_accounts').include?(file(lib).group)\n  }\n\n  describe 'System libraries' do\n    it 'should be owned by a required system account' do\n      fail_msg = \"Libs not group-owned by a system account:\\n\\t- #{non_root_owned_libs.join(\"\\n\\t- \")}\"\n      expect(non_root_owned_libs).to be_empty, fail_msg\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251709.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System libraries should be owned by a required system account",
+              "run_time": 0.003784,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "System libraries"
+            }
+          ]
+        },
+        {
+          "id": "SV-251710",
+          "title": "The RHEL 8 operating system must use a file integrity tool to verify correct operation of all security functions.",
+          "desc": "Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed.\n        Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the\n        system security policy and supporting the isolation of code and data on which the protection is based. Security functionality\n        includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges),\n        setting events to be audited, and setting intrusion detection parameters.\n\n        This requirement applies to the RHEL 8 operating system performing security function verification/testing and/or systems and\n        environments that require this functionality.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed.\n        Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the\n        system security policy and supporting the isolation of code and data on which the protection is based. Security functionality\n        includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges),\n        setting events to be audited, and setting intrusion detection parameters.\n\n        This requirement applies to the RHEL 8 operating system performing security function verification/testing and/or systems and\n        environments that require this functionality."
+            },
+            {
+              "label": "check",
+              "data": "Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all\n        security functions.\n\n        Check that the AIDE package is installed with the following command:\n          $ sudo rpm -q aide\n\n          aide-0.16-14.el8_5.1.x86_64\n\n        If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\n        If there is no application installed to perform integrity checks, this is a finding.\n\n        If AIDE is installed, check if it has been initialized with the following command:\n          $ sudo /usr/sbin/aide --check\n\n        If the output is \"Couldn't open file /var/lib/aide/aide.db.gz for reading\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install AIDE, initialize it, and perform a manual check.\n\n        Install AIDE:\n          $ sudo yum install aide\n\n        Initialize it:\n          $ sudo /usr/sbin/aide --init\n\n        Example output:\n          Number of entries:      48623\n\n          ---------------------------------------------------\n          The attributes of the (uncompressed) database(s):\n          ---------------------------------------------------\n\n          /var/lib/aide/aide.db.new.gz\n            SHA1     : LTAVQ8tFJthsrf4m9gfRpnf1vyc=\n            SHA256   : NJ9+uzRQKSwmLQ8A6IpKNvYjVKGbhSjt\n              BeJBVcmOVrI=\n            SHA512   : 7d8I/F6A1b07E4ZuGeilZjefRgJJ/F20\n              eC2xoag1OsOVpctt3Mi7Jjjf3vFW4xoY\n              5mdS6/ImQpm0xtlTLOPeQQ==\n\n          End timestamp: 2022-10-20 10:50:52 -0700 (run time: 0m 46s)\n\n        The new database will need to be renamed to be read by AIDE:\n          $ sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz\n\n        Perform a manual check:\n          $ sudo /usr/sbin/aide --check\n\n        Example output:\n          Start timestamp: 2022-10-20 11:03:16 -0700 (AIDE 0.16)\n          AIDE found differences between database and filesystem!!\n          ...\n\n        Done."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55147r880728_chk",
+            "severity": "medium",
+            "gid": "V-251710",
+            "rid": "SV-251710r880730_rule",
+            "stig_id": "RHEL-08-010359",
+            "gtitle": "SRG-OS-000445-GPOS-00199",
+            "fix_id": "F-55101r880729_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-002696"
+            ],
+            "nist": [
+              "SI-6 a"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-251710' do\n  title 'The RHEL 8 operating system must use a file integrity tool to verify correct operation of all security functions.'\n  desc 'Without verification of the security functions, security functions may not operate correctly, and the failure may go unnoticed.\n        Security function is defined as the hardware, software, and/or firmware of the information system responsible for enforcing the\n        system security policy and supporting the isolation of code and data on which the protection is based. Security functionality\n        includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges),\n        setting events to be audited, and setting intrusion detection parameters.\n\n        This requirement applies to the RHEL 8 operating system performing security function verification/testing and/or systems and\n        environments that require this functionality.'\n  desc 'check', %q(Verify that Advanced Intrusion Detection Environment (AIDE) is installed and verifies the correct operation of all\n        security functions.\n\n        Check that the AIDE package is installed with the following command:\n          $ sudo rpm -q aide\n\n          aide-0.16-14.el8_5.1.x86_64\n\n        If AIDE is not installed, ask the System Administrator how file integrity checks are performed on the system.\n\n        If there is no application installed to perform integrity checks, this is a finding.\n\n        If AIDE is installed, check if it has been initialized with the following command:\n          $ sudo /usr/sbin/aide --check\n\n        If the output is \"Couldn't open file /var/lib/aide/aide.db.gz for reading\", this is a finding.)\n  desc 'fix', 'Install AIDE, initialize it, and perform a manual check.\n\n        Install AIDE:\n          $ sudo yum install aide\n\n        Initialize it:\n          $ sudo /usr/sbin/aide --init\n\n        Example output:\n          Number of entries:      48623\n\n          ---------------------------------------------------\n          The attributes of the (uncompressed) database(s):\n          ---------------------------------------------------\n\n          /var/lib/aide/aide.db.new.gz\n            SHA1     : LTAVQ8tFJthsrf4m9gfRpnf1vyc=\n            SHA256   : NJ9+uzRQKSwmLQ8A6IpKNvYjVKGbhSjt\n              BeJBVcmOVrI=\n            SHA512   : 7d8I/F6A1b07E4ZuGeilZjefRgJJ/F20\n              eC2xoag1OsOVpctt3Mi7Jjjf3vFW4xoY\n              5mdS6/ImQpm0xtlTLOPeQQ==\n\n          End timestamp: 2022-10-20 10:50:52 -0700 (run time: 0m 46s)\n\n        The new database will need to be renamed to be read by AIDE:\n          $ sudo mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz\n\n        Perform a manual check:\n          $ sudo /usr/sbin/aide --check\n\n        Example output:\n          Start timestamp: 2022-10-20 11:03:16 -0700 (AIDE 0.16)\n          AIDE found differences between database and filesystem!!\n          ...\n\n        Done.'\n  impact 0.5\n  tag check_id: 'C-55147r880728_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251710'\n  tag rid: 'SV-251710r880730_rule'\n  tag stig_id: 'RHEL-08-010359'\n  tag gtitle: 'SRG-OS-000445-GPOS-00199'\n  tag fix_id: 'F-55101r880729_fix'\n  tag 'documentable'\n  tag cci: ['CCI-002696']\n  tag nist: ['SI-6 a']\n  tag 'host'\n\n  file_integrity_tool = input('file_integrity_tool')\n\n  only_if('Control not applicable within a container', impact: 0.0) do\n    !virtualization.system.eql?('docker')\n  end\n\n  if file_integrity_tool == 'aide'\n    describe command('/usr/sbin/aide --check') do\n      its('stdout') { should_not include \"Couldn't open file\" }\n    end\n  end\n\n  describe package(file_integrity_tool) do\n    it { should be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251710.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Command: `/usr/sbin/aide --check` stdout is expected not to include \"Couldn't open file\"",
+              "run_time": 0.089199,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"/usr/sbin/aide --check\"]",
+              "resource_id": "Command: `/usr/sbin/aide --check`"
+            },
+            {
+              "status": "failed",
+              "code_desc": "System Package aide is expected to be installed",
+              "run_time": 0.00094,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "message": "expected that `System Package aide` is installed",
+              "resource_class": "package",
+              "resource_params": "[\"aide\"]",
+              "resource_id": "aide"
+            }
+          ]
+        },
+        {
+          "id": "SV-251711",
+          "title": "RHEL 8 must specify the default \"include\" directory for the /etc/sudoers file.",
+          "desc": "The \"sudo\" command allows authorized users to run programs (including shells) as other users,\n        system users, and root. The \"/etc/sudoers\" file is used to configure authorized \"sudo\" users as\n        well as the programs they are allowed to run. Some configuration options in the \"/etc/sudoers\"\n        file allow configured users to run programs without re-authenticating. Use of these configuration\n        options makes it easier for one compromised account to be used to compromise other accounts.\n\n        It is possible to include other sudoers files from within the sudoers file currently being parsed\n        using the #include and #includedir directives. When sudo reaches this line it will suspend\n        processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the\n        end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are\n        included may themselves include other files. A hard limit of 128 nested include files is enforced\n        to prevent include file loops.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"sudo\" command allows authorized users to run programs (including shells) as other users,\n        system users, and root. The \"/etc/sudoers\" file is used to configure authorized \"sudo\" users as\n        well as the programs they are allowed to run. Some configuration options in the \"/etc/sudoers\"\n        file allow configured users to run programs without re-authenticating. Use of these configuration\n        options makes it easier for one compromised account to be used to compromise other accounts.\n\n        It is possible to include other sudoers files from within the sudoers file currently being parsed\n        using the #include and #includedir directives. When sudo reaches this line it will suspend\n        processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the\n        end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are\n        included may themselves include other files. A hard limit of 128 nested include files is enforced\n        to prevent include file loops."
+            },
+            {
+              "label": "check",
+              "data": "Note: If the \"include\" and \"includedir\" directives are not present in the /etc/sudoers\n        file, this requirement is not applicable.\n\n        Verify the operating system specifies only the default \"include\" directory for the /etc/sudoers\n        file with the following command:\n\n        $ sudo grep include /etc/sudoers\n\n        #includedir /etc/sudoers.d\n\n        If the results are not \"/etc/sudoers.d\" or additional files or directories are specified, this is\n        a finding.\n\n        Verify the operating system does not have nested \"include\" files or directories within the\n        /etc/sudoers.d directory with the following command:\n\n        $ sudo grep -r include /etc/sudoers.d\n\n        If results are returned, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the /etc/sudoers file to only include the /etc/sudoers.d directory.\n\n        Edit the /etc/sudoers file with the following command:\n\n        $ sudo visudo\n\n        Add or modify the following line:\n        #includedir /etc/sudoers.d"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55148r833384_chk",
+            "severity": "medium",
+            "gid": "V-251711",
+            "rid": "SV-251711r833385_rule",
+            "stig_id": "RHEL-08-010379",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55102r809356_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-251711' do\n  title 'RHEL 8 must specify the default \"include\" directory for the /etc/sudoers file.'\n  desc 'The \"sudo\" command allows authorized users to run programs (including shells) as other users,\n        system users, and root. The \"/etc/sudoers\" file is used to configure authorized \"sudo\" users as\n        well as the programs they are allowed to run. Some configuration options in the \"/etc/sudoers\"\n        file allow configured users to run programs without re-authenticating. Use of these configuration\n        options makes it easier for one compromised account to be used to compromise other accounts.\n\n        It is possible to include other sudoers files from within the sudoers file currently being parsed\n        using the #include and #includedir directives. When sudo reaches this line it will suspend\n        processing of the current file (/etc/sudoers) and switch to the specified file/directory. Once the\n        end of the included file(s) is reached, the rest of /etc/sudoers will be processed. Files that are\n        included may themselves include other files. A hard limit of 128 nested include files is enforced\n        to prevent include file loops.'\n  desc 'check', 'Note: If the \"include\" and \"includedir\" directives are not present in the /etc/sudoers\n        file, this requirement is not applicable.\n\n        Verify the operating system specifies only the default \"include\" directory for the /etc/sudoers\n        file with the following command:\n\n        $ sudo grep include /etc/sudoers\n\n        #includedir /etc/sudoers.d\n\n        If the results are not \"/etc/sudoers.d\" or additional files or directories are specified, this is\n        a finding.\n\n        Verify the operating system does not have nested \"include\" files or directories within the\n        /etc/sudoers.d directory with the following command:\n\n        $ sudo grep -r include /etc/sudoers.d\n\n        If results are returned, this is a finding.'\n  desc 'fix', 'Configure the /etc/sudoers file to only include the /etc/sudoers.d directory.\n\n        Edit the /etc/sudoers file with the following command:\n\n        $ sudo visudo\n\n        Add or modify the following line:\n        #includedir /etc/sudoers.d'\n  impact 0.5\n  tag check_id: 'C-55148r833384_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251711'\n  tag rid: 'SV-251711r833385_rule'\n  tag stig_id: 'RHEL-08-010379'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55102r809356_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container-conditional'\n\n  only_if('Control not applicable within a container without sudo enabled', impact: 0.0) do\n    virtualization.system.eql?('docker') && !command('sudo').exist?\n  end\n\n  if command('grep include /etc/sudoers').stdout.empty?\n    impact 0.0\n    describe 'This requirement is not applicable as \"include\" and \"includedir\" directives are not present in the /etc/sudoers file' do\n      skip 'This requirement is not applicable as \"include\" and \"includedir\" directives are not present in the /etc/sudoers file'\n    end\n  else\n    describe 'Only the default \"include\" directory for /etc/sudoers file should be specified' do\n      subject { command('grep include /etc/sudoers').stdout.strip }\n      it { should match %r{#includedir\\s*/etc/sudoers.d\\s*$} }\n    end\n\n    describe 'Nested \"include\" files or directories within /etc/sudoers.d directory should not exist' do\n      subject { command('grep -r include /etc/sudoers.d').stdout }\n      it { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251711.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 1.1e-05,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: Control not applicable within a container without sudo enabled",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-251712",
+          "title": "The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.",
+          "desc": "Without re-authentication, users may access resources or perform tasks for which they do not have authorization.\n\nWhen operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without re-authentication, users may access resources or perform tasks for which they do not have authorization.\n\nWhen operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is not be configured to bypass password requirements for privilege escalation.\n\nCheck the configuration of the \"/etc/pam.d/sudo\" file with the following command:\n\n$ sudo grep pam_succeed_if /etc/pam.d/sudo\n\nIf any occurrences of \"pam_succeed_if\" is returned from the command, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to require users to supply a password for privilege escalation.\n\nCheck the configuration of the \"/etc/ pam.d/sudo\" file with the following command:\n$ sudo vi /etc/pam.d/sudo\n\nRemove any occurrences of \"pam_succeed_if\" in the file."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55149r809358_chk",
+            "severity": "medium",
+            "gid": "V-251712",
+            "rid": "SV-251712r854083_rule",
+            "stig_id": "RHEL-08-010385",
+            "gtitle": "SRG-OS-000373-GPOS-00156",
+            "fix_id": "F-55103r854082_fix",
+            "satisfies": [
+              "SRG-OS-000373-GPOS-00156",
+              "SRG-OS-000373-GPOS-00157",
+              "SRG-OS-000373-GPOS-00158"
+            ],
+            "documentable": null,
+            "cci": [
+              "CCI-002038"
+            ],
+            "nist": [
+              "IA-11"
+            ],
+            "host": null,
+            "container-conditional": null
+          },
+          "code": "control 'SV-251712' do\n  title 'The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.'\n  desc 'Without re-authentication, users may access resources or perform tasks for which they do not have authorization.\n\nWhen operating systems provide the capability to escalate a functional capability, it is critical the user re-authenticate.'\n  desc 'check', 'Verify the operating system is not be configured to bypass password requirements for privilege escalation.\n\nCheck the configuration of the \"/etc/pam.d/sudo\" file with the following command:\n\n$ sudo grep pam_succeed_if /etc/pam.d/sudo\n\nIf any occurrences of \"pam_succeed_if\" is returned from the command, this is a finding.'\n  desc 'fix', 'Configure the operating system to require users to supply a password for privilege escalation.\n\nCheck the configuration of the \"/etc/ pam.d/sudo\" file with the following command:\n$ sudo vi /etc/pam.d/sudo\n\nRemove any occurrences of \"pam_succeed_if\" in the file.'\n  impact 0.5\n  tag check_id: 'C-55149r809358_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251712'\n  tag rid: 'SV-251712r854083_rule'\n  tag stig_id: 'RHEL-08-010385'\n  tag gtitle: 'SRG-OS-000373-GPOS-00156'\n  tag fix_id: 'F-55103r854082_fix'\n  tag satisfies: ['SRG-OS-000373-GPOS-00156', 'SRG-OS-000373-GPOS-00157', 'SRG-OS-000373-GPOS-00158']\n  tag 'documentable'\n  tag cci: ['CCI-002038']\n  tag nist: ['IA-11']\n  tag 'host', 'container-conditional'\n\n  if virtualization.system.eql?('docker') && !command('sudo').exist?\n    impact 0.0\n    describe 'Control not applicable within a container without sudo enabled' do\n      skip 'Control not applicable within a container without sudo enabled'\n    end\n  else\n    describe parse_config_file('/etc/pam.d/sudo') do\n      its('content') { should_not match(/pam_succeed_if/) }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251712.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Parse Config File /etc/pam.d/sudo content is expected not to match /pam_succeed_if/",
+              "run_time": 0.000169,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/pam.d/sudo\"]",
+              "resource_id": "/etc/pam.d/sudo"
+            }
+          ]
+        },
+        {
+          "id": "SV-251713",
+          "title": "RHEL 8 must ensure the password complexity module is enabled in the system-auth file.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth"
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55150r902738_chk",
+            "severity": "medium",
+            "gid": "V-251713",
+            "rid": "SV-251713r902740_rule",
+            "stig_id": "RHEL-08-020101",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55104r902739_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-251713' do\n  title 'RHEL 8 must ensure the password complexity module is enabled in the system-auth file.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth'\n  desc 'check', 'Verify the operating system uses \"pwquality\" to enforce the password complexity rules.\n\nCheck for the use of \"pwquality\" in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so\n\nIf the command does not return a line containing the value \"pam_pwquality.so\" as shown, or the line is commented out, this is a finding.'\n  desc 'fix', 'Configure the operating system to use \"pwquality\" to enforce password complexity rules.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so'\n  impact 0.5\n  tag check_id: 'C-55150r902738_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251713'\n  tag rid: 'SV-251713r902740_rule'\n  tag stig_id: 'RHEL-08-020101'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55104r902739_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  [pam_auth_files['password-auth'], pam_auth_files['system-auth']].each do |path|\n    describe pam(path) do\n      its('lines') { should match_pam_rule('.* .* pam_pwquality.so') }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251713.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/password-auth] lines is expected to include .* .* pam_pwquality.so",
+              "run_time": 0.00058,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/password-auth\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include .* .* pam_pwquality.so",
+              "run_time": 0.000413,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-251714",
+          "title": "RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes."
+            },
+            {
+              "label": "check",
+              "data": "Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55151r902741_chk",
+            "severity": "medium",
+            "gid": "V-251714",
+            "rid": "SV-251714r902743_rule",
+            "stig_id": "RHEL-08-020102",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55105r902742_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-251714' do\n  title 'RHEL 8 systems below version 8.4 must ensure the password complexity module in the system-auth file is configured for three retries or less.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.'\n  desc 'check', 'Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/system-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding.'\n  desc 'fix', 'Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/system-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3'\n  impact 0.5\n  tag check_id: 'C-55151r902741_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251714'\n  tag rid: 'SV-251714r902743_rule'\n  tag stig_id: 'RHEL-08-020102'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55105r902742_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  only_if('This requirement only applies to RHEL 8 versions below 8.4', impact: 0.0) do\n    os.release.to_f < 8.4\n  end\n\n  describe pam_auth_files['system-auth'] do\n    its('lines') { should match_pam_rule('.* .* pam_pwquality.so').any_with_integer_arg('retry', '>=', input('min_retry')) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251714.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 5.0e-06,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: This requirement only applies to RHEL 8 versions below 8.4",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-251715",
+          "title": "RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes."
+            },
+            {
+              "label": "check",
+              "data": "Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55152r902744_chk",
+            "severity": "medium",
+            "gid": "V-251715",
+            "rid": "SV-251715r902746_rule",
+            "stig_id": "RHEL-08-020103",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55106r902745_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-251715' do\n  title 'RHEL 8 systems below version 8.4 must ensure the password complexity module in the password-auth file is configured for three retries or less.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 uses \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\n\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.'\n  desc 'check', 'Note: This requirement applies to RHEL versions 8.0 through 8.3. If the system is RHEL version 8.4 or newer, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option in the password-auth file with the following command:\n\n     $ sudo cat /etc/pam.d/password-auth | grep pam_pwquality\n\n     password requisite pam_pwquality.so retry=3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", this is a finding.'\n  desc 'fix', 'Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/pam.d/password-auth\" file (or modify the line to have the required value):\n\n     password requisite pam_pwquality.so retry=3'\n  impact 0.5\n  tag check_id: 'C-55152r902744_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251715'\n  tag rid: 'SV-251715r902746_rule'\n  tag stig_id: 'RHEL-08-020103'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55106r902745_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  only_if('This requirement only applies to RHEL 8 versions below 8.4', impact: 0.0) {\n    os.release.to_f < 8.4\n  }\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam_auth_files['password-auth'] do\n    its('lines') { should match_pam_rule('.* .* pam_pwquality.so').any_with_integer_arg('retry', '>=', input('min_retry')) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251715.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "No-op",
+              "run_time": 4.0e-06,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource": "No-op",
+              "skip_message": "Skipped control due to only_if condition: This requirement only applies to RHEL 8 versions below 8.4",
+              "resource_class": "noop",
+              "resource_params": "[]",
+              "resource_id": "No-op"
+            }
+          ]
+        },
+        {
+          "id": "SV-251716",
+          "title": "RHEL 8 systems, version 8.4 and above, must ensure the password complexity module is configured for three retries or less.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes."
+            },
+            {
+              "label": "check",
+              "data": "Note: This requirement applies to RHEL versions 8.4 or newer. If the system is RHEL below version 8.4, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option with the following command:\n\n$ sudo grep -r retry /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:retry = 3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", is commented out or missing, this is a finding.\n\nIf conflicting results are returned, this is a finding.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth and password-auth files with the following command:\n\n$ sudo grep pwquality /etc/pam.d/system-auth /etc/pam.d/password-auth | grep retry\n\nIf the command returns any results, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/security/pwquality.conf\" file(or modify the line to have the required value):\n\nretry = 3\n\nRemove any configurations that conflict with the above value."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55153r858735_chk",
+            "severity": "medium",
+            "gid": "V-251716",
+            "rid": "SV-251716r858737_rule",
+            "stig_id": "RHEL-08-020104",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55107r858736_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-251716' do\n  title 'RHEL 8 systems, version 8.4 and above, must ensure the password complexity module is configured for three retries or less.'\n  desc 'Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. \"pwquality\" enforces complex password construction configuration and has the ability to limit brute-force attacks on the system.\n\nRHEL 8 utilizes \"pwquality\" as a mechanism to enforce password complexity. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth\nBy limiting the number of attempts to meet the pwquality module complexity requirements before returning with an error, the system will audit abnormal attempts at password changes.'\n  desc 'check', 'Note: This requirement applies to RHEL versions 8.4 or newer. If the system is RHEL below version 8.4, this requirement is not applicable.\n\nVerify the operating system is configured to limit the \"pwquality\" retry option to 3.\n\nCheck for the use of the \"pwquality\" retry option with the following command:\n\n$ sudo grep -r retry /etc/security/pwquality.conf*\n\n/etc/security/pwquality.conf:retry = 3\n\nIf the value of \"retry\" is set to \"0\" or greater than \"3\", is commented out or missing, this is a finding.\n\nIf conflicting results are returned, this is a finding.\n\nCheck for the use of the \"pwquality\" retry option in the system-auth and password-auth files with the following command:\n\n$ sudo grep pwquality /etc/pam.d/system-auth /etc/pam.d/password-auth | grep retry\n\nIf the command returns any results, this is a finding.'\n  desc 'fix', 'Configure the operating system to limit the \"pwquality\" retry option to 3.\n\nAdd the following line to the \"/etc/security/pwquality.conf\" file(or modify the line to have the required value):\n\nretry = 3\n\nRemove any configurations that conflict with the above value.'\n  impact 0.5\n  tag check_id: 'C-55153r858735_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251716'\n  tag rid: 'SV-251716r858737_rule'\n  tag stig_id: 'RHEL-08-020104'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55107r858736_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host', 'container'\n\n  only_if('This requirement only applies to RHEL 8 versions above 8.4', impact: 0.0) {\n    os.release.to_f >= 8.4\n  }\n\n  describe 'System pwquality setting' do\n    subject { parse_config(command('grep -rh retry /etc/security/pwquality.conf*').stdout.strip) }\n    its('retry') { should cmp >= input('min_retry') }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251716.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "System pwquality setting retry is expected to cmp >= 3",
+              "run_time": 0.210476,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "message": "\nexpected it to be >= 3\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "retry"
+            }
+          ]
+        },
+        {
+          "id": "SV-251717",
+          "title": "RHEL 8 must be configured in the system-auth file to prohibit password reuse for a minimum of five generations.",
+          "desc": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\nRHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\nRHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system is configured in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/system-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/system-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the operating system in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/system-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55154r902747_chk",
+            "severity": "medium",
+            "gid": "V-251717",
+            "rid": "SV-251717r902749_rule",
+            "stig_id": "RHEL-08-020221",
+            "gtitle": "SRG-OS-000077-GPOS-00045",
+            "fix_id": "F-55108r902748_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000200"
+            ],
+            "nist": [
+              "IA-5 (1) (e)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-251717' do\n  title 'RHEL 8 must be configured in the system-auth file to prohibit password reuse for a minimum of five generations.'\n  desc 'Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. If the information system or application allows the user to reuse their password consecutively when that password has exceeded its defined lifetime, the end result is a password that is not changed per policy requirements.\n\nRHEL 8 uses \"pwhistory\" consecutively as a mechanism to prohibit password reuse. This is set in both:\n/etc/pam.d/password-auth\n/etc/pam.d/system-auth.\n\nNote that manual changes to the listed files may be overwritten by the \"authselect\" program.'\n  desc 'check', 'Verify the operating system is configured in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nCheck for the value of the \"remember\" argument in \"/etc/pam.d/system-auth\" with the following command:\n\n     $ sudo grep -i remember /etc/pam.d/system-auth\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3\n\nIf the line containing \"pam_pwhistory.so\" does not have the \"remember\" module argument set, is commented out, or the value of the \"remember\" module argument is set to less than \"5\", this is a finding.'\n  desc 'fix', 'Configure the operating system in the system-auth file to prohibit password reuse for a minimum of five generations.\n\nAdd the following line in \"/etc/pam.d/system-auth\" (or modify the line to have the required value):\n\n     password requisite pam_pwhistory.so use_authtok remember=5 retry=3'\n  impact 0.5\n  tag check_id: 'C-55154r902747_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251717'\n  tag rid: 'SV-251717r902749_rule'\n  tag stig_id: 'RHEL-08-020221'\n  tag gtitle: 'SRG-OS-000077-GPOS-00045'\n  tag fix_id: 'F-55108r902748_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n  tag 'host', 'container'\n\n  pam_auth_files = input('pam_auth_files')\n\n  describe pam(pam_auth_files['system-auth']) do\n    its('lines') { should match_pam_rule('password (required|requisite|sufficient) pam_pwhistory.so').any_with_integer_arg('remember', '>=', input('min_reuse_generations')) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251717.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5",
+              "run_time": 0.00156,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "message": "expected \"account required pam_unix.so\\naccount sufficient pam_localuser.so\\naccount sufficient pam_usertype.s...pam_systemd.so\\nsession [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid\" to include password (required|requisite|sufficient) pam_pwhistory.so, any with integer arg remember >= 5",
+              "resource_class": "pam",
+              "resource_params": "[\"/etc/pam.d/system-auth\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "SV-251718",
+          "title": "The graphical display manager must not be the default target on RHEL 8 unless approved.",
+          "desc": "Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the system is configured to boot to the command line:\n\n$ systemctl get-default\nmulti-user.target\n\nIf the system default target is not set to \"multi-user.target\" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo systemctl set-default multi-user.target\n\nA reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-55155r809376_chk",
+            "severity": "medium",
+            "gid": "V-251718",
+            "rid": "SV-251718r809378_rule",
+            "stig_id": "RHEL-08-040321",
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "fix_id": "F-55109r809377_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "host": null
+          },
+          "code": "control 'SV-251718' do\n  title 'The graphical display manager must not be the default target on RHEL 8 unless approved.'\n  desc 'Internet services that are not required for system or application processes must not be active to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.'\n  desc 'check', 'Verify that the system is configured to boot to the command line:\n\n$ systemctl get-default\nmulti-user.target\n\nIf the system default target is not set to \"multi-user.target\" and the Information System Security Officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.'\n  desc 'fix', 'Document the requirement for a graphical user interface with the ISSO or reinstall the operating system without the graphical user interface. If reinstallation is not feasible, then continue with the following procedure:\n\nOpen an SSH session and enter the following commands:\n\n$ sudo systemctl set-default multi-user.target\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag check_id: 'C-55155r809376_chk'\n  tag severity: 'medium'\n  tag gid: 'V-251718'\n  tag rid: 'SV-251718r809378_rule'\n  tag stig_id: 'RHEL-08-040321'\n  tag gtitle: 'SRG-OS-000480-GPOS-00227'\n  tag fix_id: 'F-55109r809377_fix'\n  tag 'documentable'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n  tag 'host'\n\n  only_if('This requirement is Not Applicable inside the container', impact: 0.0) {\n    !virtualization.system.eql?('docker')\n  }\n\n  if input('gui_required')\n    impact 0.0\n    describe 'skip' do\n      skip 'A GUI is indicated as a requirement for this system. This control is Not Applicable.'\n    end\n  else\n    get_default = command('systemctl get-default').stdout.strip\n\n    describe get_default do\n      it { should cmp 'multi-user.target' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-251718.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "multi-user.target is expected to cmp == \"multi-user.target\"",
+              "run_time": 0.00021,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "multi-user.target"
+            }
+          ]
+        },
+        {
+          "id": "SV-254520",
+          "title": "RHEL 8 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.",
+          "desc": "Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.\n\nPrivileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Nonprivileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from nonprivileged users.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.\n\nPrivileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Nonprivileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from nonprivileged users."
+            },
+            {
+              "label": "check",
+              "data": "Verify the operating system prevents nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nObtain a list of authorized users (other than system administrator and guest accounts) for the system.\n\nCheck the list against the system by using the following command:\n\n     $ sudo semanage login -l | more\n\n     Login Name    SELinux User    MLS/MCS Range    Service\n\n     __default__   user_u                 s0-s0:c0.c1023        *\n     root                   unconfined_u  s0-s0:c0.c1023        *\n     system_u        system_u           s0-s0:c0.c1023        *\n     joe                     staff_u                s0-s0:c0.c1023        *\n\nAll administrators must be mapped to the \"sysadm_u\", \"staff_u\", or an appropriately tailored confined role as defined by the organization.\n\nAll authorized nonadministrative users must be mapped to the \"user_u\" role.\n\nIf they are not mapped in this way, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nUse the following command to map a new user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -a -s sysadm_u <username>\n\nUse the following command to map an existing user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -m -s sysadm_u <username>\n\nUse the following command to map a new user to the \"staff_u\" role:\n\n     $ sudo semanage login -a -s staff_u <username>\n\nUse the following command to map an existing user to the \"staff_u\" role:\n\n     $ sudo semanage login -m -s staff_u <username>\n\nUse the following command to map a new user to the \"user_u\" role:\n\n     $ sudo  semanage login -a -s user_u <username>\n\nUse the following command to map an existing user to the \"user_u\" role:\n\n     $ sudo semanage login -m -s user_u <username>\n\nNote: SELinux confined users mapped to sysadm_u are not allowed to log in to the system over SSH, by default. If this is a required function, it can be configured by setting the ssh_sysadm_login SELinux boolean to \"on\" with the following command:\n\n     $ sudo setsebool -P ssh_sysadm_login on\n\nThis must be documented with the information system security officer (ISSO) as an operational requirement."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-58004r928594_chk",
+            "severity": "medium",
+            "gid": "V-254520",
+            "rid": "SV-254520r928805_rule",
+            "stig_id": "RHEL-08-040400",
+            "gtitle": "SRG-OS-000324-GPOS-00125",
+            "fix_id": "F-57953r928805_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-002265"
+            ],
+            "nist": [
+              "AC-16 b"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-254520' do\n  title 'RHEL 8 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.'\n  desc 'Preventing nonprivileged users from executing privileged functions mitigates the risk that unauthorized individuals or processes may gain unnecessary access to information or privileges.\n\nPrivileged functions include, for example, establishing accounts, performing system integrity checks, or administering cryptographic key management activities. Nonprivileged users are individuals who do not possess appropriate authorizations. Circumventing intrusion detection and prevention mechanisms or malicious code protection mechanisms are examples of privileged functions that require protection from nonprivileged users.'\n  desc 'check', 'Verify the operating system prevents nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nObtain a list of authorized users (other than system administrator and guest accounts) for the system.\n\nCheck the list against the system by using the following command:\n\n     $ sudo semanage login -l | more\n\n     Login Name    SELinux User    MLS/MCS Range    Service\n\n     __default__   user_u                 s0-s0:c0.c1023        *\n     root                   unconfined_u  s0-s0:c0.c1023        *\n     system_u        system_u           s0-s0:c0.c1023        *\n     joe                     staff_u                s0-s0:c0.c1023        *\n\nAll administrators must be mapped to the \"sysadm_u\", \"staff_u\", or an appropriately tailored confined role as defined by the organization.\n\nAll authorized nonadministrative users must be mapped to the \"user_u\" role.\n\nIf they are not mapped in this way, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures.\n\nUse the following command to map a new user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -a -s sysadm_u <username>\n\nUse the following command to map an existing user to the \"sysadm_u\" role:\n\n     $ sudo semanage login -m -s sysadm_u <username>\n\nUse the following command to map a new user to the \"staff_u\" role:\n\n     $ sudo semanage login -a -s staff_u <username>\n\nUse the following command to map an existing user to the \"staff_u\" role:\n\n     $ sudo semanage login -m -s staff_u <username>\n\nUse the following command to map a new user to the \"user_u\" role:\n\n     $ sudo  semanage login -a -s user_u <username>\n\nUse the following command to map an existing user to the \"user_u\" role:\n\n     $ sudo semanage login -m -s user_u <username>\n\nNote: SELinux confined users mapped to sysadm_u are not allowed to log in to the system over SSH, by default. If this is a required function, it can be configured by setting the ssh_sysadm_login SELinux boolean to \"on\" with the following command:\n\n     $ sudo setsebool -P ssh_sysadm_login on\n\nThis must be documented with the information system security officer (ISSO) as an operational requirement.'\n  impact 0.5\n  tag check_id: 'C-58004r928594_chk'\n  tag severity: 'medium'\n  tag gid: 'V-254520'\n  tag rid: 'SV-254520r928805_rule'\n  tag stig_id: 'RHEL-08-040400'\n  tag gtitle: 'SRG-OS-000324-GPOS-00125'\n  tag fix_id: 'F-57953r928805_fix'\n  tag 'documentable'\n  tag cci: ['CCI-002265']\n  tag nist: ['AC-16 b']\n  tag 'host', 'container'\n\n  se_login = command('semanage login -ln').stdout.lines.map(&:strip)\n  allowed_admin_selinux_roles = input('allowed_admin_selinux_roles')\n  allowed_non_admin_selinux_roles = input('allowed_non_admin_selinux_roles')\n\n  users = {}\n  se_login.each_with_object({}) do |line, users|\n    login_name, selinux_user = line.split[0..1]\n    users[login_name] = selinux_user\n  end\n\n  misconfigured_admins = users.select { |login_name, selinux_user|\n    input('administrator_users').include?(login_name) &&\n      !allowed_admin_selinux_roles.include?(selinux_user)\n  }\n\n  misconfigured_non_admins = users.select { |login_name, selinux_user|\n    !input('administrator_users').include?(login_name) &&\n      !allowed_non_admin_selinux_roles.include?(selinux_user)\n  }\n\n  describe 'All administrators' do\n    it \"must be mapped to the an appropriate role (allowed admin roles: #{allowed_admin_selinux_roles.join(', ')})\" do\n      expect(misconfigured_admins.keys).to be_empty, \"Misconfigured admins:\\n\\t- #{misconfigured_admins.keys.join(\"\\n\\t- \")}\"\n    end\n  end\n\n  describe 'All non-administrator users' do\n    it \"must be mapped to the an appropriate role (allowed non-admin user roles: #{allowed_non_admin_selinux_roles.join(', ')})\" do\n      expect(misconfigured_non_admins.keys).to be_empty, \"Misconfigured non-admin users:\\n\\t- #{misconfigured_non_admins.keys.join(\"\\n\\t- \")}\"\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-254520.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "All administrators must be mapped to the an appropriate role (allowed admin roles: sysadm_u, staff_u)",
+              "run_time": 0.008039,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All administrators"
+            },
+            {
+              "status": "passed",
+              "code_desc": "All non-administrator users must be mapped to the an appropriate role (allowed non-admin user roles: user_u)",
+              "run_time": 0.005033,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "All non-administrator users"
+            }
+          ]
+        },
+        {
+          "id": "SV-255924",
+          "title": "RHEL 8 SSH server must be configured to use only FIPS-validated key exchange algorithms.",
+          "desc": "Without cryptographic integrity protections provided by FIPS-validated cryptographic algorithms, information can be viewed and altered by unauthorized users without detection.\n\nRHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\nThe system will attempt to use the first algorithm presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest algorithm available to secure the SSH connection.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without cryptographic integrity protections provided by FIPS-validated cryptographic algorithms, information can be viewed and altered by unauthorized users without detection.\n\nRHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\nThe system will attempt to use the first algorithm presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest algorithm available to secure the SSH connection."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:\n\n     $ sudo grep -i kexalgorithms /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512'\n\nIf the entries following \"KexAlgorithms\" have any algorithms defined other than \"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\", appear in different order than shown, or are missing or commented out, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the SSH server to use only FIPS-validated key exchange algorithms by adding or modifying the following line in \"/etc/crypto-policies/back-ends/opensshserver.config\":\n\n-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\n\nA reboot is required for the changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-59601r917887_chk",
+            "severity": "medium",
+            "gid": "V-255924",
+            "rid": "SV-255924r917888_rule",
+            "stig_id": "RHEL-08-040342",
+            "gtitle": "SRG-OS-000250-GPOS-00093",
+            "fix_id": "F-59544r880732_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-001453"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-255924' do\n  title 'RHEL 8 SSH server must be configured to use only FIPS-validated key exchange algorithms.'\n  desc 'Without cryptographic integrity protections provided by FIPS-validated cryptographic algorithms, information can be viewed and altered by unauthorized users without detection.\n\nRHEL 8 incorporates system-wide crypto policies by default. The SSH configuration file has no effect on the ciphers, MACs, or algorithms unless specifically defined in the /etc/sysconfig/sshd file. The employed algorithms can be viewed in the /etc/crypto-policies/back-ends/opensshserver.config file.\n\nThe system will attempt to use the first algorithm presented by the client that matches the server list. Listing the values \"strongest to weakest\" is a method to ensure the use of the strongest algorithm available to secure the SSH connection.'\n  desc 'check', %q(Verify that the SSH server is configured to use only FIPS-validated key exchange algorithms:\n\n     $ sudo grep -i kexalgorithms /etc/crypto-policies/back-ends/opensshserver.config\n\n     CRYPTO_POLICY='-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512'\n\nIf the entries following \"KexAlgorithms\" have any algorithms defined other than \"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\", appear in different order than shown, or are missing or commented out, this is a finding.)\n  desc 'fix', 'Configure the SSH server to use only FIPS-validated key exchange algorithms by adding or modifying the following line in \"/etc/crypto-policies/back-ends/opensshserver.config\":\n\n-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\n\nA reboot is required for the changes to take effect.'\n  impact 0.5\n  tag check_id: 'C-59601r917887_chk'\n  tag severity: 'medium'\n  tag gid: 'V-255924'\n  tag rid: 'SV-255924r917888_rule'\n  tag stig_id: 'RHEL-08-040342'\n  tag gtitle: 'SRG-OS-000250-GPOS-00093'\n  tag fix_id: 'F-59544r880732_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001453']\n  tag nist: ['AC-17 (2)']\n  tag 'host', 'container'\n\n  describe parse_config_file('/etc/crypto-policies/back-ends/opensshserver.config') do\n    its('CRYPTO_POLICY') { should include '-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-255924.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/crypto-policies/back-ends/opensshserver.config CRYPTO_POLICY is expected to include \"-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchan...ge-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\"",
+              "run_time": 0.00036,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "message": "expected \"'-oCiphers=aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@ope...ha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-256,rsa-sha2-512,ssh-rsa'\" to include \"-oKexAlgorithms=ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchan...ge-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512\"",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/crypto-policies/back-ends/opensshserver.config\"]",
+              "resource_id": "/etc/crypto-policies/back-ends/opensshserver.config"
+            }
+          ]
+        },
+        {
+          "id": "SV-256973",
+          "title": "RHEL 8 must ensure cryptographic verification of vendor software packages.",
+          "desc": "Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Red Hat cryptographically signs all software packages, which includes updates, with a GPG key to verify that they are valid.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Red Hat cryptographically signs all software packages, which includes updates, with a GPG key to verify that they are valid."
+            },
+            {
+              "label": "check",
+              "data": "Confirm Red Hat package-signing keys are installed on the system and verify their fingerprints match vendor values.\n\nNote: For RHEL 8 software packages, Red Hat uses GPG keys labeled \"release key 2\" and \"auxiliary key 2\". The keys are defined in key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" by default.\n\nList Red Hat GPG keys installed on the system:\n\n     $ sudo rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"\n\n     gpg(Red Hat, Inc. (release key 2) <security@redhat.com>)\n     gpg(Red Hat, Inc. (auxiliary key) <security@redhat.com>)\n\nIf Red Hat GPG keys \"release key 2\" and \"auxiliary key 2\" are not installed, this is a finding.\n\nNote: The \"auxiliary key 2\" appears as \"auxiliary key\" on a RHEL 8 system.\n\nList key fingerprints of installed Red Hat GPG keys:\n\n     $ sudo gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nIf key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" is missing, this is a finding.\n\nExample output:\n\n     pub   rsa4096/FD431D51 2009-10-22 [SC]\n           Key fingerprint = 567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51\n     uid                   Red Hat, Inc. (release key 2) <security@redhat.com>\n     pub   rsa4096/D4082792 2018-06-27 [SC]\n           Key fingerprint = 6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792\n     uid                   Red Hat, Inc. (auxiliary key) <security@redhat.com>\n     sub   rsa4096/1B5584D3 2018-06-27 [E]\n\nCompare key fingerprints of installed Red Hat GPG keys with fingerprints listed for RHEL 8 on Red Hat \"Product Signing Keys\" webpage at https://access.redhat.com/security/team/key.\n\nIf key fingerprints do not match, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install Red Hat package-signing keys on the system and verify their fingerprints match vendor values.\n\nInsert RHEL 8 installation disc or attach RHEL 8 installation image to the system. Mount the disc or image to make the contents accessible inside the system.\n\nAssuming the mounted location is \"/media/cdrom\", use the following command to copy Red Hat GPG key file onto the system:\n\n     $ sudo cp /media/cdrom/RPM-GPG-KEY-redhat-release /etc/pki/rpm-gpg/\n\nImport Red Hat GPG keys from key file into system keyring:\n\n     $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nUsing the steps listed in the Check Text, confirm the newly imported keys show as installed on the system and verify their fingerprints match vendor values."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-60651r902750_chk",
+            "severity": "medium",
+            "gid": "V-256973",
+            "rid": "SV-256973r902752_rule",
+            "stig_id": "RHEL-08-010019",
+            "gtitle": "SRG-OS-000366-GPOS-00153",
+            "fix_id": "F-60593r902751_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-001749"
+            ],
+            "nist": [
+              "CM-5 (3)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-256973' do\n  title 'RHEL 8 must ensure cryptographic verification of vendor software packages.'\n  desc 'Cryptographic verification of vendor software packages ensures that all software packages are obtained from a valid source and protects against spoofing that could lead to installation of malware on the system. Red Hat cryptographically signs all software packages, which includes updates, with a GPG key to verify that they are valid.'\n  desc 'check', 'Confirm Red Hat package-signing keys are installed on the system and verify their fingerprints match vendor values.\n\nNote: For RHEL 8 software packages, Red Hat uses GPG keys labeled \"release key 2\" and \"auxiliary key 2\". The keys are defined in key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" by default.\n\nList Red Hat GPG keys installed on the system:\n\n     $ sudo rpm -q --queryformat \"%{SUMMARY}\\\\n\" gpg-pubkey | grep -i \"red hat\"\n\n     gpg(Red Hat, Inc. (release key 2) <security@redhat.com>)\n     gpg(Red Hat, Inc. (auxiliary key) <security@redhat.com>)\n\nIf Red Hat GPG keys \"release key 2\" and \"auxiliary key 2\" are not installed, this is a finding.\n\nNote: The \"auxiliary key 2\" appears as \"auxiliary key\" on a RHEL 8 system.\n\nList key fingerprints of installed Red Hat GPG keys:\n\n     $ sudo gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nIf key file \"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\" is missing, this is a finding.\n\nExample output:\n\n     pub   rsa4096/FD431D51 2009-10-22 [SC]\n           Key fingerprint = 567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51\n     uid                   Red Hat, Inc. (release key 2) <security@redhat.com>\n     pub   rsa4096/D4082792 2018-06-27 [SC]\n           Key fingerprint = 6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792\n     uid                   Red Hat, Inc. (auxiliary key) <security@redhat.com>\n     sub   rsa4096/1B5584D3 2018-06-27 [E]\n\nCompare key fingerprints of installed Red Hat GPG keys with fingerprints listed for RHEL 8 on Red Hat \"Product Signing Keys\" webpage at https://access.redhat.com/security/team/key.\n\nIf key fingerprints do not match, this is a finding.'\n  desc 'fix', 'Install Red Hat package-signing keys on the system and verify their fingerprints match vendor values.\n\nInsert RHEL 8 installation disc or attach RHEL 8 installation image to the system. Mount the disc or image to make the contents accessible inside the system.\n\nAssuming the mounted location is \"/media/cdrom\", use the following command to copy Red Hat GPG key file onto the system:\n\n     $ sudo cp /media/cdrom/RPM-GPG-KEY-redhat-release /etc/pki/rpm-gpg/\n\nImport Red Hat GPG keys from key file into system keyring:\n\n     $ sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\n\nUsing the steps listed in the Check Text, confirm the newly imported keys show as installed on the system and verify their fingerprints match vendor values.'\n  impact 0.5\n  tag check_id: 'C-60651r902750_chk'\n  tag severity: 'medium'\n  tag gid: 'V-256973'\n  tag rid: 'SV-256973r902752_rule'\n  tag stig_id: 'RHEL-08-010019'\n  tag gtitle: 'SRG-OS-000366-GPOS-00153'\n  tag fix_id: 'F-60593r902751_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001749']\n  tag nist: ['CM-5 (3)']\n  tag 'host', 'container'\n\n  rpm_gpg_file = input('rpm_gpg_file')\n  rpm_gpg_keys = input('rpm_gpg_keys')\n\n  describe file(rpm_gpg_file) do\n    it { should exist }\n  end\n  rpm_gpg_keys.each do |k, v|\n    describe command('rpm -q --queryformat \"%{SUMMARY}\\\\n\" gpg-pubkey | grep -i \"red hat\"') do\n      its('stdout') { should include k.to_s }\n    end\n    next unless file(rpm_gpg_file).exist?\n\n    describe command(\"gpg -q --keyid-format short --with-fingerprint #{rpm_gpg_file}\") do\n      its('stdout') { should include v }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-256973.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "File /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release is expected to exist",
+              "run_time": 0.000112,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "file",
+              "resource_params": "[\"/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\"]",
+              "resource_id": "/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"` stdout is expected to include \"release key 2\"",
+              "run_time": 0.117746,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"rpm -q --queryformat \\\"%{SUMMARY}\\\\n\\\" gpg-pubkey | grep -i \\\"red hat\\\"\"]",
+              "resource_id": "Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"`"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release` stdout is expected to include \"567E 347A D004 4ADE 55BA  8A5F 199E 2F91 FD43 1D51\"",
+              "run_time": 0.173143,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\"]",
+              "resource_id": "Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release`"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"` stdout is expected to include \"auxiliary key\"",
+              "run_time": 0.000473,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"rpm -q --queryformat \\\"%{SUMMARY}\\\\n\\\" gpg-pubkey | grep -i \\\"red hat\\\"\"]",
+              "resource_id": "Command: `rpm -q --queryformat \"%{SUMMARY}\\n\" gpg-pubkey | grep -i \"red hat\"`"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release` stdout is expected to include \"6A6A A7C9 7C88 90AE C6AE  BFE2 F76F 66C3 D408 2792\"",
+              "run_time": 0.000202,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "command",
+              "resource_params": "[\"gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release\"]",
+              "resource_id": "Command: `gpg -q --keyid-format short --with-fingerprint /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release`"
+            }
+          ]
+        },
+        {
+          "id": "SV-256974",
+          "title": "RHEL 8 must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.",
+          "desc": "Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item."
+            },
+            {
+              "label": "check",
+              "data": "Verify that the operating system is configured to allow sending email notifications.\n\nNote: The \"mailx\" package provides the \"mail\" command that is used to send email messages.\n\nVerify that the \"mailx\" package is installed on the system:\n\n     $ sudo yum list installed mailx\n\n     mailx.x86_64     12.5-29.el8     @rhel-8-for-x86_64-baseos-rpm\n\nIf \"mailx\" package is not installed, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Install the \"mailx\" package on the system:\n\n     $ sudo yum install mailx"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-60652r902753_chk",
+            "severity": "medium",
+            "gid": "V-256974",
+            "rid": "SV-256974r902755_rule",
+            "stig_id": "RHEL-08-010358",
+            "gtitle": "SRG-OS-000363-GPOS-00150",
+            "fix_id": "F-60594r902754_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-001744"
+            ],
+            "nist": [
+              "CM-3 (5)"
+            ],
+            "host": null,
+            "container": null
+          },
+          "code": "control 'SV-256974' do\n  title 'RHEL 8 must be configured to allow sending email notifications of unauthorized configuration changes to designated personnel.'\n  desc \"Unauthorized changes to the baseline configuration could make the system vulnerable to various attacks or allow unauthorized access to the operating system. Changes to operating system configurations can have unintended side effects, some of which may be relevant to security.\n\nDetecting such changes and providing an automated response can help avoid unintended, negative consequences that could ultimately affect the security state of the operating system. The operating system's IMO/ISSO and SAs must be notified via email and/or monitoring system trap when there is an unauthorized modification of a configuration item.\"\n  desc 'check', 'Verify that the operating system is configured to allow sending email notifications.\n\nNote: The \"mailx\" package provides the \"mail\" command that is used to send email messages.\n\nVerify that the \"mailx\" package is installed on the system:\n\n     $ sudo yum list installed mailx\n\n     mailx.x86_64     12.5-29.el8     @rhel-8-for-x86_64-baseos-rpm\n\nIf \"mailx\" package is not installed, this is a finding.'\n  desc 'fix', 'Install the \"mailx\" package on the system:\n\n     $ sudo yum install mailx'\n  impact 0.5\n  tag check_id: 'C-60652r902753_chk'\n  tag severity: 'medium'\n  tag gid: 'V-256974'\n  tag rid: 'SV-256974r902755_rule'\n  tag stig_id: 'RHEL-08-010358'\n  tag gtitle: 'SRG-OS-000363-GPOS-00150'\n  tag fix_id: 'F-60594r902754_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001744']\n  tag nist: ['CM-3 (5)']\n  tag 'host', 'container'\n\n  mail_package = input('mail_package')\n\n  describe package(mail_package) do\n    it { should be_installed }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-256974.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "System Package mailx is expected to be installed",
+              "run_time": 0.217642,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "resource_class": "package",
+              "resource_params": "[\"mailx\"]",
+              "resource_id": "mailx"
+            }
+          ]
+        },
+        {
+          "id": "SV-257258",
+          "title": "RHEL 8 must terminate idle user sessions.",
+          "desc": "Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended."
+            },
+            {
+              "label": "check",
+              "data": "Verify that RHEL 8 logs out sessions that are idle for 15 minutes with the following command:\n\n     $ sudo grep -i ^StopIdleSessionSec /etc/systemd/logind.conf\n\n     StopIdleSessionSec=900\n\nIf \"StopIdleSessionSec\" is not configured to \"900\" seconds, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure RHEL 8 to log out idle sessions by editing the /etc/systemd/logind.conf file with the following line:\n\n     StopIdleSessionSec=900\n\nThe \"logind\" service must be restarted for the changes to take effect. To restart the \"logind\" service, run the following command:\n\n     $ sudo systemctl restart systemd-logind"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "check_id": "C-60942r917889_chk",
+            "severity": "medium",
+            "gid": "V-257258",
+            "rid": "SV-257258r917891_rule",
+            "stig_id": "RHEL-08-020035",
+            "gtitle": "SRG-OS-000163-GPOS-00072",
+            "fix_id": "F-60884r917890_fix",
+            "documentable": null,
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ],
+            "container": null,
+            "host": null
+          },
+          "code": "control 'SV-257258' do\n  title 'RHEL 8 must terminate idle user sessions.'\n  desc 'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended.'\n  desc 'check', 'Verify that RHEL 8 logs out sessions that are idle for 15 minutes with the following command:\n\n     $ sudo grep -i ^StopIdleSessionSec /etc/systemd/logind.conf\n\n     StopIdleSessionSec=900\n\nIf \"StopIdleSessionSec\" is not configured to \"900\" seconds, this is a finding.'\n  desc 'fix', 'Configure RHEL 8 to log out idle sessions by editing the /etc/systemd/logind.conf file with the following line:\n\n     StopIdleSessionSec=900\n\nThe \"logind\" service must be restarted for the changes to take effect. To restart the \"logind\" service, run the following command:\n\n     $ sudo systemctl restart systemd-logind'\n  impact 0.5\n  tag check_id: 'C-60942r917889_chk'\n  tag severity: 'medium'\n  tag gid: 'V-257258'\n  tag rid: 'SV-257258r917891_rule'\n  tag stig_id: 'RHEL-08-020035'\n  tag gtitle: 'SRG-OS-000163-GPOS-00072'\n  tag fix_id: 'F-60884r917890_fix'\n  tag 'documentable'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n  tag 'container', 'host'\n\n  stop_idle_session_sec = input('stop_idle_session_sec')\n\n  describe parse_config_file('/etc/systemd/logind.conf') do\n    its('Login') { should include('StopIdleSessionSec' => stop_idle_session_sec.to_s) }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "/Users/alippold/github/mitre/redhat-enterprise-linux-8-stig-baseline/controls/SV-257258.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Parse Config File /etc/systemd/logind.conf Login is expected to include {\"StopIdleSessionSec\" => \"900\"}",
+              "run_time": 0.000975,
+              "start_time": "2024-01-09T19:41:07-05:00",
+              "message": "expected {} to include {\"StopIdleSessionSec\" => \"900\"}",
+              "resource_class": "parse_config_file",
+              "resource_params": "[\"/etc/systemd/logind.conf\"]",
+              "resource_id": "/etc/systemd/logind.conf"
+            }
+          ]
+        }
+      ],
+      "status": "loaded",
+      "status_message": ""
+    }
+  ],
+  "statistics": {
+    "duration": 29.632618
+  },
+  "version": "6.6.0"
+}
\ No newline at end of file
diff --git a/test/sample_data/HDF/input/vSphere8_report.json b/test/sample_data/HDF/input/vSphere8_report.json
index bcefdb349..fae334b5e 100644
--- a/test/sample_data/HDF/input/vSphere8_report.json
+++ b/test/sample_data/HDF/input/vSphere8_report.json
@@ -1 +1,21999 @@
-{"platform":{"name":"windows_11_enterprise","release":"10.0.22621","target_id":"b602ff65-60bf-59e9-aa86-c414b787823f"},"profiles":[{"name":"vmware-vsphere-8.0-stig-baseline","version":"1.0.1","sha256":"037df02b2bce1332a63d955e79ec40ce574f703eb75c99ba683cac85c3471612","title":"InSpec Wrapper Profile for VMware vSphere 8.0 STIG Readiness Guide Version 1 Release 1","maintainer":"VMware","summary":"An InSpec Compliance Profile that runs PowerCLI audit tests on ESXI, VMs, and vCenter","license":"Apache-2.0","copyright":"The Authors","copyright_email":"stigs@vmware.com","supports":[],"attributes":[{"name":"vmhostName","options":{"value":"10.186.25.26"}},{"name":"cluster","options":{"value":""}},{"name":"allesxi","options":{"value":false}},{"name":"adJoined","options":{"value":false}},{"name":"adAdminGroup","options":{"value":"MyAdAdminGroup"}},{"name":"syslogServer","options":{"value":"tcp://log.test.local:514"}},{"name":"esxiNtpServers","options":{"value":["time-a-g.nist.gov","time-b-g.nist.gov"]}},{"name":"vMotionVlanId","options":{"value":"100"}},{"name":"mgtVlanId","options":{"value":"101"}},{"name":"exceptionUsers","options":{"value":["root","dcui"]}},{"name":"snmpEnabled","options":{"value":"false"}},{"name":"esxiBuildNumber","options":{"value":"21813344"}},{"name":"syslogServers","options":{"value":["loginsight.vmware.com","syslog.server2.com"]}},{"name":"ntpServers","options":{"value":["time-a-g.nist.gov","time-b-g.nist.gov"]}},{"name":"ipfixCollectorAddress","options":{"value":""}},{"name":"vcCryptoAdmins","options":{"value":["VSPHERE.LOCAL\\Administrator","VSPHERE.LOCAL\\Administrators","VSPHERE.LOCAL\\vCLSAdmin"]}},{"name":"vcCryptoRoles","options":{"value":["Admin","NoTrustedAdmin","vCLSAdmin","vSphereKubernetesManager"]}},{"name":"bashShellAdminUsers","options":{"value":["Administrator"]}},{"name":"bashShellAdminGroups","options":{"value":[]}},{"name":"trustedAdminUsers","options":{"value":[]}},{"name":"trustedAdminGroups","options":{"value":[]}},{"name":"backup3rdParty","options":{"value":false}},{"name":"vmName","options":{"value":""}},{"name":"allvms","options":{"value":true}}],"depends":[{"name":"esxi","path":"esxi","status":"loaded"},{"name":"vcenter","path":"vcenter","status":"loaded"},{"name":"vm","path":"vm","status":"loaded"}],"groups":[{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000005.rb","controls":["ESXI-80-000005"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000006.rb","controls":["ESXI-80-000006"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000008.rb","controls":["ESXI-80-000008"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000010.rb","controls":["ESXI-80-000010"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000014.rb","controls":["ESXI-80-000014"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000015.rb","controls":["ESXI-80-000015"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000035.rb","controls":["ESXI-80-000035"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000043.rb","controls":["ESXI-80-000043"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000047.rb","controls":["ESXI-80-000047"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000049.rb","controls":["ESXI-80-000049"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000052.rb","controls":["ESXI-80-000052"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000068.rb","controls":["ESXI-80-000068"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000085.rb","controls":["ESXI-80-000085"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000094.rb","controls":["ESXI-80-000094"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000111.rb","controls":["ESXI-80-000111"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000113.rb","controls":["ESXI-80-000113"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000114.rb","controls":["ESXI-80-000114"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000124.rb","controls":["ESXI-80-000124"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000133.rb","controls":["ESXI-80-000133"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000145.rb","controls":["ESXI-80-000145"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000160.rb","controls":["ESXI-80-000160"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000161.rb","controls":["ESXI-80-000161"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000187.rb","controls":["ESXI-80-000187"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000189.rb","controls":["ESXI-80-000189"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000191.rb","controls":["ESXI-80-000191"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000192.rb","controls":["ESXI-80-000192"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000193.rb","controls":["ESXI-80-000193"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000194.rb","controls":["ESXI-80-000194"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000195.rb","controls":["ESXI-80-000195"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000196.rb","controls":["ESXI-80-000196"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000198.rb","controls":["ESXI-80-000198"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000199.rb","controls":["ESXI-80-000199"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000201.rb","controls":["ESXI-80-000201"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000202.rb","controls":["ESXI-80-000202"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000203.rb","controls":["ESXI-80-000203"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000204.rb","controls":["ESXI-80-000204"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000205.rb","controls":["ESXI-80-000205"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000206.rb","controls":["ESXI-80-000206"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000207.rb","controls":["ESXI-80-000207"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000208.rb","controls":["ESXI-80-000208"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000209.rb","controls":["ESXI-80-000209"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000210.rb","controls":["ESXI-80-000210"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000211.rb","controls":["ESXI-80-000211"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000212.rb","controls":["ESXI-80-000212"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000213.rb","controls":["ESXI-80-000213"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000214.rb","controls":["ESXI-80-000214"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000215.rb","controls":["ESXI-80-000215"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000216.rb","controls":["ESXI-80-000216"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000217.rb","controls":["ESXI-80-000217"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000218.rb","controls":["ESXI-80-000218"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000219.rb","controls":["ESXI-80-000219"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000220.rb","controls":["ESXI-80-000220"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000221.rb","controls":["ESXI-80-000221"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000222.rb","controls":["ESXI-80-000222"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000223.rb","controls":["ESXI-80-000223"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000224.rb","controls":["ESXI-80-000224"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000225.rb","controls":["ESXI-80-000225"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000226.rb","controls":["ESXI-80-000226"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000227.rb","controls":["ESXI-80-000227"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000228.rb","controls":["ESXI-80-000228"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000229.rb","controls":["ESXI-80-000229"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000230.rb","controls":["ESXI-80-000230"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000231.rb","controls":["ESXI-80-000231"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000232.rb","controls":["ESXI-80-000232"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000233.rb","controls":["ESXI-80-000233"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000234.rb","controls":["ESXI-80-000234"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000235.rb","controls":["ESXI-80-000235"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000236.rb","controls":["ESXI-80-000236"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000237.rb","controls":["ESXI-80-000237"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000238.rb","controls":["ESXI-80-000238"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000239.rb","controls":["ESXI-80-000239"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000240.rb","controls":["ESXI-80-000240"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000241.rb","controls":["ESXI-80-000241"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000243.rb","controls":["ESXI-80-000243"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000244.rb","controls":["ESXI-80-000244"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000245.rb","controls":["ESXI-80-000245"]},{"id":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000246.rb","controls":["ESXI-80-000246"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000009.rb","controls":["VCSA-80-000009"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000023.rb","controls":["VCSA-80-000023"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000024.rb","controls":["VCSA-80-000024"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000034.rb","controls":["VCSA-80-000034"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000057.rb","controls":["VCSA-80-000057"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000059.rb","controls":["VCSA-80-000059"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000060.rb","controls":["VCSA-80-000060"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000069.rb","controls":["VCSA-80-000069"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000070.rb","controls":["VCSA-80-000070"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000071.rb","controls":["VCSA-80-000071"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000072.rb","controls":["VCSA-80-000072"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000073.rb","controls":["VCSA-80-000073"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000074.rb","controls":["VCSA-80-000074"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000077.rb","controls":["VCSA-80-000077"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000079.rb","controls":["VCSA-80-000079"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000080.rb","controls":["VCSA-80-000080"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000089.rb","controls":["VCSA-80-000089"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000095.rb","controls":["VCSA-80-000095"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000110.rb","controls":["VCSA-80-000110"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000123.rb","controls":["VCSA-80-000123"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000145.rb","controls":["VCSA-80-000145"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000148.rb","controls":["VCSA-80-000148"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000150.rb","controls":["VCSA-80-000150"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000158.rb","controls":["VCSA-80-000158"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000195.rb","controls":["VCSA-80-000195"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000196.rb","controls":["VCSA-80-000196"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000248.rb","controls":["VCSA-80-000248"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000253.rb","controls":["VCSA-80-000253"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000265.rb","controls":["VCSA-80-000265"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000266.rb","controls":["VCSA-80-000266"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000267.rb","controls":["VCSA-80-000267"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000268.rb","controls":["VCSA-80-000268"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000269.rb","controls":["VCSA-80-000269"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000270.rb","controls":["VCSA-80-000270"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000271.rb","controls":["VCSA-80-000271"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000272.rb","controls":["VCSA-80-000272"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000273.rb","controls":["VCSA-80-000273"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000274.rb","controls":["VCSA-80-000274"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000275.rb","controls":["VCSA-80-000275"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000276.rb","controls":["VCSA-80-000276"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000277.rb","controls":["VCSA-80-000277"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000278.rb","controls":["VCSA-80-000278"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000279.rb","controls":["VCSA-80-000279"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000280.rb","controls":["VCSA-80-000280"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000281.rb","controls":["VCSA-80-000281"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000282.rb","controls":["VCSA-80-000282"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000283.rb","controls":["VCSA-80-000283"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000284.rb","controls":["VCSA-80-000284"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000285.rb","controls":["VCSA-80-000285"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000286.rb","controls":["VCSA-80-000286"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000287.rb","controls":["VCSA-80-000287"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000288.rb","controls":["VCSA-80-000288"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000290.rb","controls":["VCSA-80-000290"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000291.rb","controls":["VCSA-80-000291"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000292.rb","controls":["VCSA-80-000292"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000293.rb","controls":["VCSA-80-000293"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000294.rb","controls":["VCSA-80-000294"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000295.rb","controls":["VCSA-80-000295"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000296.rb","controls":["VCSA-80-000296"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000298.rb","controls":["VCSA-80-000298"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000299.rb","controls":["VCSA-80-000299"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000300.rb","controls":["VCSA-80-000300"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000301.rb","controls":["VCSA-80-000301"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000302.rb","controls":["VCSA-80-000302"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000303.rb","controls":["VCSA-80-000303"]},{"id":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000304.rb","controls":["VCSA-80-000304"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000189.rb","controls":["VMCH-80-000189"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000191.rb","controls":["VMCH-80-000191"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000192.rb","controls":["VMCH-80-000192"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000193.rb","controls":["VMCH-80-000193"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000194.rb","controls":["VMCH-80-000194"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000195.rb","controls":["VMCH-80-000195"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000196.rb","controls":["VMCH-80-000196"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000197.rb","controls":["VMCH-80-000197"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000198.rb","controls":["VMCH-80-000198"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000199.rb","controls":["VMCH-80-000199"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000200.rb","controls":["VMCH-80-000200"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000201.rb","controls":["VMCH-80-000201"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000202.rb","controls":["VMCH-80-000202"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000203.rb","controls":["VMCH-80-000203"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000204.rb","controls":["VMCH-80-000204"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000205.rb","controls":["VMCH-80-000205"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000206.rb","controls":["VMCH-80-000206"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000207.rb","controls":["VMCH-80-000207"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000208.rb","controls":["VMCH-80-000208"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000209.rb","controls":["VMCH-80-000209"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000210.rb","controls":["VMCH-80-000210"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000211.rb","controls":["VMCH-80-000211"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000212.rb","controls":["VMCH-80-000212"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000213.rb","controls":["VMCH-80-000213"]},{"id":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000214.rb","controls":["VMCH-80-000214"]}],"controls":[{"id":"ESXI-80-000005","title":"The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.","desc":"By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountLockFailures\" value and verify it is set to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\nIf the \"Security.AccountLockFailures\" setting is set to a value other than \"3\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountLockFailures\" value and configure it to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-VMM-000050","gid":"V-ESXI-80-000005","rid":"SV-ESXI-80-000005","stig_id":"ESXI-80-000005","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'ESXI-80-000005' do\n  title 'The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.'\n  desc  'By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountLockFailures\\\" value and verify it is set to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\n    If the \\\"Security.AccountLockFailures\\\" setting is set to a value other than \\\"3\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountLockFailures\\\" value and configure it to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-VMM-000050'\n  tag gid: 'V-ESXI-80-000005'\n  tag rid: 'SV-ESXI-80-000005'\n  tag stig_id: 'ESXI-80-000005'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '3' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000005.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000006","title":"The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).","desc":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Annotations.WelcomeMessage\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\nIf the \"Annotations.WelcomeMessage\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Annotations.WelcomeMessage\" value and set it to the following. Click \"OK\".\n\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\t{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \"<Banner text above>\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-VMM-000060","satisfies":["SRG-OS-000024-VMM-000070"],"gid":"V-ESXI-80-000006","rid":"SV-ESXI-80-000006","stig_id":"ESXI-80-000006","cci":["CCI-000048","CCI-000050"],"nist":["AC-8 a","AC-8 b"]},"code":"control 'ESXI-80-000006' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Annotations.WelcomeMessage\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\n    If the \\\"Annotations.WelcomeMessage\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Annotations.WelcomeMessage\\\" value and set it to the following. Click \\\"OK\\\".\n\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\\t{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag satisfies: ['SRG-OS-000024-VMM-000070']\n  tag gid: 'V-ESXI-80-000006'\n  tag rid: 'SV-ESXI-80-000006'\n  tag stig_id: 'ESXI-80-000006'\n  tag cci: ['CCI-000048', 'CCI-000050']\n  tag nist: ['AC-8 a', 'AC-8 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000006.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000008","title":"The ESXi host must enable lockdown mode.","desc":"Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.","descriptions":[{"label":"default","data":"Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nScroll down to \"Lockdown Mode\" and verify it is set to \"Enabled\" (Normal or Strict).\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Select Name,@{N=\"Lockdown\";E={$_.Extensiondata.Config.LockdownMode}}\n\nIf \"Lockdown Mode\" is disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\nClick edit and select either the \"Normal\" or \"Strict\" radio buttons.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$level = \"lockdownNormal\" OR \"lockdownStrict\"\n$vmhost = Get-VMHost -Name <hostname> | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.ChangeLockdownMode($level)\n\nNote: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000027-VMM-000080","gid":"V-ESXI-80-000008","rid":"SV-ESXI-80-000008","stig_id":"ESXI-80-000008","cci":["CCI-000054"],"nist":["AC-10"]},"code":"control 'ESXI-80-000008' do\n  title 'The ESXi host must enable lockdown mode.'\n  desc  \"\n    Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\n    By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Scroll down to \\\"Lockdown Mode\\\" and verify it is set to \\\"Enabled\\\" (Normal or Strict).\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Select Name,@{N=\\\"Lockdown\\\";E={$_.Extensiondata.Config.LockdownMode}}\n\n    If \\\"Lockdown Mode\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\n    Click edit and select either the \\\"Normal\\\" or \\\"Strict\\\" radio buttons.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $level = \\\"lockdownNormal\\\" OR \\\"lockdownStrict\\\"\n    $vmhost = Get-VMHost -Name <hostname> | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.ChangeLockdownMode($level)\n\n    Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000027-VMM-000080'\n  tag gid: 'V-ESXI-80-000008'\n  tag rid: 'SV-ESXI-80-000008'\n  tag stig_id: 'ESXI-80-000008'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['lockdownNormal', 'lockdownStrict']\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).Extensiondata.Config.LockdownMode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000008.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000010","title":"The ESXi host client must be configured with an idle session timeout.","desc":"The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.","descriptions":[{"label":"default","data":"The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.HostClientSessionTimeout\" value and verify it is set to \"900\" or less.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\nIf the \"UserVars.HostClientSessionTimeout\" setting is not set to \"900\" or less, this is a finding."},{"label":"fix","data":"Fom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.HostClientSessionTimeout\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \"900\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-VMM-000100","gid":"V-ESXI-80-000010","rid":"SV-ESXI-80-000010","stig_id":"ESXI-80-000010","cci":["CCI-000057"],"nist":["AC-11 a"]},"code":"control 'ESXI-80-000010' do\n  title 'The ESXi host client must be configured with an idle session timeout.'\n  desc  'The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.HostClientSessionTimeout\\\" value and verify it is set to \\\"900\\\" or less.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\n    If the \\\"UserVars.HostClientSessionTimeout\\\" setting is not set to \\\"900\\\" or less, this is a finding.\n  \"\n  desc  'fix', \"\n    Fom the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.HostClientSessionTimeout\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \\\"900\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-VMM-000100'\n  tag gid: 'V-ESXI-80-000010'\n  tag rid: 'SV-ESXI-80-000010'\n  tag stig_id: 'ESXI-80-000010'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000010.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000014","title":"The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.","desc":"Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.","descriptions":[{"label":"default","data":"Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.security.fips140.ssh.get.invoke()\n\nExpected result:\n\nEnabled: true\n\nIf the FIPS mode is not enabled for SSH, this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh set -e true\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n$arguments.enable = $true\n$esxcli.system.security.fips140.ssh.set.Invoke($arguments)"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000033-VMM-000140","gid":"V-ESXI-80-000014","rid":"SV-ESXI-80-000014","stig_id":"ESXI-80-000014","cci":["CCI-000068"],"nist":["AC-17 (2)"]},"code":"control 'ESXI-80-000014' do\n  title 'The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.'\n  desc  \"\n    Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\n    OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.security.fips140.ssh.get.invoke()\n\n    Expected result:\n\n    Enabled: true\n\n    If the FIPS mode is not enabled for SSH, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh set -e true\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n    $arguments.enable = $true\n    $esxcli.system.security.fips140.ssh.set.Invoke($arguments)\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-VMM-000140'\n  tag gid: 'V-ESXI-80-000014'\n  tag rid: 'SV-ESXI-80-000014'\n  tag stig_id: 'ESXI-80-000014'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000014.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000015","title":"The ESXi must produce audit records containing information to establish what type of events occurred.","desc":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.","descriptions":[{"label":"default","data":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.log.level\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\nIf the \"Config.HostAgent.log.level\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.log.level\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \"info\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000037-VMM-000150","satisfies":["SRG-OS-000063-VMM-000310"],"gid":"V-ESXI-80-000015","rid":"SV-ESXI-80-000015","stig_id":"ESXI-80-000015","cci":["CCI-000130","CCI-000171"],"nist":["AU-12 b","AU-3"]},"code":"control 'ESXI-80-000015' do\n  title 'The ESXi must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.log.level\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\n    If the \\\"Config.HostAgent.log.level\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.log.level\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag satisfies: ['SRG-OS-000063-VMM-000310']\n  tag gid: 'V-ESXI-80-000015'\n  tag rid: 'SV-ESXI-80-000015'\n  tag stig_id: 'ESXI-80-000015'\n  tag cci: ['CCI-000130', 'CCI-000171']\n  tag nist: ['AU-12 b', 'AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000015.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000035","title":"The ESXi host must enforce password complexity by configuring a password quality policy.","desc":"To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.","descriptions":[{"label":"default","data":"To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordQualityControl\" value and verify it is set to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\nIf the \"Security.PasswordQualityControl\" setting is set to a value other than \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordQualityControl\" value and configure it to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000069-VMM-000360","satisfies":["SRG-OS-000070-VMM-000370","SRG-OS-000071-VMM-000380","SRG-OS-000072-VMM-000390","SRG-OS-000078-VMM-000450","SRG-OS-000266-VMM-000940"],"gid":"V-ESXI-80-000035","rid":"SV-ESXI-80-000035","stig_id":"ESXI-80-000035","cci":["CCI-000192","CCI-000193","CCI-000194","CCI-000195","CCI-000205","CCI-001619"],"nist":["IA-5 (1) (a)","IA-5 (1) (b)"]},"code":"control 'ESXI-80-000035' do\n  title 'The ESXi host must enforce password complexity by configuring a password quality policy.'\n  desc  \"\n    To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\n    The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordQualityControl\\\" value and verify it is set to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\n    If the \\\"Security.PasswordQualityControl\\\" setting is set to a value other than \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordQualityControl\\\" value and configure it to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-VMM-000360'\n  tag satisfies: ['SRG-OS-000070-VMM-000370', 'SRG-OS-000071-VMM-000380', 'SRG-OS-000072-VMM-000390', 'SRG-OS-000078-VMM-000450', 'SRG-OS-000266-VMM-000940']\n  tag gid: 'V-ESXI-80-000035'\n  tag rid: 'SV-ESXI-80-000035'\n  tag stig_id: 'ESXI-80-000035'\n  tag cci: ['CCI-000192', 'CCI-000193', 'CCI-000194', 'CCI-000195', 'CCI-000205', 'CCI-001619']\n  tag nist: ['IA-5 (1) (a)', 'IA-5 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'similar=deny retry=3 min=disabled,disabled,disabled,disabled,15' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000035.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000043","title":"The ESXi host must prohibit password reuse for a minimum of five generations.","desc":"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.","descriptions":[{"label":"default","data":"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordHistory\" value and verify it is set to \"5\" or greater.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\nIf the \"Security.PasswordHistory\" setting is set to a value other than 5 or greater, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordHistory\" value and configure it to \"5\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000077-VMM-000440","gid":"V-ESXI-80-000043","rid":"SV-ESXI-80-000043","stig_id":"ESXI-80-000043","cci":["CCI-000200"],"nist":["IA-5 (1) (e)"]},"code":"control 'ESXI-80-000043' do\n  title 'The ESXi host must prohibit password reuse for a minimum of five generations.'\n  desc  \"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordHistory\\\" value and verify it is set to \\\"5\\\" or greater.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\n    If the \\\"Security.PasswordHistory\\\" setting is set to a value other than 5 or greater, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordHistory\\\" value and configure it to \\\"5\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-VMM-000440'\n  tag gid: 'V-ESXI-80-000043'\n  tag rid: 'SV-ESXI-80-000043'\n  tag stig_id: 'ESXI-80-000043'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '5' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000043.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000047","title":"The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).","desc":"The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.","descriptions":[{"label":"default","data":"The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.solo.enableMob\" value and verify it is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\nIf the \"Config.HostAgent.plugins.solo.enableMob\" setting is not set to \"false\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.solo.enableMob\" value and configure it to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-VMM-000480","gid":"V-ESXI-80-000047","rid":"SV-ESXI-80-000047","stig_id":"ESXI-80-000047","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'ESXI-80-000047' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).'\n  desc  'The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and verify it is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\n    If the \\\"Config.HostAgent.plugins.solo.enableMob\\\" setting is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and configure it to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000047'\n  tag rid: 'SV-ESXI-80-000047'\n  tag stig_id: 'ESXI-80-000047'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000047.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000049","title":"The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.","desc":"Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.","descriptions":[{"label":"default","data":"Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain."},{"label":"rationale","data":""},{"label":"check","data":"For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nVerify the \"Directory Services Type\" is set to \"Active Directory\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication\n\nFor systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\nIf the \"Directory Services Type\" is not set to \"Active Directory\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nClick \"Join Domain...\" and enter the AD domain to join.\n\nSelect the \"Using credentials\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \"user@domain\"). Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \"domain name\" -User \"username\" -Password \"password\"\n\nIf any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000104-VMM-000500","satisfies":["SRG-OS-000109-VMM-000550","SRG-OS-000112-VMM-000560","SRG-OS-000113-VMM-000570","SRG-OS-000123-VMM-000620"],"gid":"V-ESXI-80-000049","rid":"SV-ESXI-80-000049","stig_id":"ESXI-80-000049","cci":["CCI-000764","CCI-000770","CCI-001682","CCI-001941","CCI-001942"],"nist":["AC-2 (2)","IA-2","IA-2 (5)","IA-2 (8)","IA-2 (9)"]},"code":"control 'ESXI-80-000049' do\n  title 'The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.'\n  desc  \"\n    Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\n    Note: If the Active Directory group \\\"ESX Admins\\\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Verify the \\\"Directory Services Type\\\" is set to \\\"Active Directory\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication\n\n    For systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\n    If the \\\"Directory Services Type\\\" is not set to \\\"Active Directory\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Click \\\"Join Domain...\\\" and enter the AD domain to join.\n\n    Select the \\\"Using credentials\\\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \\\"user@domain\\\"). Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \\\"domain name\\\" -User \\\"username\\\" -Password \\\"password\\\"\n\n    If any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000104-VMM-000500'\n  tag satisfies: ['SRG-OS-000109-VMM-000550', 'SRG-OS-000112-VMM-000560', 'SRG-OS-000113-VMM-000570', 'SRG-OS-000123-VMM-000620']\n  tag gid: 'V-ESXI-80-000049'\n  tag rid: 'SV-ESXI-80-000049'\n  tag stig_id: 'ESXI-80-000049'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-001682', 'CCI-001941', 'CCI-001942']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-2 (8)', 'IA-2 (9)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if input('adJoined')\n      list = ['Joined', 'Ok']\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should be_in list }\n        end\n      end\n    else\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp '' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000049.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000052","title":"The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.","desc":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.","descriptions":[{"label":"default","data":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\nExpected result:\n\nignorerhosts yes\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nIgnoreRhosts yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000107-VMM-000530","gid":"V-ESXI-80-000052","rid":"SV-ESXI-80-000052","stig_id":"ESXI-80-000052","cci":["CCI-000767"],"nist":["IA-2 (3)"]},"code":"control 'ESXI-80-000052' do\n  title 'The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.'\n  desc  'SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\n    Expected result:\n\n    ignorerhosts yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000107-VMM-000530'\n  tag gid: 'V-ESXI-80-000052'\n  tag rid: 'SV-ESXI-80-000052'\n  tag stig_id: 'ESXI-80-000052'\n  tag cci: ['CCI-000767']\n  tag nist: ['IA-2 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000052.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000068","title":"The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.","desc":"If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.","descriptions":[{"label":"default","data":"If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellInteractiveTimeOut\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\nIf the \"UserVars.ESXiShellInteractiveTimeOut\" setting is set to a value greater than \"900\" or \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellInteractiveTimeOut\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-VMM-000700","satisfies":["SRG-OS-000279-VMM-001010"],"gid":"V-ESXI-80-000068","rid":"SV-ESXI-80-000068","stig_id":"ESXI-80-000068","cci":["CCI-001133","CCI-002361"],"nist":["AC-12","SC-10"]},"code":"control 'ESXI-80-000068' do\n  title 'The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.'\n  desc  'If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\n    If the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" setting is set to a value greater than \\\"900\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag satisfies: ['SRG-OS-000279-VMM-001010']\n  tag gid: 'V-ESXI-80-000068'\n  tag rid: 'SV-ESXI-80-000068'\n  tag stig_id: 'ESXI-80-000068'\n  tag cci: ['CCI-001133', 'CCI-002361']\n  tag nist: ['AC-12', 'SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000068.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000085","title":"The ESXi host must implement Secure Boot enforcement.","desc":"Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.","descriptions":[{"label":"default","data":"Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining."},{"label":"rationale","data":""},{"label":"check","data":"If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\nExpected result:\n\nRequire Secure Boot: true\n\nIf \"Require Secure Boot\" is not enable, this is a finding."},{"label":"fix","data":"This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\nFrom an ESXi shell, run the following commands:\n\n# esxcli system settings encryption set --require-secure-boot=true\n# /sbin/auto-backup.sh\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.requiresecureboot = $true\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000257-VMM-000910","satisfies":["SRG-OS-000258-VMM-000920","SRG-OS-000445-VMM-001780","SRG-OS-000446-VMM-001790"],"gid":"V-ESXI-80-000085","rid":"SV-ESXI-80-000085","stig_id":"ESXI-80-000085","cci":["CCI-001494","CCI-001495","CCI-002696","CCI-002699"],"nist":["AU-9","SI-6 a","SI-6 b"]},"code":"control 'ESXI-80-000085' do\n  title 'The ESXi host must implement Secure Boot enforcement.'\n  desc  \"\n    Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\n    Expected result:\n\n    Require Secure Boot: true\n\n    If \\\"Require Secure Boot\\\" is not enable, this is a finding.\n  \"\n  desc 'fix', \"\n    This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings encryption set --require-secure-boot=true\n    # /sbin/auto-backup.sh\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.requiresecureboot = $true\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000257-VMM-000910'\n  tag satisfies: ['SRG-OS-000258-VMM-000920', 'SRG-OS-000445-VMM-001780', 'SRG-OS-000446-VMM-001790']\n  tag gid: 'V-ESXI-80-000085'\n  tag rid: 'SV-ESXI-80-000085'\n  tag stig_id: 'ESXI-80-000085'\n  tag cci: ['CCI-001494', 'CCI-001495', 'CCI-002696', 'CCI-002699']\n  tag nist: ['AU-9', 'SI-6 a', 'SI-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000085.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000094","title":"The ESXi host must enable Secure Boot.","desc":"Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.","descriptions":[{"label":"default","data":"Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\nIf Secure Boot is not \"Enabled\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\nIf the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\nOnce all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\nTo enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000278-VMM-001000","gid":"V-ESXI-80-000094","rid":"SV-ESXI-80-000094","stig_id":"ESXI-80-000094","cci":["CCI-001496"],"nist":["AU-9 (3)"]},"code":"control 'ESXI-80-000094' do\n  title 'The ESXi host must enable Secure Boot.'\n  desc  \"\n    Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \\\"turn on\\\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\n    If Secure Boot is not \\\"Enabled\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\n    If the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\n    Once all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\n    To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-VMM-001000'\n  tag gid: 'V-ESXI-80-000094'\n  tag rid: 'SV-ESXI-80-000094'\n  tag stig_id: 'ESXI-80-000094'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000094.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000111","title":"The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.","desc":"By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.","descriptions":[{"label":"default","data":"By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountUnlockTime\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\nIf the \"Security.AccountUnlockTime\" setting is less than 900 or 0, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountUnlockTime\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000329-VMM-001180","gid":"V-ESXI-80-000111","rid":"SV-ESXI-80-000111","stig_id":"ESXI-80-000111","cci":["CCI-002238"],"nist":["AC-7 b"]},"code":"control 'ESXI-80-000111' do\n  title 'The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.'\n  desc  'By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountUnlockTime\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\n    If the \\\"Security.AccountUnlockTime\\\" setting is less than 900 or 0, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountUnlockTime\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000329-VMM-001180'\n  tag gid: 'V-ESXI-80-000111'\n  tag rid: 'SV-ESXI-80-000111'\n  tag stig_id: 'ESXI-80-000111'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000111.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000113","title":"The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.","desc":"In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.","descriptions":[{"label":"default","data":"In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageCapacity\" value and verify it is set to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\nIf the \"Syslog.global.auditRecord.storageCapacity\" setting is not set to 100, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageCapacity\" value and configure it to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000341-VMM-001220","gid":"V-ESXI-80-000113","rid":"SV-ESXI-80-000113","stig_id":"ESXI-80-000113","cci":["CCI-001849"],"nist":["AU-4"]},"code":"control 'ESXI-80-000113' do\n  title 'The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.'\n  desc  \"\n    In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\n    If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and verify it is set to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\n    If the \\\"Syslog.global.auditRecord.storageCapacity\\\" setting is not set to 100, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and configure it to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000113'\n  tag rid: 'SV-ESXI-80-000113'\n  tag stig_id: 'ESXI-80-000113'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '100' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000113.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000114","title":"The ESXi host must off-load logs via syslog.","desc":"Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.","descriptions":[{"label":"default","data":"Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logHost\" value and verify it is set to a site-specific syslog server.\n\nSyslog servers are specified in the following formats:\n\nudp://<IP or FQDN>:514\ntcp://<IP or FQDN>:514\nssl://<IP or FQDN>:1514\n\nMultiple servers can also be specified when separated by commas.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\nIf the \"Syslog.global.logHost\" setting is not set to a valid, site-specific syslog server, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logHost\" value and configure it to a site-specific syslog server.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \"enter site specific servers\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-VMM-001230","satisfies":["SRG-OS-000274-VMM-000960","SRG-OS-000275-VMM-000970","SRG-OS-000277-VMM-000990","SRG-OS-000479-VMM-001990"],"gid":"V-ESXI-80-000114","rid":"SV-ESXI-80-000114","stig_id":"ESXI-80-000114","cci":["CCI-001683","CCI-001684","CCI-001686","CCI-001851"],"nist":["AC-2 (4)","AU-4 (1)"]},"code":"control 'ESXI-80-000114' do\n  title 'The ESXi host must off-load logs via syslog.'\n  desc  \"\n    Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\n    Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logHost\\\" value and verify it is set to a site-specific syslog server.\n\n    Syslog servers are specified in the following formats:\n\n    udp://<IP or FQDN>:514\n    tcp://<IP or FQDN>:514\n    ssl://<IP or FQDN>:1514\n\n    Multiple servers can also be specified when separated by commas.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\n    If the \\\"Syslog.global.logHost\\\" setting is not set to a valid, site-specific syslog server, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logHost\\\" value and configure it to a site-specific syslog server.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \\\"enter site specific servers\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag satisfies: ['SRG-OS-000274-VMM-000960', 'SRG-OS-000275-VMM-000970', 'SRG-OS-000277-VMM-000990', 'SRG-OS-000479-VMM-001990']\n  tag gid: 'V-ESXI-80-000114'\n  tag rid: 'SV-ESXI-80-000114'\n  tag stig_id: 'ESXI-80-000114'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001686', 'CCI-001851']\n  tag nist: ['AC-2 (4)', 'AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('syslogServer')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000114.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000124","title":"The ESXi host must synchronize internal information system clocks to an authoritative time source.","desc":"To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.","descriptions":[{"label":"default","data":"To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nVerify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nVerify the NTP or PTP service is running and configured to start and stop with the host.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostNTPServer\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\" -or $_.Label -eq \"PTP Daemon\"}\n\nIf the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\"Policy\" of \"on\" in PowerCLI) or is stopped, this is a finding.\nIf PTP is used instead of NTP, this is NOT a finding."},{"label":"fix","data":"To configure NTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Network Time Protocol\".\n\nEnter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"NTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$NTPServers = \"ntpserver1\",\"ntpserver2\"\nGet-VMHost | Add-VMHostNTPServer $NTPServers\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Set-VMHostService -Policy On\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Start-VMHostService\n\nTo configure PTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Precision Time Protocol\".\n\nSelect the network adapter that can receive the PTP traffic.\n\nIf NTP servers are available, select \"Enable fallback\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"PTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000355-VMM-001330","satisfies":["SRG-OS-000356-VMM-001340"],"gid":"V-ESXI-80-000124","rid":"SV-ESXI-80-000124","stig_id":"ESXI-80-000124","cci":["CCI-001891","CCI-002046"],"nist":["AU-8 (1) (a)","AU-8 (1) (b)"]},"code":"control 'ESXI-80-000124' do\n  title 'The ESXi host must synchronize internal information system clocks to an authoritative time source.'\n  desc  'To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Verify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Verify the NTP or PTP service is running and configured to start and stop with the host.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostNTPServer\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\" -or $_.Label -eq \\\"PTP Daemon\\\"}\n\n    If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\\\"Policy\\\" of \\\"on\\\" in PowerCLI) or is stopped, this is a finding.\n    If PTP is used instead of NTP, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    To configure NTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Network Time Protocol\\\".\n\n    Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"NTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $NTPServers = \\\"ntpserver1\\\",\\\"ntpserver2\\\"\n    Get-VMHost | Add-VMHostNTPServer $NTPServers\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Set-VMHostService -Policy On\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Start-VMHostService\n\n    To configure PTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Precision Time Protocol\\\".\n\n    Select the network adapter that can receive the PTP traffic.\n\n    If NTP servers are available, select \\\"Enable fallback\\\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"PTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-VMM-001330'\n  tag satisfies: ['SRG-OS-000356-VMM-001340']\n  tag gid: 'V-ESXI-80-000124'\n  tag rid: 'SV-ESXI-80-000124'\n  tag stig_id: 'ESXI-80-000124'\n  tag cci: ['CCI-001891', 'CCI-002046']\n  tag nist: ['AU-8 (1) (a)', 'AU-8 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'on' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      results = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-VMHostNTPServer\").stdout\n      if !results.empty?\n        results.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n          describe \"NTP Server: #{result} for VMHost: #{vmhost}\" do\n            subject { result }\n            it { should be_in \"#{input('esxiNtpServers')}\" }\n          end\n        end\n      else\n        describe \"No NTP servers found on VMhost: #{vmhost}\" do\n          subject { results }\n          it { should_not be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000124.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000133","title":"The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.","desc":"Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.","descriptions":[{"label":"default","data":"Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\" view the acceptance level.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.software.acceptance.get.Invoke()\n\nIf the acceptance level is \"CommunitySupported\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\", click \"Edit\".\n\nUsing the drop-down selection, set the acceptance level as \"VMwareCertified\", \"VMwareAccepted\", or \"PartnerSupported\". The default is \"PartnerSupported\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.software.acceptance.set.CreateArgs()\n$arguments.level = \"PartnerSupported\"\n$esxcli.software.acceptance.set.Invoke($arguments)\n\nNote: \"VMwareCertified\" or \"VMwareAccepted\" may be substituted for \"PartnerSupported\", depending on local requirements. These are case sensitive."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000366-VMM-001430","satisfies":["SRG-OS-000370-VMM-001460"],"gid":"V-ESXI-80-000133","rid":"SV-ESXI-80-000133","stig_id":"ESXI-80-000133","cci":["CCI-001749","CCI-001774"],"nist":["CM-5 (3)","CM-7 (5) (b)"]},"code":"control 'ESXI-80-000133' do\n  title 'The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.'\n  desc  \"\n    Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n    1. VMwareCertified - VIBs created, tested, and signed by VMware.\n    2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n    3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n    4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\n    Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\" view the acceptance level.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.software.acceptance.get.Invoke()\n\n    If the acceptance level is \\\"CommunitySupported\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\", click \\\"Edit\\\".\n\n    Using the drop-down selection, set the acceptance level as \\\"VMwareCertified\\\", \\\"VMwareAccepted\\\", or \\\"PartnerSupported\\\". The default is \\\"PartnerSupported\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.software.acceptance.set.CreateArgs()\n    $arguments.level = \\\"PartnerSupported\\\"\n    $esxcli.software.acceptance.set.Invoke($arguments)\n\n    Note: \\\"VMwareCertified\\\" or \\\"VMwareAccepted\\\" may be substituted for \\\"PartnerSupported\\\", depending on local requirements. These are case sensitive.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-VMM-001430'\n  tag satisfies: ['SRG-OS-000370-VMM-001460']\n  tag gid: 'V-ESXI-80-000133'\n  tag rid: 'SV-ESXI-80-000133'\n  tag stig_id: 'ESXI-80-000133'\n  tag cci: ['CCI-001749', 'CCI-001774']\n  tag nist: ['CM-5 (3)', 'CM-7 (5) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['PartnerSupported', 'VMwareCertified', 'VMwareAccepted']\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000133.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000145","title":"The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.","desc":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.","descriptions":[{"label":"default","data":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."},{"label":"rationale","data":""},{"label":"check","data":"If iSCSI is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication >> Method.\n\nView the CHAP configuration and verify CHAP is required for target and host authentication.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\nIf iSCSI is used and CHAP is not set to \"required\" for both the target and host, this is a finding.\n\nIf iSCSI is used and unique CHAP secrets are not used for each host, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication.\n\nClick \"Edit...\". Set \"Authentication Method\" to \"Use bidirectional CHAP\" and enter a unique secret for each traffic flow direction.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Set-VMHostHba -ChapType Required -ChapName \"chapname\" -ChapPassword \"password\" -MutualChapEnabled $true -MutualChapName \"mutualchapname\" -MutualChapPassword \"mutualpassword\""}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000379-VMM-001550","gid":"V-ESXI-80-000145","rid":"SV-ESXI-80-000145","stig_id":"ESXI-80-000145","cci":["CCI-001967"],"nist":["IA-3 (1)"]},"code":"control 'ESXI-80-000145' do\n  title 'The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If iSCSI is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication >> Method.\n\n    View the CHAP configuration and verify CHAP is required for target and host authentication.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\n    If iSCSI is used and CHAP is not set to \\\"required\\\" for both the target and host, this is a finding.\n\n    If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication.\n\n    Click \\\"Edit...\\\". Set \\\"Authentication Method\\\" to \\\"Use bidirectional CHAP\\\" and enter a unique secret for each traffic flow direction.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Set-VMHostHba -ChapType Required -ChapName \\\"chapname\\\" -ChapPassword \\\"password\\\" -MutualChapEnabled $true -MutualChapName \\\"mutualchapname\\\" -MutualChapPassword \\\"mutualpassword\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000379-VMM-001550'\n  tag gid: 'V-ESXI-80-000145'\n  tag rid: 'SV-ESXI-80-000145'\n  tag stig_id: 'ESXI-80-000145'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(command).stdout\n\n      if iscsi_hbas.empty?\n        impact 0.0\n        describe '' do\n          skip 'There are no iSCSI HBAs present so this control is Not Applicable'\n        end\n      else\n        command1 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty MutualChapEnabled\"\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty ChapType\"\n        describe powercli_command(command1) do\n          its('stdout.strip') { should cmp 'True' }\n        end\n        describe powercli_command(command2) do\n          its('stdout.strip') { should cmp 'Required' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000145.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000160","title":"The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.","desc":"While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.","descriptions":[{"label":"default","data":"While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\nIf long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\nIf the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding."},{"label":"fix","data":"Configuration of the vMotion VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to vMotion traffic exclusively. Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-VMM-001700","gid":"V-ESXI-80-000160","rid":"SV-ESXI-80-000160","stig_id":"ESXI-80-000160","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'ESXI-80-000160' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.'\n  desc  \"\n    While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\n    The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\n    If long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\n    If the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the vMotion VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to vMotion traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000160'\n  tag rid: 'SV-ESXI-80-000160'\n  tag stig_id: 'ESXI-80-000160'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VMotionEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      if vmks.empty?\n        describe '' do\n          skip 'There are no VMKernel adapters with vMotion enabled so this control is N/A.'\n        end\n      else\n        vmks.split.each do |vmk|\n          # Check to see if vMotion and any other services are enabled on the same VMkernel adapter\n          command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should be_empty }\n          end\n          # Get vMotion Port Group Name\n          command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n          pgname = powercli_command(command3).stdout.strip\n          # Test standard port groups\n          command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" -Standard | Select-Object -ExpandProperty VlanId\"\n          stdpgs = powercli_command(command4).stdout.strip\n          unless stdpgs.empty?\n            describe 'Checking standand port group VLAN ID' do\n              subject { stdpgs }\n              it { should cmp \"#{input('vMotionVlanId')}\" }\n            end\n          end\n          describe 'SA Interview' do\n            skip 'SA also needs to confirm this VLAN is dedicated to vMotion and not routable except to other ESXi hosts.'\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000160.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000161","title":"The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.","desc":"TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi.","descriptions":[{"label":"default","data":"TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiVPsDisabledProtocols\" value and verify it is set to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\nIf the \"UserVars.ESXiVPsDisabledProtocols\" setting is set to a value other than \"sslv3,tlsv1,tlsv1.1\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiVPsDisabledProtocols\" value and configure it to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \"sslv3,tlsv1,tlsv1.1\""}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000425-VMM-001710","satisfies":["SRG-OS-000426-VMM-001720"],"gid":"V-ESXI-80-000161","rid":"SV-ESXI-80-000161","stig_id":"ESXI-80-000161","cci":["CCI-002420","CCI-002422"],"nist":["SC-8 (2)"]},"code":"control 'ESXI-80-000161' do\n  title 'The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.'\n  desc  \"\n    TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\n    Mandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\n    On interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\n    Modify TLS settings in the following order:\n    1. vCenter.\n    2. ESXi.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and verify it is set to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\n    If the \\\"UserVars.ESXiVPsDisabledProtocols\\\" setting is set to a value other than \\\"sslv3,tlsv1,tlsv1.1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and configure it to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \\\"sslv3,tlsv1,tlsv1.1\\\"\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000425-VMM-001710'\n  tag satisfies: ['SRG-OS-000426-VMM-001720']\n  tag gid: 'V-ESXI-80-000161'\n  tag rid: 'SV-ESXI-80-000161'\n  tag stig_id: 'ESXI-80-000161'\n  tag cci: ['CCI-002420', 'CCI-002422']\n  tag nist: ['SC-8 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'sslv3,tlsv1,tlsv1.1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000161.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000187","title":"The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.","desc":"Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.","descriptions":[{"label":"default","data":"Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\nExpected result:\n\nciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCiphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nNote: The ciphers line must be after the FipsMode setting."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000478-VMM-001980","gid":"V-ESXI-80-000187","rid":"SV-ESXI-80-000187","stig_id":"ESXI-80-000187","cci":["CCI-002450"],"nist":["SC-13"]},"code":"control 'ESXI-80-000187' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.'\n  desc  'Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\n    Expected result:\n\n    ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    Note: The ciphers line must be after the FipsMode setting.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000478-VMM-001980'\n  tag gid: 'V-ESXI-80-000187'\n  tag rid: 'SV-ESXI-80-000187'\n  tag stig_id: 'ESXI-80-000187'\n  tag cci: ['CCI-002450']\n  tag nist: ['SC-13']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000187.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000189","title":"The ESXi host DCUI.Access list must be verified.","desc":"Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.","descriptions":[{"label":"default","data":"Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"DCUI.Access\" value and verify only the root user is listed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\nIf the \"DCUI.Access\" is not restricted to \"root\", this is a finding.\n\nNote: This list is only for local user accounts and should only contain the root user."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"DCUI.Access\" value and configure it to \"root\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \"root\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000189","rid":"SV-ESXI-80-000189","stig_id":"ESXI-80-000189","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000189' do\n  title 'The ESXi host DCUI.Access list must be verified.'\n  desc  \"\n    Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\n    The \\\"DCUI.Access\\\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"DCUI.Access\\\" value and verify only the root user is listed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\n    If the \\\"DCUI.Access\\\" is not restricted to \\\"root\\\", this is a finding.\n\n    Note: This list is only for local user accounts and should only contain the root user.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"DCUI.Access\\\" value and configure it to \\\"root\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \\\"root\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000189'\n  tag rid: 'SV-ESXI-80-000189'\n  tag stig_id: 'ESXI-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'root' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000189.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000191","title":"The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).","desc":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.Etc.issue\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\nIf the \"Config.Etc.issue\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.Etc.issue\" value and set it to the following:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \"<Banner text above>\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-VMM-000060","gid":"V-ESXI-80-000191","rid":"SV-ESXI-80-000191","stig_id":"ESXI-80-000191","cci":["CCI-000048"],"nist":["AC-8 a"]},"code":"control 'ESXI-80-000191' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.Etc.issue\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\n    If the \\\"Config.Etc.issue\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.Etc.issue\\\" value and set it to the following:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000191'\n  tag rid: 'SV-ESXI-80-000191'\n  tag stig_id: 'ESXI-80-000191'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000191.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000192","title":"The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.","desc":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\nExpected result:\n\nbanner /etc/issue\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, navigate to and open:\n\n/etc/ssh/sshd_config\n\nEnsure that the \"Banner\" line is uncommented and set to the following:\n\nBanner /etc/issue\n\nRestart SSH from the UI or run the following command:\n\n# /etc/init.d/SSH restart"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-VMM-000060","gid":"V-ESXI-80-000192","rid":"SV-ESXI-80-000192","stig_id":"ESXI-80-000192","cci":["CCI-000048"],"nist":["AC-8 a"]},"code":"control 'ESXI-80-000192' do\n  title 'The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\n    Expected result:\n\n    banner /etc/issue\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, navigate to and open:\n\n    /etc/ssh/sshd_config\n\n    Ensure that the \\\"Banner\\\" line is uncommented and set to the following:\n\n    Banner /etc/issue\n\n    Restart SSH from the UI or run the following command:\n\n    # /etc/init.d/SSH restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000192'\n  tag rid: 'SV-ESXI-80-000192'\n  tag stig_id: 'ESXI-80-000192'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000192.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000193","title":"The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).","desc":"The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.","descriptions":[{"label":"default","data":"The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"SSH\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"}\n\nIf the SSH service is \"Running\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"SSH\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-VMM-000480","satisfies":["SRG-OS-000297-VMM-001040","SRG-OS-000298-VMM-001050"],"gid":"V-ESXI-80-000193","rid":"SV-ESXI-80-000193","stig_id":"ESXI-80-000193","cci":["CCI-000381","CCI-002314","CCI-002322"],"nist":["AC-17 (1)","AC-17 (9)","CM-7 a"]},"code":"control 'ESXI-80-000193' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).'\n  desc  \"\n    The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\n    The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"SSH\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"}\n\n    If the SSH service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"SSH\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag satisfies: ['SRG-OS-000297-VMM-001040', 'SRG-OS-000298-VMM-001050']\n  tag gid: 'V-ESXI-80-000193'\n  tag rid: 'SV-ESXI-80-000193'\n  tag stig_id: 'ESXI-80-000193'\n  tag cci: ['CCI-000381', 'CCI-002314', 'CCI-002322']\n  tag nist: ['AC-17 (1)', 'AC-17 (9)', 'CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000193.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000194","title":"The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.","desc":"The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.","descriptions":[{"label":"default","data":"The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"ESXi Shell\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"}\n\nIf the ESXi Shell service is \"Running\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"ESXi Shell\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-VMM-000480","gid":"V-ESXI-80-000194","rid":"SV-ESXI-80-000194","stig_id":"ESXI-80-000194","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'ESXI-80-000194' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.'\n  desc  \"\n    The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\n    The ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"ESXi Shell\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"}\n\n    If the ESXi Shell service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"ESXi Shell\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000194'\n  tag rid: 'SV-ESXI-80-000194'\n  tag stig_id: 'ESXI-80-000194'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000194.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000195","title":"The ESXi host must automatically stop shell services after ten minutes.","desc":"When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.","descriptions":[{"label":"default","data":"When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\nIf the \"UserVars.ESXiShellTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-VMM-000700","gid":"V-ESXI-80-000195","rid":"SV-ESXI-80-000195","stig_id":"ESXI-80-000195","cci":["CCI-001133"],"nist":["SC-10"]},"code":"control 'ESXI-80-000195' do\n  title 'The ESXi host must automatically stop shell services after ten minutes.'\n  desc  'When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\n    If the \\\"UserVars.ESXiShellTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000195'\n  tag rid: 'SV-ESXI-80-000195'\n  tag stig_id: 'ESXI-80-000195'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000195.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000196","title":"The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.","desc":"When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.","descriptions":[{"label":"default","data":"When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.DcuiTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\nIf the \"UserVars.DcuiTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.DcuiTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-VMM-000700","gid":"V-ESXI-80-000196","rid":"SV-ESXI-80-000196","stig_id":"ESXI-80-000196","cci":["CCI-001133"],"nist":["SC-10"]},"code":"control 'ESXI-80-000196' do\n  title 'The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.'\n  desc  'When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.DcuiTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\n    If the \\\"UserVars.DcuiTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.DcuiTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000196'\n  tag rid: 'SV-ESXI-80-000196'\n  tag stig_id: 'ESXI-80-000196'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000196.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000198","title":"The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.","desc":"The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.","descriptions":[{"label":"default","data":"The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for management traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on any Management VMkernel adapter, this is a finding.\n\nIf the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\nIf there are any other systems or devices such as VMs on the ESXi management segment, this is a finding."},{"label":"fix","data":"Configuration of the management VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the Management VMkernel and click \"Edit\". On the Port properties tab, uncheck all services except for \"Management\". Click \"OK\".\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to management traffic exclusively. Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-VMM-001700","gid":"V-ESXI-80-000198","rid":"SV-ESXI-80-000198","stig_id":"ESXI-80-000198","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'ESXI-80-000198' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.'\n  desc  \"\n    The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\n    The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for management traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on any Management VMkernel adapter, this is a finding.\n\n    If the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\n    If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the management VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the Management VMkernel and click \\\"Edit\\\". On the Port properties tab, uncheck all services except for \\\"Management\\\". Click \\\"OK\\\".\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to management traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000198'\n  tag rid: 'SV-ESXI-80-000198'\n  tag stig_id: 'ESXI-80-000198'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      vmks.split.each do |vmk|\n        # Check to see if Management and any other services are enabled on the same VMkernel adapter\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n        describe powercli_command(command2) do\n          its('stdout.strip') { should be_empty }\n        end\n        # Get Management Port Group Name\n        command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n        pgname = powercli_command(command3).stdout.strip\n        # Test standard port groups\n        command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" | Select-Object -ExpandProperty VlanId\"\n        stdpgs = powercli_command(command4).stdout.strip\n        unless stdpgs.empty?\n          describe 'Checking standand port group VLAN ID' do\n            subject { stdpgs }\n            it { should cmp \"#{input('mgtVlanId')}\" }\n          end\n        end\n        describe 'SA Interview' do\n          skip 'SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000198.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000199","title":"The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.","desc":"Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.","descriptions":[{"label":"default","data":"Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic."},{"label":"rationale","data":""},{"label":"check","data":"If IP-based storage is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for IP-based storage traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\nIf any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."},{"label":"fix","data":"Configuration of an IP-Based VMkernel will be unique to each environment.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the VMkernel used for IP-based storage and click \"Edit\". On the \"Port\" properties tab, uncheck all services. Click \"OK\".\n\nNote: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual switches.\n\nFind the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \"Edit Settings\".\n\nOn the \"Properties\" tab, change the \"VLAN ID\" to one dedicated for IP-based storage traffic. Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-VMM-001700","gid":"V-ESXI-80-000199","rid":"SV-ESXI-80-000199","stig_id":"ESXI-80-000199","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'ESXI-80-000199' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.'\n  desc  \"\n    Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for IP-based storage traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\n    If any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-Based VMkernel will be unique to each environment.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the VMkernel used for IP-based storage and click \\\"Edit\\\". On the \\\"Port\\\" properties tab, uncheck all services. Click \\\"OK\\\".\n\n    Note: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual switches.\n\n    Find the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \\\"Edit Settings\\\".\n\n    On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to one dedicated for IP-based storage traffic. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000199'\n  tag rid: 'SV-ESXI-80-000199'\n  tag stig_id: 'ESXI-80-000199'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      # Check for iSCSI HBAs\n      commandiscsihbas = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(commandiscsihbas).stdout\n\n      # Check for vSAN VMkernels\n      commandvsanvmks = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VsanTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vsanvmks = powercli_command(commandvsanvmks).stdout\n\n      # Check for NFS Datastores\n      commandnfs = \"Get-VMHost -Name #{vmhost} | Get-Datastore | Where {$_.Type -eq 'NFS'} | Select-Object -ExpandProperty Name\"\n      nfsds = powercli_command(commandnfs).stdout\n\n      if iscsi_hbas.empty? && vsanvmks.empty? && nfsds.empty?\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not using IP-based storage, so this control is N/A.\"\n        end\n      else\n        # Do any iSCSI VMKs have any services enabled?\n        commandivmks = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.iscsi.networkportal.list.Invoke() | Select-Object -ExpandProperty Vmknic\"\n        ivmks = powercli_command(commandivmks).stdout\n        ivmks.split.each do |ivmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{ivmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Does the vSAN VMK have any other services enabled?\n        vsanvmks.split.each do |vmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Do any VMKs used for NFS storage have any services enabled?\n        unless nfsds.empty?\n          describe '' do\n            skip \"The ESXi host #{vmhost} has NFS datastores and requires manual validation.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000199.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000201","title":"The ESXi host lockdown mode exception users list must be verified.","desc":"While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.","descriptions":[{"label":"default","data":"While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", review the Exception Users list.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n$vmhost = Get-VMHost | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.QueryLockdownExceptions()\n\nIf the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\nNote: The Exception Users list is empty by default and should remain that way except under site-specific circumstances."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", click \"Edit\" and remove unnecessary users from the Exception Users list."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000201","rid":"SV-ESXI-80-000201","stig_id":"ESXI-80-000201","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000201' do\n  title 'The ESXi host lockdown mode exception users list must be verified.'\n  desc  \"\n    While a host is in lockdown mode (strict or normal), only users on the \\\"Exception Users\\\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\n    The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", review the Exception Users list.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n    $vmhost = Get-VMHost | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.QueryLockdownExceptions()\n\n    If the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\n    Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", click \\\"Edit\\\" and remove unnecessary users from the Exception Users list.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000201'\n  tag rid: 'SV-ESXI-80-000201'\n  tag stig_id: 'ESXI-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost} | Get-View; (Get-View $vmhost.ConfigManager.HostAccessManager).QueryLockdownExceptions()\"\n      results = powercli_command(command).stdout\n      if !results.empty?\n        results.split.each do |exceptionUser|\n          describe \"Exception user: #{exceptionUser} on host: #{vmhost}\" do\n            subject { exceptionUser }\n            it { should be_in \"#{input('exceptionUsers')}\" }\n          end\n        end\n      else\n        describe \"Exception users for host: #{vmhost}\" do\n          subject { results }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000201.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000202","title":"The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.","desc":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.","descriptions":[{"label":"default","data":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\nExpected result:\n\nhostbasedauthentication no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nHostbasedAuthentication no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000202","rid":"SV-ESXI-80-000202","stig_id":"ESXI-80-000202","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000202' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.'\n  desc  \"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \\\".rhosts\\\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\n    Expected result:\n\n    hostbasedauthentication no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    HostbasedAuthentication no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000202'\n  tag rid: 'SV-ESXI-80-000202'\n  tag stig_id: 'ESXI-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000202.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000203","title":"The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.","desc":"Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.","descriptions":[{"label":"default","data":"Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\nExpected result:\n\npermitemptypasswords no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitEmptyPasswords no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000203","rid":"SV-ESXI-80-000203","stig_id":"ESXI-80-000203","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000203' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.'\n  desc  'Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\n    Expected result:\n\n    permitemptypasswords no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000203'\n  tag rid: 'SV-ESXI-80-000203'\n  tag stig_id: 'ESXI-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000203.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000204","title":"The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.","desc":"SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.","descriptions":[{"label":"default","data":"SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\nExpected result:\n\npermituserenvironment no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitUserEnvironment no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000204","rid":"SV-ESXI-80-000204","stig_id":"ESXI-80-000204","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000204' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.'\n  desc  'SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\n    Expected result:\n\n    permituserenvironment no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitUserEnvironment no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000204'\n  tag rid: 'SV-ESXI-80-000204'\n  tag stig_id: 'ESXI-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000204.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000205","title":"The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.","desc":"If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.","descriptions":[{"label":"default","data":"If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\nExpected result:\n\nstrictmodes yes\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nStrictModes yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000205","rid":"SV-ESXI-80-000205","stig_id":"ESXI-80-000205","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000205' do\n  title 'The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.'\n  desc  'If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\n    Expected result:\n\n    strictmodes yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    StrictModes yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000205'\n  tag rid: 'SV-ESXI-80-000205'\n  tag stig_id: 'ESXI-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000205.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000206","title":"The ESXi host Secure Shell (SSH) daemon must not allow compression.","desc":"If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.","descriptions":[{"label":"default","data":"If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\nExpected result:\n\ncompression no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCompression no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000206","rid":"SV-ESXI-80-000206","stig_id":"ESXI-80-000206","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000206' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow compression.'\n  desc  'If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\n    Expected result:\n\n    compression no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Compression no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000206'\n  tag rid: 'SV-ESXI-80-000206'\n  tag stig_id: 'ESXI-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000206.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000207","title":"The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.","desc":"SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.","descriptions":[{"label":"default","data":"SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\nExpected result:\n\ngatewayports no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nGatewayPorts no"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000207","rid":"SV-ESXI-80-000207","stig_id":"ESXI-80-000207","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000207' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.'\n  desc  'SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\n    Expected result:\n\n    gatewayports no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    GatewayPorts no\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000207'\n  tag rid: 'SV-ESXI-80-000207'\n  tag stig_id: 'ESXI-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000207.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000208","title":"The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.","desc":"X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.","descriptions":[{"label":"default","data":"X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\nExpected result:\n\nx11forwarding no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nX11Forwarding no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000208","rid":"SV-ESXI-80-000208","stig_id":"ESXI-80-000208","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000208' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.'\n  desc  'X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\n    Expected result:\n\n    x11forwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    X11Forwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000208'\n  tag rid: 'SV-ESXI-80-000208'\n  tag stig_id: 'ESXI-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000208.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000209","title":"The ESXi host Secure Shell (SSH) daemon must not permit tunnels.","desc":"OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).","descriptions":[{"label":"default","data":"OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs)."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\nExpected result:\n\npermittunnel no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitTunnel no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000209","rid":"SV-ESXI-80-000209","stig_id":"ESXI-80-000209","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000209' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit tunnels.'\n  desc  'OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\n    Expected result:\n\n    permittunnel no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitTunnel no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000209'\n  tag rid: 'SV-ESXI-80-000209'\n  tag stig_id: 'ESXI-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000209.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000210","title":"The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.","desc":"Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.","descriptions":[{"label":"default","data":"Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\nExpected result:\n\nclientalivecountmax 3\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveCountMax 3"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000210","rid":"SV-ESXI-80-000210","stig_id":"ESXI-80-000210","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000210' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.'\n  desc  'Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\n    Expected result:\n\n    clientalivecountmax 3\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveCountMax 3\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000210'\n  tag rid: 'SV-ESXI-80-000210'\n  tag stig_id: 'ESXI-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000210.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000211","title":"The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.","desc":"Automatically logging out idle users guards against compromises via hijacked administrative sessions.","descriptions":[{"label":"default","data":"Automatically logging out idle users guards against compromises via hijacked administrative sessions."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\nExpected result:\n\nclientaliveinterval 200\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveInterval 200"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000211","rid":"SV-ESXI-80-000211","stig_id":"ESXI-80-000211","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000211' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.'\n  desc  'Automatically logging out idle users guards against compromises via hijacked administrative sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\n    Expected result:\n\n    clientaliveinterval 200\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveInterval 200\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000211'\n  tag rid: 'SV-ESXI-80-000211'\n  tag stig_id: 'ESXI-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000211.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000212","title":"The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.","desc":"If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.","descriptions":[{"label":"default","data":"If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli system snmp get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostSnmp | Select *\n\nIf SNMP is not in use and is enabled, this is a finding.\n\nIf SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\nNote: SNMP v3 targets can only be viewed and configured via the \"esxcli\" command."},{"label":"fix","data":"To disable SNMP from an ESXi shell, run the following command:\n\n# esxcli system snmp set -e no\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi Host:\n\nGet-VMHostSnmp | Set-VMHostSnmp -Enabled $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000212","rid":"SV-ESXI-80-000212","stig_id":"ESXI-80-000212","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000212' do\n  title 'The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.'\n  desc  'If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system snmp get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostSnmp | Select *\n\n    If SNMP is not in use and is enabled, this is a finding.\n\n    If SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\n    Note: SNMP v3 targets can only be viewed and configured via the \\\"esxcli\\\" command.\n  \"\n  desc 'fix', \"\n    To disable SNMP from an ESXi shell, run the following command:\n\n    # esxcli system snmp set -e no\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi Host:\n\n    Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000212'\n  tag rid: 'SV-ESXI-80-000212'\n  tag stig_id: 'ESXI-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if \"#{input('snmpEnabled')}\" == 'false'\n      vmhosts.each do |vmhost|\n        command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'false' }\n        end\n      end\n    else\n      describe 'SNMP Enabled' do\n        skip 'Manually verify SNMP v3 is configured correctly and v2 is not used.'\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000212.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000213","title":"The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.","desc":"Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).","descriptions":[{"label":"default","data":"Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs)."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.ShareForceSalting\" value and verify it is set to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\nIf the \"Mem.ShareForceSalting\" setting is not set to 2, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.ShareForceSalting\" value and set it to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000213","rid":"SV-ESXI-80-000213","stig_id":"ESXI-80-000213","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000213' do\n  title 'The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.'\n  desc  \"\n    Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\n    Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.ShareForceSalting\\\" value and verify it is set to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\n    If the \\\"Mem.ShareForceSalting\\\" setting is not set to 2, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.ShareForceSalting\\\" value and set it to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000213'\n  tag rid: 'SV-ESXI-80-000213'\n  tag stig_id: 'ESXI-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '2' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000213.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000214","title":"The ESXi host must configure the firewall to block network traffic by default.","desc":"In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.","descriptions":[{"label":"default","data":"In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli network firewall get\n\nIf the \"Default Action\" does not equal \"DROP\", this is a finding.\nIf \"Enabled\" does not equal \"true\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy\n\nIf the Incoming or Outgoing policies are \"True\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# esxcli network firewall set --default-action=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000214","rid":"SV-ESXI-80-000214","stig_id":"ESXI-80-000214","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000214' do\n  title 'The ESXi host must configure the firewall to block network traffic by default.'\n  desc  'In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall get\n\n    If the \\\"Default Action\\\" does not equal \\\"DROP\\\", this is a finding.\n    If \\\"Enabled\\\" does not equal \\\"true\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy\n\n    If the Incoming or Outgoing policies are \\\"True\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall set --default-action=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000214'\n  tag rid: 'SV-ESXI-80-000214'\n  tag stig_id: 'ESXI-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostFirewallDefaultPolicy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000214.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000215","title":"The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.","desc":"BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.","descriptions":[{"label":"default","data":"BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.BlockGuestBPDU\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\nIf the \"Net.BlockGuestBPDU\" setting is not set to \"1\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.BlockGuestBPDU\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000215","rid":"SV-ESXI-80-000215","stig_id":"ESXI-80-000215","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000215' do\n  title 'The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.'\n  desc  \"\n    BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\n    If a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\n    The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.BlockGuestBPDU\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\n    If the \\\"Net.BlockGuestBPDU\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.BlockGuestBPDU\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000215'\n  tag rid: 'SV-ESXI-80-000215'\n  tag stig_id: 'ESXI-80-000215'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000215.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000216","title":"The ESXi host must configure virtual switch security policies to reject forged transmits.","desc":"If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.","descriptions":[{"label":"default","data":"If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."},{"label":"rationale","data":""},{"label":"check","data":"Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Forged transmits\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Forged Transmits\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Forged transmits\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Forged transmits\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000216","rid":"SV-ESXI-80-000216","stig_id":"ESXI-80-000216","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000216' do\n  title 'The ESXi host must configure virtual switch security policies to reject forged transmits.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This means the virtual switch does not compare the source and effective MAC addresses.\n\n    To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Forged transmits\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Forged Transmits\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000216'\n  tag rid: 'SV-ESXI-80-000216'\n  tag stig_id: 'ESXI-80-000216'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000216.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000217","title":"The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.","desc":"If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.","descriptions":[{"label":"default","data":"If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."},{"label":"rationale","data":""},{"label":"check","data":"This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"MAC Address Changes\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"MAC Address Changes\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"MAC Address Changes\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"MAC Address Changes\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000217","rid":"SV-ESXI-80-000217","stig_id":"ESXI-80-000217","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000217' do\n  title 'The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \\\"Reject MAC Changes\\\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"MAC Address Changes\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"MAC Address Changes\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000217'\n  tag rid: 'SV-ESXI-80-000217'\n  tag stig_id: 'ESXI-80-000217'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000217.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000218","title":"The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.","desc":"When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.","descriptions":[{"label":"default","data":"When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."},{"label":"rationale","data":""},{"label":"check","data":"This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Promiscuous Mode\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Promiscuous Mode\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Promiscuous Mode\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Promiscuous Mode\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000218","rid":"SV-ESXI-80-000218","stig_id":"ESXI-80-000218","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000218' do\n  title 'The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Promiscuous Mode\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000218'\n  tag rid: 'SV-ESXI-80-000218'\n  tag stig_id: 'ESXI-80-000218'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000218.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000219","title":"The ESXi host must restrict use of the dvFilter network application programming interface (API).","desc":"If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.","descriptions":[{"label":"default","data":"If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.DVFilterBindIpAddress\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\nIf the \"Net.DVFilterBindIpAddress\" setting is not blank and security appliances are not in use on the host, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.DVFilterBindIpAddress\" value and remove any incorrect addresses.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \"\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000219","rid":"SV-ESXI-80-000219","stig_id":"ESXI-80-000219","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000219' do\n  title 'The ESXi host must restrict use of the dvFilter network application programming interface (API).'\n  desc  \"\n    If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\n    If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\n    If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.DVFilterBindIpAddress\\\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\n    If the \\\"Net.DVFilterBindIpAddress\\\" setting is not blank and security appliances are not in use on the host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.DVFilterBindIpAddress\\\" value and remove any incorrect addresses.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \\\"\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000219'\n  tag rid: 'SV-ESXI-80-000219'\n  tag stig_id: 'ESXI-80-000219'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000219.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000220","title":"The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.","desc":"When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.","descriptions":[{"label":"default","data":"When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN."},{"label":"rationale","data":""},{"label":"check","data":"This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each standard switch, review the \"VLAN ID\" on each port group and verify it is not set to \"4095\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup | Select Name, VLanID\n\nIf any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\nClick \"Edit Settings\". On the \"Properties\" tab, change the \"VLAN ID\" to an appropriate VLAN ID. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup -Name \"portgroup name\" | Set-VirtualPortGroup -VLanId \"New VLAN#\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000220","rid":"SV-ESXI-80-000220","stig_id":"ESXI-80-000220","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000220' do\n  title 'The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.'\n  desc  \"\n    When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\n    VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each standard switch, review the \\\"VLAN ID\\\" on each port group and verify it is not set to \\\"4095\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup | Select Name, VLanID\n\n    If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\n    Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to an appropriate VLAN ID. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup -Name \\\"portgroup name\\\" | Set-VirtualPortGroup -VLanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000220'\n  tag rid: 'SV-ESXI-80-000220'\n  tag stig_id: 'ESXI-80-000220'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match '4095' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000220.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000221","title":"The ESXi host must have all security patches and updates installed.","desc":"Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.","descriptions":[{"label":"default","data":"Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities."},{"label":"rationale","data":""},{"label":"check","data":"Determine the current version and build:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Summary. Note the version string next to \"Hypervisor:\".\n\nor\n\nFrom a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n# vmware -v\n\nIf the ESXi host does not have the latest patches, this is a finding.\n\nIf the ESXi host is not on a supported release, this is a finding.\n\nThe latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\nVMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\nGo to: https://www.vmware.com/support/policies/security_response"},{"label":"fix","data":"ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\nManual patching when image profiles are not used:\n\n- Download the latest \"offline bundle\" .zip update from vmware.com. Verify the hash.\n\n- Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n- Put the ESXi host into maintenance mode.\n\n- From an ESXi shell, run the following command:\n\nesxcli software vib update -d <path to offline patch bundle.zip>\n\nManual patching when image profiles are used:\n\nFrom an ESXi shell, run the following command:\n\n# esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nNote the available profiles. The organization will usually want the one ending in \"-standard\".\n\n# esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nThere will be little output during the update. Once complete, reboot the host for changes to take effect."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000221","rid":"SV-ESXI-80-000221","stig_id":"ESXI-80-000221","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000221' do\n  title 'The ESXi host must have all security patches and updates installed.'\n  desc  'Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Determine the current version and build:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Summary. Note the version string next to \\\"Hypervisor:\\\".\n\n    or\n\n    From a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n    # vmware -v\n\n    If the ESXi host does not have the latest patches, this is a finding.\n\n    If the ESXi host is not on a supported release, this is a finding.\n\n    The latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\n    VMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\n    Go to: https://www.vmware.com/support/policies/security_response\n  \"\n  desc 'fix', \"\n    ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\n    Manual patching when image profiles are not used:\n\n    - Download the latest \\\"offline bundle\\\" .zip update from vmware.com. Verify the hash.\n\n    - Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n    - Put the ESXi host into maintenance mode.\n\n    - From an ESXi shell, run the following command:\n\n    esxcli software vib update -d <path to offline patch bundle.zip>\n\n    Manual patching when image profiles are used:\n\n    From an ESXi shell, run the following command:\n\n    # esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    Note the available profiles. The organization will usually want the one ending in \\\"-standard\\\".\n\n    # esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    There will be little output during the update. Once complete, reboot the host for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000221'\n  tag rid: 'SV-ESXI-80-000221'\n  tag stig_id: 'ESXI-80-000221'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).ExtensionData.Config.Product.build\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('esxiBuildNumber')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000221.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000222","title":"The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.","desc":"Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.","descriptions":[{"label":"default","data":"Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressShellWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\nIf the \"UserVars.SuppressShellWarning\" setting is not set to \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressShellWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000222","rid":"SV-ESXI-80-000222","stig_id":"ESXI-80-000222","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000222' do\n  title 'The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.'\n  desc  'Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressShellWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\n    If the \\\"UserVars.SuppressShellWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressShellWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000222'\n  tag rid: 'SV-ESXI-80-000222'\n  tag stig_id: 'ESXI-80-000222'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000222.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000223","title":"The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.","desc":"The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.","descriptions":[{"label":"default","data":"The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressHyperthreadWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\nIf the \"UserVars.SuppressHyperthreadWarning\" setting is not set to \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressHyperthreadWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000223","rid":"SV-ESXI-80-000223","stig_id":"ESXI-80-000223","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000223' do\n  title 'The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.'\n  desc  'The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\n    If the \\\"UserVars.SuppressHyperthreadWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000223'\n  tag rid: 'SV-ESXI-80-000223'\n  tag stig_id: 'ESXI-80-000223'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000223.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000224","title":"The ESXi host must verify certificates for SSL syslog endpoints.","desc":"When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.","descriptions":[{"label":"default","data":"When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server."},{"label":"rationale","data":""},{"label":"check","data":"If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logCheckSSLCerts\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\nIf the \"Syslog.global.logCheckSSLCerts\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\nFrom the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logCheckSSLCerts\" value and configure it to \"true\".\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n# <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \"true\"\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n$arguments.filename = <path/to/cacert>\n$esxcli.system.security.certificatestore.add.Invoke($arguments)"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000224","rid":"SV-ESXI-80-000224","stig_id":"ESXI-80-000224","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000224' do\n  title 'The ESXi host must verify certificates for SSL syslog endpoints.'\n  desc  'When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\n    If the \\\"Syslog.global.logCheckSSLCerts\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and configure it to \\\"true\\\".\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n    # <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \\\"true\\\"\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n    $arguments.filename = <path/to/cacert>\n    $esxcli.system.security.certificatestore.add.Invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000224'\n  tag rid: 'SV-ESXI-80-000224'\n  tag stig_id: 'ESXI-80-000224'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Where {$_.Value -match \\\"ssl\\\"} | Select-Object -ExpandProperty Value\"\n      syslogservers = powercli_command(command).stdout\n\n      if !syslogservers.empty?\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'true' }\n        end\n      else\n        impact 0.0\n        describe '' do\n          skip 'No SSL syslog targets found, this check is not applicable.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000224.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000225","title":"The ESXi host must enable volatile key destruction.","desc":"By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.","descriptions":[{"label":"default","data":"By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.MemEagerZero\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\nIf the \"Mem.MemEagerZero\" setting is not set to \"1\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.MemEagerZero\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000225","rid":"SV-ESXI-80-000225","stig_id":"ESXI-80-000225","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000225' do\n  title 'The ESXi host must enable volatile key destruction.'\n  desc  \"\n    By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\n    The NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\n    To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.MemEagerZero\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\n    If the \\\"Mem.MemEagerZero\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.MemEagerZero\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000225'\n  tag rid: 'SV-ESXI-80-000225'\n  tag stig_id: 'ESXI-80-000225'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000225.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000226","title":"The ESXi host must configure a session timeout for the vSphere API.","desc":"The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.","descriptions":[{"label":"default","data":"The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and verify it is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\nIf the \"Config.HostAgent.vmacore.soap.sessionTimeout\" setting is not set to \"30\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and configure it to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000226","rid":"SV-ESXI-80-000226","stig_id":"ESXI-80-000226","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000226' do\n  title 'The ESXi host must configure a session timeout for the vSphere API.'\n  desc  \"\n    The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\n    One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and verify it is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\n    If the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" setting is not set to \\\"30\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and configure it to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000226'\n  tag rid: 'SV-ESXI-80-000226'\n  tag stig_id: 'ESXI-80-000226'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '30' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000226.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000227","title":"The ESXi host must be configured with an appropriate maximum password age.","desc":"The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.","descriptions":[{"label":"default","data":"The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordMaxDays\" value and verify it is set to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\nIf the \"Security.PasswordMaxDays\" setting is not set to \"90\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordMaxDays\" value and configure it to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000227","rid":"SV-ESXI-80-000227","stig_id":"ESXI-80-000227","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000227' do\n  title 'The ESXi host must be configured with an appropriate maximum password age.'\n  desc  'The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordMaxDays\\\" value and verify it is set to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\n    If the \\\"Security.PasswordMaxDays\\\" setting is not set to \\\"90\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordMaxDays\\\" value and configure it to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000227'\n  tag rid: 'SV-ESXI-80-000227'\n  tag stig_id: 'ESXI-80-000227'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '90' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000227.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000228","title":"The ESXi Common Information Model (CIM) service must be disabled.","desc":"The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.","descriptions":[{"label":"default","data":"The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"CIM Server\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"}\n\nIf the \"CIM Server\" service does not have a \"Policy\" of \"off\" or is running, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"CIM Server\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000228","rid":"SV-ESXI-80-000228","stig_id":"ESXI-80-000228","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000228' do\n  title 'The ESXi Common Information Model (CIM) service must be disabled.'\n  desc  \"\n    The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\n    To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"CIM Server\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"}\n\n    If the \\\"CIM Server\\\" service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"CIM Server\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000228'\n  tag rid: 'SV-ESXI-80-000228'\n  tag stig_id: 'ESXI-80-000228'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000228.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000229","title":"The ESXi host must use DOD-approved certificates.","desc":"The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.","descriptions":[{"label":"default","data":"The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Certificate.\n\nIf the issuer is not a DOD-approved certificate authority, this is a finding.\n\nIf the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding."},{"label":"fix","data":"Join the ESXi host to vCenter before replacing the certificate.\n\nObtain a DOD-issued certificate and private key for the host following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\n\nKey format: PEM\nVMware supports PKCS8 and PKCS1 (RSA keys)\nx509 version 3\n\nSubjectAltName must contain DNS Name=<machine_FQDN>\n\nCRT (Base-64) format\n\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nStart time of one day before the current time\n\nCN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\nFrom the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\nSelect the \"vpxd.certmgmt.mode\" value and ensure it is set to \"custom\".\n\nPut the host into maintenance mode.\n\nTemporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n# mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n# mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\nCopy the new certificate and key to \"/etc/vmware/ssl/\" and rename them to \"rui.crt\" and \"rui.key\" respectively.\n\nRestart management agents to implement the new certificate:\n\n# services.sh restart"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000229","rid":"SV-ESXI-80-000229","stig_id":"ESXI-80-000229","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000229' do\n  title 'The ESXi host must use DOD-approved certificates.'\n  desc  \"\n    The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\n    The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Certificate.\n\n    If the issuer is not a DOD-approved certificate authority, this is a finding.\n\n    If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.\n  \"\n  desc 'fix', \"\n    Join the ESXi host to vCenter before replacing the certificate.\n\n    Obtain a DOD-issued certificate and private key for the host following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n\n    Key format: PEM\n    VMware supports PKCS8 and PKCS1 (RSA keys)\n    x509 version 3\n\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n\n    CRT (Base-64) format\n\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Start time of one day before the current time\n\n    CN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\n    From the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\n    Select the \\\"vpxd.certmgmt.mode\\\" value and ensure it is set to \\\"custom\\\".\n\n    Put the host into maintenance mode.\n\n    Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n    # mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n    # mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\n    Copy the new certificate and key to \\\"/etc/vmware/ssl/\\\" and rename them to \\\"rui.crt\\\" and \\\"rui.key\\\" respectively.\n\n    Restart management agents to implement the new certificate:\n\n    # services.sh restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000229'\n  tag rid: 'SV-ESXI-80-000229'\n  tag stig_id: 'ESXI-80-000229'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      describe ssl_certificate(host: \"#{vmhost}\", port: 443) do\n        its('issuer_organization') { should cmp 'U.S. Government' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000229.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000230","title":"The ESXi host Secure Shell (SSH) daemon must disable port forwarding.","desc":"While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.","descriptions":[{"label":"default","data":"While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\nExpected result:\n\nallowtcpforwarding no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nAllowTcpForwarding no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000230","rid":"SV-ESXI-80-000230","stig_id":"ESXI-80-000230","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000230' do\n  title 'The ESXi host Secure Shell (SSH) daemon must disable port forwarding.'\n  desc  'While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\n    Expected result:\n\n    allowtcpforwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    AllowTcpForwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000230'\n  tag rid: 'SV-ESXI-80-000230'\n  tag stig_id: 'ESXI-80-000230'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000230.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000231","title":"The ESXi host OpenSLP service must be disabled.","desc":"OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.","descriptions":[{"label":"default","data":"OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"slpd\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"}\n\nIf the slpd service does not have a \"Policy\" of \"off\" or is running, this is a finding."},{"label":"fix","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"slpd\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000231","rid":"SV-ESXI-80-000231","stig_id":"ESXI-80-000231","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000231' do\n  title 'The ESXi host OpenSLP service must be disabled.'\n  desc  \"\n    OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\n    Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"slpd\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"}\n\n    If the slpd service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"slpd\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000231'\n  tag rid: 'SV-ESXI-80-000231'\n  tag stig_id: 'ESXI-80-000231'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000231.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000232","title":"The ESXi host must enable audit logging.","desc":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.","descriptions":[{"label":"default","data":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\nIf the \"Syslog.global.auditRecord.storageEnable\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \"true\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000232","rid":"SV-ESXI-80-000232","stig_id":"ESXI-80-000232","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000232' do\n  title 'The ESXi host must enable audit logging.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\n    If the \\\"Syslog.global.auditRecord.storageEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000232'\n  tag rid: 'SV-ESXI-80-000232'\n  tag stig_id: 'ESXI-80-000232'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000232.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000233","title":"The ESXi host must off-load audit records via syslog.","desc":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.","descriptions":[{"label":"default","data":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.remoteEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\nIf the \"Syslog.global.auditRecord.remoteEnable\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.remoteEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \"true\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-VMM-001230","gid":"V-ESXI-80-000233","rid":"SV-ESXI-80-000233","stig_id":"ESXI-80-000233","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'ESXI-80-000233' do\n  title 'The ESXi host must off-load audit records via syslog.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\n    If the \\\"Syslog.global.auditRecord.remoteEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag gid: 'V-ESXI-80-000233'\n  tag rid: 'SV-ESXI-80-000233'\n  tag stig_id: 'ESXI-80-000233'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000233.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000234","title":"The ESXi host must enable strict x509 verification for SSL syslog endpoints.","desc":"When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.","descriptions":[{"label":"default","data":"When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations."},{"label":"rationale","data":""},{"label":"check","data":"If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.certificate.strictX509Compliance\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\nIf the \"Syslog.global.certificate.strictX509Compliance\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.certificate.strictX509Compliance\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \"true\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000234","rid":"SV-ESXI-80-000234","stig_id":"ESXI-80-000234","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000234' do\n  title 'The ESXi host must enable strict x509 verification for SSL syslog endpoints.'\n  desc  \"\n    When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \\\"x509-strict\\\" option performs additional validity checks on CA root certificates during verification.\n\n    These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\n    If the \\\"Syslog.global.certificate.strictX509Compliance\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000234'\n  tag rid: 'SV-ESXI-80-000234'\n  tag stig_id: 'ESXI-80-000234'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000234.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000235","title":"The ESXi host must forward audit records containing information to establish what type of events occurred.","desc":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.","descriptions":[{"label":"default","data":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logLevel\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\nIf the \"Syslog.global.logLevel\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logLevel\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \"info\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000037-VMM-000150","gid":"V-ESXI-80-000235","rid":"SV-ESXI-80-000235","stig_id":"ESXI-80-000235","cci":["CCI-000130"],"nist":["AU-3"]},"code":"control 'ESXI-80-000235' do\n  title 'The ESXi host must forward audit records containing information to establish what type of events occurred.'\n  desc  \"\n    Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logLevel\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\n    If the \\\"Syslog.global.logLevel\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logLevel\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag gid: 'V-ESXI-80-000235'\n  tag rid: 'SV-ESXI-80-000235'\n  tag stig_id: 'ESXI-80-000235'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000235.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000236","title":"The ESXi host must not be configured to override virtual machine (VM) configurations.","desc":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.","descriptions":[{"label":"default","data":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# stat -c \"%s\" /etc/vmware/settings\n\nExpected result:\n\n0\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# echo -n >/etc/vmware/settings"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000236","rid":"SV-ESXI-80-000236","stig_id":"ESXI-80-000236","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000236' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) configurations.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # stat -c \\\"%s\\\" /etc/vmware/settings\n\n    Expected result:\n\n    0\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # echo -n >/etc/vmware/settings\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000236'\n  tag rid: 'SV-ESXI-80-000236'\n  tag stig_id: 'ESXI-80-000236'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000236.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000237","title":"The ESXi host must not be configured to override virtual machine (VM) logger settings.","desc":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.","descriptions":[{"label":"default","data":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# grep \"^vmx\\.log\" /etc/vmware/config\n\nIf the command produces any output, this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following commands:\n\n# cp /etc/vmware/config /etc/vmware/config.bak\n# grep -v \"^vmx\\.log\" /etc/vmware/config.bak>/etc/vmware/config"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000237","rid":"SV-ESXI-80-000237","stig_id":"ESXI-80-000237","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000237' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) logger settings.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # grep \\\"^vmx\\\\.log\\\" /etc/vmware/config\n\n    If the command produces any output, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # cp /etc/vmware/config /etc/vmware/config.bak\n    # grep -v \\\"^vmx\\\\.log\\\" /etc/vmware/config.bak>/etc/vmware/config\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000237'\n  tag rid: 'SV-ESXI-80-000237'\n  tag stig_id: 'ESXI-80-000237'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000237.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000238","title":"The ESXi host must require TPM-based configuration encryption.","desc":"An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.","descriptions":[{"label":"default","data":"An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled."},{"label":"rationale","data":""},{"label":"check","data":"If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select Mode\n\nExpected result:\n\nMode: TPM\n\nIf the \"Mode\" is not set to \"TPM\", this is a finding."},{"label":"fix","data":"Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\nThis setting cannot be configured until the TPM is properly enabled in firmware.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption set --mode=TPM\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.mode = \"TPM\"\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000238","rid":"SV-ESXI-80-000238","stig_id":"ESXI-80-000238","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000238' do\n  title 'The ESXi host must require TPM-based configuration encryption.'\n  desc  \"\n    An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\n    A cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\n    Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \\\"seal\\\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\n    Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select Mode\n\n    Expected result:\n\n    Mode: TPM\n\n    If the \\\"Mode\\\" is not set to \\\"TPM\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\n    This setting cannot be configured until the TPM is properly enabled in firmware.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption set --mode=TPM\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.mode = \\\"TPM\\\"\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000238'\n  tag rid: 'SV-ESXI-80-000238'\n  tag stig_id: 'ESXI-80-000238'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'TPM' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000238.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000239","title":"The ESXi host must configure the firewall to restrict access to services running on the host.","desc":"Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.","descriptions":[{"label":"default","data":"Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nUnder the \"Allowed IP addresses\" column, review the allowed IPs for each service.\n\nCheck this for \"Incoming\" and \"Outgoing\" sections.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\"AllIPEnabled\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\nIf for an enabled service \"Allow connections from any IP address\" is selected, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nClick \"Edit...\". For each enabled service, uncheck the check box to \"Allow connections from any IP address\" and input the site-specific network(s) required.\n\nThe following example formats are acceptable:\n\n192.168.0.0/24\n192.168.1.2, 2001::1/64\nfd3e:29a6:0a81:e478::/64\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n#This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n$arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.allowedall = $false\n$esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n#Next add the allowed IPs for the service. Note doing the \"vSphere Web Client\" service this way may disable access but may be done through vCenter or through the console.\n$arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.ipaddress = \"10.0.0.0/8\"\n$esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\nThis must be done for each enabled service."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000239","rid":"SV-ESXI-80-000239","stig_id":"ESXI-80-000239","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000239' do\n  title 'The ESXi host must configure the firewall to restrict access to services running on the host.'\n  desc  'Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Under the \\\"Allowed IP addresses\\\" column, review the allowed IPs for each service.\n\n    Check this for \\\"Incoming\\\" and \\\"Outgoing\\\" sections.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\\\"AllIPEnabled\\\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\n    If for an enabled service \\\"Allow connections from any IP address\\\" is selected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Click \\\"Edit...\\\". For each enabled service, uncheck the check box to \\\"Allow connections from any IP address\\\" and input the site-specific network(s) required.\n\n    The following example formats are acceptable:\n\n    192.168.0.0/24\n    192.168.1.2, 2001::1/64\n    fd3e:29a6:0a81:e478::/64\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    #This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n    $arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.allowedall = $false\n    $esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n    #Next add the allowed IPs for the service. Note doing the \\\"vSphere Web Client\\\" service this way may disable access but may be done through vCenter or through the console.\n    $arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.ipaddress = \\\"10.0.0.0/8\\\"\n    $esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\n    This must be done for each enabled service.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000239'\n  tag rid: 'SV-ESXI-80-000239'\n  tag stig_id: 'ESXI-80-000239'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost} | Get-VMHostFirewallException | Where {$_.Enabled -eq $true}).ExtensionData.AllowedHosts.AllIP\"\n      powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n        describe result do\n          it { should_not cmp 'True' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000239.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000240","title":"The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.","desc":"If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.","descriptions":[{"label":"default","data":"If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nIf the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\nIf the method used to join hosts to a domain is not set to \"Use vSphere Authentication Proxy to add the host to domain\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to vCenter, run the following command:\n\nGet-VMHost | Select Name, ` @{N=\"HostProfile\";E={$_ | Get-VMHostProfile}}, ` @{N=\"JoinADEnabled\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\"JoinDomainMethod\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \"JoinDomainMethodPolicy\"}).Policyoption.Id}}\n\nIf \"JoinADEnabled\" is \"True\" and \"JoinDomainMethod\" is not \"FixedCAMConfigOption\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\nClick \"Edit Host Profile...\". Set the \"Join Domain Method\" to \"Use vSphere Authentication Proxy to add the host to domain\" and provide the IP address of the vSphere Authentication Proxy server.\n\nClick \"Save\"."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000240","rid":"SV-ESXI-80-000240","stig_id":"ESXI-80-000240","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000240' do\n  title 'The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.'\n  desc  \"\n    If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\n    To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    If the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\n    If the method used to join hosts to a domain is not set to \\\"Use vSphere Authentication Proxy to add the host to domain\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to vCenter, run the following command:\n\n    Get-VMHost | Select Name, ` @{N=\\\"HostProfile\\\";E={$_ | Get-VMHostProfile}}, ` @{N=\\\"JoinADEnabled\\\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\\\"JoinDomainMethod\\\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \\\"JoinDomainMethodPolicy\\\"}).Policyoption.Id}}\n\n    If \\\"JoinADEnabled\\\" is \\\"True\\\" and \\\"JoinDomainMethod\\\" is not \\\"FixedCAMConfigOption\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\n    Click \\\"Edit Host Profile...\\\". Set the \\\"Join Domain Method\\\" to \\\"Use vSphere Authentication Proxy to add the host to domain\\\" and provide the IP address of the vSphere Authentication Proxy server.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000240'\n  tag rid: 'SV-ESXI-80-000240'\n  tag stig_id: 'ESXI-80-000240'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    setimpact = true\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostProfile\"\n      hostprofile = powercli_command(command).stdout\n\n      if hostprofile.empty?\n        describe \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\" do\n          skip \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\"\n        end\n      else\n        command1 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled\"\n        adEnabled = powercli_command(command1).stdout.strip\n\n        if adEnabled.match?('True')\n          command2 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select-Object -ExpandProperty Policy | Where {$_.Id -eq 'JoinDomainMethodPolicy'} | Select-Object -ExpandProperty PolicyOption | Select-Object -ExpandProperty Id\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should cmp 'FixedCAMConfigOption' }\n          end\n          setimpact = false\n        else\n          describe \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\" do\n            skip \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No ESXi hosts found. Review inputs provided for errors and rerun profile.' do\n      skip 'No ESXi hosts found. Review inputs provided for errors and rerun profile.'\n    end\n    setimpact = false\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000240.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000241","title":"The ESXi host must not use the default Active Directory ESX Admin group.","desc":"When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.","descriptions":[{"label":"default","data":"When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted."},{"label":"rationale","data":""},{"label":"check","data":"For systems that do not use Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" value and verify it is not set to \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\nIf the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" setting is set to \"ESX Admins\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" key and configure its value to an appropriate Active Directory group other than \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \"<site specific AD group>\"\n\nNote: Changing the group name does not remove the permissions of the previous group."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000241","rid":"SV-ESXI-80-000241","stig_id":"ESXI-80-000241","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000241' do\n  title 'The ESXi host must not use the default Active Directory ESX Admin group.'\n  desc  \"\n    When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \\\"ESX Admins\\\" will have full administrative access to the host.\n\n    If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" value and verify it is not set to \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\n    If the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" setting is set to \\\"ESX Admins\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" key and configure its value to an appropriate Active Directory group other than \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \\\"<site specific AD group>\\\"\n\n    Note: Changing the group name does not remove the permissions of the previous group.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000241'\n  tag rid: 'SV-ESXI-80-000241'\n  tag stig_id: 'ESXI-80-000241'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n      domainstatus = powercli_command(command).stdout\n      if domainstatus.empty?\n        impact 0.0\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not joined to AD, so this control is not applicable.\"\n        end\n      else\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should_not cmp 'ESX Admins' }\n          its('stdout.strip') { should cmp \"#{input('adAdminGroup')}\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000241.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000243","title":"The ESXi host must configure a persistent log location for all locally stored logs.","desc":"ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.","descriptions":[{"label":"default","data":"ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logDir\" value and verify it is set to a persistent location.\n\nIf the value of the setting is \"[] /scratch/logs\", verify the advanced setting \"ScratchConfig.CurrentScratchLocation\" is not set to \"/tmp/scratch\". This is a nonpersistent location.\n\nIf \"Syslog.global.logDir\" is not configured to a persistent location, this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\nIf the \"LocalLogOutputIsPersistent\" value is not true, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logDir\" value and set it to a known persistent location.\n\nAn example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n/vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \"New Log Location\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000341-VMM-001220","gid":"V-ESXI-80-000243","rid":"SV-ESXI-80-000243","stig_id":"ESXI-80-000243","cci":["CCI-001849"],"nist":["AU-4"]},"code":"control 'ESXI-80-000243' do\n  title 'The ESXi host must configure a persistent log location for all locally stored logs.'\n  desc  \"\n    ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \\\"/scratch\\\" directory is linked to \\\"/tmp/scratch\\\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\n    This presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\n    Note: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\n    If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logDir\\\" value and verify it is set to a persistent location.\n\n    If the value of the setting is \\\"[] /scratch/logs\\\", verify the advanced setting \\\"ScratchConfig.CurrentScratchLocation\\\" is not set to \\\"/tmp/scratch\\\". This is a nonpersistent location.\n\n    If \\\"Syslog.global.logDir\\\" is not configured to a persistent location, this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\n    If the \\\"LocalLogOutputIsPersistent\\\" value is not true, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logDir\\\" value and set it to a known persistent location.\n\n    An example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n    /vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \\\"New Log Location\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000243'\n  tag rid: 'SV-ESXI-80-000243'\n  tag stig_id: 'ESXI-80-000243'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000243.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000244","title":"The ESXi host must enforce the exclusive running of executables from approved VIBs.","desc":"The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.","descriptions":[{"label":"default","data":"The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option."},{"label":"rationale","data":""},{"label":"check","data":"If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"VMkernel.Boot.execInstalledOnly\" value and verify that it is \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\nIf the \"VMkernel.Boot.execInstalledOnly\" setting is not \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"VMkernel.Boot.execInstalledOnly\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000244","rid":"SV-ESXI-80-000244","stig_id":"ESXI-80-000244","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000244' do\n  title 'The ESXi host must enforce the exclusive running of executables from approved VIBs.'\n  desc  'The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and verify that it is \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\n    If the \\\"VMkernel.Boot.execInstalledOnly\\\" setting is not \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000244'\n  tag rid: 'SV-ESXI-80-000244'\n  tag stig_id: 'ESXI-80-000244'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000244.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000245","title":"The ESXi host must use sufficient entropy for cryptographic operations.","desc":"Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero).","descriptions":[{"label":"default","data":"Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero)."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel list -o disableHwrng\n# esxcli system settings kernel list -o entropySources\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \"disableHwrng\" -or $_.Name -eq \"entropySources\"}\n\nIf \"disableHwrng\" is not set to \"false\", this is a finding.\nIf \"entropySources\" is not set to \"0\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel set -s disableHwrng -v FALSE\n# esxcli system settings kernel set -s entropySources -v 0\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n$arguments.setting = \"disableHwrng\"\n$arguments.value = \"FALSE\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n$arguments.setting = \"entropySources\"\n$arguments.value = \"0\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n\nReboot the ESXi host after updating entropy settings."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000245","rid":"SV-ESXI-80-000245","stig_id":"ESXI-80-000245","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000245' do\n  title 'The ESXi host must use sufficient entropy for cryptographic operations.'\n  desc  \"\n    Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\n    In computing, the term \\\"entropy\\\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\n    FIPS entropy handling is the default behavior if the following conditions are true:\n\n    -The hardware supports RDSEED.\n    -The disableHwrng VMkernel boot option isn't present or is FALSE.\n    -The entropySources VMkernel boot option isn't present or is 0 (zero).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel list -o disableHwrng\n    # esxcli system settings kernel list -o entropySources\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \\\"disableHwrng\\\" -or $_.Name -eq \\\"entropySources\\\"}\n\n    If \\\"disableHwrng\\\" is not set to \\\"false\\\", this is a finding.\n    If \\\"entropySources\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel set -s disableHwrng -v FALSE\n    # esxcli system settings kernel set -s entropySources -v 0\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n    $arguments.setting = \\\"disableHwrng\\\"\n    $arguments.value = \\\"FALSE\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n    $arguments.setting = \\\"entropySources\\\"\n    $arguments.value = \\\"0\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n\n    Reboot the ESXi host after updating entropy settings.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000245'\n  tag rid: 'SV-ESXI-80-000245'\n  tag stig_id: 'ESXI-80-000245'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'FALSE' }\n      end\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000245.rb"},"waiver_data":{},"results":[]},{"id":"ESXI-80-000246","title":"The ESXi host must not enable log filtering.","desc":"The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.","descriptions":[{"label":"default","data":"The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.logfilter.get.invoke()\n\nIf \"LogFilteringEnabled\" is not set to \"false\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter set --log-filtering-enabled=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n$arguments.logfilteringenabled = $false\n$esxcli.system.syslog.config.logfilter.set.invoke($arguments)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000246","rid":"SV-ESXI-80-000246","stig_id":"ESXI-80-000246","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000246' do\n  title 'The ESXi host must not enable log filtering.'\n  desc  \"\n    The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\n    Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.logfilter.get.invoke()\n\n    If \\\"LogFilteringEnabled\\\" is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter set --log-filtering-enabled=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n    $arguments.logfilteringenabled = $false\n    $esxcli.system.syslog.config.logfilter.set.invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000246'\n  tag rid: 'SV-ESXI-80-000246'\n  tag stig_id: 'ESXI-80-000246'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000246.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000189","title":"Virtual machines (VMs) must have copy operations disabled.","desc":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.","descriptions":[{"label":"default","data":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.copy.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.copy.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000189","rid":"SV-VMCH-80-000189","stig_id":"VMCH-80-000189","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000189' do\n  title 'Virtual machines (VMs) must have copy operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.copy.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.copy.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000189'\n  tag rid: 'SV-VMCH-80-000189'\n  tag stig_id: 'VMCH-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.copy.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000189.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000191","title":"Virtual machines (VMs) must have drag and drop operations disabled.","desc":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.","descriptions":[{"label":"default","data":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.dnd.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.dnd.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000191","rid":"SV-VMCH-80-000191","stig_id":"VMCH-80-000191","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000191' do\n  title 'Virtual machines (VMs) must have drag and drop operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.dnd.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.dnd.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000191'\n  tag rid: 'SV-VMCH-80-000191'\n  tag stig_id: 'VMCH-80-000191'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000191.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000192","title":"Virtual machines (VMs) must have paste operations disabled.","desc":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.","descriptions":[{"label":"default","data":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.paste.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.paste.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000192","rid":"SV-VMCH-80-000192","stig_id":"VMCH-80-000192","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000192' do\n  title 'Virtual machines (VMs) must have paste operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.paste.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.paste.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000192'\n  tag rid: 'SV-VMCH-80-000192'\n  tag stig_id: 'VMCH-80-000192'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.paste.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000192.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000193","title":"Virtual machines (VMs) must have virtual disk shrinking disabled.","desc":"Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.","descriptions":[{"label":"default","data":"Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskShrink.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskShrink.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000193","rid":"SV-VMCH-80-000193","stig_id":"VMCH-80-000193","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000193' do\n  title 'Virtual machines (VMs) must have virtual disk shrinking disabled.'\n  desc  \"\n    Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskShrink.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskShrink.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000193'\n  tag rid: 'SV-VMCH-80-000193'\n  tag stig_id: 'VMCH-80-000193'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000193.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000194","title":"Virtual machines (VMs) must have virtual disk wiping disabled.","desc":"Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.","descriptions":[{"label":"default","data":"Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskWiper.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskWiper.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000194","rid":"SV-VMCH-80-000194","stig_id":"VMCH-80-000194","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000194' do\n  title 'Virtual machines (VMs) must have virtual disk wiping disabled.'\n  desc  \"\n    Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskWiper.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskWiper.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000194'\n  tag rid: 'SV-VMCH-80-000194'\n  tag stig_id: 'VMCH-80-000194'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000194.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000195","title":"Virtual machines (VMs) must limit console sharing.","desc":"By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.","descriptions":[{"label":"default","data":"By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"RemoteDisplay.maxConnections\" value is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\nIf the virtual machine advanced setting \"RemoteDisplay.maxConnections\" does not exist or is not set to \"1\", this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"RemoteDisplay.maxConnections\" value and set it to \"1\".\n\nIf the setting does not exist, add the Name and Value setting at the bottom of screen.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000195","rid":"SV-VMCH-80-000195","stig_id":"VMCH-80-000195","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000195' do\n  title 'Virtual machines (VMs) must limit console sharing.'\n  desc  \"\n    By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\n    Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"RemoteDisplay.maxConnections\\\" value is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\n    If the virtual machine advanced setting \\\"RemoteDisplay.maxConnections\\\" does not exist or is not set to \\\"1\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"RemoteDisplay.maxConnections\\\" value and set it to \\\"1\\\".\n\n    If the setting does not exist, add the Name and Value setting at the bottom of screen.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000195'\n  tag rid: 'SV-VMCH-80-000195'\n  tag stig_id: 'VMCH-80-000195'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp '1' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000195.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000196","title":"Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.","desc":"The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.","descriptions":[{"label":"default","data":"The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.setinfo.sizeLimit\" value is set to \"1048576\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" is not set to \"1048576\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.setinfo.sizeLimit\" value and set it to \"1048576\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000196","rid":"SV-VMCH-80-000196","stig_id":"VMCH-80-000196","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000196' do\n  title 'Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.'\n  desc  \"\n    The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\n    The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.setinfo.sizeLimit\\\" value is set to \\\"1048576\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" is not set to \\\"1048576\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.setinfo.sizeLimit\\\" value and set it to \\\"1048576\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000196'\n  tag rid: 'SV-VMCH-80-000196'\n  tag stig_id: 'VMCH-80-000196'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '1048576' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000196.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000197","title":"Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.","desc":"In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device.","descriptions":[{"label":"default","data":"In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.device.connectable.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.device.connectable.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000197","rid":"SV-VMCH-80-000197","stig_id":"VMCH-80-000197","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000197' do\n  title 'Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.'\n  desc  \"\n    In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\n    By default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n    1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n    2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n    3. Modify settings on a device.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.device.connectable.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.device.connectable.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000197'\n  tag rid: 'SV-VMCH-80-000197'\n  tag stig_id: 'VMCH-80-000197'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.device.connectable.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000197.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000198","title":"Virtual machines (VMs) must not be able to obtain host information from the hypervisor.","desc":"If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.","descriptions":[{"label":"default","data":"If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.guestlib.enableHostInfo\" value is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.guestlib.enableHostInfo\" value and set it to \"false\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000198","rid":"SV-VMCH-80-000198","stig_id":"VMCH-80-000198","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000198' do\n  title 'Virtual machines (VMs) must not be able to obtain host information from the hypervisor.'\n  desc  'If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.guestlib.enableHostInfo\\\" value is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.guestlib.enableHostInfo\\\" value and set it to \\\"false\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000198'\n  tag rid: 'SV-VMCH-80-000198'\n  tag stig_id: 'VMCH-80-000198'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000198.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000199","title":"Virtual machines (VMs) must have shared salt values disabled.","desc":"When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).","descriptions":[{"label":"default","data":"When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM)."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"sched.mem.pshare.salt\" setting does not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\nIf the virtual machine advanced setting \"sched.mem.pshare.salt\" exists, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nDelete the \"sched.mem.pshare.salt\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000199","rid":"SV-VMCH-80-000199","stig_id":"VMCH-80-000199","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000199' do\n  title 'Virtual machines (VMs) must have shared salt values disabled.'\n  desc  \"\n    When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \\\"sched.mem.pshare.salt\\\".\n\n    If this option is not present in the virtual machine's advanced settings, the value of the \\\"vc.uuid\\\" option is taken as the default value. Because the \\\"vc.uuid\\\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"sched.mem.pshare.salt\\\" setting does not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\n    If the virtual machine advanced setting \\\"sched.mem.pshare.salt\\\" exists, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Delete the \\\"sched.mem.pshare.salt\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000199'\n  tag rid: 'SV-VMCH-80-000199'\n  tag stig_id: 'VMCH-80-000199'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name sched.mem.pshare.salt | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000199.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000200","title":"Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).","desc":"An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.","descriptions":[{"label":"default","data":"An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the settings with the format \"ethernet*.filter*.name\" do not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name \"ethernet*.filter*.name*\"\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and dvfilters are not in use, this is a finding.\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and the value is not valid, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nLook for settings with the format \"ethernet*.filter*.name\".\n\nEnsure only required VMs use this setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\nNote: Change the X and Y values to match the specific setting in the organization's environment.\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000200","rid":"SV-VMCH-80-000200","stig_id":"VMCH-80-000200","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000200' do\n  title 'Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).'\n  desc  'An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the settings with the format \\\"ethernet*.filter*.name\\\" do not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name \\\"ethernet*.filter*.name*\\\"\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and dvfilters are not in use, this is a finding.\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and the value is not valid, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Look for settings with the format \\\"ethernet*.filter*.name\\\".\n\n    Ensure only required VMs use this setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\n    Note: Change the X and Y values to match the specific setting in the organization's environment.\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000200'\n  tag rid: 'SV-VMCH-80-000200'\n  tag stig_id: 'VMCH-80-000200'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name ethernet*.filter* | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000200.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000201","title":"Virtual machines (VMs) must be configured to lock when the last console connection is closed.","desc":"When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.","descriptions":[{"label":"default","data":"When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nVerify the option \"Lock the guest operating system when the last remote user disconnects\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nCheck the box next to \"Lock the guest operating system when the last remote user disconnects\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000201","rid":"SV-VMCH-80-000201","stig_id":"VMCH-80-000201","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000201' do\n  title 'Virtual machines (VMs) must be configured to lock when the last console connection is closed.'\n  desc  'When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Verify the option \\\"Lock the guest operating system when the last remote user disconnects\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Check the box next to \\\"Lock the guest operating system when the last remote user disconnects\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000201'\n  tag rid: 'SV-VMCH-80-000201'\n  tag stig_id: 'VMCH-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000201.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000202","title":"Virtual machines (VMs) must disable 3D features when not required.","desc":"For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).","descriptions":[{"label":"default","data":"For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications)."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and verify the \"Enable 3D Support\" checkbox is unchecked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d\n\nIf the virtual machine advanced setting \"mks.enable3d\" exists and is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"mks.enable3d\" does not exist, this is not a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and uncheck the \"Enable 3D Support\" checkbox.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \"false\"\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000202","rid":"SV-VMCH-80-000202","stig_id":"VMCH-80-000202","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000202' do\n  title 'Virtual machines (VMs) must disable 3D features when not required.'\n  desc  'For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and verify the \\\"Enable 3D Support\\\" checkbox is unchecked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" exists and is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" does not exist, this is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and uncheck the \\\"Enable 3D Support\\\" checkbox.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \\\"false\\\"\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000202'\n  tag rid: 'SV-VMCH-80-000202'\n  tag stig_id: 'VMCH-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name mks.enable3d | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000202.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000203","title":"Virtual machines (VMs) must enable encryption for vMotion.","desc":"vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\".","descriptions":[{"label":"default","data":"vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\"."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \"disabled\")}\n\nIf the \"Encrypted vMotion\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted vMotion\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n$spec.MigrateEncryption = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000203","rid":"SV-VMCH-80-000203","stig_id":"VMCH-80-000203","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000203' do\n  title 'Virtual machines (VMs) must enable encryption for vMotion.'\n  desc  \"\n    vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\n    vSphere enables encrypted vMotion by default as \\\"Opportunistic\\\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\n    For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \\\"Required\\\", vMotions to unsupported hosts will fail. This must be set to \\\"Opportunistic\\\" or \\\"Required\\\".\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \\\"disabled\\\")}\n\n    If the \\\"Encrypted vMotion\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted vMotion\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n    $spec.MigrateEncryption = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000203'\n  tag rid: 'SV-VMCH-80-000203'\n  tag stig_id: 'VMCH-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['opportunistic', 'required']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.MigrateEncryption\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000203.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000204","title":"Virtual machines (VMs) must enable encryption for Fault Tolerance.","desc":"Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.","descriptions":[{"label":"default","data":"Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption."},{"label":"rationale","data":""},{"label":"check","data":"If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionOpportunistic\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionRequired\")}\n\nIf the \"Encrypted FT\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted FT\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n$spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000204","rid":"SV-VMCH-80-000204","stig_id":"VMCH-80-000204","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000204' do\n  title 'Virtual machines (VMs) must enable encryption for Fault Tolerance.'\n  desc  \"\n    Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\n    vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\n    When Fault Tolerance is turned on, FT encryption is set to \\\"Opportunistic\\\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionOpportunistic\\\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionRequired\\\")}\n\n    If the \\\"Encrypted FT\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted FT\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n    $spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000204'\n  tag rid: 'SV-VMCH-80-000204'\n  tag stig_id: 'VMCH-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['ftEncryptionOpportunistic', 'ftEncryptionRequired']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.FtEncryptionMode\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000204.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000205","title":"Virtual machines (VMs) must configure log size.","desc":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.","descriptions":[{"label":"default","data":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.rotateSize\" value is set to \"2048000\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize\n\nIf the virtual machine advanced setting \"log.rotateSize\" is not set to \"2048000\", this is a finding.\n\nIf the virtual machine advanced setting \"log.rotateSize\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.rotateSize\" value and set it to \"2048000\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000205","rid":"SV-VMCH-80-000205","stig_id":"VMCH-80-000205","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000205' do\n  title 'Virtual machines (VMs) must configure log size.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.rotateSize\\\" value is set to \\\"2048000\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" is not set to \\\"2048000\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.rotateSize\\\" value and set it to \\\"2048000\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000205'\n  tag rid: 'SV-VMCH-80-000205'\n  tag stig_id: 'VMCH-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.rotateSize | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '2048000' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000205.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000206","title":"Virtual machines (VMs) must configure log retention.","desc":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.","descriptions":[{"label":"default","data":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.keepOld\" value is set to \"10\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld\n\nIf the virtual machine advanced setting \"log.keepOld\" is not set to \"10\", this is a finding.\n\nIf the virtual machine advanced setting \"log.keepOld\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.keepOld\" value and set it to \"10\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000206","rid":"SV-VMCH-80-000206","stig_id":"VMCH-80-000206","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000206' do\n  title 'Virtual machines (VMs) must configure log retention.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.keepOld\\\" value is set to \\\"10\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" is not set to \\\"10\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.keepOld\\\" value and set it to \\\"10\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000206'\n  tag rid: 'SV-VMCH-80-000206'\n  tag stig_id: 'VMCH-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.keepOld | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '10' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000206.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000207","title":"Virtual machines (VMs) must enable logging.","desc":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.","descriptions":[{"label":"default","data":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nEnsure that the checkbox next to \"Enable logging\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \"True\"}\n\nIf logging is not enabled, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nClick the checkbox next to \"Enable logging\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n$spec.Flags.enableLogging = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000207","rid":"SV-VMCH-80-000207","stig_id":"VMCH-80-000207","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000207' do\n  title 'Virtual machines (VMs) must enable logging.'\n  desc  'The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Ensure that the checkbox next to \\\"Enable logging\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \\\"True\\\"}\n\n    If logging is not enabled, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Click the checkbox next to \\\"Enable logging\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n    $spec.Flags.enableLogging = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000207'\n  tag rid: 'SV-VMCH-80-000207'\n  tag stig_id: 'VMCH-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Flags.EnableLogging\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000207.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000208","title":"Virtual machines (VMs) must not use independent, non-persistent disks.","desc":"The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.","descriptions":[{"label":"default","data":"The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\nIf the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the target hard disk and change the mode to persistent or uncheck Independent.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\nor\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence Persistent"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000208","rid":"SV-VMCH-80-000208","stig_id":"VMCH-80-000208","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000208' do\n  title 'Virtual machines (VMs) must not use independent, non-persistent disks.'\n  desc  \"\n    The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\n    There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\n    If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the target hard disk and change the mode to persistent or uncheck Independent.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\n    or\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence Persistent\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000208'\n  tag rid: 'SV-VMCH-80-000208'\n  tag stig_id: 'VMCH-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-HardDisk | Select-Object -ExpandProperty Persistence\"\n      results = powercli_command(command)\n      results.stdout.split.each do |disk|\n        describe \"Checking the VM: #{vm} for Non-Persistent Hard Disks\" do\n          subject { disk }\n          it { should_not cmp 'IndependentNonPersistent' }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000208.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000209","title":"Virtual machines (VMs) must remove unneeded floppy devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\nIf a virtual machine has a floppy drive connected, this is a finding."},{"label":"fix","data":"Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a floppy drive.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-FloppyDrive | Remove-FloppyDrive"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000209","rid":"SV-VMCH-80-000209","stig_id":"VMCH-80-000209","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000209' do\n  title 'Virtual machines (VMs) must remove unneeded floppy devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\n    If a virtual machine has a floppy drive connected, this is a finding.\n  \"\n  desc 'fix', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a floppy drive.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-FloppyDrive | Remove-FloppyDrive\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000209'\n  tag rid: 'SV-VMCH-80-000209'\n  tag stig_id: 'VMCH-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-FloppyDrive\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for Floppy drives\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000209.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000210","title":"Virtual machines (VMs) must remove unneeded CD/DVD devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no CD/DVD drives are connected.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\nIf a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the CD/DVD drive and uncheck \"Connected\" and \"Connect at power on\" and remove any attached ISOs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-CDDrive | Set-CDDrive -NoMedia"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000210","rid":"SV-VMCH-80-000210","stig_id":"VMCH-80-000210","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000210' do\n  title 'Virtual machines (VMs) must remove unneeded CD/DVD devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no CD/DVD drives are connected.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\n    If a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the CD/DVD drive and uncheck \\\"Connected\\\" and \\\"Connect at power on\\\" and remove any attached ISOs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-CDDrive | Set-CDDrive -NoMedia\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000210'\n  tag rid: 'SV-VMCH-80-000210'\n  tag stig_id: 'VMCH-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}' | Get-CDDrive).ExtensionData.connectable.connected\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000210.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000211","title":"Virtual machines (VMs) must remove unneeded parallel devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"parallel\"}\n\nIf a virtual machine has a parallel device present, this is a finding."},{"label":"fix","data":"Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a parallel device.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \"Parallel\"}\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n$spec.DeviceChange[-1].device = $pport\n$spec.DeviceChange[-1].operation = \"remove\"\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000211","rid":"SV-VMCH-80-000211","stig_id":"VMCH-80-000211","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000211' do\n  title 'Virtual machines (VMs) must remove unneeded parallel devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"parallel\\\"}\n\n    If a virtual machine has a parallel device present, this is a finding.\n  \"\n  desc 'fix', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a parallel device.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \\\"Parallel\\\"}\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n    $spec.DeviceChange[-1].device = $pport\n    $spec.DeviceChange[-1].operation = \\\"remove\\\"\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000211'\n  tag rid: 'SV-VMCH-80-000211'\n  tag stig_id: 'VMCH-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for parallel devices\" do\n        subject { result }\n        it { should_not match 'Parallel' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000211.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000212","title":"Virtual machines (VMs) must remove unneeded serial devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no serial devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"serial\"}\n\nIf a virtual machine has a serial device present, this is a finding."},{"label":"fix","data":"The VM must be powered off to remove a serial device.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the serial device, click the circled \"X\" to remove it, and click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000212","rid":"SV-VMCH-80-000212","stig_id":"VMCH-80-000212","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000212' do\n  title 'Virtual machines (VMs) must remove unneeded serial devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no serial devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"serial\\\"}\n\n    If a virtual machine has a serial device present, this is a finding.\n  \"\n  desc  'fix', \"\n    The VM must be powered off to remove a serial device.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the serial device, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000212'\n  tag rid: 'SV-VMCH-80-000212'\n  tag stig_id: 'VMCH-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for serial devices\" do\n        subject { result }\n        it { should_not match 'Serial' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000212.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000213","title":"Virtual machines (VMs) must remove unneeded USB devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no USB devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"usb\"}\nGet-VM | Get-UsbDevice\n\nIf a virtual machine has any USB devices or USB controllers present, this is a finding.\n\nIf USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the USB controller, click the circled \"X\" to remove it, and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-USBDevice | Remove-USBDevice\n\nNote:  This will not remove the USB controller, just any connected devices."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000213","rid":"SV-VMCH-80-000213","stig_id":"VMCH-80-000213","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000213' do\n  title 'Virtual machines (VMs) must remove unneeded USB devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no USB devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"usb\\\"}\n    Get-VM | Get-UsbDevice\n\n    If a virtual machine has any USB devices or USB controllers present, this is a finding.\n\n    If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the USB controller, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-USBDevice | Remove-USBDevice\n\n    Note:  This will not remove the USB controller, just any connected devices.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000213'\n  tag rid: 'SV-VMCH-80-000213'\n  tag stig_id: 'VMCH-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for USB devices\" do\n        subject { result }\n        it { should_not match 'USB' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000213.rb"},"waiver_data":{},"results":[]},{"id":"VMCH-80-000214","title":"Virtual machines (VMs) must disable DirectPath I/O devices when not required.","desc":"VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.","descriptions":[{"label":"default","data":"VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, view the Summary tab.\n\nReview the PCI devices section and verify none exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice\n\nIf the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding."},{"label":"fix","data":"From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\nFind the unexpected PCI device returned from the check.\n\nHover the mouse over the device and click the circled \"X\" to remove the device. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice | Remove-PassthroughDevice"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000214","rid":"SV-VMCH-80-000214","stig_id":"VMCH-80-000214","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000214' do\n  title 'Virtual machines (VMs) must disable DirectPath I/O devices when not required.'\n  desc  'VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, view the Summary tab.\n\n    Review the PCI devices section and verify none exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice\n\n    If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\n    Find the unexpected PCI device returned from the check.\n\n    Hover the mouse over the device and click the circled \\\"X\\\" to remove the device. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice | Remove-PassthroughDevice\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000214'\n  tag rid: 'SV-VMCH-80-000214'\n  tag stig_id: 'VMCH-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-PassthroughDevice\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for PCI passthrough devices\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000214.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000009","title":"The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.","desc":"Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.","descriptions":[{"label":"default","data":"Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol."},{"label":"rationale","data":""},{"label":"check","data":"At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\nIf the output indicates versions of TLS other than 1.2 are enabled, this is a finding."},{"label":"fix","data":"At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\nvCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\nThe \"--no-restart\" flag can be added to restart services at a later time.\n\nChanges will not take effect until all services are restarted or the appliance is rebooted."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-APP-000014","satisfies":["SRG-APP-000156","SRG-APP-000157","SRG-APP-000219","SRG-APP-000439","SRG-APP-000440","SRG-APP-000441","SRG-APP-000442","SRG-APP-000560","SRG-APP-000565","SRG-APP-000625","SRG-APP-000645"],"gid":"V-VCSA-80-000009","rid":"SV-VCSA-80-000009","stig_id":"VCSA-80-000009","cci":["CCI-000068","CCI-000382","CCI-001184","CCI-001453","CCI-001941","CCI-001942","CCI-002418","CCI-002420","CCI-002421","CCI-002422","CCI-002450"],"nist":["AC-17 (2)","CM-7 b","IA-2 (8)","IA-2 (9)","SC-13","SC-23","SC-8","SC-8 (1)","SC-8 (2)"]},"code":"control 'VCSA-80-000009' do\n  title 'The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.'\n  desc  'Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.'\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\n    If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\n    vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\n    The \\\"--no-restart\\\" flag can be added to restart services at a later time.\n\n    Changes will not take effect until all services are restarted or the appliance is rebooted.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000014'\n  tag satisfies: ['SRG-APP-000156', 'SRG-APP-000157', 'SRG-APP-000219', 'SRG-APP-000439', 'SRG-APP-000440', 'SRG-APP-000441', 'SRG-APP-000442', 'SRG-APP-000560', 'SRG-APP-000565', 'SRG-APP-000625', 'SRG-APP-000645']\n  tag gid: 'V-VCSA-80-000009'\n  tag rid: 'SV-VCSA-80-000009'\n  tag stig_id: 'VCSA-80-000009'\n  tag cci: ['CCI-000068', 'CCI-000382', 'CCI-001184', 'CCI-001453', 'CCI-001941', 'CCI-001942', 'CCI-002418', 'CCI-002420', 'CCI-002421', 'CCI-002422', 'CCI-002450']\n  tag nist: ['AC-17 (2)', 'CM-7 b', 'IA-2 (8)', 'IA-2 (9)', 'SC-13', 'SC-23', 'SC-8', 'SC-8 (1)', 'SC-8 (2)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000009.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000023","title":"The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.","desc":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.","descriptions":[{"label":"default","data":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nThe following lockout policy should be set as follows:\n\nMaximum number of failed login attempts: 3\n\nIf this account lockout policy is not configured as stated, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Maximum number of failed login attempts\" to \"3\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000065","gid":"V-VCSA-80-000023","rid":"SV-VCSA-80-000023","stig_id":"VCSA-80-000023","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'VCSA-80-000023' do\n  title 'The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    The following lockout policy should be set as follows:\n\n    Maximum number of failed login attempts: 3\n\n    If this account lockout policy is not configured as stated, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Maximum number of failed login attempts\\\" to \\\"3\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000065'\n  tag gid: 'V-VCSA-80-000023'\n  tag rid: 'SV-VCSA-80-000023'\n  tag stig_id: 'VCSA-80-000023'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  command = '(Get-SsoLockoutPolicy).MaxFailedAttempts'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '3' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000023.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000024","title":"The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.","desc":"Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nIf the selection box next to \"Show login message\" is disabled, \"Details of login message\" is not configured to the standard DOD User Agreement, or the \"Consent checkbox\" is disabled, this is a finding.\n\nNote: Refer to vulnerability discussion for user agreement language."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nClick \"Edit\".\n\nClick the \"Show login message\" slider to enable.\n\nConfigure the \"Login message\" to \"DOD User Agreement\".\n\nClick the \"Consent checkbox\" slider to enable.\n\nSet the \"Details of login message\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\nClick \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000068","satisfies":["SRG-APP-000069","SRG-APP-000070"],"gid":"V-VCSA-80-000024","rid":"SV-VCSA-80-000024","stig_id":"VCSA-80-000024","cci":["CCI-000048","CCI-000050","CCI-001384"],"nist":["AC-8 a","AC-8 b","AC-8 c 1"]},"code":"control 'VCSA-80-000024' do\n  title 'The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.'\n  desc  \"\n    Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    If the selection box next to \\\"Show login message\\\" is disabled, \\\"Details of login message\\\" is not configured to the standard DOD User Agreement, or the \\\"Consent checkbox\\\" is disabled, this is a finding.\n\n    Note: Refer to vulnerability discussion for user agreement language.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Show login message\\\" slider to enable.\n\n    Configure the \\\"Login message\\\" to \\\"DOD User Agreement\\\".\n\n    Click the \\\"Consent checkbox\\\" slider to enable.\n\n    Set the \\\"Details of login message\\\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000068'\n  tag satisfies: ['SRG-APP-000069', 'SRG-APP-000070']\n  tag gid: 'V-VCSA-80-000024'\n  tag rid: 'SV-VCSA-80-000024'\n  tag stig_id: 'VCSA-80-000024'\n  tag cci: ['CCI-000048', 'CCI-000050', 'CCI-001384']\n  tag nist: ['AC-8 a', 'AC-8 b', 'AC-8 c 1']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000024.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000034","title":"The vCenter Server must produce audit records containing information to establish what type of events occurred.","desc":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.","descriptions":[{"label":"default","data":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify the \"config.log.level\" value is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \"info\".\n\nIf the \"config.log.level\" value is not set to \"info\" or does not exist, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.log.level\" setting to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000095","gid":"V-VCSA-80-000034","rid":"SV-VCSA-80-000034","stig_id":"VCSA-80-000034","cci":["CCI-000130"],"nist":["AU-3"]},"code":"control 'VCSA-80-000034' do\n  title 'The vCenter Server must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify the \\\"config.log.level\\\" value is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \\\"info\\\".\n\n    If the \\\"config.log.level\\\" value is not set to \\\"info\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.log.level\\\" setting to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000095'\n  tag gid: 'V-VCSA-80-000034'\n  tag rid: 'SV-VCSA-80-000034'\n  tag stig_id: 'VCSA-80-000034'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'info' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000034.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000057","title":"vCenter Server plugins must be verified.","desc":"The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.","descriptions":[{"label":"default","data":"The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\nView the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\nIf any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \"Disable\".\n\nIf the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\nTo uninstall plug-ins, do the following:\n\nIf vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\nIn a web browser, navigate to \"http://vCenter_Server_name_or_IP/mob\", where \"vCenter_Server_name_or_IP/mob\" is the name of the vCenter Server or its IP address.\n\nClick \"Content\".\n\nClick \"ExtensionManager\".\n\nSelect and copy the name of the plug-in to be removed from the list of values under \"Properties\".\n\nClick \"UnregisterExtension\". A new window appears.\n\nPaste the name of the plug-in and click \"Invoke Method\". This removes the plug-in.\n\nClose the window.\n\nRefresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\nNote: If the plug-in still appears, restart the vSphere Client.\n\nNote: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000141","gid":"V-VCSA-80-000057","rid":"SV-VCSA-80-000057","stig_id":"VCSA-80-000057","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'VCSA-80-000057' do\n  title 'vCenter Server plugins must be verified.'\n  desc  \"\n    The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\n    vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\n    Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\n    View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\n    If any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \\\"Disable\\\".\n\n    If the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\n    To uninstall plug-ins, do the following:\n\n    If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\n    In a web browser, navigate to \\\"http://vCenter_Server_name_or_IP/mob\\\", where \\\"vCenter_Server_name_or_IP/mob\\\" is the name of the vCenter Server or its IP address.\n\n    Click \\\"Content\\\".\n\n    Click \\\"ExtensionManager\\\".\n\n    Select and copy the name of the plug-in to be removed from the list of values under \\\"Properties\\\".\n\n    Click \\\"UnregisterExtension\\\". A new window appears.\n\n    Paste the name of the plug-in and click \\\"Invoke Method\\\". This removes the plug-in.\n\n    Close the window.\n\n    Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\n    Note: If the plug-in still appears, restart the vSphere Client.\n\n    Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000141'\n  tag gid: 'V-VCSA-80-000057'\n  tag rid: 'SV-VCSA-80-000057'\n  tag stig_id: 'VCSA-80-000057'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000057.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000059","title":"The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.","desc":"To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.","descriptions":[{"label":"default","data":"To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the identity provider type is \"embedded\" and there is no identity source of type \"Active Directory\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\nIf the identity provider type is \"Microsoft ADFS\" or another supported identity provider, this is NOT a finding."},{"label":"fix","data":"When using the embedded identity provider type, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\nClick \"Add\".\n\nSelect either \"Active Directory over LDAP\" or \"Active Directory (Windows Integrated Authentication)\" and configure appropriately.\n\nNote: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\nOR\n\nTo change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick \"Change Identity Provider\".\n\nSelect \"Microsoft ADFS\" and click \"Next\".\n\nEnter the ADFS server information and User and Group details and click \"Finish\".\n\nFor additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000148","satisfies":["SRG-APP-000153","SRG-APP-000163","SRG-APP-000180","SRG-APP-000234"],"gid":"V-VCSA-80-000059","rid":"SV-VCSA-80-000059","stig_id":"VCSA-80-000059","cci":["CCI-000764","CCI-000770","CCI-000795","CCI-000804","CCI-001682"],"nist":["AC-2 (2)","IA-2","IA-2 (5)","IA-4 e","IA-8"]},"code":"control 'VCSA-80-000059' do\n  title 'The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.'\n  desc  \"\n    To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n    (i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n    (ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\n    Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the identity provider type is \\\"embedded\\\" and there is no identity source of type \\\"Active Directory\\\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\n    If the identity provider type is \\\"Microsoft ADFS\\\" or another supported identity provider, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    When using the embedded identity provider type, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\n    Click \\\"Add\\\".\n\n    Select either \\\"Active Directory over LDAP\\\" or \\\"Active Directory (Windows Integrated Authentication)\\\" and configure appropriately.\n\n    Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\n    OR\n\n    To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click \\\"Change Identity Provider\\\".\n\n    Select \\\"Microsoft ADFS\\\" and click \\\"Next\\\".\n\n    Enter the ADFS server information and User and Group details and click \\\"Finish\\\".\n\n    For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000148'\n  tag satisfies: ['SRG-APP-000153', 'SRG-APP-000163', 'SRG-APP-000180', 'SRG-APP-000234']\n  tag gid: 'V-VCSA-80-000059'\n  tag rid: 'SV-VCSA-80-000059'\n  tag stig_id: 'VCSA-80-000059'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-000795', 'CCI-000804', 'CCI-001682']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-4 e', 'IA-8']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000059.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000060","title":"The vCenter Server must require multifactor authentication.","desc":"Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric).","descriptions":[{"label":"default","data":"Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric)."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the embedded identity provider is used, click on \"Smart Card Authentication\".\n\nIf the embedded identity provider is used and \"Smart Card Authentication\" is not enabled, this is a finding.\n\nIf a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding."},{"label":"fix","data":"To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\nFor vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000149","satisfies":["SRG-APP-000080","SRG-APP-000150","SRG-APP-000391","SRG-APP-000402"],"gid":"V-VCSA-80-000060","rid":"SV-VCSA-80-000060","stig_id":"VCSA-80-000060","cci":["CCI-000166","CCI-000765","CCI-000766","CCI-001953","CCI-002009"],"nist":["AU-10","IA-2 (1)","IA-2 (12)","IA-2 (2)","IA-8 (1)"]},"code":"control 'VCSA-80-000060' do\n  title 'The vCenter Server must require multifactor authentication.'\n  desc  \"\n    Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\n    Multifactor authentication requires using two or more factors to achieve authentication.\n\n    Factors include:\n    (i) something a user knows (e.g., password/PIN);\n    (ii) something a user has (e.g., cryptographic identification device, token); or\n    (iii) something a user is (e.g., biometric).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the embedded identity provider is used, click on \\\"Smart Card Authentication\\\".\n\n    If the embedded identity provider is used and \\\"Smart Card Authentication\\\" is not enabled, this is a finding.\n\n    If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.\n  \"\n  desc 'fix', \"\n    To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\n    For vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000149'\n  tag satisfies: ['SRG-APP-000080', 'SRG-APP-000150', 'SRG-APP-000391', 'SRG-APP-000402']\n  tag gid: 'V-VCSA-80-000060'\n  tag rid: 'SV-VCSA-80-000060'\n  tag stig_id: 'VCSA-80-000060'\n  tag cci: ['CCI-000166', 'CCI-000765', 'CCI-000766', 'CCI-001953', 'CCI-002009']\n  tag nist: ['AU-10', 'IA-2 (1)', 'IA-2 (12)', 'IA-2 (2)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    command = '(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled'\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000060.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000069","title":"The vCenter Server passwords must be at least 15 characters in length.","desc":"The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.","descriptions":[{"label":"default","data":"The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Minimum Length\" setting.\n\nMinimum Length: 15\n\nIf the password policy is not configured with a \"Minimum Length\" policy of \"15\" or more, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Minimum Length\" to \"15\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000164","gid":"V-VCSA-80-000069","rid":"SV-VCSA-80-000069","stig_id":"VCSA-80-000069","cci":["CCI-000205"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000069' do\n  title 'The vCenter Server passwords must be at least 15 characters in length.'\n  desc  \"\n    The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Minimum Length\\\" setting.\n\n    Minimum Length: 15\n\n    If the password policy is not configured with a \\\"Minimum Length\\\" policy of \\\"15\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Minimum Length\\\" to \\\"15\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000164'\n  tag gid: 'V-VCSA-80-000069'\n  tag rid: 'SV-VCSA-80-000069'\n  tag stig_id: 'VCSA-80-000069'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLength'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 15 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000069.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000070","title":"The vCenter Server must prohibit password reuse for a minimum of five generations.","desc":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.","descriptions":[{"label":"default","data":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Restrict reuse\" setting.\n\nRestrict reuse: Users cannot reuse any previous 5 passwords\n\nIf the password policy is not configured with a \"Restrict reuse\" policy of \"5\" or more, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Restrict reuse\" to \"5\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000165","gid":"V-VCSA-80-000070","rid":"SV-VCSA-80-000070","stig_id":"VCSA-80-000070","cci":["CCI-000200"],"nist":["IA-5 (1) (e)"]},"code":"control 'VCSA-80-000070' do\n  title 'The vCenter Server must prohibit password reuse for a minimum of five generations.'\n  desc  \"\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    To meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\n    If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Restrict reuse\\\" setting.\n\n    Restrict reuse: Users cannot reuse any previous 5 passwords\n\n    If the password policy is not configured with a \\\"Restrict reuse\\\" policy of \\\"5\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Restrict reuse\\\" to \\\"5\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000165'\n  tag gid: 'V-VCSA-80-000070'\n  tag rid: 'SV-VCSA-80-000070'\n  tag stig_id: 'VCSA-80-000070'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  command = '(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 5 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000070.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000071","title":"The vCenter Server passwords must contain at least one uppercase character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 uppercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more uppercase characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"uppercase characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000166","gid":"V-VCSA-80-000071","rid":"SV-VCSA-80-000071","stig_id":"VCSA-80-000071","cci":["CCI-000192"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000071' do\n  title 'The vCenter Server passwords must contain at least one uppercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 uppercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more uppercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"uppercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000166'\n  tag gid: 'V-VCSA-80-000071'\n  tag rid: 'SV-VCSA-80-000071'\n  tag stig_id: 'VCSA-80-000071'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinUppercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000071.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000072","title":"The vCenter Server passwords must contain at least one lowercase character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 lowercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more lowercase characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"lowercase characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000167","gid":"V-VCSA-80-000072","rid":"SV-VCSA-80-000072","stig_id":"VCSA-80-000072","cci":["CCI-000193"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000072' do\n  title 'The vCenter Server passwords must contain at least one lowercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 lowercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more lowercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"lowercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000167'\n  tag gid: 'V-VCSA-80-000072'\n  tag rid: 'SV-VCSA-80-000072'\n  tag stig_id: 'VCSA-80-000072'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLowercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000072.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000073","title":"The vCenter Server passwords must contain at least one numeric character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 numeric characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more numeric characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"numeric characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000168","gid":"V-VCSA-80-000073","rid":"SV-VCSA-80-000073","stig_id":"VCSA-80-000073","cci":["CCI-000194"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000073' do\n  title 'The vCenter Server passwords must contain at least one numeric character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 numeric characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more numeric characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"numeric characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000168'\n  tag gid: 'V-VCSA-80-000073'\n  tag rid: 'SV-VCSA-80-000073'\n  tag stig_id: 'VCSA-80-000073'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinNumericCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000073.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000074","title":"The vCenter Server passwords must contain at least one special character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 special characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more special characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"special characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000169","gid":"V-VCSA-80-000074","rid":"SV-VCSA-80-000074","stig_id":"VCSA-80-000074","cci":["CCI-001619"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000074' do\n  title 'The vCenter Server passwords must contain at least one special character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\n    Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 special characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more special characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"special characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000169'\n  tag gid: 'V-VCSA-80-000074'\n  tag rid: 'SV-VCSA-80-000074'\n  tag stig_id: 'VCSA-80-000074'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinSpecialCharCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000074.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000077","title":"The vCenter Server must enable FIPS-validated cryptography.","desc":"FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.","descriptions":[{"label":"default","data":"FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Web Client, go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> GET.\n\nClick \"Execute\" and then \"Copy Response\" to view the results.\n\nExample response:\n\n{\n    \"enabled\": true\n}\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nInvoke-GetSystemGlobalFips\n\nIf global FIPS mode is not enabled, this is a finding."},{"label":"fix","data":"From the vSphere Web Client go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> PUT.\n\nIn the response body under \"Try it out\" paste the following:\n\n{\n    \"enabled\": true\n}\n\nClick \"Execute\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\nNote: The vCenter server reboots after FIPS is enabled or disabled."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-APP-000172","satisfies":["SRG-APP-000179","SRG-APP-000224","SRG-APP-000231","SRG-APP-000412","SRG-APP-000514","SRG-APP-000555","SRG-APP-000600","SRG-APP-000610","SRG-APP-000620","SRG-APP-000630","SRG-APP-000635"],"gid":"V-VCSA-80-000077","rid":"SV-VCSA-80-000077","stig_id":"VCSA-80-000077","cci":["CCI-000197","CCI-000803","CCI-001188","CCI-001199","CCI-001967","CCI-002450","CCI-003123"],"nist":["IA-3 (1)","IA-5 (1) (c)","IA-7","MA-4 (6)","SC-13","SC-23 (3)","SC-28"]},"code":"control 'VCSA-80-000077' do\n  title 'The vCenter Server must enable FIPS-validated cryptography.'\n  desc  \"\n    FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\n    In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\n    vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> GET.\n\n    Click \\\"Execute\\\" and then \\\"Copy Response\\\" to view the results.\n\n    Example response:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Invoke-GetSystemGlobalFips\n\n    If global FIPS mode is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Web Client go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> PUT.\n\n    In the response body under \\\"Try it out\\\" paste the following:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    Click \\\"Execute\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\n    Note: The vCenter server reboots after FIPS is enabled or disabled.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000172'\n  tag satisfies: ['SRG-APP-000179', 'SRG-APP-000224', 'SRG-APP-000231', 'SRG-APP-000412', 'SRG-APP-000514', 'SRG-APP-000555', 'SRG-APP-000600', 'SRG-APP-000610', 'SRG-APP-000620', 'SRG-APP-000630', 'SRG-APP-000635']\n  tag gid: 'V-VCSA-80-000077'\n  tag rid: 'SV-VCSA-80-000077'\n  tag stig_id: 'VCSA-80-000077'\n  tag cci: ['CCI-000197', 'CCI-000803', 'CCI-001188', 'CCI-001199', 'CCI-001967', 'CCI-002450', 'CCI-003123']\n  tag nist: ['IA-3 (1)', 'IA-5 (1) (c)', 'IA-7', 'MA-4 (6)', 'SC-13', 'SC-23 (3)', 'SC-28']\n\n  command = 'Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'True' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000077.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000079","title":"The vCenter Server must enforce a 90-day maximum password lifetime restriction.","desc":"Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.","descriptions":[{"label":"default","data":"Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Maximum lifetime\" setting.\n\nMaximum lifetime: Password must be changed every 90 days\n\nIf the password policy is not configured with \"Maximum lifetime\" policy of \"90\" or less, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"Maximum lifetime\" to \"90\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000174","gid":"V-VCSA-80-000079","rid":"SV-VCSA-80-000079","stig_id":"VCSA-80-000079","cci":["CCI-000199"],"nist":["IA-5 (1) (d)"]},"code":"control 'VCSA-80-000079' do\n  title 'The vCenter Server must enforce a 90-day maximum password lifetime restriction.'\n  desc  \"\n    Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\n    One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\n    This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Maximum lifetime\\\" setting.\n\n    Maximum lifetime: Password must be changed every 90 days\n\n    If the password policy is not configured with \\\"Maximum lifetime\\\" policy of \\\"90\\\" or less, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"Maximum lifetime\\\" to \\\"90\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000174'\n  tag gid: 'V-VCSA-80-000079'\n  tag rid: 'SV-VCSA-80-000079'\n  tag stig_id: 'VCSA-80-000079'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  command = '(Get-SsoPasswordPolicy).PasswordLifetimeDays'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp <= 90 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000079.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000080","title":"The vCenter Server must enable revocation checking for certificate-based authentication.","desc":"The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.","descriptions":[{"label":"default","data":"The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking."},{"label":"rationale","data":""},{"label":"check","data":"If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, verify \"Revocation check\" does not show as disabled.\n\nIf \"Revocation check\" shows as disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, click the \"Edit\" button.\n\nConfigure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\nBy default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000175","satisfies":["SRG-APP-000392","SRG-APP-000401","SRG-APP-000403"],"gid":"V-VCSA-80-000080","rid":"SV-VCSA-80-000080","stig_id":"VCSA-80-000080","cci":["CCI-000185","CCI-001954","CCI-001991","CCI-002010"],"nist":["IA-2 (12)","IA-5 (2) (a)","IA-5 (2) (d)","IA-8 (1)"]},"code":"control 'VCSA-80-000080' do\n  title 'The vCenter Server must enable revocation checking for certificate-based authentication.'\n  desc  'The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, verify \\\"Revocation check\\\" does not show as disabled.\n\n    If \\\"Revocation check\\\" shows as disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, click the \\\"Edit\\\" button.\n\n    Configure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\n    By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000175'\n  tag satisfies: ['SRG-APP-000392', 'SRG-APP-000401', 'SRG-APP-000403']\n  tag gid: 'V-VCSA-80-000080'\n  tag rid: 'SV-VCSA-80-000080'\n  tag stig_id: 'VCSA-80-000080'\n  tag cci: ['CCI-000185', 'CCI-001954', 'CCI-001991', 'CCI-002010']\n  tag nist: ['IA-2 (12)', 'IA-5 (2) (a)', 'IA-5 (2) (d)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    describe.one do\n      describe powercli_command('(Get-SsoAuthenticationPolicy).OCSPEnabled') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).UseInCertCRL') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).CRLUrl') do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000080.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000089","title":"The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.","desc":"Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.","descriptions":[{"label":"default","data":"Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nView the value of the \"Session timeout\" setting.\n\nIf the \"Session timeout\" is not set to \"15 minute(s)\" or less this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nClick \"Edit\" and enter \"15\" minutes into the \"Session timeout\" setting. Click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000190","satisfies":["SRG-APP-000295","SRG-APP-000389"],"gid":"V-VCSA-80-000089","rid":"SV-VCSA-80-000089","stig_id":"VCSA-80-000089","cci":["CCI-001133","CCI-002038","CCI-002361"],"nist":["AC-12","IA-11","SC-10"]},"code":"control 'VCSA-80-000089' do\n  title 'The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.'\n  desc  'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    View the value of the \\\"Session timeout\\\" setting.\n\n    If the \\\"Session timeout\\\" is not set to \\\"15 minute(s)\\\" or less this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    Click \\\"Edit\\\" and enter \\\"15\\\" minutes into the \\\"Session timeout\\\" setting. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000190'\n  tag satisfies: ['SRG-APP-000295', 'SRG-APP-000389']\n  tag gid: 'V-VCSA-80-000089'\n  tag rid: 'SV-VCSA-80-000089'\n  tag stig_id: 'VCSA-80-000089'\n  tag cci: ['CCI-001133', 'CCI-002038', 'CCI-002361']\n  tag nist: ['AC-12', 'IA-11', 'SC-10']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000089.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000095","title":"The vCenter Server user roles must be verified.","desc":"Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.","descriptions":[{"label":"default","data":"Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView each role and verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nApplication service account and user required privileges should be documented.\n\nIf any user or service account has more privileges than required, this is a finding."},{"label":"fix","data":"To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the user or group, click the pencil button, change the assigned role, and click \"OK\".\n\nNote: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\nTo create a new role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nClick the green plus sign and enter a name for the role and select only the specific permissions required.\n\nUsers can then be assigned to the newly created role."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000211","satisfies":["SRG-APP-000233","SRG-APP-000380"],"gid":"V-VCSA-80-000095","rid":"SV-VCSA-80-000095","stig_id":"VCSA-80-000095","cci":["CCI-001082","CCI-001084","CCI-001813"],"nist":["CM-5 (1)","SC-2","SC-3"]},"code":"control 'VCSA-80-000095' do\n  title 'The vCenter Server user roles must be verified.'\n  desc  'Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View each role and verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    Application service account and user required privileges should be documented.\n\n    If any user or service account has more privileges than required, this is a finding.\n  \"\n  desc 'fix', \"\n    To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the user or group, click the pencil button, change the assigned role, and click \\\"OK\\\".\n\n    Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\n    To create a new role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Click the green plus sign and enter a name for the role and select only the specific permissions required.\n\n    Users can then be assigned to the newly created role.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000211'\n  tag satisfies: ['SRG-APP-000233', 'SRG-APP-000380']\n  tag gid: 'V-VCSA-80-000095'\n  tag rid: 'SV-VCSA-80-000095'\n  tag stig_id: 'VCSA-80-000095'\n  tag cci: ['CCI-001082', 'CCI-001084', 'CCI-001813']\n  tag nist: ['CM-5 (1)', 'SC-2', 'SC-3']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000095.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000110","title":"The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).","desc":"DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.","descriptions":[{"label":"default","data":"DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nView the \"Properties\" pane and verify \"Network I/O Control\" is \"Enabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NIOC Enabled\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\nIf \"Network I/O Control\" is disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nIn the \"Properties\" pane, click \"Edit\". Change \"Network I/O Control\" to \"Enabled\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDSwitch \"VDSwitch Name\" | Get-View).EnableNetworkResourceManagement($true)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000247","gid":"V-VCSA-80-000110","rid":"SV-VCSA-80-000110","stig_id":"VCSA-80-000110","cci":["CCI-001095"],"nist":["SC-5 (2)"]},"code":"control 'VCSA-80-000110' do\n  title 'The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).'\n  desc  \"\n    DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\n    Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    View the \\\"Properties\\\" pane and verify \\\"Network I/O Control\\\" is \\\"Enabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NIOC Enabled\\\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\n    If \\\"Network I/O Control\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    In the \\\"Properties\\\" pane, click \\\"Edit\\\". Change \\\"Network I/O Control\\\" to \\\"Enabled\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDSwitch \\\"VDSwitch Name\\\" | Get-View).EnableNetworkResourceManagement($true)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000247'\n  tag gid: 'V-VCSA-80-000110'\n  tag rid: 'SV-VCSA-80-000110'\n  tag stig_id: 'VCSA-80-000110'\n  tag cci: ['CCI-001095']\n  tag nist: ['SC-5 (2)']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000110.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000123","title":"The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.","desc":"Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately.","descriptions":[{"label":"default","data":"Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nVerify there is an alarm created to alert upon all SSO account actions.\n\nThe alarm name may vary, but it is suggested to name it \"SSO account actions - com.vmware.sso.PrincipalManagement\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select Name,Enabled,@{N=\"EventTypeId\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\nIf an alarm is not created to alert on SSO account actions, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nClick \"Add\".\n\nProvide the alarm name of \"SSO account actions - com.vmware.sso.PrincipalManagement\" and an optional description.\n\nFrom the \"Target type\" dropdown menu, select \"vCenter Server\".\n\nClick \"Next\".\n\nPaste \"com.vmware.sso.PrincipalManagement\" (without quotes) in the line after \"IF\" and press \"Enter\".\n\nNext to \"Trigger the alarm and\", select \"Show as Warning\".\n\nConfigure the desired notification actions that will inform the SA and ISSO of the event.\n\nClick \"Next\". Click \"Next\" again. Click \"Create\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000291","satisfies":["SRG-APP-000292","SRG-APP-000293","SRG-APP-000294","SRG-APP-000320"],"gid":"V-VCSA-80-000123","rid":"SV-VCSA-80-000123","stig_id":"VCSA-80-000123","cci":["CCI-001683","CCI-001684","CCI-001685","CCI-001686","CCI-002132"],"nist":["AC-2 (4)"]},"code":"control 'VCSA-80-000123' do\n  title 'The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.'\n  desc  \"\n    Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\n    To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \\\"com.vmware.sso.PrincipalManagement\\\" event ID and configure the alert mechanisms appropriately.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Verify there is an alarm created to alert upon all SSO account actions.\n\n    The alarm name may vary, but it is suggested to name it \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select Name,Enabled,@{N=\\\"EventTypeId\\\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\n    If an alarm is not created to alert on SSO account actions, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Click \\\"Add\\\".\n\n    Provide the alarm name of \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\" and an optional description.\n\n    From the \\\"Target type\\\" dropdown menu, select \\\"vCenter Server\\\".\n\n    Click \\\"Next\\\".\n\n    Paste \\\"com.vmware.sso.PrincipalManagement\\\" (without quotes) in the line after \\\"IF\\\" and press \\\"Enter\\\".\n\n    Next to \\\"Trigger the alarm and\\\", select \\\"Show as Warning\\\".\n\n    Configure the desired notification actions that will inform the SA and ISSO of the event.\n\n    Click \\\"Next\\\". Click \\\"Next\\\" again. Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000291'\n  tag satisfies: ['SRG-APP-000292', 'SRG-APP-000293', 'SRG-APP-000294', 'SRG-APP-000320']\n  tag gid: 'V-VCSA-80-000123'\n  tag rid: 'SV-VCSA-80-000123'\n  tag stig_id: 'VCSA-80-000123'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001685', 'CCI-001686', 'CCI-002132']\n  tag nist: ['AC-2 (4)']\n\n  command = 'Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000123.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000145","title":"The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.","desc":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.","descriptions":[{"label":"default","data":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Time interval between failures\" setting.\n\nTime interval between failures: 900 seconds\n\nIf the lockout policy is not configured with \"Time interval between failures\" policy of \"900\" or more, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Time interval between failures\" to \"900\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000345","gid":"V-VCSA-80-000145","rid":"SV-VCSA-80-000145","stig_id":"VCSA-80-000145","cci":["CCI-002238"],"nist":["AC-7 b"]},"code":"control 'VCSA-80-000145' do\n  title 'The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Time interval between failures\\\" setting.\n\n    Time interval between failures: 900 seconds\n\n    If the lockout policy is not configured with \\\"Time interval between failures\\\" policy of \\\"900\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Time interval between failures\\\" to \\\"900\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000145'\n  tag rid: 'SV-VCSA-80-000145'\n  tag stig_id: 'VCSA-80-000145'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).FailedAttemptIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 900 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000145.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000148","title":"The vCenter Server must be configured to send logs to a central log server.","desc":"vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.","descriptions":[{"label":"default","data":"vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting."},{"label":"rationale","data":""},{"label":"check","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \"Reachable\".\n\nIf no valid syslog collector is configured or if the collector is not listed as \"Reachable\", this is a finding."},{"label":"fix","data":"Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" or \"Configure\".\n\nEdit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\nUser Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\nClick \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000358","gid":"V-VCSA-80-000148","rid":"SV-VCSA-80-000148","stig_id":"VCSA-80-000148","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'VCSA-80-000148' do\n  title 'The vCenter Server must be configured to send logs to a central log server.'\n  desc  'vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \\\"Reachable\\\".\n\n    If no valid syslog collector is configured or if the collector is not listed as \\\"Reachable\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" or \\\"Configure\\\".\n\n    Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\n    User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000148'\n  tag rid: 'SV-VCSA-80-000148'\n  tag stig_id: 'VCSA-80-000148'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Invoke-GetLoggingForwarding | Select-Object -ExpandProperty hostname'\n  logservers = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if logservers.empty?\n    describe \"No log servers configured: #{logservers}\" do\n      subject { logservers }\n      it { should_not be_empty }\n    end\n  else\n    logservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('syslogServers') }\n      end\n    end\n    logserverstatuscommand = 'Invoke-TestLoggingForwarding | Select-Object -ExpandProperty state'\n    logserverstatus = powercli_command(logserverstatuscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    logserverstatus.each do |status|\n      describe status do\n        subject { status }\n        it { should cmp 'UP' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000148.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000150","title":"The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.","desc":"It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).","descriptions":[{"label":"default","data":"It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less)."},{"label":"rationale","data":""},{"label":"check","data":"Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\nIf there are no AO-defined events, this is not a finding."},{"label":"fix","data":"Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000360","satisfies":["SRG-APP-000379","SRG-APP-000510"],"gid":"V-VCSA-80-000150","rid":"SV-VCSA-80-000150","stig_id":"VCSA-80-000150","cci":["CCI-000172","CCI-001744","CCI-001858"],"nist":["AU-12 c","AU-5 (2)","CM-3 (5)"]},"code":"control 'VCSA-80-000150' do\n  title 'The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.'\n  desc  \"\n    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\n    Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\n    If there are no AO-defined events, this is not a finding.\n  \"\n  desc 'fix', 'Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000360'\n  tag satisfies: ['SRG-APP-000379', 'SRG-APP-000510']\n  tag gid: 'V-VCSA-80-000150'\n  tag rid: 'SV-VCSA-80-000150'\n  tag stig_id: 'VCSA-80-000150'\n  tag cci: ['CCI-000172', 'CCI-001744', 'CCI-001858']\n  tag nist: ['AU-12 c', 'AU-5 (2)', 'CM-3 (5)']\n\n  describe 'This check is a manual or policy based check' do\n    skip 'This must be reviewed manually'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000150.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000158","title":"The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.","desc":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.","descriptions":[{"label":"default","data":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network."},{"label":"rationale","data":""},{"label":"check","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one authorized time server is configured and is listed as \"Reachable\".\n\nIf \"NTP\" is not enabled and at least one authorized time server configured, this is a finding."},{"label":"fix","data":"Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" under \"Time Synchronization\".\n\nSelect \"NTP\" for \"Mode\" and enter a list of authorized time servers separated by commas. Click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000371","gid":"V-VCSA-80-000158","rid":"SV-VCSA-80-000158","stig_id":"VCSA-80-000158","cci":["CCI-001891"],"nist":["AU-8 (1) (a)"]},"code":"control 'VCSA-80-000158' do\n  title 'The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.'\n  desc  \"\n    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\n    Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one authorized time server is configured and is listed as \\\"Reachable\\\".\n\n    If \\\"NTP\\\" is not enabled and at least one authorized time server configured, this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" under \\\"Time Synchronization\\\".\n\n    Select \\\"NTP\\\" for \\\"Mode\\\" and enter a list of authorized time servers separated by commas. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000371'\n  tag gid: 'V-VCSA-80-000158'\n  tag rid: 'SV-VCSA-80-000158'\n  tag stig_id: 'VCSA-80-000158'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  command = 'Invoke-GetTimesync'\n  timesync = powercli_command(command).stdout.strip\n\n  if timesync == 'NTP'\n    ntpserverscommand = 'Invoke-GetNtp'\n    ntpservers = powercli_command(ntpserverscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    ntpservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('ntpServers') }\n      end\n      ntpstatuscommand = \"Initialize-NtpTestRequestBody -Servers #{server} | Invoke-TestNtp | Select-Object -ExpandProperty status\"\n      ntpstatus = powercli_command(ntpstatuscommand).stdout.strip\n      describe ntpstatus do\n        subject { ntpstatus }\n        it { should cmp 'SERVER_REACHABLE' }\n      end\n    end\n  else\n    describe \"Timesync Configuration: #{timesync}\" do\n      subject { timesync }\n      it { should cmp 'NTP' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000158.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000195","title":"The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.","desc":"Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.","descriptions":[{"label":"default","data":"Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick \"View Details\" and examine the \"Issuer Information\" block.\n\nIf the issuer specified is not a DOD approved certificate authority, this is a finding."},{"label":"fix","data":"Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\nCRT format (Base-64)\nx509 version 3\nSubjectAltName must contain DNS Name=<machine_FQDN>\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nExport the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \".cer\" extension.\n\nFrom the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick Actions >> Import and Replace Certificate.\n\nSelect the \"Replace with external CA certificate\" radio button and click \"Next\".\n\nSupply the CA-issued certificate , the exported roots file, and the private key.\n\nClick \"Replace\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000427","gid":"V-VCSA-80-000195","rid":"SV-VCSA-80-000195","stig_id":"VCSA-80-000195","cci":["CCI-002470"],"nist":["SC-23 (5)"]},"code":"control 'VCSA-80-000195' do\n  title 'The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.'\n  desc  \"\n    Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\n    The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\n    The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click \\\"View Details\\\" and examine the \\\"Issuer Information\\\" block.\n\n    If the issuer specified is not a DOD approved certificate authority, this is a finding.\n  \"\n  desc 'fix', \"\n    Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n    CRT format (Base-64)\n    x509 version 3\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \\\".cer\\\" extension.\n\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click Actions >> Import and Replace Certificate.\n\n    Select the \\\"Replace with external CA certificate\\\" radio button and click \\\"Next\\\".\n\n    Supply the CA-issued certificate , the exported roots file, and the private key.\n\n    Click \\\"Replace\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000427'\n  tag gid: 'V-VCSA-80-000195'\n  tag rid: 'SV-VCSA-80-000195'\n  tag stig_id: 'VCSA-80-000195'\n  tag cci: ['CCI-002470']\n  tag nist: ['SC-23 (5)']\n\n  vcenter = powercli_command('$global:DefaultViServers.Name').stdout.strip\n  describe ssl_certificate(host: \"#{vcenter}\", port: 443) do\n    its('issuer_organization') { should cmp 'U.S. Government' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000195.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000196","title":"The vCenter Server must enable data at rest encryption for vSAN.","desc":"Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.","descriptions":[{"label":"default","data":"Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-at-rest encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\nIf \"Data-At-Rest encryption\" is not enabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-At-Rest encryption\" and select a pre-configured key provider from the drop down. Click \"Apply\".\n\nNote: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000428","gid":"V-VCSA-80-000196","rid":"SV-VCSA-80-000196","stig_id":"VCSA-80-000196","cci":["CCI-002475"],"nist":["SC-28 (1)"]},"code":"control 'VCSA-80-000196' do\n  title 'The vCenter Server must enable data at rest encryption for vSAN.'\n  desc  \"\n    Applications handling data requiring \\\"data at rest\\\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\n    Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\n    vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-at-rest encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\n    If \\\"Data-At-Rest encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-At-Rest encryption\\\" and select a pre-configured key provider from the drop down. Click \\\"Apply\\\".\n\n    Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000428'\n  tag gid: 'V-VCSA-80-000196'\n  tag rid: 'SV-VCSA-80-000196'\n  tag stig_id: 'VCSA-80-000196'\n  tag cci: ['CCI-002475']\n  tag nist: ['SC-28 (1)']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"Get-Cluster -Name #{cluster} | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000196.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000248","title":"The vCenter Server must disable the Customer Experience Improvement Program (CEIP).","desc":"The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.","descriptions":[{"label":"default","data":"The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nIf Customer Experience Improvement \"Program Status\" is \"Joined\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nClick \"Leave Program\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000248","rid":"SV-VCSA-80-000248","stig_id":"VCSA-80-000248","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000248' do\n  title 'The vCenter Server must disable the Customer Experience Improvement Program (CEIP).'\n  desc  'The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    If Customer Experience Improvement \\\"Program Status\\\" is \\\"Joined\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    Click \\\"Leave Program\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000248'\n  tag rid: 'SV-VCSA-80-000248'\n  tag stig_id: 'VCSA-80-000248'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000248.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000253","title":"The vCenter server must enforce SNMPv3 security features where SNMP is required.","desc":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.","descriptions":[{"label":"default","data":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication."},{"label":"rationale","data":""},{"label":"check","data":"At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.get\n\nNote: The \"appliancesh\" command is not needed if the default shell has not been changed for root.\n\nIf \"Enable\" is set to \"False\", this is not a finding.\n\nIf \"Enable\" is set to \"True\" and \"Authentication\" is not set to \"SHA1\", this is a finding.\n\nIf \"Enable\" is set to \"True\" and \"Privacy\" is not set to \"AES128\", this is a finding.\n\nIf any \"Users\" are configured with a \"Sec_level\" that does not equal \"priv\", this is a finding."},{"label":"fix","data":"At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.set --authentication SHA1\n# snmp.set --privacy AES128\n\nTo change the security level of a user, run the following command:\n\n# snmp.set --users <username>/<auth_password> <priv_password>/priv"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000575","gid":"V-VCSA-80-000253","rid":"SV-VCSA-80-000253","stig_id":"VCSA-80-000253","cci":["CCI-001967"],"nist":["IA-3 (1)"]},"code":"control 'VCSA-80-000253' do\n  title 'The vCenter server must enforce SNMPv3 security features where SNMP is required.'\n  desc  \"\n    SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\n    SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\n    SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.get\n\n    Note: The \\\"appliancesh\\\" command is not needed if the default shell has not been changed for root.\n\n    If \\\"Enable\\\" is set to \\\"False\\\", this is not a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Authentication\\\" is not set to \\\"SHA1\\\", this is a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Privacy\\\" is not set to \\\"AES128\\\", this is a finding.\n\n    If any \\\"Users\\\" are configured with a \\\"Sec_level\\\" that does not equal \\\"priv\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.set --authentication SHA1\n    # snmp.set --privacy AES128\n\n    To change the security level of a user, run the following command:\n\n    # snmp.set --users <username>/<auth_password> <priv_password>/priv\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000253'\n  tag rid: 'SV-VCSA-80-000253'\n  tag stig_id: 'VCSA-80-000253'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000253.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000265","title":"The vCenter server must disable SNMPv1/2 receivers.","desc":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.","descriptions":[{"label":"default","data":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, note the presence of any enabled receiver.\n\nIf there are any enabled receivers, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, ensure all receivers are disabled."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000575","gid":"V-VCSA-80-000265","rid":"SV-VCSA-80-000265","stig_id":"VCSA-80-000265","cci":["CCI-001967"],"nist":["IA-3 (1)"]},"code":"control 'VCSA-80-000265' do\n  title 'The vCenter server must disable SNMPv1/2 receivers.'\n  desc  'SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, note the presence of any enabled receiver.\n\n    If there are any enabled receivers, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, ensure all receivers are disabled.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000265'\n  tag rid: 'SV-VCSA-80-000265'\n  tag stig_id: 'VCSA-80-000265'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000265.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000266","title":"The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.","desc":"By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.","descriptions":[{"label":"default","data":"By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Unlock time\" setting.\n\nUnlock time: 0 seconds\n\nIf the lockout policy is not configured with \"Unlock time\" policy of \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Unlock time\" to \"0\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000345","gid":"V-VCSA-80-000266","rid":"SV-VCSA-80-000266","stig_id":"VCSA-80-000266","cci":["CCI-002238"],"nist":["AC-7 b"]},"code":"control 'VCSA-80-000266' do\n  title 'The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.'\n  desc  'By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Unlock time\\\" setting.\n\n    Unlock time: 0 seconds\n\n    If the lockout policy is not configured with \\\"Unlock time\\\" policy of \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Unlock time\\\" to \\\"0\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000266'\n  tag rid: 'SV-VCSA-80-000266'\n  tag stig_id: 'VCSA-80-000266'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).AutoUnlockIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '0' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000266.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000267","title":"The vCenter Server must disable the distributed virtual switch health check.","desc":"Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.","descriptions":[{"label":"default","data":"Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nView the health check pane and verify the \"VLAN and MTU\" and \"Teaming and failover\" checks are \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vds = Get-VDSwitch\n$vds.ExtensionData.Config.HealthCheckConfig\n\nIf the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nClick \"Edit\".\n\nDisable the \"VLAN and MTU\" and \"Teaming and failover\" checks.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \"False\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000267","rid":"SV-VCSA-80-000267","stig_id":"VCSA-80-000267","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000267' do\n  title 'The vCenter Server must disable the distributed virtual switch health check.'\n  desc  'Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    View the health check pane and verify the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks are \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vds = Get-VDSwitch\n    $vds.ExtensionData.Config.HealthCheckConfig\n\n    If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    Click \\\"Edit\\\".\n\n    Disable the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \\\"False\\\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000267'\n  tag rid: 'SV-VCSA-80-000267'\n  tag stig_id: 'VCSA-80-000267'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.HealthCheckConfig | Select-Object -ExpandProperty Enable\"\n      checks = powercli_command(command)\n      checks.stdout.split.each do |hc|\n        describe \"Health check for #{vds}\" do\n          subject { hc }\n          it { should cmp 'false' }\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000267.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000268","title":"The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".","desc":"If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.","descriptions":[{"label":"default","data":"If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Forged Transmits\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Forged Transmits\" policy is set to accept for a non-uplink port, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Forged Transmits\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000268","rid":"SV-VCSA-80-000268","stig_id":"VCSA-80-000268","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000268' do\n  title 'The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    When the \\\"Forged Transmits\\\" option is set to \\\"Accept\\\", ESXi does not compare source and effective MAC addresses.\n\n    To protect against MAC impersonation, set the \\\"Forged Transmits\\\" option to \\\"Reject\\\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Forged Transmits\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Forged Transmits\\\" policy is set to accept for a non-uplink port, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Forged Transmits\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000268'\n  tag rid: 'SV-VCSA-80-000268'\n  tag stig_id: 'VCSA-80-000268'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000268.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000269","title":"The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".","desc":"If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.","descriptions":[{"label":"default","data":"If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"MAC Address Changes\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"MAC Address Changes\" policy is set to accept, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"MAC Address Changes\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000269","rid":"SV-VCSA-80-000269","stig_id":"VCSA-80-000269","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000269' do\n  title 'The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"MAC Address Changes\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"MAC Address Changes\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000269'\n  tag rid: 'SV-VCSA-80-000269'\n  tag stig_id: 'VCSA-80-000269'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000269.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000270","title":"The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".","desc":"When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.","descriptions":[{"label":"default","data":"When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Promiscuous Mode\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Promiscuous Mode\" policy is set to accept, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Promiscuous Mode\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000270","rid":"SV-VCSA-80-000270","stig_id":"VCSA-80-000270","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000270' do\n  title 'The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Promiscuous Mode\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000270'\n  tag rid: 'SV-VCSA-80-000270'\n  tag stig_id: 'VCSA-80-000270'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000270.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000271","title":"The vCenter Server must only send NetFlow traffic to authorized collectors.","desc":"The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.","descriptions":[{"label":"default","data":"The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nTo view NetFlow Collector IPs configured on distributed switches:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nView the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NetFlowCollectorIPs\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\nTo view if NetFlow is enabled on any distributed port groups:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Manage >> Settings >> Policies.\n\nGo to \"Monitoring\" and view the NetFlow status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Select Name,VirtualSwitch,@{N=\"NetFlowEnabled\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\nIf NetFlow is configured and the collector IP is not known and documented, this is a finding."},{"label":"fix","data":"To remove collector IPs, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nClick \"Edit\".\n\nRemove any unknown collector IPs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$dvs = Get-VDSwitch dvswitch | Get-View\nForEach($vs in $dvs){\n$spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n$spec.configversion = $vs.Config.ConfigVersion\n$spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n$spec.IpfixConfig.CollectorIpAddress = \"\"\n$spec.IpfixConfig.CollectorPort = \"0\"\n$spec.IpfixConfig.ActiveFlowTimeout = \"60\"\n$spec.IpfixConfig.IdleFlowTimeout = \"15\"\n$spec.IpfixConfig.SamplingRate = \"0\"\n$spec.IpfixConfig.InternalFlowsOnly = $False\n$vs.ReconfigureDvs_Task($spec)\n}\n\nNote: This will reset the NetFlow collector configuration back to the defaults.\n\nTo disable NetFlow on a distributed port group, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Monitoring\" tab.\n\nChange \"NetFlow\" to \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n$spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n$spec.defaultPortConfig.ipfixEnabled.inherited = $false\n$spec.defaultPortConfig.ipfixEnabled.value = $false\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000271","rid":"SV-VCSA-80-000271","stig_id":"VCSA-80-000271","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000271' do\n  title 'The vCenter Server must only send NetFlow traffic to authorized collectors.'\n  desc  'The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    To view NetFlow Collector IPs configured on distributed switches:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NetFlowCollectorIPs\\\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\n    To view if NetFlow is enabled on any distributed port groups:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Manage >> Settings >> Policies.\n\n    Go to \\\"Monitoring\\\" and view the NetFlow status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Select Name,VirtualSwitch,@{N=\\\"NetFlowEnabled\\\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\n    If NetFlow is configured and the collector IP is not known and documented, this is a finding.\n  \"\n  desc 'fix', \"\n    To remove collector IPs, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    Click \\\"Edit\\\".\n\n    Remove any unknown collector IPs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $dvs = Get-VDSwitch dvswitch | Get-View\n    ForEach($vs in $dvs){\n    $spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n    $spec.configversion = $vs.Config.ConfigVersion\n    $spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n    $spec.IpfixConfig.CollectorIpAddress = \\\"\\\"\n    $spec.IpfixConfig.CollectorPort = \\\"0\\\"\n    $spec.IpfixConfig.ActiveFlowTimeout = \\\"60\\\"\n    $spec.IpfixConfig.IdleFlowTimeout = \\\"15\\\"\n    $spec.IpfixConfig.SamplingRate = \\\"0\\\"\n    $spec.IpfixConfig.InternalFlowsOnly = $False\n    $vs.ReconfigureDvs_Task($spec)\n    }\n\n    Note: This will reset the NetFlow collector configuration back to the defaults.\n\n    To disable NetFlow on a distributed port group, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Monitoring\\\" tab.\n\n    Change \\\"NetFlow\\\" to \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n    $spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n    $spec.defaultPortConfig.ipfixEnabled.inherited = $false\n    $spec.defaultPortConfig.ipfixEnabled.value = $false\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000271'\n  tag rid: 'SV-VCSA-80-000271'\n  tag stig_id: 'VCSA-80-000271'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  if vdswitches.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed switches found to check. This is not applicable.'\n    end\n  else\n    setimpact = true\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.IpfixConfig.CollectorIpAddress\"\n      result = powercli_command(command).stdout.strip\n      if !result.empty?\n        describe '' do\n          subject { result }\n          it { should cmp \"#{input('ipfixCollectorAddress')}\" }\n        end\n        setimpact = false\n      else\n        describe '' do\n          skip \"Ipfix CollectorIpAddress not configured...skipping #{vds}.\"\n        end\n      end\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000271.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000272","title":"The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).","desc":"ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.","descriptions":[{"label":"default","data":"ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nChange the VLAN ID to a non-native VLAN.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000272","rid":"SV-VCSA-80-000272","stig_id":"VCSA-80-000272","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000272' do\n  title 'The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).'\n  desc  \"\n    ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\n    For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \\\"1\\\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \\\"1\\\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\n    If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Change the VLAN ID to a non-native VLAN.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000272'\n  tag rid: 'SV-VCSA-80-000272'\n  tag stig_id: 'VCSA-80-000272'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '1' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000272.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000273","title":"The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.","desc":"When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.","descriptions":[{"label":"default","data":"When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group \"VLAN Type\" and \"VLAN trunk range\", if present.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \"True\"} | Select Name,VlanConfiguration\n\nIf any port group is configured with \"VLAN trunking\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\nIf any port group is authorized to be configured with \"VLAN trunking\" but is not configured with the most limited range necessary, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nIf \"VLAN trunking\" is not authorized, remove it by setting \"VLAN type\" to \"VLAN\" and configure an appropriate VLAN ID. Click \"OK\".\n\nIf \"VLAN trunking\" is authorized but the range is too broad, modify the range in the \"VLAN trunk range\" field to the minimum necessary and authorized range. An example range would be \"1,3-5,8\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanTrunkRange \"<VLAN Range(s) comma separated>\"\n\nor\n\nRun this command to configure a single VLAN ID:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanId \"<New VLAN#>\""}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000273","rid":"SV-VCSA-80-000273","stig_id":"VCSA-80-000273","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000273' do\n  title 'The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.'\n  desc  \"\n    When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\n    The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\n    If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group \\\"VLAN Type\\\" and \\\"VLAN trunk range\\\", if present.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \\\"True\\\"} | Select Name,VlanConfiguration\n\n    If any port group is configured with \\\"VLAN trunking\\\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\n    If any port group is authorized to be configured with \\\"VLAN trunking\\\" but is not configured with the most limited range necessary, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    If \\\"VLAN trunking\\\" is not authorized, remove it by setting \\\"VLAN type\\\" to \\\"VLAN\\\" and configure an appropriate VLAN ID. Click \\\"OK\\\".\n\n    If \\\"VLAN trunking\\\" is authorized but the range is too broad, modify the range in the \\\"VLAN trunk range\\\" field to the minimum necessary and authorized range. An example range would be \\\"1,3-5,8\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanTrunkRange \\\"<VLAN Range(s) comma separated>\\\"\n\n    or\n\n    Run this command to configure a single VLAN ID:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanId \\\"<New VLAN#>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000273'\n  tag rid: 'SV-VCSA-80-000273'\n  tag stig_id: 'VCSA-80-000273'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {(($_.IsUplink -eq $false) -and ($_.VlanConfiguration -match \"Trunk\"))} | Select-Object -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed port groups found to check. This is not applicable.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.Start\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '0' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.End\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '4094' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000273.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000274","title":"The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.","desc":"Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.","descriptions":[{"label":"default","data":"Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with a reserved VLAN ID, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000274","rid":"SV-VCSA-80-000274","stig_id":"VCSA-80-000274","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000274' do\n  title 'The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.'\n  desc  \"\n    Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\n    Check with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with a reserved VLAN ID, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000274'\n  tag rid: 'SV-VCSA-80-000274'\n  tag stig_id: 'VCSA-80-000274'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vlanlist = ['1001', '1024', '3968', '4047', '4094']\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not be_in vlanlist }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000274.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000275","title":"The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.","desc":"By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host.","descriptions":[{"label":"default","data":"By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"VirtualCenter.VimPasswordExpirationInDays\" is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\nIf the \"VirtualCenter.VimPasswordExpirationInDays\" is set to a value other than \"30\" or does not exist, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"VirtualCenter.VimPasswordExpirationInDays\" value to \"30\" or if the value does not exist create it by entering the values in the \"Key\" and \"Value\" fields and clicking \"Add\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nIf the setting already exists:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\nIf the setting does not exist:\n\nNew-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000275","rid":"SV-VCSA-80-000275","stig_id":"VCSA-80-000275","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000275' do\n  title 'The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.'\n  desc  \"\n    By default, vCenter will change the \\\"vpxuser\\\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\n    Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \\\"vpxuser\\\" password to preclude the possibility that vCenter might be locked out of an ESXi host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\n    If the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to a value other than \\\"30\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" value to \\\"30\\\" or if the value does not exist create it by entering the values in the \\\"Key\\\" and \\\"Value\\\" fields and clicking \\\"Add\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    If the setting already exists:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\n    If the setting does not exist:\n\n    New-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000275'\n  tag rid: 'SV-VCSA-80-000275'\n  tag stig_id: 'VCSA-80-000275'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '30' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000275.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000276","title":"The vCenter Server must configure the \"vpxuser\" password to meet length policy.","desc":"The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters.","descriptions":[{"label":"default","data":"The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"config.vpxd.hostPasswordLength\" is set to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\nIf the \"config.vpxd.hostPasswordLength\" is set to a value other than \"32, this is a finding.\n\nIf the setting does not exist, this is not a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.vpxd.hostPasswordLength\" value to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000276","rid":"SV-VCSA-80-000276","stig_id":"VCSA-80-000276","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000276' do\n  title 'The vCenter Server must configure the \"vpxuser\" password to meet length policy.'\n  desc  \"\n    The \\\"vpxuser\\\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\n    Longer passwords make brute-force password attacks more difficult. The \\\"vpxuser\\\" password is added by vCenter, meaning no manual intervention is normally required. The \\\"vpxuser\\\" password length must never be modified to less than the default length of 32 characters.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"config.vpxd.hostPasswordLength\\\" is set to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\n    If the \\\"config.vpxd.hostPasswordLength\\\" is set to a value other than \\\"32, this is a finding.\n\n    If the setting does not exist, this is not a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.vpxd.hostPasswordLength\\\" value to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000276'\n  tag rid: 'SV-VCSA-80-000276'\n  tag stig_id: 'VCSA-80-000276'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value'\n  describe.one do\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp '32' }\n    end\n    describe powercli_command(command) do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000276.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000277","title":"The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.","desc":"vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.","descriptions":[{"label":"default","data":"vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use."},{"label":"rationale","data":""},{"label":"check","data":"Check the following conditions:\n\n1. Lifecycle Manager must be configured to use the UMDS.\n\nOR\n\n2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\nOR\n\n3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\nOption 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches from a UMDS shared repository\" radio button is selected and that a valid UMDS repository is supplied.\n\nClick \"Cancel\".\n\nIf this is not set, this is a finding.\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches directly from the internet\" radio button is selected.\n\nClick \"Cancel\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nVerify that \"HTTPS\" is \"Enabled\".\n\nClick the \"HTTPS\" row.\n\nVerify the proxy server configuration is accurate.\n\nIf this is not set, this is a finding.\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nVerify the \"Automatic downloads\" option is disabled.\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nVerify any download sources are disabled.\n\nIf this is not set, this is a finding."},{"label":"fix","data":"Option 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches from a UMDS shared repository\" radio button and supply a valid UMDS repository.\n\nClick \"Save\".\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches directly from the internet\" radio button.\n\nClick \"Save\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nClick \"Edit\".\n\nSlide \"HTTPS\" to \"Enabled\".\n\nSupply the appropriate proxy server configuration.\n\nClick \"Save\".\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nClick \"Edit\" and uncheck \"Download patches\".\n\nUnder \"Patch Setup\" select each download source and click Disable."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000277","rid":"SV-VCSA-80-000277","stig_id":"VCSA-80-000277","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000277' do\n  title 'The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.'\n  desc  \"\n    vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\n    There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\n    Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Check the following conditions:\n\n    1. Lifecycle Manager must be configured to use the UMDS.\n\n    OR\n\n    2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\n    OR\n\n    3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches from a UMDS shared repository\\\" radio button is selected and that a valid UMDS repository is supplied.\n\n    Click \\\"Cancel\\\".\n\n    If this is not set, this is a finding.\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches directly from the internet\\\" radio button is selected.\n\n    Click \\\"Cancel\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Verify that \\\"HTTPS\\\" is \\\"Enabled\\\".\n\n    Click the \\\"HTTPS\\\" row.\n\n    Verify the proxy server configuration is accurate.\n\n    If this is not set, this is a finding.\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Verify the \\\"Automatic downloads\\\" option is disabled.\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Verify any download sources are disabled.\n\n    If this is not set, this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches from a UMDS shared repository\\\" radio button and supply a valid UMDS repository.\n\n    Click \\\"Save\\\".\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches directly from the internet\\\" radio button.\n\n    Click \\\"Save\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Click \\\"Edit\\\".\n\n    Slide \\\"HTTPS\\\" to \\\"Enabled\\\".\n\n    Supply the appropriate proxy server configuration.\n\n    Click \\\"Save\\\".\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Click \\\"Edit\\\" and uncheck \\\"Download patches\\\".\n\n    Under \\\"Patch Setup\\\" select each download source and click Disable.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000277'\n  tag rid: 'SV-VCSA-80-000277'\n  tag stig_id: 'VCSA-80-000277'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000277.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000278","title":"The vCenter Server must use unique service accounts when applications connect to vCenter.","desc":"To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.","descriptions":[{"label":"default","data":"To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts."},{"label":"rationale","data":""},{"label":"check","data":"Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\nFor example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\nIf any application shares a service account that is used to connect to vCenter, this is a finding."},{"label":"fix","data":"For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\nWhen standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000278","rid":"SV-VCSA-80-000278","stig_id":"VCSA-80-000278","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000278' do\n  title 'The vCenter Server must use unique service accounts when applications connect to vCenter.'\n  desc  'To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\n    For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\n    If any application shares a service account that is used to connect to vCenter, this is a finding.\n  \"\n  desc  'fix', \"\n    For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\n    When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000278'\n  tag rid: 'SV-VCSA-80-000278'\n  tag stig_id: 'VCSA-80-000278'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000278.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000279","title":"The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.","desc":"Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.","descriptions":[{"label":"default","data":"Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic."},{"label":"rationale","data":""},{"label":"check","data":"If IP-based storage is not used, this is not applicable.\n\nIP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\nThe check for this will be unique per environment.\n\nTo check a standard switch, do the following:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\nVerify it is dedicated to that purpose and is logically separated from other traffic types.\n\nTo check a distributed switch, do the following,\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \"Summary\" tab.\n\nNote the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."},{"label":"fix","data":"Configuration of an IP-based VMkernel will be unique to each environment.\n\nTo configure VLANs and traffic types, do the following:\n\nStandard switch:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"Edit...\" and click the \"Port properties\" tab.\n\nUncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and click \"...\". Click \"Edit Settings\". On the \"Properties\" tab, enter the appropriate VLAN ID and click \"OK\".\n\nDistributed switch:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Topology.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"...\" and click \"Edit Settings\".\n\nOn the \"Port properties\" tab, uncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nEnter the appropriate VLAN type and ID and click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000279","rid":"SV-VCSA-80-000279","stig_id":"VCSA-80-000279","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000279' do\n  title 'The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.'\n  desc  \"\n    Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\n    IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\n    The check for this will be unique per environment.\n\n    To check a standard switch, do the following:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\n    Verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    To check a distributed switch, do the following,\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \\\"Summary\\\" tab.\n\n    Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-based VMkernel will be unique to each environment.\n\n    To configure VLANs and traffic types, do the following:\n\n    Standard switch:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"Edit...\\\" and click the \\\"Port properties\\\" tab.\n\n    Uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and click \\\"...\\\". Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, enter the appropriate VLAN ID and click \\\"OK\\\".\n\n    Distributed switch:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Topology.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"...\\\" and click \\\"Edit Settings\\\".\n\n    On the \\\"Port properties\\\" tab, uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Enter the appropriate VLAN type and ID and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000279'\n  tag rid: 'SV-VCSA-80-000279'\n  tag stig_id: 'VCSA-80-000279'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000279.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000280","title":"The vCenter server must be configured to send events to a central log server.","desc":"vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained.","descriptions":[{"label":"default","data":"vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"vpxd.event.syslog.enabled\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\nIf the \"vpxd.event.syslog.enabled\" value is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"vpxd.event.syslog.enabled\" setting to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000358","gid":"V-VCSA-80-000280","rid":"SV-VCSA-80-000280","stig_id":"VCSA-80-000280","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'VCSA-80-000280' do\n  title 'The vCenter server must be configured to send events to a central log server.'\n  desc  \"\n    vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\n    The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"vpxd.event.syslog.enabled\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\n    If the \\\"vpxd.event.syslog.enabled\\\" value is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"vpxd.event.syslog.enabled\\\" setting to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000280'\n  tag rid: 'SV-VCSA-80-000280'\n  tag stig_id: 'VCSA-80-000280'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000280.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000281","title":"The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.","desc":"The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.","descriptions":[{"label":"default","data":"The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nIf the HCL internet download is not required, verify \"Status\" is \"Disabled\".\n\nIf the \"Status\" is \"Enabled\", this is a finding.\n\nIf the HCL internet download is required, verify \"Status\" is \"Enabled\" and a proxy host is configured.\n\nIf \"Status\" is \"Enabled\" and a proxy is not configured, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nClick \"Edit\".\n\nIf the HCL internet download is not required, ensure that \"Status\" is \"Disabled\".\n\nIf the HCL internet download is required, ensure that \"Status\" is \"Enabled\" and that a proxy host is appropriately configured."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000281","rid":"SV-VCSA-80-000281","stig_id":"VCSA-80-000281","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000281' do\n  title 'The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.'\n  desc  'The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    If the HCL internet download is not required, verify \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the \\\"Status\\\" is \\\"Enabled\\\", this is a finding.\n\n    If the HCL internet download is required, verify \\\"Status\\\" is \\\"Enabled\\\" and a proxy host is configured.\n\n    If \\\"Status\\\" is \\\"Enabled\\\" and a proxy is not configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    Click \\\"Edit\\\".\n\n    If the HCL internet download is not required, ensure that \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the HCL internet download is required, ensure that \\\"Status\\\" is \\\"Enabled\\\" and that a proxy host is appropriately configured.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000281'\n  tag rid: 'SV-VCSA-80-000281'\n  tag stig_id: 'VCSA-80-000281'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    command = '$vsanphview = Get-VsanView -Id VsanPhoneHomeSystem-vsan-phonehome-system; $vsanphview.QueryVsanCloudHealthStatus().InternetConnectivity'\n    vcinternetenabled = powercli_command(command).stdout.strip\n\n    if vcinternetenabled == 'True'\n      proxycommand = '$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host'\n      describe powercli_command(proxycommand) do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    else\n      describe 'Enable Internet access for all vSAN clusters.' do\n        subject { vcinternetenabled }\n        it { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000281.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000282","title":"The vCenter Server must configure the vSAN Datastore name to a unique name.","desc":"A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.","descriptions":[{"label":"default","data":"A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nReview the datastores and identify any datastores with \"vSAN\" as the datastore type.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\nGet-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \"vsan\"}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}\n\nIf vSAN is enabled and a datastore is named \"vsanDatastore\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nRight-click on the datastore named \"vsanDatastore\" and select \"Rename\".\n\nRename the datastore based on site-specific naming standards.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\n$Clusters = Get-Cluster | where {$_.VsanEnabled}\nForeach ($clus in $clusters){\n $clus | Get-Datastore | where {$_.type -match \"vsan\"} | Set-Datastore -Name $(($clus.name) + \"_vSAN_Datastore\")\n}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000282","rid":"SV-VCSA-80-000282","stig_id":"VCSA-80-000282","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000282' do\n  title 'The vCenter Server must configure the vSAN Datastore name to a unique name.'\n  desc  'A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Review the datastores and identify any datastores with \\\"vSAN\\\" as the datastore type.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \\\"vsan\\\"}\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n\n    If vSAN is enabled and a datastore is named \\\"vsanDatastore\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Right-click on the datastore named \\\"vsanDatastore\\\" and select \\\"Rename\\\".\n\n    Rename the datastore based on site-specific naming standards.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    $Clusters = Get-Cluster | where {$_.VsanEnabled}\n    Foreach ($clus in $clusters){\n     $clus | Get-Datastore | where {$_.type -match \\\"vsan\\\"} | Set-Datastore -Name $(($clus.name) + \\\"_vSAN_Datastore\\\")\n    }\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000282'\n  tag rid: 'SV-VCSA-80-000282'\n  tag stig_id: 'VCSA-80-000282'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-Cluster | Where-Object {$_.VsanEnabled} | Get-Datastore | Where-Object {$_.type -match \"vsan\"} | Select-Object -ExpandProperty Name'\n  vsandatastores = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vsandatastores.empty?\n    describe '' do\n      skip 'No VSAN datastores found to check.'\n    end\n  else\n    vsandatastores.each do |ds|\n      describe '' do\n        subject { ds }\n        it { should_not cmp 'vsanDatastore' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000282.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000283","title":"The vCenter Server must disable Username/Password and Windows Integrated Authentication.","desc":"All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.","descriptions":[{"label":"default","data":"All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional."},{"label":"rationale","data":""},{"label":"check","data":"If a federated identity provider is configured and used for an identity source, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder \"Authentication method\", examine the allowed methods.\n\nIf \"Smart card authentication\" is not enabled and \"Password and windows session authentication\" is not disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nNext to \"Authentication method\", click \"Edit\".\n\nSelect to radio button to \"Enable smart card authentication\".\n\nClick \"Save\".\n\nTo re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n# /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000283","rid":"SV-VCSA-80-000283","stig_id":"VCSA-80-000283","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000283' do\n  title 'The vCenter Server must disable Username/Password and Windows Integrated Authentication.'\n  desc  'All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under \\\"Authentication method\\\", examine the allowed methods.\n\n    If \\\"Smart card authentication\\\" is not enabled and \\\"Password and windows session authentication\\\" is not disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Next to \\\"Authentication method\\\", click \\\"Edit\\\".\n\n    Select to radio button to \\\"Enable smart card authentication\\\".\n\n    Click \\\"Save\\\".\n\n    To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n    # /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000283'\n  tag rid: 'SV-VCSA-80-000283'\n  tag stig_id: 'VCSA-80-000283'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('embeddedIdp')\n    describe powercli_command('(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    describe 'A federated IDP is configured so this is Not Applicable.' do\n      skip 'A federated IDP is configured so this is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000283.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000284","title":"The vCenter Server must restrict access to the default roles with cryptographic permissions.","desc":"In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.","descriptions":[{"label":"default","data":"In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography."},{"label":"rationale","data":""},{"label":"check","data":"By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Where {$_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\nThe built-in solution users assigned to the administrator role are NOT a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nMove any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \"No Cryptography Administrator\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000284","rid":"SV-VCSA-80-000284","stig_id":"VCSA-80-000284","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000284' do\n  title 'The vCenter Server must restrict access to the default roles with cryptographic permissions.'\n  desc  \"\n    In vSphere, the built-in \\\"Administrator\\\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\n    A new built-in role called \\\"No Cryptography Administrator\\\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \\\"No Cryptography Administrator\\\" role or more restrictive.\n\n    The \\\"Administrator\\\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Where {$_.Role -eq \\\"Admin\\\" -or $_.Role -eq \\\"NoTrustedAdmin\\\" -or $_.Role -eq \\\"vCLSAdmin\\\" -or $_.Role -eq \\\"vSphereKubernetesManager\\\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\n    The built-in solution users assigned to the administrator role are NOT a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \\\"No Cryptography Administrator\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000284'\n  tag rid: 'SV-VCSA-80-000284'\n  tag stig_id: 'VCSA-80-000284'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoAdmins = input('vcCryptoAdmins')\n\n  # Get all users/groups with Admin/Administrator role excluding vpxd- accounts\n  command = 'Get-VIPermission | Where-Object {($_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\") -and $_.Principal -notmatch \"vpxd-\"} | Select-Object -ExpandProperty Principal'\n  cryptoadmins = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoadmins.empty?\n    cryptoadmins.each do |cryptoadmin|\n      describe cryptoadmin do\n        subject { cryptoadmin }\n        it { should be_in vcCryptoAdmins }\n      end\n    end\n  else\n    describe 'No users/groups found assigned to crypto roles...skipping tests.' do\n      skip 'No users/groups found assigned to crypto roles...skipping tests.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000284.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000285","title":"The vCenter Server must restrict access to cryptographic permissions.","desc":"These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.","descriptions":[{"label":"default","data":"These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography."},{"label":"rationale","data":""},{"label":"check","data":"By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight each role and click the 'Privileges\" button in the right pane.\n\nVerify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$roles = Get-VIRole\nForEach($role in $roles){\n    $privileges = $role.PrivilegeList\n    If($privileges -match \"Crypto*\" -or $privileges -match \"Global.Diagnostics\" -or $privileges -match \"Host.Inventory.Add*\" -or $privileges -match \"Host.Local operations.Manage user groups\"){\n    Write-Host \"$role has Cryptographic privileges\"\n    }\n}\n\nIf any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight the target custom role and click \"Edit\".\n\nRemove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000285","rid":"SV-VCSA-80-000285","stig_id":"VCSA-80-000285","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000285' do\n  title 'The vCenter Server must restrict access to cryptographic permissions.'\n  desc  'These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.'\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight each role and click the 'Privileges\\\" button in the right pane.\n\n    Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $roles = Get-VIRole\n    ForEach($role in $roles){\n        $privileges = $role.PrivilegeList\n        If($privileges -match \\\"Crypto*\\\" -or $privileges -match \\\"Global.Diagnostics\\\" -or $privileges -match \\\"Host.Inventory.Add*\\\" -or $privileges -match \\\"Host.Local operations.Manage user groups\\\"){\n        Write-Host \\\"$role has Cryptographic privileges\\\"\n        }\n    }\n\n    If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight the target custom role and click \\\"Edit\\\".\n\n    Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000285'\n  tag rid: 'SV-VCSA-80-000285'\n  tag stig_id: 'VCSA-80-000285'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoRoles = input('vcCryptoRoles')\n\n  command = 'Get-VIRole | Where-Object {$_.PrivilegeList -match \"Crypto*\" -or $_.PrivilegeList -match \"Global.Diagnostics\" -or $_.PrivilegeList -match \"Host.Inventory.Add*\" -or $_.PrivilegeList -match \"Host.Local operations.Manage user groups\"} | Select-Object -ExpandProperty Name'\n  cryptoroles = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoroles.empty?\n    cryptoroles.each do |cryptorole|\n      describe cryptorole do\n        subject { cryptorole }\n        it { should be_in vcCryptoRoles }\n      end\n    end\n  else\n    describe 'No roles found with crypto permissions...skipping tests.' do\n      skip 'No roles found with crypto permissions...skipping tests.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000285.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000286","title":"The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.","desc":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.","descriptions":[{"label":"default","data":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, review the value in the \"Authentication\" column.\n\nIf the Authentication method is not set to \"CHAP_Mutual\" for any iSCSI target, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, select the item and click \"Edit\".\n\nChange the \"Authentication\" field to \"Mutual CHAP\" and configure the incoming and outgoing users and secrets appropriately."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000286","rid":"SV-VCSA-80-000286","stig_id":"VCSA-80-000286","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000286' do\n  title 'The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, review the value in the \\\"Authentication\\\" column.\n\n    If the Authentication method is not set to \\\"CHAP_Mutual\\\" for any iSCSI target, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, select the item and click \\\"Edit\\\".\n\n    Change the \\\"Authentication\\\" field to \\\"Mutual CHAP\\\" and configure the incoming and outgoing users and secrets appropriately.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000286'\n  tag rid: 'SV-VCSA-80-000286'\n  tag stig_id: 'VCSA-80-000286'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !clusters.empty?\n    clusters.each do |cluster|\n      iscsiEnabled = powercli_command(\"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").IscsiTargetServiceEnabled\").stdout.strip\n      if iscsiEnabled == 'True'\n        command = \"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").DefaultIscsiAuthenticationType\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'MutualChap' }\n        end\n        setimpact = false\n      else\n        describe \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\" do\n          skip \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No vSAN enabled clusters found...this is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000286.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000287","title":"The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).","desc":"The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.","descriptions":[{"label":"default","data":"The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data."},{"label":"rationale","data":""},{"label":"check","data":"If vSAN is not in use, this is not applicable.\n\nInterview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\nVMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\nIf vSAN encryption is not in use, this is not a finding.\n\nIf vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding."},{"label":"fix","data":"If vSAN encryption is in use, ensure that a regular rekey procedure is in place."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000287","rid":"SV-VCSA-80-000287","stig_id":"VCSA-80-000287","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000287' do\n  title 'The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).'\n  desc  \"\n    The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\n    This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If vSAN is not in use, this is not applicable.\n\n    Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\n    VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\n    If vSAN encryption is not in use, this is not a finding.\n\n    If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.\n  \"\n  desc 'fix', 'If vSAN encryption is in use, ensure that a regular rekey procedure is in place.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000287'\n  tag rid: 'SV-VCSA-80-000287'\n  tag stig_id: 'VCSA-80-000287'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000287.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000288","title":"The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.","desc":"LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.","descriptions":[{"label":"default","data":"LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded."},{"label":"rationale","data":""},{"label":"check","data":"If LDAP is not used as an identity provider, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\", if the \"Server URL\" does not indicate \"ldaps://\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\" where LDAPS is not configured, highlight the item and click \"Edit\".\n\nEnsure the primary and secondary server URLs, if specified, are configured for \"ldaps://\".\n\nAt the bottom, click the \"Browse\" button, select the AD LDAP cert previously exported to your local computer, click \"Open\", and \"Save\" to complete modifications.\n\nNote: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000288","rid":"SV-VCSA-80-000288","stig_id":"VCSA-80-000288","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000288' do\n  title 'The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.'\n  desc  \"\n    LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\n    When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If LDAP is not used as an identity provider, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\", if the \\\"Server URL\\\" does not indicate \\\"ldaps://\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\" where LDAPS is not configured, highlight the item and click \\\"Edit\\\".\n\n    Ensure the primary and secondary server URLs, if specified, are configured for \\\"ldaps://\\\".\n\n    At the bottom, click the \\\"Browse\\\" button, select the AD LDAP cert previously exported to your local computer, click \\\"Open\\\", and \\\"Save\\\" to complete modifications.\n\n    Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000288'\n  tag rid: 'SV-VCSA-80-000288'\n  tag stig_id: 'VCSA-80-000288'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000288.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000290","title":"The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.","desc":"vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted.","descriptions":[{"label":"default","data":"vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: By default the Administrator and a unique service account similar to \"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\" will be in the group and should not be removed.\n\nIf there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000290","rid":"SV-VCSA-80-000290","stig_id":"VCSA-80-000290","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000290' do\n  title 'The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.'\n  desc  \"\n    vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \\\"SystemConfiguration.BashShellAdministrators\\\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \\\"sso-user\\\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\n    To force accountability and nonrepudiation, the SSO group \\\"SystemConfiguration.BashShellAdministrators\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: By default the Administrator and a unique service account similar to \\\"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\\\" will be in the group and should not be removed.\n\n    If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000290'\n  tag rid: 'SV-VCSA-80-000290'\n  tag stig_id: 'VCSA-80-000290'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  bashShellAdminUsers = input('bashShellAdminUsers')\n  # Get appliance management user and add to list of authorized users. Unique to each vCenter.\n  applmgmtuser = powercli_command('Get-SsoGroup -Domain vsphere.local -Name applmgmtSvcUsers | Get-SsoPersonUser | Select-Object -ExpandProperty Name').stdout.strip\n  bashShellAdminUsers.push(applmgmtuser)\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in SystemConfiguration.BashShellAdministrators' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |user|\n      describe user do\n        it { should be_in bashShellAdminUsers }\n      end\n    end\n  end\n  bashShellAdminGroups = input('bashShellAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in SystemConfiguration.BashShellAdministrators' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |group|\n      describe group do\n        it { should be_in bashShellAdminGroups }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000290.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000291","title":"The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.","desc":"The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted.","descriptions":[{"label":"default","data":"The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\nIf there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000291","rid":"SV-VCSA-80-000291","stig_id":"VCSA-80-000291","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000291' do\n  title 'The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.'\n  desc  \"\n    The vSphere \\\"TrustedAdmins\\\" group grants additional rights to administer the vSphere Trust Authority feature.\n\n    To force accountability and nonrepudiation, the SSO group \\\"TrustedAdmins\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\n    If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000291'\n  tag rid: 'SV-VCSA-80-000291'\n  tag stig_id: 'VCSA-80-000291'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  trustedAdminUsers = input('trustedAdminUsers')\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in TrustedAdmins' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.split.each do |user|\n      describe user do\n        it { should be_in trustedAdminUsers }\n      end\n    end\n  end\n  trustedAdminGroups = input('trustedAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in TrustedAdmins' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.split.each do |group|\n      describe group do\n        it { should be_in trustedAdminGroups }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000291.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000292","title":"The vCenter server configuration must be backed up on a regular basis.","desc":"vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.","descriptions":[{"label":"default","data":"vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane."},{"label":"rationale","data":""},{"label":"check","data":"Option 1:\n\nIf vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\nOption 2:\n\nFor vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, verify the \"Status\" is \"Enabled\".\n\nClick \"Status\" to expand the backup details.\n\nIf vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\nIf the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \"Daily\", this is a finding."},{"label":"fix","data":"Option 1:\n\nImplement and document a VMware-supported storage/image-based backup schedule.\n\nOption 2:\n\nTo configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Configure\" (or \"Edit\" for an existing configuration).\n\nEnter site-specific information for the backup job.\n\nEnsure \"Schedule\" is set to \"Daily\". Limiting the number of retained backups is recommended but not required.\n\nClick \"Create\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000292","rid":"SV-VCSA-80-000292","stig_id":"VCSA-80-000292","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000292' do\n  title 'The vCenter server configuration must be backed up on a regular basis.'\n  desc  \"\n    vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\n    For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Option 1:\n\n    If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\n    Option 2:\n\n    For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify the \\\"Status\\\" is \\\"Enabled\\\".\n\n    Click \\\"Status\\\" to expand the backup details.\n\n    If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\n    If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \\\"Daily\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    Implement and document a VMware-supported storage/image-based backup schedule.\n\n    Option 2:\n\n    To configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Configure\\\" (or \\\"Edit\\\" for an existing configuration).\n\n    Enter site-specific information for the backup job.\n\n    Ensure \\\"Schedule\\\" is set to \\\"Daily\\\". Limiting the number of retained backups is recommended but not required.\n\n    Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000292'\n  tag rid: 'SV-VCSA-80-000292'\n  tag stig_id: 'VCSA-80-000292'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('backup3rdParty')\n    describe '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.' do\n      skip '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.'\n    end\n  else\n    command = '(Invoke-ListRecoveryBackupSchedules).default.enable'\n    backupsenabled = powercli_command(command).stdout.strip\n\n    describe 'File based backups should be enabled.' do\n      subject { backupsenabled }\n      it { should cmp 'true' }\n    end\n\n    if backupsenabled == 'True'\n      # check that backups are scheduled daily. if so the days configuration will be empty\n      # if a custom schedule is specified and every day is selected this will fail and that should be changed to daily\n      backupschedule = powercli_command('(Invoke-ListRecoveryBackupSchedules).default.recurrence_info.days').stdout.strip\n      describe 'Backups should be scheduled daily.' do\n        subject { backupschedule }\n        it { should cmp '' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000292.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000293","title":"The vCenter server must have task and event retention set to at least 30 days.","desc":"vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.","descriptions":[{"label":"default","data":"vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick to expand the \"Database\" section.\n\nNote the \"Task retention\" and \"Event retention\" values.\n\nIf either value is configured to less than \"30\" days, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"Database\" tab, set the value for both \"Task retention\" and \"Event retention\" to \"30\" days (default) or greater, as required by your site.\n\nClick \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000293","rid":"SV-VCSA-80-000293","stig_id":"VCSA-80-000293","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000293' do\n  title 'The vCenter server must have task and event retention set to at least 30 days.'\n  desc  \"\n    vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\n    vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click to expand the \\\"Database\\\" section.\n\n    Note the \\\"Task retention\\\" and \\\"Event retention\\\" values.\n\n    If either value is configured to less than \\\"30\\\" days, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"Database\\\" tab, set the value for both \\\"Task retention\\\" and \\\"Event retention\\\" to \\\"30\\\" days (default) or greater, as required by your site.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000293'\n  tag rid: 'SV-VCSA-80-000293'\n  tag stig_id: 'VCSA-80-000293'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000293.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000294","title":"The vCenter server Native Key Provider must be backed up with a strong password.","desc":"The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.","descriptions":[{"label":"default","data":"The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment."},{"label":"rationale","data":""},{"label":"check","data":"If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\nInterview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\nIf backups exist for the Native Key Provider that are not password protected, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Key Providers.\n\nSelect the Native Key Provider, click \"Back-up\", and check the box \"Protect Native Key Provider data with password\".\n\nProvide a strong password and click \"Back up key provider\".\n\nDelete any previous backups that were not protected with a password."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000294","rid":"SV-VCSA-80-000294","stig_id":"VCSA-80-000294","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000294' do\n  title 'The vCenter server Native Key Provider must be backed up with a strong password.'\n  desc  'The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\n    Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\n    If backups exist for the Native Key Provider that are not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Key Providers.\n\n    Select the Native Key Provider, click \\\"Back-up\\\", and check the box \\\"Protect Native Key Provider data with password\\\".\n\n    Provide a strong password and click \\\"Back up key provider\\\".\n\n    Delete any previous backups that were not protected with a password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000294'\n  tag rid: 'SV-VCSA-80-000294'\n  tag stig_id: 'VCSA-80-000294'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000294.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000295","title":"The vCenter server must require authentication for published content libraries.","desc":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.","descriptions":[{"label":"default","data":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Content Libraries.\n\nReview the \"Password Protected\" column.\n\nIf a content library is published and is not password protected, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Enable user authentication for access to this content library\".\n\nEnter and confirm a password for the content library. Click \"Ok\".\n\nNote: Any subscribed content libraries will need to be updated to enable authentication and provide the password."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000295","rid":"SV-VCSA-80-000295","stig_id":"VCSA-80-000295","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000295' do\n  title 'The vCenter server must require authentication for published content libraries.'\n  desc  'In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Password Protected\\\" column.\n\n    If a content library is published and is not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Enable user authentication for access to this content library\\\".\n\n    Enter and confirm a password for the content library. Click \\\"Ok\\\".\n\n    Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000295'\n  tag rid: 'SV-VCSA-80-000295'\n  tag stig_id: 'VCSA-80-000295'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      if libinfojson['publish_info']['published'] == true\n        describe \"Authentication should be enabled on Content Library: #{libinfojson['name']}\" do\n          subject { libinfojson }\n          its(['publish_info', 'authentication_method']) { should cmp 'BASIC' }\n        end\n        setimpact = false\n      else\n        describe \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\" do\n          skip \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000295.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000296","title":"The vCenter server must enable the OVF security policy for content libraries.","desc":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.","descriptions":[{"label":"default","data":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Content Libraries.\n\nReview the \"Security Policy\" column.\n\nIf a content library does not have the \"OVF default policy\" enabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Apply Security Policy\". Click \"OK\".\n\nNote: If you disable the security policy of a content library, you cannot reuse the existing OVF items."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000296","rid":"SV-VCSA-80-000296","stig_id":"VCSA-80-000296","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000296' do\n  title 'The vCenter server must enable the OVF security policy for content libraries.'\n  desc  \"\n    In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\n    You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Security Policy\\\" column.\n\n    If a content library does not have the \\\"OVF default policy\\\" enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Apply Security Policy\\\". Click \\\"OK\\\".\n\n    Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000296'\n  tag rid: 'SV-VCSA-80-000296'\n  tag stig_id: 'VCSA-80-000296'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      describe \"OVF security policy should be enabled on Content Library: #{libinfojson['name']}\" do\n        subject { libinfojson }\n        its(['security_policy_id']) { should_not be nil }\n      end\n      setimpact = false\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000296.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000298","title":"The vCenter Server must separate authentication and authorization for administrators.","desc":"Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.","descriptions":[{"label":"default","data":"Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\nNote: Users and/or groups assigned to roles should be from the \"VSPHERE.LOCAL\" identity source."},{"label":"fix","data":"To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\nSelect the Administrators group and click \"Edit\".\n\nIn the \"Add Members\" section, select the identity source and type the name of the target user/group in the search bar.\n\nSelect the target user/group to add them and click \"Save\".\n\nNote: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\nTo remove identity provider users/groups from a role, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the offending user/group and click \"Delete\".\n\nNote: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level)."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000298","rid":"SV-VCSA-80-000298","stig_id":"VCSA-80-000298","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000298' do\n  title 'The vCenter Server must separate authentication and authorization for administrators.'\n  desc  \"\n    Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\n    The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\n    Note: Users and/or groups assigned to roles should be from the \\\"VSPHERE.LOCAL\\\" identity source.\n  \"\n  desc 'fix', \"\n    To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\n    Select the Administrators group and click \\\"Edit\\\".\n\n    In the \\\"Add Members\\\" section, select the identity source and type the name of the target user/group in the search bar.\n\n    Select the target user/group to add them and click \\\"Save\\\".\n\n    Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\n    To remove identity provider users/groups from a role, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the offending user/group and click \\\"Delete\\\".\n\n    Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000298'\n  tag rid: 'SV-VCSA-80-000298'\n  tag stig_id: 'VCSA-80-000298'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000298.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000299","title":"The vCenter Server must disable CDP/LLDP on distributed switches.","desc":"The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.","descriptions":[{"label":"default","data":"The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nReview the \"Discovery Protocol\" configuration.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\nIf any distributed switch does not have \"Discovery Protocols\" disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect the advanced tab and update the \"Type\" under \"Discovery Protocol\" to disabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch -Name \"DSwitch\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \"Disabled\""}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000299","rid":"SV-VCSA-80-000299","stig_id":"VCSA-80-000299","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000299' do\n  title 'The vCenter Server must disable CDP/LLDP on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Review the \\\"Discovery Protocol\\\" configuration.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\n    If any distributed switch does not have \\\"Discovery Protocols\\\" disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select the advanced tab and update the \\\"Type\\\" under \\\"Discovery Protocol\\\" to disabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch -Name \\\"DSwitch\\\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \\\"Disabled\\\"\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000299'\n  tag rid: 'SV-VCSA-80-000299'\n  tag stig_id: 'VCSA-80-000299'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"Get-VDSwitch -Name \\\"#{vds}\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'Disabled' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000299.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000300","title":"The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.","desc":"The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.","descriptions":[{"label":"default","data":"The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nReview any configured \"Port Mirroring\" sessions.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"Port Mirroring Sessions\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\nIf there are any unauthorized port mirroring sessions configured, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nSelect the unauthorized \"Port Mirroring\" session and click \"Remove\". Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000300","rid":"SV-VCSA-80-000300","stig_id":"VCSA-80-000300","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000300' do\n  title 'The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Review any configured \\\"Port Mirroring\\\" sessions.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"Port Mirroring Sessions\\\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\n    If there are any unauthorized port mirroring sessions configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Select the unauthorized \\\"Port Mirroring\\\" session and click \\\"Remove\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000300'\n  tag rid: 'SV-VCSA-80-000300'\n  tag stig_id: 'VCSA-80-000300'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.VspanSession\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000300.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000301","title":"The vCenter Server must not override port group settings at the port level on distributed switches.","desc":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.","descriptions":[{"label":"default","data":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Override port policies\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy\n\nIf there are any distributed port groups that allow overridden port policies, this is a finding.\n\nNote: This does not apply to the \"Block Ports\" or \"Configure reset at disconnect\" policies."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update all port policies besides \"Block Ports\" to \"disabled\" and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.VlanOverrideAllowed = $False\n$spec.Policy.UplinkTeamingOverrideAllowed = $False\n$spec.Policy.SecurityPolicyOverrideAllowed = $False\n$spec.Policy.IpfixOverrideAllowed = $False\n$spec.Policy.BlockOverrideAllowed = $True\n$spec.Policy.ShapingOverrideAllowed = $False\n$spec.Policy.VendorConfigOverrideAllowed = $False\n$spec.Policy.TrafficFilterOverrideAllowed = $False\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000301","rid":"SV-VCSA-80-000301","stig_id":"VCSA-80-000301","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000301' do\n  title 'The vCenter Server must not override port group settings at the port level on distributed switches.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Override port policies\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy\n\n    If there are any distributed port groups that allow overridden port policies, this is a finding.\n\n    Note: This does not apply to the \\\"Block Ports\\\" or \\\"Configure reset at disconnect\\\" policies.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update all port policies besides \\\"Block Ports\\\" to \\\"disabled\\\" and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.VlanOverrideAllowed = $False\n    $spec.Policy.UplinkTeamingOverrideAllowed = $False\n    $spec.Policy.SecurityPolicyOverrideAllowed = $False\n    $spec.Policy.IpfixOverrideAllowed = $False\n    $spec.Policy.BlockOverrideAllowed = $True\n    $spec.Policy.ShapingOverrideAllowed = $False\n    $spec.Policy.VendorConfigOverrideAllowed = $False\n    $spec.Policy.TrafficFilterOverrideAllowed = $False\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000301'\n  tag rid: 'SV-VCSA-80-000301'\n  tag stig_id: 'VCSA-80-000301'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000301.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000302","title":"The vCenter Server must reset port configuration when virtual machines are disconnected.","desc":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.","descriptions":[{"label":"default","data":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Configure reset at disconnect\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\nIf there are any distributed port groups with \"Configure reset at disconnect\" configured to \"disabled\" or \"False\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update \"Configure reset at disconnect\" to be enabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.PortConfigResetAtDisconnect = $True\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000302","rid":"SV-VCSA-80-000302","stig_id":"VCSA-80-000302","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000302' do\n  title 'The vCenter Server must reset port configuration when virtual machines are disconnected.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Configure reset at disconnect\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\n    If there are any distributed port groups with \\\"Configure reset at disconnect\\\" configured to \\\"disabled\\\" or \\\"False\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update \\\"Configure reset at disconnect\\\" to be enabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.PortConfigResetAtDisconnect = $True\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000302'\n  tag rid: 'SV-VCSA-80-000302'\n  tag stig_id: 'VCSA-80-000302'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'True' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000302.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000303","title":"The vCenter Server must disable Secure Shell (SSH) access.","desc":"vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.","descriptions":[{"label":"default","data":"vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled."},{"label":"rationale","data":""},{"label":"check","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nIf \"SSH Login\" is not \"Deactivated\", this is a finding."},{"label":"fix","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nClick \"Edit\" then disable \"Activate SSH Login\" and click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000303","rid":"SV-VCSA-80-000303","stig_id":"VCSA-80-000303","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000303' do\n  title 'The vCenter Server must disable Secure Shell (SSH) access.'\n  desc  \"\n    vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\n    vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    If \\\"SSH Login\\\" is not \\\"Deactivated\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    Click \\\"Edit\\\" then disable \\\"Activate SSH Login\\\" and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000303'\n  tag rid: 'SV-VCSA-80-000303'\n  tag stig_id: 'VCSA-80-000303'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe powercli_command('Invoke-GetAccessSsh').stdout.strip do\n    it { should_not cmp 'true' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000303.rb"},"waiver_data":{},"results":[]},{"id":"VCSA-80-000304","title":"The vCenter Server must enable data in transit encryption for vSAN.","desc":"Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.","descriptions":[{"label":"default","data":"Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-in-transit encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n$vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\nRepeat these steps for each vSAN enabled cluster in the environment.\n\nIf \"Data-In-Transit encryption\" is not enabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-In-Transit encryption\" and choose a rekey interval suitable for the environment then click \"Apply\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000304","rid":"SV-VCSA-80-000304","stig_id":"VCSA-80-000304","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000304' do\n  title 'The vCenter Server must enable data in transit encryption for vSAN.'\n  desc  \"\n    Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\n    vSAN data-in-transit encryption has the following characteristics:\n    -vSAN uses AES-256 bit encryption on data in transit.\n    -Forward secrecy is enforced for vSAN data-in-transit encryption.\n    -Traffic between data hosts and witness hosts is encrypted.\n    -File service data traffic between the VDFS proxy and VDFS server is encrypted.\n    -vSAN file services inter-host connections are encrypted.\n    -vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\n    Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\n    vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-in-transit encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n    $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\n    Repeat these steps for each vSAN enabled cluster in the environment.\n\n    If \\\"Data-In-Transit encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-In-Transit encryption\\\" and choose a rekey interval suitable for the environment then click \\\"Apply\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000304'\n  tag rid: 'SV-VCSA-80-000304'\n  tag stig_id: 'VCSA-80-000304'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name #{cluster}).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000304.rb"},"waiver_data":{},"results":[]}],"status":"loaded","status_message":""},{"name":"VMware vSphere 8.0 ESXi STIG Readiness Guide","version":"1.0.1","sha256":"2bcc2c137feae91b11def65ec768521718f04b22c0b53c3f1946c843c4a9a10b","title":"VMware vSphere 8.0 ESXi STIG Readiness Guide","maintainer":"The Authors","summary":"An InSpec Compliance Profile","license":"Apache-2.0","copyright":"The Authors","supports":[],"attributes":[],"parent_profile":"vmware-vsphere-8.0-stig-baseline","groups":[{"id":"controls/ESXI-80-000005.rb","controls":["ESXI-80-000005"]},{"id":"controls/ESXI-80-000006.rb","controls":["ESXI-80-000006"]},{"id":"controls/ESXI-80-000008.rb","controls":["ESXI-80-000008"]},{"id":"controls/ESXI-80-000010.rb","controls":["ESXI-80-000010"]},{"id":"controls/ESXI-80-000014.rb","controls":["ESXI-80-000014"]},{"id":"controls/ESXI-80-000015.rb","controls":["ESXI-80-000015"]},{"id":"controls/ESXI-80-000035.rb","controls":["ESXI-80-000035"]},{"id":"controls/ESXI-80-000043.rb","controls":["ESXI-80-000043"]},{"id":"controls/ESXI-80-000047.rb","controls":["ESXI-80-000047"]},{"id":"controls/ESXI-80-000049.rb","controls":["ESXI-80-000049"]},{"id":"controls/ESXI-80-000052.rb","controls":["ESXI-80-000052"]},{"id":"controls/ESXI-80-000068.rb","controls":["ESXI-80-000068"]},{"id":"controls/ESXI-80-000085.rb","controls":["ESXI-80-000085"]},{"id":"controls/ESXI-80-000094.rb","controls":["ESXI-80-000094"]},{"id":"controls/ESXI-80-000111.rb","controls":["ESXI-80-000111"]},{"id":"controls/ESXI-80-000113.rb","controls":["ESXI-80-000113"]},{"id":"controls/ESXI-80-000114.rb","controls":["ESXI-80-000114"]},{"id":"controls/ESXI-80-000124.rb","controls":["ESXI-80-000124"]},{"id":"controls/ESXI-80-000133.rb","controls":["ESXI-80-000133"]},{"id":"controls/ESXI-80-000145.rb","controls":["ESXI-80-000145"]},{"id":"controls/ESXI-80-000160.rb","controls":["ESXI-80-000160"]},{"id":"controls/ESXI-80-000161.rb","controls":["ESXI-80-000161"]},{"id":"controls/ESXI-80-000187.rb","controls":["ESXI-80-000187"]},{"id":"controls/ESXI-80-000189.rb","controls":["ESXI-80-000189"]},{"id":"controls/ESXI-80-000191.rb","controls":["ESXI-80-000191"]},{"id":"controls/ESXI-80-000192.rb","controls":["ESXI-80-000192"]},{"id":"controls/ESXI-80-000193.rb","controls":["ESXI-80-000193"]},{"id":"controls/ESXI-80-000194.rb","controls":["ESXI-80-000194"]},{"id":"controls/ESXI-80-000195.rb","controls":["ESXI-80-000195"]},{"id":"controls/ESXI-80-000196.rb","controls":["ESXI-80-000196"]},{"id":"controls/ESXI-80-000198.rb","controls":["ESXI-80-000198"]},{"id":"controls/ESXI-80-000199.rb","controls":["ESXI-80-000199"]},{"id":"controls/ESXI-80-000201.rb","controls":["ESXI-80-000201"]},{"id":"controls/ESXI-80-000202.rb","controls":["ESXI-80-000202"]},{"id":"controls/ESXI-80-000203.rb","controls":["ESXI-80-000203"]},{"id":"controls/ESXI-80-000204.rb","controls":["ESXI-80-000204"]},{"id":"controls/ESXI-80-000205.rb","controls":["ESXI-80-000205"]},{"id":"controls/ESXI-80-000206.rb","controls":["ESXI-80-000206"]},{"id":"controls/ESXI-80-000207.rb","controls":["ESXI-80-000207"]},{"id":"controls/ESXI-80-000208.rb","controls":["ESXI-80-000208"]},{"id":"controls/ESXI-80-000209.rb","controls":["ESXI-80-000209"]},{"id":"controls/ESXI-80-000210.rb","controls":["ESXI-80-000210"]},{"id":"controls/ESXI-80-000211.rb","controls":["ESXI-80-000211"]},{"id":"controls/ESXI-80-000212.rb","controls":["ESXI-80-000212"]},{"id":"controls/ESXI-80-000213.rb","controls":["ESXI-80-000213"]},{"id":"controls/ESXI-80-000214.rb","controls":["ESXI-80-000214"]},{"id":"controls/ESXI-80-000215.rb","controls":["ESXI-80-000215"]},{"id":"controls/ESXI-80-000216.rb","controls":["ESXI-80-000216"]},{"id":"controls/ESXI-80-000217.rb","controls":["ESXI-80-000217"]},{"id":"controls/ESXI-80-000218.rb","controls":["ESXI-80-000218"]},{"id":"controls/ESXI-80-000219.rb","controls":["ESXI-80-000219"]},{"id":"controls/ESXI-80-000220.rb","controls":["ESXI-80-000220"]},{"id":"controls/ESXI-80-000221.rb","controls":["ESXI-80-000221"]},{"id":"controls/ESXI-80-000222.rb","controls":["ESXI-80-000222"]},{"id":"controls/ESXI-80-000223.rb","controls":["ESXI-80-000223"]},{"id":"controls/ESXI-80-000224.rb","controls":["ESXI-80-000224"]},{"id":"controls/ESXI-80-000225.rb","controls":["ESXI-80-000225"]},{"id":"controls/ESXI-80-000226.rb","controls":["ESXI-80-000226"]},{"id":"controls/ESXI-80-000227.rb","controls":["ESXI-80-000227"]},{"id":"controls/ESXI-80-000228.rb","controls":["ESXI-80-000228"]},{"id":"controls/ESXI-80-000229.rb","controls":["ESXI-80-000229"]},{"id":"controls/ESXI-80-000230.rb","controls":["ESXI-80-000230"]},{"id":"controls/ESXI-80-000231.rb","controls":["ESXI-80-000231"]},{"id":"controls/ESXI-80-000232.rb","controls":["ESXI-80-000232"]},{"id":"controls/ESXI-80-000233.rb","controls":["ESXI-80-000233"]},{"id":"controls/ESXI-80-000234.rb","controls":["ESXI-80-000234"]},{"id":"controls/ESXI-80-000235.rb","controls":["ESXI-80-000235"]},{"id":"controls/ESXI-80-000236.rb","controls":["ESXI-80-000236"]},{"id":"controls/ESXI-80-000237.rb","controls":["ESXI-80-000237"]},{"id":"controls/ESXI-80-000238.rb","controls":["ESXI-80-000238"]},{"id":"controls/ESXI-80-000239.rb","controls":["ESXI-80-000239"]},{"id":"controls/ESXI-80-000240.rb","controls":["ESXI-80-000240"]},{"id":"controls/ESXI-80-000241.rb","controls":["ESXI-80-000241"]},{"id":"controls/ESXI-80-000243.rb","controls":["ESXI-80-000243"]},{"id":"controls/ESXI-80-000244.rb","controls":["ESXI-80-000244"]},{"id":"controls/ESXI-80-000245.rb","controls":["ESXI-80-000245"]},{"id":"controls/ESXI-80-000246.rb","controls":["ESXI-80-000246"]}],"controls":[{"id":"ESXI-80-000005","title":"The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.","desc":"By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.","descriptions":[{"label":"default","data":"By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountLockFailures\" value and verify it is set to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\nIf the \"Security.AccountLockFailures\" setting is set to a value other than \"3\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountLockFailures\" value and configure it to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000021-VMM-000050","gid":"V-ESXI-80-000005","rid":"SV-ESXI-80-000005","stig_id":"ESXI-80-000005","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'ESXI-80-000005' do\n  title 'The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.'\n  desc  'By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountLockFailures\\\" value and verify it is set to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\n    If the \\\"Security.AccountLockFailures\\\" setting is set to a value other than \\\"3\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountLockFailures\\\" value and configure it to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-VMM-000050'\n  tag gid: 'V-ESXI-80-000005'\n  tag rid: 'SV-ESXI-80-000005'\n  tag stig_id: 'ESXI-80-000005'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '3' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000005.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"3\"","run_time":0.5624994,"start_time":"2023-06-07T08:28:29-06:00","message":"\nexpected: 3\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000006","title":"The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).","desc":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Annotations.WelcomeMessage\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\nIf the \"Annotations.WelcomeMessage\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Annotations.WelcomeMessage\" value and set it to the following. Click \"OK\".\n\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\t{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \"<Banner text above>\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-VMM-000060","satisfies":["SRG-OS-000024-VMM-000070"],"gid":"V-ESXI-80-000006","rid":"SV-ESXI-80-000006","stig_id":"ESXI-80-000006","cci":["CCI-000048","CCI-000050"],"nist":["AC-8 a","AC-8 b"]},"code":"control 'ESXI-80-000006' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Annotations.WelcomeMessage\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\n    If the \\\"Annotations.WelcomeMessage\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Annotations.WelcomeMessage\\\" value and set it to the following. Click \\\"OK\\\".\n\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\\t{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag satisfies: ['SRG-OS-000024-VMM-000070']\n  tag gid: 'V-ESXI-80-000006'\n  tag rid: 'SV-ESXI-80-000006'\n  tag stig_id: 'ESXI-80-000006'\n  tag cci: ['CCI-000048', 'CCI-000050']\n  tag nist: ['AC-8 a', 'AC-8 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000006.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match \"You are accessing a U.S. Government\"","run_time":0.0004147,"start_time":"2023-06-07T08:28:29-06:00","message":"expected \"\" to match \"You are accessing a U.S. Government\"","exception":"RSpec::Core::MultipleExceptionError","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match \"I've read & consent to terms in IS user agreem't\"","run_time":0.0002669,"start_time":"2023-06-07T08:28:29-06:00","message":"expected \"\" to match \"I've read & consent to terms in IS user agreem't\"","exception":"RSpec::Core::MultipleExceptionError","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000008","title":"The ESXi host must enable lockdown mode.","desc":"Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.","descriptions":[{"label":"default","data":"Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nScroll down to \"Lockdown Mode\" and verify it is set to \"Enabled\" (Normal or Strict).\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Select Name,@{N=\"Lockdown\";E={$_.Extensiondata.Config.LockdownMode}}\n\nIf \"Lockdown Mode\" is disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\nClick edit and select either the \"Normal\" or \"Strict\" radio buttons.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$level = \"lockdownNormal\" OR \"lockdownStrict\"\n$vmhost = Get-VMHost -Name <hostname> | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.ChangeLockdownMode($level)\n\nNote: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000027-VMM-000080","gid":"V-ESXI-80-000008","rid":"SV-ESXI-80-000008","stig_id":"ESXI-80-000008","cci":["CCI-000054"],"nist":["AC-10"]},"code":"control 'ESXI-80-000008' do\n  title 'The ESXi host must enable lockdown mode.'\n  desc  \"\n    Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\n    By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Scroll down to \\\"Lockdown Mode\\\" and verify it is set to \\\"Enabled\\\" (Normal or Strict).\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Select Name,@{N=\\\"Lockdown\\\";E={$_.Extensiondata.Config.LockdownMode}}\n\n    If \\\"Lockdown Mode\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\n    Click edit and select either the \\\"Normal\\\" or \\\"Strict\\\" radio buttons.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $level = \\\"lockdownNormal\\\" OR \\\"lockdownStrict\\\"\n    $vmhost = Get-VMHost -Name <hostname> | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.ChangeLockdownMode($level)\n\n    Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000027-VMM-000080'\n  tag gid: 'V-ESXI-80-000008'\n  tag rid: 'SV-ESXI-80-000008'\n  tag stig_id: 'ESXI-80-000008'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['lockdownNormal', 'lockdownStrict']\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).Extensiondata.Config.LockdownMode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000008.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-VMHost -Name 10.186.25.26).Extensiondata.Config.LockdownMode stdout.strip is expected to be in \"lockdownNormal\" and \"lockdownStrict\"","run_time":2.2690875,"start_time":"2023-06-07T08:28:29-06:00","message":"expected `lockdownDisabled` to be in the list: `[\"lockdownNormal\", \"lockdownStrict\"]`","resource_class":"powercli_command","resource_params":"[\"(Get-VMHost -Name 10.186.25.26).Extensiondata.Config.LockdownMode\"]","resource_id":""}]},{"id":"ESXI-80-000010","title":"The ESXi host client must be configured with an idle session timeout.","desc":"The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.","descriptions":[{"label":"default","data":"The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.HostClientSessionTimeout\" value and verify it is set to \"900\" or less.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\nIf the \"UserVars.HostClientSessionTimeout\" setting is not set to \"900\" or less, this is a finding."},{"label":"fix","data":"Fom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.HostClientSessionTimeout\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \"900\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000029-VMM-000100","gid":"V-ESXI-80-000010","rid":"SV-ESXI-80-000010","stig_id":"ESXI-80-000010","cci":["CCI-000057"],"nist":["AC-11 a"]},"code":"control 'ESXI-80-000010' do\n  title 'The ESXi host client must be configured with an idle session timeout.'\n  desc  'The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.HostClientSessionTimeout\\\" value and verify it is set to \\\"900\\\" or less.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\n    If the \\\"UserVars.HostClientSessionTimeout\\\" setting is not set to \\\"900\\\" or less, this is a finding.\n  \"\n  desc  'fix', \"\n    Fom the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.HostClientSessionTimeout\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \\\"900\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-VMM-000100'\n  tag gid: 'V-ESXI-80-000010'\n  tag rid: 'SV-ESXI-80-000010'\n  tag stig_id: 'ESXI-80-000010'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000010.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 900","run_time":0.5977933,"start_time":"2023-06-07T08:28:32-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000014","title":"The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.","desc":"Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.","descriptions":[{"label":"default","data":"Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.security.fips140.ssh.get.invoke()\n\nExpected result:\n\nEnabled: true\n\nIf the FIPS mode is not enabled for SSH, this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh set -e true\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n$arguments.enable = $true\n$esxcli.system.security.fips140.ssh.set.Invoke($arguments)"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000033-VMM-000140","gid":"V-ESXI-80-000014","rid":"SV-ESXI-80-000014","stig_id":"ESXI-80-000014","cci":["CCI-000068"],"nist":["AC-17 (2)"]},"code":"control 'ESXI-80-000014' do\n  title 'The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.'\n  desc  \"\n    Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\n    OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.security.fips140.ssh.get.invoke()\n\n    Expected result:\n\n    Enabled: true\n\n    If the FIPS mode is not enabled for SSH, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh set -e true\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n    $arguments.enable = $true\n    $esxcli.system.security.fips140.ssh.set.Invoke($arguments)\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-VMM-000140'\n  tag gid: 'V-ESXI-80-000014'\n  tag rid: 'SV-ESXI-80-000014'\n  tag stig_id: 'ESXI-80-000014'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000014.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp == \"true\"","run_time":0.5671294,"start_time":"2023-06-07T08:28:32-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"]","resource_id":""}]},{"id":"ESXI-80-000015","title":"The ESXi must produce audit records containing information to establish what type of events occurred.","desc":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.","descriptions":[{"label":"default","data":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.log.level\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\nIf the \"Config.HostAgent.log.level\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.log.level\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \"info\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000037-VMM-000150","satisfies":["SRG-OS-000063-VMM-000310"],"gid":"V-ESXI-80-000015","rid":"SV-ESXI-80-000015","stig_id":"ESXI-80-000015","cci":["CCI-000130","CCI-000171"],"nist":["AU-12 b","AU-3"]},"code":"control 'ESXI-80-000015' do\n  title 'The ESXi must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.log.level\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\n    If the \\\"Config.HostAgent.log.level\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.log.level\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag satisfies: ['SRG-OS-000063-VMM-000310']\n  tag gid: 'V-ESXI-80-000015'\n  tag rid: 'SV-ESXI-80-000015'\n  tag stig_id: 'ESXI-80-000015'\n  tag cci: ['CCI-000130', 'CCI-000171']\n  tag nist: ['AU-12 b', 'AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000015.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"info\"","run_time":0.745432,"start_time":"2023-06-07T08:28:33-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000035","title":"The ESXi host must enforce password complexity by configuring a password quality policy.","desc":"To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.","descriptions":[{"label":"default","data":"To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordQualityControl\" value and verify it is set to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\nIf the \"Security.PasswordQualityControl\" setting is set to a value other than \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordQualityControl\" value and configure it to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000069-VMM-000360","satisfies":["SRG-OS-000070-VMM-000370","SRG-OS-000071-VMM-000380","SRG-OS-000072-VMM-000390","SRG-OS-000078-VMM-000450","SRG-OS-000266-VMM-000940"],"gid":"V-ESXI-80-000035","rid":"SV-ESXI-80-000035","stig_id":"ESXI-80-000035","cci":["CCI-000192","CCI-000193","CCI-000194","CCI-000195","CCI-000205","CCI-001619"],"nist":["IA-5 (1) (a)","IA-5 (1) (b)"]},"code":"control 'ESXI-80-000035' do\n  title 'The ESXi host must enforce password complexity by configuring a password quality policy.'\n  desc  \"\n    To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\n    The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordQualityControl\\\" value and verify it is set to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\n    If the \\\"Security.PasswordQualityControl\\\" setting is set to a value other than \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordQualityControl\\\" value and configure it to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-VMM-000360'\n  tag satisfies: ['SRG-OS-000070-VMM-000370', 'SRG-OS-000071-VMM-000380', 'SRG-OS-000072-VMM-000390', 'SRG-OS-000078-VMM-000450', 'SRG-OS-000266-VMM-000940']\n  tag gid: 'V-ESXI-80-000035'\n  tag rid: 'SV-ESXI-80-000035'\n  tag stig_id: 'ESXI-80-000035'\n  tag cci: ['CCI-000192', 'CCI-000193', 'CCI-000194', 'CCI-000195', 'CCI-000205', 'CCI-001619']\n  tag nist: ['IA-5 (1) (a)', 'IA-5 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'similar=deny retry=3 min=disabled,disabled,disabled,disabled,15' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000035.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\"","run_time":0.5948543,"start_time":"2023-06-07T08:28:33-06:00","message":"\nexpected: similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\n     got: retry=3 min=disabled,disabled,disabled,7,7\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000043","title":"The ESXi host must prohibit password reuse for a minimum of five generations.","desc":"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.","descriptions":[{"label":"default","data":"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordHistory\" value and verify it is set to \"5\" or greater.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\nIf the \"Security.PasswordHistory\" setting is set to a value other than 5 or greater, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordHistory\" value and configure it to \"5\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000077-VMM-000440","gid":"V-ESXI-80-000043","rid":"SV-ESXI-80-000043","stig_id":"ESXI-80-000043","cci":["CCI-000200"],"nist":["IA-5 (1) (e)"]},"code":"control 'ESXI-80-000043' do\n  title 'The ESXi host must prohibit password reuse for a minimum of five generations.'\n  desc  \"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordHistory\\\" value and verify it is set to \\\"5\\\" or greater.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\n    If the \\\"Security.PasswordHistory\\\" setting is set to a value other than 5 or greater, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordHistory\\\" value and configure it to \\\"5\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-VMM-000440'\n  tag gid: 'V-ESXI-80-000043'\n  tag rid: 'SV-ESXI-80-000043'\n  tag stig_id: 'ESXI-80-000043'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '5' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000043.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"5\"","run_time":0.5999288,"start_time":"2023-06-07T08:28:34-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000047","title":"The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).","desc":"The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.","descriptions":[{"label":"default","data":"The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.solo.enableMob\" value and verify it is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\nIf the \"Config.HostAgent.plugins.solo.enableMob\" setting is not set to \"false\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.solo.enableMob\" value and configure it to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-VMM-000480","gid":"V-ESXI-80-000047","rid":"SV-ESXI-80-000047","stig_id":"ESXI-80-000047","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'ESXI-80-000047' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).'\n  desc  'The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and verify it is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\n    If the \\\"Config.HostAgent.plugins.solo.enableMob\\\" setting is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and configure it to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000047'\n  tag rid: 'SV-ESXI-80-000047'\n  tag stig_id: 'ESXI-80-000047'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000047.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"false\"","run_time":0.5672678,"start_time":"2023-06-07T08:28:35-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000049","title":"The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.","desc":"Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.","descriptions":[{"label":"default","data":"Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain."},{"label":"rationale","data":""},{"label":"check","data":"For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nVerify the \"Directory Services Type\" is set to \"Active Directory\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication\n\nFor systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\nIf the \"Directory Services Type\" is not set to \"Active Directory\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nClick \"Join Domain...\" and enter the AD domain to join.\n\nSelect the \"Using credentials\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \"user@domain\"). Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \"domain name\" -User \"username\" -Password \"password\"\n\nIf any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000104-VMM-000500","satisfies":["SRG-OS-000109-VMM-000550","SRG-OS-000112-VMM-000560","SRG-OS-000113-VMM-000570","SRG-OS-000123-VMM-000620"],"gid":"V-ESXI-80-000049","rid":"SV-ESXI-80-000049","stig_id":"ESXI-80-000049","cci":["CCI-000764","CCI-000770","CCI-001682","CCI-001941","CCI-001942"],"nist":["AC-2 (2)","IA-2","IA-2 (5)","IA-2 (8)","IA-2 (9)"]},"code":"control 'ESXI-80-000049' do\n  title 'The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.'\n  desc  \"\n    Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\n    Note: If the Active Directory group \\\"ESX Admins\\\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Verify the \\\"Directory Services Type\\\" is set to \\\"Active Directory\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication\n\n    For systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\n    If the \\\"Directory Services Type\\\" is not set to \\\"Active Directory\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Click \\\"Join Domain...\\\" and enter the AD domain to join.\n\n    Select the \\\"Using credentials\\\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \\\"user@domain\\\"). Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \\\"domain name\\\" -User \\\"username\\\" -Password \\\"password\\\"\n\n    If any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000104-VMM-000500'\n  tag satisfies: ['SRG-OS-000109-VMM-000550', 'SRG-OS-000112-VMM-000560', 'SRG-OS-000113-VMM-000570', 'SRG-OS-000123-VMM-000620']\n  tag gid: 'V-ESXI-80-000049'\n  tag rid: 'SV-ESXI-80-000049'\n  tag stig_id: 'ESXI-80-000049'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-001682', 'CCI-001941', 'CCI-001942']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-2 (8)', 'IA-2 (9)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if input('adJoined')\n      list = ['Joined', 'Ok']\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should be_in list }\n        end\n      end\n    else\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp '' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000049.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus stdout.strip is expected to cmp == \"\"","run_time":0.0002824,"start_time":"2023-06-07T08:28:35-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"]","resource_id":""}]},{"id":"ESXI-80-000052","title":"The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.","desc":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.","descriptions":[{"label":"default","data":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\nExpected result:\n\nignorerhosts yes\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nIgnoreRhosts yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000107-VMM-000530","gid":"V-ESXI-80-000052","rid":"SV-ESXI-80-000052","stig_id":"ESXI-80-000052","cci":["CCI-000767"],"nist":["IA-2 (3)"]},"code":"control 'ESXI-80-000052' do\n  title 'The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.'\n  desc  'SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\n    Expected result:\n\n    ignorerhosts yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000107-VMM-000530'\n  tag gid: 'V-ESXI-80-000052'\n  tag rid: 'SV-ESXI-80-000052'\n  tag stig_id: 'ESXI-80-000052'\n  tag cci: ['CCI-000767']\n  tag nist: ['IA-2 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000052.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":2.37e-05,"start_time":"2023-06-07T08:28:35-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000068","title":"The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.","desc":"If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.","descriptions":[{"label":"default","data":"If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellInteractiveTimeOut\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\nIf the \"UserVars.ESXiShellInteractiveTimeOut\" setting is set to a value greater than \"900\" or \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellInteractiveTimeOut\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-VMM-000700","satisfies":["SRG-OS-000279-VMM-001010"],"gid":"V-ESXI-80-000068","rid":"SV-ESXI-80-000068","stig_id":"ESXI-80-000068","cci":["CCI-001133","CCI-002361"],"nist":["AC-12","SC-10"]},"code":"control 'ESXI-80-000068' do\n  title 'The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.'\n  desc  'If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\n    If the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" setting is set to a value greater than \\\"900\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag satisfies: ['SRG-OS-000279-VMM-001010']\n  tag gid: 'V-ESXI-80-000068'\n  tag rid: 'SV-ESXI-80-000068'\n  tag stig_id: 'ESXI-80-000068'\n  tag cci: ['CCI-001133', 'CCI-002361']\n  tag nist: ['AC-12', 'SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000068.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 900","run_time":0.793578,"start_time":"2023-06-07T08:28:35-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0","run_time":0.0004461,"start_time":"2023-06-07T08:28:36-06:00","message":"\nexpected: 0\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000085","title":"The ESXi host must implement Secure Boot enforcement.","desc":"Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.","descriptions":[{"label":"default","data":"Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining."},{"label":"rationale","data":""},{"label":"check","data":"If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\nExpected result:\n\nRequire Secure Boot: true\n\nIf \"Require Secure Boot\" is not enable, this is a finding."},{"label":"fix","data":"This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\nFrom an ESXi shell, run the following commands:\n\n# esxcli system settings encryption set --require-secure-boot=true\n# /sbin/auto-backup.sh\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.requiresecureboot = $true\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000257-VMM-000910","satisfies":["SRG-OS-000258-VMM-000920","SRG-OS-000445-VMM-001780","SRG-OS-000446-VMM-001790"],"gid":"V-ESXI-80-000085","rid":"SV-ESXI-80-000085","stig_id":"ESXI-80-000085","cci":["CCI-001494","CCI-001495","CCI-002696","CCI-002699"],"nist":["AU-9","SI-6 a","SI-6 b"]},"code":"control 'ESXI-80-000085' do\n  title 'The ESXi host must implement Secure Boot enforcement.'\n  desc  \"\n    Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\n    Expected result:\n\n    Require Secure Boot: true\n\n    If \\\"Require Secure Boot\\\" is not enable, this is a finding.\n  \"\n  desc 'fix', \"\n    This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings encryption set --require-secure-boot=true\n    # /sbin/auto-backup.sh\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.requiresecureboot = $true\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000257-VMM-000910'\n  tag satisfies: ['SRG-OS-000258-VMM-000920', 'SRG-OS-000445-VMM-001780', 'SRG-OS-000446-VMM-001790']\n  tag gid: 'V-ESXI-80-000085'\n  tag rid: 'SV-ESXI-80-000085'\n  tag stig_id: 'ESXI-80-000085'\n  tag cci: ['CCI-001494', 'CCI-001495', 'CCI-002696', 'CCI-002699']\n  tag nist: ['AU-9', 'SI-6 a', 'SI-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000085.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot stdout.strip is expected to cmp == \"true\"","run_time":0.3651025,"start_time":"2023-06-07T08:28:36-06:00","message":"\nexpected: true\n     got: false\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"]","resource_id":""}]},{"id":"ESXI-80-000094","title":"The ESXi host must enable Secure Boot.","desc":"Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.","descriptions":[{"label":"default","data":"Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\nIf Secure Boot is not \"Enabled\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\nIf the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\nOnce all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\nTo enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000278-VMM-001000","gid":"V-ESXI-80-000094","rid":"SV-ESXI-80-000094","stig_id":"ESXI-80-000094","cci":["CCI-001496"],"nist":["AU-9 (3)"]},"code":"control 'ESXI-80-000094' do\n  title 'The ESXi host must enable Secure Boot.'\n  desc  \"\n    Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \\\"turn on\\\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\n    If Secure Boot is not \\\"Enabled\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\n    If the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\n    Once all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\n    To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-VMM-001000'\n  tag gid: 'V-ESXI-80-000094'\n  tag rid: 'SV-ESXI-80-000094'\n  tag stig_id: 'ESXI-80-000094'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000094.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.35e-05,"start_time":"2023-06-07T08:28:36-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000111","title":"The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.","desc":"By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.","descriptions":[{"label":"default","data":"By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountUnlockTime\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\nIf the \"Security.AccountUnlockTime\" setting is less than 900 or 0, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountUnlockTime\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000329-VMM-001180","gid":"V-ESXI-80-000111","rid":"SV-ESXI-80-000111","stig_id":"ESXI-80-000111","cci":["CCI-002238"],"nist":["AC-7 b"]},"code":"control 'ESXI-80-000111' do\n  title 'The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.'\n  desc  'By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountUnlockTime\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\n    If the \\\"Security.AccountUnlockTime\\\" setting is less than 900 or 0, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountUnlockTime\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000329-VMM-001180'\n  tag gid: 'V-ESXI-80-000111'\n  tag rid: 'SV-ESXI-80-000111'\n  tag stig_id: 'ESXI-80-000111'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000111.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 900","run_time":0.7289838,"start_time":"2023-06-07T08:28:36-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0","run_time":0.0003639,"start_time":"2023-06-07T08:28:37-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000113","title":"The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.","desc":"In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.","descriptions":[{"label":"default","data":"In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageCapacity\" value and verify it is set to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\nIf the \"Syslog.global.auditRecord.storageCapacity\" setting is not set to 100, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageCapacity\" value and configure it to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000341-VMM-001220","gid":"V-ESXI-80-000113","rid":"SV-ESXI-80-000113","stig_id":"ESXI-80-000113","cci":["CCI-001849"],"nist":["AU-4"]},"code":"control 'ESXI-80-000113' do\n  title 'The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.'\n  desc  \"\n    In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\n    If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and verify it is set to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\n    If the \\\"Syslog.global.auditRecord.storageCapacity\\\" setting is not set to 100, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and configure it to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000113'\n  tag rid: 'SV-ESXI-80-000113'\n  tag stig_id: 'ESXI-80-000113'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '100' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000113.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"100\"","run_time":0.5391943,"start_time":"2023-06-07T08:28:37-06:00","message":"\nexpected: 100\n     got: 4\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000114","title":"The ESXi host must off-load logs via syslog.","desc":"Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.","descriptions":[{"label":"default","data":"Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logHost\" value and verify it is set to a site-specific syslog server.\n\nSyslog servers are specified in the following formats:\n\nudp://<IP or FQDN>:514\ntcp://<IP or FQDN>:514\nssl://<IP or FQDN>:1514\n\nMultiple servers can also be specified when separated by commas.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\nIf the \"Syslog.global.logHost\" setting is not set to a valid, site-specific syslog server, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logHost\" value and configure it to a site-specific syslog server.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \"enter site specific servers\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-VMM-001230","satisfies":["SRG-OS-000274-VMM-000960","SRG-OS-000275-VMM-000970","SRG-OS-000277-VMM-000990","SRG-OS-000479-VMM-001990"],"gid":"V-ESXI-80-000114","rid":"SV-ESXI-80-000114","stig_id":"ESXI-80-000114","cci":["CCI-001683","CCI-001684","CCI-001686","CCI-001851"],"nist":["AC-2 (4)","AU-4 (1)"]},"code":"control 'ESXI-80-000114' do\n  title 'The ESXi host must off-load logs via syslog.'\n  desc  \"\n    Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\n    Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logHost\\\" value and verify it is set to a site-specific syslog server.\n\n    Syslog servers are specified in the following formats:\n\n    udp://<IP or FQDN>:514\n    tcp://<IP or FQDN>:514\n    ssl://<IP or FQDN>:1514\n\n    Multiple servers can also be specified when separated by commas.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\n    If the \\\"Syslog.global.logHost\\\" setting is not set to a valid, site-specific syslog server, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logHost\\\" value and configure it to a site-specific syslog server.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \\\"enter site specific servers\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag satisfies: ['SRG-OS-000274-VMM-000960', 'SRG-OS-000275-VMM-000970', 'SRG-OS-000277-VMM-000990', 'SRG-OS-000479-VMM-001990']\n  tag gid: 'V-ESXI-80-000114'\n  tag rid: 'SV-ESXI-80-000114'\n  tag stig_id: 'ESXI-80-000114'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001686', 'CCI-001851']\n  tag nist: ['AC-2 (4)', 'AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('syslogServer')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000114.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"tcp://log.test.local:514\"","run_time":0.6258534,"start_time":"2023-06-07T08:28:38-06:00","message":"\nexpected: tcp://log.test.local:514\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000124","title":"The ESXi host must synchronize internal information system clocks to an authoritative time source.","desc":"To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.","descriptions":[{"label":"default","data":"To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nVerify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nVerify the NTP or PTP service is running and configured to start and stop with the host.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostNTPServer\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\" -or $_.Label -eq \"PTP Daemon\"}\n\nIf the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\"Policy\" of \"on\" in PowerCLI) or is stopped, this is a finding.\nIf PTP is used instead of NTP, this is NOT a finding."},{"label":"fix","data":"To configure NTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Network Time Protocol\".\n\nEnter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"NTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$NTPServers = \"ntpserver1\",\"ntpserver2\"\nGet-VMHost | Add-VMHostNTPServer $NTPServers\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Set-VMHostService -Policy On\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Start-VMHostService\n\nTo configure PTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Precision Time Protocol\".\n\nSelect the network adapter that can receive the PTP traffic.\n\nIf NTP servers are available, select \"Enable fallback\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"PTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000355-VMM-001330","satisfies":["SRG-OS-000356-VMM-001340"],"gid":"V-ESXI-80-000124","rid":"SV-ESXI-80-000124","stig_id":"ESXI-80-000124","cci":["CCI-001891","CCI-002046"],"nist":["AU-8 (1) (a)","AU-8 (1) (b)"]},"code":"control 'ESXI-80-000124' do\n  title 'The ESXi host must synchronize internal information system clocks to an authoritative time source.'\n  desc  'To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Verify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Verify the NTP or PTP service is running and configured to start and stop with the host.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostNTPServer\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\" -or $_.Label -eq \\\"PTP Daemon\\\"}\n\n    If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\\\"Policy\\\" of \\\"on\\\" in PowerCLI) or is stopped, this is a finding.\n    If PTP is used instead of NTP, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    To configure NTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Network Time Protocol\\\".\n\n    Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"NTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $NTPServers = \\\"ntpserver1\\\",\\\"ntpserver2\\\"\n    Get-VMHost | Add-VMHostNTPServer $NTPServers\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Set-VMHostService -Policy On\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Start-VMHostService\n\n    To configure PTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Precision Time Protocol\\\".\n\n    Select the network adapter that can receive the PTP traffic.\n\n    If NTP servers are available, select \\\"Enable fallback\\\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"PTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-VMM-001330'\n  tag satisfies: ['SRG-OS-000356-VMM-001340']\n  tag gid: 'V-ESXI-80-000124'\n  tag rid: 'SV-ESXI-80-000124'\n  tag stig_id: 'ESXI-80-000124'\n  tag cci: ['CCI-001891', 'CCI-002046']\n  tag nist: ['AU-8 (1) (a)', 'AU-8 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'on' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      results = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-VMHostNTPServer\").stdout\n      if !results.empty?\n        results.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n          describe \"NTP Server: #{result} for VMHost: #{vmhost}\" do\n            subject { result }\n            it { should be_in \"#{input('esxiNtpServers')}\" }\n          end\n        end\n      else\n        describe \"No NTP servers found on VMhost: #{vmhost}\" do\n          subject { results }\n          it { should_not be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000124.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"on\"","run_time":0.4038671,"start_time":"2023-06-07T08:28:38-06:00","message":"\nexpected: on\n     got: off\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"true\"","run_time":0.40368,"start_time":"2023-06-07T08:28:39-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"]","resource_id":""},{"status":"failed","code_desc":"No NTP servers found on VMhost: 10.186.25.26 is expected not to be empty","run_time":0.0281583,"start_time":"2023-06-07T08:28:39-06:00","message":"expected `\"\".empty?` to be falsey, got true","resource_class":"Object","resource_params":"[]","resource_id":"No NTP servers found on VMhost: 10.186.25.26"}]},{"id":"ESXI-80-000133","title":"The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.","desc":"Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.","descriptions":[{"label":"default","data":"Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\" view the acceptance level.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.software.acceptance.get.Invoke()\n\nIf the acceptance level is \"CommunitySupported\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\", click \"Edit\".\n\nUsing the drop-down selection, set the acceptance level as \"VMwareCertified\", \"VMwareAccepted\", or \"PartnerSupported\". The default is \"PartnerSupported\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.software.acceptance.set.CreateArgs()\n$arguments.level = \"PartnerSupported\"\n$esxcli.software.acceptance.set.Invoke($arguments)\n\nNote: \"VMwareCertified\" or \"VMwareAccepted\" may be substituted for \"PartnerSupported\", depending on local requirements. These are case sensitive."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000366-VMM-001430","satisfies":["SRG-OS-000370-VMM-001460"],"gid":"V-ESXI-80-000133","rid":"SV-ESXI-80-000133","stig_id":"ESXI-80-000133","cci":["CCI-001749","CCI-001774"],"nist":["CM-5 (3)","CM-7 (5) (b)"]},"code":"control 'ESXI-80-000133' do\n  title 'The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.'\n  desc  \"\n    Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n    1. VMwareCertified - VIBs created, tested, and signed by VMware.\n    2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n    3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n    4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\n    Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\" view the acceptance level.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.software.acceptance.get.Invoke()\n\n    If the acceptance level is \\\"CommunitySupported\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\", click \\\"Edit\\\".\n\n    Using the drop-down selection, set the acceptance level as \\\"VMwareCertified\\\", \\\"VMwareAccepted\\\", or \\\"PartnerSupported\\\". The default is \\\"PartnerSupported\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.software.acceptance.set.CreateArgs()\n    $arguments.level = \\\"PartnerSupported\\\"\n    $esxcli.software.acceptance.set.Invoke($arguments)\n\n    Note: \\\"VMwareCertified\\\" or \\\"VMwareAccepted\\\" may be substituted for \\\"PartnerSupported\\\", depending on local requirements. These are case sensitive.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-VMM-001430'\n  tag satisfies: ['SRG-OS-000370-VMM-001460']\n  tag gid: 'V-ESXI-80-000133'\n  tag rid: 'SV-ESXI-80-000133'\n  tag stig_id: 'ESXI-80-000133'\n  tag cci: ['CCI-001749', 'CCI-001774']\n  tag nist: ['CM-5 (3)', 'CM-7 (5) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['PartnerSupported', 'VMwareCertified', 'VMwareAccepted']\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000133.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke() stdout.strip is expected to be in \"PartnerSupported\", \"VMwareCertified\", and \"VMwareAccepted\"","run_time":2.9816989,"start_time":"2023-06-07T08:28:39-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"]","resource_id":""}]},{"id":"ESXI-80-000145","title":"The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.","desc":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.","descriptions":[{"label":"default","data":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."},{"label":"rationale","data":""},{"label":"check","data":"If iSCSI is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication >> Method.\n\nView the CHAP configuration and verify CHAP is required for target and host authentication.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\nIf iSCSI is used and CHAP is not set to \"required\" for both the target and host, this is a finding.\n\nIf iSCSI is used and unique CHAP secrets are not used for each host, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication.\n\nClick \"Edit...\". Set \"Authentication Method\" to \"Use bidirectional CHAP\" and enter a unique secret for each traffic flow direction.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Set-VMHostHba -ChapType Required -ChapName \"chapname\" -ChapPassword \"password\" -MutualChapEnabled $true -MutualChapName \"mutualchapname\" -MutualChapPassword \"mutualpassword\""}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000379-VMM-001550","gid":"V-ESXI-80-000145","rid":"SV-ESXI-80-000145","stig_id":"ESXI-80-000145","cci":["CCI-001967"],"nist":["IA-3 (1)"]},"code":"control 'ESXI-80-000145' do\n  title 'The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If iSCSI is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication >> Method.\n\n    View the CHAP configuration and verify CHAP is required for target and host authentication.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\n    If iSCSI is used and CHAP is not set to \\\"required\\\" for both the target and host, this is a finding.\n\n    If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication.\n\n    Click \\\"Edit...\\\". Set \\\"Authentication Method\\\" to \\\"Use bidirectional CHAP\\\" and enter a unique secret for each traffic flow direction.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Set-VMHostHba -ChapType Required -ChapName \\\"chapname\\\" -ChapPassword \\\"password\\\" -MutualChapEnabled $true -MutualChapName \\\"mutualchapname\\\" -MutualChapPassword \\\"mutualpassword\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000379-VMM-001550'\n  tag gid: 'V-ESXI-80-000145'\n  tag rid: 'SV-ESXI-80-000145'\n  tag stig_id: 'ESXI-80-000145'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(command).stdout\n\n      if iscsi_hbas.empty?\n        impact 0.0\n        describe '' do\n          skip 'There are no iSCSI HBAs present so this control is Not Applicable'\n        end\n      else\n        command1 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty MutualChapEnabled\"\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty ChapType\"\n        describe powercli_command(command1) do\n          its('stdout.strip') { should cmp 'True' }\n        end\n        describe powercli_command(command2) do\n          its('stdout.strip') { should cmp 'Required' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000145.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"","run_time":1.31e-05,"start_time":"2023-06-07T08:28:42-06:00","resource":"","skip_message":"There are no iSCSI HBAs present so this control is Not Applicable","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"ESXI-80-000160","title":"The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.","desc":"While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.","descriptions":[{"label":"default","data":"While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\nIf long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\nIf the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding."},{"label":"fix","data":"Configuration of the vMotion VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to vMotion traffic exclusively. Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-VMM-001700","gid":"V-ESXI-80-000160","rid":"SV-ESXI-80-000160","stig_id":"ESXI-80-000160","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'ESXI-80-000160' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.'\n  desc  \"\n    While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\n    The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\n    If long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\n    If the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the vMotion VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to vMotion traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000160'\n  tag rid: 'SV-ESXI-80-000160'\n  tag stig_id: 'ESXI-80-000160'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VMotionEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      if vmks.empty?\n        describe '' do\n          skip 'There are no VMKernel adapters with vMotion enabled so this control is N/A.'\n        end\n      else\n        vmks.split.each do |vmk|\n          # Check to see if vMotion and any other services are enabled on the same VMkernel adapter\n          command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should be_empty }\n          end\n          # Get vMotion Port Group Name\n          command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n          pgname = powercli_command(command3).stdout.strip\n          # Test standard port groups\n          command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" -Standard | Select-Object -ExpandProperty VlanId\"\n          stdpgs = powercli_command(command4).stdout.strip\n          unless stdpgs.empty?\n            describe 'Checking standand port group VLAN ID' do\n              subject { stdpgs }\n              it { should cmp \"#{input('vMotionVlanId')}\" }\n            end\n          end\n          describe 'SA Interview' do\n            skip 'SA also needs to confirm this VLAN is dedicated to vMotion and not routable except to other ESXi hosts.'\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000160.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"","run_time":7.4e-06,"start_time":"2023-06-07T08:28:42-06:00","resource":"","skip_message":"There are no VMKernel adapters with vMotion enabled so this control is N/A.","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"ESXI-80-000161","title":"The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.","desc":"TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi.","descriptions":[{"label":"default","data":"TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiVPsDisabledProtocols\" value and verify it is set to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\nIf the \"UserVars.ESXiVPsDisabledProtocols\" setting is set to a value other than \"sslv3,tlsv1,tlsv1.1\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiVPsDisabledProtocols\" value and configure it to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \"sslv3,tlsv1,tlsv1.1\""}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000425-VMM-001710","satisfies":["SRG-OS-000426-VMM-001720"],"gid":"V-ESXI-80-000161","rid":"SV-ESXI-80-000161","stig_id":"ESXI-80-000161","cci":["CCI-002420","CCI-002422"],"nist":["SC-8 (2)"]},"code":"control 'ESXI-80-000161' do\n  title 'The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.'\n  desc  \"\n    TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\n    Mandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\n    On interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\n    Modify TLS settings in the following order:\n    1. vCenter.\n    2. ESXi.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and verify it is set to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\n    If the \\\"UserVars.ESXiVPsDisabledProtocols\\\" setting is set to a value other than \\\"sslv3,tlsv1,tlsv1.1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and configure it to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \\\"sslv3,tlsv1,tlsv1.1\\\"\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000425-VMM-001710'\n  tag satisfies: ['SRG-OS-000426-VMM-001720']\n  tag gid: 'V-ESXI-80-000161'\n  tag rid: 'SV-ESXI-80-000161'\n  tag stig_id: 'ESXI-80-000161'\n  tag cci: ['CCI-002420', 'CCI-002422']\n  tag nist: ['SC-8 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'sslv3,tlsv1,tlsv1.1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000161.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"sslv3,tlsv1,tlsv1.1\"","run_time":0.5876098,"start_time":"2023-06-07T08:28:42-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000187","title":"The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.","desc":"Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.","descriptions":[{"label":"default","data":"Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\nExpected result:\n\nciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCiphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nNote: The ciphers line must be after the FipsMode setting."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000478-VMM-001980","gid":"V-ESXI-80-000187","rid":"SV-ESXI-80-000187","stig_id":"ESXI-80-000187","cci":["CCI-002450"],"nist":["SC-13"]},"code":"control 'ESXI-80-000187' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.'\n  desc  'Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\n    Expected result:\n\n    ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    Note: The ciphers line must be after the FipsMode setting.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000478-VMM-001980'\n  tag gid: 'V-ESXI-80-000187'\n  tag rid: 'SV-ESXI-80-000187'\n  tag stig_id: 'ESXI-80-000187'\n  tag cci: ['CCI-002450']\n  tag nist: ['SC-13']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000187.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.18e-05,"start_time":"2023-06-07T08:28:43-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000189","title":"The ESXi host DCUI.Access list must be verified.","desc":"Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.","descriptions":[{"label":"default","data":"Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"DCUI.Access\" value and verify only the root user is listed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\nIf the \"DCUI.Access\" is not restricted to \"root\", this is a finding.\n\nNote: This list is only for local user accounts and should only contain the root user."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"DCUI.Access\" value and configure it to \"root\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \"root\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000189","rid":"SV-ESXI-80-000189","stig_id":"ESXI-80-000189","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000189' do\n  title 'The ESXi host DCUI.Access list must be verified.'\n  desc  \"\n    Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\n    The \\\"DCUI.Access\\\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"DCUI.Access\\\" value and verify only the root user is listed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\n    If the \\\"DCUI.Access\\\" is not restricted to \\\"root\\\", this is a finding.\n\n    Note: This list is only for local user accounts and should only contain the root user.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"DCUI.Access\\\" value and configure it to \\\"root\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \\\"root\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000189'\n  tag rid: 'SV-ESXI-80-000189'\n  tag stig_id: 'ESXI-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'root' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000189.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"root\"","run_time":0.5751131,"start_time":"2023-06-07T08:28:43-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000191","title":"The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).","desc":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.Etc.issue\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\nIf the \"Config.Etc.issue\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.Etc.issue\" value and set it to the following:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \"<Banner text above>\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-VMM-000060","gid":"V-ESXI-80-000191","rid":"SV-ESXI-80-000191","stig_id":"ESXI-80-000191","cci":["CCI-000048"],"nist":["AC-8 a"]},"code":"control 'ESXI-80-000191' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.Etc.issue\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\n    If the \\\"Config.Etc.issue\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.Etc.issue\\\" value and set it to the following:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000191'\n  tag rid: 'SV-ESXI-80-000191'\n  tag stig_id: 'ESXI-80-000191'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000191.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match \"You are accessing a U.S. Government\"","run_time":0.0004146,"start_time":"2023-06-07T08:28:43-06:00","message":"expected \"\" to match \"You are accessing a U.S. Government\"","exception":"RSpec::Core::MultipleExceptionError","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match \"I've read & consent to terms in IS user agreem't\"","run_time":0.0002882,"start_time":"2023-06-07T08:28:43-06:00","message":"expected \"\" to match \"I've read & consent to terms in IS user agreem't\"","exception":"RSpec::Core::MultipleExceptionError","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000192","title":"The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.","desc":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\nExpected result:\n\nbanner /etc/issue\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, navigate to and open:\n\n/etc/ssh/sshd_config\n\nEnsure that the \"Banner\" line is uncommented and set to the following:\n\nBanner /etc/issue\n\nRestart SSH from the UI or run the following command:\n\n# /etc/init.d/SSH restart"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000023-VMM-000060","gid":"V-ESXI-80-000192","rid":"SV-ESXI-80-000192","stig_id":"ESXI-80-000192","cci":["CCI-000048"],"nist":["AC-8 a"]},"code":"control 'ESXI-80-000192' do\n  title 'The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\n    Expected result:\n\n    banner /etc/issue\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, navigate to and open:\n\n    /etc/ssh/sshd_config\n\n    Ensure that the \\\"Banner\\\" line is uncommented and set to the following:\n\n    Banner /etc/issue\n\n    Restart SSH from the UI or run the following command:\n\n    # /etc/init.d/SSH restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000192'\n  tag rid: 'SV-ESXI-80-000192'\n  tag stig_id: 'ESXI-80-000192'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000192.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":9.8e-06,"start_time":"2023-06-07T08:28:43-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000193","title":"The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).","desc":"The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.","descriptions":[{"label":"default","data":"The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"SSH\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"}\n\nIf the SSH service is \"Running\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"SSH\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-VMM-000480","satisfies":["SRG-OS-000297-VMM-001040","SRG-OS-000298-VMM-001050"],"gid":"V-ESXI-80-000193","rid":"SV-ESXI-80-000193","stig_id":"ESXI-80-000193","cci":["CCI-000381","CCI-002314","CCI-002322"],"nist":["AC-17 (1)","AC-17 (9)","CM-7 a"]},"code":"control 'ESXI-80-000193' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).'\n  desc  \"\n    The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\n    The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"SSH\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"}\n\n    If the SSH service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"SSH\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag satisfies: ['SRG-OS-000297-VMM-001040', 'SRG-OS-000298-VMM-001050']\n  tag gid: 'V-ESXI-80-000193'\n  tag rid: 'SV-ESXI-80-000193'\n  tag stig_id: 'ESXI-80-000193'\n  tag cci: ['CCI-000381', 'CCI-002314', 'CCI-002322']\n  tag nist: ['AC-17 (1)', 'AC-17 (9)', 'CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000193.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"","run_time":0.3652447,"start_time":"2023-06-07T08:28:43-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"","run_time":0.4405619,"start_time":"2023-06-07T08:28:44-06:00","message":"\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"]","resource_id":""}]},{"id":"ESXI-80-000194","title":"The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.","desc":"The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.","descriptions":[{"label":"default","data":"The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"ESXi Shell\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"}\n\nIf the ESXi Shell service is \"Running\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"ESXi Shell\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000095-VMM-000480","gid":"V-ESXI-80-000194","rid":"SV-ESXI-80-000194","stig_id":"ESXI-80-000194","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'ESXI-80-000194' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.'\n  desc  \"\n    The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\n    The ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"ESXi Shell\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"}\n\n    If the ESXi Shell service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"ESXi Shell\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000194'\n  tag rid: 'SV-ESXI-80-000194'\n  tag stig_id: 'ESXI-80-000194'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000194.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"","run_time":0.3740105,"start_time":"2023-06-07T08:28:44-06:00","message":"\nexpected: off\n     got: on\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"","run_time":0.3756545,"start_time":"2023-06-07T08:28:44-06:00","message":"\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"]","resource_id":""}]},{"id":"ESXI-80-000195","title":"The ESXi host must automatically stop shell services after ten minutes.","desc":"When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.","descriptions":[{"label":"default","data":"When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\nIf the \"UserVars.ESXiShellTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-VMM-000700","gid":"V-ESXI-80-000195","rid":"SV-ESXI-80-000195","stig_id":"ESXI-80-000195","cci":["CCI-001133"],"nist":["SC-10"]},"code":"control 'ESXI-80-000195' do\n  title 'The ESXi host must automatically stop shell services after ten minutes.'\n  desc  'When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\n    If the \\\"UserVars.ESXiShellTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000195'\n  tag rid: 'SV-ESXI-80-000195'\n  tag stig_id: 'ESXI-80-000195'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000195.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 600","run_time":0.599973,"start_time":"2023-06-07T08:28:45-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0","run_time":0.0003577,"start_time":"2023-06-07T08:28:45-06:00","message":"\nexpected: 0\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000196","title":"The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.","desc":"When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.","descriptions":[{"label":"default","data":"When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.DcuiTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\nIf the \"UserVars.DcuiTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.DcuiTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000163-VMM-000700","gid":"V-ESXI-80-000196","rid":"SV-ESXI-80-000196","stig_id":"ESXI-80-000196","cci":["CCI-001133"],"nist":["SC-10"]},"code":"control 'ESXI-80-000196' do\n  title 'The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.'\n  desc  'When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.DcuiTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\n    If the \\\"UserVars.DcuiTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.DcuiTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000196'\n  tag rid: 'SV-ESXI-80-000196'\n  tag stig_id: 'ESXI-80-000196'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000196.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 600","run_time":0.5613789,"start_time":"2023-06-07T08:28:45-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0","run_time":0.000369,"start_time":"2023-06-07T08:28:46-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000198","title":"The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.","desc":"The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.","descriptions":[{"label":"default","data":"The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for management traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on any Management VMkernel adapter, this is a finding.\n\nIf the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\nIf there are any other systems or devices such as VMs on the ESXi management segment, this is a finding."},{"label":"fix","data":"Configuration of the management VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the Management VMkernel and click \"Edit\". On the Port properties tab, uncheck all services except for \"Management\". Click \"OK\".\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to management traffic exclusively. Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-VMM-001700","gid":"V-ESXI-80-000198","rid":"SV-ESXI-80-000198","stig_id":"ESXI-80-000198","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'ESXI-80-000198' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.'\n  desc  \"\n    The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\n    The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for management traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on any Management VMkernel adapter, this is a finding.\n\n    If the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\n    If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the management VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the Management VMkernel and click \\\"Edit\\\". On the Port properties tab, uncheck all services except for \\\"Management\\\". Click \\\"OK\\\".\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to management traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000198'\n  tag rid: 'SV-ESXI-80-000198'\n  tag stig_id: 'ESXI-80-000198'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      vmks.split.each do |vmk|\n        # Check to see if Management and any other services are enabled on the same VMkernel adapter\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n        describe powercli_command(command2) do\n          its('stdout.strip') { should be_empty }\n        end\n        # Get Management Port Group Name\n        command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n        pgname = powercli_command(command3).stdout.strip\n        # Test standard port groups\n        command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" | Select-Object -ExpandProperty VlanId\"\n        stdpgs = powercli_command(command4).stdout.strip\n        unless stdpgs.empty?\n          describe 'Checking standand port group VLAN ID' do\n            subject { stdpgs }\n            it { should cmp \"#{input('mgtVlanId')}\" }\n          end\n        end\n        describe 'SA Interview' do\n          skip 'SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000198.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.VMotionEnabled -eq \"True\" -or $_.FaultToleranceLoggingEnabled -eq \"True\" -or $_.VsanTrafficEnabled -eq \"True\" -or $_.VSphereReplicationEnabled -eq \"True\" -or $_.VSphereReplicationNFCEnabled -eq \"True\" -or $_.VSphereBackupNFCEnabled -eq \"True\"} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty","run_time":0.5869111,"start_time":"2023-06-07T08:28:46-06:00","message":"expected `\"vmk0\".empty?` to be truthy, got false","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"]","resource_id":""},{"status":"failed","code_desc":"Checking standand port group VLAN ID is expected to cmp == \"101\"","run_time":0.0002865,"start_time":"2023-06-07T08:28:47-06:00","message":"\nexpected: 101\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"Checking standand port group VLAN ID"},{"status":"skipped","code_desc":"SA Interview","run_time":6.2e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.","resource_class":"Object","resource_params":"[]","resource_id":"SA Interview"}]},{"id":"ESXI-80-000199","title":"The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.","desc":"Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.","descriptions":[{"label":"default","data":"Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic."},{"label":"rationale","data":""},{"label":"check","data":"If IP-based storage is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for IP-based storage traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\nIf any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."},{"label":"fix","data":"Configuration of an IP-Based VMkernel will be unique to each environment.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the VMkernel used for IP-based storage and click \"Edit\". On the \"Port\" properties tab, uncheck all services. Click \"OK\".\n\nNote: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual switches.\n\nFind the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \"Edit Settings\".\n\nOn the \"Properties\" tab, change the \"VLAN ID\" to one dedicated for IP-based storage traffic. Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000423-VMM-001700","gid":"V-ESXI-80-000199","rid":"SV-ESXI-80-000199","stig_id":"ESXI-80-000199","cci":["CCI-002418"],"nist":["SC-8"]},"code":"control 'ESXI-80-000199' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.'\n  desc  \"\n    Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for IP-based storage traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\n    If any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-Based VMkernel will be unique to each environment.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the VMkernel used for IP-based storage and click \\\"Edit\\\". On the \\\"Port\\\" properties tab, uncheck all services. Click \\\"OK\\\".\n\n    Note: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual switches.\n\n    Find the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \\\"Edit Settings\\\".\n\n    On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to one dedicated for IP-based storage traffic. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000199'\n  tag rid: 'SV-ESXI-80-000199'\n  tag stig_id: 'ESXI-80-000199'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      # Check for iSCSI HBAs\n      commandiscsihbas = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(commandiscsihbas).stdout\n\n      # Check for vSAN VMkernels\n      commandvsanvmks = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VsanTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vsanvmks = powercli_command(commandvsanvmks).stdout\n\n      # Check for NFS Datastores\n      commandnfs = \"Get-VMHost -Name #{vmhost} | Get-Datastore | Where {$_.Type -eq 'NFS'} | Select-Object -ExpandProperty Name\"\n      nfsds = powercli_command(commandnfs).stdout\n\n      if iscsi_hbas.empty? && vsanvmks.empty? && nfsds.empty?\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not using IP-based storage, so this control is N/A.\"\n        end\n      else\n        # Do any iSCSI VMKs have any services enabled?\n        commandivmks = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.iscsi.networkportal.list.Invoke() | Select-Object -ExpandProperty Vmknic\"\n        ivmks = powercli_command(commandivmks).stdout\n        ivmks.split.each do |ivmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{ivmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Does the vSAN VMK have any other services enabled?\n        vsanvmks.split.each do |vmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Do any VMKs used for NFS storage have any services enabled?\n        unless nfsds.empty?\n          describe '' do\n            skip \"The ESXi host #{vmhost} has NFS datastores and requires manual validation.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000199.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.ManagementTrafficEnabled -eq \"True\" -or $_.FaultToleranceLoggingEnabled -eq \"True\" -or $_.VMotionEnabled -eq \"True\" -or $_.VSphereReplicationEnabled -eq \"True\" -or $_.VSphereReplicationNFCEnabled -eq \"True\" -or $_.VSphereBackupNFCEnabled -eq \"True\"} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty","run_time":0.5757657,"start_time":"2023-06-07T08:28:47-06:00","message":"expected `\"vmk0\".empty?` to be truthy, got false","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"]","resource_id":""}]},{"id":"ESXI-80-000201","title":"The ESXi host lockdown mode exception users list must be verified.","desc":"While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.","descriptions":[{"label":"default","data":"While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", review the Exception Users list.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n$vmhost = Get-VMHost | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.QueryLockdownExceptions()\n\nIf the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\nNote: The Exception Users list is empty by default and should remain that way except under site-specific circumstances."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", click \"Edit\" and remove unnecessary users from the Exception Users list."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000201","rid":"SV-ESXI-80-000201","stig_id":"ESXI-80-000201","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000201' do\n  title 'The ESXi host lockdown mode exception users list must be verified.'\n  desc  \"\n    While a host is in lockdown mode (strict or normal), only users on the \\\"Exception Users\\\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\n    The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", review the Exception Users list.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n    $vmhost = Get-VMHost | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.QueryLockdownExceptions()\n\n    If the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\n    Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", click \\\"Edit\\\" and remove unnecessary users from the Exception Users list.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000201'\n  tag rid: 'SV-ESXI-80-000201'\n  tag stig_id: 'ESXI-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost} | Get-View; (Get-View $vmhost.ConfigManager.HostAccessManager).QueryLockdownExceptions()\"\n      results = powercli_command(command).stdout\n      if !results.empty?\n        results.split.each do |exceptionUser|\n          describe \"Exception user: #{exceptionUser} on host: #{vmhost}\" do\n            subject { exceptionUser }\n            it { should be_in \"#{input('exceptionUsers')}\" }\n          end\n        end\n      else\n        describe \"Exception users for host: #{vmhost}\" do\n          subject { results }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000201.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Exception users for host: 10.186.25.26 is expected to be empty","run_time":0.0102396,"start_time":"2023-06-07T08:28:47-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Exception users for host: 10.186.25.26"}]},{"id":"ESXI-80-000202","title":"The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.","desc":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.","descriptions":[{"label":"default","data":"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\nExpected result:\n\nhostbasedauthentication no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nHostbasedAuthentication no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000202","rid":"SV-ESXI-80-000202","stig_id":"ESXI-80-000202","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000202' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.'\n  desc  \"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \\\".rhosts\\\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\n    Expected result:\n\n    hostbasedauthentication no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    HostbasedAuthentication no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000202'\n  tag rid: 'SV-ESXI-80-000202'\n  tag stig_id: 'ESXI-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000202.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":5.0e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000203","title":"The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.","desc":"Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.","descriptions":[{"label":"default","data":"Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\nExpected result:\n\npermitemptypasswords no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitEmptyPasswords no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000203","rid":"SV-ESXI-80-000203","stig_id":"ESXI-80-000203","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000203' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.'\n  desc  'Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\n    Expected result:\n\n    permitemptypasswords no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000203'\n  tag rid: 'SV-ESXI-80-000203'\n  tag stig_id: 'ESXI-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000203.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":3.4e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000204","title":"The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.","desc":"SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.","descriptions":[{"label":"default","data":"SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\nExpected result:\n\npermituserenvironment no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitUserEnvironment no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000204","rid":"SV-ESXI-80-000204","stig_id":"ESXI-80-000204","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000204' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.'\n  desc  'SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\n    Expected result:\n\n    permituserenvironment no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitUserEnvironment no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000204'\n  tag rid: 'SV-ESXI-80-000204'\n  tag stig_id: 'ESXI-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000204.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":3.5e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000205","title":"The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.","desc":"If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.","descriptions":[{"label":"default","data":"If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\nExpected result:\n\nstrictmodes yes\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nStrictModes yes"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000205","rid":"SV-ESXI-80-000205","stig_id":"ESXI-80-000205","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000205' do\n  title 'The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.'\n  desc  'If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\n    Expected result:\n\n    strictmodes yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    StrictModes yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000205'\n  tag rid: 'SV-ESXI-80-000205'\n  tag stig_id: 'ESXI-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000205.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":3.8e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000206","title":"The ESXi host Secure Shell (SSH) daemon must not allow compression.","desc":"If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.","descriptions":[{"label":"default","data":"If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\nExpected result:\n\ncompression no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCompression no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000206","rid":"SV-ESXI-80-000206","stig_id":"ESXI-80-000206","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000206' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow compression.'\n  desc  'If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\n    Expected result:\n\n    compression no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Compression no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000206'\n  tag rid: 'SV-ESXI-80-000206'\n  tag stig_id: 'ESXI-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000206.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":3.7e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000207","title":"The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.","desc":"SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.","descriptions":[{"label":"default","data":"SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\nExpected result:\n\ngatewayports no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nGatewayPorts no"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000207","rid":"SV-ESXI-80-000207","stig_id":"ESXI-80-000207","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000207' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.'\n  desc  'SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\n    Expected result:\n\n    gatewayports no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    GatewayPorts no\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000207'\n  tag rid: 'SV-ESXI-80-000207'\n  tag stig_id: 'ESXI-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000207.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":2.9e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000208","title":"The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.","desc":"X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.","descriptions":[{"label":"default","data":"X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\nExpected result:\n\nx11forwarding no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nX11Forwarding no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000208","rid":"SV-ESXI-80-000208","stig_id":"ESXI-80-000208","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000208' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.'\n  desc  'X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\n    Expected result:\n\n    x11forwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    X11Forwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000208'\n  tag rid: 'SV-ESXI-80-000208'\n  tag stig_id: 'ESXI-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000208.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":2.3e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000209","title":"The ESXi host Secure Shell (SSH) daemon must not permit tunnels.","desc":"OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).","descriptions":[{"label":"default","data":"OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs)."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\nExpected result:\n\npermittunnel no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitTunnel no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000209","rid":"SV-ESXI-80-000209","stig_id":"ESXI-80-000209","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000209' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit tunnels.'\n  desc  'OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\n    Expected result:\n\n    permittunnel no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitTunnel no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000209'\n  tag rid: 'SV-ESXI-80-000209'\n  tag stig_id: 'ESXI-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000209.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":2.3e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000210","title":"The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.","desc":"Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.","descriptions":[{"label":"default","data":"Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\nExpected result:\n\nclientalivecountmax 3\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveCountMax 3"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000210","rid":"SV-ESXI-80-000210","stig_id":"ESXI-80-000210","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000210' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.'\n  desc  'Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\n    Expected result:\n\n    clientalivecountmax 3\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveCountMax 3\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000210'\n  tag rid: 'SV-ESXI-80-000210'\n  tag stig_id: 'ESXI-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000210.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":2.3e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000211","title":"The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.","desc":"Automatically logging out idle users guards against compromises via hijacked administrative sessions.","descriptions":[{"label":"default","data":"Automatically logging out idle users guards against compromises via hijacked administrative sessions."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\nExpected result:\n\nclientaliveinterval 200\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveInterval 200"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000211","rid":"SV-ESXI-80-000211","stig_id":"ESXI-80-000211","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000211' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.'\n  desc  'Automatically logging out idle users guards against compromises via hijacked administrative sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\n    Expected result:\n\n    clientaliveinterval 200\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveInterval 200\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000211'\n  tag rid: 'SV-ESXI-80-000211'\n  tag stig_id: 'ESXI-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000211.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":2.4e-06,"start_time":"2023-06-07T08:28:47-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000212","title":"The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.","desc":"If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.","descriptions":[{"label":"default","data":"If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli system snmp get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostSnmp | Select *\n\nIf SNMP is not in use and is enabled, this is a finding.\n\nIf SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\nNote: SNMP v3 targets can only be viewed and configured via the \"esxcli\" command."},{"label":"fix","data":"To disable SNMP from an ESXi shell, run the following command:\n\n# esxcli system snmp set -e no\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi Host:\n\nGet-VMHostSnmp | Set-VMHostSnmp -Enabled $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000212","rid":"SV-ESXI-80-000212","stig_id":"ESXI-80-000212","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000212' do\n  title 'The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.'\n  desc  'If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system snmp get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostSnmp | Select *\n\n    If SNMP is not in use and is enabled, this is a finding.\n\n    If SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\n    Note: SNMP v3 targets can only be viewed and configured via the \\\"esxcli\\\" command.\n  \"\n  desc 'fix', \"\n    To disable SNMP from an ESXi shell, run the following command:\n\n    # esxcli system snmp set -e no\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi Host:\n\n    Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000212'\n  tag rid: 'SV-ESXI-80-000212'\n  tag stig_id: 'ESXI-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if \"#{input('snmpEnabled')}\" == 'false'\n      vmhosts.each do |vmhost|\n        command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'false' }\n        end\n      end\n    else\n      describe 'SNMP Enabled' do\n        skip 'Manually verify SNMP v3 is configured correctly and v2 is not used.'\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000212.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable stdout.strip is expected to cmp == \"false\"","run_time":0.4428232,"start_time":"2023-06-07T08:28:47-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"]","resource_id":""}]},{"id":"ESXI-80-000213","title":"The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.","desc":"Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).","descriptions":[{"label":"default","data":"Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs)."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.ShareForceSalting\" value and verify it is set to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\nIf the \"Mem.ShareForceSalting\" setting is not set to 2, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.ShareForceSalting\" value and set it to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000213","rid":"SV-ESXI-80-000213","stig_id":"ESXI-80-000213","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000213' do\n  title 'The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.'\n  desc  \"\n    Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\n    Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.ShareForceSalting\\\" value and verify it is set to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\n    If the \\\"Mem.ShareForceSalting\\\" setting is not set to 2, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.ShareForceSalting\\\" value and set it to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000213'\n  tag rid: 'SV-ESXI-80-000213'\n  tag stig_id: 'ESXI-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '2' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000213.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"2\"","run_time":0.5384431,"start_time":"2023-06-07T08:28:48-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000214","title":"The ESXi host must configure the firewall to block network traffic by default.","desc":"In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.","descriptions":[{"label":"default","data":"In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli network firewall get\n\nIf the \"Default Action\" does not equal \"DROP\", this is a finding.\nIf \"Enabled\" does not equal \"true\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy\n\nIf the Incoming or Outgoing policies are \"True\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# esxcli network firewall set --default-action=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000214","rid":"SV-ESXI-80-000214","stig_id":"ESXI-80-000214","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000214' do\n  title 'The ESXi host must configure the firewall to block network traffic by default.'\n  desc  'In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall get\n\n    If the \\\"Default Action\\\" does not equal \\\"DROP\\\", this is a finding.\n    If \\\"Enabled\\\" does not equal \\\"true\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy\n\n    If the Incoming or Outgoing policies are \\\"True\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall set --default-action=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000214'\n  tag rid: 'SV-ESXI-80-000214'\n  tag stig_id: 'ESXI-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostFirewallDefaultPolicy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000214.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostFirewallDefaultPolicy stdout.strip is expected not to match \"True\"","run_time":0.6888148,"start_time":"2023-06-07T08:28:48-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostFirewallDefaultPolicy\"]","resource_id":""}]},{"id":"ESXI-80-000215","title":"The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.","desc":"BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.","descriptions":[{"label":"default","data":"BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.BlockGuestBPDU\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\nIf the \"Net.BlockGuestBPDU\" setting is not set to \"1\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.BlockGuestBPDU\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000215","rid":"SV-ESXI-80-000215","stig_id":"ESXI-80-000215","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000215' do\n  title 'The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.'\n  desc  \"\n    BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\n    If a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\n    The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.BlockGuestBPDU\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\n    If the \\\"Net.BlockGuestBPDU\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.BlockGuestBPDU\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000215'\n  tag rid: 'SV-ESXI-80-000215'\n  tag stig_id: 'ESXI-80-000215'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000215.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"1\"","run_time":0.594187,"start_time":"2023-06-07T08:28:49-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000216","title":"The ESXi host must configure virtual switch security policies to reject forged transmits.","desc":"If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.","descriptions":[{"label":"default","data":"If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."},{"label":"rationale","data":""},{"label":"check","data":"Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Forged transmits\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Forged Transmits\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Forged transmits\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Forged transmits\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000216","rid":"SV-ESXI-80-000216","stig_id":"ESXI-80-000216","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000216' do\n  title 'The ESXi host must configure virtual switch security policies to reject forged transmits.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This means the virtual switch does not compare the source and effective MAC addresses.\n\n    To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Forged transmits\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Forged Transmits\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000216'\n  tag rid: 'SV-ESXI-80-000216'\n  tag stig_id: 'ESXI-80-000216'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000216.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match \"True\"","run_time":0.8077617,"start_time":"2023-06-07T08:28:49-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match \"True\"","run_time":0.7788918,"start_time":"2023-06-07T08:28:50-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""}]},{"id":"ESXI-80-000217","title":"The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.","desc":"If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.","descriptions":[{"label":"default","data":"If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."},{"label":"rationale","data":""},{"label":"check","data":"This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"MAC Address Changes\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"MAC Address Changes\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"MAC Address Changes\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"MAC Address Changes\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true"}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000217","rid":"SV-ESXI-80-000217","stig_id":"ESXI-80-000217","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000217' do\n  title 'The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \\\"Reject MAC Changes\\\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"MAC Address Changes\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"MAC Address Changes\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000217'\n  tag rid: 'SV-ESXI-80-000217'\n  tag stig_id: 'ESXI-80-000217'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000217.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match \"True\"","run_time":0.7277847,"start_time":"2023-06-07T08:28:51-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match \"True\"","run_time":0.7991175,"start_time":"2023-06-07T08:28:52-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""}]},{"id":"ESXI-80-000218","title":"The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.","desc":"When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.","descriptions":[{"label":"default","data":"When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."},{"label":"rationale","data":""},{"label":"check","data":"This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Promiscuous Mode\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Promiscuous Mode\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Promiscuous Mode\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Promiscuous Mode\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000218","rid":"SV-ESXI-80-000218","stig_id":"ESXI-80-000218","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000218' do\n  title 'The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Promiscuous Mode\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000218'\n  tag rid: 'SV-ESXI-80-000218'\n  tag stig_id: 'ESXI-80-000218'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000218.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match \"True\"","run_time":0.7038049,"start_time":"2023-06-07T08:28:53-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match \"True\"","run_time":0.7996008,"start_time":"2023-06-07T08:28:53-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""}]},{"id":"ESXI-80-000219","title":"The ESXi host must restrict use of the dvFilter network application programming interface (API).","desc":"If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.","descriptions":[{"label":"default","data":"If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.DVFilterBindIpAddress\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\nIf the \"Net.DVFilterBindIpAddress\" setting is not blank and security appliances are not in use on the host, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.DVFilterBindIpAddress\" value and remove any incorrect addresses.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \"\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000219","rid":"SV-ESXI-80-000219","stig_id":"ESXI-80-000219","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000219' do\n  title 'The ESXi host must restrict use of the dvFilter network application programming interface (API).'\n  desc  \"\n    If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\n    If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\n    If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.DVFilterBindIpAddress\\\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\n    If the \\\"Net.DVFilterBindIpAddress\\\" setting is not blank and security appliances are not in use on the host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.DVFilterBindIpAddress\\\" value and remove any incorrect addresses.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \\\"\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000219'\n  tag rid: 'SV-ESXI-80-000219'\n  tag stig_id: 'ESXI-80-000219'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000219.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"\"","run_time":0.5625754,"start_time":"2023-06-07T08:28:54-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000220","title":"The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.","desc":"When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.","descriptions":[{"label":"default","data":"When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN."},{"label":"rationale","data":""},{"label":"check","data":"This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each standard switch, review the \"VLAN ID\" on each port group and verify it is not set to \"4095\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup | Select Name, VLanID\n\nIf any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\nClick \"Edit Settings\". On the \"Properties\" tab, change the \"VLAN ID\" to an appropriate VLAN ID. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup -Name \"portgroup name\" | Set-VirtualPortGroup -VLanId \"New VLAN#\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000220","rid":"SV-ESXI-80-000220","stig_id":"ESXI-80-000220","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000220' do\n  title 'The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.'\n  desc  \"\n    When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\n    VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each standard switch, review the \\\"VLAN ID\\\" on each port group and verify it is not set to \\\"4095\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup | Select Name, VLanID\n\n    If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\n    Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to an appropriate VLAN ID. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup -Name \\\"portgroup name\\\" | Set-VirtualPortGroup -VLanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000220'\n  tag rid: 'SV-ESXI-80-000220'\n  tag stig_id: 'ESXI-80-000220'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match '4095' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000220.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId stdout.strip is expected not to match \"4095\"","run_time":0.6204252,"start_time":"2023-06-07T08:28:55-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"]","resource_id":""}]},{"id":"ESXI-80-000221","title":"The ESXi host must have all security patches and updates installed.","desc":"Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.","descriptions":[{"label":"default","data":"Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities."},{"label":"rationale","data":""},{"label":"check","data":"Determine the current version and build:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Summary. Note the version string next to \"Hypervisor:\".\n\nor\n\nFrom a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n# vmware -v\n\nIf the ESXi host does not have the latest patches, this is a finding.\n\nIf the ESXi host is not on a supported release, this is a finding.\n\nThe latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\nVMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\nGo to: https://www.vmware.com/support/policies/security_response"},{"label":"fix","data":"ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\nManual patching when image profiles are not used:\n\n- Download the latest \"offline bundle\" .zip update from vmware.com. Verify the hash.\n\n- Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n- Put the ESXi host into maintenance mode.\n\n- From an ESXi shell, run the following command:\n\nesxcli software vib update -d <path to offline patch bundle.zip>\n\nManual patching when image profiles are used:\n\nFrom an ESXi shell, run the following command:\n\n# esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nNote the available profiles. The organization will usually want the one ending in \"-standard\".\n\n# esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nThere will be little output during the update. Once complete, reboot the host for changes to take effect."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000221","rid":"SV-ESXI-80-000221","stig_id":"ESXI-80-000221","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000221' do\n  title 'The ESXi host must have all security patches and updates installed.'\n  desc  'Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Determine the current version and build:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Summary. Note the version string next to \\\"Hypervisor:\\\".\n\n    or\n\n    From a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n    # vmware -v\n\n    If the ESXi host does not have the latest patches, this is a finding.\n\n    If the ESXi host is not on a supported release, this is a finding.\n\n    The latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\n    VMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\n    Go to: https://www.vmware.com/support/policies/security_response\n  \"\n  desc 'fix', \"\n    ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\n    Manual patching when image profiles are not used:\n\n    - Download the latest \\\"offline bundle\\\" .zip update from vmware.com. Verify the hash.\n\n    - Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n    - Put the ESXi host into maintenance mode.\n\n    - From an ESXi shell, run the following command:\n\n    esxcli software vib update -d <path to offline patch bundle.zip>\n\n    Manual patching when image profiles are used:\n\n    From an ESXi shell, run the following command:\n\n    # esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    Note the available profiles. The organization will usually want the one ending in \\\"-standard\\\".\n\n    # esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    There will be little output during the update. Once complete, reboot the host for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000221'\n  tag rid: 'SV-ESXI-80-000221'\n  tag stig_id: 'ESXI-80-000221'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).ExtensionData.Config.Product.build\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('esxiBuildNumber')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000221.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VMHost -Name 10.186.25.26).ExtensionData.Config.Product.build stdout.strip is expected to cmp == \"21813344\"","run_time":1.4606667,"start_time":"2023-06-07T08:28:55-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VMHost -Name 10.186.25.26).ExtensionData.Config.Product.build\"]","resource_id":""}]},{"id":"ESXI-80-000222","title":"The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.","desc":"Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.","descriptions":[{"label":"default","data":"Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressShellWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\nIf the \"UserVars.SuppressShellWarning\" setting is not set to \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressShellWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000222","rid":"SV-ESXI-80-000222","stig_id":"ESXI-80-000222","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000222' do\n  title 'The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.'\n  desc  'Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressShellWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\n    If the \\\"UserVars.SuppressShellWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressShellWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000222'\n  tag rid: 'SV-ESXI-80-000222'\n  tag stig_id: 'ESXI-80-000222'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000222.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"0\"","run_time":0.5773797,"start_time":"2023-06-07T08:28:57-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000223","title":"The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.","desc":"The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.","descriptions":[{"label":"default","data":"The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressHyperthreadWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\nIf the \"UserVars.SuppressHyperthreadWarning\" setting is not set to \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressHyperthreadWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000223","rid":"SV-ESXI-80-000223","stig_id":"ESXI-80-000223","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000223' do\n  title 'The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.'\n  desc  'The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\n    If the \\\"UserVars.SuppressHyperthreadWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000223'\n  tag rid: 'SV-ESXI-80-000223'\n  tag stig_id: 'ESXI-80-000223'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000223.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"0\"","run_time":0.7549351,"start_time":"2023-06-07T08:28:57-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000224","title":"The ESXi host must verify certificates for SSL syslog endpoints.","desc":"When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.","descriptions":[{"label":"default","data":"When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server."},{"label":"rationale","data":""},{"label":"check","data":"If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logCheckSSLCerts\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\nIf the \"Syslog.global.logCheckSSLCerts\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\nFrom the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logCheckSSLCerts\" value and configure it to \"true\".\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n# <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \"true\"\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n$arguments.filename = <path/to/cacert>\n$esxcli.system.security.certificatestore.add.Invoke($arguments)"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000224","rid":"SV-ESXI-80-000224","stig_id":"ESXI-80-000224","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000224' do\n  title 'The ESXi host must verify certificates for SSL syslog endpoints.'\n  desc  'When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\n    If the \\\"Syslog.global.logCheckSSLCerts\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and configure it to \\\"true\\\".\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n    # <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \\\"true\\\"\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n    $arguments.filename = <path/to/cacert>\n    $esxcli.system.security.certificatestore.add.Invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000224'\n  tag rid: 'SV-ESXI-80-000224'\n  tag stig_id: 'ESXI-80-000224'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Where {$_.Value -match \\\"ssl\\\"} | Select-Object -ExpandProperty Value\"\n      syslogservers = powercli_command(command).stdout\n\n      if !syslogservers.empty?\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'true' }\n        end\n      else\n        impact 0.0\n        describe '' do\n          skip 'No SSL syslog targets found, this check is not applicable.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000224.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"","run_time":1.11e-05,"start_time":"2023-06-07T08:28:58-06:00","resource":"","skip_message":"No SSL syslog targets found, this check is not applicable.","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"ESXI-80-000225","title":"The ESXi host must enable volatile key destruction.","desc":"By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.","descriptions":[{"label":"default","data":"By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.MemEagerZero\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\nIf the \"Mem.MemEagerZero\" setting is not set to \"1\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.MemEagerZero\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000225","rid":"SV-ESXI-80-000225","stig_id":"ESXI-80-000225","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000225' do\n  title 'The ESXi host must enable volatile key destruction.'\n  desc  \"\n    By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\n    The NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\n    To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.MemEagerZero\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\n    If the \\\"Mem.MemEagerZero\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.MemEagerZero\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000225'\n  tag rid: 'SV-ESXI-80-000225'\n  tag stig_id: 'ESXI-80-000225'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000225.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"1\"","run_time":0.5971065,"start_time":"2023-06-07T08:28:58-06:00","message":"\nexpected: 1\n     got: 0\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000226","title":"The ESXi host must configure a session timeout for the vSphere API.","desc":"The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.","descriptions":[{"label":"default","data":"The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and verify it is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\nIf the \"Config.HostAgent.vmacore.soap.sessionTimeout\" setting is not set to \"30\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and configure it to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000226","rid":"SV-ESXI-80-000226","stig_id":"ESXI-80-000226","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000226' do\n  title 'The ESXi host must configure a session timeout for the vSphere API.'\n  desc  \"\n    The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\n    One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and verify it is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\n    If the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" setting is not set to \\\"30\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and configure it to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000226'\n  tag rid: 'SV-ESXI-80-000226'\n  tag stig_id: 'ESXI-80-000226'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '30' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000226.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"30\"","run_time":0.5987083,"start_time":"2023-06-07T08:28:59-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000227","title":"The ESXi host must be configured with an appropriate maximum password age.","desc":"The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.","descriptions":[{"label":"default","data":"The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordMaxDays\" value and verify it is set to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\nIf the \"Security.PasswordMaxDays\" setting is not set to \"90\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordMaxDays\" value and configure it to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000227","rid":"SV-ESXI-80-000227","stig_id":"ESXI-80-000227","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000227' do\n  title 'The ESXi host must be configured with an appropriate maximum password age.'\n  desc  'The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordMaxDays\\\" value and verify it is set to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\n    If the \\\"Security.PasswordMaxDays\\\" setting is not set to \\\"90\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordMaxDays\\\" value and configure it to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000227'\n  tag rid: 'SV-ESXI-80-000227'\n  tag stig_id: 'ESXI-80-000227'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '90' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000227.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"90\"","run_time":0.5963298,"start_time":"2023-06-07T08:28:59-06:00","message":"\nexpected: 90\n     got: 99999\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000228","title":"The ESXi Common Information Model (CIM) service must be disabled.","desc":"The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.","descriptions":[{"label":"default","data":"The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"CIM Server\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"}\n\nIf the \"CIM Server\" service does not have a \"Policy\" of \"off\" or is running, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"CIM Server\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000228","rid":"SV-ESXI-80-000228","stig_id":"ESXI-80-000228","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000228' do\n  title 'The ESXi Common Information Model (CIM) service must be disabled.'\n  desc  \"\n    The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\n    To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"CIM Server\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"}\n\n    If the \\\"CIM Server\\\" service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"CIM Server\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000228'\n  tag rid: 'SV-ESXI-80-000228'\n  tag stig_id: 'ESXI-80-000228'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000228.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"","run_time":0.3844118,"start_time":"2023-06-07T08:29:00-06:00","message":"\nexpected: off\n     got: on\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"","run_time":0.3953809,"start_time":"2023-06-07T08:29:00-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"]","resource_id":""}]},{"id":"ESXI-80-000229","title":"The ESXi host must use DOD-approved certificates.","desc":"The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.","descriptions":[{"label":"default","data":"The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Certificate.\n\nIf the issuer is not a DOD-approved certificate authority, this is a finding.\n\nIf the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding."},{"label":"fix","data":"Join the ESXi host to vCenter before replacing the certificate.\n\nObtain a DOD-issued certificate and private key for the host following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\n\nKey format: PEM\nVMware supports PKCS8 and PKCS1 (RSA keys)\nx509 version 3\n\nSubjectAltName must contain DNS Name=<machine_FQDN>\n\nCRT (Base-64) format\n\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nStart time of one day before the current time\n\nCN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\nFrom the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\nSelect the \"vpxd.certmgmt.mode\" value and ensure it is set to \"custom\".\n\nPut the host into maintenance mode.\n\nTemporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n# mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n# mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\nCopy the new certificate and key to \"/etc/vmware/ssl/\" and rename them to \"rui.crt\" and \"rui.key\" respectively.\n\nRestart management agents to implement the new certificate:\n\n# services.sh restart"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000229","rid":"SV-ESXI-80-000229","stig_id":"ESXI-80-000229","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000229' do\n  title 'The ESXi host must use DOD-approved certificates.'\n  desc  \"\n    The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\n    The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Certificate.\n\n    If the issuer is not a DOD-approved certificate authority, this is a finding.\n\n    If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.\n  \"\n  desc 'fix', \"\n    Join the ESXi host to vCenter before replacing the certificate.\n\n    Obtain a DOD-issued certificate and private key for the host following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n\n    Key format: PEM\n    VMware supports PKCS8 and PKCS1 (RSA keys)\n    x509 version 3\n\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n\n    CRT (Base-64) format\n\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Start time of one day before the current time\n\n    CN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\n    From the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\n    Select the \\\"vpxd.certmgmt.mode\\\" value and ensure it is set to \\\"custom\\\".\n\n    Put the host into maintenance mode.\n\n    Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n    # mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n    # mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\n    Copy the new certificate and key to \\\"/etc/vmware/ssl/\\\" and rename them to \\\"rui.crt\\\" and \\\"rui.key\\\" respectively.\n\n    Restart management agents to implement the new certificate:\n\n    # services.sh restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000229'\n  tag rid: 'SV-ESXI-80-000229'\n  tag stig_id: 'ESXI-80-000229'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      describe ssl_certificate(host: \"#{vmhost}\", port: 443) do\n        its('issuer_organization') { should cmp 'U.S. Government' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000229.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"ssl_certificate for '10.186.25.26' issuer_organization is expected to cmp == \"U.S. Government\"","run_time":1.5361507,"start_time":"2023-06-07T08:29:01-06:00","message":"\nexpected: U.S. Government\n     got: sc2-10-186-30-81.eng.vmware.com\n\n(compared using `cmp` matcher)\n","resource_class":"ssl_certificate","resource_params":"[{:host=>\"10.186.25.26\", :port=>443}]","resource_id":""}]},{"id":"ESXI-80-000230","title":"The ESXi host Secure Shell (SSH) daemon must disable port forwarding.","desc":"While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.","descriptions":[{"label":"default","data":"While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\nExpected result:\n\nallowtcpforwarding no\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nAllowTcpForwarding no"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000230","rid":"SV-ESXI-80-000230","stig_id":"ESXI-80-000230","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000230' do\n  title 'The ESXi host Secure Shell (SSH) daemon must disable port forwarding.'\n  desc  'While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\n    Expected result:\n\n    allowtcpforwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    AllowTcpForwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000230'\n  tag rid: 'SV-ESXI-80-000230'\n  tag stig_id: 'ESXI-80-000230'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000230.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.44e-05,"start_time":"2023-06-07T08:29:02-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000231","title":"The ESXi host OpenSLP service must be disabled.","desc":"OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.","descriptions":[{"label":"default","data":"OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"slpd\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"}\n\nIf the slpd service does not have a \"Policy\" of \"off\" or is running, this is a finding."},{"label":"fix","data":"From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"slpd\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Stop-VMHostService"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000231","rid":"SV-ESXI-80-000231","stig_id":"ESXI-80-000231","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000231' do\n  title 'The ESXi host OpenSLP service must be disabled.'\n  desc  \"\n    OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\n    Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"slpd\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"}\n\n    If the slpd service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"slpd\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000231'\n  tag rid: 'SV-ESXI-80-000231'\n  tag stig_id: 'ESXI-80-000231'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000231.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"","run_time":0.3768606,"start_time":"2023-06-07T08:29:02-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"","run_time":0.3629255,"start_time":"2023-06-07T08:29:03-06:00","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"]","resource_id":""}]},{"id":"ESXI-80-000232","title":"The ESXi host must enable audit logging.","desc":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.","descriptions":[{"label":"default","data":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\nIf the \"Syslog.global.auditRecord.storageEnable\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \"true\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000232","rid":"SV-ESXI-80-000232","stig_id":"ESXI-80-000232","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000232' do\n  title 'The ESXi host must enable audit logging.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\n    If the \\\"Syslog.global.auditRecord.storageEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000232'\n  tag rid: 'SV-ESXI-80-000232'\n  tag stig_id: 'ESXI-80-000232'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000232.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"","run_time":0.4643674,"start_time":"2023-06-07T08:29:03-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000233","title":"The ESXi host must off-load audit records via syslog.","desc":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.","descriptions":[{"label":"default","data":"ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.remoteEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\nIf the \"Syslog.global.auditRecord.remoteEnable\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.remoteEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \"true\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000342-VMM-001230","gid":"V-ESXI-80-000233","rid":"SV-ESXI-80-000233","stig_id":"ESXI-80-000233","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'ESXI-80-000233' do\n  title 'The ESXi host must off-load audit records via syslog.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\n    If the \\\"Syslog.global.auditRecord.remoteEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag gid: 'V-ESXI-80-000233'\n  tag rid: 'SV-ESXI-80-000233'\n  tag stig_id: 'ESXI-80-000233'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000233.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"","run_time":0.5971407,"start_time":"2023-06-07T08:29:03-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000234","title":"The ESXi host must enable strict x509 verification for SSL syslog endpoints.","desc":"When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.","descriptions":[{"label":"default","data":"When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations."},{"label":"rationale","data":""},{"label":"check","data":"If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.certificate.strictX509Compliance\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\nIf the \"Syslog.global.certificate.strictX509Compliance\" setting is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.certificate.strictX509Compliance\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \"true\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000234","rid":"SV-ESXI-80-000234","stig_id":"ESXI-80-000234","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000234' do\n  title 'The ESXi host must enable strict x509 verification for SSL syslog endpoints.'\n  desc  \"\n    When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \\\"x509-strict\\\" option performs additional validity checks on CA root certificates during verification.\n\n    These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\n    If the \\\"Syslog.global.certificate.strictX509Compliance\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000234'\n  tag rid: 'SV-ESXI-80-000234'\n  tag stig_id: 'ESXI-80-000234'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000234.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"","run_time":0.526914,"start_time":"2023-06-07T08:29:04-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000235","title":"The ESXi host must forward audit records containing information to establish what type of events occurred.","desc":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.","descriptions":[{"label":"default","data":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logLevel\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\nIf the \"Syslog.global.logLevel\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logLevel\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \"info\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000037-VMM-000150","gid":"V-ESXI-80-000235","rid":"SV-ESXI-80-000235","stig_id":"ESXI-80-000235","cci":["CCI-000130"],"nist":["AU-3"]},"code":"control 'ESXI-80-000235' do\n  title 'The ESXi host must forward audit records containing information to establish what type of events occurred.'\n  desc  \"\n    Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logLevel\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\n    If the \\\"Syslog.global.logLevel\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logLevel\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag gid: 'V-ESXI-80-000235'\n  tag rid: 'SV-ESXI-80-000235'\n  tag stig_id: 'ESXI-80-000235'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000235.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"info\"","run_time":0.5426163,"start_time":"2023-06-07T08:29:04-06:00","message":"\nexpected: info\n     got: error\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000236","title":"The ESXi host must not be configured to override virtual machine (VM) configurations.","desc":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.","descriptions":[{"label":"default","data":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# stat -c \"%s\" /etc/vmware/settings\n\nExpected result:\n\n0\n\nIf the output does not match the expected result, this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# echo -n >/etc/vmware/settings"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000236","rid":"SV-ESXI-80-000236","stig_id":"ESXI-80-000236","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000236' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) configurations.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # stat -c \\\"%s\\\" /etc/vmware/settings\n\n    Expected result:\n\n    0\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # echo -n >/etc/vmware/settings\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000236'\n  tag rid: 'SV-ESXI-80-000236'\n  tag stig_id: 'ESXI-80-000236'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000236.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.12e-05,"start_time":"2023-06-07T08:29:05-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000237","title":"The ESXi host must not be configured to override virtual machine (VM) logger settings.","desc":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.","descriptions":[{"label":"default","data":"Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# grep \"^vmx\\.log\" /etc/vmware/config\n\nIf the command produces any output, this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following commands:\n\n# cp /etc/vmware/config /etc/vmware/config.bak\n# grep -v \"^vmx\\.log\" /etc/vmware/config.bak>/etc/vmware/config"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000237","rid":"SV-ESXI-80-000237","stig_id":"ESXI-80-000237","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000237' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) logger settings.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # grep \\\"^vmx\\\\.log\\\" /etc/vmware/config\n\n    If the command produces any output, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # cp /etc/vmware/config /etc/vmware/config.bak\n    # grep -v \\\"^vmx\\\\.log\\\" /etc/vmware/config.bak>/etc/vmware/config\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000237'\n  tag rid: 'SV-ESXI-80-000237'\n  tag stig_id: 'ESXI-80-000237'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000237.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.04e-05,"start_time":"2023-06-07T08:29:05-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"ESXI-80-000238","title":"The ESXi host must require TPM-based configuration encryption.","desc":"An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.","descriptions":[{"label":"default","data":"An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled."},{"label":"rationale","data":""},{"label":"check","data":"If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select Mode\n\nExpected result:\n\nMode: TPM\n\nIf the \"Mode\" is not set to \"TPM\", this is a finding."},{"label":"fix","data":"Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\nThis setting cannot be configured until the TPM is properly enabled in firmware.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption set --mode=TPM\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.mode = \"TPM\"\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000238","rid":"SV-ESXI-80-000238","stig_id":"ESXI-80-000238","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000238' do\n  title 'The ESXi host must require TPM-based configuration encryption.'\n  desc  \"\n    An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\n    A cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\n    Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \\\"seal\\\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\n    Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select Mode\n\n    Expected result:\n\n    Mode: TPM\n\n    If the \\\"Mode\\\" is not set to \\\"TPM\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\n    This setting cannot be configured until the TPM is properly enabled in firmware.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption set --mode=TPM\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.mode = \\\"TPM\\\"\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000238'\n  tag rid: 'SV-ESXI-80-000238'\n  tag stig_id: 'ESXI-80-000238'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'TPM' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000238.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode stdout.strip is expected to cmp == \"TPM\"","run_time":0.3454204,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: TPM\n     got: NONE\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"]","resource_id":""}]},{"id":"ESXI-80-000239","title":"The ESXi host must configure the firewall to restrict access to services running on the host.","desc":"Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.","descriptions":[{"label":"default","data":"Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nUnder the \"Allowed IP addresses\" column, review the allowed IPs for each service.\n\nCheck this for \"Incoming\" and \"Outgoing\" sections.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\"AllIPEnabled\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\nIf for an enabled service \"Allow connections from any IP address\" is selected, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nClick \"Edit...\". For each enabled service, uncheck the check box to \"Allow connections from any IP address\" and input the site-specific network(s) required.\n\nThe following example formats are acceptable:\n\n192.168.0.0/24\n192.168.1.2, 2001::1/64\nfd3e:29a6:0a81:e478::/64\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n#This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n$arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.allowedall = $false\n$esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n#Next add the allowed IPs for the service. Note doing the \"vSphere Web Client\" service this way may disable access but may be done through vCenter or through the console.\n$arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.ipaddress = \"10.0.0.0/8\"\n$esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\nThis must be done for each enabled service."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000239","rid":"SV-ESXI-80-000239","stig_id":"ESXI-80-000239","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000239' do\n  title 'The ESXi host must configure the firewall to restrict access to services running on the host.'\n  desc  'Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Under the \\\"Allowed IP addresses\\\" column, review the allowed IPs for each service.\n\n    Check this for \\\"Incoming\\\" and \\\"Outgoing\\\" sections.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\\\"AllIPEnabled\\\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\n    If for an enabled service \\\"Allow connections from any IP address\\\" is selected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Click \\\"Edit...\\\". For each enabled service, uncheck the check box to \\\"Allow connections from any IP address\\\" and input the site-specific network(s) required.\n\n    The following example formats are acceptable:\n\n    192.168.0.0/24\n    192.168.1.2, 2001::1/64\n    fd3e:29a6:0a81:e478::/64\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    #This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n    $arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.allowedall = $false\n    $esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n    #Next add the allowed IPs for the service. Note doing the \\\"vSphere Web Client\\\" service this way may disable access but may be done through vCenter or through the console.\n    $arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.ipaddress = \\\"10.0.0.0/8\\\"\n    $esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\n    This must be done for each enabled service.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000239'\n  tag rid: 'SV-ESXI-80-000239'\n  tag stig_id: 'ESXI-80-000239'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost} | Get-VMHostFirewallException | Where {$_.Enabled -eq $true}).ExtensionData.AllowedHosts.AllIP\"\n      powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n        describe result do\n          it { should_not cmp 'True' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000239.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0003021,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002896,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002555,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002369,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.000227,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002281,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002254,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001976,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001664,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001555,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001385,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002854,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001461,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001868,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001578,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002161,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"passed","code_desc":"False is expected not to cmp == \"True\"","run_time":0.0003521,"start_time":"2023-06-07T08:29:05-06:00","resource_class":"Object","resource_params":"[]","resource_id":"False"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001832,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001629,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.000148,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0001509,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"},{"status":"failed","code_desc":"True is expected not to cmp == \"True\"","run_time":0.0002841,"start_time":"2023-06-07T08:29:05-06:00","message":"\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"}]},{"id":"ESXI-80-000240","title":"The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.","desc":"If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.","descriptions":[{"label":"default","data":"If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy."},{"label":"rationale","data":""},{"label":"check","data":"For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nIf the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\nIf the method used to join hosts to a domain is not set to \"Use vSphere Authentication Proxy to add the host to domain\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to vCenter, run the following command:\n\nGet-VMHost | Select Name, ` @{N=\"HostProfile\";E={$_ | Get-VMHostProfile}}, ` @{N=\"JoinADEnabled\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\"JoinDomainMethod\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \"JoinDomainMethodPolicy\"}).Policyoption.Id}}\n\nIf \"JoinADEnabled\" is \"True\" and \"JoinDomainMethod\" is not \"FixedCAMConfigOption\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\nClick \"Edit Host Profile...\". Set the \"Join Domain Method\" to \"Use vSphere Authentication Proxy to add the host to domain\" and provide the IP address of the vSphere Authentication Proxy server.\n\nClick \"Save\"."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000240","rid":"SV-ESXI-80-000240","stig_id":"ESXI-80-000240","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000240' do\n  title 'The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.'\n  desc  \"\n    If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\n    To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    If the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\n    If the method used to join hosts to a domain is not set to \\\"Use vSphere Authentication Proxy to add the host to domain\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to vCenter, run the following command:\n\n    Get-VMHost | Select Name, ` @{N=\\\"HostProfile\\\";E={$_ | Get-VMHostProfile}}, ` @{N=\\\"JoinADEnabled\\\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\\\"JoinDomainMethod\\\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \\\"JoinDomainMethodPolicy\\\"}).Policyoption.Id}}\n\n    If \\\"JoinADEnabled\\\" is \\\"True\\\" and \\\"JoinDomainMethod\\\" is not \\\"FixedCAMConfigOption\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\n    Click \\\"Edit Host Profile...\\\". Set the \\\"Join Domain Method\\\" to \\\"Use vSphere Authentication Proxy to add the host to domain\\\" and provide the IP address of the vSphere Authentication Proxy server.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000240'\n  tag rid: 'SV-ESXI-80-000240'\n  tag stig_id: 'ESXI-80-000240'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    setimpact = true\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostProfile\"\n      hostprofile = powercli_command(command).stdout\n\n      if hostprofile.empty?\n        describe \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\" do\n          skip \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\"\n        end\n      else\n        command1 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled\"\n        adEnabled = powercli_command(command1).stdout.strip\n\n        if adEnabled.match?('True')\n          command2 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select-Object -ExpandProperty Policy | Where {$_.Id -eq 'JoinDomainMethodPolicy'} | Select-Object -ExpandProperty PolicyOption | Select-Object -ExpandProperty Id\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should cmp 'FixedCAMConfigOption' }\n          end\n          setimpact = false\n        else\n          describe \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\" do\n            skip \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No ESXi hosts found. Review inputs provided for errors and rerun profile.' do\n      skip 'No ESXi hosts found. Review inputs provided for errors and rerun profile.'\n    end\n    setimpact = false\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000240.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"There are no attached host profiles host: 10.186.25.26. This control is not applicable.","run_time":6.0e-06,"start_time":"2023-06-07T08:29:05-06:00","resource":"","skip_message":"There are no attached host profiles host: 10.186.25.26. This control is not applicable.","resource_class":"Object","resource_params":"[]","resource_id":"There are no attached host profiles host: 10.186.25.26. This control is not applicable."}]},{"id":"ESXI-80-000241","title":"The ESXi host must not use the default Active Directory ESX Admin group.","desc":"When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.","descriptions":[{"label":"default","data":"When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted."},{"label":"rationale","data":""},{"label":"check","data":"For systems that do not use Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" value and verify it is not set to \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\nIf the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" setting is set to \"ESX Admins\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" key and configure its value to an appropriate Active Directory group other than \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \"<site specific AD group>\"\n\nNote: Changing the group name does not remove the permissions of the previous group."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000241","rid":"SV-ESXI-80-000241","stig_id":"ESXI-80-000241","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000241' do\n  title 'The ESXi host must not use the default Active Directory ESX Admin group.'\n  desc  \"\n    When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \\\"ESX Admins\\\" will have full administrative access to the host.\n\n    If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" value and verify it is not set to \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\n    If the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" setting is set to \\\"ESX Admins\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" key and configure its value to an appropriate Active Directory group other than \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \\\"<site specific AD group>\\\"\n\n    Note: Changing the group name does not remove the permissions of the previous group.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000241'\n  tag rid: 'SV-ESXI-80-000241'\n  tag stig_id: 'ESXI-80-000241'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n      domainstatus = powercli_command(command).stdout\n      if domainstatus.empty?\n        impact 0.0\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not joined to AD, so this control is not applicable.\"\n        end\n      else\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should_not cmp 'ESX Admins' }\n          its('stdout.strip') { should cmp \"#{input('adAdminGroup')}\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000241.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"","run_time":4.6e-06,"start_time":"2023-06-07T08:29:05-06:00","resource":"","skip_message":"The ESXi host 10.186.25.26 is not joined to AD, so this control is not applicable.","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"ESXI-80-000243","title":"The ESXi host must configure a persistent log location for all locally stored logs.","desc":"ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.","descriptions":[{"label":"default","data":"ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logDir\" value and verify it is set to a persistent location.\n\nIf the value of the setting is \"[] /scratch/logs\", verify the advanced setting \"ScratchConfig.CurrentScratchLocation\" is not set to \"/tmp/scratch\". This is a nonpersistent location.\n\nIf \"Syslog.global.logDir\" is not configured to a persistent location, this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\nIf the \"LocalLogOutputIsPersistent\" value is not true, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logDir\" value and set it to a known persistent location.\n\nAn example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n/vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \"New Log Location\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000341-VMM-001220","gid":"V-ESXI-80-000243","rid":"SV-ESXI-80-000243","stig_id":"ESXI-80-000243","cci":["CCI-001849"],"nist":["AU-4"]},"code":"control 'ESXI-80-000243' do\n  title 'The ESXi host must configure a persistent log location for all locally stored logs.'\n  desc  \"\n    ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \\\"/scratch\\\" directory is linked to \\\"/tmp/scratch\\\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\n    This presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\n    Note: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\n    If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logDir\\\" value and verify it is set to a persistent location.\n\n    If the value of the setting is \\\"[] /scratch/logs\\\", verify the advanced setting \\\"ScratchConfig.CurrentScratchLocation\\\" is not set to \\\"/tmp/scratch\\\". This is a nonpersistent location.\n\n    If \\\"Syslog.global.logDir\\\" is not configured to a persistent location, this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\n    If the \\\"LocalLogOutputIsPersistent\\\" value is not true, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logDir\\\" value and set it to a known persistent location.\n\n    An example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n    /vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \\\"New Log Location\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000243'\n  tag rid: 'SV-ESXI-80-000243'\n  tag stig_id: 'ESXI-80-000243'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000243.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent stdout.strip is expected to cmp == \"true\"","run_time":0.3779242,"start_time":"2023-06-07T08:29:05-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"]","resource_id":""}]},{"id":"ESXI-80-000244","title":"The ESXi host must enforce the exclusive running of executables from approved VIBs.","desc":"The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.","descriptions":[{"label":"default","data":"The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option."},{"label":"rationale","data":""},{"label":"check","data":"If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"VMkernel.Boot.execInstalledOnly\" value and verify that it is \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\nIf the \"VMkernel.Boot.execInstalledOnly\" setting is not \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"VMkernel.Boot.execInstalledOnly\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000244","rid":"SV-ESXI-80-000244","stig_id":"ESXI-80-000244","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000244' do\n  title 'The ESXi host must enforce the exclusive running of executables from approved VIBs.'\n  desc  'The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and verify that it is \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\n    If the \\\"VMkernel.Boot.execInstalledOnly\\\" setting is not \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000244'\n  tag rid: 'SV-ESXI-80-000244'\n  tag stig_id: 'ESXI-80-000244'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000244.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"","run_time":0.6361998,"start_time":"2023-06-07T08:29:06-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"ESXI-80-000245","title":"The ESXi host must use sufficient entropy for cryptographic operations.","desc":"Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero).","descriptions":[{"label":"default","data":"Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero)."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel list -o disableHwrng\n# esxcli system settings kernel list -o entropySources\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \"disableHwrng\" -or $_.Name -eq \"entropySources\"}\n\nIf \"disableHwrng\" is not set to \"false\", this is a finding.\nIf \"entropySources\" is not set to \"0\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel set -s disableHwrng -v FALSE\n# esxcli system settings kernel set -s entropySources -v 0\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n$arguments.setting = \"disableHwrng\"\n$arguments.value = \"FALSE\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n$arguments.setting = \"entropySources\"\n$arguments.value = \"0\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n\nReboot the ESXi host after updating entropy settings."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000245","rid":"SV-ESXI-80-000245","stig_id":"ESXI-80-000245","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000245' do\n  title 'The ESXi host must use sufficient entropy for cryptographic operations.'\n  desc  \"\n    Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\n    In computing, the term \\\"entropy\\\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\n    FIPS entropy handling is the default behavior if the following conditions are true:\n\n    -The hardware supports RDSEED.\n    -The disableHwrng VMkernel boot option isn't present or is FALSE.\n    -The entropySources VMkernel boot option isn't present or is 0 (zero).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel list -o disableHwrng\n    # esxcli system settings kernel list -o entropySources\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \\\"disableHwrng\\\" -or $_.Name -eq \\\"entropySources\\\"}\n\n    If \\\"disableHwrng\\\" is not set to \\\"false\\\", this is a finding.\n    If \\\"entropySources\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel set -s disableHwrng -v FALSE\n    # esxcli system settings kernel set -s entropySources -v 0\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n    $arguments.setting = \\\"disableHwrng\\\"\n    $arguments.value = \\\"FALSE\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n    $arguments.setting = \\\"entropySources\\\"\n    $arguments.value = \\\"0\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n\n    Reboot the ESXi host after updating entropy settings.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000245'\n  tag rid: 'SV-ESXI-80-000245'\n  tag stig_id: 'ESXI-80-000245'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'FALSE' }\n      end\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000245.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \"disableHwrng\"} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp == \"FALSE\"","run_time":0.800001,"start_time":"2023-06-07T08:29:06-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \"entropySources\"} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp == \"0\"","run_time":0.8091229,"start_time":"2023-06-07T08:29:07-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"]","resource_id":""}]},{"id":"ESXI-80-000246","title":"The ESXi host must not enable log filtering.","desc":"The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.","descriptions":[{"label":"default","data":"The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly."},{"label":"rationale","data":""},{"label":"check","data":"From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.logfilter.get.invoke()\n\nIf \"LogFilteringEnabled\" is not set to \"false\", this is a finding."},{"label":"fix","data":"From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter set --log-filtering-enabled=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n$arguments.logfilteringenabled = $false\n$esxcli.system.syslog.config.logfilter.set.invoke($arguments)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-ESXI-80-000246","rid":"SV-ESXI-80-000246","stig_id":"ESXI-80-000246","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'ESXI-80-000246' do\n  title 'The ESXi host must not enable log filtering.'\n  desc  \"\n    The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\n    Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.logfilter.get.invoke()\n\n    If \\\"LogFilteringEnabled\\\" is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter set --log-filtering-enabled=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n    $arguments.logfilteringenabled = $false\n    $esxcli.system.syslog.config.logfilter.set.invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000246'\n  tag rid: 'SV-ESXI-80-000246'\n  tag stig_id: 'ESXI-80-000246'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000246.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled stdout.strip is expected to cmp == \"false\"","run_time":0.3665214,"start_time":"2023-06-07T08:29:08-06:00","resource_class":"powercli_command","resource_params":"[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"]","resource_id":""}]}],"status":"loaded","status_message":""},{"name":"VMware vSphere 8.0 vCenter STIG Readiness Guide","version":"1.0.1","sha256":"8f9266052570c0249001c60d77de53eda9da5e60c4151c3472380f744e384add","title":"VMware vSphere 8.0 vCenter STIG Readiness Guide","maintainer":"The Authors","summary":"An InSpec Compliance Profile","license":"Apache-2.0","copyright":"The Authors","supports":[],"attributes":[],"parent_profile":"vmware-vsphere-8.0-stig-baseline","groups":[{"id":"controls/VCSA-80-000009.rb","controls":["VCSA-80-000009"]},{"id":"controls/VCSA-80-000023.rb","controls":["VCSA-80-000023"]},{"id":"controls/VCSA-80-000024.rb","controls":["VCSA-80-000024"]},{"id":"controls/VCSA-80-000034.rb","controls":["VCSA-80-000034"]},{"id":"controls/VCSA-80-000057.rb","controls":["VCSA-80-000057"]},{"id":"controls/VCSA-80-000059.rb","controls":["VCSA-80-000059"]},{"id":"controls/VCSA-80-000060.rb","controls":["VCSA-80-000060"]},{"id":"controls/VCSA-80-000069.rb","controls":["VCSA-80-000069"]},{"id":"controls/VCSA-80-000070.rb","controls":["VCSA-80-000070"]},{"id":"controls/VCSA-80-000071.rb","controls":["VCSA-80-000071"]},{"id":"controls/VCSA-80-000072.rb","controls":["VCSA-80-000072"]},{"id":"controls/VCSA-80-000073.rb","controls":["VCSA-80-000073"]},{"id":"controls/VCSA-80-000074.rb","controls":["VCSA-80-000074"]},{"id":"controls/VCSA-80-000077.rb","controls":["VCSA-80-000077"]},{"id":"controls/VCSA-80-000079.rb","controls":["VCSA-80-000079"]},{"id":"controls/VCSA-80-000080.rb","controls":["VCSA-80-000080"]},{"id":"controls/VCSA-80-000089.rb","controls":["VCSA-80-000089"]},{"id":"controls/VCSA-80-000095.rb","controls":["VCSA-80-000095"]},{"id":"controls/VCSA-80-000110.rb","controls":["VCSA-80-000110"]},{"id":"controls/VCSA-80-000123.rb","controls":["VCSA-80-000123"]},{"id":"controls/VCSA-80-000145.rb","controls":["VCSA-80-000145"]},{"id":"controls/VCSA-80-000148.rb","controls":["VCSA-80-000148"]},{"id":"controls/VCSA-80-000150.rb","controls":["VCSA-80-000150"]},{"id":"controls/VCSA-80-000158.rb","controls":["VCSA-80-000158"]},{"id":"controls/VCSA-80-000195.rb","controls":["VCSA-80-000195"]},{"id":"controls/VCSA-80-000196.rb","controls":["VCSA-80-000196"]},{"id":"controls/VCSA-80-000248.rb","controls":["VCSA-80-000248"]},{"id":"controls/VCSA-80-000253.rb","controls":["VCSA-80-000253"]},{"id":"controls/VCSA-80-000265.rb","controls":["VCSA-80-000265"]},{"id":"controls/VCSA-80-000266.rb","controls":["VCSA-80-000266"]},{"id":"controls/VCSA-80-000267.rb","controls":["VCSA-80-000267"]},{"id":"controls/VCSA-80-000268.rb","controls":["VCSA-80-000268"]},{"id":"controls/VCSA-80-000269.rb","controls":["VCSA-80-000269"]},{"id":"controls/VCSA-80-000270.rb","controls":["VCSA-80-000270"]},{"id":"controls/VCSA-80-000271.rb","controls":["VCSA-80-000271"]},{"id":"controls/VCSA-80-000272.rb","controls":["VCSA-80-000272"]},{"id":"controls/VCSA-80-000273.rb","controls":["VCSA-80-000273"]},{"id":"controls/VCSA-80-000274.rb","controls":["VCSA-80-000274"]},{"id":"controls/VCSA-80-000275.rb","controls":["VCSA-80-000275"]},{"id":"controls/VCSA-80-000276.rb","controls":["VCSA-80-000276"]},{"id":"controls/VCSA-80-000277.rb","controls":["VCSA-80-000277"]},{"id":"controls/VCSA-80-000278.rb","controls":["VCSA-80-000278"]},{"id":"controls/VCSA-80-000279.rb","controls":["VCSA-80-000279"]},{"id":"controls/VCSA-80-000280.rb","controls":["VCSA-80-000280"]},{"id":"controls/VCSA-80-000281.rb","controls":["VCSA-80-000281"]},{"id":"controls/VCSA-80-000282.rb","controls":["VCSA-80-000282"]},{"id":"controls/VCSA-80-000283.rb","controls":["VCSA-80-000283"]},{"id":"controls/VCSA-80-000284.rb","controls":["VCSA-80-000284"]},{"id":"controls/VCSA-80-000285.rb","controls":["VCSA-80-000285"]},{"id":"controls/VCSA-80-000286.rb","controls":["VCSA-80-000286"]},{"id":"controls/VCSA-80-000287.rb","controls":["VCSA-80-000287"]},{"id":"controls/VCSA-80-000288.rb","controls":["VCSA-80-000288"]},{"id":"controls/VCSA-80-000290.rb","controls":["VCSA-80-000290"]},{"id":"controls/VCSA-80-000291.rb","controls":["VCSA-80-000291"]},{"id":"controls/VCSA-80-000292.rb","controls":["VCSA-80-000292"]},{"id":"controls/VCSA-80-000293.rb","controls":["VCSA-80-000293"]},{"id":"controls/VCSA-80-000294.rb","controls":["VCSA-80-000294"]},{"id":"controls/VCSA-80-000295.rb","controls":["VCSA-80-000295"]},{"id":"controls/VCSA-80-000296.rb","controls":["VCSA-80-000296"]},{"id":"controls/VCSA-80-000298.rb","controls":["VCSA-80-000298"]},{"id":"controls/VCSA-80-000299.rb","controls":["VCSA-80-000299"]},{"id":"controls/VCSA-80-000300.rb","controls":["VCSA-80-000300"]},{"id":"controls/VCSA-80-000301.rb","controls":["VCSA-80-000301"]},{"id":"controls/VCSA-80-000302.rb","controls":["VCSA-80-000302"]},{"id":"controls/VCSA-80-000303.rb","controls":["VCSA-80-000303"]},{"id":"controls/VCSA-80-000304.rb","controls":["VCSA-80-000304"]}],"controls":[{"id":"VCSA-80-000009","title":"The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.","desc":"Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.","descriptions":[{"label":"default","data":"Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol."},{"label":"rationale","data":""},{"label":"check","data":"At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\nIf the output indicates versions of TLS other than 1.2 are enabled, this is a finding."},{"label":"fix","data":"At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\nvCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\nThe \"--no-restart\" flag can be added to restart services at a later time.\n\nChanges will not take effect until all services are restarted or the appliance is rebooted."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-APP-000014","satisfies":["SRG-APP-000156","SRG-APP-000157","SRG-APP-000219","SRG-APP-000439","SRG-APP-000440","SRG-APP-000441","SRG-APP-000442","SRG-APP-000560","SRG-APP-000565","SRG-APP-000625","SRG-APP-000645"],"gid":"V-VCSA-80-000009","rid":"SV-VCSA-80-000009","stig_id":"VCSA-80-000009","cci":["CCI-000068","CCI-000382","CCI-001184","CCI-001453","CCI-001941","CCI-001942","CCI-002418","CCI-002420","CCI-002421","CCI-002422","CCI-002450"],"nist":["AC-17 (2)","CM-7 b","IA-2 (8)","IA-2 (9)","SC-13","SC-23","SC-8","SC-8 (1)","SC-8 (2)"]},"code":"control 'VCSA-80-000009' do\n  title 'The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.'\n  desc  'Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.'\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\n    If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\n    vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\n    The \\\"--no-restart\\\" flag can be added to restart services at a later time.\n\n    Changes will not take effect until all services are restarted or the appliance is rebooted.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000014'\n  tag satisfies: ['SRG-APP-000156', 'SRG-APP-000157', 'SRG-APP-000219', 'SRG-APP-000439', 'SRG-APP-000440', 'SRG-APP-000441', 'SRG-APP-000442', 'SRG-APP-000560', 'SRG-APP-000565', 'SRG-APP-000625', 'SRG-APP-000645']\n  tag gid: 'V-VCSA-80-000009'\n  tag rid: 'SV-VCSA-80-000009'\n  tag stig_id: 'VCSA-80-000009'\n  tag cci: ['CCI-000068', 'CCI-000382', 'CCI-001184', 'CCI-001453', 'CCI-001941', 'CCI-001942', 'CCI-002418', 'CCI-002420', 'CCI-002421', 'CCI-002422', 'CCI-002450']\n  tag nist: ['AC-17 (2)', 'CM-7 b', 'IA-2 (8)', 'IA-2 (9)', 'SC-13', 'SC-23', 'SC-8', 'SC-8 (1)', 'SC-8 (2)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000009.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.43e-05,"start_time":"2023-06-07T08:29:08-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000023","title":"The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.","desc":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.","descriptions":[{"label":"default","data":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nThe following lockout policy should be set as follows:\n\nMaximum number of failed login attempts: 3\n\nIf this account lockout policy is not configured as stated, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Maximum number of failed login attempts\" to \"3\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000065","gid":"V-VCSA-80-000023","rid":"SV-VCSA-80-000023","stig_id":"VCSA-80-000023","cci":["CCI-000044"],"nist":["AC-7 a"]},"code":"control 'VCSA-80-000023' do\n  title 'The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    The following lockout policy should be set as follows:\n\n    Maximum number of failed login attempts: 3\n\n    If this account lockout policy is not configured as stated, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Maximum number of failed login attempts\\\" to \\\"3\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000065'\n  tag gid: 'V-VCSA-80-000023'\n  tag rid: 'SV-VCSA-80-000023'\n  tag stig_id: 'VCSA-80-000023'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  command = '(Get-SsoLockoutPolicy).MaxFailedAttempts'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '3' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000023.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoLockoutPolicy).MaxFailedAttempts stdout.strip is expected to cmp == \"3\"","run_time":0.244666,"start_time":"2023-06-07T08:29:08-06:00","message":"\nexpected: 3\n     got: 5\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoLockoutPolicy).MaxFailedAttempts\"]","resource_id":""}]},{"id":"VCSA-80-000024","title":"The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.","desc":"Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"","descriptions":[{"label":"default","data":"Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nIf the selection box next to \"Show login message\" is disabled, \"Details of login message\" is not configured to the standard DOD User Agreement, or the \"Consent checkbox\" is disabled, this is a finding.\n\nNote: Refer to vulnerability discussion for user agreement language."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nClick \"Edit\".\n\nClick the \"Show login message\" slider to enable.\n\nConfigure the \"Login message\" to \"DOD User Agreement\".\n\nClick the \"Consent checkbox\" slider to enable.\n\nSet the \"Details of login message\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\nClick \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000068","satisfies":["SRG-APP-000069","SRG-APP-000070"],"gid":"V-VCSA-80-000024","rid":"SV-VCSA-80-000024","stig_id":"VCSA-80-000024","cci":["CCI-000048","CCI-000050","CCI-001384"],"nist":["AC-8 a","AC-8 b","AC-8 c 1"]},"code":"control 'VCSA-80-000024' do\n  title 'The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.'\n  desc  \"\n    Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    If the selection box next to \\\"Show login message\\\" is disabled, \\\"Details of login message\\\" is not configured to the standard DOD User Agreement, or the \\\"Consent checkbox\\\" is disabled, this is a finding.\n\n    Note: Refer to vulnerability discussion for user agreement language.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Show login message\\\" slider to enable.\n\n    Configure the \\\"Login message\\\" to \\\"DOD User Agreement\\\".\n\n    Click the \\\"Consent checkbox\\\" slider to enable.\n\n    Set the \\\"Details of login message\\\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000068'\n  tag satisfies: ['SRG-APP-000069', 'SRG-APP-000070']\n  tag gid: 'V-VCSA-80-000024'\n  tag rid: 'SV-VCSA-80-000024'\n  tag stig_id: 'VCSA-80-000024'\n  tag cci: ['CCI-000048', 'CCI-000050', 'CCI-001384']\n  tag nist: ['AC-8 a', 'AC-8 b', 'AC-8 c 1']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000024.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.18e-05,"start_time":"2023-06-07T08:29:09-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000034","title":"The vCenter Server must produce audit records containing information to establish what type of events occurred.","desc":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.","descriptions":[{"label":"default","data":"Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify the \"config.log.level\" value is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \"info\".\n\nIf the \"config.log.level\" value is not set to \"info\" or does not exist, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.log.level\" setting to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000095","gid":"V-VCSA-80-000034","rid":"SV-VCSA-80-000034","stig_id":"VCSA-80-000034","cci":["CCI-000130"],"nist":["AU-3"]},"code":"control 'VCSA-80-000034' do\n  title 'The vCenter Server must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify the \\\"config.log.level\\\" value is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \\\"info\\\".\n\n    If the \\\"config.log.level\\\" value is not set to \\\"info\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.log.level\\\" setting to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000095'\n  tag gid: 'V-VCSA-80-000034'\n  tag rid: 'SV-VCSA-80-000034'\n  tag stig_id: 'VCSA-80-000034'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'info' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000034.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"info\"","run_time":0.6675981,"start_time":"2023-06-07T08:29:09-06:00","resource_class":"powercli_command","resource_params":"[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"VCSA-80-000057","title":"vCenter Server plugins must be verified.","desc":"The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.","descriptions":[{"label":"default","data":"The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\nView the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\nIf any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \"Disable\".\n\nIf the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\nTo uninstall plug-ins, do the following:\n\nIf vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\nIn a web browser, navigate to \"http://vCenter_Server_name_or_IP/mob\", where \"vCenter_Server_name_or_IP/mob\" is the name of the vCenter Server or its IP address.\n\nClick \"Content\".\n\nClick \"ExtensionManager\".\n\nSelect and copy the name of the plug-in to be removed from the list of values under \"Properties\".\n\nClick \"UnregisterExtension\". A new window appears.\n\nPaste the name of the plug-in and click \"Invoke Method\". This removes the plug-in.\n\nClose the window.\n\nRefresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\nNote: If the plug-in still appears, restart the vSphere Client.\n\nNote: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000141","gid":"V-VCSA-80-000057","rid":"SV-VCSA-80-000057","stig_id":"VCSA-80-000057","cci":["CCI-000381"],"nist":["CM-7 a"]},"code":"control 'VCSA-80-000057' do\n  title 'vCenter Server plugins must be verified.'\n  desc  \"\n    The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\n    vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\n    Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\n    View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\n    If any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \\\"Disable\\\".\n\n    If the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\n    To uninstall plug-ins, do the following:\n\n    If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\n    In a web browser, navigate to \\\"http://vCenter_Server_name_or_IP/mob\\\", where \\\"vCenter_Server_name_or_IP/mob\\\" is the name of the vCenter Server or its IP address.\n\n    Click \\\"Content\\\".\n\n    Click \\\"ExtensionManager\\\".\n\n    Select and copy the name of the plug-in to be removed from the list of values under \\\"Properties\\\".\n\n    Click \\\"UnregisterExtension\\\". A new window appears.\n\n    Paste the name of the plug-in and click \\\"Invoke Method\\\". This removes the plug-in.\n\n    Close the window.\n\n    Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\n    Note: If the plug-in still appears, restart the vSphere Client.\n\n    Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000141'\n  tag gid: 'V-VCSA-80-000057'\n  tag rid: 'SV-VCSA-80-000057'\n  tag stig_id: 'VCSA-80-000057'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000057.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":5.8e-06,"start_time":"2023-06-07T08:29:09-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000059","title":"The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.","desc":"To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.","descriptions":[{"label":"default","data":"To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the identity provider type is \"embedded\" and there is no identity source of type \"Active Directory\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\nIf the identity provider type is \"Microsoft ADFS\" or another supported identity provider, this is NOT a finding."},{"label":"fix","data":"When using the embedded identity provider type, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\nClick \"Add\".\n\nSelect either \"Active Directory over LDAP\" or \"Active Directory (Windows Integrated Authentication)\" and configure appropriately.\n\nNote: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\nOR\n\nTo change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick \"Change Identity Provider\".\n\nSelect \"Microsoft ADFS\" and click \"Next\".\n\nEnter the ADFS server information and User and Group details and click \"Finish\".\n\nFor additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000148","satisfies":["SRG-APP-000153","SRG-APP-000163","SRG-APP-000180","SRG-APP-000234"],"gid":"V-VCSA-80-000059","rid":"SV-VCSA-80-000059","stig_id":"VCSA-80-000059","cci":["CCI-000764","CCI-000770","CCI-000795","CCI-000804","CCI-001682"],"nist":["AC-2 (2)","IA-2","IA-2 (5)","IA-4 e","IA-8"]},"code":"control 'VCSA-80-000059' do\n  title 'The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.'\n  desc  \"\n    To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n    (i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n    (ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\n    Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the identity provider type is \\\"embedded\\\" and there is no identity source of type \\\"Active Directory\\\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\n    If the identity provider type is \\\"Microsoft ADFS\\\" or another supported identity provider, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    When using the embedded identity provider type, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\n    Click \\\"Add\\\".\n\n    Select either \\\"Active Directory over LDAP\\\" or \\\"Active Directory (Windows Integrated Authentication)\\\" and configure appropriately.\n\n    Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\n    OR\n\n    To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click \\\"Change Identity Provider\\\".\n\n    Select \\\"Microsoft ADFS\\\" and click \\\"Next\\\".\n\n    Enter the ADFS server information and User and Group details and click \\\"Finish\\\".\n\n    For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000148'\n  tag satisfies: ['SRG-APP-000153', 'SRG-APP-000163', 'SRG-APP-000180', 'SRG-APP-000234']\n  tag gid: 'V-VCSA-80-000059'\n  tag rid: 'SV-VCSA-80-000059'\n  tag stig_id: 'VCSA-80-000059'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-000795', 'CCI-000804', 'CCI-001682']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-4 e', 'IA-8']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000059.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":3.9e-06,"start_time":"2023-06-07T08:29:09-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000060","title":"The vCenter Server must require multifactor authentication.","desc":"Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric).","descriptions":[{"label":"default","data":"Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric)."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the embedded identity provider is used, click on \"Smart Card Authentication\".\n\nIf the embedded identity provider is used and \"Smart Card Authentication\" is not enabled, this is a finding.\n\nIf a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding."},{"label":"fix","data":"To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\nFor vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000149","satisfies":["SRG-APP-000080","SRG-APP-000150","SRG-APP-000391","SRG-APP-000402"],"gid":"V-VCSA-80-000060","rid":"SV-VCSA-80-000060","stig_id":"VCSA-80-000060","cci":["CCI-000166","CCI-000765","CCI-000766","CCI-001953","CCI-002009"],"nist":["AU-10","IA-2 (1)","IA-2 (12)","IA-2 (2)","IA-8 (1)"]},"code":"control 'VCSA-80-000060' do\n  title 'The vCenter Server must require multifactor authentication.'\n  desc  \"\n    Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\n    Multifactor authentication requires using two or more factors to achieve authentication.\n\n    Factors include:\n    (i) something a user knows (e.g., password/PIN);\n    (ii) something a user has (e.g., cryptographic identification device, token); or\n    (iii) something a user is (e.g., biometric).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the embedded identity provider is used, click on \\\"Smart Card Authentication\\\".\n\n    If the embedded identity provider is used and \\\"Smart Card Authentication\\\" is not enabled, this is a finding.\n\n    If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.\n  \"\n  desc 'fix', \"\n    To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\n    For vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000149'\n  tag satisfies: ['SRG-APP-000080', 'SRG-APP-000150', 'SRG-APP-000391', 'SRG-APP-000402']\n  tag gid: 'V-VCSA-80-000060'\n  tag rid: 'SV-VCSA-80-000060'\n  tag stig_id: 'VCSA-80-000060'\n  tag cci: ['CCI-000166', 'CCI-000765', 'CCI-000766', 'CCI-001953', 'CCI-002009']\n  tag nist: ['AU-10', 'IA-2 (1)', 'IA-2 (12)', 'IA-2 (2)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    command = '(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled'\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000060.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp == \"true\"","run_time":0.1935403,"start_time":"2023-06-07T08:29:09-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled\"]","resource_id":""}]},{"id":"VCSA-80-000069","title":"The vCenter Server passwords must be at least 15 characters in length.","desc":"The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.","descriptions":[{"label":"default","data":"The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Minimum Length\" setting.\n\nMinimum Length: 15\n\nIf the password policy is not configured with a \"Minimum Length\" policy of \"15\" or more, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Minimum Length\" to \"15\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000164","gid":"V-VCSA-80-000069","rid":"SV-VCSA-80-000069","stig_id":"VCSA-80-000069","cci":["CCI-000205"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000069' do\n  title 'The vCenter Server passwords must be at least 15 characters in length.'\n  desc  \"\n    The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Minimum Length\\\" setting.\n\n    Minimum Length: 15\n\n    If the password policy is not configured with a \\\"Minimum Length\\\" policy of \\\"15\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Minimum Length\\\" to \\\"15\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000164'\n  tag gid: 'V-VCSA-80-000069'\n  tag rid: 'SV-VCSA-80-000069'\n  tag stig_id: 'VCSA-80-000069'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLength'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 15 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000069.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).MinLength stdout.strip is expected to cmp >= 15","run_time":0.2033722,"start_time":"2023-06-07T08:29:10-06:00","message":"\nexpected it to be >= 15\n     got: 8\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).MinLength\"]","resource_id":""}]},{"id":"VCSA-80-000070","title":"The vCenter Server must prohibit password reuse for a minimum of five generations.","desc":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.","descriptions":[{"label":"default","data":"Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Restrict reuse\" setting.\n\nRestrict reuse: Users cannot reuse any previous 5 passwords\n\nIf the password policy is not configured with a \"Restrict reuse\" policy of \"5\" or more, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Restrict reuse\" to \"5\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000165","gid":"V-VCSA-80-000070","rid":"SV-VCSA-80-000070","stig_id":"VCSA-80-000070","cci":["CCI-000200"],"nist":["IA-5 (1) (e)"]},"code":"control 'VCSA-80-000070' do\n  title 'The vCenter Server must prohibit password reuse for a minimum of five generations.'\n  desc  \"\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    To meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\n    If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Restrict reuse\\\" setting.\n\n    Restrict reuse: Users cannot reuse any previous 5 passwords\n\n    If the password policy is not configured with a \\\"Restrict reuse\\\" policy of \\\"5\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Restrict reuse\\\" to \\\"5\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000165'\n  tag gid: 'V-VCSA-80-000070'\n  tag rid: 'SV-VCSA-80-000070'\n  tag stig_id: 'VCSA-80-000070'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  command = '(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 5 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000070.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount stdout.strip is expected to cmp >= 5","run_time":0.2031329,"start_time":"2023-06-07T08:29:10-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount\"]","resource_id":""}]},{"id":"VCSA-80-000071","title":"The vCenter Server passwords must contain at least one uppercase character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 uppercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more uppercase characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"uppercase characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000166","gid":"V-VCSA-80-000071","rid":"SV-VCSA-80-000071","stig_id":"VCSA-80-000071","cci":["CCI-000192"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000071' do\n  title 'The vCenter Server passwords must contain at least one uppercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 uppercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more uppercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"uppercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000166'\n  tag gid: 'V-VCSA-80-000071'\n  tag rid: 'SV-VCSA-80-000071'\n  tag stig_id: 'VCSA-80-000071'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinUppercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000071.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).MinUppercaseCount stdout.strip is expected to cmp >= 1","run_time":0.2463944,"start_time":"2023-06-07T08:29:10-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).MinUppercaseCount\"]","resource_id":""}]},{"id":"VCSA-80-000072","title":"The vCenter Server passwords must contain at least one lowercase character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 lowercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more lowercase characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"lowercase characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000167","gid":"V-VCSA-80-000072","rid":"SV-VCSA-80-000072","stig_id":"VCSA-80-000072","cci":["CCI-000193"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000072' do\n  title 'The vCenter Server passwords must contain at least one lowercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 lowercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more lowercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"lowercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000167'\n  tag gid: 'V-VCSA-80-000072'\n  tag rid: 'SV-VCSA-80-000072'\n  tag stig_id: 'VCSA-80-000072'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLowercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000072.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).MinLowercaseCount stdout.strip is expected to cmp >= 1","run_time":0.2471527,"start_time":"2023-06-07T08:29:10-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).MinLowercaseCount\"]","resource_id":""}]},{"id":"VCSA-80-000073","title":"The vCenter Server passwords must contain at least one numeric character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 numeric characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more numeric characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"numeric characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000168","gid":"V-VCSA-80-000073","rid":"SV-VCSA-80-000073","stig_id":"VCSA-80-000073","cci":["CCI-000194"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000073' do\n  title 'The vCenter Server passwords must contain at least one numeric character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 numeric characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more numeric characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"numeric characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000168'\n  tag gid: 'V-VCSA-80-000073'\n  tag rid: 'SV-VCSA-80-000073'\n  tag stig_id: 'VCSA-80-000073'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinNumericCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000073.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).MinNumericCount stdout.strip is expected to cmp >= 1","run_time":0.190235,"start_time":"2023-06-07T08:29:10-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).MinNumericCount\"]","resource_id":""}]},{"id":"VCSA-80-000074","title":"The vCenter Server passwords must contain at least one special character.","desc":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.","descriptions":[{"label":"default","data":"Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 special characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more special characters, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"special characters\" to at least \"1\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000169","gid":"V-VCSA-80-000074","rid":"SV-VCSA-80-000074","stig_id":"VCSA-80-000074","cci":["CCI-001619"],"nist":["IA-5 (1) (a)"]},"code":"control 'VCSA-80-000074' do\n  title 'The vCenter Server passwords must contain at least one special character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\n    Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 special characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more special characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"special characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000169'\n  tag gid: 'V-VCSA-80-000074'\n  tag rid: 'SV-VCSA-80-000074'\n  tag stig_id: 'VCSA-80-000074'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinSpecialCharCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000074.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).MinSpecialCharCount stdout.strip is expected to cmp >= 1","run_time":0.2155519,"start_time":"2023-06-07T08:29:11-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).MinSpecialCharCount\"]","resource_id":""}]},{"id":"VCSA-80-000077","title":"The vCenter Server must enable FIPS-validated cryptography.","desc":"FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.","descriptions":[{"label":"default","data":"FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Web Client, go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> GET.\n\nClick \"Execute\" and then \"Copy Response\" to view the results.\n\nExample response:\n\n{\n    \"enabled\": true\n}\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nInvoke-GetSystemGlobalFips\n\nIf global FIPS mode is not enabled, this is a finding."},{"label":"fix","data":"From the vSphere Web Client go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> PUT.\n\nIn the response body under \"Try it out\" paste the following:\n\n{\n    \"enabled\": true\n}\n\nClick \"Execute\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\nNote: The vCenter server reboots after FIPS is enabled or disabled."}],"impact":0.7,"refs":[],"tags":{"severity":"high","gtitle":"SRG-APP-000172","satisfies":["SRG-APP-000179","SRG-APP-000224","SRG-APP-000231","SRG-APP-000412","SRG-APP-000514","SRG-APP-000555","SRG-APP-000600","SRG-APP-000610","SRG-APP-000620","SRG-APP-000630","SRG-APP-000635"],"gid":"V-VCSA-80-000077","rid":"SV-VCSA-80-000077","stig_id":"VCSA-80-000077","cci":["CCI-000197","CCI-000803","CCI-001188","CCI-001199","CCI-001967","CCI-002450","CCI-003123"],"nist":["IA-3 (1)","IA-5 (1) (c)","IA-7","MA-4 (6)","SC-13","SC-23 (3)","SC-28"]},"code":"control 'VCSA-80-000077' do\n  title 'The vCenter Server must enable FIPS-validated cryptography.'\n  desc  \"\n    FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\n    In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\n    vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> GET.\n\n    Click \\\"Execute\\\" and then \\\"Copy Response\\\" to view the results.\n\n    Example response:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Invoke-GetSystemGlobalFips\n\n    If global FIPS mode is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Web Client go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> PUT.\n\n    In the response body under \\\"Try it out\\\" paste the following:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    Click \\\"Execute\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\n    Note: The vCenter server reboots after FIPS is enabled or disabled.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000172'\n  tag satisfies: ['SRG-APP-000179', 'SRG-APP-000224', 'SRG-APP-000231', 'SRG-APP-000412', 'SRG-APP-000514', 'SRG-APP-000555', 'SRG-APP-000600', 'SRG-APP-000610', 'SRG-APP-000620', 'SRG-APP-000630', 'SRG-APP-000635']\n  tag gid: 'V-VCSA-80-000077'\n  tag rid: 'SV-VCSA-80-000077'\n  tag stig_id: 'VCSA-80-000077'\n  tag cci: ['CCI-000197', 'CCI-000803', 'CCI-001188', 'CCI-001199', 'CCI-001967', 'CCI-002450', 'CCI-003123']\n  tag nist: ['IA-3 (1)', 'IA-5 (1) (c)', 'IA-7', 'MA-4 (6)', 'SC-13', 'SC-23 (3)', 'SC-28']\n\n  command = 'Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'True' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000077.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled stdout.strip is expected to cmp == \"True\"","run_time":0.3184635,"start_time":"2023-06-07T08:29:11-06:00","message":"\nexpected: True\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled\"]","resource_id":""}]},{"id":"VCSA-80-000079","title":"The vCenter Server must enforce a 90-day maximum password lifetime restriction.","desc":"Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.","descriptions":[{"label":"default","data":"Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Maximum lifetime\" setting.\n\nMaximum lifetime: Password must be changed every 90 days\n\nIf the password policy is not configured with \"Maximum lifetime\" policy of \"90\" or less, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"Maximum lifetime\" to \"90\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000174","gid":"V-VCSA-80-000079","rid":"SV-VCSA-80-000079","stig_id":"VCSA-80-000079","cci":["CCI-000199"],"nist":["IA-5 (1) (d)"]},"code":"control 'VCSA-80-000079' do\n  title 'The vCenter Server must enforce a 90-day maximum password lifetime restriction.'\n  desc  \"\n    Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\n    One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\n    This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Maximum lifetime\\\" setting.\n\n    Maximum lifetime: Password must be changed every 90 days\n\n    If the password policy is not configured with \\\"Maximum lifetime\\\" policy of \\\"90\\\" or less, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"Maximum lifetime\\\" to \\\"90\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000174'\n  tag gid: 'V-VCSA-80-000079'\n  tag rid: 'SV-VCSA-80-000079'\n  tag stig_id: 'VCSA-80-000079'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  command = '(Get-SsoPasswordPolicy).PasswordLifetimeDays'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp <= 90 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000079.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoPasswordPolicy).PasswordLifetimeDays stdout.strip is expected to cmp <= 90","run_time":0.1746309,"start_time":"2023-06-07T08:29:11-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoPasswordPolicy).PasswordLifetimeDays\"]","resource_id":""}]},{"id":"VCSA-80-000080","title":"The vCenter Server must enable revocation checking for certificate-based authentication.","desc":"The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.","descriptions":[{"label":"default","data":"The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking."},{"label":"rationale","data":""},{"label":"check","data":"If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, verify \"Revocation check\" does not show as disabled.\n\nIf \"Revocation check\" shows as disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, click the \"Edit\" button.\n\nConfigure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\nBy default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000175","satisfies":["SRG-APP-000392","SRG-APP-000401","SRG-APP-000403"],"gid":"V-VCSA-80-000080","rid":"SV-VCSA-80-000080","stig_id":"VCSA-80-000080","cci":["CCI-000185","CCI-001954","CCI-001991","CCI-002010"],"nist":["IA-2 (12)","IA-5 (2) (a)","IA-5 (2) (d)","IA-8 (1)"]},"code":"control 'VCSA-80-000080' do\n  title 'The vCenter Server must enable revocation checking for certificate-based authentication.'\n  desc  'The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, verify \\\"Revocation check\\\" does not show as disabled.\n\n    If \\\"Revocation check\\\" shows as disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, click the \\\"Edit\\\" button.\n\n    Configure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\n    By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000175'\n  tag satisfies: ['SRG-APP-000392', 'SRG-APP-000401', 'SRG-APP-000403']\n  tag gid: 'V-VCSA-80-000080'\n  tag rid: 'SV-VCSA-80-000080'\n  tag stig_id: 'VCSA-80-000080'\n  tag cci: ['CCI-000185', 'CCI-001954', 'CCI-001991', 'CCI-002010']\n  tag nist: ['IA-2 (12)', 'IA-5 (2) (a)', 'IA-5 (2) (d)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    describe.one do\n      describe powercli_command('(Get-SsoAuthenticationPolicy).OCSPEnabled') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).UseInCertCRL') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).CRLUrl') do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000080.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-SsoAuthenticationPolicy).UseInCertCRL stdout.strip is expected to cmp == \"true\"","run_time":0.000273,"start_time":"2023-06-07T08:29:11-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-SsoAuthenticationPolicy).UseInCertCRL\"]","resource_id":""}]},{"id":"VCSA-80-000089","title":"The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.","desc":"Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.","descriptions":[{"label":"default","data":"Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nView the value of the \"Session timeout\" setting.\n\nIf the \"Session timeout\" is not set to \"15 minute(s)\" or less this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nClick \"Edit\" and enter \"15\" minutes into the \"Session timeout\" setting. Click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000190","satisfies":["SRG-APP-000295","SRG-APP-000389"],"gid":"V-VCSA-80-000089","rid":"SV-VCSA-80-000089","stig_id":"VCSA-80-000089","cci":["CCI-001133","CCI-002038","CCI-002361"],"nist":["AC-12","IA-11","SC-10"]},"code":"control 'VCSA-80-000089' do\n  title 'The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.'\n  desc  'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    View the value of the \\\"Session timeout\\\" setting.\n\n    If the \\\"Session timeout\\\" is not set to \\\"15 minute(s)\\\" or less this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    Click \\\"Edit\\\" and enter \\\"15\\\" minutes into the \\\"Session timeout\\\" setting. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000190'\n  tag satisfies: ['SRG-APP-000295', 'SRG-APP-000389']\n  tag gid: 'V-VCSA-80-000089'\n  tag rid: 'SV-VCSA-80-000089'\n  tag stig_id: 'VCSA-80-000089'\n  tag cci: ['CCI-001133', 'CCI-002038', 'CCI-002361']\n  tag nist: ['AC-12', 'IA-11', 'SC-10']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000089.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":7.1e-06,"start_time":"2023-06-07T08:29:11-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000095","title":"The vCenter Server user roles must be verified.","desc":"Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.","descriptions":[{"label":"default","data":"Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView each role and verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nApplication service account and user required privileges should be documented.\n\nIf any user or service account has more privileges than required, this is a finding."},{"label":"fix","data":"To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the user or group, click the pencil button, change the assigned role, and click \"OK\".\n\nNote: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\nTo create a new role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nClick the green plus sign and enter a name for the role and select only the specific permissions required.\n\nUsers can then be assigned to the newly created role."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000211","satisfies":["SRG-APP-000233","SRG-APP-000380"],"gid":"V-VCSA-80-000095","rid":"SV-VCSA-80-000095","stig_id":"VCSA-80-000095","cci":["CCI-001082","CCI-001084","CCI-001813"],"nist":["CM-5 (1)","SC-2","SC-3"]},"code":"control 'VCSA-80-000095' do\n  title 'The vCenter Server user roles must be verified.'\n  desc  'Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View each role and verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    Application service account and user required privileges should be documented.\n\n    If any user or service account has more privileges than required, this is a finding.\n  \"\n  desc 'fix', \"\n    To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the user or group, click the pencil button, change the assigned role, and click \\\"OK\\\".\n\n    Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\n    To create a new role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Click the green plus sign and enter a name for the role and select only the specific permissions required.\n\n    Users can then be assigned to the newly created role.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000211'\n  tag satisfies: ['SRG-APP-000233', 'SRG-APP-000380']\n  tag gid: 'V-VCSA-80-000095'\n  tag rid: 'SV-VCSA-80-000095'\n  tag stig_id: 'VCSA-80-000095'\n  tag cci: ['CCI-001082', 'CCI-001084', 'CCI-001813']\n  tag nist: ['CM-5 (1)', 'SC-2', 'SC-3']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000095.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":5.0e-06,"start_time":"2023-06-07T08:29:11-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000110","title":"The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).","desc":"DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.","descriptions":[{"label":"default","data":"DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nView the \"Properties\" pane and verify \"Network I/O Control\" is \"Enabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NIOC Enabled\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\nIf \"Network I/O Control\" is disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nIn the \"Properties\" pane, click \"Edit\". Change \"Network I/O Control\" to \"Enabled\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDSwitch \"VDSwitch Name\" | Get-View).EnableNetworkResourceManagement($true)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000247","gid":"V-VCSA-80-000110","rid":"SV-VCSA-80-000110","stig_id":"VCSA-80-000110","cci":["CCI-001095"],"nist":["SC-5 (2)"]},"code":"control 'VCSA-80-000110' do\n  title 'The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).'\n  desc  \"\n    DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\n    Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    View the \\\"Properties\\\" pane and verify \\\"Network I/O Control\\\" is \\\"Enabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NIOC Enabled\\\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\n    If \\\"Network I/O Control\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    In the \\\"Properties\\\" pane, click \\\"Edit\\\". Change \\\"Network I/O Control\\\" to \\\"Enabled\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDSwitch \\\"VDSwitch Name\\\" | Get-View).EnableNetworkResourceManagement($true)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000247'\n  tag gid: 'V-VCSA-80-000110'\n  tag rid: 'SV-VCSA-80-000110'\n  tag stig_id: 'VCSA-80-000110'\n  tag cci: ['CCI-001095']\n  tag nist: ['SC-5 (2)']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000110.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\").ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp == \"true\"","run_time":0.5353332,"start_time":"2023-06-07T08:29:11-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\").ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp == \"true\"","run_time":0.2552794,"start_time":"2023-06-07T08:29:12-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"]","resource_id":""}]},{"id":"VCSA-80-000123","title":"The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.","desc":"Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately.","descriptions":[{"label":"default","data":"Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nVerify there is an alarm created to alert upon all SSO account actions.\n\nThe alarm name may vary, but it is suggested to name it \"SSO account actions - com.vmware.sso.PrincipalManagement\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select Name,Enabled,@{N=\"EventTypeId\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\nIf an alarm is not created to alert on SSO account actions, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nClick \"Add\".\n\nProvide the alarm name of \"SSO account actions - com.vmware.sso.PrincipalManagement\" and an optional description.\n\nFrom the \"Target type\" dropdown menu, select \"vCenter Server\".\n\nClick \"Next\".\n\nPaste \"com.vmware.sso.PrincipalManagement\" (without quotes) in the line after \"IF\" and press \"Enter\".\n\nNext to \"Trigger the alarm and\", select \"Show as Warning\".\n\nConfigure the desired notification actions that will inform the SA and ISSO of the event.\n\nClick \"Next\". Click \"Next\" again. Click \"Create\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000291","satisfies":["SRG-APP-000292","SRG-APP-000293","SRG-APP-000294","SRG-APP-000320"],"gid":"V-VCSA-80-000123","rid":"SV-VCSA-80-000123","stig_id":"VCSA-80-000123","cci":["CCI-001683","CCI-001684","CCI-001685","CCI-001686","CCI-002132"],"nist":["AC-2 (4)"]},"code":"control 'VCSA-80-000123' do\n  title 'The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.'\n  desc  \"\n    Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\n    To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \\\"com.vmware.sso.PrincipalManagement\\\" event ID and configure the alert mechanisms appropriately.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Verify there is an alarm created to alert upon all SSO account actions.\n\n    The alarm name may vary, but it is suggested to name it \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select Name,Enabled,@{N=\\\"EventTypeId\\\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\n    If an alarm is not created to alert on SSO account actions, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Click \\\"Add\\\".\n\n    Provide the alarm name of \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\" and an optional description.\n\n    From the \\\"Target type\\\" dropdown menu, select \\\"vCenter Server\\\".\n\n    Click \\\"Next\\\".\n\n    Paste \\\"com.vmware.sso.PrincipalManagement\\\" (without quotes) in the line after \\\"IF\\\" and press \\\"Enter\\\".\n\n    Next to \\\"Trigger the alarm and\\\", select \\\"Show as Warning\\\".\n\n    Configure the desired notification actions that will inform the SA and ISSO of the event.\n\n    Click \\\"Next\\\". Click \\\"Next\\\" again. Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000291'\n  tag satisfies: ['SRG-APP-000292', 'SRG-APP-000293', 'SRG-APP-000294', 'SRG-APP-000320']\n  tag gid: 'V-VCSA-80-000123'\n  tag rid: 'SV-VCSA-80-000123'\n  tag stig_id: 'VCSA-80-000123'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001685', 'CCI-001686', 'CCI-002132']\n  tag nist: ['AC-2 (4)']\n\n  command = 'Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000123.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp == \"true\"","run_time":0.9179929,"start_time":"2023-06-07T08:29:12-06:00","message":"\nexpected: true\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select-Object -ExpandProperty Enabled\"]","resource_id":""}]},{"id":"VCSA-80-000145","title":"The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.","desc":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.","descriptions":[{"label":"default","data":"By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Time interval between failures\" setting.\n\nTime interval between failures: 900 seconds\n\nIf the lockout policy is not configured with \"Time interval between failures\" policy of \"900\" or more, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Time interval between failures\" to \"900\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000345","gid":"V-VCSA-80-000145","rid":"SV-VCSA-80-000145","stig_id":"VCSA-80-000145","cci":["CCI-002238"],"nist":["AC-7 b"]},"code":"control 'VCSA-80-000145' do\n  title 'The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Time interval between failures\\\" setting.\n\n    Time interval between failures: 900 seconds\n\n    If the lockout policy is not configured with \\\"Time interval between failures\\\" policy of \\\"900\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Time interval between failures\\\" to \\\"900\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000145'\n  tag rid: 'SV-VCSA-80-000145'\n  tag stig_id: 'VCSA-80-000145'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).FailedAttemptIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 900 }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000145.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoLockoutPolicy).FailedAttemptIntervalSec stdout.strip is expected to cmp >= 900","run_time":0.2629529,"start_time":"2023-06-07T08:29:13-06:00","message":"\nexpected it to be >= 900\n     got: 180\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoLockoutPolicy).FailedAttemptIntervalSec\"]","resource_id":""}]},{"id":"VCSA-80-000148","title":"The vCenter Server must be configured to send logs to a central log server.","desc":"vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.","descriptions":[{"label":"default","data":"vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting."},{"label":"rationale","data":""},{"label":"check","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \"Reachable\".\n\nIf no valid syslog collector is configured or if the collector is not listed as \"Reachable\", this is a finding."},{"label":"fix","data":"Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" or \"Configure\".\n\nEdit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\nUser Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\nClick \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000358","gid":"V-VCSA-80-000148","rid":"SV-VCSA-80-000148","stig_id":"VCSA-80-000148","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'VCSA-80-000148' do\n  title 'The vCenter Server must be configured to send logs to a central log server.'\n  desc  'vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \\\"Reachable\\\".\n\n    If no valid syslog collector is configured or if the collector is not listed as \\\"Reachable\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" or \\\"Configure\\\".\n\n    Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\n    User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000148'\n  tag rid: 'SV-VCSA-80-000148'\n  tag stig_id: 'VCSA-80-000148'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Invoke-GetLoggingForwarding | Select-Object -ExpandProperty hostname'\n  logservers = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if logservers.empty?\n    describe \"No log servers configured: #{logservers}\" do\n      subject { logservers }\n      it { should_not be_empty }\n    end\n  else\n    logservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('syslogServers') }\n      end\n    end\n    logserverstatuscommand = 'Invoke-TestLoggingForwarding | Select-Object -ExpandProperty state'\n    logserverstatus = powercli_command(logserverstatuscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    logserverstatus.each do |status|\n      describe status do\n        subject { status }\n        it { should cmp 'UP' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000148.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"No log servers configured: [] is expected not to be empty","run_time":0.0154104,"start_time":"2023-06-07T08:29:13-06:00","message":"expected `[].empty?` to be falsey, got true","resource_class":"Object","resource_params":"[]","resource_id":"No log servers configured: []"}]},{"id":"VCSA-80-000150","title":"The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.","desc":"It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).","descriptions":[{"label":"default","data":"It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less)."},{"label":"rationale","data":""},{"label":"check","data":"Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\nIf there are no AO-defined events, this is not a finding."},{"label":"fix","data":"Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000360","satisfies":["SRG-APP-000379","SRG-APP-000510"],"gid":"V-VCSA-80-000150","rid":"SV-VCSA-80-000150","stig_id":"VCSA-80-000150","cci":["CCI-000172","CCI-001744","CCI-001858"],"nist":["AU-12 c","AU-5 (2)","CM-3 (5)"]},"code":"control 'VCSA-80-000150' do\n  title 'The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.'\n  desc  \"\n    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\n    Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\n    If there are no AO-defined events, this is not a finding.\n  \"\n  desc 'fix', 'Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000360'\n  tag satisfies: ['SRG-APP-000379', 'SRG-APP-000510']\n  tag gid: 'V-VCSA-80-000150'\n  tag rid: 'SV-VCSA-80-000150'\n  tag stig_id: 'VCSA-80-000150'\n  tag cci: ['CCI-000172', 'CCI-001744', 'CCI-001858']\n  tag nist: ['AU-12 c', 'AU-5 (2)', 'CM-3 (5)']\n\n  describe 'This check is a manual or policy based check' do\n    skip 'This must be reviewed manually'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000150.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check","run_time":4.8e-06,"start_time":"2023-06-07T08:29:13-06:00","resource":"","skip_message":"This must be reviewed manually","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check"}]},{"id":"VCSA-80-000158","title":"The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.","desc":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.","descriptions":[{"label":"default","data":"Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network."},{"label":"rationale","data":""},{"label":"check","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one authorized time server is configured and is listed as \"Reachable\".\n\nIf \"NTP\" is not enabled and at least one authorized time server configured, this is a finding."},{"label":"fix","data":"Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" under \"Time Synchronization\".\n\nSelect \"NTP\" for \"Mode\" and enter a list of authorized time servers separated by commas. Click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000371","gid":"V-VCSA-80-000158","rid":"SV-VCSA-80-000158","stig_id":"VCSA-80-000158","cci":["CCI-001891"],"nist":["AU-8 (1) (a)"]},"code":"control 'VCSA-80-000158' do\n  title 'The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.'\n  desc  \"\n    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\n    Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one authorized time server is configured and is listed as \\\"Reachable\\\".\n\n    If \\\"NTP\\\" is not enabled and at least one authorized time server configured, this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" under \\\"Time Synchronization\\\".\n\n    Select \\\"NTP\\\" for \\\"Mode\\\" and enter a list of authorized time servers separated by commas. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000371'\n  tag gid: 'V-VCSA-80-000158'\n  tag rid: 'SV-VCSA-80-000158'\n  tag stig_id: 'VCSA-80-000158'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  command = 'Invoke-GetTimesync'\n  timesync = powercli_command(command).stdout.strip\n\n  if timesync == 'NTP'\n    ntpserverscommand = 'Invoke-GetNtp'\n    ntpservers = powercli_command(ntpserverscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    ntpservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('ntpServers') }\n      end\n      ntpstatuscommand = \"Initialize-NtpTestRequestBody -Servers #{server} | Invoke-TestNtp | Select-Object -ExpandProperty status\"\n      ntpstatus = powercli_command(ntpstatuscommand).stdout.strip\n      describe ntpstatus do\n        subject { ntpstatus }\n        it { should cmp 'SERVER_REACHABLE' }\n      end\n    end\n  else\n    describe \"Timesync Configuration: #{timesync}\" do\n      subject { timesync }\n      it { should cmp 'NTP' }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000158.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Timesync Configuration: HOST is expected to cmp == \"NTP\"","run_time":0.0021716,"start_time":"2023-06-07T08:29:13-06:00","message":"\nexpected: NTP\n     got: HOST\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"Timesync Configuration: HOST"}]},{"id":"VCSA-80-000195","title":"The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.","desc":"Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.","descriptions":[{"label":"default","data":"Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick \"View Details\" and examine the \"Issuer Information\" block.\n\nIf the issuer specified is not a DOD approved certificate authority, this is a finding."},{"label":"fix","data":"Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\nCRT format (Base-64)\nx509 version 3\nSubjectAltName must contain DNS Name=<machine_FQDN>\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nExport the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \".cer\" extension.\n\nFrom the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick Actions >> Import and Replace Certificate.\n\nSelect the \"Replace with external CA certificate\" radio button and click \"Next\".\n\nSupply the CA-issued certificate , the exported roots file, and the private key.\n\nClick \"Replace\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000427","gid":"V-VCSA-80-000195","rid":"SV-VCSA-80-000195","stig_id":"VCSA-80-000195","cci":["CCI-002470"],"nist":["SC-23 (5)"]},"code":"control 'VCSA-80-000195' do\n  title 'The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.'\n  desc  \"\n    Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\n    The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\n    The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click \\\"View Details\\\" and examine the \\\"Issuer Information\\\" block.\n\n    If the issuer specified is not a DOD approved certificate authority, this is a finding.\n  \"\n  desc 'fix', \"\n    Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n    CRT format (Base-64)\n    x509 version 3\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \\\".cer\\\" extension.\n\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click Actions >> Import and Replace Certificate.\n\n    Select the \\\"Replace with external CA certificate\\\" radio button and click \\\"Next\\\".\n\n    Supply the CA-issued certificate , the exported roots file, and the private key.\n\n    Click \\\"Replace\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000427'\n  tag gid: 'V-VCSA-80-000195'\n  tag rid: 'SV-VCSA-80-000195'\n  tag stig_id: 'VCSA-80-000195'\n  tag cci: ['CCI-002470']\n  tag nist: ['SC-23 (5)']\n\n  vcenter = powercli_command('$global:DefaultViServers.Name').stdout.strip\n  describe ssl_certificate(host: \"#{vcenter}\", port: 443) do\n    its('issuer_organization') { should cmp 'U.S. Government' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000195.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"ssl_certificate for '10.186.30.81' issuer_organization is expected to cmp == \"U.S. Government\"","run_time":0.3951961,"start_time":"2023-06-07T08:29:13-06:00","message":"\nexpected: U.S. Government\n     got: sc2-10-186-30-81.eng.vmware.com\n\n(compared using `cmp` matcher)\n","resource_class":"ssl_certificate","resource_params":"[{:host=>\"10.186.30.81\", :port=>443}]","resource_id":""}]},{"id":"VCSA-80-000196","title":"The vCenter Server must enable data at rest encryption for vSAN.","desc":"Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.","descriptions":[{"label":"default","data":"Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-at-rest encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\nIf \"Data-At-Rest encryption\" is not enabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-At-Rest encryption\" and select a pre-configured key provider from the drop down. Click \"Apply\".\n\nNote: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000428","gid":"V-VCSA-80-000196","rid":"SV-VCSA-80-000196","stig_id":"VCSA-80-000196","cci":["CCI-002475"],"nist":["SC-28 (1)"]},"code":"control 'VCSA-80-000196' do\n  title 'The vCenter Server must enable data at rest encryption for vSAN.'\n  desc  \"\n    Applications handling data requiring \\\"data at rest\\\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\n    Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\n    vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-at-rest encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\n    If \\\"Data-At-Rest encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-At-Rest encryption\\\" and select a pre-configured key provider from the drop down. Click \\\"Apply\\\".\n\n    Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000428'\n  tag gid: 'V-VCSA-80-000196'\n  tag rid: 'SV-VCSA-80-000196'\n  tag stig_id: 'VCSA-80-000196'\n  tag cci: ['CCI-002475']\n  tag nist: ['SC-28 (1)']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"Get-Cluster -Name #{cluster} | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000196.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-Cluster -Name cluster0 | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled stdout.strip is expected to cmp == \"true\"","run_time":1.4792283,"start_time":"2023-06-07T08:29:14-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-Cluster -Name cluster0 | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"]","resource_id":""}]},{"id":"VCSA-80-000248","title":"The vCenter Server must disable the Customer Experience Improvement Program (CEIP).","desc":"The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.","descriptions":[{"label":"default","data":"The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nIf Customer Experience Improvement \"Program Status\" is \"Joined\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nClick \"Leave Program\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000248","rid":"SV-VCSA-80-000248","stig_id":"VCSA-80-000248","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000248' do\n  title 'The vCenter Server must disable the Customer Experience Improvement Program (CEIP).'\n  desc  'The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    If Customer Experience Improvement \\\"Program Status\\\" is \\\"Joined\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    Click \\\"Leave Program\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000248'\n  tag rid: 'SV-VCSA-80-000248'\n  tag stig_id: 'VCSA-80-000248'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000248.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.13e-05,"start_time":"2023-06-07T08:29:15-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000253","title":"The vCenter server must enforce SNMPv3 security features where SNMP is required.","desc":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.","descriptions":[{"label":"default","data":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication."},{"label":"rationale","data":""},{"label":"check","data":"At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.get\n\nNote: The \"appliancesh\" command is not needed if the default shell has not been changed for root.\n\nIf \"Enable\" is set to \"False\", this is not a finding.\n\nIf \"Enable\" is set to \"True\" and \"Authentication\" is not set to \"SHA1\", this is a finding.\n\nIf \"Enable\" is set to \"True\" and \"Privacy\" is not set to \"AES128\", this is a finding.\n\nIf any \"Users\" are configured with a \"Sec_level\" that does not equal \"priv\", this is a finding."},{"label":"fix","data":"At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.set --authentication SHA1\n# snmp.set --privacy AES128\n\nTo change the security level of a user, run the following command:\n\n# snmp.set --users <username>/<auth_password> <priv_password>/priv"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000575","gid":"V-VCSA-80-000253","rid":"SV-VCSA-80-000253","stig_id":"VCSA-80-000253","cci":["CCI-001967"],"nist":["IA-3 (1)"]},"code":"control 'VCSA-80-000253' do\n  title 'The vCenter server must enforce SNMPv3 security features where SNMP is required.'\n  desc  \"\n    SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\n    SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\n    SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.get\n\n    Note: The \\\"appliancesh\\\" command is not needed if the default shell has not been changed for root.\n\n    If \\\"Enable\\\" is set to \\\"False\\\", this is not a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Authentication\\\" is not set to \\\"SHA1\\\", this is a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Privacy\\\" is not set to \\\"AES128\\\", this is a finding.\n\n    If any \\\"Users\\\" are configured with a \\\"Sec_level\\\" that does not equal \\\"priv\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.set --authentication SHA1\n    # snmp.set --privacy AES128\n\n    To change the security level of a user, run the following command:\n\n    # snmp.set --users <username>/<auth_password> <priv_password>/priv\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000253'\n  tag rid: 'SV-VCSA-80-000253'\n  tag stig_id: 'VCSA-80-000253'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000253.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":8.6e-06,"start_time":"2023-06-07T08:29:15-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000265","title":"The vCenter server must disable SNMPv1/2 receivers.","desc":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.","descriptions":[{"label":"default","data":"SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, note the presence of any enabled receiver.\n\nIf there are any enabled receivers, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, ensure all receivers are disabled."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000575","gid":"V-VCSA-80-000265","rid":"SV-VCSA-80-000265","stig_id":"VCSA-80-000265","cci":["CCI-001967"],"nist":["IA-3 (1)"]},"code":"control 'VCSA-80-000265' do\n  title 'The vCenter server must disable SNMPv1/2 receivers.'\n  desc  'SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, note the presence of any enabled receiver.\n\n    If there are any enabled receivers, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, ensure all receivers are disabled.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000265'\n  tag rid: 'SV-VCSA-80-000265'\n  tag stig_id: 'VCSA-80-000265'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000265.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"","run_time":0.3624992,"start_time":"2023-06-07T08:29:15-06:00","message":"\nexpected: False\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"","run_time":0.1768221,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"","run_time":0.1930579,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"","run_time":0.1628827,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"VCSA-80-000266","title":"The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.","desc":"By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.","descriptions":[{"label":"default","data":"By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Unlock time\" setting.\n\nUnlock time: 0 seconds\n\nIf the lockout policy is not configured with \"Unlock time\" policy of \"0\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Unlock time\" to \"0\" and click \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000345","gid":"V-VCSA-80-000266","rid":"SV-VCSA-80-000266","stig_id":"VCSA-80-000266","cci":["CCI-002238"],"nist":["AC-7 b"]},"code":"control 'VCSA-80-000266' do\n  title 'The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.'\n  desc  'By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Unlock time\\\" setting.\n\n    Unlock time: 0 seconds\n\n    If the lockout policy is not configured with \\\"Unlock time\\\" policy of \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Unlock time\\\" to \\\"0\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000266'\n  tag rid: 'SV-VCSA-80-000266'\n  tag stig_id: 'VCSA-80-000266'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).AutoUnlockIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '0' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000266.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoLockoutPolicy).AutoUnlockIntervalSec stdout.strip is expected to cmp == \"0\"","run_time":0.2036261,"start_time":"2023-06-07T08:29:16-06:00","message":"\nexpected: 0\n     got: 300\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoLockoutPolicy).AutoUnlockIntervalSec\"]","resource_id":""}]},{"id":"VCSA-80-000267","title":"The vCenter Server must disable the distributed virtual switch health check.","desc":"Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.","descriptions":[{"label":"default","data":"Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nView the health check pane and verify the \"VLAN and MTU\" and \"Teaming and failover\" checks are \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vds = Get-VDSwitch\n$vds.ExtensionData.Config.HealthCheckConfig\n\nIf the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nClick \"Edit\".\n\nDisable the \"VLAN and MTU\" and \"Teaming and failover\" checks.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \"False\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000267","rid":"SV-VCSA-80-000267","stig_id":"VCSA-80-000267","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000267' do\n  title 'The vCenter Server must disable the distributed virtual switch health check.'\n  desc  'Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    View the health check pane and verify the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks are \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vds = Get-VDSwitch\n    $vds.ExtensionData.Config.HealthCheckConfig\n\n    If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    Click \\\"Edit\\\".\n\n    Disable the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \\\"False\\\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000267'\n  tag rid: 'SV-VCSA-80-000267'\n  tag stig_id: 'VCSA-80-000267'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.HealthCheckConfig | Select-Object -ExpandProperty Enable\"\n      checks = powercli_command(command)\n      checks.stdout.split.each do |hc|\n        describe \"Health check for #{vds}\" do\n          subject { hc }\n          it { should cmp 'false' }\n        end\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000267.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Health check for VDSwitch STIG 1 is expected to cmp == \"false\"","run_time":0.0072569,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Health check for VDSwitch STIG 1"},{"status":"passed","code_desc":"Health check for VDSwitch STIG 1 is expected to cmp == \"false\"","run_time":0.0002122,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Health check for VDSwitch STIG 1"},{"status":"passed","code_desc":"Health check for VDSwitch STIG 2 is expected to cmp == \"false\"","run_time":0.0001312,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Health check for VDSwitch STIG 2"},{"status":"passed","code_desc":"Health check for VDSwitch STIG 2 is expected to cmp == \"false\"","run_time":0.0001188,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Health check for VDSwitch STIG 2"}]},{"id":"VCSA-80-000268","title":"The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".","desc":"If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.","descriptions":[{"label":"default","data":"If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Forged Transmits\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Forged Transmits\" policy is set to accept for a non-uplink port, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Forged Transmits\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000268","rid":"SV-VCSA-80-000268","stig_id":"VCSA-80-000268","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000268' do\n  title 'The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    When the \\\"Forged Transmits\\\" option is set to \\\"Accept\\\", ESXi does not compare source and effective MAC addresses.\n\n    To protect against MAC impersonation, set the \\\"Forged Transmits\\\" option to \\\"Reject\\\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Forged Transmits\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Forged Transmits\\\" policy is set to accept for a non-uplink port, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Forged Transmits\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000268'\n  tag rid: 'SV-VCSA-80-000268'\n  tag stig_id: 'VCSA-80-000268'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000268.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"","run_time":0.4559017,"start_time":"2023-06-07T08:29:16-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"","run_time":0.3428624,"start_time":"2023-06-07T08:29:17-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"","run_time":0.4364241,"start_time":"2023-06-07T08:29:17-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"","run_time":0.6254497,"start_time":"2023-06-07T08:29:18-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"","run_time":0.4285295,"start_time":"2023-06-07T08:29:18-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"","run_time":0.8635859,"start_time":"2023-06-07T08:29:19-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]","resource_id":""}]},{"id":"VCSA-80-000269","title":"The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".","desc":"If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.","descriptions":[{"label":"default","data":"If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"MAC Address Changes\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"MAC Address Changes\" policy is set to accept, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"MAC Address Changes\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000269","rid":"SV-VCSA-80-000269","stig_id":"VCSA-80-000269","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000269' do\n  title 'The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"MAC Address Changes\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"MAC Address Changes\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000269'\n  tag rid: 'SV-VCSA-80-000269'\n  tag stig_id: 'VCSA-80-000269'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000269.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"","run_time":0.3020193,"start_time":"2023-06-07T08:29:20-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"","run_time":0.350858,"start_time":"2023-06-07T08:29:20-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"","run_time":0.7810286,"start_time":"2023-06-07T08:29:20-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"","run_time":0.4751133,"start_time":"2023-06-07T08:29:21-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"","run_time":0.404362,"start_time":"2023-06-07T08:29:21-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"","run_time":0.4408188,"start_time":"2023-06-07T08:29:22-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]","resource_id":""}]},{"id":"VCSA-80-000270","title":"The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".","desc":"When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.","descriptions":[{"label":"default","data":"When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Promiscuous Mode\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Promiscuous Mode\" policy is set to accept, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Promiscuous Mode\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000270","rid":"SV-VCSA-80-000270","stig_id":"VCSA-80-000270","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000270' do\n  title 'The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Promiscuous Mode\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000270'\n  tag rid: 'SV-VCSA-80-000270'\n  tag stig_id: 'VCSA-80-000270'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000270.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"","run_time":0.3311334,"start_time":"2023-06-07T08:29:22-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"","run_time":0.5081735,"start_time":"2023-06-07T08:29:23-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"","run_time":0.447688,"start_time":"2023-06-07T08:29:23-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"","run_time":0.5091141,"start_time":"2023-06-07T08:29:24-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"","run_time":0.9601561,"start_time":"2023-06-07T08:29:24-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"","run_time":0.4214615,"start_time":"2023-06-07T08:29:25-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]","resource_id":""}]},{"id":"VCSA-80-000271","title":"The vCenter Server must only send NetFlow traffic to authorized collectors.","desc":"The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.","descriptions":[{"label":"default","data":"The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nTo view NetFlow Collector IPs configured on distributed switches:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nView the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NetFlowCollectorIPs\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\nTo view if NetFlow is enabled on any distributed port groups:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Manage >> Settings >> Policies.\n\nGo to \"Monitoring\" and view the NetFlow status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Select Name,VirtualSwitch,@{N=\"NetFlowEnabled\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\nIf NetFlow is configured and the collector IP is not known and documented, this is a finding."},{"label":"fix","data":"To remove collector IPs, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nClick \"Edit\".\n\nRemove any unknown collector IPs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$dvs = Get-VDSwitch dvswitch | Get-View\nForEach($vs in $dvs){\n$spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n$spec.configversion = $vs.Config.ConfigVersion\n$spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n$spec.IpfixConfig.CollectorIpAddress = \"\"\n$spec.IpfixConfig.CollectorPort = \"0\"\n$spec.IpfixConfig.ActiveFlowTimeout = \"60\"\n$spec.IpfixConfig.IdleFlowTimeout = \"15\"\n$spec.IpfixConfig.SamplingRate = \"0\"\n$spec.IpfixConfig.InternalFlowsOnly = $False\n$vs.ReconfigureDvs_Task($spec)\n}\n\nNote: This will reset the NetFlow collector configuration back to the defaults.\n\nTo disable NetFlow on a distributed port group, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Monitoring\" tab.\n\nChange \"NetFlow\" to \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n$spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n$spec.defaultPortConfig.ipfixEnabled.inherited = $false\n$spec.defaultPortConfig.ipfixEnabled.value = $false\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000271","rid":"SV-VCSA-80-000271","stig_id":"VCSA-80-000271","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000271' do\n  title 'The vCenter Server must only send NetFlow traffic to authorized collectors.'\n  desc  'The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    To view NetFlow Collector IPs configured on distributed switches:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NetFlowCollectorIPs\\\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\n    To view if NetFlow is enabled on any distributed port groups:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Manage >> Settings >> Policies.\n\n    Go to \\\"Monitoring\\\" and view the NetFlow status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Select Name,VirtualSwitch,@{N=\\\"NetFlowEnabled\\\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\n    If NetFlow is configured and the collector IP is not known and documented, this is a finding.\n  \"\n  desc 'fix', \"\n    To remove collector IPs, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    Click \\\"Edit\\\".\n\n    Remove any unknown collector IPs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $dvs = Get-VDSwitch dvswitch | Get-View\n    ForEach($vs in $dvs){\n    $spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n    $spec.configversion = $vs.Config.ConfigVersion\n    $spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n    $spec.IpfixConfig.CollectorIpAddress = \\\"\\\"\n    $spec.IpfixConfig.CollectorPort = \\\"0\\\"\n    $spec.IpfixConfig.ActiveFlowTimeout = \\\"60\\\"\n    $spec.IpfixConfig.IdleFlowTimeout = \\\"15\\\"\n    $spec.IpfixConfig.SamplingRate = \\\"0\\\"\n    $spec.IpfixConfig.InternalFlowsOnly = $False\n    $vs.ReconfigureDvs_Task($spec)\n    }\n\n    Note: This will reset the NetFlow collector configuration back to the defaults.\n\n    To disable NetFlow on a distributed port group, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Monitoring\\\" tab.\n\n    Change \\\"NetFlow\\\" to \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n    $spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n    $spec.defaultPortConfig.ipfixEnabled.inherited = $false\n    $spec.defaultPortConfig.ipfixEnabled.value = $false\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000271'\n  tag rid: 'SV-VCSA-80-000271'\n  tag stig_id: 'VCSA-80-000271'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  if vdswitches.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed switches found to check. This is not applicable.'\n    end\n  else\n    setimpact = true\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.IpfixConfig.CollectorIpAddress\"\n      result = powercli_command(command).stdout.strip\n      if !result.empty?\n        describe '' do\n          subject { result }\n          it { should cmp \"#{input('ipfixCollectorAddress')}\" }\n        end\n        setimpact = false\n      else\n        describe '' do\n          skip \"Ipfix CollectorIpAddress not configured...skipping #{vds}.\"\n        end\n      end\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000271.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"","run_time":1.26e-05,"start_time":"2023-06-07T08:29:25-06:00","resource":"","skip_message":"Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 1.","resource_class":"Object","resource_params":"[]","resource_id":""},{"status":"skipped","code_desc":"","run_time":9.1e-06,"start_time":"2023-06-07T08:29:25-06:00","resource":"","skip_message":"Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 2.","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"VCSA-80-000272","title":"The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).","desc":"ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.","descriptions":[{"label":"default","data":"ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nChange the VLAN ID to a non-native VLAN.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000272","rid":"SV-VCSA-80-000272","stig_id":"VCSA-80-000272","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000272' do\n  title 'The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).'\n  desc  \"\n    ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\n    For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \\\"1\\\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \\\"1\\\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\n    If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Change the VLAN ID to a non-native VLAN.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000272'\n  tag rid: 'SV-VCSA-80-000272'\n  tag stig_id: 'VCSA-80-000272'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '1' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000272.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"","run_time":0.2220219,"start_time":"2023-06-07T08:29:25-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"","run_time":0.2193449,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"","run_time":0.2591679,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"","run_time":0.2532139,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""}]},{"id":"VCSA-80-000273","title":"The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.","desc":"When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.","descriptions":[{"label":"default","data":"When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group \"VLAN Type\" and \"VLAN trunk range\", if present.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \"True\"} | Select Name,VlanConfiguration\n\nIf any port group is configured with \"VLAN trunking\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\nIf any port group is authorized to be configured with \"VLAN trunking\" but is not configured with the most limited range necessary, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nIf \"VLAN trunking\" is not authorized, remove it by setting \"VLAN type\" to \"VLAN\" and configure an appropriate VLAN ID. Click \"OK\".\n\nIf \"VLAN trunking\" is authorized but the range is too broad, modify the range in the \"VLAN trunk range\" field to the minimum necessary and authorized range. An example range would be \"1,3-5,8\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanTrunkRange \"<VLAN Range(s) comma separated>\"\n\nor\n\nRun this command to configure a single VLAN ID:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanId \"<New VLAN#>\""}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000273","rid":"SV-VCSA-80-000273","stig_id":"VCSA-80-000273","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000273' do\n  title 'The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.'\n  desc  \"\n    When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\n    The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\n    If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group \\\"VLAN Type\\\" and \\\"VLAN trunk range\\\", if present.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \\\"True\\\"} | Select Name,VlanConfiguration\n\n    If any port group is configured with \\\"VLAN trunking\\\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\n    If any port group is authorized to be configured with \\\"VLAN trunking\\\" but is not configured with the most limited range necessary, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    If \\\"VLAN trunking\\\" is not authorized, remove it by setting \\\"VLAN type\\\" to \\\"VLAN\\\" and configure an appropriate VLAN ID. Click \\\"OK\\\".\n\n    If \\\"VLAN trunking\\\" is authorized but the range is too broad, modify the range in the \\\"VLAN trunk range\\\" field to the minimum necessary and authorized range. An example range would be \\\"1,3-5,8\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanTrunkRange \\\"<VLAN Range(s) comma separated>\\\"\n\n    or\n\n    Run this command to configure a single VLAN ID:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanId \\\"<New VLAN#>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000273'\n  tag rid: 'SV-VCSA-80-000273'\n  tag stig_id: 'VCSA-80-000273'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {(($_.IsUplink -eq $false) -and ($_.VlanConfiguration -match \"Trunk\"))} | Select-Object -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed port groups found to check. This is not applicable.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.Start\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '0' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.End\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '4094' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000273.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"","run_time":6.9e-06,"start_time":"2023-06-07T08:29:26-06:00","resource":"","skip_message":"No distributed port groups found to check. This is not applicable.","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"VCSA-80-000274","title":"The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.","desc":"Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.","descriptions":[{"label":"default","data":"Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with a reserved VLAN ID, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000274","rid":"SV-VCSA-80-000274","stig_id":"VCSA-80-000274","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000274' do\n  title 'The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.'\n  desc  \"\n    Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\n    Check with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with a reserved VLAN ID, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000274'\n  tag rid: 'SV-VCSA-80-000274'\n  tag stig_id: 'VCSA-80-000274'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vlanlist = ['1001', '1024', '3968', '4047', '4094']\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not be_in vlanlist }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000274.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"","run_time":0.0002922,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"","run_time":0.0002454,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"","run_time":0.0002127,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"","run_time":0.0004291,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]","resource_id":""}]},{"id":"VCSA-80-000275","title":"The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.","desc":"By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host.","descriptions":[{"label":"default","data":"By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"VirtualCenter.VimPasswordExpirationInDays\" is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\nIf the \"VirtualCenter.VimPasswordExpirationInDays\" is set to a value other than \"30\" or does not exist, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"VirtualCenter.VimPasswordExpirationInDays\" value to \"30\" or if the value does not exist create it by entering the values in the \"Key\" and \"Value\" fields and clicking \"Add\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nIf the setting already exists:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\nIf the setting does not exist:\n\nNew-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000275","rid":"SV-VCSA-80-000275","stig_id":"VCSA-80-000275","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000275' do\n  title 'The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.'\n  desc  \"\n    By default, vCenter will change the \\\"vpxuser\\\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\n    Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \\\"vpxuser\\\" password to preclude the possibility that vCenter might be locked out of an ESXi host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\n    If the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to a value other than \\\"30\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" value to \\\"30\\\" or if the value does not exist create it by entering the values in the \\\"Key\\\" and \\\"Value\\\" fields and clicking \\\"Add\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    If the setting already exists:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\n    If the setting does not exist:\n\n    New-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000275'\n  tag rid: 'SV-VCSA-80-000275'\n  tag stig_id: 'VCSA-80-000275'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '30' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000275.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"30\"","run_time":0.6119271,"start_time":"2023-06-07T08:29:26-06:00","resource_class":"powercli_command","resource_params":"[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"VCSA-80-000276","title":"The vCenter Server must configure the \"vpxuser\" password to meet length policy.","desc":"The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters.","descriptions":[{"label":"default","data":"The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"config.vpxd.hostPasswordLength\" is set to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\nIf the \"config.vpxd.hostPasswordLength\" is set to a value other than \"32, this is a finding.\n\nIf the setting does not exist, this is not a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.vpxd.hostPasswordLength\" value to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000276","rid":"SV-VCSA-80-000276","stig_id":"VCSA-80-000276","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000276' do\n  title 'The vCenter Server must configure the \"vpxuser\" password to meet length policy.'\n  desc  \"\n    The \\\"vpxuser\\\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\n    Longer passwords make brute-force password attacks more difficult. The \\\"vpxuser\\\" password is added by vCenter, meaning no manual intervention is normally required. The \\\"vpxuser\\\" password length must never be modified to less than the default length of 32 characters.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"config.vpxd.hostPasswordLength\\\" is set to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\n    If the \\\"config.vpxd.hostPasswordLength\\\" is set to a value other than \\\"32, this is a finding.\n\n    If the setting does not exist, this is not a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.vpxd.hostPasswordLength\\\" value to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000276'\n  tag rid: 'SV-VCSA-80-000276'\n  tag stig_id: 'VCSA-80-000276'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value'\n  describe.one do\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp '32' }\n    end\n    describe powercli_command(command) do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000276.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value stdout.strip is expected to be empty","run_time":0.0002715,"start_time":"2023-06-07T08:29:27-06:00","resource_class":"powercli_command","resource_params":"[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"VCSA-80-000277","title":"The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.","desc":"vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.","descriptions":[{"label":"default","data":"vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use."},{"label":"rationale","data":""},{"label":"check","data":"Check the following conditions:\n\n1. Lifecycle Manager must be configured to use the UMDS.\n\nOR\n\n2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\nOR\n\n3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\nOption 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches from a UMDS shared repository\" radio button is selected and that a valid UMDS repository is supplied.\n\nClick \"Cancel\".\n\nIf this is not set, this is a finding.\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches directly from the internet\" radio button is selected.\n\nClick \"Cancel\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nVerify that \"HTTPS\" is \"Enabled\".\n\nClick the \"HTTPS\" row.\n\nVerify the proxy server configuration is accurate.\n\nIf this is not set, this is a finding.\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nVerify the \"Automatic downloads\" option is disabled.\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nVerify any download sources are disabled.\n\nIf this is not set, this is a finding."},{"label":"fix","data":"Option 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches from a UMDS shared repository\" radio button and supply a valid UMDS repository.\n\nClick \"Save\".\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches directly from the internet\" radio button.\n\nClick \"Save\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nClick \"Edit\".\n\nSlide \"HTTPS\" to \"Enabled\".\n\nSupply the appropriate proxy server configuration.\n\nClick \"Save\".\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nClick \"Edit\" and uncheck \"Download patches\".\n\nUnder \"Patch Setup\" select each download source and click Disable."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000277","rid":"SV-VCSA-80-000277","stig_id":"VCSA-80-000277","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000277' do\n  title 'The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.'\n  desc  \"\n    vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\n    There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\n    Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Check the following conditions:\n\n    1. Lifecycle Manager must be configured to use the UMDS.\n\n    OR\n\n    2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\n    OR\n\n    3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches from a UMDS shared repository\\\" radio button is selected and that a valid UMDS repository is supplied.\n\n    Click \\\"Cancel\\\".\n\n    If this is not set, this is a finding.\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches directly from the internet\\\" radio button is selected.\n\n    Click \\\"Cancel\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Verify that \\\"HTTPS\\\" is \\\"Enabled\\\".\n\n    Click the \\\"HTTPS\\\" row.\n\n    Verify the proxy server configuration is accurate.\n\n    If this is not set, this is a finding.\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Verify the \\\"Automatic downloads\\\" option is disabled.\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Verify any download sources are disabled.\n\n    If this is not set, this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches from a UMDS shared repository\\\" radio button and supply a valid UMDS repository.\n\n    Click \\\"Save\\\".\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches directly from the internet\\\" radio button.\n\n    Click \\\"Save\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Click \\\"Edit\\\".\n\n    Slide \\\"HTTPS\\\" to \\\"Enabled\\\".\n\n    Supply the appropriate proxy server configuration.\n\n    Click \\\"Save\\\".\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Click \\\"Edit\\\" and uncheck \\\"Download patches\\\".\n\n    Under \\\"Patch Setup\\\" select each download source and click Disable.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000277'\n  tag rid: 'SV-VCSA-80-000277'\n  tag stig_id: 'VCSA-80-000277'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000277.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":1.02e-05,"start_time":"2023-06-07T08:29:27-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000278","title":"The vCenter Server must use unique service accounts when applications connect to vCenter.","desc":"To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.","descriptions":[{"label":"default","data":"To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts."},{"label":"rationale","data":""},{"label":"check","data":"Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\nFor example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\nIf any application shares a service account that is used to connect to vCenter, this is a finding."},{"label":"fix","data":"For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\nWhen standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000278","rid":"SV-VCSA-80-000278","stig_id":"VCSA-80-000278","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000278' do\n  title 'The vCenter Server must use unique service accounts when applications connect to vCenter.'\n  desc  'To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\n    For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\n    If any application shares a service account that is used to connect to vCenter, this is a finding.\n  \"\n  desc  'fix', \"\n    For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\n    When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000278'\n  tag rid: 'SV-VCSA-80-000278'\n  tag stig_id: 'VCSA-80-000278'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000278.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":8.4e-06,"start_time":"2023-06-07T08:29:27-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000279","title":"The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.","desc":"Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.","descriptions":[{"label":"default","data":"Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic."},{"label":"rationale","data":""},{"label":"check","data":"If IP-based storage is not used, this is not applicable.\n\nIP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\nThe check for this will be unique per environment.\n\nTo check a standard switch, do the following:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\nVerify it is dedicated to that purpose and is logically separated from other traffic types.\n\nTo check a distributed switch, do the following,\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \"Summary\" tab.\n\nNote the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."},{"label":"fix","data":"Configuration of an IP-based VMkernel will be unique to each environment.\n\nTo configure VLANs and traffic types, do the following:\n\nStandard switch:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"Edit...\" and click the \"Port properties\" tab.\n\nUncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and click \"...\". Click \"Edit Settings\". On the \"Properties\" tab, enter the appropriate VLAN ID and click \"OK\".\n\nDistributed switch:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Topology.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"...\" and click \"Edit Settings\".\n\nOn the \"Port properties\" tab, uncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nEnter the appropriate VLAN type and ID and click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000279","rid":"SV-VCSA-80-000279","stig_id":"VCSA-80-000279","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000279' do\n  title 'The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.'\n  desc  \"\n    Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\n    IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\n    The check for this will be unique per environment.\n\n    To check a standard switch, do the following:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\n    Verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    To check a distributed switch, do the following,\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \\\"Summary\\\" tab.\n\n    Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-based VMkernel will be unique to each environment.\n\n    To configure VLANs and traffic types, do the following:\n\n    Standard switch:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"Edit...\\\" and click the \\\"Port properties\\\" tab.\n\n    Uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and click \\\"...\\\". Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, enter the appropriate VLAN ID and click \\\"OK\\\".\n\n    Distributed switch:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Topology.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"...\\\" and click \\\"Edit Settings\\\".\n\n    On the \\\"Port properties\\\" tab, uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Enter the appropriate VLAN type and ID and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000279'\n  tag rid: 'SV-VCSA-80-000279'\n  tag stig_id: 'VCSA-80-000279'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000279.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":8.9e-06,"start_time":"2023-06-07T08:29:27-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000280","title":"The vCenter server must be configured to send events to a central log server.","desc":"vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained.","descriptions":[{"label":"default","data":"vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"vpxd.event.syslog.enabled\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\nIf the \"vpxd.event.syslog.enabled\" value is not set to \"true\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"vpxd.event.syslog.enabled\" setting to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000358","gid":"V-VCSA-80-000280","rid":"SV-VCSA-80-000280","stig_id":"VCSA-80-000280","cci":["CCI-001851"],"nist":["AU-4 (1)"]},"code":"control 'VCSA-80-000280' do\n  title 'The vCenter server must be configured to send events to a central log server.'\n  desc  \"\n    vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\n    The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"vpxd.event.syslog.enabled\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\n    If the \\\"vpxd.event.syslog.enabled\\\" value is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"vpxd.event.syslog.enabled\\\" setting to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000280'\n  tag rid: 'SV-VCSA-80-000280'\n  tag stig_id: 'VCSA-80-000280'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000280.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"","run_time":0.6452781,"start_time":"2023-06-07T08:29:27-06:00","resource_class":"powercli_command","resource_params":"[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"VCSA-80-000281","title":"The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.","desc":"The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.","descriptions":[{"label":"default","data":"The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nIf the HCL internet download is not required, verify \"Status\" is \"Disabled\".\n\nIf the \"Status\" is \"Enabled\", this is a finding.\n\nIf the HCL internet download is required, verify \"Status\" is \"Enabled\" and a proxy host is configured.\n\nIf \"Status\" is \"Enabled\" and a proxy is not configured, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nClick \"Edit\".\n\nIf the HCL internet download is not required, ensure that \"Status\" is \"Disabled\".\n\nIf the HCL internet download is required, ensure that \"Status\" is \"Enabled\" and that a proxy host is appropriately configured."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000281","rid":"SV-VCSA-80-000281","stig_id":"VCSA-80-000281","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000281' do\n  title 'The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.'\n  desc  'The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    If the HCL internet download is not required, verify \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the \\\"Status\\\" is \\\"Enabled\\\", this is a finding.\n\n    If the HCL internet download is required, verify \\\"Status\\\" is \\\"Enabled\\\" and a proxy host is configured.\n\n    If \\\"Status\\\" is \\\"Enabled\\\" and a proxy is not configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    Click \\\"Edit\\\".\n\n    If the HCL internet download is not required, ensure that \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the HCL internet download is required, ensure that \\\"Status\\\" is \\\"Enabled\\\" and that a proxy host is appropriately configured.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000281'\n  tag rid: 'SV-VCSA-80-000281'\n  tag stig_id: 'VCSA-80-000281'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    command = '$vsanphview = Get-VsanView -Id VsanPhoneHomeSystem-vsan-phonehome-system; $vsanphview.QueryVsanCloudHealthStatus().InternetConnectivity'\n    vcinternetenabled = powercli_command(command).stdout.strip\n\n    if vcinternetenabled == 'True'\n      proxycommand = '$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host'\n      describe powercli_command(proxycommand) do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    else\n      describe 'Enable Internet access for all vSAN clusters.' do\n        subject { vcinternetenabled }\n        it { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000281.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: $vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host stdout.strip is expected not to cmp == \"\"","run_time":0.0795031,"start_time":"2023-06-07T08:29:28-06:00","message":"\nexpected: \n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host\"]","resource_id":""}]},{"id":"VCSA-80-000282","title":"The vCenter Server must configure the vSAN Datastore name to a unique name.","desc":"A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.","descriptions":[{"label":"default","data":"A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nReview the datastores and identify any datastores with \"vSAN\" as the datastore type.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\nGet-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \"vsan\"}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}\n\nIf vSAN is enabled and a datastore is named \"vsanDatastore\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nRight-click on the datastore named \"vsanDatastore\" and select \"Rename\".\n\nRename the datastore based on site-specific naming standards.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\n$Clusters = Get-Cluster | where {$_.VsanEnabled}\nForeach ($clus in $clusters){\n $clus | Get-Datastore | where {$_.type -match \"vsan\"} | Set-Datastore -Name $(($clus.name) + \"_vSAN_Datastore\")\n}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000282","rid":"SV-VCSA-80-000282","stig_id":"VCSA-80-000282","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000282' do\n  title 'The vCenter Server must configure the vSAN Datastore name to a unique name.'\n  desc  'A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Review the datastores and identify any datastores with \\\"vSAN\\\" as the datastore type.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \\\"vsan\\\"}\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n\n    If vSAN is enabled and a datastore is named \\\"vsanDatastore\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Right-click on the datastore named \\\"vsanDatastore\\\" and select \\\"Rename\\\".\n\n    Rename the datastore based on site-specific naming standards.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    $Clusters = Get-Cluster | where {$_.VsanEnabled}\n    Foreach ($clus in $clusters){\n     $clus | Get-Datastore | where {$_.type -match \\\"vsan\\\"} | Set-Datastore -Name $(($clus.name) + \\\"_vSAN_Datastore\\\")\n    }\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000282'\n  tag rid: 'SV-VCSA-80-000282'\n  tag stig_id: 'VCSA-80-000282'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-Cluster | Where-Object {$_.VsanEnabled} | Get-Datastore | Where-Object {$_.type -match \"vsan\"} | Select-Object -ExpandProperty Name'\n  vsandatastores = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vsandatastores.empty?\n    describe '' do\n      skip 'No VSAN datastores found to check.'\n    end\n  else\n    vsandatastores.each do |ds|\n      describe '' do\n        subject { ds }\n        it { should_not cmp 'vsanDatastore' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000282.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"is expected not to cmp == \"vsanDatastore\"","run_time":0.0002802,"start_time":"2023-06-07T08:29:28-06:00","message":"\nexpected: vsanDatastore\n     got: vsanDatastore\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":""}]},{"id":"VCSA-80-000283","title":"The vCenter Server must disable Username/Password and Windows Integrated Authentication.","desc":"All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.","descriptions":[{"label":"default","data":"All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional."},{"label":"rationale","data":""},{"label":"check","data":"If a federated identity provider is configured and used for an identity source, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder \"Authentication method\", examine the allowed methods.\n\nIf \"Smart card authentication\" is not enabled and \"Password and windows session authentication\" is not disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nNext to \"Authentication method\", click \"Edit\".\n\nSelect to radio button to \"Enable smart card authentication\".\n\nClick \"Save\".\n\nTo re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n# /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000283","rid":"SV-VCSA-80-000283","stig_id":"VCSA-80-000283","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000283' do\n  title 'The vCenter Server must disable Username/Password and Windows Integrated Authentication.'\n  desc  'All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under \\\"Authentication method\\\", examine the allowed methods.\n\n    If \\\"Smart card authentication\\\" is not enabled and \\\"Password and windows session authentication\\\" is not disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Next to \\\"Authentication method\\\", click \\\"Edit\\\".\n\n    Select to radio button to \\\"Enable smart card authentication\\\".\n\n    Click \\\"Save\\\".\n\n    To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n    # /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000283'\n  tag rid: 'SV-VCSA-80-000283'\n  tag stig_id: 'VCSA-80-000283'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('embeddedIdp')\n    describe powercli_command('(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    describe 'A federated IDP is configured so this is Not Applicable.' do\n      skip 'A federated IDP is configured so this is Not Applicable.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000283.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp == \"true\"","run_time":0.000345,"start_time":"2023-06-07T08:29:28-06:00","message":"\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoAuthenticationPolicy).PasswordAuthnEnabled stdout.strip is expected to cmp == \"false\"","run_time":0.1837198,"start_time":"2023-06-07T08:29:28-06:00","message":"\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: (Get-SsoAuthenticationPolicy).WindowsAuthnEnabled stdout.strip is expected to cmp == \"false\"","run_time":0.2947417,"start_time":"2023-06-07T08:29:28-06:00","message":"\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled\"]","resource_id":""}]},{"id":"VCSA-80-000284","title":"The vCenter Server must restrict access to the default roles with cryptographic permissions.","desc":"In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.","descriptions":[{"label":"default","data":"In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography."},{"label":"rationale","data":""},{"label":"check","data":"By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Where {$_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\nThe built-in solution users assigned to the administrator role are NOT a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nMove any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \"No Cryptography Administrator\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000284","rid":"SV-VCSA-80-000284","stig_id":"VCSA-80-000284","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000284' do\n  title 'The vCenter Server must restrict access to the default roles with cryptographic permissions.'\n  desc  \"\n    In vSphere, the built-in \\\"Administrator\\\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\n    A new built-in role called \\\"No Cryptography Administrator\\\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \\\"No Cryptography Administrator\\\" role or more restrictive.\n\n    The \\\"Administrator\\\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Where {$_.Role -eq \\\"Admin\\\" -or $_.Role -eq \\\"NoTrustedAdmin\\\" -or $_.Role -eq \\\"vCLSAdmin\\\" -or $_.Role -eq \\\"vSphereKubernetesManager\\\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\n    The built-in solution users assigned to the administrator role are NOT a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \\\"No Cryptography Administrator\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000284'\n  tag rid: 'SV-VCSA-80-000284'\n  tag stig_id: 'VCSA-80-000284'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoAdmins = input('vcCryptoAdmins')\n\n  # Get all users/groups with Admin/Administrator role excluding vpxd- accounts\n  command = 'Get-VIPermission | Where-Object {($_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\") -and $_.Principal -notmatch \"vpxd-\"} | Select-Object -ExpandProperty Principal'\n  cryptoadmins = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoadmins.empty?\n    cryptoadmins.each do |cryptoadmin|\n      describe cryptoadmin do\n        subject { cryptoadmin }\n        it { should be_in vcCryptoAdmins }\n      end\n    end\n  else\n    describe 'No users/groups found assigned to crypto roles...skipping tests.' do\n      skip 'No users/groups found assigned to crypto roles...skipping tests.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000284.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VSPHERE.LOCAL\\Administrator is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0003841,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\Administrator"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0002994,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\Administrators"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0002966,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\Administrators"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0002984,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\vCLSAdmin"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0004221,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\Administrators"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0006365,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\vCLSAdmin"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0002881,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\Administrators"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0002754,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\vCLSAdmin"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.000276,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\Administrators"},{"status":"passed","code_desc":"VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"","run_time":0.0002728,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VSPHERE.LOCAL\\vCLSAdmin"}]},{"id":"VCSA-80-000285","title":"The vCenter Server must restrict access to cryptographic permissions.","desc":"These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.","descriptions":[{"label":"default","data":"These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography."},{"label":"rationale","data":""},{"label":"check","data":"By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight each role and click the 'Privileges\" button in the right pane.\n\nVerify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$roles = Get-VIRole\nForEach($role in $roles){\n    $privileges = $role.PrivilegeList\n    If($privileges -match \"Crypto*\" -or $privileges -match \"Global.Diagnostics\" -or $privileges -match \"Host.Inventory.Add*\" -or $privileges -match \"Host.Local operations.Manage user groups\"){\n    Write-Host \"$role has Cryptographic privileges\"\n    }\n}\n\nIf any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight the target custom role and click \"Edit\".\n\nRemove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000285","rid":"SV-VCSA-80-000285","stig_id":"VCSA-80-000285","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000285' do\n  title 'The vCenter Server must restrict access to cryptographic permissions.'\n  desc  'These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.'\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight each role and click the 'Privileges\\\" button in the right pane.\n\n    Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $roles = Get-VIRole\n    ForEach($role in $roles){\n        $privileges = $role.PrivilegeList\n        If($privileges -match \\\"Crypto*\\\" -or $privileges -match \\\"Global.Diagnostics\\\" -or $privileges -match \\\"Host.Inventory.Add*\\\" -or $privileges -match \\\"Host.Local operations.Manage user groups\\\"){\n        Write-Host \\\"$role has Cryptographic privileges\\\"\n        }\n    }\n\n    If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight the target custom role and click \\\"Edit\\\".\n\n    Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000285'\n  tag rid: 'SV-VCSA-80-000285'\n  tag stig_id: 'VCSA-80-000285'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoRoles = input('vcCryptoRoles')\n\n  command = 'Get-VIRole | Where-Object {$_.PrivilegeList -match \"Crypto*\" -or $_.PrivilegeList -match \"Global.Diagnostics\" -or $_.PrivilegeList -match \"Host.Inventory.Add*\" -or $_.PrivilegeList -match \"Host.Local operations.Manage user groups\"} | Select-Object -ExpandProperty Name'\n  cryptoroles = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoroles.empty?\n    cryptoroles.each do |cryptorole|\n      describe cryptorole do\n        subject { cryptorole }\n        it { should be_in vcCryptoRoles }\n      end\n    end\n  else\n    describe 'No roles found with crypto permissions...skipping tests.' do\n      skip 'No roles found with crypto permissions...skipping tests.'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000285.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"NoTrustedAdmin is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"","run_time":0.0002811,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"NoTrustedAdmin"},{"status":"passed","code_desc":"Admin is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"","run_time":0.0002912,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Admin"},{"status":"passed","code_desc":"vSphereKubernetesManager is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"","run_time":0.0006983,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"vSphereKubernetesManager"},{"status":"passed","code_desc":"vCLSAdmin is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"","run_time":0.0002581,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"vCLSAdmin"}]},{"id":"VCSA-80-000286","title":"The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.","desc":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.","descriptions":[{"label":"default","data":"When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, review the value in the \"Authentication\" column.\n\nIf the Authentication method is not set to \"CHAP_Mutual\" for any iSCSI target, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, select the item and click \"Edit\".\n\nChange the \"Authentication\" field to \"Mutual CHAP\" and configure the incoming and outgoing users and secrets appropriately."}],"impact":0.0,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000286","rid":"SV-VCSA-80-000286","stig_id":"VCSA-80-000286","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000286' do\n  title 'The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, review the value in the \\\"Authentication\\\" column.\n\n    If the Authentication method is not set to \\\"CHAP_Mutual\\\" for any iSCSI target, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, select the item and click \\\"Edit\\\".\n\n    Change the \\\"Authentication\\\" field to \\\"Mutual CHAP\\\" and configure the incoming and outgoing users and secrets appropriately.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000286'\n  tag rid: 'SV-VCSA-80-000286'\n  tag stig_id: 'VCSA-80-000286'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !clusters.empty?\n    clusters.each do |cluster|\n      iscsiEnabled = powercli_command(\"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").IscsiTargetServiceEnabled\").stdout.strip\n      if iscsiEnabled == 'True'\n        command = \"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").DefaultIscsiAuthenticationType\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'MutualChap' }\n        end\n        setimpact = false\n      else\n        describe \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\" do\n          skip \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No vSAN enabled clusters found...this is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000286.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.","run_time":9.9e-06,"start_time":"2023-06-07T08:29:28-06:00","resource":"","skip_message":"vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.","resource_class":"Object","resource_params":"[]","resource_id":"vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable."}]},{"id":"VCSA-80-000287","title":"The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).","desc":"The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.","descriptions":[{"label":"default","data":"The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data."},{"label":"rationale","data":""},{"label":"check","data":"If vSAN is not in use, this is not applicable.\n\nInterview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\nVMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\nIf vSAN encryption is not in use, this is not a finding.\n\nIf vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding."},{"label":"fix","data":"If vSAN encryption is in use, ensure that a regular rekey procedure is in place."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000287","rid":"SV-VCSA-80-000287","stig_id":"VCSA-80-000287","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000287' do\n  title 'The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).'\n  desc  \"\n    The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\n    This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If vSAN is not in use, this is not applicable.\n\n    Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\n    VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\n    If vSAN encryption is not in use, this is not a finding.\n\n    If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.\n  \"\n  desc 'fix', 'If vSAN encryption is in use, ensure that a regular rekey procedure is in place.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000287'\n  tag rid: 'SV-VCSA-80-000287'\n  tag stig_id: 'VCSA-80-000287'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000287.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":7.3e-06,"start_time":"2023-06-07T08:29:28-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000288","title":"The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.","desc":"LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.","descriptions":[{"label":"default","data":"LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded."},{"label":"rationale","data":""},{"label":"check","data":"If LDAP is not used as an identity provider, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\", if the \"Server URL\" does not indicate \"ldaps://\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\" where LDAPS is not configured, highlight the item and click \"Edit\".\n\nEnsure the primary and secondary server URLs, if specified, are configured for \"ldaps://\".\n\nAt the bottom, click the \"Browse\" button, select the AD LDAP cert previously exported to your local computer, click \"Open\", and \"Save\" to complete modifications.\n\nNote: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000288","rid":"SV-VCSA-80-000288","stig_id":"VCSA-80-000288","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000288' do\n  title 'The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.'\n  desc  \"\n    LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\n    When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If LDAP is not used as an identity provider, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\", if the \\\"Server URL\\\" does not indicate \\\"ldaps://\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\" where LDAPS is not configured, highlight the item and click \\\"Edit\\\".\n\n    Ensure the primary and secondary server URLs, if specified, are configured for \\\"ldaps://\\\".\n\n    At the bottom, click the \\\"Browse\\\" button, select the AD LDAP cert previously exported to your local computer, click \\\"Open\\\", and \\\"Save\\\" to complete modifications.\n\n    Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000288'\n  tag rid: 'SV-VCSA-80-000288'\n  tag stig_id: 'VCSA-80-000288'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000288.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":6.2e-06,"start_time":"2023-06-07T08:29:28-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000290","title":"The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.","desc":"vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted.","descriptions":[{"label":"default","data":"vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: By default the Administrator and a unique service account similar to \"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\" will be in the group and should not be removed.\n\nIf there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000290","rid":"SV-VCSA-80-000290","stig_id":"VCSA-80-000290","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000290' do\n  title 'The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.'\n  desc  \"\n    vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \\\"SystemConfiguration.BashShellAdministrators\\\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \\\"sso-user\\\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\n    To force accountability and nonrepudiation, the SSO group \\\"SystemConfiguration.BashShellAdministrators\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: By default the Administrator and a unique service account similar to \\\"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\\\" will be in the group and should not be removed.\n\n    If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000290'\n  tag rid: 'SV-VCSA-80-000290'\n  tag stig_id: 'VCSA-80-000290'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  bashShellAdminUsers = input('bashShellAdminUsers')\n  # Get appliance management user and add to list of authorized users. Unique to each vCenter.\n  applmgmtuser = powercli_command('Get-SsoGroup -Domain vsphere.local -Name applmgmtSvcUsers | Get-SsoPersonUser | Select-Object -ExpandProperty Name').stdout.strip\n  bashShellAdminUsers.push(applmgmtuser)\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in SystemConfiguration.BashShellAdministrators' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |user|\n      describe user do\n        it { should be_in bashShellAdminUsers }\n      end\n    end\n  end\n  bashShellAdminGroups = input('bashShellAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in SystemConfiguration.BashShellAdministrators' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |group|\n      describe group do\n        it { should be_in bashShellAdminGroups }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000290.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Administrator is expected to be in \"Administrator\" and \"vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d\"","run_time":0.0002423,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Administrator"},{"status":"passed","code_desc":"vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d is expected to be in \"Administrator\" and \"vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d\"","run_time":0.0002087,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d"},{"status":"passed","code_desc":"Stderr should be empty if no groups found is expected to be empty","run_time":0.0130313,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Stderr should be empty if no groups found"},{"status":"passed","code_desc":"No groups found in SystemConfiguration.BashShellAdministrators is expected to be empty","run_time":0.0086464,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"No groups found in SystemConfiguration.BashShellAdministrators"}]},{"id":"VCSA-80-000291","title":"The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.","desc":"The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted.","descriptions":[{"label":"default","data":"The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\nIf there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000291","rid":"SV-VCSA-80-000291","stig_id":"VCSA-80-000291","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000291' do\n  title 'The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.'\n  desc  \"\n    The vSphere \\\"TrustedAdmins\\\" group grants additional rights to administer the vSphere Trust Authority feature.\n\n    To force accountability and nonrepudiation, the SSO group \\\"TrustedAdmins\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\n    If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000291'\n  tag rid: 'SV-VCSA-80-000291'\n  tag stig_id: 'VCSA-80-000291'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  trustedAdminUsers = input('trustedAdminUsers')\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in TrustedAdmins' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.split.each do |user|\n      describe user do\n        it { should be_in trustedAdminUsers }\n      end\n    end\n  end\n  trustedAdminGroups = input('trustedAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in TrustedAdmins' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.split.each do |group|\n      describe group do\n        it { should be_in trustedAdminGroups }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000291.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Stderr should be empty if no users found is expected to be empty","run_time":0.0089216,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Stderr should be empty if no users found"},{"status":"passed","code_desc":"No users found in TrustedAdmins is expected to be empty","run_time":0.0087271,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"No users found in TrustedAdmins"},{"status":"passed","code_desc":"Stderr should be empty if no groups found is expected to be empty","run_time":0.0087042,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Stderr should be empty if no groups found"},{"status":"passed","code_desc":"No groups found in TrustedAdmins is expected to be empty","run_time":0.0085833,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"Object","resource_params":"[]","resource_id":"No groups found in TrustedAdmins"}]},{"id":"VCSA-80-000292","title":"The vCenter server configuration must be backed up on a regular basis.","desc":"vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.","descriptions":[{"label":"default","data":"vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane."},{"label":"rationale","data":""},{"label":"check","data":"Option 1:\n\nIf vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\nOption 2:\n\nFor vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, verify the \"Status\" is \"Enabled\".\n\nClick \"Status\" to expand the backup details.\n\nIf vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\nIf the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \"Daily\", this is a finding."},{"label":"fix","data":"Option 1:\n\nImplement and document a VMware-supported storage/image-based backup schedule.\n\nOption 2:\n\nTo configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Configure\" (or \"Edit\" for an existing configuration).\n\nEnter site-specific information for the backup job.\n\nEnsure \"Schedule\" is set to \"Daily\". Limiting the number of retained backups is recommended but not required.\n\nClick \"Create\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000292","rid":"SV-VCSA-80-000292","stig_id":"VCSA-80-000292","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000292' do\n  title 'The vCenter server configuration must be backed up on a regular basis.'\n  desc  \"\n    vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\n    For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Option 1:\n\n    If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\n    Option 2:\n\n    For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify the \\\"Status\\\" is \\\"Enabled\\\".\n\n    Click \\\"Status\\\" to expand the backup details.\n\n    If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\n    If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \\\"Daily\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    Implement and document a VMware-supported storage/image-based backup schedule.\n\n    Option 2:\n\n    To configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Configure\\\" (or \\\"Edit\\\" for an existing configuration).\n\n    Enter site-specific information for the backup job.\n\n    Ensure \\\"Schedule\\\" is set to \\\"Daily\\\". Limiting the number of retained backups is recommended but not required.\n\n    Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000292'\n  tag rid: 'SV-VCSA-80-000292'\n  tag stig_id: 'VCSA-80-000292'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('backup3rdParty')\n    describe '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.' do\n      skip '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.'\n    end\n  else\n    command = '(Invoke-ListRecoveryBackupSchedules).default.enable'\n    backupsenabled = powercli_command(command).stdout.strip\n\n    describe 'File based backups should be enabled.' do\n      subject { backupsenabled }\n      it { should cmp 'true' }\n    end\n\n    if backupsenabled == 'True'\n      # check that backups are scheduled daily. if so the days configuration will be empty\n      # if a custom schedule is specified and every day is selected this will fail and that should be changed to daily\n      backupschedule = powercli_command('(Invoke-ListRecoveryBackupSchedules).default.recurrence_info.days').stdout.strip\n      describe 'Backups should be scheduled daily.' do\n        subject { backupschedule }\n        it { should cmp '' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000292.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"File based backups should be enabled. is expected to cmp == \"true\"","run_time":0.0001691,"start_time":"2023-06-07T08:29:28-06:00","message":"\nexpected: true\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"File based backups should be enabled."}]},{"id":"VCSA-80-000293","title":"The vCenter server must have task and event retention set to at least 30 days.","desc":"vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.","descriptions":[{"label":"default","data":"vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick to expand the \"Database\" section.\n\nNote the \"Task retention\" and \"Event retention\" values.\n\nIf either value is configured to less than \"30\" days, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"Database\" tab, set the value for both \"Task retention\" and \"Event retention\" to \"30\" days (default) or greater, as required by your site.\n\nClick \"Save\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000293","rid":"SV-VCSA-80-000293","stig_id":"VCSA-80-000293","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000293' do\n  title 'The vCenter server must have task and event retention set to at least 30 days.'\n  desc  \"\n    vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\n    vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click to expand the \\\"Database\\\" section.\n\n    Note the \\\"Task retention\\\" and \\\"Event retention\\\" values.\n\n    If either value is configured to less than \\\"30\\\" days, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"Database\\\" tab, set the value for both \\\"Task retention\\\" and \\\"Event retention\\\" to \\\"30\\\" days (default) or greater, as required by your site.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000293'\n  tag rid: 'SV-VCSA-80-000293'\n  tag stig_id: 'VCSA-80-000293'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000293.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp >= \"30\"","run_time":0.5927463,"start_time":"2023-06-07T08:29:28-06:00","resource_class":"powercli_command","resource_params":"[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp >= \"30\"","run_time":0.4440832,"start_time":"2023-06-07T08:29:29-06:00","resource_class":"powercli_command","resource_params":"[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value\"]","resource_id":""}]},{"id":"VCSA-80-000294","title":"The vCenter server Native Key Provider must be backed up with a strong password.","desc":"The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.","descriptions":[{"label":"default","data":"The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment."},{"label":"rationale","data":""},{"label":"check","data":"If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\nInterview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\nIf backups exist for the Native Key Provider that are not password protected, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Key Providers.\n\nSelect the Native Key Provider, click \"Back-up\", and check the box \"Protect Native Key Provider data with password\".\n\nProvide a strong password and click \"Back up key provider\".\n\nDelete any previous backups that were not protected with a password."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000294","rid":"SV-VCSA-80-000294","stig_id":"VCSA-80-000294","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000294' do\n  title 'The vCenter server Native Key Provider must be backed up with a strong password.'\n  desc  'The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\n    Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\n    If backups exist for the Native Key Provider that are not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Key Providers.\n\n    Select the Native Key Provider, click \\\"Back-up\\\", and check the box \\\"Protect Native Key Provider data with password\\\".\n\n    Provide a strong password and click \\\"Back up key provider\\\".\n\n    Delete any previous backups that were not protected with a password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000294'\n  tag rid: 'SV-VCSA-80-000294'\n  tag stig_id: 'VCSA-80-000294'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000294.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":6.5e-06,"start_time":"2023-06-07T08:29:29-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000295","title":"The vCenter server must require authentication for published content libraries.","desc":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.","descriptions":[{"label":"default","data":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Content Libraries.\n\nReview the \"Password Protected\" column.\n\nIf a content library is published and is not password protected, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Enable user authentication for access to this content library\".\n\nEnter and confirm a password for the content library. Click \"Ok\".\n\nNote: Any subscribed content libraries will need to be updated to enable authentication and provide the password."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000295","rid":"SV-VCSA-80-000295","stig_id":"VCSA-80-000295","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000295' do\n  title 'The vCenter server must require authentication for published content libraries.'\n  desc  'In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Password Protected\\\" column.\n\n    If a content library is published and is not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Enable user authentication for access to this content library\\\".\n\n    Enter and confirm a password for the content library. Click \\\"Ok\\\".\n\n    Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000295'\n  tag rid: 'SV-VCSA-80-000295'\n  tag stig_id: 'VCSA-80-000295'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      if libinfojson['publish_info']['published'] == true\n        describe \"Authentication should be enabled on Content Library: #{libinfojson['name']}\" do\n          subject { libinfojson }\n          its(['publish_info', 'authentication_method']) { should cmp 'BASIC' }\n        end\n        setimpact = false\n      else\n        describe \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\" do\n          skip \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000295.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Authentication should be enabled on Content Library: STIG Content Library [\"publish_info\", \"authentication_method\"] is expected to cmp == \"BASIC\"","run_time":0.0002149,"start_time":"2023-06-07T08:29:29-06:00","message":"\nexpected: BASIC\n     got: NONE\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"[\"publish_info\", \"authentication_method\"]"}]},{"id":"VCSA-80-000296","title":"The vCenter server must enable the OVF security policy for content libraries.","desc":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.","descriptions":[{"label":"default","data":"In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Content Libraries.\n\nReview the \"Security Policy\" column.\n\nIf a content library does not have the \"OVF default policy\" enabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Apply Security Policy\". Click \"OK\".\n\nNote: If you disable the security policy of a content library, you cannot reuse the existing OVF items."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000296","rid":"SV-VCSA-80-000296","stig_id":"VCSA-80-000296","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000296' do\n  title 'The vCenter server must enable the OVF security policy for content libraries.'\n  desc  \"\n    In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\n    You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Security Policy\\\" column.\n\n    If a content library does not have the \\\"OVF default policy\\\" enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Apply Security Policy\\\". Click \\\"OK\\\".\n\n    Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000296'\n  tag rid: 'SV-VCSA-80-000296'\n  tag stig_id: 'VCSA-80-000296'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      describe \"OVF security policy should be enabled on Content Library: #{libinfojson['name']}\" do\n        subject { libinfojson }\n        its(['security_policy_id']) { should_not be nil }\n      end\n      setimpact = false\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000296.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"OVF security policy should be enabled on Content Library: STIG Content Library [\"security_policy_id\"] is expected not to equal nil","run_time":0.0068081,"start_time":"2023-06-07T08:29:29-06:00","message":"\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n","resource_class":"Object","resource_params":"[]","resource_id":"[\"security_policy_id\"]"}]},{"id":"VCSA-80-000298","title":"The vCenter Server must separate authentication and authorization for administrators.","desc":"Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.","descriptions":[{"label":"default","data":"Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself."},{"label":"rationale","data":""},{"label":"check","data":"From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\nNote: Users and/or groups assigned to roles should be from the \"VSPHERE.LOCAL\" identity source."},{"label":"fix","data":"To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\nSelect the Administrators group and click \"Edit\".\n\nIn the \"Add Members\" section, select the identity source and type the name of the target user/group in the search bar.\n\nSelect the target user/group to add them and click \"Save\".\n\nNote: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\nTo remove identity provider users/groups from a role, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the offending user/group and click \"Delete\".\n\nNote: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level)."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000298","rid":"SV-VCSA-80-000298","stig_id":"VCSA-80-000298","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000298' do\n  title 'The vCenter Server must separate authentication and authorization for administrators.'\n  desc  \"\n    Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\n    The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\n    Note: Users and/or groups assigned to roles should be from the \\\"VSPHERE.LOCAL\\\" identity source.\n  \"\n  desc 'fix', \"\n    To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\n    Select the Administrators group and click \\\"Edit\\\".\n\n    In the \\\"Add Members\\\" section, select the identity source and type the name of the target user/group in the search bar.\n\n    Select the target user/group to add them and click \\\"Save\\\".\n\n    Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\n    To remove identity provider users/groups from a role, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the offending user/group and click \\\"Delete\\\".\n\n    Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000298'\n  tag rid: 'SV-VCSA-80-000298'\n  tag stig_id: 'VCSA-80-000298'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000298.rb"},"waiver_data":{},"results":[{"status":"skipped","code_desc":"This check is a manual or policy based check and must be reviewed manually.","run_time":4.9e-06,"start_time":"2023-06-07T08:29:29-06:00","resource":"","skip_message":"This check is a manual or policy based check and must be reviewed manually.","resource_class":"Object","resource_params":"[]","resource_id":"This check is a manual or policy based check and must be reviewed manually."}]},{"id":"VCSA-80-000299","title":"The vCenter Server must disable CDP/LLDP on distributed switches.","desc":"The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.","descriptions":[{"label":"default","data":"The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nReview the \"Discovery Protocol\" configuration.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\nIf any distributed switch does not have \"Discovery Protocols\" disabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect the advanced tab and update the \"Type\" under \"Discovery Protocol\" to disabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch -Name \"DSwitch\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \"Disabled\""}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000299","rid":"SV-VCSA-80-000299","stig_id":"VCSA-80-000299","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000299' do\n  title 'The vCenter Server must disable CDP/LLDP on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Review the \\\"Discovery Protocol\\\" configuration.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\n    If any distributed switch does not have \\\"Discovery Protocols\\\" disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select the advanced tab and update the \\\"Type\\\" under \\\"Discovery Protocol\\\" to disabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch -Name \\\"DSwitch\\\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \\\"Disabled\\\"\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000299'\n  tag rid: 'SV-VCSA-80-000299'\n  tag stig_id: 'VCSA-80-000299'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"Get-VDSwitch -Name \\\"#{vds}\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'Disabled' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000299.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: Get-VDSwitch -Name \"VDSwitch STIG 1\" | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp == \"Disabled\"","run_time":0.292216,"start_time":"2023-06-07T08:29:29-06:00","message":"\nexpected: Disabled\n     got: Listen\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"]","resource_id":""},{"status":"failed","code_desc":"PowerCLI Command: Get-VDSwitch -Name \"VDSwitch STIG 2\" | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp == \"Disabled\"","run_time":0.2363636,"start_time":"2023-06-07T08:29:30-06:00","message":"\nexpected: Disabled\n     got: Listen\n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"]","resource_id":""}]},{"id":"VCSA-80-000300","title":"The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.","desc":"The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.","descriptions":[{"label":"default","data":"The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nReview any configured \"Port Mirroring\" sessions.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"Port Mirroring Sessions\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\nIf there are any unauthorized port mirroring sessions configured, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nSelect the unauthorized \"Port Mirroring\" session and click \"Remove\". Click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000300","rid":"SV-VCSA-80-000300","stig_id":"VCSA-80-000300","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000300' do\n  title 'The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Review any configured \\\"Port Mirroring\\\" sessions.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"Port Mirroring Sessions\\\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\n    If there are any unauthorized port mirroring sessions configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Select the unauthorized \\\"Port Mirroring\\\" session and click \\\"Remove\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000300'\n  tag rid: 'SV-VCSA-80-000300'\n  tag stig_id: 'VCSA-80-000300'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.VspanSession\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000300.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\").ExtensionData.Config.VspanSession stdout.strip is expected to cmp == \"\"","run_time":0.233848,"start_time":"2023-06-07T08:29:30-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\").ExtensionData.Config.VspanSession\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\").ExtensionData.Config.VspanSession stdout.strip is expected to cmp == \"\"","run_time":0.2529015,"start_time":"2023-06-07T08:29:30-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\").ExtensionData.Config.VspanSession\"]","resource_id":""}]},{"id":"VCSA-80-000301","title":"The vCenter Server must not override port group settings at the port level on distributed switches.","desc":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.","descriptions":[{"label":"default","data":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Override port policies\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy\n\nIf there are any distributed port groups that allow overridden port policies, this is a finding.\n\nNote: This does not apply to the \"Block Ports\" or \"Configure reset at disconnect\" policies."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update all port policies besides \"Block Ports\" to \"disabled\" and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.VlanOverrideAllowed = $False\n$spec.Policy.UplinkTeamingOverrideAllowed = $False\n$spec.Policy.SecurityPolicyOverrideAllowed = $False\n$spec.Policy.IpfixOverrideAllowed = $False\n$spec.Policy.BlockOverrideAllowed = $True\n$spec.Policy.ShapingOverrideAllowed = $False\n$spec.Policy.VendorConfigOverrideAllowed = $False\n$spec.Policy.TrafficFilterOverrideAllowed = $False\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000301","rid":"SV-VCSA-80-000301","stig_id":"VCSA-80-000301","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000301' do\n  title 'The vCenter Server must not override port group settings at the port level on distributed switches.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Override port policies\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy\n\n    If there are any distributed port groups that allow overridden port policies, this is a finding.\n\n    Note: This does not apply to the \\\"Block Ports\\\" or \\\"Configure reset at disconnect\\\" policies.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update all port policies besides \\\"Block Ports\\\" to \\\"disabled\\\" and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.VlanOverrideAllowed = $False\n    $spec.Policy.UplinkTeamingOverrideAllowed = $False\n    $spec.Policy.SecurityPolicyOverrideAllowed = $False\n    $spec.Policy.IpfixOverrideAllowed = $False\n    $spec.Policy.BlockOverrideAllowed = $True\n    $spec.Policy.ShapingOverrideAllowed = $False\n    $spec.Policy.VendorConfigOverrideAllowed = $False\n    $spec.Policy.TrafficFilterOverrideAllowed = $False\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000301'\n  tag rid: 'SV-VCSA-80-000301'\n  tag stig_id: 'VCSA-80-000301'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000301.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1546915,"start_time":"2023-06-07T08:29:30-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1699411,"start_time":"2023-06-07T08:29:31-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1467243,"start_time":"2023-06-07T08:29:31-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1622732,"start_time":"2023-06-07T08:29:31-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1767388,"start_time":"2023-06-07T08:29:31-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1621705,"start_time":"2023-06-07T08:29:31-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1694858,"start_time":"2023-06-07T08:29:31-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1959621,"start_time":"2023-06-07T08:29:32-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1532368,"start_time":"2023-06-07T08:29:32-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1619532,"start_time":"2023-06-07T08:29:32-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1522068,"start_time":"2023-06-07T08:29:32-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1537002,"start_time":"2023-06-07T08:29:32-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1688627,"start_time":"2023-06-07T08:29:32-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1971577,"start_time":"2023-06-07T08:29:33-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1677251,"start_time":"2023-06-07T08:29:33-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.144164,"start_time":"2023-06-07T08:29:33-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1940832,"start_time":"2023-06-07T08:29:33-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.170277,"start_time":"2023-06-07T08:29:33-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1654152,"start_time":"2023-06-07T08:29:33-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1650417,"start_time":"2023-06-07T08:29:34-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.160469,"start_time":"2023-06-07T08:29:34-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1806513,"start_time":"2023-06-07T08:29:34-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.2360072,"start_time":"2023-06-07T08:29:34-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.3201454,"start_time":"2023-06-07T08:29:34-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.157813,"start_time":"2023-06-07T08:29:35-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1514803,"start_time":"2023-06-07T08:29:35-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1667832,"start_time":"2023-06-07T08:29:35-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1696385,"start_time":"2023-06-07T08:29:35-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.169154,"start_time":"2023-06-07T08:29:35-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1714135,"start_time":"2023-06-07T08:29:35-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1658078,"start_time":"2023-06-07T08:29:36-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1637918,"start_time":"2023-06-07T08:29:36-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1787153,"start_time":"2023-06-07T08:29:36-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1542535,"start_time":"2023-06-07T08:29:36-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1515747,"start_time":"2023-06-07T08:29:36-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1589998,"start_time":"2023-06-07T08:29:36-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1604745,"start_time":"2023-06-07T08:29:37-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1767409,"start_time":"2023-06-07T08:29:37-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1704285,"start_time":"2023-06-07T08:29:37-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1480373,"start_time":"2023-06-07T08:29:37-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1682493,"start_time":"2023-06-07T08:29:37-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1519765,"start_time":"2023-06-07T08:29:37-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1709939,"start_time":"2023-06-07T08:29:38-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1601971,"start_time":"2023-06-07T08:29:38-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1929793,"start_time":"2023-06-07T08:29:38-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1638443,"start_time":"2023-06-07T08:29:38-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.183224,"start_time":"2023-06-07T08:29:38-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.2113394,"start_time":"2023-06-07T08:29:38-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1782939,"start_time":"2023-06-07T08:29:39-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1560779,"start_time":"2023-06-07T08:29:39-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1530496,"start_time":"2023-06-07T08:29:39-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1652755,"start_time":"2023-06-07T08:29:39-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.2892084,"start_time":"2023-06-07T08:29:39-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.165344,"start_time":"2023-06-07T08:29:40-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.165733,"start_time":"2023-06-07T08:29:40-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1544808,"start_time":"2023-06-07T08:29:40-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1621294,"start_time":"2023-06-07T08:29:40-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.168038,"start_time":"2023-06-07T08:29:40-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.175641,"start_time":"2023-06-07T08:29:40-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"","run_time":0.1936875,"start_time":"2023-06-07T08:29:41-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]","resource_id":""}]},{"id":"VCSA-80-000302","title":"The vCenter Server must reset port configuration when virtual machines are disconnected.","desc":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.","descriptions":[{"label":"default","data":"Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port."},{"label":"rationale","data":""},{"label":"check","data":"If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Configure reset at disconnect\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\nIf there are any distributed port groups with \"Configure reset at disconnect\" configured to \"disabled\" or \"False\", this is a finding."},{"label":"fix","data":"From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update \"Configure reset at disconnect\" to be enabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.PortConfigResetAtDisconnect = $True\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000302","rid":"SV-VCSA-80-000302","stig_id":"VCSA-80-000302","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000302' do\n  title 'The vCenter Server must reset port configuration when virtual machines are disconnected.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Configure reset at disconnect\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\n    If there are any distributed port groups with \\\"Configure reset at disconnect\\\" configured to \\\"disabled\\\" or \\\"False\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update \\\"Configure reset at disconnect\\\" to be enabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.PortConfigResetAtDisconnect = $True\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000302'\n  tag rid: 'SV-VCSA-80-000302'\n  tag stig_id: 'VCSA-80-000302'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'True' }\n      end\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000302.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"","run_time":0.1707933,"start_time":"2023-06-07T08:29:41-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"","run_time":0.170781,"start_time":"2023-06-07T08:29:41-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"","run_time":0.1614423,"start_time":"2023-06-07T08:29:41-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"","run_time":0.1703843,"start_time":"2023-06-07T08:29:41-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"","run_time":0.1428798,"start_time":"2023-06-07T08:29:41-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]","resource_id":""},{"status":"passed","code_desc":"PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"","run_time":0.1550598,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"powercli_command","resource_params":"[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]","resource_id":""}]},{"id":"VCSA-80-000303","title":"The vCenter Server must disable Secure Shell (SSH) access.","desc":"vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.","descriptions":[{"label":"default","data":"vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled."},{"label":"rationale","data":""},{"label":"check","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nIf \"SSH Login\" is not \"Deactivated\", this is a finding."},{"label":"fix","data":"Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nClick \"Edit\" then disable \"Activate SSH Login\" and click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000303","rid":"SV-VCSA-80-000303","stig_id":"VCSA-80-000303","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000303' do\n  title 'The vCenter Server must disable Secure Shell (SSH) access.'\n  desc  \"\n    vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\n    vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    If \\\"SSH Login\\\" is not \\\"Deactivated\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    Click \\\"Edit\\\" then disable \\\"Activate SSH Login\\\" and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000303'\n  tag rid: 'SV-VCSA-80-000303'\n  tag stig_id: 'VCSA-80-000303'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe powercli_command('Invoke-GetAccessSsh').stdout.strip do\n    it { should_not cmp 'true' }\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000303.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"True is expected not to cmp == \"true\"","run_time":0.0003541,"start_time":"2023-06-07T08:29:42-06:00","message":"\nexpected: true\n     got: True\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"True"}]},{"id":"VCSA-80-000304","title":"The vCenter Server must enable data in transit encryption for vSAN.","desc":"Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.","descriptions":[{"label":"default","data":"Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts."},{"label":"rationale","data":""},{"label":"check","data":"If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-in-transit encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n$vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\nRepeat these steps for each vSAN enabled cluster in the environment.\n\nIf \"Data-In-Transit encryption\" is not enabled, this is a finding."},{"label":"fix","data":"From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-In-Transit encryption\" and choose a rekey interval suitable for the environment then click \"Apply\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-APP-000516","gid":"V-VCSA-80-000304","rid":"SV-VCSA-80-000304","stig_id":"VCSA-80-000304","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VCSA-80-000304' do\n  title 'The vCenter Server must enable data in transit encryption for vSAN.'\n  desc  \"\n    Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\n    vSAN data-in-transit encryption has the following characteristics:\n    -vSAN uses AES-256 bit encryption on data in transit.\n    -Forward secrecy is enforced for vSAN data-in-transit encryption.\n    -Traffic between data hosts and witness hosts is encrypted.\n    -File service data traffic between the VDFS proxy and VDFS server is encrypted.\n    -vSAN file services inter-host connections are encrypted.\n    -vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\n    Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\n    vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-in-transit encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n    $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\n    Repeat these steps for each vSAN enabled cluster in the environment.\n\n    If \\\"Data-In-Transit encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-In-Transit encryption\\\" and choose a rekey interval suitable for the environment then click \\\"Apply\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000304'\n  tag rid: 'SV-VCSA-80-000304'\n  tag stig_id: 'VCSA-80-000304'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name #{cluster}).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000304.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"PowerCLI Command: $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name cluster0).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled stdout.strip is expected to cmp == \"true\"","run_time":0.4659353,"start_time":"2023-06-07T08:29:42-06:00","message":"\nexpected: true\n     got: \n\n(compared using `cmp` matcher)\n","resource_class":"powercli_command","resource_params":"[\"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name cluster0).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"]","resource_id":""}]}],"status":"loaded","status_message":""},{"name":"VMware vSphere 8.0 Virtual Machine STIG Readiness Guide","version":"1.0.1","sha256":"cc17f45c259a96d6a8cb741456ffd8ca998c955288ae61117592e7365b236bc5","title":"VMware vSphere 8.0 Virtual Machine STIG Readiness Guide","maintainer":"The Authors","summary":"An InSpec Compliance Profile","license":"Apache-2.0","copyright":"The Authors","supports":[],"attributes":[],"parent_profile":"vmware-vsphere-8.0-stig-baseline","groups":[{"id":"controls/VMCH-80-000189.rb","controls":["VMCH-80-000189"]},{"id":"controls/VMCH-80-000191.rb","controls":["VMCH-80-000191"]},{"id":"controls/VMCH-80-000192.rb","controls":["VMCH-80-000192"]},{"id":"controls/VMCH-80-000193.rb","controls":["VMCH-80-000193"]},{"id":"controls/VMCH-80-000194.rb","controls":["VMCH-80-000194"]},{"id":"controls/VMCH-80-000195.rb","controls":["VMCH-80-000195"]},{"id":"controls/VMCH-80-000196.rb","controls":["VMCH-80-000196"]},{"id":"controls/VMCH-80-000197.rb","controls":["VMCH-80-000197"]},{"id":"controls/VMCH-80-000198.rb","controls":["VMCH-80-000198"]},{"id":"controls/VMCH-80-000199.rb","controls":["VMCH-80-000199"]},{"id":"controls/VMCH-80-000200.rb","controls":["VMCH-80-000200"]},{"id":"controls/VMCH-80-000201.rb","controls":["VMCH-80-000201"]},{"id":"controls/VMCH-80-000202.rb","controls":["VMCH-80-000202"]},{"id":"controls/VMCH-80-000203.rb","controls":["VMCH-80-000203"]},{"id":"controls/VMCH-80-000204.rb","controls":["VMCH-80-000204"]},{"id":"controls/VMCH-80-000205.rb","controls":["VMCH-80-000205"]},{"id":"controls/VMCH-80-000206.rb","controls":["VMCH-80-000206"]},{"id":"controls/VMCH-80-000207.rb","controls":["VMCH-80-000207"]},{"id":"controls/VMCH-80-000208.rb","controls":["VMCH-80-000208"]},{"id":"controls/VMCH-80-000209.rb","controls":["VMCH-80-000209"]},{"id":"controls/VMCH-80-000210.rb","controls":["VMCH-80-000210"]},{"id":"controls/VMCH-80-000211.rb","controls":["VMCH-80-000211"]},{"id":"controls/VMCH-80-000212.rb","controls":["VMCH-80-000212"]},{"id":"controls/VMCH-80-000213.rb","controls":["VMCH-80-000213"]},{"id":"controls/VMCH-80-000214.rb","controls":["VMCH-80-000214"]}],"controls":[{"id":"VMCH-80-000189","title":"Virtual machines (VMs) must have copy operations disabled.","desc":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.","descriptions":[{"label":"default","data":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.copy.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.copy.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000189","rid":"SV-VMCH-80-000189","stig_id":"VMCH-80-000189","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000189' do\n  title 'Virtual machines (VMs) must have copy operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.copy.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.copy.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000189'\n  tag rid: 'SV-VMCH-80-000189'\n  tag stig_id: 'VMCH-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.copy.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000189.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.0002568,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":0.0001892,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":0.0001531,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":0.0001559,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":0.0001475,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000191","title":"Virtual machines (VMs) must have drag and drop operations disabled.","desc":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.","descriptions":[{"label":"default","data":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.dnd.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.dnd.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000191","rid":"SV-VMCH-80-000191","stig_id":"VMCH-80-000191","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000191' do\n  title 'Virtual machines (VMs) must have drag and drop operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.dnd.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.dnd.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000191'\n  tag rid: 'SV-VMCH-80-000191'\n  tag stig_id: 'VMCH-80-000191'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000191.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.0001427,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":0.0001041,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":9.49e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":9.19e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":0.0003325,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000192","title":"Virtual machines (VMs) must have paste operations disabled.","desc":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.","descriptions":[{"label":"default","data":"Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.paste.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.paste.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000192","rid":"SV-VMCH-80-000192","stig_id":"VMCH-80-000192","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000192' do\n  title 'Virtual machines (VMs) must have paste operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.paste.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.paste.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000192'\n  tag rid: 'SV-VMCH-80-000192'\n  tag stig_id: 'VMCH-80-000192'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.paste.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000192.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":8.7e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":7.92e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":7.87e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":7.08e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":8.53e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000193","title":"Virtual machines (VMs) must have virtual disk shrinking disabled.","desc":"Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.","descriptions":[{"label":"default","data":"Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskShrink.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskShrink.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000193","rid":"SV-VMCH-80-000193","stig_id":"VMCH-80-000193","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000193' do\n  title 'Virtual machines (VMs) must have virtual disk shrinking disabled.'\n  desc  \"\n    Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskShrink.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskShrink.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000193'\n  tag rid: 'SV-VMCH-80-000193'\n  tag stig_id: 'VMCH-80-000193'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000193.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":7.79e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":7.41e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":7.04e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":6.95e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":7.14e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000194","title":"Virtual machines (VMs) must have virtual disk wiping disabled.","desc":"Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.","descriptions":[{"label":"default","data":"Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskWiper.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskWiper.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000194","rid":"SV-VMCH-80-000194","stig_id":"VMCH-80-000194","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000194' do\n  title 'Virtual machines (VMs) must have virtual disk wiping disabled.'\n  desc  \"\n    Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskWiper.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskWiper.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000194'\n  tag rid: 'SV-VMCH-80-000194'\n  tag stig_id: 'VMCH-80-000194'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000194.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.0002323,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":6.55e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":6.17e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":6.14e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":6.05e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000195","title":"Virtual machines (VMs) must limit console sharing.","desc":"By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.","descriptions":[{"label":"default","data":"By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"RemoteDisplay.maxConnections\" value is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\nIf the virtual machine advanced setting \"RemoteDisplay.maxConnections\" does not exist or is not set to \"1\", this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"RemoteDisplay.maxConnections\" value and set it to \"1\".\n\nIf the setting does not exist, add the Name and Value setting at the bottom of screen.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000195","rid":"SV-VMCH-80-000195","stig_id":"VMCH-80-000195","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000195' do\n  title 'Virtual machines (VMs) must limit console sharing.'\n  desc  \"\n    By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\n    Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"RemoteDisplay.maxConnections\\\" value is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\n    If the virtual machine advanced setting \\\"RemoteDisplay.maxConnections\\\" does not exist or is not set to \\\"1\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"RemoteDisplay.maxConnections\\\" value and set it to \\\"1\\\".\n\n    If the setting does not exist, add the Name and Value setting at the bottom of screen.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000195'\n  tag rid: 'SV-VMCH-80-000195'\n  tag stig_id: 'VMCH-80-000195'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp '1' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000195.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"VM: stig vm2 is expected to cmp == \"1\"","run_time":0.0001447,"start_time":"2023-06-07T08:29:42-06:00","message":"\nexpected: 1\n     got: -1\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"failed","code_desc":"VM: stigvm1 is expected to cmp == \"1\"","run_time":0.0001217,"start_time":"2023-06-07T08:29:42-06:00","message":"\nexpected: 1\n     got: -1\n\n(compared using `cmp` matcher)\n","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"1\"","run_time":8.88e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"1\"","run_time":0.0001429,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"1\"","run_time":7.69e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000196","title":"Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.","desc":"The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.","descriptions":[{"label":"default","data":"The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.setinfo.sizeLimit\" value is set to \"1048576\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" is not set to \"1048576\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.setinfo.sizeLimit\" value and set it to \"1048576\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000196","rid":"SV-VMCH-80-000196","stig_id":"VMCH-80-000196","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000196' do\n  title 'Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.'\n  desc  \"\n    The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\n    The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.setinfo.sizeLimit\\\" value is set to \\\"1048576\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" is not set to \\\"1048576\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.setinfo.sizeLimit\\\" value and set it to \\\"1048576\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000196'\n  tag rid: 'SV-VMCH-80-000196'\n  tag stig_id: 'VMCH-80-000196'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '1048576' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000196.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":6.73e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":5.81e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":5.56e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":5.46e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":5.48e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000197","title":"Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.","desc":"In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device.","descriptions":[{"label":"default","data":"In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.device.connectable.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.device.connectable.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000197","rid":"SV-VMCH-80-000197","stig_id":"VMCH-80-000197","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000197' do\n  title 'Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.'\n  desc  \"\n    In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\n    By default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n    1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n    2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n    3. Modify settings on a device.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.device.connectable.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.device.connectable.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000197'\n  tag rid: 'SV-VMCH-80-000197'\n  tag stig_id: 'VMCH-80-000197'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.device.connectable.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000197.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":5.39e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":0.0001561,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":5.78e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":5.32e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":5.21e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000198","title":"Virtual machines (VMs) must not be able to obtain host information from the hypervisor.","desc":"If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.","descriptions":[{"label":"default","data":"If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.guestlib.enableHostInfo\" value is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.guestlib.enableHostInfo\" value and set it to \"false\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000198","rid":"SV-VMCH-80-000198","stig_id":"VMCH-80-000198","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000198' do\n  title 'Virtual machines (VMs) must not be able to obtain host information from the hypervisor.'\n  desc  'If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.guestlib.enableHostInfo\\\" value is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.guestlib.enableHostInfo\\\" value and set it to \\\"false\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000198'\n  tag rid: 'SV-VMCH-80-000198'\n  tag stig_id: 'VMCH-80-000198'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000198.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":5.44e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":5.06e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":5.22e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":5.32e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":5.16e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000199","title":"Virtual machines (VMs) must have shared salt values disabled.","desc":"When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).","descriptions":[{"label":"default","data":"When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM)."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"sched.mem.pshare.salt\" setting does not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\nIf the virtual machine advanced setting \"sched.mem.pshare.salt\" exists, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nDelete the \"sched.mem.pshare.salt\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000199","rid":"SV-VMCH-80-000199","stig_id":"VMCH-80-000199","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000199' do\n  title 'Virtual machines (VMs) must have shared salt values disabled.'\n  desc  \"\n    When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \\\"sched.mem.pshare.salt\\\".\n\n    If this option is not present in the virtual machine's advanced settings, the value of the \\\"vc.uuid\\\" option is taken as the default value. Because the \\\"vc.uuid\\\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"sched.mem.pshare.salt\\\" setting does not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\n    If the virtual machine advanced setting \\\"sched.mem.pshare.salt\\\" exists, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Delete the \\\"sched.mem.pshare.salt\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000199'\n  tag rid: 'SV-VMCH-80-000199'\n  tag stig_id: 'VMCH-80-000199'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name sched.mem.pshare.salt | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000199.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.009577,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":0.0084832,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":0.0083997,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":0.0083547,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":0.0084383,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000200","title":"Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).","desc":"An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.","descriptions":[{"label":"default","data":"An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the settings with the format \"ethernet*.filter*.name\" do not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name \"ethernet*.filter*.name*\"\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and dvfilters are not in use, this is a finding.\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and the value is not valid, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nLook for settings with the format \"ethernet*.filter*.name\".\n\nEnsure only required VMs use this setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\nNote: Change the X and Y values to match the specific setting in the organization's environment.\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000200","rid":"SV-VMCH-80-000200","stig_id":"VMCH-80-000200","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000200' do\n  title 'Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).'\n  desc  'An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the settings with the format \\\"ethernet*.filter*.name\\\" do not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name \\\"ethernet*.filter*.name*\\\"\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and dvfilters are not in use, this is a finding.\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and the value is not valid, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Look for settings with the format \\\"ethernet*.filter*.name\\\".\n\n    Ensure only required VMs use this setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\n    Note: Change the X and Y values to match the specific setting in the organization's environment.\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000200'\n  tag rid: 'SV-VMCH-80-000200'\n  tag stig_id: 'VMCH-80-000200'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name ethernet*.filter* | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000200.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.0082814,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":0.0083835,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty","run_time":0.0083217,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty","run_time":0.0082663,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty","run_time":0.008406,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000201","title":"Virtual machines (VMs) must be configured to lock when the last console connection is closed.","desc":"When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.","descriptions":[{"label":"default","data":"When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nVerify the option \"Lock the guest operating system when the last remote user disconnects\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nCheck the box next to \"Lock the guest operating system when the last remote user disconnects\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000201","rid":"SV-VMCH-80-000201","stig_id":"VMCH-80-000201","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000201' do\n  title 'Virtual machines (VMs) must be configured to lock when the last console connection is closed.'\n  desc  'When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Verify the option \\\"Lock the guest operating system when the last remote user disconnects\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Check the box next to \\\"Lock the guest operating system when the last remote user disconnects\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000201'\n  tag rid: 'SV-VMCH-80-000201'\n  tag stig_id: 'VMCH-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000201.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":8.45e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":7.87e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"true\"","run_time":0.0001126,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"true\"","run_time":9.61e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"true\"","run_time":8.08e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000202","title":"Virtual machines (VMs) must disable 3D features when not required.","desc":"For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).","descriptions":[{"label":"default","data":"For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications)."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and verify the \"Enable 3D Support\" checkbox is unchecked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d\n\nIf the virtual machine advanced setting \"mks.enable3d\" exists and is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"mks.enable3d\" does not exist, this is not a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and uncheck the \"Enable 3D Support\" checkbox.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \"false\"\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000202","rid":"SV-VMCH-80-000202","stig_id":"VMCH-80-000202","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000202' do\n  title 'Virtual machines (VMs) must disable 3D features when not required.'\n  desc  'For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and verify the \\\"Enable 3D Support\\\" checkbox is unchecked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" exists and is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" does not exist, this is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and uncheck the \\\"Enable 3D Support\\\" checkbox.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \\\"false\\\"\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000202'\n  tag rid: 'SV-VMCH-80-000202'\n  tag stig_id: 'VMCH-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name mks.enable3d | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000202.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.000199,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":6.04e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"false\"","run_time":7.42e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"false\"","run_time":7.03e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"false\"","run_time":7.27e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000203","title":"Virtual machines (VMs) must enable encryption for vMotion.","desc":"vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\".","descriptions":[{"label":"default","data":"vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\"."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \"disabled\")}\n\nIf the \"Encrypted vMotion\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted vMotion\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n$spec.MigrateEncryption = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000203","rid":"SV-VMCH-80-000203","stig_id":"VMCH-80-000203","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000203' do\n  title 'Virtual machines (VMs) must enable encryption for vMotion.'\n  desc  \"\n    vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\n    vSphere enables encrypted vMotion by default as \\\"Opportunistic\\\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\n    For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \\\"Required\\\", vMotions to unsupported hosts will fail. This must be set to \\\"Opportunistic\\\" or \\\"Required\\\".\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \\\"disabled\\\")}\n\n    If the \\\"Encrypted vMotion\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted vMotion\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n    $spec.MigrateEncryption = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000203'\n  tag rid: 'SV-VMCH-80-000203'\n  tag stig_id: 'VMCH-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['opportunistic', 'required']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.MigrateEncryption\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000203.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be in \"opportunistic\" and \"required\"","run_time":0.0001248,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be in \"opportunistic\" and \"required\"","run_time":8.41e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in \"opportunistic\" and \"required\"","run_time":7.61e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in \"opportunistic\" and \"required\"","run_time":8.77e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in \"opportunistic\" and \"required\"","run_time":7.88e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000204","title":"Virtual machines (VMs) must enable encryption for Fault Tolerance.","desc":"Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.","descriptions":[{"label":"default","data":"Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption."},{"label":"rationale","data":""},{"label":"check","data":"If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionOpportunistic\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionRequired\")}\n\nIf the \"Encrypted FT\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted FT\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n$spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000204","rid":"SV-VMCH-80-000204","stig_id":"VMCH-80-000204","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000204' do\n  title 'Virtual machines (VMs) must enable encryption for Fault Tolerance.'\n  desc  \"\n    Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\n    vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\n    When Fault Tolerance is turned on, FT encryption is set to \\\"Opportunistic\\\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionOpportunistic\\\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionRequired\\\")}\n\n    If the \\\"Encrypted FT\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted FT\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n    $spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000204'\n  tag rid: 'SV-VMCH-80-000204'\n  tag stig_id: 'VMCH-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['ftEncryptionOpportunistic', 'ftEncryptionRequired']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.FtEncryptionMode\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000204.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"","run_time":7.57e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"","run_time":7.46e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"","run_time":7.58e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"","run_time":7.2e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"","run_time":7.12e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000205","title":"Virtual machines (VMs) must configure log size.","desc":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.","descriptions":[{"label":"default","data":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.rotateSize\" value is set to \"2048000\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize\n\nIf the virtual machine advanced setting \"log.rotateSize\" is not set to \"2048000\", this is a finding.\n\nIf the virtual machine advanced setting \"log.rotateSize\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.rotateSize\" value and set it to \"2048000\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000205","rid":"SV-VMCH-80-000205","stig_id":"VMCH-80-000205","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000205' do\n  title 'Virtual machines (VMs) must configure log size.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.rotateSize\\\" value is set to \\\"2048000\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" is not set to \\\"2048000\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.rotateSize\\\" value and set it to \\\"2048000\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000205'\n  tag rid: 'SV-VMCH-80-000205'\n  tag stig_id: 'VMCH-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.rotateSize | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '2048000' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000205.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":0.0001893,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":6.16e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"2048000\"","run_time":7.25e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"2048000\"","run_time":6.81e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"2048000\"","run_time":6.56e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000206","title":"Virtual machines (VMs) must configure log retention.","desc":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.","descriptions":[{"label":"default","data":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.keepOld\" value is set to \"10\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld\n\nIf the virtual machine advanced setting \"log.keepOld\" is not set to \"10\", this is a finding.\n\nIf the virtual machine advanced setting \"log.keepOld\" does NOT exist, this is NOT a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.keepOld\" value and set it to \"10\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000206","rid":"SV-VMCH-80-000206","stig_id":"VMCH-80-000206","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000206' do\n  title 'Virtual machines (VMs) must configure log retention.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.keepOld\\\" value is set to \\\"10\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" is not set to \\\"10\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.keepOld\\\" value and set it to \\\"10\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000206'\n  tag rid: 'SV-VMCH-80-000206'\n  tag stig_id: 'VMCH-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.keepOld | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '10' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000206.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to be empty","run_time":5.93e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to be empty","run_time":8.83e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"10\"","run_time":7.28e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"10\"","run_time":0.0003565,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"10\"","run_time":7.28e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000207","title":"Virtual machines (VMs) must enable logging.","desc":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.","descriptions":[{"label":"default","data":"The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nEnsure that the checkbox next to \"Enable logging\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \"True\"}\n\nIf logging is not enabled, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nClick the checkbox next to \"Enable logging\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n$spec.Flags.enableLogging = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000207","rid":"SV-VMCH-80-000207","stig_id":"VMCH-80-000207","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000207' do\n  title 'Virtual machines (VMs) must enable logging.'\n  desc  'The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Ensure that the checkbox next to \\\"Enable logging\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \\\"True\\\"}\n\n    If logging is not enabled, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Click the checkbox next to \\\"Enable logging\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n    $spec.Flags.enableLogging = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000207'\n  tag rid: 'SV-VMCH-80-000207'\n  tag stig_id: 'VMCH-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Flags.EnableLogging\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000207.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"VM: stig vm2 is expected to cmp == \"true\"","run_time":0.0001426,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stig vm2"},{"status":"passed","code_desc":"VM: stigvm1 is expected to cmp == \"true\"","run_time":7.39e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: stigvm1"},{"status":"passed","code_desc":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"true\"","run_time":7.09e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"},{"status":"passed","code_desc":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"true\"","run_time":6.91e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"},{"status":"passed","code_desc":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"true\"","run_time":7.38e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"}]},{"id":"VMCH-80-000208","title":"Virtual machines (VMs) must not use independent, non-persistent disks.","desc":"The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.","descriptions":[{"label":"default","data":"The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\nIf the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the target hard disk and change the mode to persistent or uncheck Independent.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\nor\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence Persistent"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000208","rid":"SV-VMCH-80-000208","stig_id":"VMCH-80-000208","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000208' do\n  title 'Virtual machines (VMs) must not use independent, non-persistent disks.'\n  desc  \"\n    The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\n    There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\n    If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the target hard disk and change the mode to persistent or uncheck Independent.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\n    or\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence Persistent\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000208'\n  tag rid: 'SV-VMCH-80-000208'\n  tag stig_id: 'VMCH-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-HardDisk | Select-Object -ExpandProperty Persistence\"\n      results = powercli_command(command)\n      results.stdout.split.each do |disk|\n        describe \"Checking the VM: #{vm} for Non-Persistent Hard Disks\" do\n          subject { disk }\n          it { should_not cmp 'IndependentNonPersistent' }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000208.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Checking the VM: stig vm2 for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"","run_time":8.15e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for Non-Persistent Hard Disks"},{"status":"passed","code_desc":"Checking the VM: stigvm1 for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"","run_time":7.5e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for Non-Persistent Hard Disks"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"","run_time":7.28e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Non-Persistent Hard Disks"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"","run_time":7.28e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Non-Persistent Hard Disks"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"","run_time":7.35e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Non-Persistent Hard Disks"}]},{"id":"VMCH-80-000209","title":"Virtual machines (VMs) must remove unneeded floppy devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\nIf a virtual machine has a floppy drive connected, this is a finding."},{"label":"fix","data":"Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a floppy drive.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-FloppyDrive | Remove-FloppyDrive"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000209","rid":"SV-VMCH-80-000209","stig_id":"VMCH-80-000209","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000209' do\n  title 'Virtual machines (VMs) must remove unneeded floppy devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\n    If a virtual machine has a floppy drive connected, this is a finding.\n  \"\n  desc 'fix', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a floppy drive.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-FloppyDrive | Remove-FloppyDrive\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000209'\n  tag rid: 'SV-VMCH-80-000209'\n  tag stig_id: 'VMCH-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-FloppyDrive\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for Floppy drives\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000209.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Checking the VM: stig vm2 for Floppy drives is expected to be empty","run_time":0.0086651,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for Floppy drives"},{"status":"passed","code_desc":"Checking the VM: stigvm1 for Floppy drives is expected to be empty","run_time":0.0081981,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for Floppy drives"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Floppy drives is expected to be empty","run_time":0.0083412,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Floppy drives"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Floppy drives is expected to be empty","run_time":0.0084882,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Floppy drives"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Floppy drives is expected to be empty","run_time":0.0082438,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Floppy drives"}]},{"id":"VMCH-80-000210","title":"Virtual machines (VMs) must remove unneeded CD/DVD devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no CD/DVD drives are connected.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\nIf a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the CD/DVD drive and uncheck \"Connected\" and \"Connect at power on\" and remove any attached ISOs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-CDDrive | Set-CDDrive -NoMedia"}],"impact":0.3,"refs":[],"tags":{"severity":"low","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000210","rid":"SV-VMCH-80-000210","stig_id":"VMCH-80-000210","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000210' do\n  title 'Virtual machines (VMs) must remove unneeded CD/DVD devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no CD/DVD drives are connected.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\n    If a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the CD/DVD drive and uncheck \\\"Connected\\\" and \\\"Connect at power on\\\" and remove any attached ISOs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-CDDrive | Set-CDDrive -NoMedia\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000210'\n  tag rid: 'SV-VMCH-80-000210'\n  tag stig_id: 'VMCH-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}' | Get-CDDrive).ExtensionData.connectable.connected\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000210.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Checking the VM: stig vm2 for CD/DVD drives is expected to cmp == \"false\"","run_time":0.0001095,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for CD/DVD drives"},{"status":"passed","code_desc":"Checking the VM: stigvm1 for CD/DVD drives is expected to cmp == \"false\"","run_time":0.0002336,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for CD/DVD drives"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for CD/DVD drives is expected to be empty","run_time":7.62e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for CD/DVD drives"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for CD/DVD drives is expected to be empty","run_time":6.13e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for CD/DVD drives"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for CD/DVD drives is expected to be empty","run_time":5.48e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for CD/DVD drives"}]},{"id":"VMCH-80-000211","title":"Virtual machines (VMs) must remove unneeded parallel devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"parallel\"}\n\nIf a virtual machine has a parallel device present, this is a finding."},{"label":"fix","data":"Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a parallel device.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \"Parallel\"}\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n$spec.DeviceChange[-1].device = $pport\n$spec.DeviceChange[-1].operation = \"remove\"\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000211","rid":"SV-VMCH-80-000211","stig_id":"VMCH-80-000211","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000211' do\n  title 'Virtual machines (VMs) must remove unneeded parallel devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"parallel\\\"}\n\n    If a virtual machine has a parallel device present, this is a finding.\n  \"\n  desc 'fix', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a parallel device.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \\\"Parallel\\\"}\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n    $spec.DeviceChange[-1].device = $pport\n    $spec.DeviceChange[-1].operation = \\\"remove\\\"\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000211'\n  tag rid: 'SV-VMCH-80-000211'\n  tag stig_id: 'VMCH-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for parallel devices\" do\n        subject { result }\n        it { should_not match 'Parallel' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000211.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Checking the VM: stig vm2 for parallel devices is expected not to match \"Parallel\"","run_time":8.28e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for parallel devices"},{"status":"passed","code_desc":"Checking the VM: stigvm1 for parallel devices is expected not to match \"Parallel\"","run_time":5.38e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for parallel devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for parallel devices is expected not to match \"Parallel\"","run_time":4.72e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for parallel devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for parallel devices is expected not to match \"Parallel\"","run_time":5.26e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for parallel devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for parallel devices is expected not to match \"Parallel\"","run_time":5.15e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for parallel devices"}]},{"id":"VMCH-80-000212","title":"Virtual machines (VMs) must remove unneeded serial devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no serial devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"serial\"}\n\nIf a virtual machine has a serial device present, this is a finding."},{"label":"fix","data":"The VM must be powered off to remove a serial device.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the serial device, click the circled \"X\" to remove it, and click \"OK\"."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000212","rid":"SV-VMCH-80-000212","stig_id":"VMCH-80-000212","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000212' do\n  title 'Virtual machines (VMs) must remove unneeded serial devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no serial devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"serial\\\"}\n\n    If a virtual machine has a serial device present, this is a finding.\n  \"\n  desc  'fix', \"\n    The VM must be powered off to remove a serial device.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the serial device, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000212'\n  tag rid: 'SV-VMCH-80-000212'\n  tag stig_id: 'VMCH-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for serial devices\" do\n        subject { result }\n        it { should_not match 'Serial' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000212.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Checking the VM: stig vm2 for serial devices is expected not to match \"Serial\"","run_time":5.25e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for serial devices"},{"status":"passed","code_desc":"Checking the VM: stigvm1 for serial devices is expected not to match \"Serial\"","run_time":0.0003045,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for serial devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for serial devices is expected not to match \"Serial\"","run_time":7.72e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for serial devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for serial devices is expected not to match \"Serial\"","run_time":5.39e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for serial devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for serial devices is expected not to match \"Serial\"","run_time":0.0001312,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for serial devices"}]},{"id":"VMCH-80-000213","title":"Virtual machines (VMs) must remove unneeded USB devices.","desc":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.","descriptions":[{"label":"default","data":"Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no USB devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"usb\"}\nGet-VM | Get-UsbDevice\n\nIf a virtual machine has any USB devices or USB controllers present, this is a finding.\n\nIf USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding."},{"label":"fix","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the USB controller, click the circled \"X\" to remove it, and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-USBDevice | Remove-USBDevice\n\nNote:  This will not remove the USB controller, just any connected devices."}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000213","rid":"SV-VMCH-80-000213","stig_id":"VMCH-80-000213","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000213' do\n  title 'Virtual machines (VMs) must remove unneeded USB devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no USB devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"usb\\\"}\n    Get-VM | Get-UsbDevice\n\n    If a virtual machine has any USB devices or USB controllers present, this is a finding.\n\n    If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the USB controller, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-USBDevice | Remove-USBDevice\n\n    Note:  This will not remove the USB controller, just any connected devices.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000213'\n  tag rid: 'SV-VMCH-80-000213'\n  tag stig_id: 'VMCH-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for USB devices\" do\n        subject { result }\n        it { should_not match 'USB' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000213.rb"},"waiver_data":{},"results":[{"status":"failed","code_desc":"Checking the VM: stig vm2 for USB devices is expected not to match \"USB\"","run_time":0.0005257,"start_time":"2023-06-07T08:29:42-06:00","message":"expected \"IDE 0\\r\\nIDE 1\\r\\nPS2 controller 0\\r\\nPCI controller 0\\r\\nSIO controller 0\\r\\nKeyboard \\r\\nPointing ...er \\r\\nSCSI controller 0\\r\\nSATA controller 0\\r\\nCD/DVD drive 1\\r\\nHard disk 1\\r\\nNetwork adapter 1\" not to match \"USB\"\nDiff:\n@@ -1,15 +1,29 @@\n-USB\n+IDE 0\n+IDE 1\n+PS2 controller 0\n+PCI controller 0\n+SIO controller 0\n+Keyboard \n+Pointing device\n+Video card \n+VMCI device\n+USB xHCI controller \n+SCSI controller 0\n+SATA controller 0\n+CD/DVD drive 1\n+Hard disk 1\n+Network adapter 1\n","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for USB devices"},{"status":"failed","code_desc":"Checking the VM: stigvm1 for USB devices is expected not to match \"USB\"","run_time":0.0002042,"start_time":"2023-06-07T08:29:42-06:00","message":"expected \"IDE 0\\r\\nIDE 1\\r\\nPS2 controller 0\\r\\nPCI controller 0\\r\\nSIO controller 0\\r\\nKeyboard \\r\\nPointing ...er \\r\\nSCSI controller 0\\r\\nSATA controller 0\\r\\nCD/DVD drive 1\\r\\nHard disk 1\\r\\nNetwork adapter 1\" not to match \"USB\"\nDiff:\n@@ -1,15 +1,29 @@\n-USB\n+IDE 0\n+IDE 1\n+PS2 controller 0\n+PCI controller 0\n+SIO controller 0\n+Keyboard \n+Pointing device\n+Video card \n+VMCI device\n+USB xHCI controller \n+SCSI controller 0\n+SATA controller 0\n+CD/DVD drive 1\n+Hard disk 1\n+Network adapter 1\n","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for USB devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for USB devices is expected not to match \"USB\"","run_time":0.0002226,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for USB devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for USB devices is expected not to match \"USB\"","run_time":5.77e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for USB devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for USB devices is expected not to match \"USB\"","run_time":4.56e-05,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for USB devices"}]},{"id":"VMCH-80-000214","title":"Virtual machines (VMs) must disable DirectPath I/O devices when not required.","desc":"VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.","descriptions":[{"label":"default","data":"VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus."},{"label":"rationale","data":""},{"label":"check","data":"For each virtual machine do the following:\n\nFrom the vSphere Client, view the Summary tab.\n\nReview the PCI devices section and verify none exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice\n\nIf the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding."},{"label":"fix","data":"From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\nFind the unexpected PCI device returned from the check.\n\nHover the mouse over the device and click the circled \"X\" to remove the device. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice | Remove-PassthroughDevice"}],"impact":0.5,"refs":[],"tags":{"severity":"medium","gtitle":"SRG-OS-000480-VMM-002000","gid":"V-VMCH-80-000214","rid":"SV-VMCH-80-000214","stig_id":"VMCH-80-000214","cci":["CCI-000366"],"nist":["CM-6 b"]},"code":"control 'VMCH-80-000214' do\n  title 'Virtual machines (VMs) must disable DirectPath I/O devices when not required.'\n  desc  'VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, view the Summary tab.\n\n    Review the PCI devices section and verify none exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice\n\n    If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\n    Find the unexpected PCI device returned from the check.\n\n    Hover the mouse over the device and click the circled \\\"X\\\" to remove the device. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice | Remove-PassthroughDevice\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000214'\n  tag rid: 'SV-VMCH-80-000214'\n  tag stig_id: 'VMCH-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-PassthroughDevice\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for PCI passthrough devices\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n","source_location":{"line":1,"ref":"C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000214.rb"},"waiver_data":{},"results":[{"status":"passed","code_desc":"Checking the VM: stig vm2 for PCI passthrough devices is expected to be empty","run_time":0.0084144,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stig vm2 for PCI passthrough devices"},{"status":"passed","code_desc":"Checking the VM: stigvm1 for PCI passthrough devices is expected to be empty","run_time":0.00833,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: stigvm1 for PCI passthrough devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for PCI passthrough devices is expected to be empty","run_time":0.0082416,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for PCI passthrough devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for PCI passthrough devices is expected to be empty","run_time":0.0082677,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for PCI passthrough devices"},{"status":"passed","code_desc":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for PCI passthrough devices is expected to be empty","run_time":0.0081769,"start_time":"2023-06-07T08:29:42-06:00","resource_class":"Object","resource_params":"[]","resource_id":"Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for PCI passthrough devices"}]}],"status":"loaded","status_message":""}],"statistics":{"duration":73.759917},"version":"5.22.3"}
\ No newline at end of file
+{
+  "platform": {
+    "name": "windows_11_enterprise",
+    "release": "10.0.22621",
+    "target_id": "b602ff65-60bf-59e9-aa86-c414b787823f"
+  },
+  "profiles": [
+    {
+      "name": "vmware-vsphere-8.0-stig-baseline",
+      "version": "1.0.1",
+      "sha256": "037df02b2bce1332a63d955e79ec40ce574f703eb75c99ba683cac85c3471612",
+      "title": "InSpec Wrapper Profile for VMware vSphere 8.0 STIG Readiness Guide Version 1 Release 1",
+      "maintainer": "VMware",
+      "summary": "An InSpec Compliance Profile that runs PowerCLI audit tests on ESXI, VMs, and vCenter",
+      "license": "Apache-2.0",
+      "copyright": "The Authors",
+      "copyright_email": "stigs@vmware.com",
+      "supports": [],
+      "attributes": [
+        {
+          "name": "vmhostName",
+          "options": {
+            "value": "10.186.25.26"
+          }
+        },
+        {
+          "name": "cluster",
+          "options": {
+            "value": ""
+          }
+        },
+        {
+          "name": "allesxi",
+          "options": {
+            "value": false
+          }
+        },
+        {
+          "name": "adJoined",
+          "options": {
+            "value": false
+          }
+        },
+        {
+          "name": "adAdminGroup",
+          "options": {
+            "value": "MyAdAdminGroup"
+          }
+        },
+        {
+          "name": "syslogServer",
+          "options": {
+            "value": "tcp://log.test.local:514"
+          }
+        },
+        {
+          "name": "esxiNtpServers",
+          "options": {
+            "value": [
+              "time-a-g.nist.gov",
+              "time-b-g.nist.gov"
+            ]
+          }
+        },
+        {
+          "name": "vMotionVlanId",
+          "options": {
+            "value": "100"
+          }
+        },
+        {
+          "name": "mgtVlanId",
+          "options": {
+            "value": "101"
+          }
+        },
+        {
+          "name": "exceptionUsers",
+          "options": {
+            "value": [
+              "root",
+              "dcui"
+            ]
+          }
+        },
+        {
+          "name": "snmpEnabled",
+          "options": {
+            "value": "false"
+          }
+        },
+        {
+          "name": "esxiBuildNumber",
+          "options": {
+            "value": "21813344"
+          }
+        },
+        {
+          "name": "syslogServers",
+          "options": {
+            "value": [
+              "loginsight.vmware.com",
+              "syslog.server2.com"
+            ]
+          }
+        },
+        {
+          "name": "ntpServers",
+          "options": {
+            "value": [
+              "time-a-g.nist.gov",
+              "time-b-g.nist.gov"
+            ]
+          }
+        },
+        {
+          "name": "ipfixCollectorAddress",
+          "options": {
+            "value": ""
+          }
+        },
+        {
+          "name": "vcCryptoAdmins",
+          "options": {
+            "value": [
+              "VSPHERE.LOCAL\\Administrator",
+              "VSPHERE.LOCAL\\Administrators",
+              "VSPHERE.LOCAL\\vCLSAdmin"
+            ]
+          }
+        },
+        {
+          "name": "vcCryptoRoles",
+          "options": {
+            "value": [
+              "Admin",
+              "NoTrustedAdmin",
+              "vCLSAdmin",
+              "vSphereKubernetesManager"
+            ]
+          }
+        },
+        {
+          "name": "bashShellAdminUsers",
+          "options": {
+            "value": [
+              "Administrator"
+            ]
+          }
+        },
+        {
+          "name": "bashShellAdminGroups",
+          "options": {
+            "value": []
+          }
+        },
+        {
+          "name": "trustedAdminUsers",
+          "options": {
+            "value": []
+          }
+        },
+        {
+          "name": "trustedAdminGroups",
+          "options": {
+            "value": []
+          }
+        },
+        {
+          "name": "backup3rdParty",
+          "options": {
+            "value": false
+          }
+        },
+        {
+          "name": "vmName",
+          "options": {
+            "value": ""
+          }
+        },
+        {
+          "name": "allvms",
+          "options": {
+            "value": true
+          }
+        }
+      ],
+      "depends": [
+        {
+          "name": "esxi",
+          "path": "esxi",
+          "status": "loaded"
+        },
+        {
+          "name": "vcenter",
+          "path": "vcenter",
+          "status": "loaded"
+        },
+        {
+          "name": "vm",
+          "path": "vm",
+          "status": "loaded"
+        }
+      ],
+      "groups": [
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000005.rb",
+          "controls": [
+            "ESXI-80-000005"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000006.rb",
+          "controls": [
+            "ESXI-80-000006"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000008.rb",
+          "controls": [
+            "ESXI-80-000008"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000010.rb",
+          "controls": [
+            "ESXI-80-000010"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000014.rb",
+          "controls": [
+            "ESXI-80-000014"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000015.rb",
+          "controls": [
+            "ESXI-80-000015"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000035.rb",
+          "controls": [
+            "ESXI-80-000035"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000043.rb",
+          "controls": [
+            "ESXI-80-000043"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000047.rb",
+          "controls": [
+            "ESXI-80-000047"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000049.rb",
+          "controls": [
+            "ESXI-80-000049"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000052.rb",
+          "controls": [
+            "ESXI-80-000052"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000068.rb",
+          "controls": [
+            "ESXI-80-000068"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000085.rb",
+          "controls": [
+            "ESXI-80-000085"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000094.rb",
+          "controls": [
+            "ESXI-80-000094"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000111.rb",
+          "controls": [
+            "ESXI-80-000111"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000113.rb",
+          "controls": [
+            "ESXI-80-000113"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000114.rb",
+          "controls": [
+            "ESXI-80-000114"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000124.rb",
+          "controls": [
+            "ESXI-80-000124"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000133.rb",
+          "controls": [
+            "ESXI-80-000133"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000145.rb",
+          "controls": [
+            "ESXI-80-000145"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000160.rb",
+          "controls": [
+            "ESXI-80-000160"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000161.rb",
+          "controls": [
+            "ESXI-80-000161"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000187.rb",
+          "controls": [
+            "ESXI-80-000187"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000189.rb",
+          "controls": [
+            "ESXI-80-000189"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000191.rb",
+          "controls": [
+            "ESXI-80-000191"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000192.rb",
+          "controls": [
+            "ESXI-80-000192"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000193.rb",
+          "controls": [
+            "ESXI-80-000193"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000194.rb",
+          "controls": [
+            "ESXI-80-000194"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000195.rb",
+          "controls": [
+            "ESXI-80-000195"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000196.rb",
+          "controls": [
+            "ESXI-80-000196"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000198.rb",
+          "controls": [
+            "ESXI-80-000198"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000199.rb",
+          "controls": [
+            "ESXI-80-000199"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000201.rb",
+          "controls": [
+            "ESXI-80-000201"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000202.rb",
+          "controls": [
+            "ESXI-80-000202"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000203.rb",
+          "controls": [
+            "ESXI-80-000203"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000204.rb",
+          "controls": [
+            "ESXI-80-000204"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000205.rb",
+          "controls": [
+            "ESXI-80-000205"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000206.rb",
+          "controls": [
+            "ESXI-80-000206"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000207.rb",
+          "controls": [
+            "ESXI-80-000207"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000208.rb",
+          "controls": [
+            "ESXI-80-000208"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000209.rb",
+          "controls": [
+            "ESXI-80-000209"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000210.rb",
+          "controls": [
+            "ESXI-80-000210"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000211.rb",
+          "controls": [
+            "ESXI-80-000211"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000212.rb",
+          "controls": [
+            "ESXI-80-000212"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000213.rb",
+          "controls": [
+            "ESXI-80-000213"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000214.rb",
+          "controls": [
+            "ESXI-80-000214"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000215.rb",
+          "controls": [
+            "ESXI-80-000215"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000216.rb",
+          "controls": [
+            "ESXI-80-000216"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000217.rb",
+          "controls": [
+            "ESXI-80-000217"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000218.rb",
+          "controls": [
+            "ESXI-80-000218"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000219.rb",
+          "controls": [
+            "ESXI-80-000219"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000220.rb",
+          "controls": [
+            "ESXI-80-000220"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000221.rb",
+          "controls": [
+            "ESXI-80-000221"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000222.rb",
+          "controls": [
+            "ESXI-80-000222"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000223.rb",
+          "controls": [
+            "ESXI-80-000223"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000224.rb",
+          "controls": [
+            "ESXI-80-000224"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000225.rb",
+          "controls": [
+            "ESXI-80-000225"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000226.rb",
+          "controls": [
+            "ESXI-80-000226"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000227.rb",
+          "controls": [
+            "ESXI-80-000227"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000228.rb",
+          "controls": [
+            "ESXI-80-000228"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000229.rb",
+          "controls": [
+            "ESXI-80-000229"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000230.rb",
+          "controls": [
+            "ESXI-80-000230"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000231.rb",
+          "controls": [
+            "ESXI-80-000231"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000232.rb",
+          "controls": [
+            "ESXI-80-000232"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000233.rb",
+          "controls": [
+            "ESXI-80-000233"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000234.rb",
+          "controls": [
+            "ESXI-80-000234"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000235.rb",
+          "controls": [
+            "ESXI-80-000235"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000236.rb",
+          "controls": [
+            "ESXI-80-000236"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000237.rb",
+          "controls": [
+            "ESXI-80-000237"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000238.rb",
+          "controls": [
+            "ESXI-80-000238"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000239.rb",
+          "controls": [
+            "ESXI-80-000239"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000240.rb",
+          "controls": [
+            "ESXI-80-000240"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000241.rb",
+          "controls": [
+            "ESXI-80-000241"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000243.rb",
+          "controls": [
+            "ESXI-80-000243"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000244.rb",
+          "controls": [
+            "ESXI-80-000244"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000245.rb",
+          "controls": [
+            "ESXI-80-000245"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000246.rb",
+          "controls": [
+            "ESXI-80-000246"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000009.rb",
+          "controls": [
+            "VCSA-80-000009"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000023.rb",
+          "controls": [
+            "VCSA-80-000023"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000024.rb",
+          "controls": [
+            "VCSA-80-000024"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000034.rb",
+          "controls": [
+            "VCSA-80-000034"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000057.rb",
+          "controls": [
+            "VCSA-80-000057"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000059.rb",
+          "controls": [
+            "VCSA-80-000059"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000060.rb",
+          "controls": [
+            "VCSA-80-000060"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000069.rb",
+          "controls": [
+            "VCSA-80-000069"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000070.rb",
+          "controls": [
+            "VCSA-80-000070"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000071.rb",
+          "controls": [
+            "VCSA-80-000071"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000072.rb",
+          "controls": [
+            "VCSA-80-000072"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000073.rb",
+          "controls": [
+            "VCSA-80-000073"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000074.rb",
+          "controls": [
+            "VCSA-80-000074"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000077.rb",
+          "controls": [
+            "VCSA-80-000077"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000079.rb",
+          "controls": [
+            "VCSA-80-000079"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000080.rb",
+          "controls": [
+            "VCSA-80-000080"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000089.rb",
+          "controls": [
+            "VCSA-80-000089"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000095.rb",
+          "controls": [
+            "VCSA-80-000095"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000110.rb",
+          "controls": [
+            "VCSA-80-000110"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000123.rb",
+          "controls": [
+            "VCSA-80-000123"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000145.rb",
+          "controls": [
+            "VCSA-80-000145"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000148.rb",
+          "controls": [
+            "VCSA-80-000148"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000150.rb",
+          "controls": [
+            "VCSA-80-000150"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000158.rb",
+          "controls": [
+            "VCSA-80-000158"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000195.rb",
+          "controls": [
+            "VCSA-80-000195"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000196.rb",
+          "controls": [
+            "VCSA-80-000196"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000248.rb",
+          "controls": [
+            "VCSA-80-000248"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000253.rb",
+          "controls": [
+            "VCSA-80-000253"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000265.rb",
+          "controls": [
+            "VCSA-80-000265"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000266.rb",
+          "controls": [
+            "VCSA-80-000266"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000267.rb",
+          "controls": [
+            "VCSA-80-000267"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000268.rb",
+          "controls": [
+            "VCSA-80-000268"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000269.rb",
+          "controls": [
+            "VCSA-80-000269"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000270.rb",
+          "controls": [
+            "VCSA-80-000270"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000271.rb",
+          "controls": [
+            "VCSA-80-000271"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000272.rb",
+          "controls": [
+            "VCSA-80-000272"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000273.rb",
+          "controls": [
+            "VCSA-80-000273"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000274.rb",
+          "controls": [
+            "VCSA-80-000274"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000275.rb",
+          "controls": [
+            "VCSA-80-000275"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000276.rb",
+          "controls": [
+            "VCSA-80-000276"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000277.rb",
+          "controls": [
+            "VCSA-80-000277"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000278.rb",
+          "controls": [
+            "VCSA-80-000278"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000279.rb",
+          "controls": [
+            "VCSA-80-000279"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000280.rb",
+          "controls": [
+            "VCSA-80-000280"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000281.rb",
+          "controls": [
+            "VCSA-80-000281"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000282.rb",
+          "controls": [
+            "VCSA-80-000282"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000283.rb",
+          "controls": [
+            "VCSA-80-000283"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000284.rb",
+          "controls": [
+            "VCSA-80-000284"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000285.rb",
+          "controls": [
+            "VCSA-80-000285"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000286.rb",
+          "controls": [
+            "VCSA-80-000286"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000287.rb",
+          "controls": [
+            "VCSA-80-000287"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000288.rb",
+          "controls": [
+            "VCSA-80-000288"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000290.rb",
+          "controls": [
+            "VCSA-80-000290"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000291.rb",
+          "controls": [
+            "VCSA-80-000291"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000292.rb",
+          "controls": [
+            "VCSA-80-000292"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000293.rb",
+          "controls": [
+            "VCSA-80-000293"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000294.rb",
+          "controls": [
+            "VCSA-80-000294"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000295.rb",
+          "controls": [
+            "VCSA-80-000295"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000296.rb",
+          "controls": [
+            "VCSA-80-000296"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000298.rb",
+          "controls": [
+            "VCSA-80-000298"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000299.rb",
+          "controls": [
+            "VCSA-80-000299"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000300.rb",
+          "controls": [
+            "VCSA-80-000300"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000301.rb",
+          "controls": [
+            "VCSA-80-000301"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000302.rb",
+          "controls": [
+            "VCSA-80-000302"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000303.rb",
+          "controls": [
+            "VCSA-80-000303"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000304.rb",
+          "controls": [
+            "VCSA-80-000304"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000189.rb",
+          "controls": [
+            "VMCH-80-000189"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000191.rb",
+          "controls": [
+            "VMCH-80-000191"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000192.rb",
+          "controls": [
+            "VMCH-80-000192"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000193.rb",
+          "controls": [
+            "VMCH-80-000193"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000194.rb",
+          "controls": [
+            "VMCH-80-000194"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000195.rb",
+          "controls": [
+            "VMCH-80-000195"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000196.rb",
+          "controls": [
+            "VMCH-80-000196"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000197.rb",
+          "controls": [
+            "VMCH-80-000197"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000198.rb",
+          "controls": [
+            "VMCH-80-000198"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000199.rb",
+          "controls": [
+            "VMCH-80-000199"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000200.rb",
+          "controls": [
+            "VMCH-80-000200"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000201.rb",
+          "controls": [
+            "VMCH-80-000201"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000202.rb",
+          "controls": [
+            "VMCH-80-000202"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000203.rb",
+          "controls": [
+            "VMCH-80-000203"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000204.rb",
+          "controls": [
+            "VMCH-80-000204"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000205.rb",
+          "controls": [
+            "VMCH-80-000205"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000206.rb",
+          "controls": [
+            "VMCH-80-000206"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000207.rb",
+          "controls": [
+            "VMCH-80-000207"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000208.rb",
+          "controls": [
+            "VMCH-80-000208"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000209.rb",
+          "controls": [
+            "VMCH-80-000209"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000210.rb",
+          "controls": [
+            "VMCH-80-000210"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000211.rb",
+          "controls": [
+            "VMCH-80-000211"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000212.rb",
+          "controls": [
+            "VMCH-80-000212"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000213.rb",
+          "controls": [
+            "VMCH-80-000213"
+          ]
+        },
+        {
+          "id": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000214.rb",
+          "controls": [
+            "VMCH-80-000214"
+          ]
+        }
+      ],
+      "controls": [
+        {
+          "id": "ESXI-80-000005",
+          "title": "The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.",
+          "desc": "By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountLockFailures\" value and verify it is set to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\nIf the \"Security.AccountLockFailures\" setting is set to a value other than \"3\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountLockFailures\" value and configure it to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-VMM-000050",
+            "gid": "V-ESXI-80-000005",
+            "rid": "SV-ESXI-80-000005",
+            "stig_id": "ESXI-80-000005",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000005' do\n  title 'The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.'\n  desc  'By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountLockFailures\\\" value and verify it is set to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\n    If the \\\"Security.AccountLockFailures\\\" setting is set to a value other than \\\"3\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountLockFailures\\\" value and configure it to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-VMM-000050'\n  tag gid: 'V-ESXI-80-000005'\n  tag rid: 'SV-ESXI-80-000005'\n  tag stig_id: 'ESXI-80-000005'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '3' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000005.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000006",
+          "title": "The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).",
+          "desc": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Annotations.WelcomeMessage\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\nIf the \"Annotations.WelcomeMessage\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Annotations.WelcomeMessage\" value and set it to the following. Click \"OK\".\n\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\t{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \"<Banner text above>\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-VMM-000060",
+            "satisfies": [
+              "SRG-OS-000024-VMM-000070"
+            ],
+            "gid": "V-ESXI-80-000006",
+            "rid": "SV-ESXI-80-000006",
+            "stig_id": "ESXI-80-000006",
+            "cci": [
+              "CCI-000048",
+              "CCI-000050"
+            ],
+            "nist": [
+              "AC-8 a",
+              "AC-8 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000006' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Annotations.WelcomeMessage\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\n    If the \\\"Annotations.WelcomeMessage\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Annotations.WelcomeMessage\\\" value and set it to the following. Click \\\"OK\\\".\n\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\\t{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag satisfies: ['SRG-OS-000024-VMM-000070']\n  tag gid: 'V-ESXI-80-000006'\n  tag rid: 'SV-ESXI-80-000006'\n  tag stig_id: 'ESXI-80-000006'\n  tag cci: ['CCI-000048', 'CCI-000050']\n  tag nist: ['AC-8 a', 'AC-8 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000006.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000008",
+          "title": "The ESXi host must enable lockdown mode.",
+          "desc": "Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nScroll down to \"Lockdown Mode\" and verify it is set to \"Enabled\" (Normal or Strict).\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Select Name,@{N=\"Lockdown\";E={$_.Extensiondata.Config.LockdownMode}}\n\nIf \"Lockdown Mode\" is disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\nClick edit and select either the \"Normal\" or \"Strict\" radio buttons.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$level = \"lockdownNormal\" OR \"lockdownStrict\"\n$vmhost = Get-VMHost -Name <hostname> | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.ChangeLockdownMode($level)\n\nNote: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000027-VMM-000080",
+            "gid": "V-ESXI-80-000008",
+            "rid": "SV-ESXI-80-000008",
+            "stig_id": "ESXI-80-000008",
+            "cci": [
+              "CCI-000054"
+            ],
+            "nist": [
+              "AC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000008' do\n  title 'The ESXi host must enable lockdown mode.'\n  desc  \"\n    Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\n    By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Scroll down to \\\"Lockdown Mode\\\" and verify it is set to \\\"Enabled\\\" (Normal or Strict).\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Select Name,@{N=\\\"Lockdown\\\";E={$_.Extensiondata.Config.LockdownMode}}\n\n    If \\\"Lockdown Mode\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\n    Click edit and select either the \\\"Normal\\\" or \\\"Strict\\\" radio buttons.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $level = \\\"lockdownNormal\\\" OR \\\"lockdownStrict\\\"\n    $vmhost = Get-VMHost -Name <hostname> | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.ChangeLockdownMode($level)\n\n    Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000027-VMM-000080'\n  tag gid: 'V-ESXI-80-000008'\n  tag rid: 'SV-ESXI-80-000008'\n  tag stig_id: 'ESXI-80-000008'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['lockdownNormal', 'lockdownStrict']\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).Extensiondata.Config.LockdownMode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000008.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000010",
+          "title": "The ESXi host client must be configured with an idle session timeout.",
+          "desc": "The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.HostClientSessionTimeout\" value and verify it is set to \"900\" or less.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\nIf the \"UserVars.HostClientSessionTimeout\" setting is not set to \"900\" or less, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Fom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.HostClientSessionTimeout\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \"900\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-VMM-000100",
+            "gid": "V-ESXI-80-000010",
+            "rid": "SV-ESXI-80-000010",
+            "stig_id": "ESXI-80-000010",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000010' do\n  title 'The ESXi host client must be configured with an idle session timeout.'\n  desc  'The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.HostClientSessionTimeout\\\" value and verify it is set to \\\"900\\\" or less.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\n    If the \\\"UserVars.HostClientSessionTimeout\\\" setting is not set to \\\"900\\\" or less, this is a finding.\n  \"\n  desc  'fix', \"\n    Fom the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.HostClientSessionTimeout\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \\\"900\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-VMM-000100'\n  tag gid: 'V-ESXI-80-000010'\n  tag rid: 'SV-ESXI-80-000010'\n  tag stig_id: 'ESXI-80-000010'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000010.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000014",
+          "title": "The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.",
+          "desc": "Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.security.fips140.ssh.get.invoke()\n\nExpected result:\n\nEnabled: true\n\nIf the FIPS mode is not enabled for SSH, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh set -e true\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n$arguments.enable = $true\n$esxcli.system.security.fips140.ssh.set.Invoke($arguments)"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000033-VMM-000140",
+            "gid": "V-ESXI-80-000014",
+            "rid": "SV-ESXI-80-000014",
+            "stig_id": "ESXI-80-000014",
+            "cci": [
+              "CCI-000068"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ]
+          },
+          "code": "control 'ESXI-80-000014' do\n  title 'The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.'\n  desc  \"\n    Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\n    OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.security.fips140.ssh.get.invoke()\n\n    Expected result:\n\n    Enabled: true\n\n    If the FIPS mode is not enabled for SSH, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh set -e true\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n    $arguments.enable = $true\n    $esxcli.system.security.fips140.ssh.set.Invoke($arguments)\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-VMM-000140'\n  tag gid: 'V-ESXI-80-000014'\n  tag rid: 'SV-ESXI-80-000014'\n  tag stig_id: 'ESXI-80-000014'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000014.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000015",
+          "title": "The ESXi must produce audit records containing information to establish what type of events occurred.",
+          "desc": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.log.level\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\nIf the \"Config.HostAgent.log.level\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.log.level\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \"info\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000037-VMM-000150",
+            "satisfies": [
+              "SRG-OS-000063-VMM-000310"
+            ],
+            "gid": "V-ESXI-80-000015",
+            "rid": "SV-ESXI-80-000015",
+            "stig_id": "ESXI-80-000015",
+            "cci": [
+              "CCI-000130",
+              "CCI-000171"
+            ],
+            "nist": [
+              "AU-12 b",
+              "AU-3"
+            ]
+          },
+          "code": "control 'ESXI-80-000015' do\n  title 'The ESXi must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.log.level\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\n    If the \\\"Config.HostAgent.log.level\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.log.level\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag satisfies: ['SRG-OS-000063-VMM-000310']\n  tag gid: 'V-ESXI-80-000015'\n  tag rid: 'SV-ESXI-80-000015'\n  tag stig_id: 'ESXI-80-000015'\n  tag cci: ['CCI-000130', 'CCI-000171']\n  tag nist: ['AU-12 b', 'AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000015.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000035",
+          "title": "The ESXi host must enforce password complexity by configuring a password quality policy.",
+          "desc": "To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordQualityControl\" value and verify it is set to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\nIf the \"Security.PasswordQualityControl\" setting is set to a value other than \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordQualityControl\" value and configure it to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000069-VMM-000360",
+            "satisfies": [
+              "SRG-OS-000070-VMM-000370",
+              "SRG-OS-000071-VMM-000380",
+              "SRG-OS-000072-VMM-000390",
+              "SRG-OS-000078-VMM-000450",
+              "SRG-OS-000266-VMM-000940"
+            ],
+            "gid": "V-ESXI-80-000035",
+            "rid": "SV-ESXI-80-000035",
+            "stig_id": "ESXI-80-000035",
+            "cci": [
+              "CCI-000192",
+              "CCI-000193",
+              "CCI-000194",
+              "CCI-000195",
+              "CCI-000205",
+              "CCI-001619"
+            ],
+            "nist": [
+              "IA-5 (1) (a)",
+              "IA-5 (1) (b)"
+            ]
+          },
+          "code": "control 'ESXI-80-000035' do\n  title 'The ESXi host must enforce password complexity by configuring a password quality policy.'\n  desc  \"\n    To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\n    The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordQualityControl\\\" value and verify it is set to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\n    If the \\\"Security.PasswordQualityControl\\\" setting is set to a value other than \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordQualityControl\\\" value and configure it to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-VMM-000360'\n  tag satisfies: ['SRG-OS-000070-VMM-000370', 'SRG-OS-000071-VMM-000380', 'SRG-OS-000072-VMM-000390', 'SRG-OS-000078-VMM-000450', 'SRG-OS-000266-VMM-000940']\n  tag gid: 'V-ESXI-80-000035'\n  tag rid: 'SV-ESXI-80-000035'\n  tag stig_id: 'ESXI-80-000035'\n  tag cci: ['CCI-000192', 'CCI-000193', 'CCI-000194', 'CCI-000195', 'CCI-000205', 'CCI-001619']\n  tag nist: ['IA-5 (1) (a)', 'IA-5 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'similar=deny retry=3 min=disabled,disabled,disabled,disabled,15' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000035.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000043",
+          "title": "The ESXi host must prohibit password reuse for a minimum of five generations.",
+          "desc": "If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordHistory\" value and verify it is set to \"5\" or greater.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\nIf the \"Security.PasswordHistory\" setting is set to a value other than 5 or greater, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordHistory\" value and configure it to \"5\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000077-VMM-000440",
+            "gid": "V-ESXI-80-000043",
+            "rid": "SV-ESXI-80-000043",
+            "stig_id": "ESXI-80-000043",
+            "cci": [
+              "CCI-000200"
+            ],
+            "nist": [
+              "IA-5 (1) (e)"
+            ]
+          },
+          "code": "control 'ESXI-80-000043' do\n  title 'The ESXi host must prohibit password reuse for a minimum of five generations.'\n  desc  \"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordHistory\\\" value and verify it is set to \\\"5\\\" or greater.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\n    If the \\\"Security.PasswordHistory\\\" setting is set to a value other than 5 or greater, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordHistory\\\" value and configure it to \\\"5\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-VMM-000440'\n  tag gid: 'V-ESXI-80-000043'\n  tag rid: 'SV-ESXI-80-000043'\n  tag stig_id: 'ESXI-80-000043'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '5' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000043.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000047",
+          "title": "The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).",
+          "desc": "The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.solo.enableMob\" value and verify it is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\nIf the \"Config.HostAgent.plugins.solo.enableMob\" setting is not set to \"false\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.solo.enableMob\" value and configure it to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-VMM-000480",
+            "gid": "V-ESXI-80-000047",
+            "rid": "SV-ESXI-80-000047",
+            "stig_id": "ESXI-80-000047",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000047' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).'\n  desc  'The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and verify it is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\n    If the \\\"Config.HostAgent.plugins.solo.enableMob\\\" setting is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and configure it to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000047'\n  tag rid: 'SV-ESXI-80-000047'\n  tag stig_id: 'ESXI-80-000047'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000047.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000049",
+          "title": "The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.",
+          "desc": "Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nVerify the \"Directory Services Type\" is set to \"Active Directory\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication\n\nFor systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\nIf the \"Directory Services Type\" is not set to \"Active Directory\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nClick \"Join Domain...\" and enter the AD domain to join.\n\nSelect the \"Using credentials\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \"user@domain\"). Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \"domain name\" -User \"username\" -Password \"password\"\n\nIf any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000104-VMM-000500",
+            "satisfies": [
+              "SRG-OS-000109-VMM-000550",
+              "SRG-OS-000112-VMM-000560",
+              "SRG-OS-000113-VMM-000570",
+              "SRG-OS-000123-VMM-000620"
+            ],
+            "gid": "V-ESXI-80-000049",
+            "rid": "SV-ESXI-80-000049",
+            "stig_id": "ESXI-80-000049",
+            "cci": [
+              "CCI-000764",
+              "CCI-000770",
+              "CCI-001682",
+              "CCI-001941",
+              "CCI-001942"
+            ],
+            "nist": [
+              "AC-2 (2)",
+              "IA-2",
+              "IA-2 (5)",
+              "IA-2 (8)",
+              "IA-2 (9)"
+            ]
+          },
+          "code": "control 'ESXI-80-000049' do\n  title 'The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.'\n  desc  \"\n    Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\n    Note: If the Active Directory group \\\"ESX Admins\\\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Verify the \\\"Directory Services Type\\\" is set to \\\"Active Directory\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication\n\n    For systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\n    If the \\\"Directory Services Type\\\" is not set to \\\"Active Directory\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Click \\\"Join Domain...\\\" and enter the AD domain to join.\n\n    Select the \\\"Using credentials\\\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \\\"user@domain\\\"). Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \\\"domain name\\\" -User \\\"username\\\" -Password \\\"password\\\"\n\n    If any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000104-VMM-000500'\n  tag satisfies: ['SRG-OS-000109-VMM-000550', 'SRG-OS-000112-VMM-000560', 'SRG-OS-000113-VMM-000570', 'SRG-OS-000123-VMM-000620']\n  tag gid: 'V-ESXI-80-000049'\n  tag rid: 'SV-ESXI-80-000049'\n  tag stig_id: 'ESXI-80-000049'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-001682', 'CCI-001941', 'CCI-001942']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-2 (8)', 'IA-2 (9)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if input('adJoined')\n      list = ['Joined', 'Ok']\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should be_in list }\n        end\n      end\n    else\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp '' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000049.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000052",
+          "title": "The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.",
+          "desc": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\nExpected result:\n\nignorerhosts yes\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nIgnoreRhosts yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000107-VMM-000530",
+            "gid": "V-ESXI-80-000052",
+            "rid": "SV-ESXI-80-000052",
+            "stig_id": "ESXI-80-000052",
+            "cci": [
+              "CCI-000767"
+            ],
+            "nist": [
+              "IA-2 (3)"
+            ]
+          },
+          "code": "control 'ESXI-80-000052' do\n  title 'The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.'\n  desc  'SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\n    Expected result:\n\n    ignorerhosts yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000107-VMM-000530'\n  tag gid: 'V-ESXI-80-000052'\n  tag rid: 'SV-ESXI-80-000052'\n  tag stig_id: 'ESXI-80-000052'\n  tag cci: ['CCI-000767']\n  tag nist: ['IA-2 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000052.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000068",
+          "title": "The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.",
+          "desc": "If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellInteractiveTimeOut\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\nIf the \"UserVars.ESXiShellInteractiveTimeOut\" setting is set to a value greater than \"900\" or \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellInteractiveTimeOut\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-VMM-000700",
+            "satisfies": [
+              "SRG-OS-000279-VMM-001010"
+            ],
+            "gid": "V-ESXI-80-000068",
+            "rid": "SV-ESXI-80-000068",
+            "stig_id": "ESXI-80-000068",
+            "cci": [
+              "CCI-001133",
+              "CCI-002361"
+            ],
+            "nist": [
+              "AC-12",
+              "SC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000068' do\n  title 'The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.'\n  desc  'If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\n    If the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" setting is set to a value greater than \\\"900\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag satisfies: ['SRG-OS-000279-VMM-001010']\n  tag gid: 'V-ESXI-80-000068'\n  tag rid: 'SV-ESXI-80-000068'\n  tag stig_id: 'ESXI-80-000068'\n  tag cci: ['CCI-001133', 'CCI-002361']\n  tag nist: ['AC-12', 'SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000068.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000085",
+          "title": "The ESXi host must implement Secure Boot enforcement.",
+          "desc": "Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\nExpected result:\n\nRequire Secure Boot: true\n\nIf \"Require Secure Boot\" is not enable, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\nFrom an ESXi shell, run the following commands:\n\n# esxcli system settings encryption set --require-secure-boot=true\n# /sbin/auto-backup.sh\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.requiresecureboot = $true\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000257-VMM-000910",
+            "satisfies": [
+              "SRG-OS-000258-VMM-000920",
+              "SRG-OS-000445-VMM-001780",
+              "SRG-OS-000446-VMM-001790"
+            ],
+            "gid": "V-ESXI-80-000085",
+            "rid": "SV-ESXI-80-000085",
+            "stig_id": "ESXI-80-000085",
+            "cci": [
+              "CCI-001494",
+              "CCI-001495",
+              "CCI-002696",
+              "CCI-002699"
+            ],
+            "nist": [
+              "AU-9",
+              "SI-6 a",
+              "SI-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000085' do\n  title 'The ESXi host must implement Secure Boot enforcement.'\n  desc  \"\n    Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\n    Expected result:\n\n    Require Secure Boot: true\n\n    If \\\"Require Secure Boot\\\" is not enable, this is a finding.\n  \"\n  desc 'fix', \"\n    This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings encryption set --require-secure-boot=true\n    # /sbin/auto-backup.sh\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.requiresecureboot = $true\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000257-VMM-000910'\n  tag satisfies: ['SRG-OS-000258-VMM-000920', 'SRG-OS-000445-VMM-001780', 'SRG-OS-000446-VMM-001790']\n  tag gid: 'V-ESXI-80-000085'\n  tag rid: 'SV-ESXI-80-000085'\n  tag stig_id: 'ESXI-80-000085'\n  tag cci: ['CCI-001494', 'CCI-001495', 'CCI-002696', 'CCI-002699']\n  tag nist: ['AU-9', 'SI-6 a', 'SI-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000085.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000094",
+          "title": "The ESXi host must enable Secure Boot.",
+          "desc": "Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\nIf Secure Boot is not \"Enabled\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\nIf the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\nOnce all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\nTo enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000278-VMM-001000",
+            "gid": "V-ESXI-80-000094",
+            "rid": "SV-ESXI-80-000094",
+            "stig_id": "ESXI-80-000094",
+            "cci": [
+              "CCI-001496"
+            ],
+            "nist": [
+              "AU-9 (3)"
+            ]
+          },
+          "code": "control 'ESXI-80-000094' do\n  title 'The ESXi host must enable Secure Boot.'\n  desc  \"\n    Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \\\"turn on\\\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\n    If Secure Boot is not \\\"Enabled\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\n    If the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\n    Once all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\n    To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-VMM-001000'\n  tag gid: 'V-ESXI-80-000094'\n  tag rid: 'SV-ESXI-80-000094'\n  tag stig_id: 'ESXI-80-000094'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000094.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000111",
+          "title": "The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.",
+          "desc": "By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountUnlockTime\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\nIf the \"Security.AccountUnlockTime\" setting is less than 900 or 0, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountUnlockTime\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000329-VMM-001180",
+            "gid": "V-ESXI-80-000111",
+            "rid": "SV-ESXI-80-000111",
+            "stig_id": "ESXI-80-000111",
+            "cci": [
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000111' do\n  title 'The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.'\n  desc  'By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountUnlockTime\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\n    If the \\\"Security.AccountUnlockTime\\\" setting is less than 900 or 0, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountUnlockTime\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000329-VMM-001180'\n  tag gid: 'V-ESXI-80-000111'\n  tag rid: 'SV-ESXI-80-000111'\n  tag stig_id: 'ESXI-80-000111'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000111.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000113",
+          "title": "The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.",
+          "desc": "In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageCapacity\" value and verify it is set to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\nIf the \"Syslog.global.auditRecord.storageCapacity\" setting is not set to 100, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageCapacity\" value and configure it to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000341-VMM-001220",
+            "gid": "V-ESXI-80-000113",
+            "rid": "SV-ESXI-80-000113",
+            "stig_id": "ESXI-80-000113",
+            "cci": [
+              "CCI-001849"
+            ],
+            "nist": [
+              "AU-4"
+            ]
+          },
+          "code": "control 'ESXI-80-000113' do\n  title 'The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.'\n  desc  \"\n    In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\n    If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and verify it is set to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\n    If the \\\"Syslog.global.auditRecord.storageCapacity\\\" setting is not set to 100, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and configure it to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000113'\n  tag rid: 'SV-ESXI-80-000113'\n  tag stig_id: 'ESXI-80-000113'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '100' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000113.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000114",
+          "title": "The ESXi host must off-load logs via syslog.",
+          "desc": "Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logHost\" value and verify it is set to a site-specific syslog server.\n\nSyslog servers are specified in the following formats:\n\nudp://<IP or FQDN>:514\ntcp://<IP or FQDN>:514\nssl://<IP or FQDN>:1514\n\nMultiple servers can also be specified when separated by commas.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\nIf the \"Syslog.global.logHost\" setting is not set to a valid, site-specific syslog server, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logHost\" value and configure it to a site-specific syslog server.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \"enter site specific servers\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-VMM-001230",
+            "satisfies": [
+              "SRG-OS-000274-VMM-000960",
+              "SRG-OS-000275-VMM-000970",
+              "SRG-OS-000277-VMM-000990",
+              "SRG-OS-000479-VMM-001990"
+            ],
+            "gid": "V-ESXI-80-000114",
+            "rid": "SV-ESXI-80-000114",
+            "stig_id": "ESXI-80-000114",
+            "cci": [
+              "CCI-001683",
+              "CCI-001684",
+              "CCI-001686",
+              "CCI-001851"
+            ],
+            "nist": [
+              "AC-2 (4)",
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'ESXI-80-000114' do\n  title 'The ESXi host must off-load logs via syslog.'\n  desc  \"\n    Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\n    Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logHost\\\" value and verify it is set to a site-specific syslog server.\n\n    Syslog servers are specified in the following formats:\n\n    udp://<IP or FQDN>:514\n    tcp://<IP or FQDN>:514\n    ssl://<IP or FQDN>:1514\n\n    Multiple servers can also be specified when separated by commas.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\n    If the \\\"Syslog.global.logHost\\\" setting is not set to a valid, site-specific syslog server, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logHost\\\" value and configure it to a site-specific syslog server.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \\\"enter site specific servers\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag satisfies: ['SRG-OS-000274-VMM-000960', 'SRG-OS-000275-VMM-000970', 'SRG-OS-000277-VMM-000990', 'SRG-OS-000479-VMM-001990']\n  tag gid: 'V-ESXI-80-000114'\n  tag rid: 'SV-ESXI-80-000114'\n  tag stig_id: 'ESXI-80-000114'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001686', 'CCI-001851']\n  tag nist: ['AC-2 (4)', 'AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('syslogServer')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000114.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000124",
+          "title": "The ESXi host must synchronize internal information system clocks to an authoritative time source.",
+          "desc": "To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nVerify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nVerify the NTP or PTP service is running and configured to start and stop with the host.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostNTPServer\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\" -or $_.Label -eq \"PTP Daemon\"}\n\nIf the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\"Policy\" of \"on\" in PowerCLI) or is stopped, this is a finding.\nIf PTP is used instead of NTP, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To configure NTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Network Time Protocol\".\n\nEnter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"NTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$NTPServers = \"ntpserver1\",\"ntpserver2\"\nGet-VMHost | Add-VMHostNTPServer $NTPServers\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Set-VMHostService -Policy On\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Start-VMHostService\n\nTo configure PTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Precision Time Protocol\".\n\nSelect the network adapter that can receive the PTP traffic.\n\nIf NTP servers are available, select \"Enable fallback\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"PTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000355-VMM-001330",
+            "satisfies": [
+              "SRG-OS-000356-VMM-001340"
+            ],
+            "gid": "V-ESXI-80-000124",
+            "rid": "SV-ESXI-80-000124",
+            "stig_id": "ESXI-80-000124",
+            "cci": [
+              "CCI-001891",
+              "CCI-002046"
+            ],
+            "nist": [
+              "AU-8 (1) (a)",
+              "AU-8 (1) (b)"
+            ]
+          },
+          "code": "control 'ESXI-80-000124' do\n  title 'The ESXi host must synchronize internal information system clocks to an authoritative time source.'\n  desc  'To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Verify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Verify the NTP or PTP service is running and configured to start and stop with the host.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostNTPServer\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\" -or $_.Label -eq \\\"PTP Daemon\\\"}\n\n    If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\\\"Policy\\\" of \\\"on\\\" in PowerCLI) or is stopped, this is a finding.\n    If PTP is used instead of NTP, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    To configure NTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Network Time Protocol\\\".\n\n    Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"NTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $NTPServers = \\\"ntpserver1\\\",\\\"ntpserver2\\\"\n    Get-VMHost | Add-VMHostNTPServer $NTPServers\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Set-VMHostService -Policy On\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Start-VMHostService\n\n    To configure PTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Precision Time Protocol\\\".\n\n    Select the network adapter that can receive the PTP traffic.\n\n    If NTP servers are available, select \\\"Enable fallback\\\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"PTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-VMM-001330'\n  tag satisfies: ['SRG-OS-000356-VMM-001340']\n  tag gid: 'V-ESXI-80-000124'\n  tag rid: 'SV-ESXI-80-000124'\n  tag stig_id: 'ESXI-80-000124'\n  tag cci: ['CCI-001891', 'CCI-002046']\n  tag nist: ['AU-8 (1) (a)', 'AU-8 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'on' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      results = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-VMHostNTPServer\").stdout\n      if !results.empty?\n        results.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n          describe \"NTP Server: #{result} for VMHost: #{vmhost}\" do\n            subject { result }\n            it { should be_in \"#{input('esxiNtpServers')}\" }\n          end\n        end\n      else\n        describe \"No NTP servers found on VMhost: #{vmhost}\" do\n          subject { results }\n          it { should_not be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000124.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000133",
+          "title": "The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.",
+          "desc": "Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\" view the acceptance level.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.software.acceptance.get.Invoke()\n\nIf the acceptance level is \"CommunitySupported\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\", click \"Edit\".\n\nUsing the drop-down selection, set the acceptance level as \"VMwareCertified\", \"VMwareAccepted\", or \"PartnerSupported\". The default is \"PartnerSupported\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.software.acceptance.set.CreateArgs()\n$arguments.level = \"PartnerSupported\"\n$esxcli.software.acceptance.set.Invoke($arguments)\n\nNote: \"VMwareCertified\" or \"VMwareAccepted\" may be substituted for \"PartnerSupported\", depending on local requirements. These are case sensitive."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000366-VMM-001430",
+            "satisfies": [
+              "SRG-OS-000370-VMM-001460"
+            ],
+            "gid": "V-ESXI-80-000133",
+            "rid": "SV-ESXI-80-000133",
+            "stig_id": "ESXI-80-000133",
+            "cci": [
+              "CCI-001749",
+              "CCI-001774"
+            ],
+            "nist": [
+              "CM-5 (3)",
+              "CM-7 (5) (b)"
+            ]
+          },
+          "code": "control 'ESXI-80-000133' do\n  title 'The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.'\n  desc  \"\n    Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n    1. VMwareCertified - VIBs created, tested, and signed by VMware.\n    2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n    3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n    4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\n    Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\" view the acceptance level.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.software.acceptance.get.Invoke()\n\n    If the acceptance level is \\\"CommunitySupported\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\", click \\\"Edit\\\".\n\n    Using the drop-down selection, set the acceptance level as \\\"VMwareCertified\\\", \\\"VMwareAccepted\\\", or \\\"PartnerSupported\\\". The default is \\\"PartnerSupported\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.software.acceptance.set.CreateArgs()\n    $arguments.level = \\\"PartnerSupported\\\"\n    $esxcli.software.acceptance.set.Invoke($arguments)\n\n    Note: \\\"VMwareCertified\\\" or \\\"VMwareAccepted\\\" may be substituted for \\\"PartnerSupported\\\", depending on local requirements. These are case sensitive.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-VMM-001430'\n  tag satisfies: ['SRG-OS-000370-VMM-001460']\n  tag gid: 'V-ESXI-80-000133'\n  tag rid: 'SV-ESXI-80-000133'\n  tag stig_id: 'ESXI-80-000133'\n  tag cci: ['CCI-001749', 'CCI-001774']\n  tag nist: ['CM-5 (3)', 'CM-7 (5) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['PartnerSupported', 'VMwareCertified', 'VMwareAccepted']\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000133.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000145",
+          "title": "The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.",
+          "desc": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If iSCSI is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication >> Method.\n\nView the CHAP configuration and verify CHAP is required for target and host authentication.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\nIf iSCSI is used and CHAP is not set to \"required\" for both the target and host, this is a finding.\n\nIf iSCSI is used and unique CHAP secrets are not used for each host, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication.\n\nClick \"Edit...\". Set \"Authentication Method\" to \"Use bidirectional CHAP\" and enter a unique secret for each traffic flow direction.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Set-VMHostHba -ChapType Required -ChapName \"chapname\" -ChapPassword \"password\" -MutualChapEnabled $true -MutualChapName \"mutualchapname\" -MutualChapPassword \"mutualpassword\""
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000379-VMM-001550",
+            "gid": "V-ESXI-80-000145",
+            "rid": "SV-ESXI-80-000145",
+            "stig_id": "ESXI-80-000145",
+            "cci": [
+              "CCI-001967"
+            ],
+            "nist": [
+              "IA-3 (1)"
+            ]
+          },
+          "code": "control 'ESXI-80-000145' do\n  title 'The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If iSCSI is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication >> Method.\n\n    View the CHAP configuration and verify CHAP is required for target and host authentication.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\n    If iSCSI is used and CHAP is not set to \\\"required\\\" for both the target and host, this is a finding.\n\n    If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication.\n\n    Click \\\"Edit...\\\". Set \\\"Authentication Method\\\" to \\\"Use bidirectional CHAP\\\" and enter a unique secret for each traffic flow direction.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Set-VMHostHba -ChapType Required -ChapName \\\"chapname\\\" -ChapPassword \\\"password\\\" -MutualChapEnabled $true -MutualChapName \\\"mutualchapname\\\" -MutualChapPassword \\\"mutualpassword\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000379-VMM-001550'\n  tag gid: 'V-ESXI-80-000145'\n  tag rid: 'SV-ESXI-80-000145'\n  tag stig_id: 'ESXI-80-000145'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(command).stdout\n\n      if iscsi_hbas.empty?\n        impact 0.0\n        describe '' do\n          skip 'There are no iSCSI HBAs present so this control is Not Applicable'\n        end\n      else\n        command1 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty MutualChapEnabled\"\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty ChapType\"\n        describe powercli_command(command1) do\n          its('stdout.strip') { should cmp 'True' }\n        end\n        describe powercli_command(command2) do\n          its('stdout.strip') { should cmp 'Required' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000145.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000160",
+          "title": "The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.",
+          "desc": "While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\nIf long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\nIf the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of the vMotion VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to vMotion traffic exclusively. Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-VMM-001700",
+            "gid": "V-ESXI-80-000160",
+            "rid": "SV-ESXI-80-000160",
+            "stig_id": "ESXI-80-000160",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'ESXI-80-000160' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.'\n  desc  \"\n    While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\n    The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\n    If long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\n    If the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the vMotion VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to vMotion traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000160'\n  tag rid: 'SV-ESXI-80-000160'\n  tag stig_id: 'ESXI-80-000160'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VMotionEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      if vmks.empty?\n        describe '' do\n          skip 'There are no VMKernel adapters with vMotion enabled so this control is N/A.'\n        end\n      else\n        vmks.split.each do |vmk|\n          # Check to see if vMotion and any other services are enabled on the same VMkernel adapter\n          command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should be_empty }\n          end\n          # Get vMotion Port Group Name\n          command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n          pgname = powercli_command(command3).stdout.strip\n          # Test standard port groups\n          command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" -Standard | Select-Object -ExpandProperty VlanId\"\n          stdpgs = powercli_command(command4).stdout.strip\n          unless stdpgs.empty?\n            describe 'Checking standand port group VLAN ID' do\n              subject { stdpgs }\n              it { should cmp \"#{input('vMotionVlanId')}\" }\n            end\n          end\n          describe 'SA Interview' do\n            skip 'SA also needs to confirm this VLAN is dedicated to vMotion and not routable except to other ESXi hosts.'\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000160.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000161",
+          "title": "The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.",
+          "desc": "TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiVPsDisabledProtocols\" value and verify it is set to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\nIf the \"UserVars.ESXiVPsDisabledProtocols\" setting is set to a value other than \"sslv3,tlsv1,tlsv1.1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiVPsDisabledProtocols\" value and configure it to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \"sslv3,tlsv1,tlsv1.1\""
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000425-VMM-001710",
+            "satisfies": [
+              "SRG-OS-000426-VMM-001720"
+            ],
+            "gid": "V-ESXI-80-000161",
+            "rid": "SV-ESXI-80-000161",
+            "stig_id": "ESXI-80-000161",
+            "cci": [
+              "CCI-002420",
+              "CCI-002422"
+            ],
+            "nist": [
+              "SC-8 (2)"
+            ]
+          },
+          "code": "control 'ESXI-80-000161' do\n  title 'The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.'\n  desc  \"\n    TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\n    Mandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\n    On interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\n    Modify TLS settings in the following order:\n    1. vCenter.\n    2. ESXi.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and verify it is set to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\n    If the \\\"UserVars.ESXiVPsDisabledProtocols\\\" setting is set to a value other than \\\"sslv3,tlsv1,tlsv1.1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and configure it to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \\\"sslv3,tlsv1,tlsv1.1\\\"\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000425-VMM-001710'\n  tag satisfies: ['SRG-OS-000426-VMM-001720']\n  tag gid: 'V-ESXI-80-000161'\n  tag rid: 'SV-ESXI-80-000161'\n  tag stig_id: 'ESXI-80-000161'\n  tag cci: ['CCI-002420', 'CCI-002422']\n  tag nist: ['SC-8 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'sslv3,tlsv1,tlsv1.1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000161.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000187",
+          "title": "The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.",
+          "desc": "Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\nExpected result:\n\nciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCiphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nNote: The ciphers line must be after the FipsMode setting."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000478-VMM-001980",
+            "gid": "V-ESXI-80-000187",
+            "rid": "SV-ESXI-80-000187",
+            "stig_id": "ESXI-80-000187",
+            "cci": [
+              "CCI-002450"
+            ],
+            "nist": [
+              "SC-13"
+            ]
+          },
+          "code": "control 'ESXI-80-000187' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.'\n  desc  'Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\n    Expected result:\n\n    ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    Note: The ciphers line must be after the FipsMode setting.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000478-VMM-001980'\n  tag gid: 'V-ESXI-80-000187'\n  tag rid: 'SV-ESXI-80-000187'\n  tag stig_id: 'ESXI-80-000187'\n  tag cci: ['CCI-002450']\n  tag nist: ['SC-13']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000187.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000189",
+          "title": "The ESXi host DCUI.Access list must be verified.",
+          "desc": "Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"DCUI.Access\" value and verify only the root user is listed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\nIf the \"DCUI.Access\" is not restricted to \"root\", this is a finding.\n\nNote: This list is only for local user accounts and should only contain the root user."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"DCUI.Access\" value and configure it to \"root\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \"root\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000189",
+            "rid": "SV-ESXI-80-000189",
+            "stig_id": "ESXI-80-000189",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000189' do\n  title 'The ESXi host DCUI.Access list must be verified.'\n  desc  \"\n    Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\n    The \\\"DCUI.Access\\\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"DCUI.Access\\\" value and verify only the root user is listed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\n    If the \\\"DCUI.Access\\\" is not restricted to \\\"root\\\", this is a finding.\n\n    Note: This list is only for local user accounts and should only contain the root user.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"DCUI.Access\\\" value and configure it to \\\"root\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \\\"root\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000189'\n  tag rid: 'SV-ESXI-80-000189'\n  tag stig_id: 'ESXI-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'root' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000189.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000191",
+          "title": "The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).",
+          "desc": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.Etc.issue\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\nIf the \"Config.Etc.issue\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.Etc.issue\" value and set it to the following:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \"<Banner text above>\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-VMM-000060",
+            "gid": "V-ESXI-80-000191",
+            "rid": "SV-ESXI-80-000191",
+            "stig_id": "ESXI-80-000191",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000191' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.Etc.issue\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\n    If the \\\"Config.Etc.issue\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.Etc.issue\\\" value and set it to the following:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000191'\n  tag rid: 'SV-ESXI-80-000191'\n  tag stig_id: 'ESXI-80-000191'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000191.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000192",
+          "title": "The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.",
+          "desc": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\nExpected result:\n\nbanner /etc/issue\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, navigate to and open:\n\n/etc/ssh/sshd_config\n\nEnsure that the \"Banner\" line is uncommented and set to the following:\n\nBanner /etc/issue\n\nRestart SSH from the UI or run the following command:\n\n# /etc/init.d/SSH restart"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-VMM-000060",
+            "gid": "V-ESXI-80-000192",
+            "rid": "SV-ESXI-80-000192",
+            "stig_id": "ESXI-80-000192",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000192' do\n  title 'The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\n    Expected result:\n\n    banner /etc/issue\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, navigate to and open:\n\n    /etc/ssh/sshd_config\n\n    Ensure that the \\\"Banner\\\" line is uncommented and set to the following:\n\n    Banner /etc/issue\n\n    Restart SSH from the UI or run the following command:\n\n    # /etc/init.d/SSH restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000192'\n  tag rid: 'SV-ESXI-80-000192'\n  tag stig_id: 'ESXI-80-000192'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000192.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000193",
+          "title": "The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).",
+          "desc": "The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"SSH\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"}\n\nIf the SSH service is \"Running\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"SSH\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-VMM-000480",
+            "satisfies": [
+              "SRG-OS-000297-VMM-001040",
+              "SRG-OS-000298-VMM-001050"
+            ],
+            "gid": "V-ESXI-80-000193",
+            "rid": "SV-ESXI-80-000193",
+            "stig_id": "ESXI-80-000193",
+            "cci": [
+              "CCI-000381",
+              "CCI-002314",
+              "CCI-002322"
+            ],
+            "nist": [
+              "AC-17 (1)",
+              "AC-17 (9)",
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000193' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).'\n  desc  \"\n    The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\n    The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"SSH\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"}\n\n    If the SSH service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"SSH\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag satisfies: ['SRG-OS-000297-VMM-001040', 'SRG-OS-000298-VMM-001050']\n  tag gid: 'V-ESXI-80-000193'\n  tag rid: 'SV-ESXI-80-000193'\n  tag stig_id: 'ESXI-80-000193'\n  tag cci: ['CCI-000381', 'CCI-002314', 'CCI-002322']\n  tag nist: ['AC-17 (1)', 'AC-17 (9)', 'CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000193.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000194",
+          "title": "The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.",
+          "desc": "The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"ESXi Shell\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"}\n\nIf the ESXi Shell service is \"Running\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"ESXi Shell\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-VMM-000480",
+            "gid": "V-ESXI-80-000194",
+            "rid": "SV-ESXI-80-000194",
+            "stig_id": "ESXI-80-000194",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000194' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.'\n  desc  \"\n    The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\n    The ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"ESXi Shell\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"}\n\n    If the ESXi Shell service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"ESXi Shell\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000194'\n  tag rid: 'SV-ESXI-80-000194'\n  tag stig_id: 'ESXI-80-000194'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000194.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000195",
+          "title": "The ESXi host must automatically stop shell services after ten minutes.",
+          "desc": "When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\nIf the \"UserVars.ESXiShellTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-VMM-000700",
+            "gid": "V-ESXI-80-000195",
+            "rid": "SV-ESXI-80-000195",
+            "stig_id": "ESXI-80-000195",
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000195' do\n  title 'The ESXi host must automatically stop shell services after ten minutes.'\n  desc  'When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\n    If the \\\"UserVars.ESXiShellTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000195'\n  tag rid: 'SV-ESXI-80-000195'\n  tag stig_id: 'ESXI-80-000195'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000195.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000196",
+          "title": "The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.",
+          "desc": "When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.DcuiTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\nIf the \"UserVars.DcuiTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.DcuiTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-VMM-000700",
+            "gid": "V-ESXI-80-000196",
+            "rid": "SV-ESXI-80-000196",
+            "stig_id": "ESXI-80-000196",
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000196' do\n  title 'The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.'\n  desc  'When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.DcuiTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\n    If the \\\"UserVars.DcuiTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.DcuiTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000196'\n  tag rid: 'SV-ESXI-80-000196'\n  tag stig_id: 'ESXI-80-000196'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000196.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000198",
+          "title": "The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.",
+          "desc": "The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for management traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on any Management VMkernel adapter, this is a finding.\n\nIf the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\nIf there are any other systems or devices such as VMs on the ESXi management segment, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of the management VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the Management VMkernel and click \"Edit\". On the Port properties tab, uncheck all services except for \"Management\". Click \"OK\".\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to management traffic exclusively. Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-VMM-001700",
+            "gid": "V-ESXI-80-000198",
+            "rid": "SV-ESXI-80-000198",
+            "stig_id": "ESXI-80-000198",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'ESXI-80-000198' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.'\n  desc  \"\n    The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\n    The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for management traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on any Management VMkernel adapter, this is a finding.\n\n    If the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\n    If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the management VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the Management VMkernel and click \\\"Edit\\\". On the Port properties tab, uncheck all services except for \\\"Management\\\". Click \\\"OK\\\".\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to management traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000198'\n  tag rid: 'SV-ESXI-80-000198'\n  tag stig_id: 'ESXI-80-000198'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      vmks.split.each do |vmk|\n        # Check to see if Management and any other services are enabled on the same VMkernel adapter\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n        describe powercli_command(command2) do\n          its('stdout.strip') { should be_empty }\n        end\n        # Get Management Port Group Name\n        command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n        pgname = powercli_command(command3).stdout.strip\n        # Test standard port groups\n        command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" | Select-Object -ExpandProperty VlanId\"\n        stdpgs = powercli_command(command4).stdout.strip\n        unless stdpgs.empty?\n          describe 'Checking standand port group VLAN ID' do\n            subject { stdpgs }\n            it { should cmp \"#{input('mgtVlanId')}\" }\n          end\n        end\n        describe 'SA Interview' do\n          skip 'SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000198.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000199",
+          "title": "The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.",
+          "desc": "Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If IP-based storage is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for IP-based storage traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\nIf any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of an IP-Based VMkernel will be unique to each environment.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the VMkernel used for IP-based storage and click \"Edit\". On the \"Port\" properties tab, uncheck all services. Click \"OK\".\n\nNote: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual switches.\n\nFind the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \"Edit Settings\".\n\nOn the \"Properties\" tab, change the \"VLAN ID\" to one dedicated for IP-based storage traffic. Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-VMM-001700",
+            "gid": "V-ESXI-80-000199",
+            "rid": "SV-ESXI-80-000199",
+            "stig_id": "ESXI-80-000199",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'ESXI-80-000199' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.'\n  desc  \"\n    Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for IP-based storage traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\n    If any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-Based VMkernel will be unique to each environment.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the VMkernel used for IP-based storage and click \\\"Edit\\\". On the \\\"Port\\\" properties tab, uncheck all services. Click \\\"OK\\\".\n\n    Note: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual switches.\n\n    Find the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \\\"Edit Settings\\\".\n\n    On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to one dedicated for IP-based storage traffic. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000199'\n  tag rid: 'SV-ESXI-80-000199'\n  tag stig_id: 'ESXI-80-000199'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      # Check for iSCSI HBAs\n      commandiscsihbas = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(commandiscsihbas).stdout\n\n      # Check for vSAN VMkernels\n      commandvsanvmks = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VsanTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vsanvmks = powercli_command(commandvsanvmks).stdout\n\n      # Check for NFS Datastores\n      commandnfs = \"Get-VMHost -Name #{vmhost} | Get-Datastore | Where {$_.Type -eq 'NFS'} | Select-Object -ExpandProperty Name\"\n      nfsds = powercli_command(commandnfs).stdout\n\n      if iscsi_hbas.empty? && vsanvmks.empty? && nfsds.empty?\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not using IP-based storage, so this control is N/A.\"\n        end\n      else\n        # Do any iSCSI VMKs have any services enabled?\n        commandivmks = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.iscsi.networkportal.list.Invoke() | Select-Object -ExpandProperty Vmknic\"\n        ivmks = powercli_command(commandivmks).stdout\n        ivmks.split.each do |ivmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{ivmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Does the vSAN VMK have any other services enabled?\n        vsanvmks.split.each do |vmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Do any VMKs used for NFS storage have any services enabled?\n        unless nfsds.empty?\n          describe '' do\n            skip \"The ESXi host #{vmhost} has NFS datastores and requires manual validation.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000199.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000201",
+          "title": "The ESXi host lockdown mode exception users list must be verified.",
+          "desc": "While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", review the Exception Users list.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n$vmhost = Get-VMHost | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.QueryLockdownExceptions()\n\nIf the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\nNote: The Exception Users list is empty by default and should remain that way except under site-specific circumstances."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", click \"Edit\" and remove unnecessary users from the Exception Users list."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000201",
+            "rid": "SV-ESXI-80-000201",
+            "stig_id": "ESXI-80-000201",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000201' do\n  title 'The ESXi host lockdown mode exception users list must be verified.'\n  desc  \"\n    While a host is in lockdown mode (strict or normal), only users on the \\\"Exception Users\\\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\n    The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", review the Exception Users list.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n    $vmhost = Get-VMHost | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.QueryLockdownExceptions()\n\n    If the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\n    Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", click \\\"Edit\\\" and remove unnecessary users from the Exception Users list.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000201'\n  tag rid: 'SV-ESXI-80-000201'\n  tag stig_id: 'ESXI-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost} | Get-View; (Get-View $vmhost.ConfigManager.HostAccessManager).QueryLockdownExceptions()\"\n      results = powercli_command(command).stdout\n      if !results.empty?\n        results.split.each do |exceptionUser|\n          describe \"Exception user: #{exceptionUser} on host: #{vmhost}\" do\n            subject { exceptionUser }\n            it { should be_in \"#{input('exceptionUsers')}\" }\n          end\n        end\n      else\n        describe \"Exception users for host: #{vmhost}\" do\n          subject { results }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000201.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000202",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.",
+          "desc": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\nExpected result:\n\nhostbasedauthentication no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nHostbasedAuthentication no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000202",
+            "rid": "SV-ESXI-80-000202",
+            "stig_id": "ESXI-80-000202",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000202' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.'\n  desc  \"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \\\".rhosts\\\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\n    Expected result:\n\n    hostbasedauthentication no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    HostbasedAuthentication no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000202'\n  tag rid: 'SV-ESXI-80-000202'\n  tag stig_id: 'ESXI-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000202.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000203",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.",
+          "desc": "Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\nExpected result:\n\npermitemptypasswords no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitEmptyPasswords no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000203",
+            "rid": "SV-ESXI-80-000203",
+            "stig_id": "ESXI-80-000203",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000203' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.'\n  desc  'Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\n    Expected result:\n\n    permitemptypasswords no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000203'\n  tag rid: 'SV-ESXI-80-000203'\n  tag stig_id: 'ESXI-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000203.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000204",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.",
+          "desc": "SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\nExpected result:\n\npermituserenvironment no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitUserEnvironment no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000204",
+            "rid": "SV-ESXI-80-000204",
+            "stig_id": "ESXI-80-000204",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000204' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.'\n  desc  'SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\n    Expected result:\n\n    permituserenvironment no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitUserEnvironment no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000204'\n  tag rid: 'SV-ESXI-80-000204'\n  tag stig_id: 'ESXI-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000204.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000205",
+          "title": "The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.",
+          "desc": "If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\nExpected result:\n\nstrictmodes yes\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nStrictModes yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000205",
+            "rid": "SV-ESXI-80-000205",
+            "stig_id": "ESXI-80-000205",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000205' do\n  title 'The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.'\n  desc  'If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\n    Expected result:\n\n    strictmodes yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    StrictModes yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000205'\n  tag rid: 'SV-ESXI-80-000205'\n  tag stig_id: 'ESXI-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000205.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000206",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not allow compression.",
+          "desc": "If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\nExpected result:\n\ncompression no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCompression no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000206",
+            "rid": "SV-ESXI-80-000206",
+            "stig_id": "ESXI-80-000206",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000206' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow compression.'\n  desc  'If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\n    Expected result:\n\n    compression no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Compression no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000206'\n  tag rid: 'SV-ESXI-80-000206'\n  tag stig_id: 'ESXI-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000206.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000207",
+          "title": "The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.",
+          "desc": "SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\nExpected result:\n\ngatewayports no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nGatewayPorts no"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000207",
+            "rid": "SV-ESXI-80-000207",
+            "stig_id": "ESXI-80-000207",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000207' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.'\n  desc  'SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\n    Expected result:\n\n    gatewayports no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    GatewayPorts no\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000207'\n  tag rid: 'SV-ESXI-80-000207'\n  tag stig_id: 'ESXI-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000207.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000208",
+          "title": "The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.",
+          "desc": "X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\nExpected result:\n\nx11forwarding no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nX11Forwarding no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000208",
+            "rid": "SV-ESXI-80-000208",
+            "stig_id": "ESXI-80-000208",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000208' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.'\n  desc  'X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\n    Expected result:\n\n    x11forwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    X11Forwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000208'\n  tag rid: 'SV-ESXI-80-000208'\n  tag stig_id: 'ESXI-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000208.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000209",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not permit tunnels.",
+          "desc": "OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\nExpected result:\n\npermittunnel no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitTunnel no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000209",
+            "rid": "SV-ESXI-80-000209",
+            "stig_id": "ESXI-80-000209",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000209' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit tunnels.'\n  desc  'OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\n    Expected result:\n\n    permittunnel no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitTunnel no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000209'\n  tag rid: 'SV-ESXI-80-000209'\n  tag stig_id: 'ESXI-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000209.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000210",
+          "title": "The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.",
+          "desc": "Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\nExpected result:\n\nclientalivecountmax 3\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveCountMax 3"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000210",
+            "rid": "SV-ESXI-80-000210",
+            "stig_id": "ESXI-80-000210",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000210' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.'\n  desc  'Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\n    Expected result:\n\n    clientalivecountmax 3\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveCountMax 3\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000210'\n  tag rid: 'SV-ESXI-80-000210'\n  tag stig_id: 'ESXI-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000210.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000211",
+          "title": "The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.",
+          "desc": "Automatically logging out idle users guards against compromises via hijacked administrative sessions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Automatically logging out idle users guards against compromises via hijacked administrative sessions."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\nExpected result:\n\nclientaliveinterval 200\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveInterval 200"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000211",
+            "rid": "SV-ESXI-80-000211",
+            "stig_id": "ESXI-80-000211",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000211' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.'\n  desc  'Automatically logging out idle users guards against compromises via hijacked administrative sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\n    Expected result:\n\n    clientaliveinterval 200\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveInterval 200\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000211'\n  tag rid: 'SV-ESXI-80-000211'\n  tag stig_id: 'ESXI-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000211.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000212",
+          "title": "The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.",
+          "desc": "If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system snmp get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostSnmp | Select *\n\nIf SNMP is not in use and is enabled, this is a finding.\n\nIf SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\nNote: SNMP v3 targets can only be viewed and configured via the \"esxcli\" command."
+            },
+            {
+              "label": "fix",
+              "data": "To disable SNMP from an ESXi shell, run the following command:\n\n# esxcli system snmp set -e no\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi Host:\n\nGet-VMHostSnmp | Set-VMHostSnmp -Enabled $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000212",
+            "rid": "SV-ESXI-80-000212",
+            "stig_id": "ESXI-80-000212",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000212' do\n  title 'The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.'\n  desc  'If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system snmp get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostSnmp | Select *\n\n    If SNMP is not in use and is enabled, this is a finding.\n\n    If SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\n    Note: SNMP v3 targets can only be viewed and configured via the \\\"esxcli\\\" command.\n  \"\n  desc 'fix', \"\n    To disable SNMP from an ESXi shell, run the following command:\n\n    # esxcli system snmp set -e no\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi Host:\n\n    Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000212'\n  tag rid: 'SV-ESXI-80-000212'\n  tag stig_id: 'ESXI-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if \"#{input('snmpEnabled')}\" == 'false'\n      vmhosts.each do |vmhost|\n        command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'false' }\n        end\n      end\n    else\n      describe 'SNMP Enabled' do\n        skip 'Manually verify SNMP v3 is configured correctly and v2 is not used.'\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000212.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000213",
+          "title": "The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.",
+          "desc": "Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.ShareForceSalting\" value and verify it is set to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\nIf the \"Mem.ShareForceSalting\" setting is not set to 2, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.ShareForceSalting\" value and set it to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000213",
+            "rid": "SV-ESXI-80-000213",
+            "stig_id": "ESXI-80-000213",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000213' do\n  title 'The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.'\n  desc  \"\n    Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\n    Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.ShareForceSalting\\\" value and verify it is set to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\n    If the \\\"Mem.ShareForceSalting\\\" setting is not set to 2, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.ShareForceSalting\\\" value and set it to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000213'\n  tag rid: 'SV-ESXI-80-000213'\n  tag stig_id: 'ESXI-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '2' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000213.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000214",
+          "title": "The ESXi host must configure the firewall to block network traffic by default.",
+          "desc": "In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli network firewall get\n\nIf the \"Default Action\" does not equal \"DROP\", this is a finding.\nIf \"Enabled\" does not equal \"true\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy\n\nIf the Incoming or Outgoing policies are \"True\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli network firewall set --default-action=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000214",
+            "rid": "SV-ESXI-80-000214",
+            "stig_id": "ESXI-80-000214",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000214' do\n  title 'The ESXi host must configure the firewall to block network traffic by default.'\n  desc  'In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall get\n\n    If the \\\"Default Action\\\" does not equal \\\"DROP\\\", this is a finding.\n    If \\\"Enabled\\\" does not equal \\\"true\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy\n\n    If the Incoming or Outgoing policies are \\\"True\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall set --default-action=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000214'\n  tag rid: 'SV-ESXI-80-000214'\n  tag stig_id: 'ESXI-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostFirewallDefaultPolicy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000214.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000215",
+          "title": "The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.",
+          "desc": "BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.BlockGuestBPDU\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\nIf the \"Net.BlockGuestBPDU\" setting is not set to \"1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.BlockGuestBPDU\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000215",
+            "rid": "SV-ESXI-80-000215",
+            "stig_id": "ESXI-80-000215",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000215' do\n  title 'The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.'\n  desc  \"\n    BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\n    If a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\n    The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.BlockGuestBPDU\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\n    If the \\\"Net.BlockGuestBPDU\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.BlockGuestBPDU\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000215'\n  tag rid: 'SV-ESXI-80-000215'\n  tag stig_id: 'ESXI-80-000215'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000215.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000216",
+          "title": "The ESXi host must configure virtual switch security policies to reject forged transmits.",
+          "desc": "If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Forged transmits\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Forged Transmits\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Forged transmits\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Forged transmits\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000216",
+            "rid": "SV-ESXI-80-000216",
+            "stig_id": "ESXI-80-000216",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000216' do\n  title 'The ESXi host must configure virtual switch security policies to reject forged transmits.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This means the virtual switch does not compare the source and effective MAC addresses.\n\n    To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Forged transmits\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Forged Transmits\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000216'\n  tag rid: 'SV-ESXI-80-000216'\n  tag stig_id: 'ESXI-80-000216'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000216.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000217",
+          "title": "The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.",
+          "desc": "If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"MAC Address Changes\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"MAC Address Changes\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"MAC Address Changes\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"MAC Address Changes\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000217",
+            "rid": "SV-ESXI-80-000217",
+            "stig_id": "ESXI-80-000217",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000217' do\n  title 'The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \\\"Reject MAC Changes\\\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"MAC Address Changes\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"MAC Address Changes\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000217'\n  tag rid: 'SV-ESXI-80-000217'\n  tag stig_id: 'ESXI-80-000217'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000217.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000218",
+          "title": "The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.",
+          "desc": "When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Promiscuous Mode\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Promiscuous Mode\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Promiscuous Mode\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Promiscuous Mode\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000218",
+            "rid": "SV-ESXI-80-000218",
+            "stig_id": "ESXI-80-000218",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000218' do\n  title 'The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Promiscuous Mode\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000218'\n  tag rid: 'SV-ESXI-80-000218'\n  tag stig_id: 'ESXI-80-000218'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000218.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000219",
+          "title": "The ESXi host must restrict use of the dvFilter network application programming interface (API).",
+          "desc": "If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.DVFilterBindIpAddress\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\nIf the \"Net.DVFilterBindIpAddress\" setting is not blank and security appliances are not in use on the host, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.DVFilterBindIpAddress\" value and remove any incorrect addresses.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \"\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000219",
+            "rid": "SV-ESXI-80-000219",
+            "stig_id": "ESXI-80-000219",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000219' do\n  title 'The ESXi host must restrict use of the dvFilter network application programming interface (API).'\n  desc  \"\n    If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\n    If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\n    If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.DVFilterBindIpAddress\\\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\n    If the \\\"Net.DVFilterBindIpAddress\\\" setting is not blank and security appliances are not in use on the host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.DVFilterBindIpAddress\\\" value and remove any incorrect addresses.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \\\"\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000219'\n  tag rid: 'SV-ESXI-80-000219'\n  tag stig_id: 'ESXI-80-000219'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000219.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000220",
+          "title": "The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.",
+          "desc": "When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each standard switch, review the \"VLAN ID\" on each port group and verify it is not set to \"4095\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup | Select Name, VLanID\n\nIf any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\nClick \"Edit Settings\". On the \"Properties\" tab, change the \"VLAN ID\" to an appropriate VLAN ID. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup -Name \"portgroup name\" | Set-VirtualPortGroup -VLanId \"New VLAN#\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000220",
+            "rid": "SV-ESXI-80-000220",
+            "stig_id": "ESXI-80-000220",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000220' do\n  title 'The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.'\n  desc  \"\n    When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\n    VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each standard switch, review the \\\"VLAN ID\\\" on each port group and verify it is not set to \\\"4095\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup | Select Name, VLanID\n\n    If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\n    Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to an appropriate VLAN ID. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup -Name \\\"portgroup name\\\" | Set-VirtualPortGroup -VLanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000220'\n  tag rid: 'SV-ESXI-80-000220'\n  tag stig_id: 'ESXI-80-000220'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match '4095' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000220.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000221",
+          "title": "The ESXi host must have all security patches and updates installed.",
+          "desc": "Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Determine the current version and build:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Summary. Note the version string next to \"Hypervisor:\".\n\nor\n\nFrom a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n# vmware -v\n\nIf the ESXi host does not have the latest patches, this is a finding.\n\nIf the ESXi host is not on a supported release, this is a finding.\n\nThe latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\nVMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\nGo to: https://www.vmware.com/support/policies/security_response"
+            },
+            {
+              "label": "fix",
+              "data": "ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\nManual patching when image profiles are not used:\n\n- Download the latest \"offline bundle\" .zip update from vmware.com. Verify the hash.\n\n- Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n- Put the ESXi host into maintenance mode.\n\n- From an ESXi shell, run the following command:\n\nesxcli software vib update -d <path to offline patch bundle.zip>\n\nManual patching when image profiles are used:\n\nFrom an ESXi shell, run the following command:\n\n# esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nNote the available profiles. The organization will usually want the one ending in \"-standard\".\n\n# esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nThere will be little output during the update. Once complete, reboot the host for changes to take effect."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000221",
+            "rid": "SV-ESXI-80-000221",
+            "stig_id": "ESXI-80-000221",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000221' do\n  title 'The ESXi host must have all security patches and updates installed.'\n  desc  'Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Determine the current version and build:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Summary. Note the version string next to \\\"Hypervisor:\\\".\n\n    or\n\n    From a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n    # vmware -v\n\n    If the ESXi host does not have the latest patches, this is a finding.\n\n    If the ESXi host is not on a supported release, this is a finding.\n\n    The latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\n    VMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\n    Go to: https://www.vmware.com/support/policies/security_response\n  \"\n  desc 'fix', \"\n    ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\n    Manual patching when image profiles are not used:\n\n    - Download the latest \\\"offline bundle\\\" .zip update from vmware.com. Verify the hash.\n\n    - Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n    - Put the ESXi host into maintenance mode.\n\n    - From an ESXi shell, run the following command:\n\n    esxcli software vib update -d <path to offline patch bundle.zip>\n\n    Manual patching when image profiles are used:\n\n    From an ESXi shell, run the following command:\n\n    # esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    Note the available profiles. The organization will usually want the one ending in \\\"-standard\\\".\n\n    # esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    There will be little output during the update. Once complete, reboot the host for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000221'\n  tag rid: 'SV-ESXI-80-000221'\n  tag stig_id: 'ESXI-80-000221'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).ExtensionData.Config.Product.build\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('esxiBuildNumber')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000221.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000222",
+          "title": "The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.",
+          "desc": "Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressShellWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\nIf the \"UserVars.SuppressShellWarning\" setting is not set to \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressShellWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000222",
+            "rid": "SV-ESXI-80-000222",
+            "stig_id": "ESXI-80-000222",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000222' do\n  title 'The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.'\n  desc  'Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressShellWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\n    If the \\\"UserVars.SuppressShellWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressShellWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000222'\n  tag rid: 'SV-ESXI-80-000222'\n  tag stig_id: 'ESXI-80-000222'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000222.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000223",
+          "title": "The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.",
+          "desc": "The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressHyperthreadWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\nIf the \"UserVars.SuppressHyperthreadWarning\" setting is not set to \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressHyperthreadWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000223",
+            "rid": "SV-ESXI-80-000223",
+            "stig_id": "ESXI-80-000223",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000223' do\n  title 'The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.'\n  desc  'The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\n    If the \\\"UserVars.SuppressHyperthreadWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000223'\n  tag rid: 'SV-ESXI-80-000223'\n  tag stig_id: 'ESXI-80-000223'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000223.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000224",
+          "title": "The ESXi host must verify certificates for SSL syslog endpoints.",
+          "desc": "When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logCheckSSLCerts\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\nIf the \"Syslog.global.logCheckSSLCerts\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\nFrom the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logCheckSSLCerts\" value and configure it to \"true\".\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n# <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \"true\"\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n$arguments.filename = <path/to/cacert>\n$esxcli.system.security.certificatestore.add.Invoke($arguments)"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000224",
+            "rid": "SV-ESXI-80-000224",
+            "stig_id": "ESXI-80-000224",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000224' do\n  title 'The ESXi host must verify certificates for SSL syslog endpoints.'\n  desc  'When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\n    If the \\\"Syslog.global.logCheckSSLCerts\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and configure it to \\\"true\\\".\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n    # <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \\\"true\\\"\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n    $arguments.filename = <path/to/cacert>\n    $esxcli.system.security.certificatestore.add.Invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000224'\n  tag rid: 'SV-ESXI-80-000224'\n  tag stig_id: 'ESXI-80-000224'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Where {$_.Value -match \\\"ssl\\\"} | Select-Object -ExpandProperty Value\"\n      syslogservers = powercli_command(command).stdout\n\n      if !syslogservers.empty?\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'true' }\n        end\n      else\n        impact 0.0\n        describe '' do\n          skip 'No SSL syslog targets found, this check is not applicable.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000224.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000225",
+          "title": "The ESXi host must enable volatile key destruction.",
+          "desc": "By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.MemEagerZero\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\nIf the \"Mem.MemEagerZero\" setting is not set to \"1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.MemEagerZero\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000225",
+            "rid": "SV-ESXI-80-000225",
+            "stig_id": "ESXI-80-000225",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000225' do\n  title 'The ESXi host must enable volatile key destruction.'\n  desc  \"\n    By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\n    The NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\n    To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.MemEagerZero\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\n    If the \\\"Mem.MemEagerZero\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.MemEagerZero\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000225'\n  tag rid: 'SV-ESXI-80-000225'\n  tag stig_id: 'ESXI-80-000225'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000225.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000226",
+          "title": "The ESXi host must configure a session timeout for the vSphere API.",
+          "desc": "The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and verify it is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\nIf the \"Config.HostAgent.vmacore.soap.sessionTimeout\" setting is not set to \"30\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and configure it to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000226",
+            "rid": "SV-ESXI-80-000226",
+            "stig_id": "ESXI-80-000226",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000226' do\n  title 'The ESXi host must configure a session timeout for the vSphere API.'\n  desc  \"\n    The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\n    One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and verify it is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\n    If the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" setting is not set to \\\"30\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and configure it to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000226'\n  tag rid: 'SV-ESXI-80-000226'\n  tag stig_id: 'ESXI-80-000226'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '30' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000226.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000227",
+          "title": "The ESXi host must be configured with an appropriate maximum password age.",
+          "desc": "The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordMaxDays\" value and verify it is set to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\nIf the \"Security.PasswordMaxDays\" setting is not set to \"90\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordMaxDays\" value and configure it to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000227",
+            "rid": "SV-ESXI-80-000227",
+            "stig_id": "ESXI-80-000227",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000227' do\n  title 'The ESXi host must be configured with an appropriate maximum password age.'\n  desc  'The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordMaxDays\\\" value and verify it is set to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\n    If the \\\"Security.PasswordMaxDays\\\" setting is not set to \\\"90\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordMaxDays\\\" value and configure it to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000227'\n  tag rid: 'SV-ESXI-80-000227'\n  tag stig_id: 'ESXI-80-000227'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '90' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000227.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000228",
+          "title": "The ESXi Common Information Model (CIM) service must be disabled.",
+          "desc": "The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"CIM Server\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"}\n\nIf the \"CIM Server\" service does not have a \"Policy\" of \"off\" or is running, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"CIM Server\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000228",
+            "rid": "SV-ESXI-80-000228",
+            "stig_id": "ESXI-80-000228",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000228' do\n  title 'The ESXi Common Information Model (CIM) service must be disabled.'\n  desc  \"\n    The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\n    To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"CIM Server\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"}\n\n    If the \\\"CIM Server\\\" service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"CIM Server\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000228'\n  tag rid: 'SV-ESXI-80-000228'\n  tag stig_id: 'ESXI-80-000228'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000228.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000229",
+          "title": "The ESXi host must use DOD-approved certificates.",
+          "desc": "The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Certificate.\n\nIf the issuer is not a DOD-approved certificate authority, this is a finding.\n\nIf the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Join the ESXi host to vCenter before replacing the certificate.\n\nObtain a DOD-issued certificate and private key for the host following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\n\nKey format: PEM\nVMware supports PKCS8 and PKCS1 (RSA keys)\nx509 version 3\n\nSubjectAltName must contain DNS Name=<machine_FQDN>\n\nCRT (Base-64) format\n\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nStart time of one day before the current time\n\nCN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\nFrom the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\nSelect the \"vpxd.certmgmt.mode\" value and ensure it is set to \"custom\".\n\nPut the host into maintenance mode.\n\nTemporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n# mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n# mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\nCopy the new certificate and key to \"/etc/vmware/ssl/\" and rename them to \"rui.crt\" and \"rui.key\" respectively.\n\nRestart management agents to implement the new certificate:\n\n# services.sh restart"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000229",
+            "rid": "SV-ESXI-80-000229",
+            "stig_id": "ESXI-80-000229",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000229' do\n  title 'The ESXi host must use DOD-approved certificates.'\n  desc  \"\n    The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\n    The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Certificate.\n\n    If the issuer is not a DOD-approved certificate authority, this is a finding.\n\n    If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.\n  \"\n  desc 'fix', \"\n    Join the ESXi host to vCenter before replacing the certificate.\n\n    Obtain a DOD-issued certificate and private key for the host following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n\n    Key format: PEM\n    VMware supports PKCS8 and PKCS1 (RSA keys)\n    x509 version 3\n\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n\n    CRT (Base-64) format\n\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Start time of one day before the current time\n\n    CN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\n    From the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\n    Select the \\\"vpxd.certmgmt.mode\\\" value and ensure it is set to \\\"custom\\\".\n\n    Put the host into maintenance mode.\n\n    Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n    # mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n    # mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\n    Copy the new certificate and key to \\\"/etc/vmware/ssl/\\\" and rename them to \\\"rui.crt\\\" and \\\"rui.key\\\" respectively.\n\n    Restart management agents to implement the new certificate:\n\n    # services.sh restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000229'\n  tag rid: 'SV-ESXI-80-000229'\n  tag stig_id: 'ESXI-80-000229'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      describe ssl_certificate(host: \"#{vmhost}\", port: 443) do\n        its('issuer_organization') { should cmp 'U.S. Government' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000229.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000230",
+          "title": "The ESXi host Secure Shell (SSH) daemon must disable port forwarding.",
+          "desc": "While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\nExpected result:\n\nallowtcpforwarding no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nAllowTcpForwarding no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000230",
+            "rid": "SV-ESXI-80-000230",
+            "stig_id": "ESXI-80-000230",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000230' do\n  title 'The ESXi host Secure Shell (SSH) daemon must disable port forwarding.'\n  desc  'While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\n    Expected result:\n\n    allowtcpforwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    AllowTcpForwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000230'\n  tag rid: 'SV-ESXI-80-000230'\n  tag stig_id: 'ESXI-80-000230'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000230.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000231",
+          "title": "The ESXi host OpenSLP service must be disabled.",
+          "desc": "OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"slpd\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"}\n\nIf the slpd service does not have a \"Policy\" of \"off\" or is running, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"slpd\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000231",
+            "rid": "SV-ESXI-80-000231",
+            "stig_id": "ESXI-80-000231",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000231' do\n  title 'The ESXi host OpenSLP service must be disabled.'\n  desc  \"\n    OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\n    Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"slpd\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"}\n\n    If the slpd service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"slpd\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000231'\n  tag rid: 'SV-ESXI-80-000231'\n  tag stig_id: 'ESXI-80-000231'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000231.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000232",
+          "title": "The ESXi host must enable audit logging.",
+          "desc": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\nIf the \"Syslog.global.auditRecord.storageEnable\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \"true\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000232",
+            "rid": "SV-ESXI-80-000232",
+            "stig_id": "ESXI-80-000232",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000232' do\n  title 'The ESXi host must enable audit logging.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\n    If the \\\"Syslog.global.auditRecord.storageEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000232'\n  tag rid: 'SV-ESXI-80-000232'\n  tag stig_id: 'ESXI-80-000232'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000232.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000233",
+          "title": "The ESXi host must off-load audit records via syslog.",
+          "desc": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.remoteEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\nIf the \"Syslog.global.auditRecord.remoteEnable\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.remoteEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \"true\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-VMM-001230",
+            "gid": "V-ESXI-80-000233",
+            "rid": "SV-ESXI-80-000233",
+            "stig_id": "ESXI-80-000233",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'ESXI-80-000233' do\n  title 'The ESXi host must off-load audit records via syslog.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\n    If the \\\"Syslog.global.auditRecord.remoteEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag gid: 'V-ESXI-80-000233'\n  tag rid: 'SV-ESXI-80-000233'\n  tag stig_id: 'ESXI-80-000233'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000233.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000234",
+          "title": "The ESXi host must enable strict x509 verification for SSL syslog endpoints.",
+          "desc": "When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.certificate.strictX509Compliance\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\nIf the \"Syslog.global.certificate.strictX509Compliance\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.certificate.strictX509Compliance\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \"true\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000234",
+            "rid": "SV-ESXI-80-000234",
+            "stig_id": "ESXI-80-000234",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000234' do\n  title 'The ESXi host must enable strict x509 verification for SSL syslog endpoints.'\n  desc  \"\n    When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \\\"x509-strict\\\" option performs additional validity checks on CA root certificates during verification.\n\n    These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\n    If the \\\"Syslog.global.certificate.strictX509Compliance\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000234'\n  tag rid: 'SV-ESXI-80-000234'\n  tag stig_id: 'ESXI-80-000234'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000234.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000235",
+          "title": "The ESXi host must forward audit records containing information to establish what type of events occurred.",
+          "desc": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logLevel\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\nIf the \"Syslog.global.logLevel\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logLevel\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \"info\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000037-VMM-000150",
+            "gid": "V-ESXI-80-000235",
+            "rid": "SV-ESXI-80-000235",
+            "stig_id": "ESXI-80-000235",
+            "cci": [
+              "CCI-000130"
+            ],
+            "nist": [
+              "AU-3"
+            ]
+          },
+          "code": "control 'ESXI-80-000235' do\n  title 'The ESXi host must forward audit records containing information to establish what type of events occurred.'\n  desc  \"\n    Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logLevel\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\n    If the \\\"Syslog.global.logLevel\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logLevel\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag gid: 'V-ESXI-80-000235'\n  tag rid: 'SV-ESXI-80-000235'\n  tag stig_id: 'ESXI-80-000235'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000235.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000236",
+          "title": "The ESXi host must not be configured to override virtual machine (VM) configurations.",
+          "desc": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# stat -c \"%s\" /etc/vmware/settings\n\nExpected result:\n\n0\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# echo -n >/etc/vmware/settings"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000236",
+            "rid": "SV-ESXI-80-000236",
+            "stig_id": "ESXI-80-000236",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000236' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) configurations.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # stat -c \\\"%s\\\" /etc/vmware/settings\n\n    Expected result:\n\n    0\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # echo -n >/etc/vmware/settings\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000236'\n  tag rid: 'SV-ESXI-80-000236'\n  tag stig_id: 'ESXI-80-000236'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000236.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000237",
+          "title": "The ESXi host must not be configured to override virtual machine (VM) logger settings.",
+          "desc": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# grep \"^vmx\\.log\" /etc/vmware/config\n\nIf the command produces any output, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following commands:\n\n# cp /etc/vmware/config /etc/vmware/config.bak\n# grep -v \"^vmx\\.log\" /etc/vmware/config.bak>/etc/vmware/config"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000237",
+            "rid": "SV-ESXI-80-000237",
+            "stig_id": "ESXI-80-000237",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000237' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) logger settings.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # grep \\\"^vmx\\\\.log\\\" /etc/vmware/config\n\n    If the command produces any output, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # cp /etc/vmware/config /etc/vmware/config.bak\n    # grep -v \\\"^vmx\\\\.log\\\" /etc/vmware/config.bak>/etc/vmware/config\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000237'\n  tag rid: 'SV-ESXI-80-000237'\n  tag stig_id: 'ESXI-80-000237'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000237.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000238",
+          "title": "The ESXi host must require TPM-based configuration encryption.",
+          "desc": "An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select Mode\n\nExpected result:\n\nMode: TPM\n\nIf the \"Mode\" is not set to \"TPM\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\nThis setting cannot be configured until the TPM is properly enabled in firmware.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption set --mode=TPM\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.mode = \"TPM\"\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000238",
+            "rid": "SV-ESXI-80-000238",
+            "stig_id": "ESXI-80-000238",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000238' do\n  title 'The ESXi host must require TPM-based configuration encryption.'\n  desc  \"\n    An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\n    A cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\n    Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \\\"seal\\\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\n    Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select Mode\n\n    Expected result:\n\n    Mode: TPM\n\n    If the \\\"Mode\\\" is not set to \\\"TPM\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\n    This setting cannot be configured until the TPM is properly enabled in firmware.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption set --mode=TPM\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.mode = \\\"TPM\\\"\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000238'\n  tag rid: 'SV-ESXI-80-000238'\n  tag stig_id: 'ESXI-80-000238'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'TPM' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000238.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000239",
+          "title": "The ESXi host must configure the firewall to restrict access to services running on the host.",
+          "desc": "Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nUnder the \"Allowed IP addresses\" column, review the allowed IPs for each service.\n\nCheck this for \"Incoming\" and \"Outgoing\" sections.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\"AllIPEnabled\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\nIf for an enabled service \"Allow connections from any IP address\" is selected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nClick \"Edit...\". For each enabled service, uncheck the check box to \"Allow connections from any IP address\" and input the site-specific network(s) required.\n\nThe following example formats are acceptable:\n\n192.168.0.0/24\n192.168.1.2, 2001::1/64\nfd3e:29a6:0a81:e478::/64\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n#This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n$arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.allowedall = $false\n$esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n#Next add the allowed IPs for the service. Note doing the \"vSphere Web Client\" service this way may disable access but may be done through vCenter or through the console.\n$arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.ipaddress = \"10.0.0.0/8\"\n$esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\nThis must be done for each enabled service."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000239",
+            "rid": "SV-ESXI-80-000239",
+            "stig_id": "ESXI-80-000239",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000239' do\n  title 'The ESXi host must configure the firewall to restrict access to services running on the host.'\n  desc  'Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Under the \\\"Allowed IP addresses\\\" column, review the allowed IPs for each service.\n\n    Check this for \\\"Incoming\\\" and \\\"Outgoing\\\" sections.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\\\"AllIPEnabled\\\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\n    If for an enabled service \\\"Allow connections from any IP address\\\" is selected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Click \\\"Edit...\\\". For each enabled service, uncheck the check box to \\\"Allow connections from any IP address\\\" and input the site-specific network(s) required.\n\n    The following example formats are acceptable:\n\n    192.168.0.0/24\n    192.168.1.2, 2001::1/64\n    fd3e:29a6:0a81:e478::/64\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    #This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n    $arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.allowedall = $false\n    $esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n    #Next add the allowed IPs for the service. Note doing the \\\"vSphere Web Client\\\" service this way may disable access but may be done through vCenter or through the console.\n    $arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.ipaddress = \\\"10.0.0.0/8\\\"\n    $esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\n    This must be done for each enabled service.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000239'\n  tag rid: 'SV-ESXI-80-000239'\n  tag stig_id: 'ESXI-80-000239'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost} | Get-VMHostFirewallException | Where {$_.Enabled -eq $true}).ExtensionData.AllowedHosts.AllIP\"\n      powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n        describe result do\n          it { should_not cmp 'True' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000239.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000240",
+          "title": "The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.",
+          "desc": "If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nIf the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\nIf the method used to join hosts to a domain is not set to \"Use vSphere Authentication Proxy to add the host to domain\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to vCenter, run the following command:\n\nGet-VMHost | Select Name, ` @{N=\"HostProfile\";E={$_ | Get-VMHostProfile}}, ` @{N=\"JoinADEnabled\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\"JoinDomainMethod\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \"JoinDomainMethodPolicy\"}).Policyoption.Id}}\n\nIf \"JoinADEnabled\" is \"True\" and \"JoinDomainMethod\" is not \"FixedCAMConfigOption\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\nClick \"Edit Host Profile...\". Set the \"Join Domain Method\" to \"Use vSphere Authentication Proxy to add the host to domain\" and provide the IP address of the vSphere Authentication Proxy server.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000240",
+            "rid": "SV-ESXI-80-000240",
+            "stig_id": "ESXI-80-000240",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000240' do\n  title 'The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.'\n  desc  \"\n    If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\n    To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    If the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\n    If the method used to join hosts to a domain is not set to \\\"Use vSphere Authentication Proxy to add the host to domain\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to vCenter, run the following command:\n\n    Get-VMHost | Select Name, ` @{N=\\\"HostProfile\\\";E={$_ | Get-VMHostProfile}}, ` @{N=\\\"JoinADEnabled\\\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\\\"JoinDomainMethod\\\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \\\"JoinDomainMethodPolicy\\\"}).Policyoption.Id}}\n\n    If \\\"JoinADEnabled\\\" is \\\"True\\\" and \\\"JoinDomainMethod\\\" is not \\\"FixedCAMConfigOption\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\n    Click \\\"Edit Host Profile...\\\". Set the \\\"Join Domain Method\\\" to \\\"Use vSphere Authentication Proxy to add the host to domain\\\" and provide the IP address of the vSphere Authentication Proxy server.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000240'\n  tag rid: 'SV-ESXI-80-000240'\n  tag stig_id: 'ESXI-80-000240'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    setimpact = true\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostProfile\"\n      hostprofile = powercli_command(command).stdout\n\n      if hostprofile.empty?\n        describe \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\" do\n          skip \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\"\n        end\n      else\n        command1 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled\"\n        adEnabled = powercli_command(command1).stdout.strip\n\n        if adEnabled.match?('True')\n          command2 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select-Object -ExpandProperty Policy | Where {$_.Id -eq 'JoinDomainMethodPolicy'} | Select-Object -ExpandProperty PolicyOption | Select-Object -ExpandProperty Id\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should cmp 'FixedCAMConfigOption' }\n          end\n          setimpact = false\n        else\n          describe \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\" do\n            skip \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No ESXi hosts found. Review inputs provided for errors and rerun profile.' do\n      skip 'No ESXi hosts found. Review inputs provided for errors and rerun profile.'\n    end\n    setimpact = false\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000240.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000241",
+          "title": "The ESXi host must not use the default Active Directory ESX Admin group.",
+          "desc": "When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For systems that do not use Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" value and verify it is not set to \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\nIf the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" setting is set to \"ESX Admins\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" key and configure its value to an appropriate Active Directory group other than \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \"<site specific AD group>\"\n\nNote: Changing the group name does not remove the permissions of the previous group."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000241",
+            "rid": "SV-ESXI-80-000241",
+            "stig_id": "ESXI-80-000241",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000241' do\n  title 'The ESXi host must not use the default Active Directory ESX Admin group.'\n  desc  \"\n    When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \\\"ESX Admins\\\" will have full administrative access to the host.\n\n    If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" value and verify it is not set to \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\n    If the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" setting is set to \\\"ESX Admins\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" key and configure its value to an appropriate Active Directory group other than \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \\\"<site specific AD group>\\\"\n\n    Note: Changing the group name does not remove the permissions of the previous group.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000241'\n  tag rid: 'SV-ESXI-80-000241'\n  tag stig_id: 'ESXI-80-000241'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n      domainstatus = powercli_command(command).stdout\n      if domainstatus.empty?\n        impact 0.0\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not joined to AD, so this control is not applicable.\"\n        end\n      else\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should_not cmp 'ESX Admins' }\n          its('stdout.strip') { should cmp \"#{input('adAdminGroup')}\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000241.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000243",
+          "title": "The ESXi host must configure a persistent log location for all locally stored logs.",
+          "desc": "ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logDir\" value and verify it is set to a persistent location.\n\nIf the value of the setting is \"[] /scratch/logs\", verify the advanced setting \"ScratchConfig.CurrentScratchLocation\" is not set to \"/tmp/scratch\". This is a nonpersistent location.\n\nIf \"Syslog.global.logDir\" is not configured to a persistent location, this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\nIf the \"LocalLogOutputIsPersistent\" value is not true, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logDir\" value and set it to a known persistent location.\n\nAn example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n/vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \"New Log Location\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000341-VMM-001220",
+            "gid": "V-ESXI-80-000243",
+            "rid": "SV-ESXI-80-000243",
+            "stig_id": "ESXI-80-000243",
+            "cci": [
+              "CCI-001849"
+            ],
+            "nist": [
+              "AU-4"
+            ]
+          },
+          "code": "control 'ESXI-80-000243' do\n  title 'The ESXi host must configure a persistent log location for all locally stored logs.'\n  desc  \"\n    ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \\\"/scratch\\\" directory is linked to \\\"/tmp/scratch\\\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\n    This presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\n    Note: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\n    If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logDir\\\" value and verify it is set to a persistent location.\n\n    If the value of the setting is \\\"[] /scratch/logs\\\", verify the advanced setting \\\"ScratchConfig.CurrentScratchLocation\\\" is not set to \\\"/tmp/scratch\\\". This is a nonpersistent location.\n\n    If \\\"Syslog.global.logDir\\\" is not configured to a persistent location, this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\n    If the \\\"LocalLogOutputIsPersistent\\\" value is not true, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logDir\\\" value and set it to a known persistent location.\n\n    An example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n    /vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \\\"New Log Location\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000243'\n  tag rid: 'SV-ESXI-80-000243'\n  tag stig_id: 'ESXI-80-000243'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000243.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000244",
+          "title": "The ESXi host must enforce the exclusive running of executables from approved VIBs.",
+          "desc": "The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"VMkernel.Boot.execInstalledOnly\" value and verify that it is \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\nIf the \"VMkernel.Boot.execInstalledOnly\" setting is not \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"VMkernel.Boot.execInstalledOnly\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000244",
+            "rid": "SV-ESXI-80-000244",
+            "stig_id": "ESXI-80-000244",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000244' do\n  title 'The ESXi host must enforce the exclusive running of executables from approved VIBs.'\n  desc  'The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and verify that it is \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\n    If the \\\"VMkernel.Boot.execInstalledOnly\\\" setting is not \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000244'\n  tag rid: 'SV-ESXI-80-000244'\n  tag stig_id: 'ESXI-80-000244'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000244.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000245",
+          "title": "The ESXi host must use sufficient entropy for cryptographic operations.",
+          "desc": "Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel list -o disableHwrng\n# esxcli system settings kernel list -o entropySources\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \"disableHwrng\" -or $_.Name -eq \"entropySources\"}\n\nIf \"disableHwrng\" is not set to \"false\", this is a finding.\nIf \"entropySources\" is not set to \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel set -s disableHwrng -v FALSE\n# esxcli system settings kernel set -s entropySources -v 0\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n$arguments.setting = \"disableHwrng\"\n$arguments.value = \"FALSE\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n$arguments.setting = \"entropySources\"\n$arguments.value = \"0\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n\nReboot the ESXi host after updating entropy settings."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000245",
+            "rid": "SV-ESXI-80-000245",
+            "stig_id": "ESXI-80-000245",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000245' do\n  title 'The ESXi host must use sufficient entropy for cryptographic operations.'\n  desc  \"\n    Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\n    In computing, the term \\\"entropy\\\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\n    FIPS entropy handling is the default behavior if the following conditions are true:\n\n    -The hardware supports RDSEED.\n    -The disableHwrng VMkernel boot option isn't present or is FALSE.\n    -The entropySources VMkernel boot option isn't present or is 0 (zero).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel list -o disableHwrng\n    # esxcli system settings kernel list -o entropySources\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \\\"disableHwrng\\\" -or $_.Name -eq \\\"entropySources\\\"}\n\n    If \\\"disableHwrng\\\" is not set to \\\"false\\\", this is a finding.\n    If \\\"entropySources\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel set -s disableHwrng -v FALSE\n    # esxcli system settings kernel set -s entropySources -v 0\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n    $arguments.setting = \\\"disableHwrng\\\"\n    $arguments.value = \\\"FALSE\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n    $arguments.setting = \\\"entropySources\\\"\n    $arguments.value = \\\"0\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n\n    Reboot the ESXi host after updating entropy settings.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000245'\n  tag rid: 'SV-ESXI-80-000245'\n  tag stig_id: 'ESXI-80-000245'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'FALSE' }\n      end\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000245.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "ESXI-80-000246",
+          "title": "The ESXi host must not enable log filtering.",
+          "desc": "The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.logfilter.get.invoke()\n\nIf \"LogFilteringEnabled\" is not set to \"false\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter set --log-filtering-enabled=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n$arguments.logfilteringenabled = $false\n$esxcli.system.syslog.config.logfilter.set.invoke($arguments)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000246",
+            "rid": "SV-ESXI-80-000246",
+            "stig_id": "ESXI-80-000246",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000246' do\n  title 'The ESXi host must not enable log filtering.'\n  desc  \"\n    The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\n    Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.logfilter.get.invoke()\n\n    If \\\"LogFilteringEnabled\\\" is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter set --log-filtering-enabled=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n    $arguments.logfilteringenabled = $false\n    $esxcli.system.syslog.config.logfilter.set.invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000246'\n  tag rid: 'SV-ESXI-80-000246'\n  tag stig_id: 'ESXI-80-000246'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000246.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000189",
+          "title": "Virtual machines (VMs) must have copy operations disabled.",
+          "desc": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.copy.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.copy.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000189",
+            "rid": "SV-VMCH-80-000189",
+            "stig_id": "VMCH-80-000189",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000189' do\n  title 'Virtual machines (VMs) must have copy operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.copy.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.copy.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000189'\n  tag rid: 'SV-VMCH-80-000189'\n  tag stig_id: 'VMCH-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.copy.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000189.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000191",
+          "title": "Virtual machines (VMs) must have drag and drop operations disabled.",
+          "desc": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.dnd.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.dnd.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000191",
+            "rid": "SV-VMCH-80-000191",
+            "stig_id": "VMCH-80-000191",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000191' do\n  title 'Virtual machines (VMs) must have drag and drop operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.dnd.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.dnd.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000191'\n  tag rid: 'SV-VMCH-80-000191'\n  tag stig_id: 'VMCH-80-000191'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000191.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000192",
+          "title": "Virtual machines (VMs) must have paste operations disabled.",
+          "desc": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.paste.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.paste.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000192",
+            "rid": "SV-VMCH-80-000192",
+            "stig_id": "VMCH-80-000192",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000192' do\n  title 'Virtual machines (VMs) must have paste operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.paste.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.paste.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000192'\n  tag rid: 'SV-VMCH-80-000192'\n  tag stig_id: 'VMCH-80-000192'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.paste.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000192.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000193",
+          "title": "Virtual machines (VMs) must have virtual disk shrinking disabled.",
+          "desc": "Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskShrink.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskShrink.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000193",
+            "rid": "SV-VMCH-80-000193",
+            "stig_id": "VMCH-80-000193",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000193' do\n  title 'Virtual machines (VMs) must have virtual disk shrinking disabled.'\n  desc  \"\n    Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskShrink.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskShrink.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000193'\n  tag rid: 'SV-VMCH-80-000193'\n  tag stig_id: 'VMCH-80-000193'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000193.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000194",
+          "title": "Virtual machines (VMs) must have virtual disk wiping disabled.",
+          "desc": "Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskWiper.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskWiper.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000194",
+            "rid": "SV-VMCH-80-000194",
+            "stig_id": "VMCH-80-000194",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000194' do\n  title 'Virtual machines (VMs) must have virtual disk wiping disabled.'\n  desc  \"\n    Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskWiper.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskWiper.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000194'\n  tag rid: 'SV-VMCH-80-000194'\n  tag stig_id: 'VMCH-80-000194'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000194.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000195",
+          "title": "Virtual machines (VMs) must limit console sharing.",
+          "desc": "By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"RemoteDisplay.maxConnections\" value is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\nIf the virtual machine advanced setting \"RemoteDisplay.maxConnections\" does not exist or is not set to \"1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"RemoteDisplay.maxConnections\" value and set it to \"1\".\n\nIf the setting does not exist, add the Name and Value setting at the bottom of screen.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000195",
+            "rid": "SV-VMCH-80-000195",
+            "stig_id": "VMCH-80-000195",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000195' do\n  title 'Virtual machines (VMs) must limit console sharing.'\n  desc  \"\n    By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\n    Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"RemoteDisplay.maxConnections\\\" value is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\n    If the virtual machine advanced setting \\\"RemoteDisplay.maxConnections\\\" does not exist or is not set to \\\"1\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"RemoteDisplay.maxConnections\\\" value and set it to \\\"1\\\".\n\n    If the setting does not exist, add the Name and Value setting at the bottom of screen.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000195'\n  tag rid: 'SV-VMCH-80-000195'\n  tag stig_id: 'VMCH-80-000195'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp '1' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000195.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000196",
+          "title": "Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.",
+          "desc": "The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.setinfo.sizeLimit\" value is set to \"1048576\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" is not set to \"1048576\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.setinfo.sizeLimit\" value and set it to \"1048576\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000196",
+            "rid": "SV-VMCH-80-000196",
+            "stig_id": "VMCH-80-000196",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000196' do\n  title 'Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.'\n  desc  \"\n    The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\n    The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.setinfo.sizeLimit\\\" value is set to \\\"1048576\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" is not set to \\\"1048576\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.setinfo.sizeLimit\\\" value and set it to \\\"1048576\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000196'\n  tag rid: 'SV-VMCH-80-000196'\n  tag stig_id: 'VMCH-80-000196'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '1048576' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000196.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000197",
+          "title": "Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.",
+          "desc": "In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.device.connectable.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.device.connectable.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000197",
+            "rid": "SV-VMCH-80-000197",
+            "stig_id": "VMCH-80-000197",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000197' do\n  title 'Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.'\n  desc  \"\n    In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\n    By default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n    1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n    2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n    3. Modify settings on a device.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.device.connectable.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.device.connectable.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000197'\n  tag rid: 'SV-VMCH-80-000197'\n  tag stig_id: 'VMCH-80-000197'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.device.connectable.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000197.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000198",
+          "title": "Virtual machines (VMs) must not be able to obtain host information from the hypervisor.",
+          "desc": "If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.guestlib.enableHostInfo\" value is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.guestlib.enableHostInfo\" value and set it to \"false\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000198",
+            "rid": "SV-VMCH-80-000198",
+            "stig_id": "VMCH-80-000198",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000198' do\n  title 'Virtual machines (VMs) must not be able to obtain host information from the hypervisor.'\n  desc  'If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.guestlib.enableHostInfo\\\" value is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.guestlib.enableHostInfo\\\" value and set it to \\\"false\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000198'\n  tag rid: 'SV-VMCH-80-000198'\n  tag stig_id: 'VMCH-80-000198'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000198.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000199",
+          "title": "Virtual machines (VMs) must have shared salt values disabled.",
+          "desc": "When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"sched.mem.pshare.salt\" setting does not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\nIf the virtual machine advanced setting \"sched.mem.pshare.salt\" exists, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nDelete the \"sched.mem.pshare.salt\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000199",
+            "rid": "SV-VMCH-80-000199",
+            "stig_id": "VMCH-80-000199",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000199' do\n  title 'Virtual machines (VMs) must have shared salt values disabled.'\n  desc  \"\n    When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \\\"sched.mem.pshare.salt\\\".\n\n    If this option is not present in the virtual machine's advanced settings, the value of the \\\"vc.uuid\\\" option is taken as the default value. Because the \\\"vc.uuid\\\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"sched.mem.pshare.salt\\\" setting does not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\n    If the virtual machine advanced setting \\\"sched.mem.pshare.salt\\\" exists, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Delete the \\\"sched.mem.pshare.salt\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000199'\n  tag rid: 'SV-VMCH-80-000199'\n  tag stig_id: 'VMCH-80-000199'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name sched.mem.pshare.salt | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000199.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000200",
+          "title": "Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).",
+          "desc": "An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the settings with the format \"ethernet*.filter*.name\" do not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name \"ethernet*.filter*.name*\"\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and dvfilters are not in use, this is a finding.\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and the value is not valid, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nLook for settings with the format \"ethernet*.filter*.name\".\n\nEnsure only required VMs use this setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\nNote: Change the X and Y values to match the specific setting in the organization's environment.\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000200",
+            "rid": "SV-VMCH-80-000200",
+            "stig_id": "VMCH-80-000200",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000200' do\n  title 'Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).'\n  desc  'An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the settings with the format \\\"ethernet*.filter*.name\\\" do not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name \\\"ethernet*.filter*.name*\\\"\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and dvfilters are not in use, this is a finding.\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and the value is not valid, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Look for settings with the format \\\"ethernet*.filter*.name\\\".\n\n    Ensure only required VMs use this setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\n    Note: Change the X and Y values to match the specific setting in the organization's environment.\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000200'\n  tag rid: 'SV-VMCH-80-000200'\n  tag stig_id: 'VMCH-80-000200'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name ethernet*.filter* | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000200.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000201",
+          "title": "Virtual machines (VMs) must be configured to lock when the last console connection is closed.",
+          "desc": "When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nVerify the option \"Lock the guest operating system when the last remote user disconnects\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nCheck the box next to \"Lock the guest operating system when the last remote user disconnects\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000201",
+            "rid": "SV-VMCH-80-000201",
+            "stig_id": "VMCH-80-000201",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000201' do\n  title 'Virtual machines (VMs) must be configured to lock when the last console connection is closed.'\n  desc  'When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Verify the option \\\"Lock the guest operating system when the last remote user disconnects\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Check the box next to \\\"Lock the guest operating system when the last remote user disconnects\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000201'\n  tag rid: 'SV-VMCH-80-000201'\n  tag stig_id: 'VMCH-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000201.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000202",
+          "title": "Virtual machines (VMs) must disable 3D features when not required.",
+          "desc": "For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and verify the \"Enable 3D Support\" checkbox is unchecked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d\n\nIf the virtual machine advanced setting \"mks.enable3d\" exists and is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"mks.enable3d\" does not exist, this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and uncheck the \"Enable 3D Support\" checkbox.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \"false\"\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000202",
+            "rid": "SV-VMCH-80-000202",
+            "stig_id": "VMCH-80-000202",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000202' do\n  title 'Virtual machines (VMs) must disable 3D features when not required.'\n  desc  'For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and verify the \\\"Enable 3D Support\\\" checkbox is unchecked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" exists and is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" does not exist, this is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and uncheck the \\\"Enable 3D Support\\\" checkbox.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \\\"false\\\"\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000202'\n  tag rid: 'SV-VMCH-80-000202'\n  tag stig_id: 'VMCH-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name mks.enable3d | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000202.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000203",
+          "title": "Virtual machines (VMs) must enable encryption for vMotion.",
+          "desc": "vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\".",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\"."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \"disabled\")}\n\nIf the \"Encrypted vMotion\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted vMotion\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n$spec.MigrateEncryption = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000203",
+            "rid": "SV-VMCH-80-000203",
+            "stig_id": "VMCH-80-000203",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000203' do\n  title 'Virtual machines (VMs) must enable encryption for vMotion.'\n  desc  \"\n    vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\n    vSphere enables encrypted vMotion by default as \\\"Opportunistic\\\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\n    For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \\\"Required\\\", vMotions to unsupported hosts will fail. This must be set to \\\"Opportunistic\\\" or \\\"Required\\\".\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \\\"disabled\\\")}\n\n    If the \\\"Encrypted vMotion\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted vMotion\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n    $spec.MigrateEncryption = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000203'\n  tag rid: 'SV-VMCH-80-000203'\n  tag stig_id: 'VMCH-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['opportunistic', 'required']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.MigrateEncryption\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000203.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000204",
+          "title": "Virtual machines (VMs) must enable encryption for Fault Tolerance.",
+          "desc": "Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionOpportunistic\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionRequired\")}\n\nIf the \"Encrypted FT\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted FT\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n$spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000204",
+            "rid": "SV-VMCH-80-000204",
+            "stig_id": "VMCH-80-000204",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000204' do\n  title 'Virtual machines (VMs) must enable encryption for Fault Tolerance.'\n  desc  \"\n    Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\n    vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\n    When Fault Tolerance is turned on, FT encryption is set to \\\"Opportunistic\\\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionOpportunistic\\\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionRequired\\\")}\n\n    If the \\\"Encrypted FT\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted FT\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n    $spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000204'\n  tag rid: 'SV-VMCH-80-000204'\n  tag stig_id: 'VMCH-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['ftEncryptionOpportunistic', 'ftEncryptionRequired']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.FtEncryptionMode\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000204.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000205",
+          "title": "Virtual machines (VMs) must configure log size.",
+          "desc": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.rotateSize\" value is set to \"2048000\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize\n\nIf the virtual machine advanced setting \"log.rotateSize\" is not set to \"2048000\", this is a finding.\n\nIf the virtual machine advanced setting \"log.rotateSize\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.rotateSize\" value and set it to \"2048000\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000205",
+            "rid": "SV-VMCH-80-000205",
+            "stig_id": "VMCH-80-000205",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000205' do\n  title 'Virtual machines (VMs) must configure log size.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.rotateSize\\\" value is set to \\\"2048000\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" is not set to \\\"2048000\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.rotateSize\\\" value and set it to \\\"2048000\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000205'\n  tag rid: 'SV-VMCH-80-000205'\n  tag stig_id: 'VMCH-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.rotateSize | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '2048000' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000205.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000206",
+          "title": "Virtual machines (VMs) must configure log retention.",
+          "desc": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.keepOld\" value is set to \"10\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld\n\nIf the virtual machine advanced setting \"log.keepOld\" is not set to \"10\", this is a finding.\n\nIf the virtual machine advanced setting \"log.keepOld\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.keepOld\" value and set it to \"10\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000206",
+            "rid": "SV-VMCH-80-000206",
+            "stig_id": "VMCH-80-000206",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000206' do\n  title 'Virtual machines (VMs) must configure log retention.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.keepOld\\\" value is set to \\\"10\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" is not set to \\\"10\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.keepOld\\\" value and set it to \\\"10\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000206'\n  tag rid: 'SV-VMCH-80-000206'\n  tag stig_id: 'VMCH-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.keepOld | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '10' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000206.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000207",
+          "title": "Virtual machines (VMs) must enable logging.",
+          "desc": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nEnsure that the checkbox next to \"Enable logging\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \"True\"}\n\nIf logging is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nClick the checkbox next to \"Enable logging\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n$spec.Flags.enableLogging = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000207",
+            "rid": "SV-VMCH-80-000207",
+            "stig_id": "VMCH-80-000207",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000207' do\n  title 'Virtual machines (VMs) must enable logging.'\n  desc  'The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Ensure that the checkbox next to \\\"Enable logging\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \\\"True\\\"}\n\n    If logging is not enabled, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Click the checkbox next to \\\"Enable logging\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n    $spec.Flags.enableLogging = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000207'\n  tag rid: 'SV-VMCH-80-000207'\n  tag stig_id: 'VMCH-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Flags.EnableLogging\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000207.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000208",
+          "title": "Virtual machines (VMs) must not use independent, non-persistent disks.",
+          "desc": "The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\nIf the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the target hard disk and change the mode to persistent or uncheck Independent.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\nor\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence Persistent"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000208",
+            "rid": "SV-VMCH-80-000208",
+            "stig_id": "VMCH-80-000208",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000208' do\n  title 'Virtual machines (VMs) must not use independent, non-persistent disks.'\n  desc  \"\n    The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\n    There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\n    If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the target hard disk and change the mode to persistent or uncheck Independent.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\n    or\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence Persistent\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000208'\n  tag rid: 'SV-VMCH-80-000208'\n  tag stig_id: 'VMCH-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-HardDisk | Select-Object -ExpandProperty Persistence\"\n      results = powercli_command(command)\n      results.stdout.split.each do |disk|\n        describe \"Checking the VM: #{vm} for Non-Persistent Hard Disks\" do\n          subject { disk }\n          it { should_not cmp 'IndependentNonPersistent' }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000208.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000209",
+          "title": "Virtual machines (VMs) must remove unneeded floppy devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\nIf a virtual machine has a floppy drive connected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a floppy drive.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-FloppyDrive | Remove-FloppyDrive"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000209",
+            "rid": "SV-VMCH-80-000209",
+            "stig_id": "VMCH-80-000209",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000209' do\n  title 'Virtual machines (VMs) must remove unneeded floppy devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\n    If a virtual machine has a floppy drive connected, this is a finding.\n  \"\n  desc 'fix', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a floppy drive.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-FloppyDrive | Remove-FloppyDrive\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000209'\n  tag rid: 'SV-VMCH-80-000209'\n  tag stig_id: 'VMCH-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-FloppyDrive\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for Floppy drives\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000209.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000210",
+          "title": "Virtual machines (VMs) must remove unneeded CD/DVD devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no CD/DVD drives are connected.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\nIf a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the CD/DVD drive and uncheck \"Connected\" and \"Connect at power on\" and remove any attached ISOs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-CDDrive | Set-CDDrive -NoMedia"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000210",
+            "rid": "SV-VMCH-80-000210",
+            "stig_id": "VMCH-80-000210",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000210' do\n  title 'Virtual machines (VMs) must remove unneeded CD/DVD devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no CD/DVD drives are connected.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\n    If a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the CD/DVD drive and uncheck \\\"Connected\\\" and \\\"Connect at power on\\\" and remove any attached ISOs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-CDDrive | Set-CDDrive -NoMedia\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000210'\n  tag rid: 'SV-VMCH-80-000210'\n  tag stig_id: 'VMCH-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}' | Get-CDDrive).ExtensionData.connectable.connected\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000210.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000211",
+          "title": "Virtual machines (VMs) must remove unneeded parallel devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"parallel\"}\n\nIf a virtual machine has a parallel device present, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a parallel device.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \"Parallel\"}\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n$spec.DeviceChange[-1].device = $pport\n$spec.DeviceChange[-1].operation = \"remove\"\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000211",
+            "rid": "SV-VMCH-80-000211",
+            "stig_id": "VMCH-80-000211",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000211' do\n  title 'Virtual machines (VMs) must remove unneeded parallel devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"parallel\\\"}\n\n    If a virtual machine has a parallel device present, this is a finding.\n  \"\n  desc 'fix', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a parallel device.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \\\"Parallel\\\"}\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n    $spec.DeviceChange[-1].device = $pport\n    $spec.DeviceChange[-1].operation = \\\"remove\\\"\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000211'\n  tag rid: 'SV-VMCH-80-000211'\n  tag stig_id: 'VMCH-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for parallel devices\" do\n        subject { result }\n        it { should_not match 'Parallel' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000211.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000212",
+          "title": "Virtual machines (VMs) must remove unneeded serial devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no serial devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"serial\"}\n\nIf a virtual machine has a serial device present, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "The VM must be powered off to remove a serial device.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the serial device, click the circled \"X\" to remove it, and click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000212",
+            "rid": "SV-VMCH-80-000212",
+            "stig_id": "VMCH-80-000212",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000212' do\n  title 'Virtual machines (VMs) must remove unneeded serial devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no serial devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"serial\\\"}\n\n    If a virtual machine has a serial device present, this is a finding.\n  \"\n  desc  'fix', \"\n    The VM must be powered off to remove a serial device.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the serial device, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000212'\n  tag rid: 'SV-VMCH-80-000212'\n  tag stig_id: 'VMCH-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for serial devices\" do\n        subject { result }\n        it { should_not match 'Serial' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000212.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000213",
+          "title": "Virtual machines (VMs) must remove unneeded USB devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no USB devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"usb\"}\nGet-VM | Get-UsbDevice\n\nIf a virtual machine has any USB devices or USB controllers present, this is a finding.\n\nIf USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the USB controller, click the circled \"X\" to remove it, and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-USBDevice | Remove-USBDevice\n\nNote:  This will not remove the USB controller, just any connected devices."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000213",
+            "rid": "SV-VMCH-80-000213",
+            "stig_id": "VMCH-80-000213",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000213' do\n  title 'Virtual machines (VMs) must remove unneeded USB devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no USB devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"usb\\\"}\n    Get-VM | Get-UsbDevice\n\n    If a virtual machine has any USB devices or USB controllers present, this is a finding.\n\n    If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the USB controller, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-USBDevice | Remove-USBDevice\n\n    Note:  This will not remove the USB controller, just any connected devices.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000213'\n  tag rid: 'SV-VMCH-80-000213'\n  tag stig_id: 'VMCH-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for USB devices\" do\n        subject { result }\n        it { should_not match 'USB' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000213.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VMCH-80-000214",
+          "title": "Virtual machines (VMs) must disable DirectPath I/O devices when not required.",
+          "desc": "VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, view the Summary tab.\n\nReview the PCI devices section and verify none exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice\n\nIf the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\nFind the unexpected PCI device returned from the check.\n\nHover the mouse over the device and click the circled \"X\" to remove the device. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice | Remove-PassthroughDevice"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000214",
+            "rid": "SV-VMCH-80-000214",
+            "stig_id": "VMCH-80-000214",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000214' do\n  title 'Virtual machines (VMs) must disable DirectPath I/O devices when not required.'\n  desc  'VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, view the Summary tab.\n\n    Review the PCI devices section and verify none exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice\n\n    If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\n    Find the unexpected PCI device returned from the check.\n\n    Hover the mouse over the device and click the circled \\\"X\\\" to remove the device. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice | Remove-PassthroughDevice\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000214'\n  tag rid: 'SV-VMCH-80-000214'\n  tag stig_id: 'VMCH-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-PassthroughDevice\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for PCI passthrough devices\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000214.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000009",
+          "title": "The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.",
+          "desc": "Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\nIf the output indicates versions of TLS other than 1.2 are enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\nvCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\nThe \"--no-restart\" flag can be added to restart services at a later time.\n\nChanges will not take effect until all services are restarted or the appliance is rebooted."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-APP-000014",
+            "satisfies": [
+              "SRG-APP-000156",
+              "SRG-APP-000157",
+              "SRG-APP-000219",
+              "SRG-APP-000439",
+              "SRG-APP-000440",
+              "SRG-APP-000441",
+              "SRG-APP-000442",
+              "SRG-APP-000560",
+              "SRG-APP-000565",
+              "SRG-APP-000625",
+              "SRG-APP-000645"
+            ],
+            "gid": "V-VCSA-80-000009",
+            "rid": "SV-VCSA-80-000009",
+            "stig_id": "VCSA-80-000009",
+            "cci": [
+              "CCI-000068",
+              "CCI-000382",
+              "CCI-001184",
+              "CCI-001453",
+              "CCI-001941",
+              "CCI-001942",
+              "CCI-002418",
+              "CCI-002420",
+              "CCI-002421",
+              "CCI-002422",
+              "CCI-002450"
+            ],
+            "nist": [
+              "AC-17 (2)",
+              "CM-7 b",
+              "IA-2 (8)",
+              "IA-2 (9)",
+              "SC-13",
+              "SC-23",
+              "SC-8",
+              "SC-8 (1)",
+              "SC-8 (2)"
+            ]
+          },
+          "code": "control 'VCSA-80-000009' do\n  title 'The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.'\n  desc  'Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.'\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\n    If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\n    vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\n    The \\\"--no-restart\\\" flag can be added to restart services at a later time.\n\n    Changes will not take effect until all services are restarted or the appliance is rebooted.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000014'\n  tag satisfies: ['SRG-APP-000156', 'SRG-APP-000157', 'SRG-APP-000219', 'SRG-APP-000439', 'SRG-APP-000440', 'SRG-APP-000441', 'SRG-APP-000442', 'SRG-APP-000560', 'SRG-APP-000565', 'SRG-APP-000625', 'SRG-APP-000645']\n  tag gid: 'V-VCSA-80-000009'\n  tag rid: 'SV-VCSA-80-000009'\n  tag stig_id: 'VCSA-80-000009'\n  tag cci: ['CCI-000068', 'CCI-000382', 'CCI-001184', 'CCI-001453', 'CCI-001941', 'CCI-001942', 'CCI-002418', 'CCI-002420', 'CCI-002421', 'CCI-002422', 'CCI-002450']\n  tag nist: ['AC-17 (2)', 'CM-7 b', 'IA-2 (8)', 'IA-2 (9)', 'SC-13', 'SC-23', 'SC-8', 'SC-8 (1)', 'SC-8 (2)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000009.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000023",
+          "title": "The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.",
+          "desc": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nThe following lockout policy should be set as follows:\n\nMaximum number of failed login attempts: 3\n\nIf this account lockout policy is not configured as stated, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Maximum number of failed login attempts\" to \"3\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000065",
+            "gid": "V-VCSA-80-000023",
+            "rid": "SV-VCSA-80-000023",
+            "stig_id": "VCSA-80-000023",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'VCSA-80-000023' do\n  title 'The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    The following lockout policy should be set as follows:\n\n    Maximum number of failed login attempts: 3\n\n    If this account lockout policy is not configured as stated, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Maximum number of failed login attempts\\\" to \\\"3\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000065'\n  tag gid: 'V-VCSA-80-000023'\n  tag rid: 'SV-VCSA-80-000023'\n  tag stig_id: 'VCSA-80-000023'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  command = '(Get-SsoLockoutPolicy).MaxFailedAttempts'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '3' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000023.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000024",
+          "title": "The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.",
+          "desc": "Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nIf the selection box next to \"Show login message\" is disabled, \"Details of login message\" is not configured to the standard DOD User Agreement, or the \"Consent checkbox\" is disabled, this is a finding.\n\nNote: Refer to vulnerability discussion for user agreement language."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nClick \"Edit\".\n\nClick the \"Show login message\" slider to enable.\n\nConfigure the \"Login message\" to \"DOD User Agreement\".\n\nClick the \"Consent checkbox\" slider to enable.\n\nSet the \"Details of login message\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000068",
+            "satisfies": [
+              "SRG-APP-000069",
+              "SRG-APP-000070"
+            ],
+            "gid": "V-VCSA-80-000024",
+            "rid": "SV-VCSA-80-000024",
+            "stig_id": "VCSA-80-000024",
+            "cci": [
+              "CCI-000048",
+              "CCI-000050",
+              "CCI-001384"
+            ],
+            "nist": [
+              "AC-8 a",
+              "AC-8 b",
+              "AC-8 c 1"
+            ]
+          },
+          "code": "control 'VCSA-80-000024' do\n  title 'The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.'\n  desc  \"\n    Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    If the selection box next to \\\"Show login message\\\" is disabled, \\\"Details of login message\\\" is not configured to the standard DOD User Agreement, or the \\\"Consent checkbox\\\" is disabled, this is a finding.\n\n    Note: Refer to vulnerability discussion for user agreement language.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Show login message\\\" slider to enable.\n\n    Configure the \\\"Login message\\\" to \\\"DOD User Agreement\\\".\n\n    Click the \\\"Consent checkbox\\\" slider to enable.\n\n    Set the \\\"Details of login message\\\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000068'\n  tag satisfies: ['SRG-APP-000069', 'SRG-APP-000070']\n  tag gid: 'V-VCSA-80-000024'\n  tag rid: 'SV-VCSA-80-000024'\n  tag stig_id: 'VCSA-80-000024'\n  tag cci: ['CCI-000048', 'CCI-000050', 'CCI-001384']\n  tag nist: ['AC-8 a', 'AC-8 b', 'AC-8 c 1']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000024.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000034",
+          "title": "The vCenter Server must produce audit records containing information to establish what type of events occurred.",
+          "desc": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify the \"config.log.level\" value is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \"info\".\n\nIf the \"config.log.level\" value is not set to \"info\" or does not exist, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.log.level\" setting to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000095",
+            "gid": "V-VCSA-80-000034",
+            "rid": "SV-VCSA-80-000034",
+            "stig_id": "VCSA-80-000034",
+            "cci": [
+              "CCI-000130"
+            ],
+            "nist": [
+              "AU-3"
+            ]
+          },
+          "code": "control 'VCSA-80-000034' do\n  title 'The vCenter Server must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify the \\\"config.log.level\\\" value is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \\\"info\\\".\n\n    If the \\\"config.log.level\\\" value is not set to \\\"info\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.log.level\\\" setting to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000095'\n  tag gid: 'V-VCSA-80-000034'\n  tag rid: 'SV-VCSA-80-000034'\n  tag stig_id: 'VCSA-80-000034'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'info' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000034.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000057",
+          "title": "vCenter Server plugins must be verified.",
+          "desc": "The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\nView the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\nIf any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \"Disable\".\n\nIf the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\nTo uninstall plug-ins, do the following:\n\nIf vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\nIn a web browser, navigate to \"http://vCenter_Server_name_or_IP/mob\", where \"vCenter_Server_name_or_IP/mob\" is the name of the vCenter Server or its IP address.\n\nClick \"Content\".\n\nClick \"ExtensionManager\".\n\nSelect and copy the name of the plug-in to be removed from the list of values under \"Properties\".\n\nClick \"UnregisterExtension\". A new window appears.\n\nPaste the name of the plug-in and click \"Invoke Method\". This removes the plug-in.\n\nClose the window.\n\nRefresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\nNote: If the plug-in still appears, restart the vSphere Client.\n\nNote: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000141",
+            "gid": "V-VCSA-80-000057",
+            "rid": "SV-VCSA-80-000057",
+            "stig_id": "VCSA-80-000057",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'VCSA-80-000057' do\n  title 'vCenter Server plugins must be verified.'\n  desc  \"\n    The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\n    vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\n    Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\n    View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\n    If any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \\\"Disable\\\".\n\n    If the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\n    To uninstall plug-ins, do the following:\n\n    If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\n    In a web browser, navigate to \\\"http://vCenter_Server_name_or_IP/mob\\\", where \\\"vCenter_Server_name_or_IP/mob\\\" is the name of the vCenter Server or its IP address.\n\n    Click \\\"Content\\\".\n\n    Click \\\"ExtensionManager\\\".\n\n    Select and copy the name of the plug-in to be removed from the list of values under \\\"Properties\\\".\n\n    Click \\\"UnregisterExtension\\\". A new window appears.\n\n    Paste the name of the plug-in and click \\\"Invoke Method\\\". This removes the plug-in.\n\n    Close the window.\n\n    Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\n    Note: If the plug-in still appears, restart the vSphere Client.\n\n    Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000141'\n  tag gid: 'V-VCSA-80-000057'\n  tag rid: 'SV-VCSA-80-000057'\n  tag stig_id: 'VCSA-80-000057'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000057.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000059",
+          "title": "The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.",
+          "desc": "To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the identity provider type is \"embedded\" and there is no identity source of type \"Active Directory\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\nIf the identity provider type is \"Microsoft ADFS\" or another supported identity provider, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "When using the embedded identity provider type, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\nClick \"Add\".\n\nSelect either \"Active Directory over LDAP\" or \"Active Directory (Windows Integrated Authentication)\" and configure appropriately.\n\nNote: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\nOR\n\nTo change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick \"Change Identity Provider\".\n\nSelect \"Microsoft ADFS\" and click \"Next\".\n\nEnter the ADFS server information and User and Group details and click \"Finish\".\n\nFor additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000148",
+            "satisfies": [
+              "SRG-APP-000153",
+              "SRG-APP-000163",
+              "SRG-APP-000180",
+              "SRG-APP-000234"
+            ],
+            "gid": "V-VCSA-80-000059",
+            "rid": "SV-VCSA-80-000059",
+            "stig_id": "VCSA-80-000059",
+            "cci": [
+              "CCI-000764",
+              "CCI-000770",
+              "CCI-000795",
+              "CCI-000804",
+              "CCI-001682"
+            ],
+            "nist": [
+              "AC-2 (2)",
+              "IA-2",
+              "IA-2 (5)",
+              "IA-4 e",
+              "IA-8"
+            ]
+          },
+          "code": "control 'VCSA-80-000059' do\n  title 'The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.'\n  desc  \"\n    To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n    (i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n    (ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\n    Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the identity provider type is \\\"embedded\\\" and there is no identity source of type \\\"Active Directory\\\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\n    If the identity provider type is \\\"Microsoft ADFS\\\" or another supported identity provider, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    When using the embedded identity provider type, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\n    Click \\\"Add\\\".\n\n    Select either \\\"Active Directory over LDAP\\\" or \\\"Active Directory (Windows Integrated Authentication)\\\" and configure appropriately.\n\n    Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\n    OR\n\n    To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click \\\"Change Identity Provider\\\".\n\n    Select \\\"Microsoft ADFS\\\" and click \\\"Next\\\".\n\n    Enter the ADFS server information and User and Group details and click \\\"Finish\\\".\n\n    For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000148'\n  tag satisfies: ['SRG-APP-000153', 'SRG-APP-000163', 'SRG-APP-000180', 'SRG-APP-000234']\n  tag gid: 'V-VCSA-80-000059'\n  tag rid: 'SV-VCSA-80-000059'\n  tag stig_id: 'VCSA-80-000059'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-000795', 'CCI-000804', 'CCI-001682']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-4 e', 'IA-8']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000059.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000060",
+          "title": "The vCenter Server must require multifactor authentication.",
+          "desc": "Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the embedded identity provider is used, click on \"Smart Card Authentication\".\n\nIf the embedded identity provider is used and \"Smart Card Authentication\" is not enabled, this is a finding.\n\nIf a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\nFor vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000149",
+            "satisfies": [
+              "SRG-APP-000080",
+              "SRG-APP-000150",
+              "SRG-APP-000391",
+              "SRG-APP-000402"
+            ],
+            "gid": "V-VCSA-80-000060",
+            "rid": "SV-VCSA-80-000060",
+            "stig_id": "VCSA-80-000060",
+            "cci": [
+              "CCI-000166",
+              "CCI-000765",
+              "CCI-000766",
+              "CCI-001953",
+              "CCI-002009"
+            ],
+            "nist": [
+              "AU-10",
+              "IA-2 (1)",
+              "IA-2 (12)",
+              "IA-2 (2)",
+              "IA-8 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000060' do\n  title 'The vCenter Server must require multifactor authentication.'\n  desc  \"\n    Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\n    Multifactor authentication requires using two or more factors to achieve authentication.\n\n    Factors include:\n    (i) something a user knows (e.g., password/PIN);\n    (ii) something a user has (e.g., cryptographic identification device, token); or\n    (iii) something a user is (e.g., biometric).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the embedded identity provider is used, click on \\\"Smart Card Authentication\\\".\n\n    If the embedded identity provider is used and \\\"Smart Card Authentication\\\" is not enabled, this is a finding.\n\n    If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.\n  \"\n  desc 'fix', \"\n    To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\n    For vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000149'\n  tag satisfies: ['SRG-APP-000080', 'SRG-APP-000150', 'SRG-APP-000391', 'SRG-APP-000402']\n  tag gid: 'V-VCSA-80-000060'\n  tag rid: 'SV-VCSA-80-000060'\n  tag stig_id: 'VCSA-80-000060'\n  tag cci: ['CCI-000166', 'CCI-000765', 'CCI-000766', 'CCI-001953', 'CCI-002009']\n  tag nist: ['AU-10', 'IA-2 (1)', 'IA-2 (12)', 'IA-2 (2)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    command = '(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled'\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000060.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000069",
+          "title": "The vCenter Server passwords must be at least 15 characters in length.",
+          "desc": "The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Minimum Length\" setting.\n\nMinimum Length: 15\n\nIf the password policy is not configured with a \"Minimum Length\" policy of \"15\" or more, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Minimum Length\" to \"15\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000164",
+            "gid": "V-VCSA-80-000069",
+            "rid": "SV-VCSA-80-000069",
+            "stig_id": "VCSA-80-000069",
+            "cci": [
+              "CCI-000205"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000069' do\n  title 'The vCenter Server passwords must be at least 15 characters in length.'\n  desc  \"\n    The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Minimum Length\\\" setting.\n\n    Minimum Length: 15\n\n    If the password policy is not configured with a \\\"Minimum Length\\\" policy of \\\"15\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Minimum Length\\\" to \\\"15\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000164'\n  tag gid: 'V-VCSA-80-000069'\n  tag rid: 'SV-VCSA-80-000069'\n  tag stig_id: 'VCSA-80-000069'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLength'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 15 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000069.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000070",
+          "title": "The vCenter Server must prohibit password reuse for a minimum of five generations.",
+          "desc": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Restrict reuse\" setting.\n\nRestrict reuse: Users cannot reuse any previous 5 passwords\n\nIf the password policy is not configured with a \"Restrict reuse\" policy of \"5\" or more, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Restrict reuse\" to \"5\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000165",
+            "gid": "V-VCSA-80-000070",
+            "rid": "SV-VCSA-80-000070",
+            "stig_id": "VCSA-80-000070",
+            "cci": [
+              "CCI-000200"
+            ],
+            "nist": [
+              "IA-5 (1) (e)"
+            ]
+          },
+          "code": "control 'VCSA-80-000070' do\n  title 'The vCenter Server must prohibit password reuse for a minimum of five generations.'\n  desc  \"\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    To meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\n    If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Restrict reuse\\\" setting.\n\n    Restrict reuse: Users cannot reuse any previous 5 passwords\n\n    If the password policy is not configured with a \\\"Restrict reuse\\\" policy of \\\"5\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Restrict reuse\\\" to \\\"5\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000165'\n  tag gid: 'V-VCSA-80-000070'\n  tag rid: 'SV-VCSA-80-000070'\n  tag stig_id: 'VCSA-80-000070'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  command = '(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 5 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000070.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000071",
+          "title": "The vCenter Server passwords must contain at least one uppercase character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 uppercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more uppercase characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"uppercase characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000166",
+            "gid": "V-VCSA-80-000071",
+            "rid": "SV-VCSA-80-000071",
+            "stig_id": "VCSA-80-000071",
+            "cci": [
+              "CCI-000192"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000071' do\n  title 'The vCenter Server passwords must contain at least one uppercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 uppercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more uppercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"uppercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000166'\n  tag gid: 'V-VCSA-80-000071'\n  tag rid: 'SV-VCSA-80-000071'\n  tag stig_id: 'VCSA-80-000071'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinUppercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000071.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000072",
+          "title": "The vCenter Server passwords must contain at least one lowercase character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 lowercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more lowercase characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"lowercase characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000167",
+            "gid": "V-VCSA-80-000072",
+            "rid": "SV-VCSA-80-000072",
+            "stig_id": "VCSA-80-000072",
+            "cci": [
+              "CCI-000193"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000072' do\n  title 'The vCenter Server passwords must contain at least one lowercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 lowercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more lowercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"lowercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000167'\n  tag gid: 'V-VCSA-80-000072'\n  tag rid: 'SV-VCSA-80-000072'\n  tag stig_id: 'VCSA-80-000072'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLowercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000072.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000073",
+          "title": "The vCenter Server passwords must contain at least one numeric character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 numeric characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more numeric characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"numeric characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000168",
+            "gid": "V-VCSA-80-000073",
+            "rid": "SV-VCSA-80-000073",
+            "stig_id": "VCSA-80-000073",
+            "cci": [
+              "CCI-000194"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000073' do\n  title 'The vCenter Server passwords must contain at least one numeric character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 numeric characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more numeric characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"numeric characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000168'\n  tag gid: 'V-VCSA-80-000073'\n  tag rid: 'SV-VCSA-80-000073'\n  tag stig_id: 'VCSA-80-000073'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinNumericCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000073.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000074",
+          "title": "The vCenter Server passwords must contain at least one special character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 special characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more special characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"special characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000169",
+            "gid": "V-VCSA-80-000074",
+            "rid": "SV-VCSA-80-000074",
+            "stig_id": "VCSA-80-000074",
+            "cci": [
+              "CCI-001619"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000074' do\n  title 'The vCenter Server passwords must contain at least one special character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\n    Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 special characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more special characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"special characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000169'\n  tag gid: 'V-VCSA-80-000074'\n  tag rid: 'SV-VCSA-80-000074'\n  tag stig_id: 'VCSA-80-000074'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinSpecialCharCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000074.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000077",
+          "title": "The vCenter Server must enable FIPS-validated cryptography.",
+          "desc": "FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Web Client, go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> GET.\n\nClick \"Execute\" and then \"Copy Response\" to view the results.\n\nExample response:\n\n{\n    \"enabled\": true\n}\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nInvoke-GetSystemGlobalFips\n\nIf global FIPS mode is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Web Client go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> PUT.\n\nIn the response body under \"Try it out\" paste the following:\n\n{\n    \"enabled\": true\n}\n\nClick \"Execute\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\nNote: The vCenter server reboots after FIPS is enabled or disabled."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-APP-000172",
+            "satisfies": [
+              "SRG-APP-000179",
+              "SRG-APP-000224",
+              "SRG-APP-000231",
+              "SRG-APP-000412",
+              "SRG-APP-000514",
+              "SRG-APP-000555",
+              "SRG-APP-000600",
+              "SRG-APP-000610",
+              "SRG-APP-000620",
+              "SRG-APP-000630",
+              "SRG-APP-000635"
+            ],
+            "gid": "V-VCSA-80-000077",
+            "rid": "SV-VCSA-80-000077",
+            "stig_id": "VCSA-80-000077",
+            "cci": [
+              "CCI-000197",
+              "CCI-000803",
+              "CCI-001188",
+              "CCI-001199",
+              "CCI-001967",
+              "CCI-002450",
+              "CCI-003123"
+            ],
+            "nist": [
+              "IA-3 (1)",
+              "IA-5 (1) (c)",
+              "IA-7",
+              "MA-4 (6)",
+              "SC-13",
+              "SC-23 (3)",
+              "SC-28"
+            ]
+          },
+          "code": "control 'VCSA-80-000077' do\n  title 'The vCenter Server must enable FIPS-validated cryptography.'\n  desc  \"\n    FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\n    In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\n    vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> GET.\n\n    Click \\\"Execute\\\" and then \\\"Copy Response\\\" to view the results.\n\n    Example response:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Invoke-GetSystemGlobalFips\n\n    If global FIPS mode is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Web Client go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> PUT.\n\n    In the response body under \\\"Try it out\\\" paste the following:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    Click \\\"Execute\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\n    Note: The vCenter server reboots after FIPS is enabled or disabled.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000172'\n  tag satisfies: ['SRG-APP-000179', 'SRG-APP-000224', 'SRG-APP-000231', 'SRG-APP-000412', 'SRG-APP-000514', 'SRG-APP-000555', 'SRG-APP-000600', 'SRG-APP-000610', 'SRG-APP-000620', 'SRG-APP-000630', 'SRG-APP-000635']\n  tag gid: 'V-VCSA-80-000077'\n  tag rid: 'SV-VCSA-80-000077'\n  tag stig_id: 'VCSA-80-000077'\n  tag cci: ['CCI-000197', 'CCI-000803', 'CCI-001188', 'CCI-001199', 'CCI-001967', 'CCI-002450', 'CCI-003123']\n  tag nist: ['IA-3 (1)', 'IA-5 (1) (c)', 'IA-7', 'MA-4 (6)', 'SC-13', 'SC-23 (3)', 'SC-28']\n\n  command = 'Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'True' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000077.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000079",
+          "title": "The vCenter Server must enforce a 90-day maximum password lifetime restriction.",
+          "desc": "Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Maximum lifetime\" setting.\n\nMaximum lifetime: Password must be changed every 90 days\n\nIf the password policy is not configured with \"Maximum lifetime\" policy of \"90\" or less, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"Maximum lifetime\" to \"90\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000174",
+            "gid": "V-VCSA-80-000079",
+            "rid": "SV-VCSA-80-000079",
+            "stig_id": "VCSA-80-000079",
+            "cci": [
+              "CCI-000199"
+            ],
+            "nist": [
+              "IA-5 (1) (d)"
+            ]
+          },
+          "code": "control 'VCSA-80-000079' do\n  title 'The vCenter Server must enforce a 90-day maximum password lifetime restriction.'\n  desc  \"\n    Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\n    One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\n    This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Maximum lifetime\\\" setting.\n\n    Maximum lifetime: Password must be changed every 90 days\n\n    If the password policy is not configured with \\\"Maximum lifetime\\\" policy of \\\"90\\\" or less, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"Maximum lifetime\\\" to \\\"90\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000174'\n  tag gid: 'V-VCSA-80-000079'\n  tag rid: 'SV-VCSA-80-000079'\n  tag stig_id: 'VCSA-80-000079'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  command = '(Get-SsoPasswordPolicy).PasswordLifetimeDays'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp <= 90 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000079.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000080",
+          "title": "The vCenter Server must enable revocation checking for certificate-based authentication.",
+          "desc": "The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, verify \"Revocation check\" does not show as disabled.\n\nIf \"Revocation check\" shows as disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, click the \"Edit\" button.\n\nConfigure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\nBy default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000175",
+            "satisfies": [
+              "SRG-APP-000392",
+              "SRG-APP-000401",
+              "SRG-APP-000403"
+            ],
+            "gid": "V-VCSA-80-000080",
+            "rid": "SV-VCSA-80-000080",
+            "stig_id": "VCSA-80-000080",
+            "cci": [
+              "CCI-000185",
+              "CCI-001954",
+              "CCI-001991",
+              "CCI-002010"
+            ],
+            "nist": [
+              "IA-2 (12)",
+              "IA-5 (2) (a)",
+              "IA-5 (2) (d)",
+              "IA-8 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000080' do\n  title 'The vCenter Server must enable revocation checking for certificate-based authentication.'\n  desc  'The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, verify \\\"Revocation check\\\" does not show as disabled.\n\n    If \\\"Revocation check\\\" shows as disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, click the \\\"Edit\\\" button.\n\n    Configure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\n    By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000175'\n  tag satisfies: ['SRG-APP-000392', 'SRG-APP-000401', 'SRG-APP-000403']\n  tag gid: 'V-VCSA-80-000080'\n  tag rid: 'SV-VCSA-80-000080'\n  tag stig_id: 'VCSA-80-000080'\n  tag cci: ['CCI-000185', 'CCI-001954', 'CCI-001991', 'CCI-002010']\n  tag nist: ['IA-2 (12)', 'IA-5 (2) (a)', 'IA-5 (2) (d)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    describe.one do\n      describe powercli_command('(Get-SsoAuthenticationPolicy).OCSPEnabled') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).UseInCertCRL') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).CRLUrl') do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000080.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000089",
+          "title": "The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.",
+          "desc": "Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nView the value of the \"Session timeout\" setting.\n\nIf the \"Session timeout\" is not set to \"15 minute(s)\" or less this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nClick \"Edit\" and enter \"15\" minutes into the \"Session timeout\" setting. Click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000190",
+            "satisfies": [
+              "SRG-APP-000295",
+              "SRG-APP-000389"
+            ],
+            "gid": "V-VCSA-80-000089",
+            "rid": "SV-VCSA-80-000089",
+            "stig_id": "VCSA-80-000089",
+            "cci": [
+              "CCI-001133",
+              "CCI-002038",
+              "CCI-002361"
+            ],
+            "nist": [
+              "AC-12",
+              "IA-11",
+              "SC-10"
+            ]
+          },
+          "code": "control 'VCSA-80-000089' do\n  title 'The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.'\n  desc  'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    View the value of the \\\"Session timeout\\\" setting.\n\n    If the \\\"Session timeout\\\" is not set to \\\"15 minute(s)\\\" or less this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    Click \\\"Edit\\\" and enter \\\"15\\\" minutes into the \\\"Session timeout\\\" setting. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000190'\n  tag satisfies: ['SRG-APP-000295', 'SRG-APP-000389']\n  tag gid: 'V-VCSA-80-000089'\n  tag rid: 'SV-VCSA-80-000089'\n  tag stig_id: 'VCSA-80-000089'\n  tag cci: ['CCI-001133', 'CCI-002038', 'CCI-002361']\n  tag nist: ['AC-12', 'IA-11', 'SC-10']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000089.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000095",
+          "title": "The vCenter Server user roles must be verified.",
+          "desc": "Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView each role and verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nApplication service account and user required privileges should be documented.\n\nIf any user or service account has more privileges than required, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the user or group, click the pencil button, change the assigned role, and click \"OK\".\n\nNote: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\nTo create a new role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nClick the green plus sign and enter a name for the role and select only the specific permissions required.\n\nUsers can then be assigned to the newly created role."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000211",
+            "satisfies": [
+              "SRG-APP-000233",
+              "SRG-APP-000380"
+            ],
+            "gid": "V-VCSA-80-000095",
+            "rid": "SV-VCSA-80-000095",
+            "stig_id": "VCSA-80-000095",
+            "cci": [
+              "CCI-001082",
+              "CCI-001084",
+              "CCI-001813"
+            ],
+            "nist": [
+              "CM-5 (1)",
+              "SC-2",
+              "SC-3"
+            ]
+          },
+          "code": "control 'VCSA-80-000095' do\n  title 'The vCenter Server user roles must be verified.'\n  desc  'Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View each role and verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    Application service account and user required privileges should be documented.\n\n    If any user or service account has more privileges than required, this is a finding.\n  \"\n  desc 'fix', \"\n    To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the user or group, click the pencil button, change the assigned role, and click \\\"OK\\\".\n\n    Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\n    To create a new role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Click the green plus sign and enter a name for the role and select only the specific permissions required.\n\n    Users can then be assigned to the newly created role.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000211'\n  tag satisfies: ['SRG-APP-000233', 'SRG-APP-000380']\n  tag gid: 'V-VCSA-80-000095'\n  tag rid: 'SV-VCSA-80-000095'\n  tag stig_id: 'VCSA-80-000095'\n  tag cci: ['CCI-001082', 'CCI-001084', 'CCI-001813']\n  tag nist: ['CM-5 (1)', 'SC-2', 'SC-3']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000095.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000110",
+          "title": "The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).",
+          "desc": "DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nView the \"Properties\" pane and verify \"Network I/O Control\" is \"Enabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NIOC Enabled\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\nIf \"Network I/O Control\" is disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nIn the \"Properties\" pane, click \"Edit\". Change \"Network I/O Control\" to \"Enabled\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDSwitch \"VDSwitch Name\" | Get-View).EnableNetworkResourceManagement($true)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000247",
+            "gid": "V-VCSA-80-000110",
+            "rid": "SV-VCSA-80-000110",
+            "stig_id": "VCSA-80-000110",
+            "cci": [
+              "CCI-001095"
+            ],
+            "nist": [
+              "SC-5 (2)"
+            ]
+          },
+          "code": "control 'VCSA-80-000110' do\n  title 'The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).'\n  desc  \"\n    DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\n    Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    View the \\\"Properties\\\" pane and verify \\\"Network I/O Control\\\" is \\\"Enabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NIOC Enabled\\\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\n    If \\\"Network I/O Control\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    In the \\\"Properties\\\" pane, click \\\"Edit\\\". Change \\\"Network I/O Control\\\" to \\\"Enabled\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDSwitch \\\"VDSwitch Name\\\" | Get-View).EnableNetworkResourceManagement($true)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000247'\n  tag gid: 'V-VCSA-80-000110'\n  tag rid: 'SV-VCSA-80-000110'\n  tag stig_id: 'VCSA-80-000110'\n  tag cci: ['CCI-001095']\n  tag nist: ['SC-5 (2)']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000110.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000123",
+          "title": "The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.",
+          "desc": "Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nVerify there is an alarm created to alert upon all SSO account actions.\n\nThe alarm name may vary, but it is suggested to name it \"SSO account actions - com.vmware.sso.PrincipalManagement\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select Name,Enabled,@{N=\"EventTypeId\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\nIf an alarm is not created to alert on SSO account actions, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nClick \"Add\".\n\nProvide the alarm name of \"SSO account actions - com.vmware.sso.PrincipalManagement\" and an optional description.\n\nFrom the \"Target type\" dropdown menu, select \"vCenter Server\".\n\nClick \"Next\".\n\nPaste \"com.vmware.sso.PrincipalManagement\" (without quotes) in the line after \"IF\" and press \"Enter\".\n\nNext to \"Trigger the alarm and\", select \"Show as Warning\".\n\nConfigure the desired notification actions that will inform the SA and ISSO of the event.\n\nClick \"Next\". Click \"Next\" again. Click \"Create\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000291",
+            "satisfies": [
+              "SRG-APP-000292",
+              "SRG-APP-000293",
+              "SRG-APP-000294",
+              "SRG-APP-000320"
+            ],
+            "gid": "V-VCSA-80-000123",
+            "rid": "SV-VCSA-80-000123",
+            "stig_id": "VCSA-80-000123",
+            "cci": [
+              "CCI-001683",
+              "CCI-001684",
+              "CCI-001685",
+              "CCI-001686",
+              "CCI-002132"
+            ],
+            "nist": [
+              "AC-2 (4)"
+            ]
+          },
+          "code": "control 'VCSA-80-000123' do\n  title 'The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.'\n  desc  \"\n    Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\n    To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \\\"com.vmware.sso.PrincipalManagement\\\" event ID and configure the alert mechanisms appropriately.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Verify there is an alarm created to alert upon all SSO account actions.\n\n    The alarm name may vary, but it is suggested to name it \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select Name,Enabled,@{N=\\\"EventTypeId\\\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\n    If an alarm is not created to alert on SSO account actions, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Click \\\"Add\\\".\n\n    Provide the alarm name of \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\" and an optional description.\n\n    From the \\\"Target type\\\" dropdown menu, select \\\"vCenter Server\\\".\n\n    Click \\\"Next\\\".\n\n    Paste \\\"com.vmware.sso.PrincipalManagement\\\" (without quotes) in the line after \\\"IF\\\" and press \\\"Enter\\\".\n\n    Next to \\\"Trigger the alarm and\\\", select \\\"Show as Warning\\\".\n\n    Configure the desired notification actions that will inform the SA and ISSO of the event.\n\n    Click \\\"Next\\\". Click \\\"Next\\\" again. Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000291'\n  tag satisfies: ['SRG-APP-000292', 'SRG-APP-000293', 'SRG-APP-000294', 'SRG-APP-000320']\n  tag gid: 'V-VCSA-80-000123'\n  tag rid: 'SV-VCSA-80-000123'\n  tag stig_id: 'VCSA-80-000123'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001685', 'CCI-001686', 'CCI-002132']\n  tag nist: ['AC-2 (4)']\n\n  command = 'Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000123.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000145",
+          "title": "The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.",
+          "desc": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Time interval between failures\" setting.\n\nTime interval between failures: 900 seconds\n\nIf the lockout policy is not configured with \"Time interval between failures\" policy of \"900\" or more, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Time interval between failures\" to \"900\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000345",
+            "gid": "V-VCSA-80-000145",
+            "rid": "SV-VCSA-80-000145",
+            "stig_id": "VCSA-80-000145",
+            "cci": [
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000145' do\n  title 'The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Time interval between failures\\\" setting.\n\n    Time interval between failures: 900 seconds\n\n    If the lockout policy is not configured with \\\"Time interval between failures\\\" policy of \\\"900\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Time interval between failures\\\" to \\\"900\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000145'\n  tag rid: 'SV-VCSA-80-000145'\n  tag stig_id: 'VCSA-80-000145'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).FailedAttemptIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 900 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000145.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000148",
+          "title": "The vCenter Server must be configured to send logs to a central log server.",
+          "desc": "vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \"Reachable\".\n\nIf no valid syslog collector is configured or if the collector is not listed as \"Reachable\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" or \"Configure\".\n\nEdit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\nUser Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000358",
+            "gid": "V-VCSA-80-000148",
+            "rid": "SV-VCSA-80-000148",
+            "stig_id": "VCSA-80-000148",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000148' do\n  title 'The vCenter Server must be configured to send logs to a central log server.'\n  desc  'vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \\\"Reachable\\\".\n\n    If no valid syslog collector is configured or if the collector is not listed as \\\"Reachable\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" or \\\"Configure\\\".\n\n    Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\n    User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000148'\n  tag rid: 'SV-VCSA-80-000148'\n  tag stig_id: 'VCSA-80-000148'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Invoke-GetLoggingForwarding | Select-Object -ExpandProperty hostname'\n  logservers = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if logservers.empty?\n    describe \"No log servers configured: #{logservers}\" do\n      subject { logservers }\n      it { should_not be_empty }\n    end\n  else\n    logservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('syslogServers') }\n      end\n    end\n    logserverstatuscommand = 'Invoke-TestLoggingForwarding | Select-Object -ExpandProperty state'\n    logserverstatus = powercli_command(logserverstatuscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    logserverstatus.each do |status|\n      describe status do\n        subject { status }\n        it { should cmp 'UP' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000148.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000150",
+          "title": "The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.",
+          "desc": "It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\nIf there are no AO-defined events, this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000360",
+            "satisfies": [
+              "SRG-APP-000379",
+              "SRG-APP-000510"
+            ],
+            "gid": "V-VCSA-80-000150",
+            "rid": "SV-VCSA-80-000150",
+            "stig_id": "VCSA-80-000150",
+            "cci": [
+              "CCI-000172",
+              "CCI-001744",
+              "CCI-001858"
+            ],
+            "nist": [
+              "AU-12 c",
+              "AU-5 (2)",
+              "CM-3 (5)"
+            ]
+          },
+          "code": "control 'VCSA-80-000150' do\n  title 'The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.'\n  desc  \"\n    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\n    Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\n    If there are no AO-defined events, this is not a finding.\n  \"\n  desc 'fix', 'Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000360'\n  tag satisfies: ['SRG-APP-000379', 'SRG-APP-000510']\n  tag gid: 'V-VCSA-80-000150'\n  tag rid: 'SV-VCSA-80-000150'\n  tag stig_id: 'VCSA-80-000150'\n  tag cci: ['CCI-000172', 'CCI-001744', 'CCI-001858']\n  tag nist: ['AU-12 c', 'AU-5 (2)', 'CM-3 (5)']\n\n  describe 'This check is a manual or policy based check' do\n    skip 'This must be reviewed manually'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000150.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000158",
+          "title": "The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.",
+          "desc": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one authorized time server is configured and is listed as \"Reachable\".\n\nIf \"NTP\" is not enabled and at least one authorized time server configured, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" under \"Time Synchronization\".\n\nSelect \"NTP\" for \"Mode\" and enter a list of authorized time servers separated by commas. Click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000371",
+            "gid": "V-VCSA-80-000158",
+            "rid": "SV-VCSA-80-000158",
+            "stig_id": "VCSA-80-000158",
+            "cci": [
+              "CCI-001891"
+            ],
+            "nist": [
+              "AU-8 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000158' do\n  title 'The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.'\n  desc  \"\n    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\n    Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one authorized time server is configured and is listed as \\\"Reachable\\\".\n\n    If \\\"NTP\\\" is not enabled and at least one authorized time server configured, this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" under \\\"Time Synchronization\\\".\n\n    Select \\\"NTP\\\" for \\\"Mode\\\" and enter a list of authorized time servers separated by commas. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000371'\n  tag gid: 'V-VCSA-80-000158'\n  tag rid: 'SV-VCSA-80-000158'\n  tag stig_id: 'VCSA-80-000158'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  command = 'Invoke-GetTimesync'\n  timesync = powercli_command(command).stdout.strip\n\n  if timesync == 'NTP'\n    ntpserverscommand = 'Invoke-GetNtp'\n    ntpservers = powercli_command(ntpserverscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    ntpservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('ntpServers') }\n      end\n      ntpstatuscommand = \"Initialize-NtpTestRequestBody -Servers #{server} | Invoke-TestNtp | Select-Object -ExpandProperty status\"\n      ntpstatus = powercli_command(ntpstatuscommand).stdout.strip\n      describe ntpstatus do\n        subject { ntpstatus }\n        it { should cmp 'SERVER_REACHABLE' }\n      end\n    end\n  else\n    describe \"Timesync Configuration: #{timesync}\" do\n      subject { timesync }\n      it { should cmp 'NTP' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000158.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000195",
+          "title": "The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.",
+          "desc": "Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick \"View Details\" and examine the \"Issuer Information\" block.\n\nIf the issuer specified is not a DOD approved certificate authority, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\nCRT format (Base-64)\nx509 version 3\nSubjectAltName must contain DNS Name=<machine_FQDN>\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nExport the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \".cer\" extension.\n\nFrom the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick Actions >> Import and Replace Certificate.\n\nSelect the \"Replace with external CA certificate\" radio button and click \"Next\".\n\nSupply the CA-issued certificate , the exported roots file, and the private key.\n\nClick \"Replace\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000427",
+            "gid": "V-VCSA-80-000195",
+            "rid": "SV-VCSA-80-000195",
+            "stig_id": "VCSA-80-000195",
+            "cci": [
+              "CCI-002470"
+            ],
+            "nist": [
+              "SC-23 (5)"
+            ]
+          },
+          "code": "control 'VCSA-80-000195' do\n  title 'The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.'\n  desc  \"\n    Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\n    The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\n    The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click \\\"View Details\\\" and examine the \\\"Issuer Information\\\" block.\n\n    If the issuer specified is not a DOD approved certificate authority, this is a finding.\n  \"\n  desc 'fix', \"\n    Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n    CRT format (Base-64)\n    x509 version 3\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \\\".cer\\\" extension.\n\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click Actions >> Import and Replace Certificate.\n\n    Select the \\\"Replace with external CA certificate\\\" radio button and click \\\"Next\\\".\n\n    Supply the CA-issued certificate , the exported roots file, and the private key.\n\n    Click \\\"Replace\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000427'\n  tag gid: 'V-VCSA-80-000195'\n  tag rid: 'SV-VCSA-80-000195'\n  tag stig_id: 'VCSA-80-000195'\n  tag cci: ['CCI-002470']\n  tag nist: ['SC-23 (5)']\n\n  vcenter = powercli_command('$global:DefaultViServers.Name').stdout.strip\n  describe ssl_certificate(host: \"#{vcenter}\", port: 443) do\n    its('issuer_organization') { should cmp 'U.S. Government' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000195.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000196",
+          "title": "The vCenter Server must enable data at rest encryption for vSAN.",
+          "desc": "Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-at-rest encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\nIf \"Data-At-Rest encryption\" is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-At-Rest encryption\" and select a pre-configured key provider from the drop down. Click \"Apply\".\n\nNote: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000428",
+            "gid": "V-VCSA-80-000196",
+            "rid": "SV-VCSA-80-000196",
+            "stig_id": "VCSA-80-000196",
+            "cci": [
+              "CCI-002475"
+            ],
+            "nist": [
+              "SC-28 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000196' do\n  title 'The vCenter Server must enable data at rest encryption for vSAN.'\n  desc  \"\n    Applications handling data requiring \\\"data at rest\\\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\n    Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\n    vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-at-rest encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\n    If \\\"Data-At-Rest encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-At-Rest encryption\\\" and select a pre-configured key provider from the drop down. Click \\\"Apply\\\".\n\n    Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000428'\n  tag gid: 'V-VCSA-80-000196'\n  tag rid: 'SV-VCSA-80-000196'\n  tag stig_id: 'VCSA-80-000196'\n  tag cci: ['CCI-002475']\n  tag nist: ['SC-28 (1)']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"Get-Cluster -Name #{cluster} | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000196.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000248",
+          "title": "The vCenter Server must disable the Customer Experience Improvement Program (CEIP).",
+          "desc": "The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nIf Customer Experience Improvement \"Program Status\" is \"Joined\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nClick \"Leave Program\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000248",
+            "rid": "SV-VCSA-80-000248",
+            "stig_id": "VCSA-80-000248",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000248' do\n  title 'The vCenter Server must disable the Customer Experience Improvement Program (CEIP).'\n  desc  'The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    If Customer Experience Improvement \\\"Program Status\\\" is \\\"Joined\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    Click \\\"Leave Program\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000248'\n  tag rid: 'SV-VCSA-80-000248'\n  tag stig_id: 'VCSA-80-000248'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000248.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000253",
+          "title": "The vCenter server must enforce SNMPv3 security features where SNMP is required.",
+          "desc": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.get\n\nNote: The \"appliancesh\" command is not needed if the default shell has not been changed for root.\n\nIf \"Enable\" is set to \"False\", this is not a finding.\n\nIf \"Enable\" is set to \"True\" and \"Authentication\" is not set to \"SHA1\", this is a finding.\n\nIf \"Enable\" is set to \"True\" and \"Privacy\" is not set to \"AES128\", this is a finding.\n\nIf any \"Users\" are configured with a \"Sec_level\" that does not equal \"priv\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.set --authentication SHA1\n# snmp.set --privacy AES128\n\nTo change the security level of a user, run the following command:\n\n# snmp.set --users <username>/<auth_password> <priv_password>/priv"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000575",
+            "gid": "V-VCSA-80-000253",
+            "rid": "SV-VCSA-80-000253",
+            "stig_id": "VCSA-80-000253",
+            "cci": [
+              "CCI-001967"
+            ],
+            "nist": [
+              "IA-3 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000253' do\n  title 'The vCenter server must enforce SNMPv3 security features where SNMP is required.'\n  desc  \"\n    SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\n    SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\n    SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.get\n\n    Note: The \\\"appliancesh\\\" command is not needed if the default shell has not been changed for root.\n\n    If \\\"Enable\\\" is set to \\\"False\\\", this is not a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Authentication\\\" is not set to \\\"SHA1\\\", this is a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Privacy\\\" is not set to \\\"AES128\\\", this is a finding.\n\n    If any \\\"Users\\\" are configured with a \\\"Sec_level\\\" that does not equal \\\"priv\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.set --authentication SHA1\n    # snmp.set --privacy AES128\n\n    To change the security level of a user, run the following command:\n\n    # snmp.set --users <username>/<auth_password> <priv_password>/priv\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000253'\n  tag rid: 'SV-VCSA-80-000253'\n  tag stig_id: 'VCSA-80-000253'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000253.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000265",
+          "title": "The vCenter server must disable SNMPv1/2 receivers.",
+          "desc": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, note the presence of any enabled receiver.\n\nIf there are any enabled receivers, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, ensure all receivers are disabled."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000575",
+            "gid": "V-VCSA-80-000265",
+            "rid": "SV-VCSA-80-000265",
+            "stig_id": "VCSA-80-000265",
+            "cci": [
+              "CCI-001967"
+            ],
+            "nist": [
+              "IA-3 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000265' do\n  title 'The vCenter server must disable SNMPv1/2 receivers.'\n  desc  'SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, note the presence of any enabled receiver.\n\n    If there are any enabled receivers, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, ensure all receivers are disabled.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000265'\n  tag rid: 'SV-VCSA-80-000265'\n  tag stig_id: 'VCSA-80-000265'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000265.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000266",
+          "title": "The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.",
+          "desc": "By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Unlock time\" setting.\n\nUnlock time: 0 seconds\n\nIf the lockout policy is not configured with \"Unlock time\" policy of \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Unlock time\" to \"0\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000345",
+            "gid": "V-VCSA-80-000266",
+            "rid": "SV-VCSA-80-000266",
+            "stig_id": "VCSA-80-000266",
+            "cci": [
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000266' do\n  title 'The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.'\n  desc  'By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Unlock time\\\" setting.\n\n    Unlock time: 0 seconds\n\n    If the lockout policy is not configured with \\\"Unlock time\\\" policy of \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Unlock time\\\" to \\\"0\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000266'\n  tag rid: 'SV-VCSA-80-000266'\n  tag stig_id: 'VCSA-80-000266'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).AutoUnlockIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '0' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000266.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000267",
+          "title": "The vCenter Server must disable the distributed virtual switch health check.",
+          "desc": "Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nView the health check pane and verify the \"VLAN and MTU\" and \"Teaming and failover\" checks are \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vds = Get-VDSwitch\n$vds.ExtensionData.Config.HealthCheckConfig\n\nIf the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nClick \"Edit\".\n\nDisable the \"VLAN and MTU\" and \"Teaming and failover\" checks.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \"False\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000267",
+            "rid": "SV-VCSA-80-000267",
+            "stig_id": "VCSA-80-000267",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000267' do\n  title 'The vCenter Server must disable the distributed virtual switch health check.'\n  desc  'Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    View the health check pane and verify the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks are \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vds = Get-VDSwitch\n    $vds.ExtensionData.Config.HealthCheckConfig\n\n    If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    Click \\\"Edit\\\".\n\n    Disable the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \\\"False\\\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000267'\n  tag rid: 'SV-VCSA-80-000267'\n  tag stig_id: 'VCSA-80-000267'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.HealthCheckConfig | Select-Object -ExpandProperty Enable\"\n      checks = powercli_command(command)\n      checks.stdout.split.each do |hc|\n        describe \"Health check for #{vds}\" do\n          subject { hc }\n          it { should cmp 'false' }\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000267.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000268",
+          "title": "The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".",
+          "desc": "If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Forged Transmits\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Forged Transmits\" policy is set to accept for a non-uplink port, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Forged Transmits\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000268",
+            "rid": "SV-VCSA-80-000268",
+            "stig_id": "VCSA-80-000268",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000268' do\n  title 'The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    When the \\\"Forged Transmits\\\" option is set to \\\"Accept\\\", ESXi does not compare source and effective MAC addresses.\n\n    To protect against MAC impersonation, set the \\\"Forged Transmits\\\" option to \\\"Reject\\\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Forged Transmits\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Forged Transmits\\\" policy is set to accept for a non-uplink port, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Forged Transmits\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000268'\n  tag rid: 'SV-VCSA-80-000268'\n  tag stig_id: 'VCSA-80-000268'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000268.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000269",
+          "title": "The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".",
+          "desc": "If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"MAC Address Changes\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"MAC Address Changes\" policy is set to accept, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"MAC Address Changes\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000269",
+            "rid": "SV-VCSA-80-000269",
+            "stig_id": "VCSA-80-000269",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000269' do\n  title 'The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"MAC Address Changes\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"MAC Address Changes\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000269'\n  tag rid: 'SV-VCSA-80-000269'\n  tag stig_id: 'VCSA-80-000269'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000269.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000270",
+          "title": "The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".",
+          "desc": "When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Promiscuous Mode\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Promiscuous Mode\" policy is set to accept, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Promiscuous Mode\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000270",
+            "rid": "SV-VCSA-80-000270",
+            "stig_id": "VCSA-80-000270",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000270' do\n  title 'The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Promiscuous Mode\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000270'\n  tag rid: 'SV-VCSA-80-000270'\n  tag stig_id: 'VCSA-80-000270'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000270.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000271",
+          "title": "The vCenter Server must only send NetFlow traffic to authorized collectors.",
+          "desc": "The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nTo view NetFlow Collector IPs configured on distributed switches:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nView the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NetFlowCollectorIPs\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\nTo view if NetFlow is enabled on any distributed port groups:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Manage >> Settings >> Policies.\n\nGo to \"Monitoring\" and view the NetFlow status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Select Name,VirtualSwitch,@{N=\"NetFlowEnabled\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\nIf NetFlow is configured and the collector IP is not known and documented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To remove collector IPs, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nClick \"Edit\".\n\nRemove any unknown collector IPs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$dvs = Get-VDSwitch dvswitch | Get-View\nForEach($vs in $dvs){\n$spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n$spec.configversion = $vs.Config.ConfigVersion\n$spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n$spec.IpfixConfig.CollectorIpAddress = \"\"\n$spec.IpfixConfig.CollectorPort = \"0\"\n$spec.IpfixConfig.ActiveFlowTimeout = \"60\"\n$spec.IpfixConfig.IdleFlowTimeout = \"15\"\n$spec.IpfixConfig.SamplingRate = \"0\"\n$spec.IpfixConfig.InternalFlowsOnly = $False\n$vs.ReconfigureDvs_Task($spec)\n}\n\nNote: This will reset the NetFlow collector configuration back to the defaults.\n\nTo disable NetFlow on a distributed port group, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Monitoring\" tab.\n\nChange \"NetFlow\" to \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n$spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n$spec.defaultPortConfig.ipfixEnabled.inherited = $false\n$spec.defaultPortConfig.ipfixEnabled.value = $false\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000271",
+            "rid": "SV-VCSA-80-000271",
+            "stig_id": "VCSA-80-000271",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000271' do\n  title 'The vCenter Server must only send NetFlow traffic to authorized collectors.'\n  desc  'The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    To view NetFlow Collector IPs configured on distributed switches:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NetFlowCollectorIPs\\\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\n    To view if NetFlow is enabled on any distributed port groups:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Manage >> Settings >> Policies.\n\n    Go to \\\"Monitoring\\\" and view the NetFlow status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Select Name,VirtualSwitch,@{N=\\\"NetFlowEnabled\\\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\n    If NetFlow is configured and the collector IP is not known and documented, this is a finding.\n  \"\n  desc 'fix', \"\n    To remove collector IPs, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    Click \\\"Edit\\\".\n\n    Remove any unknown collector IPs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $dvs = Get-VDSwitch dvswitch | Get-View\n    ForEach($vs in $dvs){\n    $spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n    $spec.configversion = $vs.Config.ConfigVersion\n    $spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n    $spec.IpfixConfig.CollectorIpAddress = \\\"\\\"\n    $spec.IpfixConfig.CollectorPort = \\\"0\\\"\n    $spec.IpfixConfig.ActiveFlowTimeout = \\\"60\\\"\n    $spec.IpfixConfig.IdleFlowTimeout = \\\"15\\\"\n    $spec.IpfixConfig.SamplingRate = \\\"0\\\"\n    $spec.IpfixConfig.InternalFlowsOnly = $False\n    $vs.ReconfigureDvs_Task($spec)\n    }\n\n    Note: This will reset the NetFlow collector configuration back to the defaults.\n\n    To disable NetFlow on a distributed port group, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Monitoring\\\" tab.\n\n    Change \\\"NetFlow\\\" to \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n    $spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n    $spec.defaultPortConfig.ipfixEnabled.inherited = $false\n    $spec.defaultPortConfig.ipfixEnabled.value = $false\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000271'\n  tag rid: 'SV-VCSA-80-000271'\n  tag stig_id: 'VCSA-80-000271'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  if vdswitches.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed switches found to check. This is not applicable.'\n    end\n  else\n    setimpact = true\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.IpfixConfig.CollectorIpAddress\"\n      result = powercli_command(command).stdout.strip\n      if !result.empty?\n        describe '' do\n          subject { result }\n          it { should cmp \"#{input('ipfixCollectorAddress')}\" }\n        end\n        setimpact = false\n      else\n        describe '' do\n          skip \"Ipfix CollectorIpAddress not configured...skipping #{vds}.\"\n        end\n      end\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000271.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000272",
+          "title": "The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).",
+          "desc": "ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nChange the VLAN ID to a non-native VLAN.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000272",
+            "rid": "SV-VCSA-80-000272",
+            "stig_id": "VCSA-80-000272",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000272' do\n  title 'The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).'\n  desc  \"\n    ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\n    For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \\\"1\\\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \\\"1\\\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\n    If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Change the VLAN ID to a non-native VLAN.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000272'\n  tag rid: 'SV-VCSA-80-000272'\n  tag stig_id: 'VCSA-80-000272'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '1' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000272.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000273",
+          "title": "The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.",
+          "desc": "When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group \"VLAN Type\" and \"VLAN trunk range\", if present.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \"True\"} | Select Name,VlanConfiguration\n\nIf any port group is configured with \"VLAN trunking\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\nIf any port group is authorized to be configured with \"VLAN trunking\" but is not configured with the most limited range necessary, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nIf \"VLAN trunking\" is not authorized, remove it by setting \"VLAN type\" to \"VLAN\" and configure an appropriate VLAN ID. Click \"OK\".\n\nIf \"VLAN trunking\" is authorized but the range is too broad, modify the range in the \"VLAN trunk range\" field to the minimum necessary and authorized range. An example range would be \"1,3-5,8\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanTrunkRange \"<VLAN Range(s) comma separated>\"\n\nor\n\nRun this command to configure a single VLAN ID:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanId \"<New VLAN#>\""
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000273",
+            "rid": "SV-VCSA-80-000273",
+            "stig_id": "VCSA-80-000273",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000273' do\n  title 'The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.'\n  desc  \"\n    When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\n    The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\n    If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group \\\"VLAN Type\\\" and \\\"VLAN trunk range\\\", if present.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \\\"True\\\"} | Select Name,VlanConfiguration\n\n    If any port group is configured with \\\"VLAN trunking\\\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\n    If any port group is authorized to be configured with \\\"VLAN trunking\\\" but is not configured with the most limited range necessary, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    If \\\"VLAN trunking\\\" is not authorized, remove it by setting \\\"VLAN type\\\" to \\\"VLAN\\\" and configure an appropriate VLAN ID. Click \\\"OK\\\".\n\n    If \\\"VLAN trunking\\\" is authorized but the range is too broad, modify the range in the \\\"VLAN trunk range\\\" field to the minimum necessary and authorized range. An example range would be \\\"1,3-5,8\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanTrunkRange \\\"<VLAN Range(s) comma separated>\\\"\n\n    or\n\n    Run this command to configure a single VLAN ID:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanId \\\"<New VLAN#>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000273'\n  tag rid: 'SV-VCSA-80-000273'\n  tag stig_id: 'VCSA-80-000273'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {(($_.IsUplink -eq $false) -and ($_.VlanConfiguration -match \"Trunk\"))} | Select-Object -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed port groups found to check. This is not applicable.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.Start\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '0' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.End\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '4094' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000273.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000274",
+          "title": "The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.",
+          "desc": "Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with a reserved VLAN ID, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000274",
+            "rid": "SV-VCSA-80-000274",
+            "stig_id": "VCSA-80-000274",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000274' do\n  title 'The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.'\n  desc  \"\n    Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\n    Check with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with a reserved VLAN ID, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000274'\n  tag rid: 'SV-VCSA-80-000274'\n  tag stig_id: 'VCSA-80-000274'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vlanlist = ['1001', '1024', '3968', '4047', '4094']\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not be_in vlanlist }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000274.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000275",
+          "title": "The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.",
+          "desc": "By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"VirtualCenter.VimPasswordExpirationInDays\" is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\nIf the \"VirtualCenter.VimPasswordExpirationInDays\" is set to a value other than \"30\" or does not exist, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"VirtualCenter.VimPasswordExpirationInDays\" value to \"30\" or if the value does not exist create it by entering the values in the \"Key\" and \"Value\" fields and clicking \"Add\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nIf the setting already exists:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\nIf the setting does not exist:\n\nNew-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000275",
+            "rid": "SV-VCSA-80-000275",
+            "stig_id": "VCSA-80-000275",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000275' do\n  title 'The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.'\n  desc  \"\n    By default, vCenter will change the \\\"vpxuser\\\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\n    Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \\\"vpxuser\\\" password to preclude the possibility that vCenter might be locked out of an ESXi host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\n    If the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to a value other than \\\"30\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" value to \\\"30\\\" or if the value does not exist create it by entering the values in the \\\"Key\\\" and \\\"Value\\\" fields and clicking \\\"Add\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    If the setting already exists:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\n    If the setting does not exist:\n\n    New-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000275'\n  tag rid: 'SV-VCSA-80-000275'\n  tag stig_id: 'VCSA-80-000275'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '30' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000275.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000276",
+          "title": "The vCenter Server must configure the \"vpxuser\" password to meet length policy.",
+          "desc": "The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"config.vpxd.hostPasswordLength\" is set to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\nIf the \"config.vpxd.hostPasswordLength\" is set to a value other than \"32, this is a finding.\n\nIf the setting does not exist, this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.vpxd.hostPasswordLength\" value to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000276",
+            "rid": "SV-VCSA-80-000276",
+            "stig_id": "VCSA-80-000276",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000276' do\n  title 'The vCenter Server must configure the \"vpxuser\" password to meet length policy.'\n  desc  \"\n    The \\\"vpxuser\\\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\n    Longer passwords make brute-force password attacks more difficult. The \\\"vpxuser\\\" password is added by vCenter, meaning no manual intervention is normally required. The \\\"vpxuser\\\" password length must never be modified to less than the default length of 32 characters.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"config.vpxd.hostPasswordLength\\\" is set to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\n    If the \\\"config.vpxd.hostPasswordLength\\\" is set to a value other than \\\"32, this is a finding.\n\n    If the setting does not exist, this is not a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.vpxd.hostPasswordLength\\\" value to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000276'\n  tag rid: 'SV-VCSA-80-000276'\n  tag stig_id: 'VCSA-80-000276'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value'\n  describe.one do\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp '32' }\n    end\n    describe powercli_command(command) do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000276.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000277",
+          "title": "The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.",
+          "desc": "vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Check the following conditions:\n\n1. Lifecycle Manager must be configured to use the UMDS.\n\nOR\n\n2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\nOR\n\n3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\nOption 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches from a UMDS shared repository\" radio button is selected and that a valid UMDS repository is supplied.\n\nClick \"Cancel\".\n\nIf this is not set, this is a finding.\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches directly from the internet\" radio button is selected.\n\nClick \"Cancel\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nVerify that \"HTTPS\" is \"Enabled\".\n\nClick the \"HTTPS\" row.\n\nVerify the proxy server configuration is accurate.\n\nIf this is not set, this is a finding.\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nVerify the \"Automatic downloads\" option is disabled.\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nVerify any download sources are disabled.\n\nIf this is not set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Option 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches from a UMDS shared repository\" radio button and supply a valid UMDS repository.\n\nClick \"Save\".\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches directly from the internet\" radio button.\n\nClick \"Save\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nClick \"Edit\".\n\nSlide \"HTTPS\" to \"Enabled\".\n\nSupply the appropriate proxy server configuration.\n\nClick \"Save\".\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nClick \"Edit\" and uncheck \"Download patches\".\n\nUnder \"Patch Setup\" select each download source and click Disable."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000277",
+            "rid": "SV-VCSA-80-000277",
+            "stig_id": "VCSA-80-000277",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000277' do\n  title 'The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.'\n  desc  \"\n    vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\n    There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\n    Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Check the following conditions:\n\n    1. Lifecycle Manager must be configured to use the UMDS.\n\n    OR\n\n    2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\n    OR\n\n    3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches from a UMDS shared repository\\\" radio button is selected and that a valid UMDS repository is supplied.\n\n    Click \\\"Cancel\\\".\n\n    If this is not set, this is a finding.\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches directly from the internet\\\" radio button is selected.\n\n    Click \\\"Cancel\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Verify that \\\"HTTPS\\\" is \\\"Enabled\\\".\n\n    Click the \\\"HTTPS\\\" row.\n\n    Verify the proxy server configuration is accurate.\n\n    If this is not set, this is a finding.\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Verify the \\\"Automatic downloads\\\" option is disabled.\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Verify any download sources are disabled.\n\n    If this is not set, this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches from a UMDS shared repository\\\" radio button and supply a valid UMDS repository.\n\n    Click \\\"Save\\\".\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches directly from the internet\\\" radio button.\n\n    Click \\\"Save\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Click \\\"Edit\\\".\n\n    Slide \\\"HTTPS\\\" to \\\"Enabled\\\".\n\n    Supply the appropriate proxy server configuration.\n\n    Click \\\"Save\\\".\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Click \\\"Edit\\\" and uncheck \\\"Download patches\\\".\n\n    Under \\\"Patch Setup\\\" select each download source and click Disable.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000277'\n  tag rid: 'SV-VCSA-80-000277'\n  tag stig_id: 'VCSA-80-000277'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000277.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000278",
+          "title": "The vCenter Server must use unique service accounts when applications connect to vCenter.",
+          "desc": "To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\nFor example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\nIf any application shares a service account that is used to connect to vCenter, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\nWhen standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000278",
+            "rid": "SV-VCSA-80-000278",
+            "stig_id": "VCSA-80-000278",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000278' do\n  title 'The vCenter Server must use unique service accounts when applications connect to vCenter.'\n  desc  'To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\n    For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\n    If any application shares a service account that is used to connect to vCenter, this is a finding.\n  \"\n  desc  'fix', \"\n    For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\n    When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000278'\n  tag rid: 'SV-VCSA-80-000278'\n  tag stig_id: 'VCSA-80-000278'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000278.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000279",
+          "title": "The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.",
+          "desc": "Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If IP-based storage is not used, this is not applicable.\n\nIP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\nThe check for this will be unique per environment.\n\nTo check a standard switch, do the following:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\nVerify it is dedicated to that purpose and is logically separated from other traffic types.\n\nTo check a distributed switch, do the following,\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \"Summary\" tab.\n\nNote the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of an IP-based VMkernel will be unique to each environment.\n\nTo configure VLANs and traffic types, do the following:\n\nStandard switch:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"Edit...\" and click the \"Port properties\" tab.\n\nUncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and click \"...\". Click \"Edit Settings\". On the \"Properties\" tab, enter the appropriate VLAN ID and click \"OK\".\n\nDistributed switch:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Topology.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"...\" and click \"Edit Settings\".\n\nOn the \"Port properties\" tab, uncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nEnter the appropriate VLAN type and ID and click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000279",
+            "rid": "SV-VCSA-80-000279",
+            "stig_id": "VCSA-80-000279",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000279' do\n  title 'The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.'\n  desc  \"\n    Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\n    IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\n    The check for this will be unique per environment.\n\n    To check a standard switch, do the following:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\n    Verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    To check a distributed switch, do the following,\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \\\"Summary\\\" tab.\n\n    Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-based VMkernel will be unique to each environment.\n\n    To configure VLANs and traffic types, do the following:\n\n    Standard switch:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"Edit...\\\" and click the \\\"Port properties\\\" tab.\n\n    Uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and click \\\"...\\\". Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, enter the appropriate VLAN ID and click \\\"OK\\\".\n\n    Distributed switch:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Topology.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"...\\\" and click \\\"Edit Settings\\\".\n\n    On the \\\"Port properties\\\" tab, uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Enter the appropriate VLAN type and ID and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000279'\n  tag rid: 'SV-VCSA-80-000279'\n  tag stig_id: 'VCSA-80-000279'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000279.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000280",
+          "title": "The vCenter server must be configured to send events to a central log server.",
+          "desc": "vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"vpxd.event.syslog.enabled\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\nIf the \"vpxd.event.syslog.enabled\" value is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"vpxd.event.syslog.enabled\" setting to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000358",
+            "gid": "V-VCSA-80-000280",
+            "rid": "SV-VCSA-80-000280",
+            "stig_id": "VCSA-80-000280",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000280' do\n  title 'The vCenter server must be configured to send events to a central log server.'\n  desc  \"\n    vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\n    The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"vpxd.event.syslog.enabled\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\n    If the \\\"vpxd.event.syslog.enabled\\\" value is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"vpxd.event.syslog.enabled\\\" setting to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000280'\n  tag rid: 'SV-VCSA-80-000280'\n  tag stig_id: 'VCSA-80-000280'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000280.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000281",
+          "title": "The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.",
+          "desc": "The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nIf the HCL internet download is not required, verify \"Status\" is \"Disabled\".\n\nIf the \"Status\" is \"Enabled\", this is a finding.\n\nIf the HCL internet download is required, verify \"Status\" is \"Enabled\" and a proxy host is configured.\n\nIf \"Status\" is \"Enabled\" and a proxy is not configured, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nClick \"Edit\".\n\nIf the HCL internet download is not required, ensure that \"Status\" is \"Disabled\".\n\nIf the HCL internet download is required, ensure that \"Status\" is \"Enabled\" and that a proxy host is appropriately configured."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000281",
+            "rid": "SV-VCSA-80-000281",
+            "stig_id": "VCSA-80-000281",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000281' do\n  title 'The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.'\n  desc  'The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    If the HCL internet download is not required, verify \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the \\\"Status\\\" is \\\"Enabled\\\", this is a finding.\n\n    If the HCL internet download is required, verify \\\"Status\\\" is \\\"Enabled\\\" and a proxy host is configured.\n\n    If \\\"Status\\\" is \\\"Enabled\\\" and a proxy is not configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    Click \\\"Edit\\\".\n\n    If the HCL internet download is not required, ensure that \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the HCL internet download is required, ensure that \\\"Status\\\" is \\\"Enabled\\\" and that a proxy host is appropriately configured.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000281'\n  tag rid: 'SV-VCSA-80-000281'\n  tag stig_id: 'VCSA-80-000281'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    command = '$vsanphview = Get-VsanView -Id VsanPhoneHomeSystem-vsan-phonehome-system; $vsanphview.QueryVsanCloudHealthStatus().InternetConnectivity'\n    vcinternetenabled = powercli_command(command).stdout.strip\n\n    if vcinternetenabled == 'True'\n      proxycommand = '$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host'\n      describe powercli_command(proxycommand) do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    else\n      describe 'Enable Internet access for all vSAN clusters.' do\n        subject { vcinternetenabled }\n        it { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000281.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000282",
+          "title": "The vCenter Server must configure the vSAN Datastore name to a unique name.",
+          "desc": "A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nReview the datastores and identify any datastores with \"vSAN\" as the datastore type.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\nGet-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \"vsan\"}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}\n\nIf vSAN is enabled and a datastore is named \"vsanDatastore\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nRight-click on the datastore named \"vsanDatastore\" and select \"Rename\".\n\nRename the datastore based on site-specific naming standards.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\n$Clusters = Get-Cluster | where {$_.VsanEnabled}\nForeach ($clus in $clusters){\n $clus | Get-Datastore | where {$_.type -match \"vsan\"} | Set-Datastore -Name $(($clus.name) + \"_vSAN_Datastore\")\n}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000282",
+            "rid": "SV-VCSA-80-000282",
+            "stig_id": "VCSA-80-000282",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000282' do\n  title 'The vCenter Server must configure the vSAN Datastore name to a unique name.'\n  desc  'A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Review the datastores and identify any datastores with \\\"vSAN\\\" as the datastore type.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \\\"vsan\\\"}\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n\n    If vSAN is enabled and a datastore is named \\\"vsanDatastore\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Right-click on the datastore named \\\"vsanDatastore\\\" and select \\\"Rename\\\".\n\n    Rename the datastore based on site-specific naming standards.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    $Clusters = Get-Cluster | where {$_.VsanEnabled}\n    Foreach ($clus in $clusters){\n     $clus | Get-Datastore | where {$_.type -match \\\"vsan\\\"} | Set-Datastore -Name $(($clus.name) + \\\"_vSAN_Datastore\\\")\n    }\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000282'\n  tag rid: 'SV-VCSA-80-000282'\n  tag stig_id: 'VCSA-80-000282'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-Cluster | Where-Object {$_.VsanEnabled} | Get-Datastore | Where-Object {$_.type -match \"vsan\"} | Select-Object -ExpandProperty Name'\n  vsandatastores = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vsandatastores.empty?\n    describe '' do\n      skip 'No VSAN datastores found to check.'\n    end\n  else\n    vsandatastores.each do |ds|\n      describe '' do\n        subject { ds }\n        it { should_not cmp 'vsanDatastore' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000282.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000283",
+          "title": "The vCenter Server must disable Username/Password and Windows Integrated Authentication.",
+          "desc": "All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If a federated identity provider is configured and used for an identity source, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder \"Authentication method\", examine the allowed methods.\n\nIf \"Smart card authentication\" is not enabled and \"Password and windows session authentication\" is not disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nNext to \"Authentication method\", click \"Edit\".\n\nSelect to radio button to \"Enable smart card authentication\".\n\nClick \"Save\".\n\nTo re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n# /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000283",
+            "rid": "SV-VCSA-80-000283",
+            "stig_id": "VCSA-80-000283",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000283' do\n  title 'The vCenter Server must disable Username/Password and Windows Integrated Authentication.'\n  desc  'All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under \\\"Authentication method\\\", examine the allowed methods.\n\n    If \\\"Smart card authentication\\\" is not enabled and \\\"Password and windows session authentication\\\" is not disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Next to \\\"Authentication method\\\", click \\\"Edit\\\".\n\n    Select to radio button to \\\"Enable smart card authentication\\\".\n\n    Click \\\"Save\\\".\n\n    To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n    # /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000283'\n  tag rid: 'SV-VCSA-80-000283'\n  tag stig_id: 'VCSA-80-000283'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('embeddedIdp')\n    describe powercli_command('(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    describe 'A federated IDP is configured so this is Not Applicable.' do\n      skip 'A federated IDP is configured so this is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000283.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000284",
+          "title": "The vCenter Server must restrict access to the default roles with cryptographic permissions.",
+          "desc": "In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Where {$_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\nThe built-in solution users assigned to the administrator role are NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nMove any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \"No Cryptography Administrator\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000284",
+            "rid": "SV-VCSA-80-000284",
+            "stig_id": "VCSA-80-000284",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000284' do\n  title 'The vCenter Server must restrict access to the default roles with cryptographic permissions.'\n  desc  \"\n    In vSphere, the built-in \\\"Administrator\\\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\n    A new built-in role called \\\"No Cryptography Administrator\\\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \\\"No Cryptography Administrator\\\" role or more restrictive.\n\n    The \\\"Administrator\\\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Where {$_.Role -eq \\\"Admin\\\" -or $_.Role -eq \\\"NoTrustedAdmin\\\" -or $_.Role -eq \\\"vCLSAdmin\\\" -or $_.Role -eq \\\"vSphereKubernetesManager\\\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\n    The built-in solution users assigned to the administrator role are NOT a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \\\"No Cryptography Administrator\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000284'\n  tag rid: 'SV-VCSA-80-000284'\n  tag stig_id: 'VCSA-80-000284'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoAdmins = input('vcCryptoAdmins')\n\n  # Get all users/groups with Admin/Administrator role excluding vpxd- accounts\n  command = 'Get-VIPermission | Where-Object {($_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\") -and $_.Principal -notmatch \"vpxd-\"} | Select-Object -ExpandProperty Principal'\n  cryptoadmins = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoadmins.empty?\n    cryptoadmins.each do |cryptoadmin|\n      describe cryptoadmin do\n        subject { cryptoadmin }\n        it { should be_in vcCryptoAdmins }\n      end\n    end\n  else\n    describe 'No users/groups found assigned to crypto roles...skipping tests.' do\n      skip 'No users/groups found assigned to crypto roles...skipping tests.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000284.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000285",
+          "title": "The vCenter Server must restrict access to cryptographic permissions.",
+          "desc": "These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight each role and click the 'Privileges\" button in the right pane.\n\nVerify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$roles = Get-VIRole\nForEach($role in $roles){\n    $privileges = $role.PrivilegeList\n    If($privileges -match \"Crypto*\" -or $privileges -match \"Global.Diagnostics\" -or $privileges -match \"Host.Inventory.Add*\" -or $privileges -match \"Host.Local operations.Manage user groups\"){\n    Write-Host \"$role has Cryptographic privileges\"\n    }\n}\n\nIf any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight the target custom role and click \"Edit\".\n\nRemove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000285",
+            "rid": "SV-VCSA-80-000285",
+            "stig_id": "VCSA-80-000285",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000285' do\n  title 'The vCenter Server must restrict access to cryptographic permissions.'\n  desc  'These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.'\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight each role and click the 'Privileges\\\" button in the right pane.\n\n    Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $roles = Get-VIRole\n    ForEach($role in $roles){\n        $privileges = $role.PrivilegeList\n        If($privileges -match \\\"Crypto*\\\" -or $privileges -match \\\"Global.Diagnostics\\\" -or $privileges -match \\\"Host.Inventory.Add*\\\" -or $privileges -match \\\"Host.Local operations.Manage user groups\\\"){\n        Write-Host \\\"$role has Cryptographic privileges\\\"\n        }\n    }\n\n    If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight the target custom role and click \\\"Edit\\\".\n\n    Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000285'\n  tag rid: 'SV-VCSA-80-000285'\n  tag stig_id: 'VCSA-80-000285'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoRoles = input('vcCryptoRoles')\n\n  command = 'Get-VIRole | Where-Object {$_.PrivilegeList -match \"Crypto*\" -or $_.PrivilegeList -match \"Global.Diagnostics\" -or $_.PrivilegeList -match \"Host.Inventory.Add*\" -or $_.PrivilegeList -match \"Host.Local operations.Manage user groups\"} | Select-Object -ExpandProperty Name'\n  cryptoroles = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoroles.empty?\n    cryptoroles.each do |cryptorole|\n      describe cryptorole do\n        subject { cryptorole }\n        it { should be_in vcCryptoRoles }\n      end\n    end\n  else\n    describe 'No roles found with crypto permissions...skipping tests.' do\n      skip 'No roles found with crypto permissions...skipping tests.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000285.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000286",
+          "title": "The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.",
+          "desc": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, review the value in the \"Authentication\" column.\n\nIf the Authentication method is not set to \"CHAP_Mutual\" for any iSCSI target, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, select the item and click \"Edit\".\n\nChange the \"Authentication\" field to \"Mutual CHAP\" and configure the incoming and outgoing users and secrets appropriately."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000286",
+            "rid": "SV-VCSA-80-000286",
+            "stig_id": "VCSA-80-000286",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000286' do\n  title 'The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, review the value in the \\\"Authentication\\\" column.\n\n    If the Authentication method is not set to \\\"CHAP_Mutual\\\" for any iSCSI target, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, select the item and click \\\"Edit\\\".\n\n    Change the \\\"Authentication\\\" field to \\\"Mutual CHAP\\\" and configure the incoming and outgoing users and secrets appropriately.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000286'\n  tag rid: 'SV-VCSA-80-000286'\n  tag stig_id: 'VCSA-80-000286'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !clusters.empty?\n    clusters.each do |cluster|\n      iscsiEnabled = powercli_command(\"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").IscsiTargetServiceEnabled\").stdout.strip\n      if iscsiEnabled == 'True'\n        command = \"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").DefaultIscsiAuthenticationType\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'MutualChap' }\n        end\n        setimpact = false\n      else\n        describe \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\" do\n          skip \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No vSAN enabled clusters found...this is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000286.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000287",
+          "title": "The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).",
+          "desc": "The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If vSAN is not in use, this is not applicable.\n\nInterview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\nVMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\nIf vSAN encryption is not in use, this is not a finding.\n\nIf vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "If vSAN encryption is in use, ensure that a regular rekey procedure is in place."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000287",
+            "rid": "SV-VCSA-80-000287",
+            "stig_id": "VCSA-80-000287",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000287' do\n  title 'The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).'\n  desc  \"\n    The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\n    This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If vSAN is not in use, this is not applicable.\n\n    Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\n    VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\n    If vSAN encryption is not in use, this is not a finding.\n\n    If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.\n  \"\n  desc 'fix', 'If vSAN encryption is in use, ensure that a regular rekey procedure is in place.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000287'\n  tag rid: 'SV-VCSA-80-000287'\n  tag stig_id: 'VCSA-80-000287'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000287.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000288",
+          "title": "The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.",
+          "desc": "LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If LDAP is not used as an identity provider, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\", if the \"Server URL\" does not indicate \"ldaps://\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\" where LDAPS is not configured, highlight the item and click \"Edit\".\n\nEnsure the primary and secondary server URLs, if specified, are configured for \"ldaps://\".\n\nAt the bottom, click the \"Browse\" button, select the AD LDAP cert previously exported to your local computer, click \"Open\", and \"Save\" to complete modifications.\n\nNote: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000288",
+            "rid": "SV-VCSA-80-000288",
+            "stig_id": "VCSA-80-000288",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000288' do\n  title 'The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.'\n  desc  \"\n    LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\n    When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If LDAP is not used as an identity provider, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\", if the \\\"Server URL\\\" does not indicate \\\"ldaps://\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\" where LDAPS is not configured, highlight the item and click \\\"Edit\\\".\n\n    Ensure the primary and secondary server URLs, if specified, are configured for \\\"ldaps://\\\".\n\n    At the bottom, click the \\\"Browse\\\" button, select the AD LDAP cert previously exported to your local computer, click \\\"Open\\\", and \\\"Save\\\" to complete modifications.\n\n    Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000288'\n  tag rid: 'SV-VCSA-80-000288'\n  tag stig_id: 'VCSA-80-000288'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000288.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000290",
+          "title": "The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.",
+          "desc": "vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: By default the Administrator and a unique service account similar to \"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\" will be in the group and should not be removed.\n\nIf there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000290",
+            "rid": "SV-VCSA-80-000290",
+            "stig_id": "VCSA-80-000290",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000290' do\n  title 'The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.'\n  desc  \"\n    vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \\\"SystemConfiguration.BashShellAdministrators\\\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \\\"sso-user\\\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\n    To force accountability and nonrepudiation, the SSO group \\\"SystemConfiguration.BashShellAdministrators\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: By default the Administrator and a unique service account similar to \\\"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\\\" will be in the group and should not be removed.\n\n    If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000290'\n  tag rid: 'SV-VCSA-80-000290'\n  tag stig_id: 'VCSA-80-000290'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  bashShellAdminUsers = input('bashShellAdminUsers')\n  # Get appliance management user and add to list of authorized users. Unique to each vCenter.\n  applmgmtuser = powercli_command('Get-SsoGroup -Domain vsphere.local -Name applmgmtSvcUsers | Get-SsoPersonUser | Select-Object -ExpandProperty Name').stdout.strip\n  bashShellAdminUsers.push(applmgmtuser)\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in SystemConfiguration.BashShellAdministrators' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |user|\n      describe user do\n        it { should be_in bashShellAdminUsers }\n      end\n    end\n  end\n  bashShellAdminGroups = input('bashShellAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in SystemConfiguration.BashShellAdministrators' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |group|\n      describe group do\n        it { should be_in bashShellAdminGroups }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000290.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000291",
+          "title": "The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.",
+          "desc": "The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\nIf there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000291",
+            "rid": "SV-VCSA-80-000291",
+            "stig_id": "VCSA-80-000291",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000291' do\n  title 'The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.'\n  desc  \"\n    The vSphere \\\"TrustedAdmins\\\" group grants additional rights to administer the vSphere Trust Authority feature.\n\n    To force accountability and nonrepudiation, the SSO group \\\"TrustedAdmins\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\n    If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000291'\n  tag rid: 'SV-VCSA-80-000291'\n  tag stig_id: 'VCSA-80-000291'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  trustedAdminUsers = input('trustedAdminUsers')\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in TrustedAdmins' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.split.each do |user|\n      describe user do\n        it { should be_in trustedAdminUsers }\n      end\n    end\n  end\n  trustedAdminGroups = input('trustedAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in TrustedAdmins' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.split.each do |group|\n      describe group do\n        it { should be_in trustedAdminGroups }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000291.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000292",
+          "title": "The vCenter server configuration must be backed up on a regular basis.",
+          "desc": "vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Option 1:\n\nIf vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\nOption 2:\n\nFor vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, verify the \"Status\" is \"Enabled\".\n\nClick \"Status\" to expand the backup details.\n\nIf vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\nIf the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \"Daily\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Option 1:\n\nImplement and document a VMware-supported storage/image-based backup schedule.\n\nOption 2:\n\nTo configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Configure\" (or \"Edit\" for an existing configuration).\n\nEnter site-specific information for the backup job.\n\nEnsure \"Schedule\" is set to \"Daily\". Limiting the number of retained backups is recommended but not required.\n\nClick \"Create\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000292",
+            "rid": "SV-VCSA-80-000292",
+            "stig_id": "VCSA-80-000292",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000292' do\n  title 'The vCenter server configuration must be backed up on a regular basis.'\n  desc  \"\n    vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\n    For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Option 1:\n\n    If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\n    Option 2:\n\n    For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify the \\\"Status\\\" is \\\"Enabled\\\".\n\n    Click \\\"Status\\\" to expand the backup details.\n\n    If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\n    If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \\\"Daily\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    Implement and document a VMware-supported storage/image-based backup schedule.\n\n    Option 2:\n\n    To configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Configure\\\" (or \\\"Edit\\\" for an existing configuration).\n\n    Enter site-specific information for the backup job.\n\n    Ensure \\\"Schedule\\\" is set to \\\"Daily\\\". Limiting the number of retained backups is recommended but not required.\n\n    Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000292'\n  tag rid: 'SV-VCSA-80-000292'\n  tag stig_id: 'VCSA-80-000292'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('backup3rdParty')\n    describe '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.' do\n      skip '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.'\n    end\n  else\n    command = '(Invoke-ListRecoveryBackupSchedules).default.enable'\n    backupsenabled = powercli_command(command).stdout.strip\n\n    describe 'File based backups should be enabled.' do\n      subject { backupsenabled }\n      it { should cmp 'true' }\n    end\n\n    if backupsenabled == 'True'\n      # check that backups are scheduled daily. if so the days configuration will be empty\n      # if a custom schedule is specified and every day is selected this will fail and that should be changed to daily\n      backupschedule = powercli_command('(Invoke-ListRecoveryBackupSchedules).default.recurrence_info.days').stdout.strip\n      describe 'Backups should be scheduled daily.' do\n        subject { backupschedule }\n        it { should cmp '' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000292.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000293",
+          "title": "The vCenter server must have task and event retention set to at least 30 days.",
+          "desc": "vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick to expand the \"Database\" section.\n\nNote the \"Task retention\" and \"Event retention\" values.\n\nIf either value is configured to less than \"30\" days, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"Database\" tab, set the value for both \"Task retention\" and \"Event retention\" to \"30\" days (default) or greater, as required by your site.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000293",
+            "rid": "SV-VCSA-80-000293",
+            "stig_id": "VCSA-80-000293",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000293' do\n  title 'The vCenter server must have task and event retention set to at least 30 days.'\n  desc  \"\n    vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\n    vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click to expand the \\\"Database\\\" section.\n\n    Note the \\\"Task retention\\\" and \\\"Event retention\\\" values.\n\n    If either value is configured to less than \\\"30\\\" days, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"Database\\\" tab, set the value for both \\\"Task retention\\\" and \\\"Event retention\\\" to \\\"30\\\" days (default) or greater, as required by your site.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000293'\n  tag rid: 'SV-VCSA-80-000293'\n  tag stig_id: 'VCSA-80-000293'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000293.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000294",
+          "title": "The vCenter server Native Key Provider must be backed up with a strong password.",
+          "desc": "The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\nInterview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\nIf backups exist for the Native Key Provider that are not password protected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Key Providers.\n\nSelect the Native Key Provider, click \"Back-up\", and check the box \"Protect Native Key Provider data with password\".\n\nProvide a strong password and click \"Back up key provider\".\n\nDelete any previous backups that were not protected with a password."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000294",
+            "rid": "SV-VCSA-80-000294",
+            "stig_id": "VCSA-80-000294",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000294' do\n  title 'The vCenter server Native Key Provider must be backed up with a strong password.'\n  desc  'The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\n    Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\n    If backups exist for the Native Key Provider that are not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Key Providers.\n\n    Select the Native Key Provider, click \\\"Back-up\\\", and check the box \\\"Protect Native Key Provider data with password\\\".\n\n    Provide a strong password and click \\\"Back up key provider\\\".\n\n    Delete any previous backups that were not protected with a password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000294'\n  tag rid: 'SV-VCSA-80-000294'\n  tag stig_id: 'VCSA-80-000294'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000294.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000295",
+          "title": "The vCenter server must require authentication for published content libraries.",
+          "desc": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nReview the \"Password Protected\" column.\n\nIf a content library is published and is not password protected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Enable user authentication for access to this content library\".\n\nEnter and confirm a password for the content library. Click \"Ok\".\n\nNote: Any subscribed content libraries will need to be updated to enable authentication and provide the password."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000295",
+            "rid": "SV-VCSA-80-000295",
+            "stig_id": "VCSA-80-000295",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000295' do\n  title 'The vCenter server must require authentication for published content libraries.'\n  desc  'In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Password Protected\\\" column.\n\n    If a content library is published and is not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Enable user authentication for access to this content library\\\".\n\n    Enter and confirm a password for the content library. Click \\\"Ok\\\".\n\n    Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000295'\n  tag rid: 'SV-VCSA-80-000295'\n  tag stig_id: 'VCSA-80-000295'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      if libinfojson['publish_info']['published'] == true\n        describe \"Authentication should be enabled on Content Library: #{libinfojson['name']}\" do\n          subject { libinfojson }\n          its(['publish_info', 'authentication_method']) { should cmp 'BASIC' }\n        end\n        setimpact = false\n      else\n        describe \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\" do\n          skip \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000295.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000296",
+          "title": "The vCenter server must enable the OVF security policy for content libraries.",
+          "desc": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nReview the \"Security Policy\" column.\n\nIf a content library does not have the \"OVF default policy\" enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Apply Security Policy\". Click \"OK\".\n\nNote: If you disable the security policy of a content library, you cannot reuse the existing OVF items."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000296",
+            "rid": "SV-VCSA-80-000296",
+            "stig_id": "VCSA-80-000296",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000296' do\n  title 'The vCenter server must enable the OVF security policy for content libraries.'\n  desc  \"\n    In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\n    You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Security Policy\\\" column.\n\n    If a content library does not have the \\\"OVF default policy\\\" enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Apply Security Policy\\\". Click \\\"OK\\\".\n\n    Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000296'\n  tag rid: 'SV-VCSA-80-000296'\n  tag stig_id: 'VCSA-80-000296'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      describe \"OVF security policy should be enabled on Content Library: #{libinfojson['name']}\" do\n        subject { libinfojson }\n        its(['security_policy_id']) { should_not be nil }\n      end\n      setimpact = false\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000296.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000298",
+          "title": "The vCenter Server must separate authentication and authorization for administrators.",
+          "desc": "Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\nNote: Users and/or groups assigned to roles should be from the \"VSPHERE.LOCAL\" identity source."
+            },
+            {
+              "label": "fix",
+              "data": "To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\nSelect the Administrators group and click \"Edit\".\n\nIn the \"Add Members\" section, select the identity source and type the name of the target user/group in the search bar.\n\nSelect the target user/group to add them and click \"Save\".\n\nNote: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\nTo remove identity provider users/groups from a role, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the offending user/group and click \"Delete\".\n\nNote: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level)."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000298",
+            "rid": "SV-VCSA-80-000298",
+            "stig_id": "VCSA-80-000298",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000298' do\n  title 'The vCenter Server must separate authentication and authorization for administrators.'\n  desc  \"\n    Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\n    The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\n    Note: Users and/or groups assigned to roles should be from the \\\"VSPHERE.LOCAL\\\" identity source.\n  \"\n  desc 'fix', \"\n    To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\n    Select the Administrators group and click \\\"Edit\\\".\n\n    In the \\\"Add Members\\\" section, select the identity source and type the name of the target user/group in the search bar.\n\n    Select the target user/group to add them and click \\\"Save\\\".\n\n    Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\n    To remove identity provider users/groups from a role, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the offending user/group and click \\\"Delete\\\".\n\n    Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000298'\n  tag rid: 'SV-VCSA-80-000298'\n  tag stig_id: 'VCSA-80-000298'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000298.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000299",
+          "title": "The vCenter Server must disable CDP/LLDP on distributed switches.",
+          "desc": "The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nReview the \"Discovery Protocol\" configuration.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\nIf any distributed switch does not have \"Discovery Protocols\" disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect the advanced tab and update the \"Type\" under \"Discovery Protocol\" to disabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch -Name \"DSwitch\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \"Disabled\""
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000299",
+            "rid": "SV-VCSA-80-000299",
+            "stig_id": "VCSA-80-000299",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000299' do\n  title 'The vCenter Server must disable CDP/LLDP on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Review the \\\"Discovery Protocol\\\" configuration.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\n    If any distributed switch does not have \\\"Discovery Protocols\\\" disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select the advanced tab and update the \\\"Type\\\" under \\\"Discovery Protocol\\\" to disabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch -Name \\\"DSwitch\\\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \\\"Disabled\\\"\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000299'\n  tag rid: 'SV-VCSA-80-000299'\n  tag stig_id: 'VCSA-80-000299'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"Get-VDSwitch -Name \\\"#{vds}\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'Disabled' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000299.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000300",
+          "title": "The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.",
+          "desc": "The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nReview any configured \"Port Mirroring\" sessions.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"Port Mirroring Sessions\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\nIf there are any unauthorized port mirroring sessions configured, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nSelect the unauthorized \"Port Mirroring\" session and click \"Remove\". Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000300",
+            "rid": "SV-VCSA-80-000300",
+            "stig_id": "VCSA-80-000300",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000300' do\n  title 'The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Review any configured \\\"Port Mirroring\\\" sessions.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"Port Mirroring Sessions\\\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\n    If there are any unauthorized port mirroring sessions configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Select the unauthorized \\\"Port Mirroring\\\" session and click \\\"Remove\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000300'\n  tag rid: 'SV-VCSA-80-000300'\n  tag stig_id: 'VCSA-80-000300'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.VspanSession\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000300.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000301",
+          "title": "The vCenter Server must not override port group settings at the port level on distributed switches.",
+          "desc": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Override port policies\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy\n\nIf there are any distributed port groups that allow overridden port policies, this is a finding.\n\nNote: This does not apply to the \"Block Ports\" or \"Configure reset at disconnect\" policies."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update all port policies besides \"Block Ports\" to \"disabled\" and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.VlanOverrideAllowed = $False\n$spec.Policy.UplinkTeamingOverrideAllowed = $False\n$spec.Policy.SecurityPolicyOverrideAllowed = $False\n$spec.Policy.IpfixOverrideAllowed = $False\n$spec.Policy.BlockOverrideAllowed = $True\n$spec.Policy.ShapingOverrideAllowed = $False\n$spec.Policy.VendorConfigOverrideAllowed = $False\n$spec.Policy.TrafficFilterOverrideAllowed = $False\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000301",
+            "rid": "SV-VCSA-80-000301",
+            "stig_id": "VCSA-80-000301",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000301' do\n  title 'The vCenter Server must not override port group settings at the port level on distributed switches.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Override port policies\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy\n\n    If there are any distributed port groups that allow overridden port policies, this is a finding.\n\n    Note: This does not apply to the \\\"Block Ports\\\" or \\\"Configure reset at disconnect\\\" policies.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update all port policies besides \\\"Block Ports\\\" to \\\"disabled\\\" and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.VlanOverrideAllowed = $False\n    $spec.Policy.UplinkTeamingOverrideAllowed = $False\n    $spec.Policy.SecurityPolicyOverrideAllowed = $False\n    $spec.Policy.IpfixOverrideAllowed = $False\n    $spec.Policy.BlockOverrideAllowed = $True\n    $spec.Policy.ShapingOverrideAllowed = $False\n    $spec.Policy.VendorConfigOverrideAllowed = $False\n    $spec.Policy.TrafficFilterOverrideAllowed = $False\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000301'\n  tag rid: 'SV-VCSA-80-000301'\n  tag stig_id: 'VCSA-80-000301'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000301.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000302",
+          "title": "The vCenter Server must reset port configuration when virtual machines are disconnected.",
+          "desc": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Configure reset at disconnect\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\nIf there are any distributed port groups with \"Configure reset at disconnect\" configured to \"disabled\" or \"False\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update \"Configure reset at disconnect\" to be enabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.PortConfigResetAtDisconnect = $True\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000302",
+            "rid": "SV-VCSA-80-000302",
+            "stig_id": "VCSA-80-000302",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000302' do\n  title 'The vCenter Server must reset port configuration when virtual machines are disconnected.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Configure reset at disconnect\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\n    If there are any distributed port groups with \\\"Configure reset at disconnect\\\" configured to \\\"disabled\\\" or \\\"False\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update \\\"Configure reset at disconnect\\\" to be enabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.PortConfigResetAtDisconnect = $True\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000302'\n  tag rid: 'SV-VCSA-80-000302'\n  tag stig_id: 'VCSA-80-000302'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'True' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000302.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000303",
+          "title": "The vCenter Server must disable Secure Shell (SSH) access.",
+          "desc": "vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nIf \"SSH Login\" is not \"Deactivated\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nClick \"Edit\" then disable \"Activate SSH Login\" and click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000303",
+            "rid": "SV-VCSA-80-000303",
+            "stig_id": "VCSA-80-000303",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000303' do\n  title 'The vCenter Server must disable Secure Shell (SSH) access.'\n  desc  \"\n    vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\n    vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    If \\\"SSH Login\\\" is not \\\"Deactivated\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    Click \\\"Edit\\\" then disable \\\"Activate SSH Login\\\" and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000303'\n  tag rid: 'SV-VCSA-80-000303'\n  tag stig_id: 'VCSA-80-000303'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe powercli_command('Invoke-GetAccessSsh').stdout.strip do\n    it { should_not cmp 'true' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000303.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        },
+        {
+          "id": "VCSA-80-000304",
+          "title": "The vCenter Server must enable data in transit encryption for vSAN.",
+          "desc": "Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-in-transit encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n$vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\nRepeat these steps for each vSAN enabled cluster in the environment.\n\nIf \"Data-In-Transit encryption\" is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-In-Transit encryption\" and choose a rekey interval suitable for the environment then click \"Apply\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000304",
+            "rid": "SV-VCSA-80-000304",
+            "stig_id": "VCSA-80-000304",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000304' do\n  title 'The vCenter Server must enable data in transit encryption for vSAN.'\n  desc  \"\n    Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\n    vSAN data-in-transit encryption has the following characteristics:\n    -vSAN uses AES-256 bit encryption on data in transit.\n    -Forward secrecy is enforced for vSAN data-in-transit encryption.\n    -Traffic between data hosts and witness hosts is encrypted.\n    -File service data traffic between the VDFS proxy and VDFS server is encrypted.\n    -vSAN file services inter-host connections are encrypted.\n    -vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\n    Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\n    vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-in-transit encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n    $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\n    Repeat these steps for each vSAN enabled cluster in the environment.\n\n    If \\\"Data-In-Transit encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-In-Transit encryption\\\" and choose a rekey interval suitable for the environment then click \\\"Apply\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000304'\n  tag rid: 'SV-VCSA-80-000304'\n  tag stig_id: 'VCSA-80-000304'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name #{cluster}).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000304.rb"
+          },
+          "waiver_data": {},
+          "results": []
+        }
+      ],
+      "status": "loaded",
+      "status_message": ""
+    },
+    {
+      "name": "VMware vSphere 8.0 ESXi STIG Readiness Guide",
+      "version": "1.0.1",
+      "sha256": "2bcc2c137feae91b11def65ec768521718f04b22c0b53c3f1946c843c4a9a10b",
+      "title": "VMware vSphere 8.0 ESXi STIG Readiness Guide",
+      "maintainer": "The Authors",
+      "summary": "An InSpec Compliance Profile",
+      "license": "Apache-2.0",
+      "copyright": "The Authors",
+      "supports": [],
+      "attributes": [],
+      "parent_profile": "vmware-vsphere-8.0-stig-baseline",
+      "groups": [
+        {
+          "id": "controls/ESXI-80-000005.rb",
+          "controls": [
+            "ESXI-80-000005"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000006.rb",
+          "controls": [
+            "ESXI-80-000006"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000008.rb",
+          "controls": [
+            "ESXI-80-000008"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000010.rb",
+          "controls": [
+            "ESXI-80-000010"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000014.rb",
+          "controls": [
+            "ESXI-80-000014"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000015.rb",
+          "controls": [
+            "ESXI-80-000015"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000035.rb",
+          "controls": [
+            "ESXI-80-000035"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000043.rb",
+          "controls": [
+            "ESXI-80-000043"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000047.rb",
+          "controls": [
+            "ESXI-80-000047"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000049.rb",
+          "controls": [
+            "ESXI-80-000049"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000052.rb",
+          "controls": [
+            "ESXI-80-000052"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000068.rb",
+          "controls": [
+            "ESXI-80-000068"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000085.rb",
+          "controls": [
+            "ESXI-80-000085"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000094.rb",
+          "controls": [
+            "ESXI-80-000094"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000111.rb",
+          "controls": [
+            "ESXI-80-000111"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000113.rb",
+          "controls": [
+            "ESXI-80-000113"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000114.rb",
+          "controls": [
+            "ESXI-80-000114"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000124.rb",
+          "controls": [
+            "ESXI-80-000124"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000133.rb",
+          "controls": [
+            "ESXI-80-000133"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000145.rb",
+          "controls": [
+            "ESXI-80-000145"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000160.rb",
+          "controls": [
+            "ESXI-80-000160"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000161.rb",
+          "controls": [
+            "ESXI-80-000161"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000187.rb",
+          "controls": [
+            "ESXI-80-000187"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000189.rb",
+          "controls": [
+            "ESXI-80-000189"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000191.rb",
+          "controls": [
+            "ESXI-80-000191"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000192.rb",
+          "controls": [
+            "ESXI-80-000192"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000193.rb",
+          "controls": [
+            "ESXI-80-000193"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000194.rb",
+          "controls": [
+            "ESXI-80-000194"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000195.rb",
+          "controls": [
+            "ESXI-80-000195"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000196.rb",
+          "controls": [
+            "ESXI-80-000196"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000198.rb",
+          "controls": [
+            "ESXI-80-000198"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000199.rb",
+          "controls": [
+            "ESXI-80-000199"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000201.rb",
+          "controls": [
+            "ESXI-80-000201"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000202.rb",
+          "controls": [
+            "ESXI-80-000202"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000203.rb",
+          "controls": [
+            "ESXI-80-000203"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000204.rb",
+          "controls": [
+            "ESXI-80-000204"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000205.rb",
+          "controls": [
+            "ESXI-80-000205"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000206.rb",
+          "controls": [
+            "ESXI-80-000206"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000207.rb",
+          "controls": [
+            "ESXI-80-000207"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000208.rb",
+          "controls": [
+            "ESXI-80-000208"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000209.rb",
+          "controls": [
+            "ESXI-80-000209"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000210.rb",
+          "controls": [
+            "ESXI-80-000210"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000211.rb",
+          "controls": [
+            "ESXI-80-000211"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000212.rb",
+          "controls": [
+            "ESXI-80-000212"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000213.rb",
+          "controls": [
+            "ESXI-80-000213"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000214.rb",
+          "controls": [
+            "ESXI-80-000214"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000215.rb",
+          "controls": [
+            "ESXI-80-000215"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000216.rb",
+          "controls": [
+            "ESXI-80-000216"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000217.rb",
+          "controls": [
+            "ESXI-80-000217"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000218.rb",
+          "controls": [
+            "ESXI-80-000218"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000219.rb",
+          "controls": [
+            "ESXI-80-000219"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000220.rb",
+          "controls": [
+            "ESXI-80-000220"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000221.rb",
+          "controls": [
+            "ESXI-80-000221"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000222.rb",
+          "controls": [
+            "ESXI-80-000222"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000223.rb",
+          "controls": [
+            "ESXI-80-000223"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000224.rb",
+          "controls": [
+            "ESXI-80-000224"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000225.rb",
+          "controls": [
+            "ESXI-80-000225"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000226.rb",
+          "controls": [
+            "ESXI-80-000226"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000227.rb",
+          "controls": [
+            "ESXI-80-000227"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000228.rb",
+          "controls": [
+            "ESXI-80-000228"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000229.rb",
+          "controls": [
+            "ESXI-80-000229"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000230.rb",
+          "controls": [
+            "ESXI-80-000230"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000231.rb",
+          "controls": [
+            "ESXI-80-000231"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000232.rb",
+          "controls": [
+            "ESXI-80-000232"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000233.rb",
+          "controls": [
+            "ESXI-80-000233"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000234.rb",
+          "controls": [
+            "ESXI-80-000234"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000235.rb",
+          "controls": [
+            "ESXI-80-000235"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000236.rb",
+          "controls": [
+            "ESXI-80-000236"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000237.rb",
+          "controls": [
+            "ESXI-80-000237"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000238.rb",
+          "controls": [
+            "ESXI-80-000238"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000239.rb",
+          "controls": [
+            "ESXI-80-000239"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000240.rb",
+          "controls": [
+            "ESXI-80-000240"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000241.rb",
+          "controls": [
+            "ESXI-80-000241"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000243.rb",
+          "controls": [
+            "ESXI-80-000243"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000244.rb",
+          "controls": [
+            "ESXI-80-000244"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000245.rb",
+          "controls": [
+            "ESXI-80-000245"
+          ]
+        },
+        {
+          "id": "controls/ESXI-80-000246.rb",
+          "controls": [
+            "ESXI-80-000246"
+          ]
+        }
+      ],
+      "controls": [
+        {
+          "id": "ESXI-80-000005",
+          "title": "The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.",
+          "desc": "By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountLockFailures\" value and verify it is set to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\nIf the \"Security.AccountLockFailures\" setting is set to a value other than \"3\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountLockFailures\" value and configure it to \"3\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000021-VMM-000050",
+            "gid": "V-ESXI-80-000005",
+            "rid": "SV-ESXI-80-000005",
+            "stig_id": "ESXI-80-000005",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000005' do\n  title 'The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.'\n  desc  'By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountLockFailures\\\" value and verify it is set to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\n    If the \\\"Security.AccountLockFailures\\\" setting is set to a value other than \\\"3\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountLockFailures\\\" value and configure it to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-VMM-000050'\n  tag gid: 'V-ESXI-80-000005'\n  tag rid: 'SV-ESXI-80-000005'\n  tag stig_id: 'ESXI-80-000005'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '3' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000005.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"3\"",
+              "run_time": 0.5624994,
+              "start_time": "2023-06-07T08:28:29-06:00",
+              "message": "\nexpected: 3\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000006",
+          "title": "The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).",
+          "desc": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Annotations.WelcomeMessage\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\nIf the \"Annotations.WelcomeMessage\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Annotations.WelcomeMessage\" value and set it to the following. Click \"OK\".\n\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\t{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n{bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \"<Banner text above>\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-VMM-000060",
+            "satisfies": [
+              "SRG-OS-000024-VMM-000070"
+            ],
+            "gid": "V-ESXI-80-000006",
+            "rid": "SV-ESXI-80-000006",
+            "stig_id": "ESXI-80-000006",
+            "cci": [
+              "CCI-000048",
+              "CCI-000050"
+            ],
+            "nist": [
+              "AC-8 a",
+              "AC-8 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000006' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Annotations.WelcomeMessage\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\n    If the \\\"Annotations.WelcomeMessage\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Annotations.WelcomeMessage\\\" value and set it to the following. Click \\\"OK\\\".\n\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\\t{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  <F2> Accept Conditions and Customize System / View Logs{/align}{align:right}<F12> Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag satisfies: ['SRG-OS-000024-VMM-000070']\n  tag gid: 'V-ESXI-80-000006'\n  tag rid: 'SV-ESXI-80-000006'\n  tag stig_id: 'ESXI-80-000006'\n  tag cci: ['CCI-000048', 'CCI-000050']\n  tag nist: ['AC-8 a', 'AC-8 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000006.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match \"You are accessing a U.S. Government\"",
+              "run_time": 0.0004147,
+              "start_time": "2023-06-07T08:28:29-06:00",
+              "message": "expected \"\" to match \"You are accessing a U.S. Government\"",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match \"I've read & consent to terms in IS user agreem't\"",
+              "run_time": 0.0002669,
+              "start_time": "2023-06-07T08:28:29-06:00",
+              "message": "expected \"\" to match \"I've read & consent to terms in IS user agreem't\"",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000008",
+          "title": "The ESXi host must enable lockdown mode.",
+          "desc": "Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\nBy forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nScroll down to \"Lockdown Mode\" and verify it is set to \"Enabled\" (Normal or Strict).\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Select Name,@{N=\"Lockdown\";E={$_.Extensiondata.Config.LockdownMode}}\n\nIf \"Lockdown Mode\" is disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\nClick edit and select either the \"Normal\" or \"Strict\" radio buttons.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$level = \"lockdownNormal\" OR \"lockdownStrict\"\n$vmhost = Get-VMHost -Name <hostname> | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.ChangeLockdownMode($level)\n\nNote: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000027-VMM-000080",
+            "gid": "V-ESXI-80-000008",
+            "rid": "SV-ESXI-80-000008",
+            "stig_id": "ESXI-80-000008",
+            "cci": [
+              "CCI-000054"
+            ],
+            "nist": [
+              "AC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000008' do\n  title 'The ESXi host must enable lockdown mode.'\n  desc  \"\n    Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\n    By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Scroll down to \\\"Lockdown Mode\\\" and verify it is set to \\\"Enabled\\\" (Normal or Strict).\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Select Name,@{N=\\\"Lockdown\\\";E={$_.Extensiondata.Config.LockdownMode}}\n\n    If \\\"Lockdown Mode\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile >> Lockdown Mode.\n\n    Click edit and select either the \\\"Normal\\\" or \\\"Strict\\\" radio buttons.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $level = \\\"lockdownNormal\\\" OR \\\"lockdownStrict\\\"\n    $vmhost = Get-VMHost -Name <hostname> | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.ChangeLockdownMode($level)\n\n    Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000027-VMM-000080'\n  tag gid: 'V-ESXI-80-000008'\n  tag rid: 'SV-ESXI-80-000008'\n  tag stig_id: 'ESXI-80-000008'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['lockdownNormal', 'lockdownStrict']\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).Extensiondata.Config.LockdownMode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000008.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-VMHost -Name 10.186.25.26).Extensiondata.Config.LockdownMode stdout.strip is expected to be in \"lockdownNormal\" and \"lockdownStrict\"",
+              "run_time": 2.2690875,
+              "start_time": "2023-06-07T08:28:29-06:00",
+              "message": "expected `lockdownDisabled` to be in the list: `[\"lockdownNormal\", \"lockdownStrict\"]`",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VMHost -Name 10.186.25.26).Extensiondata.Config.LockdownMode\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000010",
+          "title": "The ESXi host client must be configured with an idle session timeout.",
+          "desc": "The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.HostClientSessionTimeout\" value and verify it is set to \"900\" or less.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\nIf the \"UserVars.HostClientSessionTimeout\" setting is not set to \"900\" or less, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Fom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.HostClientSessionTimeout\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \"900\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000029-VMM-000100",
+            "gid": "V-ESXI-80-000010",
+            "rid": "SV-ESXI-80-000010",
+            "stig_id": "ESXI-80-000010",
+            "cci": [
+              "CCI-000057"
+            ],
+            "nist": [
+              "AC-11 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000010' do\n  title 'The ESXi host client must be configured with an idle session timeout.'\n  desc  'The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://<ESX FQDN>/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.HostClientSessionTimeout\\\" value and verify it is set to \\\"900\\\" or less.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\n    If the \\\"UserVars.HostClientSessionTimeout\\\" setting is not set to \\\"900\\\" or less, this is a finding.\n  \"\n  desc  'fix', \"\n    Fom the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.HostClientSessionTimeout\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \\\"900\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-VMM-000100'\n  tag gid: 'V-ESXI-80-000010'\n  tag rid: 'SV-ESXI-80-000010'\n  tag stig_id: 'ESXI-80-000010'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000010.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 900",
+              "run_time": 0.5977933,
+              "start_time": "2023-06-07T08:28:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000014",
+          "title": "The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.",
+          "desc": "Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\nOpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.security.fips140.ssh.get.invoke()\n\nExpected result:\n\nEnabled: true\n\nIf the FIPS mode is not enabled for SSH, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system security fips140 ssh set -e true\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n$arguments.enable = $true\n$esxcli.system.security.fips140.ssh.set.Invoke($arguments)"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000033-VMM-000140",
+            "gid": "V-ESXI-80-000014",
+            "rid": "SV-ESXI-80-000014",
+            "stig_id": "ESXI-80-000014",
+            "cci": [
+              "CCI-000068"
+            ],
+            "nist": [
+              "AC-17 (2)"
+            ]
+          },
+          "code": "control 'ESXI-80-000014' do\n  title 'The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.'\n  desc  \"\n    Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\n    OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.security.fips140.ssh.get.invoke()\n\n    Expected result:\n\n    Enabled: true\n\n    If the FIPS mode is not enabled for SSH, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh set -e true\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n    $arguments.enable = $true\n    $esxcli.system.security.fips140.ssh.set.Invoke($arguments)\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-VMM-000140'\n  tag gid: 'V-ESXI-80-000014'\n  tag rid: 'SV-ESXI-80-000014'\n  tag stig_id: 'ESXI-80-000014'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000014.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.5671294,
+              "start_time": "2023-06-07T08:28:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000015",
+          "title": "The ESXi must produce audit records containing information to establish what type of events occurred.",
+          "desc": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.log.level\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\nIf the \"Config.HostAgent.log.level\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.log.level\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \"info\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000037-VMM-000150",
+            "satisfies": [
+              "SRG-OS-000063-VMM-000310"
+            ],
+            "gid": "V-ESXI-80-000015",
+            "rid": "SV-ESXI-80-000015",
+            "stig_id": "ESXI-80-000015",
+            "cci": [
+              "CCI-000130",
+              "CCI-000171"
+            ],
+            "nist": [
+              "AU-12 b",
+              "AU-3"
+            ]
+          },
+          "code": "control 'ESXI-80-000015' do\n  title 'The ESXi must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.log.level\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\n    If the \\\"Config.HostAgent.log.level\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.log.level\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag satisfies: ['SRG-OS-000063-VMM-000310']\n  tag gid: 'V-ESXI-80-000015'\n  tag rid: 'SV-ESXI-80-000015'\n  tag stig_id: 'ESXI-80-000015'\n  tag cci: ['CCI-000130', 'CCI-000171']\n  tag nist: ['AU-12 b', 'AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000015.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"info\"",
+              "run_time": 0.745432,
+              "start_time": "2023-06-07T08:28:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000035",
+          "title": "The ESXi host must enforce password complexity by configuring a password quality policy.",
+          "desc": "To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\nThe use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordQualityControl\" value and verify it is set to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\nIf the \"Security.PasswordQualityControl\" setting is set to a value other than \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordQualityControl\" value and configure it to \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000069-VMM-000360",
+            "satisfies": [
+              "SRG-OS-000070-VMM-000370",
+              "SRG-OS-000071-VMM-000380",
+              "SRG-OS-000072-VMM-000390",
+              "SRG-OS-000078-VMM-000450",
+              "SRG-OS-000266-VMM-000940"
+            ],
+            "gid": "V-ESXI-80-000035",
+            "rid": "SV-ESXI-80-000035",
+            "stig_id": "ESXI-80-000035",
+            "cci": [
+              "CCI-000192",
+              "CCI-000193",
+              "CCI-000194",
+              "CCI-000195",
+              "CCI-000205",
+              "CCI-001619"
+            ],
+            "nist": [
+              "IA-5 (1) (a)",
+              "IA-5 (1) (b)"
+            ]
+          },
+          "code": "control 'ESXI-80-000035' do\n  title 'The ESXi host must enforce password complexity by configuring a password quality policy.'\n  desc  \"\n    To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\n    The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordQualityControl\\\" value and verify it is set to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\n    If the \\\"Security.PasswordQualityControl\\\" setting is set to a value other than \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordQualityControl\\\" value and configure it to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-VMM-000360'\n  tag satisfies: ['SRG-OS-000070-VMM-000370', 'SRG-OS-000071-VMM-000380', 'SRG-OS-000072-VMM-000390', 'SRG-OS-000078-VMM-000450', 'SRG-OS-000266-VMM-000940']\n  tag gid: 'V-ESXI-80-000035'\n  tag rid: 'SV-ESXI-80-000035'\n  tag stig_id: 'ESXI-80-000035'\n  tag cci: ['CCI-000192', 'CCI-000193', 'CCI-000194', 'CCI-000195', 'CCI-000205', 'CCI-001619']\n  tag nist: ['IA-5 (1) (a)', 'IA-5 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'similar=deny retry=3 min=disabled,disabled,disabled,disabled,15' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000035.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\"",
+              "run_time": 0.5948543,
+              "start_time": "2023-06-07T08:28:33-06:00",
+              "message": "\nexpected: similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\n     got: retry=3 min=disabled,disabled,disabled,7,7\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000043",
+          "title": "The ESXi host must prohibit password reuse for a minimum of five generations.",
+          "desc": "If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordHistory\" value and verify it is set to \"5\" or greater.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\nIf the \"Security.PasswordHistory\" setting is set to a value other than 5 or greater, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordHistory\" value and configure it to \"5\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000077-VMM-000440",
+            "gid": "V-ESXI-80-000043",
+            "rid": "SV-ESXI-80-000043",
+            "stig_id": "ESXI-80-000043",
+            "cci": [
+              "CCI-000200"
+            ],
+            "nist": [
+              "IA-5 (1) (e)"
+            ]
+          },
+          "code": "control 'ESXI-80-000043' do\n  title 'The ESXi host must prohibit password reuse for a minimum of five generations.'\n  desc  \"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordHistory\\\" value and verify it is set to \\\"5\\\" or greater.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\n    If the \\\"Security.PasswordHistory\\\" setting is set to a value other than 5 or greater, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordHistory\\\" value and configure it to \\\"5\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-VMM-000440'\n  tag gid: 'V-ESXI-80-000043'\n  tag rid: 'SV-ESXI-80-000043'\n  tag stig_id: 'ESXI-80-000043'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '5' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000043.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"5\"",
+              "run_time": 0.5999288,
+              "start_time": "2023-06-07T08:28:34-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000047",
+          "title": "The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).",
+          "desc": "The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.solo.enableMob\" value and verify it is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\nIf the \"Config.HostAgent.plugins.solo.enableMob\" setting is not set to \"false\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.solo.enableMob\" value and configure it to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-VMM-000480",
+            "gid": "V-ESXI-80-000047",
+            "rid": "SV-ESXI-80-000047",
+            "stig_id": "ESXI-80-000047",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000047' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).'\n  desc  'The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and verify it is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\n    If the \\\"Config.HostAgent.plugins.solo.enableMob\\\" setting is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and configure it to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000047'\n  tag rid: 'SV-ESXI-80-000047'\n  tag stig_id: 'ESXI-80-000047'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000047.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.5672678,
+              "start_time": "2023-06-07T08:28:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000049",
+          "title": "The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.",
+          "desc": "Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\nNote: If the Active Directory group \"ESX Admins\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nVerify the \"Directory Services Type\" is set to \"Active Directory\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication\n\nFor systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\nIf the \"Directory Services Type\" is not set to \"Active Directory\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Authentication Services.\n\nClick \"Join Domain...\" and enter the AD domain to join.\n\nSelect the \"Using credentials\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \"user@domain\"). Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \"domain name\" -User \"username\" -Password \"password\"\n\nIf any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000104-VMM-000500",
+            "satisfies": [
+              "SRG-OS-000109-VMM-000550",
+              "SRG-OS-000112-VMM-000560",
+              "SRG-OS-000113-VMM-000570",
+              "SRG-OS-000123-VMM-000620"
+            ],
+            "gid": "V-ESXI-80-000049",
+            "rid": "SV-ESXI-80-000049",
+            "stig_id": "ESXI-80-000049",
+            "cci": [
+              "CCI-000764",
+              "CCI-000770",
+              "CCI-001682",
+              "CCI-001941",
+              "CCI-001942"
+            ],
+            "nist": [
+              "AC-2 (2)",
+              "IA-2",
+              "IA-2 (5)",
+              "IA-2 (8)",
+              "IA-2 (9)"
+            ]
+          },
+          "code": "control 'ESXI-80-000049' do\n  title 'The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.'\n  desc  \"\n    Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\n    Note: If the Active Directory group \\\"ESX Admins\\\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Verify the \\\"Directory Services Type\\\" is set to \\\"Active Directory\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication\n\n    For systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\n    If the \\\"Directory Services Type\\\" is not set to \\\"Active Directory\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Authentication Services.\n\n    Click \\\"Join Domain...\\\" and enter the AD domain to join.\n\n    Select the \\\"Using credentials\\\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \\\"user@domain\\\"). Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \\\"domain name\\\" -User \\\"username\\\" -Password \\\"password\\\"\n\n    If any local user accounts are present besides root and service accounts, delete them by going to Host UI >> Manage >> Security & Users >> Users.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000104-VMM-000500'\n  tag satisfies: ['SRG-OS-000109-VMM-000550', 'SRG-OS-000112-VMM-000560', 'SRG-OS-000113-VMM-000570', 'SRG-OS-000123-VMM-000620']\n  tag gid: 'V-ESXI-80-000049'\n  tag rid: 'SV-ESXI-80-000049'\n  tag stig_id: 'ESXI-80-000049'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-001682', 'CCI-001941', 'CCI-001942']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-2 (8)', 'IA-2 (9)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if input('adJoined')\n      list = ['Joined', 'Ok']\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should be_in list }\n        end\n      end\n    else\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp '' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000049.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus stdout.strip is expected to cmp == \"\"",
+              "run_time": 0.0002824,
+              "start_time": "2023-06-07T08:28:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000052",
+          "title": "The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.",
+          "desc": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\nExpected result:\n\nignorerhosts yes\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nIgnoreRhosts yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000107-VMM-000530",
+            "gid": "V-ESXI-80-000052",
+            "rid": "SV-ESXI-80-000052",
+            "stig_id": "ESXI-80-000052",
+            "cci": [
+              "CCI-000767"
+            ],
+            "nist": [
+              "IA-2 (3)"
+            ]
+          },
+          "code": "control 'ESXI-80-000052' do\n  title 'The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.'\n  desc  'SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\n    Expected result:\n\n    ignorerhosts yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000107-VMM-000530'\n  tag gid: 'V-ESXI-80-000052'\n  tag rid: 'SV-ESXI-80-000052'\n  tag stig_id: 'ESXI-80-000052'\n  tag cci: ['CCI-000767']\n  tag nist: ['IA-2 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000052.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 2.37e-05,
+              "start_time": "2023-06-07T08:28:35-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000068",
+          "title": "The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.",
+          "desc": "If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellInteractiveTimeOut\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\nIf the \"UserVars.ESXiShellInteractiveTimeOut\" setting is set to a value greater than \"900\" or \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellInteractiveTimeOut\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-VMM-000700",
+            "satisfies": [
+              "SRG-OS-000279-VMM-001010"
+            ],
+            "gid": "V-ESXI-80-000068",
+            "rid": "SV-ESXI-80-000068",
+            "stig_id": "ESXI-80-000068",
+            "cci": [
+              "CCI-001133",
+              "CCI-002361"
+            ],
+            "nist": [
+              "AC-12",
+              "SC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000068' do\n  title 'The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.'\n  desc  'If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\n    If the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" setting is set to a value greater than \\\"900\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag satisfies: ['SRG-OS-000279-VMM-001010']\n  tag gid: 'V-ESXI-80-000068'\n  tag rid: 'SV-ESXI-80-000068'\n  tag stig_id: 'ESXI-80-000068'\n  tag cci: ['CCI-001133', 'CCI-002361']\n  tag nist: ['AC-12', 'SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000068.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 900",
+              "run_time": 0.793578,
+              "start_time": "2023-06-07T08:28:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0",
+              "run_time": 0.0004461,
+              "start_time": "2023-06-07T08:28:36-06:00",
+              "message": "\nexpected: 0\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000085",
+          "title": "The ESXi host must implement Secure Boot enforcement.",
+          "desc": "Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\nExpected result:\n\nRequire Secure Boot: true\n\nIf \"Require Secure Boot\" is not enable, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\nFrom an ESXi shell, run the following commands:\n\n# esxcli system settings encryption set --require-secure-boot=true\n# /sbin/auto-backup.sh\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.requiresecureboot = $true\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000257-VMM-000910",
+            "satisfies": [
+              "SRG-OS-000258-VMM-000920",
+              "SRG-OS-000445-VMM-001780",
+              "SRG-OS-000446-VMM-001790"
+            ],
+            "gid": "V-ESXI-80-000085",
+            "rid": "SV-ESXI-80-000085",
+            "stig_id": "ESXI-80-000085",
+            "cci": [
+              "CCI-001494",
+              "CCI-001495",
+              "CCI-002696",
+              "CCI-002699"
+            ],
+            "nist": [
+              "AU-9",
+              "SI-6 a",
+              "SI-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000085' do\n  title 'The ESXi host must implement Secure Boot enforcement.'\n  desc  \"\n    Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\n    Expected result:\n\n    Require Secure Boot: true\n\n    If \\\"Require Secure Boot\\\" is not enable, this is a finding.\n  \"\n  desc 'fix', \"\n    This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings encryption set --require-secure-boot=true\n    # /sbin/auto-backup.sh\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.requiresecureboot = $true\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000257-VMM-000910'\n  tag satisfies: ['SRG-OS-000258-VMM-000920', 'SRG-OS-000445-VMM-001780', 'SRG-OS-000446-VMM-001790']\n  tag gid: 'V-ESXI-80-000085'\n  tag rid: 'SV-ESXI-80-000085'\n  tag stig_id: 'ESXI-80-000085'\n  tag cci: ['CCI-001494', 'CCI-001495', 'CCI-002696', 'CCI-002699']\n  tag nist: ['AU-9', 'SI-6 a', 'SI-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000085.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.3651025,
+              "start_time": "2023-06-07T08:28:36-06:00",
+              "message": "\nexpected: true\n     got: false\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000094",
+          "title": "The ESXi host must enable Secure Boot.",
+          "desc": "Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\nSecure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \"turn on\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\nIf Secure Boot is not \"Enabled\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\nIf the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\nOnce all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\nTo enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000278-VMM-001000",
+            "gid": "V-ESXI-80-000094",
+            "rid": "SV-ESXI-80-000094",
+            "stig_id": "ESXI-80-000094",
+            "cci": [
+              "CCI-001496"
+            ],
+            "nist": [
+              "AU-9 (3)"
+            ]
+          },
+          "code": "control 'ESXI-80-000094' do\n  title 'The ESXi host must enable Secure Boot.'\n  desc  \"\n    Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \\\"turn on\\\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\n    If Secure Boot is not \\\"Enabled\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\n    If the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\n    Once all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\n    To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-VMM-001000'\n  tag gid: 'V-ESXI-80-000094'\n  tag rid: 'SV-ESXI-80-000094'\n  tag stig_id: 'ESXI-80-000094'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000094.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.35e-05,
+              "start_time": "2023-06-07T08:28:36-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000111",
+          "title": "The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.",
+          "desc": "By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.AccountUnlockTime\" value and verify it is set to less than \"900\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\nIf the \"Security.AccountUnlockTime\" setting is less than 900 or 0, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.AccountUnlockTime\" value and configure it to \"900\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000329-VMM-001180",
+            "gid": "V-ESXI-80-000111",
+            "rid": "SV-ESXI-80-000111",
+            "stig_id": "ESXI-80-000111",
+            "cci": [
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000111' do\n  title 'The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.'\n  desc  'By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.AccountUnlockTime\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\n    If the \\\"Security.AccountUnlockTime\\\" setting is less than 900 or 0, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountUnlockTime\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000329-VMM-001180'\n  tag gid: 'V-ESXI-80-000111'\n  tag rid: 'SV-ESXI-80-000111'\n  tag stig_id: 'ESXI-80-000111'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000111.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 900",
+              "run_time": 0.7289838,
+              "start_time": "2023-06-07T08:28:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0",
+              "run_time": 0.0003639,
+              "start_time": "2023-06-07T08:28:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000113",
+          "title": "The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.",
+          "desc": "In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\nIf a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageCapacity\" value and verify it is set to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\nIf the \"Syslog.global.auditRecord.storageCapacity\" setting is not set to 100, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageCapacity\" value and configure it to \"100\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000341-VMM-001220",
+            "gid": "V-ESXI-80-000113",
+            "rid": "SV-ESXI-80-000113",
+            "stig_id": "ESXI-80-000113",
+            "cci": [
+              "CCI-001849"
+            ],
+            "nist": [
+              "AU-4"
+            ]
+          },
+          "code": "control 'ESXI-80-000113' do\n  title 'The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.'\n  desc  \"\n    In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\n    If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and verify it is set to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\n    If the \\\"Syslog.global.auditRecord.storageCapacity\\\" setting is not set to 100, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and configure it to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000113'\n  tag rid: 'SV-ESXI-80-000113'\n  tag stig_id: 'ESXI-80-000113'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '100' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000113.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"100\"",
+              "run_time": 0.5391943,
+              "start_time": "2023-06-07T08:28:37-06:00",
+              "message": "\nexpected: 100\n     got: 4\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000114",
+          "title": "The ESXi host must off-load logs via syslog.",
+          "desc": "Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\nLogging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logHost\" value and verify it is set to a site-specific syslog server.\n\nSyslog servers are specified in the following formats:\n\nudp://<IP or FQDN>:514\ntcp://<IP or FQDN>:514\nssl://<IP or FQDN>:1514\n\nMultiple servers can also be specified when separated by commas.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\nIf the \"Syslog.global.logHost\" setting is not set to a valid, site-specific syslog server, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logHost\" value and configure it to a site-specific syslog server.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \"enter site specific servers\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-VMM-001230",
+            "satisfies": [
+              "SRG-OS-000274-VMM-000960",
+              "SRG-OS-000275-VMM-000970",
+              "SRG-OS-000277-VMM-000990",
+              "SRG-OS-000479-VMM-001990"
+            ],
+            "gid": "V-ESXI-80-000114",
+            "rid": "SV-ESXI-80-000114",
+            "stig_id": "ESXI-80-000114",
+            "cci": [
+              "CCI-001683",
+              "CCI-001684",
+              "CCI-001686",
+              "CCI-001851"
+            ],
+            "nist": [
+              "AC-2 (4)",
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'ESXI-80-000114' do\n  title 'The ESXi host must off-load logs via syslog.'\n  desc  \"\n    Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\n    Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logHost\\\" value and verify it is set to a site-specific syslog server.\n\n    Syslog servers are specified in the following formats:\n\n    udp://<IP or FQDN>:514\n    tcp://<IP or FQDN>:514\n    ssl://<IP or FQDN>:1514\n\n    Multiple servers can also be specified when separated by commas.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\n    If the \\\"Syslog.global.logHost\\\" setting is not set to a valid, site-specific syslog server, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logHost\\\" value and configure it to a site-specific syslog server.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \\\"enter site specific servers\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag satisfies: ['SRG-OS-000274-VMM-000960', 'SRG-OS-000275-VMM-000970', 'SRG-OS-000277-VMM-000990', 'SRG-OS-000479-VMM-001990']\n  tag gid: 'V-ESXI-80-000114'\n  tag rid: 'SV-ESXI-80-000114'\n  tag stig_id: 'ESXI-80-000114'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001686', 'CCI-001851']\n  tag nist: ['AC-2 (4)', 'AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('syslogServer')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000114.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"tcp://log.test.local:514\"",
+              "run_time": 0.6258534,
+              "start_time": "2023-06-07T08:28:38-06:00",
+              "message": "\nexpected: tcp://log.test.local:514\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000124",
+          "title": "The ESXi host must synchronize internal information system clocks to an authoritative time source.",
+          "desc": "To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nVerify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nVerify the NTP or PTP service is running and configured to start and stop with the host.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostNTPServer\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\" -or $_.Label -eq \"PTP Daemon\"}\n\nIf the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\"Policy\" of \"on\" in PowerCLI) or is stopped, this is a finding.\nIf PTP is used instead of NTP, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To configure NTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Network Time Protocol\".\n\nEnter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"NTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$NTPServers = \"ntpserver1\",\"ntpserver2\"\nGet-VMHost | Add-VMHostNTPServer $NTPServers\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Set-VMHostService -Policy On\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"NTP Daemon\"} | Start-VMHostService\n\nTo configure PTP, perform the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Time Configuration.\n\nClick \"Add Service\" and select \"Precision Time Protocol\".\n\nSelect the network adapter that can receive the PTP traffic.\n\nIf NTP servers are available, select \"Enable fallback\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \"OK\".\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nSelect the \"PTP Daemon\" service and click \"Edit Startup Policy\".\n\nSelect \"Start and stop with host\". Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000355-VMM-001330",
+            "satisfies": [
+              "SRG-OS-000356-VMM-001340"
+            ],
+            "gid": "V-ESXI-80-000124",
+            "rid": "SV-ESXI-80-000124",
+            "stig_id": "ESXI-80-000124",
+            "cci": [
+              "CCI-001891",
+              "CCI-002046"
+            ],
+            "nist": [
+              "AU-8 (1) (a)",
+              "AU-8 (1) (b)"
+            ]
+          },
+          "code": "control 'ESXI-80-000124' do\n  title 'The ESXi host must synchronize internal information system clocks to an authoritative time source.'\n  desc  'To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Verify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Verify the NTP or PTP service is running and configured to start and stop with the host.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostNTPServer\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\" -or $_.Label -eq \\\"PTP Daemon\\\"}\n\n    If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\\\"Policy\\\" of \\\"on\\\" in PowerCLI) or is stopped, this is a finding.\n    If PTP is used instead of NTP, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    To configure NTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Network Time Protocol\\\".\n\n    Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"NTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $NTPServers = \\\"ntpserver1\\\",\\\"ntpserver2\\\"\n    Get-VMHost | Add-VMHostNTPServer $NTPServers\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Set-VMHostService -Policy On\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Start-VMHostService\n\n    To configure PTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Precision Time Protocol\\\".\n\n    Select the network adapter that can receive the PTP traffic.\n\n    If NTP servers are available, select \\\"Enable fallback\\\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Select the \\\"PTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-VMM-001330'\n  tag satisfies: ['SRG-OS-000356-VMM-001340']\n  tag gid: 'V-ESXI-80-000124'\n  tag rid: 'SV-ESXI-80-000124'\n  tag stig_id: 'ESXI-80-000124'\n  tag cci: ['CCI-001891', 'CCI-002046']\n  tag nist: ['AU-8 (1) (a)', 'AU-8 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'on' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      results = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-VMHostNTPServer\").stdout\n      if !results.empty?\n        results.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n          describe \"NTP Server: #{result} for VMHost: #{vmhost}\" do\n            subject { result }\n            it { should be_in \"#{input('esxiNtpServers')}\" }\n          end\n        end\n      else\n        describe \"No NTP servers found on VMhost: #{vmhost}\" do\n          subject { results }\n          it { should_not be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000124.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"on\"",
+              "run_time": 0.4038671,
+              "start_time": "2023-06-07T08:28:38-06:00",
+              "message": "\nexpected: on\n     got: off\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.40368,
+              "start_time": "2023-06-07T08:28:39-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "No NTP servers found on VMhost: 10.186.25.26 is expected not to be empty",
+              "run_time": 0.0281583,
+              "start_time": "2023-06-07T08:28:39-06:00",
+              "message": "expected `\"\".empty?` to be falsey, got true",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No NTP servers found on VMhost: 10.186.25.26"
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000133",
+          "title": "The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.",
+          "desc": "Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n1. VMwareCertified - VIBs created, tested, and signed by VMware.\n2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\nCommunity Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\" view the acceptance level.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.software.acceptance.get.Invoke()\n\nIf the acceptance level is \"CommunitySupported\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Host Image Profile Acceptance Level\", click \"Edit\".\n\nUsing the drop-down selection, set the acceptance level as \"VMwareCertified\", \"VMwareAccepted\", or \"PartnerSupported\". The default is \"PartnerSupported\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.software.acceptance.set.CreateArgs()\n$arguments.level = \"PartnerSupported\"\n$esxcli.software.acceptance.set.Invoke($arguments)\n\nNote: \"VMwareCertified\" or \"VMwareAccepted\" may be substituted for \"PartnerSupported\", depending on local requirements. These are case sensitive."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000366-VMM-001430",
+            "satisfies": [
+              "SRG-OS-000370-VMM-001460"
+            ],
+            "gid": "V-ESXI-80-000133",
+            "rid": "SV-ESXI-80-000133",
+            "stig_id": "ESXI-80-000133",
+            "cci": [
+              "CCI-001749",
+              "CCI-001774"
+            ],
+            "nist": [
+              "CM-5 (3)",
+              "CM-7 (5) (b)"
+            ]
+          },
+          "code": "control 'ESXI-80-000133' do\n  title 'The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.'\n  desc  \"\n    Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n    1. VMwareCertified - VIBs created, tested, and signed by VMware.\n    2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n    3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n    4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\n    Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\" view the acceptance level.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.software.acceptance.get.Invoke()\n\n    If the acceptance level is \\\"CommunitySupported\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\", click \\\"Edit\\\".\n\n    Using the drop-down selection, set the acceptance level as \\\"VMwareCertified\\\", \\\"VMwareAccepted\\\", or \\\"PartnerSupported\\\". The default is \\\"PartnerSupported\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.software.acceptance.set.CreateArgs()\n    $arguments.level = \\\"PartnerSupported\\\"\n    $esxcli.software.acceptance.set.Invoke($arguments)\n\n    Note: \\\"VMwareCertified\\\" or \\\"VMwareAccepted\\\" may be substituted for \\\"PartnerSupported\\\", depending on local requirements. These are case sensitive.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-VMM-001430'\n  tag satisfies: ['SRG-OS-000370-VMM-001460']\n  tag gid: 'V-ESXI-80-000133'\n  tag rid: 'SV-ESXI-80-000133'\n  tag stig_id: 'ESXI-80-000133'\n  tag cci: ['CCI-001749', 'CCI-001774']\n  tag nist: ['CM-5 (3)', 'CM-7 (5) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['PartnerSupported', 'VMwareCertified', 'VMwareAccepted']\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000133.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke() stdout.strip is expected to be in \"PartnerSupported\", \"VMwareCertified\", and \"VMwareAccepted\"",
+              "run_time": 2.9816989,
+              "start_time": "2023-06-07T08:28:39-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000145",
+          "title": "The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.",
+          "desc": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If iSCSI is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication >> Method.\n\nView the CHAP configuration and verify CHAP is required for target and host authentication.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\nIf iSCSI is used and CHAP is not set to \"required\" for both the target and host, this is a finding.\n\nIf iSCSI is used and unique CHAP secrets are not used for each host, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\nSelect the iSCSI adapter >> Properties >> Authentication.\n\nClick \"Edit...\". Set \"Authentication Method\" to \"Use bidirectional CHAP\" and enter a unique secret for each traffic flow direction.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostHba | Where {$_.Type -eq \"iscsi\"} | Set-VMHostHba -ChapType Required -ChapName \"chapname\" -ChapPassword \"password\" -MutualChapEnabled $true -MutualChapName \"mutualchapname\" -MutualChapPassword \"mutualpassword\""
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000379-VMM-001550",
+            "gid": "V-ESXI-80-000145",
+            "rid": "SV-ESXI-80-000145",
+            "stig_id": "ESXI-80-000145",
+            "cci": [
+              "CCI-001967"
+            ],
+            "nist": [
+              "IA-3 (1)"
+            ]
+          },
+          "code": "control 'ESXI-80-000145' do\n  title 'The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If iSCSI is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication >> Method.\n\n    View the CHAP configuration and verify CHAP is required for target and host authentication.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\n    If iSCSI is used and CHAP is not set to \\\"required\\\" for both the target and host, this is a finding.\n\n    If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Storage >> Storage Adapters.\n\n    Select the iSCSI adapter >> Properties >> Authentication.\n\n    Click \\\"Edit...\\\". Set \\\"Authentication Method\\\" to \\\"Use bidirectional CHAP\\\" and enter a unique secret for each traffic flow direction.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Set-VMHostHba -ChapType Required -ChapName \\\"chapname\\\" -ChapPassword \\\"password\\\" -MutualChapEnabled $true -MutualChapName \\\"mutualchapname\\\" -MutualChapPassword \\\"mutualpassword\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000379-VMM-001550'\n  tag gid: 'V-ESXI-80-000145'\n  tag rid: 'SV-ESXI-80-000145'\n  tag stig_id: 'ESXI-80-000145'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(command).stdout\n\n      if iscsi_hbas.empty?\n        impact 0.0\n        describe '' do\n          skip 'There are no iSCSI HBAs present so this control is Not Applicable'\n        end\n      else\n        command1 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty MutualChapEnabled\"\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty ChapType\"\n        describe powercli_command(command1) do\n          its('stdout.strip') { should cmp 'True' }\n        end\n        describe powercli_command(command2) do\n          its('stdout.strip') { should cmp 'Required' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000145.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 1.31e-05,
+              "start_time": "2023-06-07T08:28:42-06:00",
+              "resource": "",
+              "skip_message": "There are no iSCSI HBAs present so this control is Not Applicable",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000160",
+          "title": "The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.",
+          "desc": "While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\nThe vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\nIf long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\nIf the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of the vMotion VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to vMotion traffic exclusively. Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-VMM-001700",
+            "gid": "V-ESXI-80-000160",
+            "rid": "SV-ESXI-80-000160",
+            "stig_id": "ESXI-80-000160",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'ESXI-80-000160' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.'\n  desc  \"\n    While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\n    The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\n    If long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\n    If the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the vMotion VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to vMotion traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000160'\n  tag rid: 'SV-ESXI-80-000160'\n  tag stig_id: 'ESXI-80-000160'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VMotionEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      if vmks.empty?\n        describe '' do\n          skip 'There are no VMKernel adapters with vMotion enabled so this control is N/A.'\n        end\n      else\n        vmks.split.each do |vmk|\n          # Check to see if vMotion and any other services are enabled on the same VMkernel adapter\n          command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should be_empty }\n          end\n          # Get vMotion Port Group Name\n          command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n          pgname = powercli_command(command3).stdout.strip\n          # Test standard port groups\n          command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" -Standard | Select-Object -ExpandProperty VlanId\"\n          stdpgs = powercli_command(command4).stdout.strip\n          unless stdpgs.empty?\n            describe 'Checking standand port group VLAN ID' do\n              subject { stdpgs }\n              it { should cmp \"#{input('vMotionVlanId')}\" }\n            end\n          end\n          describe 'SA Interview' do\n            skip 'SA also needs to confirm this VLAN is dedicated to vMotion and not routable except to other ESXi hosts.'\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000160.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 7.4e-06,
+              "start_time": "2023-06-07T08:28:42-06:00",
+              "resource": "",
+              "skip_message": "There are no VMKernel adapters with vMotion enabled so this control is N/A.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000161",
+          "title": "The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.",
+          "desc": "TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\nMandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\nOn interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\nModify TLS settings in the following order:\n1. vCenter.\n2. ESXi."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiVPsDisabledProtocols\" value and verify it is set to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\nIf the \"UserVars.ESXiVPsDisabledProtocols\" setting is set to a value other than \"sslv3,tlsv1,tlsv1.1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiVPsDisabledProtocols\" value and configure it to \"sslv3,tlsv1,tlsv1.1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \"sslv3,tlsv1,tlsv1.1\""
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000425-VMM-001710",
+            "satisfies": [
+              "SRG-OS-000426-VMM-001720"
+            ],
+            "gid": "V-ESXI-80-000161",
+            "rid": "SV-ESXI-80-000161",
+            "stig_id": "ESXI-80-000161",
+            "cci": [
+              "CCI-002420",
+              "CCI-002422"
+            ],
+            "nist": [
+              "SC-8 (2)"
+            ]
+          },
+          "code": "control 'ESXI-80-000161' do\n  title 'The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.'\n  desc  \"\n    TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\n    Mandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\n    On interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\n    Modify TLS settings in the following order:\n    1. vCenter.\n    2. ESXi.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and verify it is set to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\n    If the \\\"UserVars.ESXiVPsDisabledProtocols\\\" setting is set to a value other than \\\"sslv3,tlsv1,tlsv1.1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and configure it to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \\\"sslv3,tlsv1,tlsv1.1\\\"\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000425-VMM-001710'\n  tag satisfies: ['SRG-OS-000426-VMM-001720']\n  tag gid: 'V-ESXI-80-000161'\n  tag rid: 'SV-ESXI-80-000161'\n  tag stig_id: 'ESXI-80-000161'\n  tag cci: ['CCI-002420', 'CCI-002422']\n  tag nist: ['SC-8 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'sslv3,tlsv1,tlsv1.1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000161.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"sslv3,tlsv1,tlsv1.1\"",
+              "run_time": 0.5876098,
+              "start_time": "2023-06-07T08:28:42-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000187",
+          "title": "The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.",
+          "desc": "Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\nExpected result:\n\nciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCiphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\nNote: The ciphers line must be after the FipsMode setting."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000478-VMM-001980",
+            "gid": "V-ESXI-80-000187",
+            "rid": "SV-ESXI-80-000187",
+            "stig_id": "ESXI-80-000187",
+            "cci": [
+              "CCI-002450"
+            ],
+            "nist": [
+              "SC-13"
+            ]
+          },
+          "code": "control 'ESXI-80-000187' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.'\n  desc  'Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\n    Expected result:\n\n    ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    Note: The ciphers line must be after the FipsMode setting.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000478-VMM-001980'\n  tag gid: 'V-ESXI-80-000187'\n  tag rid: 'SV-ESXI-80-000187'\n  tag stig_id: 'ESXI-80-000187'\n  tag cci: ['CCI-002450']\n  tag nist: ['SC-13']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000187.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.18e-05,
+              "start_time": "2023-06-07T08:28:43-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000189",
+          "title": "The ESXi host DCUI.Access list must be verified.",
+          "desc": "Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\nThe \"DCUI.Access\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"DCUI.Access\" value and verify only the root user is listed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\nIf the \"DCUI.Access\" is not restricted to \"root\", this is a finding.\n\nNote: This list is only for local user accounts and should only contain the root user."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"DCUI.Access\" value and configure it to \"root\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \"root\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000189",
+            "rid": "SV-ESXI-80-000189",
+            "stig_id": "ESXI-80-000189",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000189' do\n  title 'The ESXi host DCUI.Access list must be verified.'\n  desc  \"\n    Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\n    The \\\"DCUI.Access\\\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"DCUI.Access\\\" value and verify only the root user is listed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\n    If the \\\"DCUI.Access\\\" is not restricted to \\\"root\\\", this is a finding.\n\n    Note: This list is only for local user accounts and should only contain the root user.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"DCUI.Access\\\" value and configure it to \\\"root\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \\\"root\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000189'\n  tag rid: 'SV-ESXI-80-000189'\n  tag stig_id: 'ESXI-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'root' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000189.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"root\"",
+              "run_time": 0.5751131,
+              "start_time": "2023-06-07T08:28:43-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000191",
+          "title": "The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).",
+          "desc": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.Etc.issue\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\nIf the \"Config.Etc.issue\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.Etc.issue\" value and set it to the following:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \"<Banner text above>\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-VMM-000060",
+            "gid": "V-ESXI-80-000191",
+            "rid": "SV-ESXI-80-000191",
+            "stig_id": "ESXI-80-000191",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000191' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.Etc.issue\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\n    If the \\\"Config.Etc.issue\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.Etc.issue\\\" value and set it to the following:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \\\"<Banner text above>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000191'\n  tag rid: 'SV-ESXI-80-000191'\n  tag stig_id: 'ESXI-80-000191'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read & consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000191.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match \"You are accessing a U.S. Government\"",
+              "run_time": 0.0004146,
+              "start_time": "2023-06-07T08:28:43-06:00",
+              "message": "expected \"\" to match \"You are accessing a U.S. Government\"",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match \"I've read & consent to terms in IS user agreem't\"",
+              "run_time": 0.0002882,
+              "start_time": "2023-06-07T08:28:43-06:00",
+              "message": "expected \"\" to match \"I've read & consent to terms in IS user agreem't\"",
+              "exception": "RSpec::Core::MultipleExceptionError",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000192",
+          "title": "The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.",
+          "desc": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\nExpected result:\n\nbanner /etc/issue\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, navigate to and open:\n\n/etc/ssh/sshd_config\n\nEnsure that the \"Banner\" line is uncommented and set to the following:\n\nBanner /etc/issue\n\nRestart SSH from the UI or run the following command:\n\n# /etc/init.d/SSH restart"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000023-VMM-000060",
+            "gid": "V-ESXI-80-000192",
+            "rid": "SV-ESXI-80-000192",
+            "stig_id": "ESXI-80-000192",
+            "cci": [
+              "CCI-000048"
+            ],
+            "nist": [
+              "AC-8 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000192' do\n  title 'The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\n    Expected result:\n\n    banner /etc/issue\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, navigate to and open:\n\n    /etc/ssh/sshd_config\n\n    Ensure that the \\\"Banner\\\" line is uncommented and set to the following:\n\n    Banner /etc/issue\n\n    Restart SSH from the UI or run the following command:\n\n    # /etc/init.d/SSH restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000192'\n  tag rid: 'SV-ESXI-80-000192'\n  tag stig_id: 'ESXI-80-000192'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000192.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 9.8e-06,
+              "start_time": "2023-06-07T08:28:43-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000193",
+          "title": "The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).",
+          "desc": "The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\nThe ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"SSH\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"}\n\nIf the SSH service is \"Running\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"SSH\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"SSH\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-VMM-000480",
+            "satisfies": [
+              "SRG-OS-000297-VMM-001040",
+              "SRG-OS-000298-VMM-001050"
+            ],
+            "gid": "V-ESXI-80-000193",
+            "rid": "SV-ESXI-80-000193",
+            "stig_id": "ESXI-80-000193",
+            "cci": [
+              "CCI-000381",
+              "CCI-002314",
+              "CCI-002322"
+            ],
+            "nist": [
+              "AC-17 (1)",
+              "AC-17 (9)",
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000193' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).'\n  desc  \"\n    The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\n    The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"SSH\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"}\n\n    If the SSH service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"SSH\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag satisfies: ['SRG-OS-000297-VMM-001040', 'SRG-OS-000298-VMM-001050']\n  tag gid: 'V-ESXI-80-000193'\n  tag rid: 'SV-ESXI-80-000193'\n  tag stig_id: 'ESXI-80-000193'\n  tag cci: ['CCI-000381', 'CCI-002314', 'CCI-002322']\n  tag nist: ['AC-17 (1)', 'AC-17 (9)', 'CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000193.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"",
+              "run_time": 0.3652447,
+              "start_time": "2023-06-07T08:28:43-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4405619,
+              "start_time": "2023-06-07T08:28:44-06:00",
+              "message": "\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000194",
+          "title": "The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.",
+          "desc": "The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\nThe ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder Services, locate the \"ESXi Shell\" service and verify it is \"Stopped\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"}\n\nIf the ESXi Shell service is \"Running\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", select the \"ESXi Shell\" service and click the \"Stop\" button.\n\nClick the \"Edit Startup policy...\" button.\n\nSelect the \"Start and stop manually\" radio button.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"ESXi Shell\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000095-VMM-000480",
+            "gid": "V-ESXI-80-000194",
+            "rid": "SV-ESXI-80-000194",
+            "stig_id": "ESXI-80-000194",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'ESXI-80-000194' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.'\n  desc  \"\n    The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\n    The ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under Services, locate the \\\"ESXi Shell\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"}\n\n    If the ESXi Shell service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", select the \\\"ESXi Shell\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000194'\n  tag rid: 'SV-ESXI-80-000194'\n  tag stig_id: 'ESXI-80-000194'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000194.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"",
+              "run_time": 0.3740105,
+              "start_time": "2023-06-07T08:28:44-06:00",
+              "message": "\nexpected: off\n     got: on\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3756545,
+              "start_time": "2023-06-07T08:28:44-06:00",
+              "message": "\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000195",
+          "title": "The ESXi host must automatically stop shell services after ten minutes.",
+          "desc": "When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.ESXiShellTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\nIf the \"UserVars.ESXiShellTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.ESXiShellTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-VMM-000700",
+            "gid": "V-ESXI-80-000195",
+            "rid": "SV-ESXI-80-000195",
+            "stig_id": "ESXI-80-000195",
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000195' do\n  title 'The ESXi host must automatically stop shell services after ten minutes.'\n  desc  'When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\n    If the \\\"UserVars.ESXiShellTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000195'\n  tag rid: 'SV-ESXI-80-000195'\n  tag stig_id: 'ESXI-80-000195'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000195.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 600",
+              "run_time": 0.599973,
+              "start_time": "2023-06-07T08:28:45-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0",
+              "run_time": 0.0003577,
+              "start_time": "2023-06-07T08:28:45-06:00",
+              "message": "\nexpected: 0\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000196",
+          "title": "The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.",
+          "desc": "When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.DcuiTimeOut\" value and verify it is set to less than \"600\" and not \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\nIf the \"UserVars.DcuiTimeOut\" setting is set to a value greater than \"600\" or \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.DcuiTimeOut\" value and configure it to \"600\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000163-VMM-000700",
+            "gid": "V-ESXI-80-000196",
+            "rid": "SV-ESXI-80-000196",
+            "stig_id": "ESXI-80-000196",
+            "cci": [
+              "CCI-001133"
+            ],
+            "nist": [
+              "SC-10"
+            ]
+          },
+          "code": "control 'ESXI-80-000196' do\n  title 'The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.'\n  desc  'When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.DcuiTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\n    If the \\\"UserVars.DcuiTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.DcuiTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000196'\n  tag rid: 'SV-ESXI-80-000196'\n  tag stig_id: 'ESXI-80-000196'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp <= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000196.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp <= 600",
+              "run_time": 0.5613789,
+              "start_time": "2023-06-07T08:28:45-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0",
+              "run_time": 0.000369,
+              "start_time": "2023-06-07T08:28:46-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000198",
+          "title": "The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.",
+          "desc": "The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\nThe Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for management traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on any Management VMkernel adapter, this is a finding.\n\nIf the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\nIf there are any other systems or devices such as VMs on the ESXi management segment, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of the management VMkernel will be unique to each environment.\n\nAs an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the Management VMkernel and click \"Edit\". On the Port properties tab, uncheck all services except for \"Management\". Click \"OK\".\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\" and select VLAN.\n\nChange the \"VLAN Type\" to \"VLAN\" and change the \"VLAN ID\" to a network allocated and dedicated to management traffic exclusively. Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-VMM-001700",
+            "gid": "V-ESXI-80-000198",
+            "rid": "SV-ESXI-80-000198",
+            "stig_id": "ESXI-80-000198",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'ESXI-80-000198' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.'\n  desc  \"\n    The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\n    The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for management traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on any Management VMkernel adapter, this is a finding.\n\n    If the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\n    If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the management VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the Management VMkernel and click \\\"Edit\\\". On the Port properties tab, uncheck all services except for \\\"Management\\\". Click \\\"OK\\\".\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to management traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000198'\n  tag rid: 'SV-ESXI-80-000198'\n  tag stig_id: 'ESXI-80-000198'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      vmks.split.each do |vmk|\n        # Check to see if Management and any other services are enabled on the same VMkernel adapter\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n        describe powercli_command(command2) do\n          its('stdout.strip') { should be_empty }\n        end\n        # Get Management Port Group Name\n        command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n        pgname = powercli_command(command3).stdout.strip\n        # Test standard port groups\n        command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" | Select-Object -ExpandProperty VlanId\"\n        stdpgs = powercli_command(command4).stdout.strip\n        unless stdpgs.empty?\n          describe 'Checking standand port group VLAN ID' do\n            subject { stdpgs }\n            it { should cmp \"#{input('mgtVlanId')}\" }\n          end\n        end\n        describe 'SA Interview' do\n          skip 'SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000198.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.VMotionEnabled -eq \"True\" -or $_.FaultToleranceLoggingEnabled -eq \"True\" -or $_.VsanTrafficEnabled -eq \"True\" -or $_.VSphereReplicationEnabled -eq \"True\" -or $_.VSphereReplicationNFCEnabled -eq \"True\" -or $_.VSphereBackupNFCEnabled -eq \"True\"} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty",
+              "run_time": 0.5869111,
+              "start_time": "2023-06-07T08:28:46-06:00",
+              "message": "expected `\"vmk0\".empty?` to be truthy, got false",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "Checking standand port group VLAN ID is expected to cmp == \"101\"",
+              "run_time": 0.0002865,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "message": "\nexpected: 101\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking standand port group VLAN ID"
+            },
+            {
+              "status": "skipped",
+              "code_desc": "SA Interview",
+              "run_time": 6.2e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "SA Interview"
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000199",
+          "title": "The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.",
+          "desc": "Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If IP-based storage is not used, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nReview each VMkernel adapter that is used for IP-based storage traffic and view the \"Enabled services\".\n\nReview the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\nIf any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\nIf any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of an IP-Based VMkernel will be unique to each environment.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\nSelect the VMkernel used for IP-based storage and click \"Edit\". On the \"Port\" properties tab, uncheck all services. Click \"OK\".\n\nNote: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual switches.\n\nFind the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \"Edit Settings\".\n\nOn the \"Properties\" tab, change the \"VLAN ID\" to one dedicated for IP-based storage traffic. Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000423-VMM-001700",
+            "gid": "V-ESXI-80-000199",
+            "rid": "SV-ESXI-80-000199",
+            "stig_id": "ESXI-80-000199",
+            "cci": [
+              "CCI-002418"
+            ],
+            "nist": [
+              "SC-8"
+            ]
+          },
+          "code": "control 'ESXI-80-000199' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.'\n  desc  \"\n    Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Review each VMkernel adapter that is used for IP-based storage traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\n    If any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-Based VMkernel will be unique to each environment.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> VMkernel adapters.\n\n    Select the VMkernel used for IP-based storage and click \\\"Edit\\\". On the \\\"Port\\\" properties tab, uncheck all services. Click \\\"OK\\\".\n\n    Note: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual switches.\n\n    Find the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \\\"Edit Settings\\\".\n\n    On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to one dedicated for IP-based storage traffic. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000199'\n  tag rid: 'SV-ESXI-80-000199'\n  tag stig_id: 'ESXI-80-000199'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      # Check for iSCSI HBAs\n      commandiscsihbas = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(commandiscsihbas).stdout\n\n      # Check for vSAN VMkernels\n      commandvsanvmks = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VsanTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vsanvmks = powercli_command(commandvsanvmks).stdout\n\n      # Check for NFS Datastores\n      commandnfs = \"Get-VMHost -Name #{vmhost} | Get-Datastore | Where {$_.Type -eq 'NFS'} | Select-Object -ExpandProperty Name\"\n      nfsds = powercli_command(commandnfs).stdout\n\n      if iscsi_hbas.empty? && vsanvmks.empty? && nfsds.empty?\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not using IP-based storage, so this control is N/A.\"\n        end\n      else\n        # Do any iSCSI VMKs have any services enabled?\n        commandivmks = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.iscsi.networkportal.list.Invoke() | Select-Object -ExpandProperty Vmknic\"\n        ivmks = powercli_command(commandivmks).stdout\n        ivmks.split.each do |ivmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{ivmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Does the vSAN VMK have any other services enabled?\n        vsanvmks.split.each do |vmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Do any VMKs used for NFS storage have any services enabled?\n        unless nfsds.empty?\n          describe '' do\n            skip \"The ESXi host #{vmhost} has NFS datastores and requires manual validation.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000199.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.ManagementTrafficEnabled -eq \"True\" -or $_.FaultToleranceLoggingEnabled -eq \"True\" -or $_.VMotionEnabled -eq \"True\" -or $_.VSphereReplicationEnabled -eq \"True\" -or $_.VSphereReplicationNFCEnabled -eq \"True\" -or $_.VSphereBackupNFCEnabled -eq \"True\"} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty",
+              "run_time": 0.5757657,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "message": "expected `\"vmk0\".empty?` to be truthy, got false",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000201",
+          "title": "The ESXi host lockdown mode exception users list must be verified.",
+          "desc": "While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "While a host is in lockdown mode (strict or normal), only users on the \"Exception Users\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\nThe organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", review the Exception Users list.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n$vmhost = Get-VMHost | Get-View\n$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n$lockdown.QueryLockdownExceptions()\n\nIf the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\nNote: The Exception Users list is empty by default and should remain that way except under site-specific circumstances."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Security Profile.\n\nUnder \"Lockdown Mode\", click \"Edit\" and remove unnecessary users from the Exception Users list."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000201",
+            "rid": "SV-ESXI-80-000201",
+            "stig_id": "ESXI-80-000201",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000201' do\n  title 'The ESXi host lockdown mode exception users list must be verified.'\n  desc  \"\n    While a host is in lockdown mode (strict or normal), only users on the \\\"Exception Users\\\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\n    The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", review the Exception Users list.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n    $vmhost = Get-VMHost | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.QueryLockdownExceptions()\n\n    If the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\n    Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Security Profile.\n\n    Under \\\"Lockdown Mode\\\", click \\\"Edit\\\" and remove unnecessary users from the Exception Users list.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000201'\n  tag rid: 'SV-ESXI-80-000201'\n  tag stig_id: 'ESXI-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost} | Get-View; (Get-View $vmhost.ConfigManager.HostAccessManager).QueryLockdownExceptions()\"\n      results = powercli_command(command).stdout\n      if !results.empty?\n        results.split.each do |exceptionUser|\n          describe \"Exception user: #{exceptionUser} on host: #{vmhost}\" do\n            subject { exceptionUser }\n            it { should be_in \"#{input('exceptionUsers')}\" }\n          end\n        end\n      else\n        describe \"Exception users for host: #{vmhost}\" do\n          subject { results }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000201.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Exception users for host: 10.186.25.26 is expected to be empty",
+              "run_time": 0.0102396,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Exception users for host: 10.186.25.26"
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000202",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.",
+          "desc": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \".rhosts\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\nExpected result:\n\nhostbasedauthentication no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nHostbasedAuthentication no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000202",
+            "rid": "SV-ESXI-80-000202",
+            "stig_id": "ESXI-80-000202",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000202' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.'\n  desc  \"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \\\".rhosts\\\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\n    Expected result:\n\n    hostbasedauthentication no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    HostbasedAuthentication no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000202'\n  tag rid: 'SV-ESXI-80-000202'\n  tag stig_id: 'ESXI-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000202.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 5.0e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000203",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.",
+          "desc": "Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\nExpected result:\n\npermitemptypasswords no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitEmptyPasswords no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000203",
+            "rid": "SV-ESXI-80-000203",
+            "stig_id": "ESXI-80-000203",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000203' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.'\n  desc  'Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\n    Expected result:\n\n    permitemptypasswords no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000203'\n  tag rid: 'SV-ESXI-80-000203'\n  tag stig_id: 'ESXI-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000203.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 3.4e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000204",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.",
+          "desc": "SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\nExpected result:\n\npermituserenvironment no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitUserEnvironment no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000204",
+            "rid": "SV-ESXI-80-000204",
+            "stig_id": "ESXI-80-000204",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000204' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.'\n  desc  'SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\n    Expected result:\n\n    permituserenvironment no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitUserEnvironment no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000204'\n  tag rid: 'SV-ESXI-80-000204'\n  tag stig_id: 'ESXI-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000204.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 3.5e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000205",
+          "title": "The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.",
+          "desc": "If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\nExpected result:\n\nstrictmodes yes\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nStrictModes yes"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000205",
+            "rid": "SV-ESXI-80-000205",
+            "stig_id": "ESXI-80-000205",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000205' do\n  title 'The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.'\n  desc  'If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\n    Expected result:\n\n    strictmodes yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    StrictModes yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000205'\n  tag rid: 'SV-ESXI-80-000205'\n  tag stig_id: 'ESXI-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000205.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 3.8e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000206",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not allow compression.",
+          "desc": "If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\nExpected result:\n\ncompression no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nCompression no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000206",
+            "rid": "SV-ESXI-80-000206",
+            "stig_id": "ESXI-80-000206",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000206' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow compression.'\n  desc  'If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\n    Expected result:\n\n    compression no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Compression no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000206'\n  tag rid: 'SV-ESXI-80-000206'\n  tag stig_id: 'ESXI-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000206.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 3.7e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000207",
+          "title": "The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.",
+          "desc": "SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\nExpected result:\n\ngatewayports no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nGatewayPorts no"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000207",
+            "rid": "SV-ESXI-80-000207",
+            "stig_id": "ESXI-80-000207",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000207' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.'\n  desc  'SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\n    Expected result:\n\n    gatewayports no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    GatewayPorts no\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000207'\n  tag rid: 'SV-ESXI-80-000207'\n  tag stig_id: 'ESXI-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000207.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 2.9e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000208",
+          "title": "The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.",
+          "desc": "X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\nExpected result:\n\nx11forwarding no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nX11Forwarding no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000208",
+            "rid": "SV-ESXI-80-000208",
+            "stig_id": "ESXI-80-000208",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000208' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.'\n  desc  'X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\n    Expected result:\n\n    x11forwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    X11Forwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000208'\n  tag rid: 'SV-ESXI-80-000208'\n  tag stig_id: 'ESXI-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000208.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 2.3e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000209",
+          "title": "The ESXi host Secure Shell (SSH) daemon must not permit tunnels.",
+          "desc": "OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\nExpected result:\n\npermittunnel no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nPermitTunnel no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000209",
+            "rid": "SV-ESXI-80-000209",
+            "stig_id": "ESXI-80-000209",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000209' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit tunnels.'\n  desc  'OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\n    Expected result:\n\n    permittunnel no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitTunnel no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000209'\n  tag rid: 'SV-ESXI-80-000209'\n  tag stig_id: 'ESXI-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000209.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 2.3e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000210",
+          "title": "The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.",
+          "desc": "Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\nExpected result:\n\nclientalivecountmax 3\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveCountMax 3"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000210",
+            "rid": "SV-ESXI-80-000210",
+            "stig_id": "ESXI-80-000210",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000210' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.'\n  desc  'Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\n    Expected result:\n\n    clientalivecountmax 3\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveCountMax 3\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000210'\n  tag rid: 'SV-ESXI-80-000210'\n  tag stig_id: 'ESXI-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000210.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 2.3e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000211",
+          "title": "The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.",
+          "desc": "Automatically logging out idle users guards against compromises via hijacked administrative sessions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Automatically logging out idle users guards against compromises via hijacked administrative sessions."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\nExpected result:\n\nclientaliveinterval 200\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nClientAliveInterval 200"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000211",
+            "rid": "SV-ESXI-80-000211",
+            "stig_id": "ESXI-80-000211",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000211' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.'\n  desc  'Automatically logging out idle users guards against compromises via hijacked administrative sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\n    Expected result:\n\n    clientaliveinterval 200\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveInterval 200\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000211'\n  tag rid: 'SV-ESXI-80-000211'\n  tag stig_id: 'ESXI-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000211.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 2.4e-06,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000212",
+          "title": "The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.",
+          "desc": "If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system snmp get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostSnmp | Select *\n\nIf SNMP is not in use and is enabled, this is a finding.\n\nIf SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\nNote: SNMP v3 targets can only be viewed and configured via the \"esxcli\" command."
+            },
+            {
+              "label": "fix",
+              "data": "To disable SNMP from an ESXi shell, run the following command:\n\n# esxcli system snmp set -e no\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi Host:\n\nGet-VMHostSnmp | Set-VMHostSnmp -Enabled $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000212",
+            "rid": "SV-ESXI-80-000212",
+            "stig_id": "ESXI-80-000212",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000212' do\n  title 'The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.'\n  desc  'If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system snmp get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostSnmp | Select *\n\n    If SNMP is not in use and is enabled, this is a finding.\n\n    If SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\n    Note: SNMP v3 targets can only be viewed and configured via the \\\"esxcli\\\" command.\n  \"\n  desc 'fix', \"\n    To disable SNMP from an ESXi shell, run the following command:\n\n    # esxcli system snmp set -e no\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi Host:\n\n    Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000212'\n  tag rid: 'SV-ESXI-80-000212'\n  tag stig_id: 'ESXI-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if \"#{input('snmpEnabled')}\" == 'false'\n      vmhosts.each do |vmhost|\n        command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'false' }\n        end\n      end\n    else\n      describe 'SNMP Enabled' do\n        skip 'Manually verify SNMP v3 is configured correctly and v2 is not used.'\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000212.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4428232,
+              "start_time": "2023-06-07T08:28:47-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000213",
+          "title": "The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.",
+          "desc": "Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\nAlthough VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.ShareForceSalting\" value and verify it is set to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\nIf the \"Mem.ShareForceSalting\" setting is not set to 2, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.ShareForceSalting\" value and set it to \"2\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000213",
+            "rid": "SV-ESXI-80-000213",
+            "stig_id": "ESXI-80-000213",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000213' do\n  title 'The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.'\n  desc  \"\n    Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\n    Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.ShareForceSalting\\\" value and verify it is set to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\n    If the \\\"Mem.ShareForceSalting\\\" setting is not set to 2, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.ShareForceSalting\\\" value and set it to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000213'\n  tag rid: 'SV-ESXI-80-000213'\n  tag stig_id: 'ESXI-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '2' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000213.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"2\"",
+              "run_time": 0.5384431,
+              "start_time": "2023-06-07T08:28:48-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000214",
+          "title": "The ESXi host must configure the firewall to block network traffic by default.",
+          "desc": "In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli network firewall get\n\nIf the \"Default Action\" does not equal \"DROP\", this is a finding.\nIf \"Enabled\" does not equal \"true\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy\n\nIf the Incoming or Outgoing policies are \"True\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli network firewall set --default-action=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000214",
+            "rid": "SV-ESXI-80-000214",
+            "stig_id": "ESXI-80-000214",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000214' do\n  title 'The ESXi host must configure the firewall to block network traffic by default.'\n  desc  'In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall get\n\n    If the \\\"Default Action\\\" does not equal \\\"DROP\\\", this is a finding.\n    If \\\"Enabled\\\" does not equal \\\"true\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy\n\n    If the Incoming or Outgoing policies are \\\"True\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall set --default-action=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000214'\n  tag rid: 'SV-ESXI-80-000214'\n  tag stig_id: 'ESXI-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostFirewallDefaultPolicy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000214.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostFirewallDefaultPolicy stdout.strip is expected not to match \"True\"",
+              "run_time": 0.6888148,
+              "start_time": "2023-06-07T08:28:48-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostFirewallDefaultPolicy\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000215",
+          "title": "The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.",
+          "desc": "BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\nIf a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\nThe caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.BlockGuestBPDU\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\nIf the \"Net.BlockGuestBPDU\" setting is not set to \"1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.BlockGuestBPDU\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000215",
+            "rid": "SV-ESXI-80-000215",
+            "stig_id": "ESXI-80-000215",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000215' do\n  title 'The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.'\n  desc  \"\n    BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\n    If a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\n    The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.BlockGuestBPDU\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\n    If the \\\"Net.BlockGuestBPDU\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.BlockGuestBPDU\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000215'\n  tag rid: 'SV-ESXI-80-000215'\n  tag stig_id: 'ESXI-80-000215'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000215.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"1\"",
+              "run_time": 0.594187,
+              "start_time": "2023-06-07T08:28:49-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000216",
+          "title": "The ESXi host must configure virtual switch security policies to reject forged transmits.",
+          "desc": "If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis means the virtual switch does not compare the source and effective MAC addresses.\n\nTo protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Forged transmits\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Forged Transmits\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Forged transmits\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Forged transmits\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000216",
+            "rid": "SV-ESXI-80-000216",
+            "stig_id": "ESXI-80-000216",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000216' do\n  title 'The ESXi host must configure virtual switch security policies to reject forged transmits.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This means the virtual switch does not compare the source and effective MAC addresses.\n\n    To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Forged transmits\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Forged Transmits\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000216'\n  tag rid: 'SV-ESXI-80-000216'\n  tag stig_id: 'ESXI-80-000216'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000216.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match \"True\"",
+              "run_time": 0.8077617,
+              "start_time": "2023-06-07T08:28:49-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match \"True\"",
+              "run_time": 0.7788918,
+              "start_time": "2023-06-07T08:28:50-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000217",
+          "title": "The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.",
+          "desc": "If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \"Reject MAC Changes\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"MAC Address Changes\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"MAC Address Changes\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"MAC Address Changes\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"MAC Address Changes\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true"
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000217",
+            "rid": "SV-ESXI-80-000217",
+            "stig_id": "ESXI-80-000217",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000217' do\n  title 'The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \\\"Reject MAC Changes\\\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"MAC Address Changes\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"MAC Address Changes\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000217'\n  tag rid: 'SV-ESXI-80-000217'\n  tag stig_id: 'ESXI-80-000217'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000217.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match \"True\"",
+              "run_time": 0.7277847,
+              "start_time": "2023-06-07T08:28:51-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match \"True\"",
+              "run_time": 0.7991175,
+              "start_time": "2023-06-07T08:28:52-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000218",
+          "title": "The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.",
+          "desc": "When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click the '...' button next to each port group and select \"Edit Settings\".\n\nClick the \"Security\" tab. Verify that \"Promiscuous Mode\" is set to \"Reject\" and that \"Override\" is not checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy\nGet-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\nIf the \"Promiscuous Mode\" policy is set to \"Accept\" (or \"true\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nOn each standard switch, click \"Edit\" and select Security.\n\nSet \"Promiscuous Mode\" to \"Reject\". Click \"OK\".\n\nFor each port group, click the '...' button and select \"Edit Settings\" then Security.\n\nSet \"Promiscuous Mode\" to \"Reject\" and uncheck the \"Override\" box. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\nGet-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000218",
+            "rid": "SV-ESXI-80-000218",
+            "stig_id": "ESXI-80-000218",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000218' do\n  title 'The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Promiscuous Mode\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000218'\n  tag rid: 'SV-ESXI-80-000218'\n  tag stig_id: 'ESXI-80-000218'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000218.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match \"True\"",
+              "run_time": 0.7038049,
+              "start_time": "2023-06-07T08:28:53-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match \"True\"",
+              "run_time": 0.7996008,
+              "start_time": "2023-06-07T08:28:53-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000219",
+          "title": "The ESXi host must restrict use of the dvFilter network application programming interface (API).",
+          "desc": "If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\nIf the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\nIf using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Net.DVFilterBindIpAddress\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\nIf the \"Net.DVFilterBindIpAddress\" setting is not blank and security appliances are not in use on the host, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Net.DVFilterBindIpAddress\" value and remove any incorrect addresses.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \"\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000219",
+            "rid": "SV-ESXI-80-000219",
+            "stig_id": "ESXI-80-000219",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000219' do\n  title 'The ESXi host must restrict use of the dvFilter network application programming interface (API).'\n  desc  \"\n    If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\n    If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\n    If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Net.DVFilterBindIpAddress\\\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\n    If the \\\"Net.DVFilterBindIpAddress\\\" setting is not blank and security appliances are not in use on the host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.DVFilterBindIpAddress\\\" value and remove any incorrect addresses.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \\\"\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000219'\n  tag rid: 'SV-ESXI-80-000219'\n  tag stig_id: 'ESXI-80-000219'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000219.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"\"",
+              "run_time": 0.5625754,
+              "start_time": "2023-06-07T08:28:54-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000220",
+          "title": "The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.",
+          "desc": "When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\nVLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each standard switch, review the \"VLAN ID\" on each port group and verify it is not set to \"4095\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup | Select Name, VLanID\n\nIf any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\nFor each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\nClick \"Edit Settings\". On the \"Properties\" tab, change the \"VLAN ID\" to an appropriate VLAN ID. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VirtualPortGroup -Name \"portgroup name\" | Set-VirtualPortGroup -VLanId \"New VLAN#\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000220",
+            "rid": "SV-ESXI-80-000220",
+            "stig_id": "ESXI-80-000220",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000220' do\n  title 'The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.'\n  desc  \"\n    When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\n    VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each standard switch, review the \\\"VLAN ID\\\" on each port group and verify it is not set to \\\"4095\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup | Select Name, VLanID\n\n    If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> Networking >> Virtual Switches.\n\n    For each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\n    Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to an appropriate VLAN ID. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup -Name \\\"portgroup name\\\" | Set-VirtualPortGroup -VLanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000220'\n  tag rid: 'SV-ESXI-80-000220'\n  tag stig_id: 'ESXI-80-000220'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match '4095' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000220.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId stdout.strip is expected not to match \"4095\"",
+              "run_time": 0.6204252,
+              "start_time": "2023-06-07T08:28:55-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000221",
+          "title": "The ESXi host must have all security patches and updates installed.",
+          "desc": "Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Determine the current version and build:\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Summary. Note the version string next to \"Hypervisor:\".\n\nor\n\nFrom a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n# vmware -v\n\nIf the ESXi host does not have the latest patches, this is a finding.\n\nIf the ESXi host is not on a supported release, this is a finding.\n\nThe latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\nVMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\nGo to: https://www.vmware.com/support/policies/security_response"
+            },
+            {
+              "label": "fix",
+              "data": "ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\nManual patching when image profiles are not used:\n\n- Download the latest \"offline bundle\" .zip update from vmware.com. Verify the hash.\n\n- Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n- Put the ESXi host into maintenance mode.\n\n- From an ESXi shell, run the following command:\n\nesxcli software vib update -d <path to offline patch bundle.zip>\n\nManual patching when image profiles are used:\n\nFrom an ESXi shell, run the following command:\n\n# esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nNote the available profiles. The organization will usually want the one ending in \"-standard\".\n\n# esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\nThere will be little output during the update. Once complete, reboot the host for changes to take effect."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000221",
+            "rid": "SV-ESXI-80-000221",
+            "stig_id": "ESXI-80-000221",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000221' do\n  title 'The ESXi host must have all security patches and updates installed.'\n  desc  'Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Determine the current version and build:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Summary. Note the version string next to \\\"Hypervisor:\\\".\n\n    or\n\n    From a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n    # vmware -v\n\n    If the ESXi host does not have the latest patches, this is a finding.\n\n    If the ESXi host is not on a supported release, this is a finding.\n\n    The latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\n    VMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\n    Go to: https://www.vmware.com/support/policies/security_response\n  \"\n  desc 'fix', \"\n    ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\n    Manual patching when image profiles are not used:\n\n    - Download the latest \\\"offline bundle\\\" .zip update from vmware.com. Verify the hash.\n\n    - Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n    - Put the ESXi host into maintenance mode.\n\n    - From an ESXi shell, run the following command:\n\n    esxcli software vib update -d <path to offline patch bundle.zip>\n\n    Manual patching when image profiles are used:\n\n    From an ESXi shell, run the following command:\n\n    # esxcli software sources profile list -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    Note the available profiles. The organization will usually want the one ending in \\\"-standard\\\".\n\n    # esxcli software profile update -p <selected profile> -d /vmfs/volumes/<your datastore>/<bundle name.zip>\n\n    There will be little output during the update. Once complete, reboot the host for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000221'\n  tag rid: 'SV-ESXI-80-000221'\n  tag stig_id: 'ESXI-80-000221'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).ExtensionData.Config.Product.build\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('esxiBuildNumber')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000221.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VMHost -Name 10.186.25.26).ExtensionData.Config.Product.build stdout.strip is expected to cmp == \"21813344\"",
+              "run_time": 1.4606667,
+              "start_time": "2023-06-07T08:28:55-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VMHost -Name 10.186.25.26).ExtensionData.Config.Product.build\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000222",
+          "title": "The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.",
+          "desc": "Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressShellWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\nIf the \"UserVars.SuppressShellWarning\" setting is not set to \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressShellWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000222",
+            "rid": "SV-ESXI-80-000222",
+            "stig_id": "ESXI-80-000222",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000222' do\n  title 'The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.'\n  desc  'Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressShellWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\n    If the \\\"UserVars.SuppressShellWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressShellWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000222'\n  tag rid: 'SV-ESXI-80-000222'\n  tag stig_id: 'ESXI-80-000222'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000222.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"0\"",
+              "run_time": 0.5773797,
+              "start_time": "2023-06-07T08:28:57-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000223",
+          "title": "The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.",
+          "desc": "The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"UserVars.SuppressHyperthreadWarning\" value and verify it is set to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\nIf the \"UserVars.SuppressHyperthreadWarning\" setting is not set to \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"UserVars.SuppressHyperthreadWarning\" value and configure it to \"0\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000223",
+            "rid": "SV-ESXI-80-000223",
+            "stig_id": "ESXI-80-000223",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000223' do\n  title 'The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.'\n  desc  'The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\n    If the \\\"UserVars.SuppressHyperthreadWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000223'\n  tag rid: 'SV-ESXI-80-000223'\n  tag stig_id: 'ESXI-80-000223'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000223.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"0\"",
+              "run_time": 0.7549351,
+              "start_time": "2023-06-07T08:28:57-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000224",
+          "title": "The ESXi host must verify certificates for SSL syslog endpoints.",
+          "desc": "When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logCheckSSLCerts\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\nIf the \"Syslog.global.logCheckSSLCerts\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\nFrom the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logCheckSSLCerts\" value and configure it to \"true\".\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n# <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \"true\"\n\nCopy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n$arguments.filename = <path/to/cacert>\n$esxcli.system.security.certificatestore.add.Invoke($arguments)"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000224",
+            "rid": "SV-ESXI-80-000224",
+            "stig_id": "ESXI-80-000224",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000224' do\n  title 'The ESXi host must verify certificates for SSL syslog endpoints.'\n  desc  'When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\n    If the \\\"Syslog.global.logCheckSSLCerts\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and configure it to \\\"true\\\".\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n    # <path/to/cacert> >> /etc/vmware/ssl/castore.pem\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \\\"true\\\"\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n    $arguments.filename = <path/to/cacert>\n    $esxcli.system.security.certificatestore.add.Invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000224'\n  tag rid: 'SV-ESXI-80-000224'\n  tag stig_id: 'ESXI-80-000224'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Where {$_.Value -match \\\"ssl\\\"} | Select-Object -ExpandProperty Value\"\n      syslogservers = powercli_command(command).stdout\n\n      if !syslogservers.empty?\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'true' }\n        end\n      else\n        impact 0.0\n        describe '' do\n          skip 'No SSL syslog targets found, this check is not applicable.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000224.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 1.11e-05,
+              "start_time": "2023-06-07T08:28:58-06:00",
+              "resource": "",
+              "skip_message": "No SSL syslog targets found, this check is not applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000225",
+          "title": "The ESXi host must enable volatile key destruction.",
+          "desc": "By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\nThe NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\nTo this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Mem.MemEagerZero\" value and verify it is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\nIf the \"Mem.MemEagerZero\" setting is not set to \"1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Mem.MemEagerZero\" value and configure it to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000225",
+            "rid": "SV-ESXI-80-000225",
+            "stig_id": "ESXI-80-000225",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000225' do\n  title 'The ESXi host must enable volatile key destruction.'\n  desc  \"\n    By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\n    The NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\n    To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Mem.MemEagerZero\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\n    If the \\\"Mem.MemEagerZero\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.MemEagerZero\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000225'\n  tag rid: 'SV-ESXI-80-000225'\n  tag stig_id: 'ESXI-80-000225'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000225.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"1\"",
+              "run_time": 0.5971065,
+              "start_time": "2023-06-07T08:28:58-06:00",
+              "message": "\nexpected: 1\n     got: 0\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000226",
+          "title": "The ESXi host must configure a session timeout for the vSphere API.",
+          "desc": "The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\nOne of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and verify it is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\nIf the \"Config.HostAgent.vmacore.soap.sessionTimeout\" setting is not set to \"30\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.vmacore.soap.sessionTimeout\" value and configure it to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000226",
+            "rid": "SV-ESXI-80-000226",
+            "stig_id": "ESXI-80-000226",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000226' do\n  title 'The ESXi host must configure a session timeout for the vSphere API.'\n  desc  \"\n    The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\n    One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and verify it is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\n    If the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" setting is not set to \\\"30\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and configure it to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000226'\n  tag rid: 'SV-ESXI-80-000226'\n  tag stig_id: 'ESXI-80-000226'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '30' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000226.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"30\"",
+              "run_time": 0.5987083,
+              "start_time": "2023-06-07T08:28:59-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000227",
+          "title": "The ESXi host must be configured with an appropriate maximum password age.",
+          "desc": "The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Security.PasswordMaxDays\" value and verify it is set to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\nIf the \"Security.PasswordMaxDays\" setting is not set to \"90\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Security.PasswordMaxDays\" value and configure it to \"90\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000227",
+            "rid": "SV-ESXI-80-000227",
+            "stig_id": "ESXI-80-000227",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000227' do\n  title 'The ESXi host must be configured with an appropriate maximum password age.'\n  desc  'The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Security.PasswordMaxDays\\\" value and verify it is set to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\n    If the \\\"Security.PasswordMaxDays\\\" setting is not set to \\\"90\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordMaxDays\\\" value and configure it to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000227'\n  tag rid: 'SV-ESXI-80-000227'\n  tag stig_id: 'ESXI-80-000227'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '90' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000227.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"90\"",
+              "run_time": 0.5963298,
+              "start_time": "2023-06-07T08:28:59-06:00",
+              "message": "\nexpected: 90\n     got: 99999\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000228",
+          "title": "The ESXi Common Information Model (CIM) service must be disabled.",
+          "desc": "The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\nTo reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"CIM Server\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"}\n\nIf the \"CIM Server\" service does not have a \"Policy\" of \"off\" or is running, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"CIM Server\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"CIM Server\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000228",
+            "rid": "SV-ESXI-80-000228",
+            "stig_id": "ESXI-80-000228",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000228' do\n  title 'The ESXi Common Information Model (CIM) service must be disabled.'\n  desc  \"\n    The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\n    To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"CIM Server\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"}\n\n    If the \\\"CIM Server\\\" service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"CIM Server\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000228'\n  tag rid: 'SV-ESXI-80-000228'\n  tag stig_id: 'ESXI-80-000228'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000228.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"",
+              "run_time": 0.3844118,
+              "start_time": "2023-06-07T08:29:00-06:00",
+              "message": "\nexpected: off\n     got: on\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3953809,
+              "start_time": "2023-06-07T08:29:00-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000229",
+          "title": "The ESXi host must use DOD-approved certificates.",
+          "desc": "The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\nThe use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Certificate.\n\nIf the issuer is not a DOD-approved certificate authority, this is a finding.\n\nIf the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Join the ESXi host to vCenter before replacing the certificate.\n\nObtain a DOD-issued certificate and private key for the host following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\n\nKey format: PEM\nVMware supports PKCS8 and PKCS1 (RSA keys)\nx509 version 3\n\nSubjectAltName must contain DNS Name=<machine_FQDN>\n\nCRT (Base-64) format\n\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nStart time of one day before the current time\n\nCN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\nFrom the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\nSelect the \"vpxd.certmgmt.mode\" value and ensure it is set to \"custom\".\n\nPut the host into maintenance mode.\n\nTemporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n# mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n# mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\nCopy the new certificate and key to \"/etc/vmware/ssl/\" and rename them to \"rui.crt\" and \"rui.key\" respectively.\n\nRestart management agents to implement the new certificate:\n\n# services.sh restart"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000229",
+            "rid": "SV-ESXI-80-000229",
+            "stig_id": "ESXI-80-000229",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000229' do\n  title 'The ESXi host must use DOD-approved certificates.'\n  desc  \"\n    The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\n    The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Certificate.\n\n    If the issuer is not a DOD-approved certificate authority, this is a finding.\n\n    If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.\n  \"\n  desc 'fix', \"\n    Join the ESXi host to vCenter before replacing the certificate.\n\n    Obtain a DOD-issued certificate and private key for the host following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n\n    Key format: PEM\n    VMware supports PKCS8 and PKCS1 (RSA keys)\n    x509 version 3\n\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n\n    CRT (Base-64) format\n\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Start time of one day before the current time\n\n    CN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\n    From the vSphere Web Client, select the ESXi host's vCenter Server >> Configure >> System >> Advanced Settings.\n\n    Select the \\\"vpxd.certmgmt.mode\\\" value and ensure it is set to \\\"custom\\\".\n\n    Put the host into maintenance mode.\n\n    Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n    # mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n    # mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\n    Copy the new certificate and key to \\\"/etc/vmware/ssl/\\\" and rename them to \\\"rui.crt\\\" and \\\"rui.key\\\" respectively.\n\n    Restart management agents to implement the new certificate:\n\n    # services.sh restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000229'\n  tag rid: 'SV-ESXI-80-000229'\n  tag stig_id: 'ESXI-80-000229'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      describe ssl_certificate(host: \"#{vmhost}\", port: 443) do\n        its('issuer_organization') { should cmp 'U.S. Government' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000229.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "ssl_certificate for '10.186.25.26' issuer_organization is expected to cmp == \"U.S. Government\"",
+              "run_time": 1.5361507,
+              "start_time": "2023-06-07T08:29:01-06:00",
+              "message": "\nexpected: U.S. Government\n     got: sc2-10-186-30-81.eng.vmware.com\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "ssl_certificate",
+              "resource_params": "[{:host=>\"10.186.25.26\", :port=>443}]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000230",
+          "title": "The ESXi host Secure Shell (SSH) daemon must disable port forwarding.",
+          "desc": "While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\nExpected result:\n\nallowtcpforwarding no\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, add or update the following line in \"/etc/ssh/sshd_config\":\n\nAllowTcpForwarding no"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000230",
+            "rid": "SV-ESXI-80-000230",
+            "stig_id": "ESXI-80-000230",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000230' do\n  title 'The ESXi host Secure Shell (SSH) daemon must disable port forwarding.'\n  desc  'While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\n    Expected result:\n\n    allowtcpforwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    AllowTcpForwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000230'\n  tag rid: 'SV-ESXI-80-000230'\n  tag stig_id: 'ESXI-80-000230'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000230.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.44e-05,
+              "start_time": "2023-06-07T08:29:02-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000231",
+          "title": "The ESXi host OpenSLP service must be disabled.",
+          "desc": "OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\nNote: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\", locate the \"slpd\" service and verify it is \"Stopped\" and the \"Startup Policy\" is set to \"Start and stop manually\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"}\n\nIf the slpd service does not have a \"Policy\" of \"off\" or is running, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Services.\n\nUnder \"Services\" select the \"slpd\" service and click the \"Stop\" button.\n\nClick \"Edit Startup policy...\" and select the \"Start and stop manually\" radio button. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Set-VMHostService -Policy Off\nGet-VMHost | Get-VMHostService | Where {$_.Label -eq \"slpd\"} | Stop-VMHostService"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000231",
+            "rid": "SV-ESXI-80-000231",
+            "stig_id": "ESXI-80-000231",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000231' do\n  title 'The ESXi host OpenSLP service must be disabled.'\n  desc  \"\n    OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\n    Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\", locate the \\\"slpd\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"}\n\n    If the slpd service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Services.\n\n    Under \\\"Services\\\" select the \\\"slpd\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000231'\n  tag rid: 'SV-ESXI-80-000231'\n  tag stig_id: 'ESXI-80-000231'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000231.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == \"off\"",
+              "run_time": 0.3768606,
+              "start_time": "2023-06-07T08:29:02-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3629255,
+              "start_time": "2023-06-07T08:29:03-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000232",
+          "title": "The ESXi host must enable audit logging.",
+          "desc": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.storageEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\nIf the \"Syslog.global.auditRecord.storageEnable\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.storageEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \"true\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000232",
+            "rid": "SV-ESXI-80-000232",
+            "stig_id": "ESXI-80-000232",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000232' do\n  title 'The ESXi host must enable audit logging.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\n    If the \\\"Syslog.global.auditRecord.storageEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000232'\n  tag rid: 'SV-ESXI-80-000232'\n  tag stig_id: 'ESXI-80-000232'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000232.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.4643674,
+              "start_time": "2023-06-07T08:29:03-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000233",
+          "title": "The ESXi host must off-load audit records via syslog.",
+          "desc": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\nTo operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\nNote: Audit records can be viewed locally via the \"/bin/viewAudit\" utility over SSH or at the ESXi shell."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.auditRecord.remoteEnable\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\nIf the \"Syslog.global.auditRecord.remoteEnable\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.auditRecord.remoteEnable\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \"true\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000342-VMM-001230",
+            "gid": "V-ESXI-80-000233",
+            "rid": "SV-ESXI-80-000233",
+            "stig_id": "ESXI-80-000233",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'ESXI-80-000233' do\n  title 'The ESXi host must off-load audit records via syslog.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\n    If the \\\"Syslog.global.auditRecord.remoteEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag gid: 'V-ESXI-80-000233'\n  tag rid: 'SV-ESXI-80-000233'\n  tag stig_id: 'ESXI-80-000233'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000233.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.5971407,
+              "start_time": "2023-06-07T08:29:03-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000234",
+          "title": "The ESXi host must enable strict x509 verification for SSL syslog endpoints.",
+          "desc": "When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \"x509-strict\" option performs additional validity checks on CA root certificates during verification.\n\nThese checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If SSL is not used for a syslog target, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.certificate.strictX509Compliance\" value and verify it is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\nIf the \"Syslog.global.certificate.strictX509Compliance\" setting is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.certificate.strictX509Compliance\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \"true\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000234",
+            "rid": "SV-ESXI-80-000234",
+            "stig_id": "ESXI-80-000234",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000234' do\n  title 'The ESXi host must enable strict x509 verification for SSL syslog endpoints.'\n  desc  \"\n    When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \\\"x509-strict\\\" option performs additional validity checks on CA root certificates during verification.\n\n    These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\n    If the \\\"Syslog.global.certificate.strictX509Compliance\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000234'\n  tag rid: 'SV-ESXI-80-000234'\n  tag stig_id: 'ESXI-80-000234'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000234.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.526914,
+              "start_time": "2023-06-07T08:29:04-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000235",
+          "title": "The ESXi host must forward audit records containing information to establish what type of events occurred.",
+          "desc": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\nAudit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\nAssociating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logLevel\" value and verify it is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\nIf the \"Syslog.global.logLevel\" setting is not set to \"info\", this is a finding.\n\nNote: Verbose logging level is acceptable for troubleshooting purposes."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logLevel\" value and configure it to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \"info\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000037-VMM-000150",
+            "gid": "V-ESXI-80-000235",
+            "rid": "SV-ESXI-80-000235",
+            "stig_id": "ESXI-80-000235",
+            "cci": [
+              "CCI-000130"
+            ],
+            "nist": [
+              "AU-3"
+            ]
+          },
+          "code": "control 'ESXI-80-000235' do\n  title 'The ESXi host must forward audit records containing information to establish what type of events occurred.'\n  desc  \"\n    Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logLevel\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\n    If the \\\"Syslog.global.logLevel\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logLevel\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag gid: 'V-ESXI-80-000235'\n  tag rid: 'SV-ESXI-80-000235'\n  tag stig_id: 'ESXI-80-000235'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000235.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"info\"",
+              "run_time": 0.5426163,
+              "start_time": "2023-06-07T08:29:04-06:00",
+              "message": "\nexpected: info\n     got: error\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000236",
+          "title": "The ESXi host must not be configured to override virtual machine (VM) configurations.",
+          "desc": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# stat -c \"%s\" /etc/vmware/settings\n\nExpected result:\n\n0\n\nIf the output does not match the expected result, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# echo -n >/etc/vmware/settings"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000236",
+            "rid": "SV-ESXI-80-000236",
+            "stig_id": "ESXI-80-000236",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000236' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) configurations.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # stat -c \\\"%s\\\" /etc/vmware/settings\n\n    Expected result:\n\n    0\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # echo -n >/etc/vmware/settings\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000236'\n  tag rid: 'SV-ESXI-80-000236'\n  tag stig_id: 'ESXI-80-000236'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000236.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.12e-05,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000237",
+          "title": "The ESXi host must not be configured to override virtual machine (VM) logger settings.",
+          "desc": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Each VM on an ESXi host runs in its own \"vmx\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\nThis can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# grep \"^vmx\\.log\" /etc/vmware/config\n\nIf the command produces any output, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following commands:\n\n# cp /etc/vmware/config /etc/vmware/config.bak\n# grep -v \"^vmx\\.log\" /etc/vmware/config.bak>/etc/vmware/config"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000237",
+            "rid": "SV-ESXI-80-000237",
+            "stig_id": "ESXI-80-000237",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000237' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) logger settings.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # grep \\\"^vmx\\\\.log\\\" /etc/vmware/config\n\n    If the command produces any output, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # cp /etc/vmware/config /etc/vmware/config.bak\n    # grep -v \\\"^vmx\\\\.log\\\" /etc/vmware/config.bak>/etc/vmware/config\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000237'\n  tag rid: 'SV-ESXI-80-000237'\n  tag stig_id: 'ESXI-80-000237'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000237.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.04e-05,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000238",
+          "title": "The ESXi host must require TPM-based configuration encryption.",
+          "desc": "An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\nA cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\nBefore vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \"seal\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\nConfiguration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.encryption.get.invoke() | Select Mode\n\nExpected result:\n\nMode: TPM\n\nIf the \"Mode\" is not set to \"TPM\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\nThis setting cannot be configured until the TPM is properly enabled in firmware.\n\nFrom an ESXi shell, run the following command:\n\n# esxcli system settings encryption set --mode=TPM\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n$arguments.mode = \"TPM\"\n$esxcli.system.settings.encryption.set.Invoke($arguments)\n\nEvacuate the host and gracefully reboot for changes to take effect."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000238",
+            "rid": "SV-ESXI-80-000238",
+            "stig_id": "ESXI-80-000238",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000238' do\n  title 'The ESXi host must require TPM-based configuration encryption.'\n  desc  \"\n    An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\n    A cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\n    Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \\\"seal\\\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\n    Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select Mode\n\n    Expected result:\n\n    Mode: TPM\n\n    If the \\\"Mode\\\" is not set to \\\"TPM\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\n    This setting cannot be configured until the TPM is properly enabled in firmware.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption set --mode=TPM\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.mode = \\\"TPM\\\"\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000238'\n  tag rid: 'SV-ESXI-80-000238'\n  tag stig_id: 'ESXI-80-000238'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'TPM' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000238.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode stdout.strip is expected to cmp == \"TPM\"",
+              "run_time": 0.3454204,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: TPM\n     got: NONE\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000239",
+          "title": "The ESXi host must configure the firewall to restrict access to services running on the host.",
+          "desc": "Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nUnder the \"Allowed IP addresses\" column, review the allowed IPs for each service.\n\nCheck this for \"Incoming\" and \"Outgoing\" sections.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\"AllIPEnabled\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\nIf for an enabled service \"Allow connections from any IP address\" is selected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Firewall.\n\nClick \"Edit...\". For each enabled service, uncheck the check box to \"Allow connections from any IP address\" and input the site-specific network(s) required.\n\nThe following example formats are acceptable:\n\n192.168.0.0/24\n192.168.1.2, 2001::1/64\nfd3e:29a6:0a81:e478::/64\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n#This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n$arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.allowedall = $false\n$esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n#Next add the allowed IPs for the service. Note doing the \"vSphere Web Client\" service this way may disable access but may be done through vCenter or through the console.\n$arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n$arguments.rulesetid = \"sshServer\"\n$arguments.ipaddress = \"10.0.0.0/8\"\n$esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\nThis must be done for each enabled service."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000239",
+            "rid": "SV-ESXI-80-000239",
+            "stig_id": "ESXI-80-000239",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000239' do\n  title 'The ESXi host must configure the firewall to restrict access to services running on the host.'\n  desc  'Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Under the \\\"Allowed IP addresses\\\" column, review the allowed IPs for each service.\n\n    Check this for \\\"Incoming\\\" and \\\"Outgoing\\\" sections.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\\\"AllIPEnabled\\\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\n    If for an enabled service \\\"Allow connections from any IP address\\\" is selected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Firewall.\n\n    Click \\\"Edit...\\\". For each enabled service, uncheck the check box to \\\"Allow connections from any IP address\\\" and input the site-specific network(s) required.\n\n    The following example formats are acceptable:\n\n    192.168.0.0/24\n    192.168.1.2, 2001::1/64\n    fd3e:29a6:0a81:e478::/64\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    #This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n    $arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.allowedall = $false\n    $esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n    #Next add the allowed IPs for the service. Note doing the \\\"vSphere Web Client\\\" service this way may disable access but may be done through vCenter or through the console.\n    $arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.ipaddress = \\\"10.0.0.0/8\\\"\n    $esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\n    This must be done for each enabled service.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000239'\n  tag rid: 'SV-ESXI-80-000239'\n  tag stig_id: 'ESXI-80-000239'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost} | Get-VMHostFirewallException | Where {$_.Enabled -eq $true}).ExtensionData.AllowedHosts.AllIP\"\n      powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n        describe result do\n          it { should_not cmp 'True' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000239.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0003021,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002896,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002555,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002369,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.000227,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002281,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002254,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001976,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001664,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001555,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001385,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002854,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001461,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001868,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001578,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002161,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "passed",
+              "code_desc": "False is expected not to cmp == \"True\"",
+              "run_time": 0.0003521,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "False"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001832,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001629,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.000148,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0001509,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            },
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"True\"",
+              "run_time": 0.0002841,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "message": "\nexpected: True\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000240",
+          "title": "The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.",
+          "desc": "If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\nTo avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\nIf the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\nIf the method used to join hosts to a domain is not set to \"Use vSphere Authentication Proxy to add the host to domain\", this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to vCenter, run the following command:\n\nGet-VMHost | Select Name, ` @{N=\"HostProfile\";E={$_ | Get-VMHostProfile}}, ` @{N=\"JoinADEnabled\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\"JoinDomainMethod\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \"JoinDomainMethodPolicy\"}).Policyoption.Id}}\n\nIf \"JoinADEnabled\" is \"True\" and \"JoinDomainMethod\" is not \"FixedCAMConfigOption\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\nClick a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\nClick \"Edit Host Profile...\". Set the \"Join Domain Method\" to \"Use vSphere Authentication Proxy to add the host to domain\" and provide the IP address of the vSphere Authentication Proxy server.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000240",
+            "rid": "SV-ESXI-80-000240",
+            "stig_id": "ESXI-80-000240",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000240' do\n  title 'The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.'\n  desc  \"\n    If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\n    To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    If the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration >> Join Domain Method.\n\n    If the method used to join hosts to a domain is not set to \\\"Use vSphere Authentication Proxy to add the host to domain\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to vCenter, run the following command:\n\n    Get-VMHost | Select Name, ` @{N=\\\"HostProfile\\\";E={$_ | Get-VMHostProfile}}, ` @{N=\\\"JoinADEnabled\\\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\\\"JoinDomainMethod\\\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \\\"JoinDomainMethodPolicy\\\"}).Policyoption.Id}}\n\n    If \\\"JoinADEnabled\\\" is \\\"True\\\" and \\\"JoinDomainMethod\\\" is not \\\"FixedCAMConfigOption\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Home >> Policies and Profiles >> Host Profiles.\n\n    Click a Host Profile >> Configure >> Security and Services >> Security Settings >> Authentication Configuration >> Active Directory Configuration.\n\n    Click \\\"Edit Host Profile...\\\". Set the \\\"Join Domain Method\\\" to \\\"Use vSphere Authentication Proxy to add the host to domain\\\" and provide the IP address of the vSphere Authentication Proxy server.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000240'\n  tag rid: 'SV-ESXI-80-000240'\n  tag stig_id: 'ESXI-80-000240'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    setimpact = true\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostProfile\"\n      hostprofile = powercli_command(command).stdout\n\n      if hostprofile.empty?\n        describe \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\" do\n          skip \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\"\n        end\n      else\n        command1 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled\"\n        adEnabled = powercli_command(command1).stdout.strip\n\n        if adEnabled.match?('True')\n          command2 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select-Object -ExpandProperty Policy | Where {$_.Id -eq 'JoinDomainMethodPolicy'} | Select-Object -ExpandProperty PolicyOption | Select-Object -ExpandProperty Id\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should cmp 'FixedCAMConfigOption' }\n          end\n          setimpact = false\n        else\n          describe \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\" do\n            skip \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No ESXi hosts found. Review inputs provided for errors and rerun profile.' do\n      skip 'No ESXi hosts found. Review inputs provided for errors and rerun profile.'\n    end\n    setimpact = false\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000240.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "There are no attached host profiles host: 10.186.25.26. This control is not applicable.",
+              "run_time": 6.0e-06,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "resource": "",
+              "skip_message": "There are no attached host profiles host: 10.186.25.26. This control is not applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "There are no attached host profiles host: 10.186.25.26. This control is not applicable."
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000241",
+          "title": "The ESXi host must not use the default Active Directory ESX Admin group.",
+          "desc": "When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \"ESX Admins\" will have full administrative access to the host.\n\nIf this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For systems that do not use Active Directory, this is not applicable.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" value and verify it is not set to \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\nIf the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" setting is set to \"ESX Admins\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\" key and configure its value to an appropriate Active Directory group other than \"ESX Admins\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \"<site specific AD group>\"\n\nNote: Changing the group name does not remove the permissions of the previous group."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000241",
+            "rid": "SV-ESXI-80-000241",
+            "stig_id": "ESXI-80-000241",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000241' do\n  title 'The ESXi host must not use the default Active Directory ESX Admin group.'\n  desc  \"\n    When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \\\"ESX Admins\\\" will have full administrative access to the host.\n\n    If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" value and verify it is not set to \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\n    If the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" setting is set to \\\"ESX Admins\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" key and configure its value to an appropriate Active Directory group other than \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \\\"<site specific AD group>\\\"\n\n    Note: Changing the group name does not remove the permissions of the previous group.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000241'\n  tag rid: 'SV-ESXI-80-000241'\n  tag stig_id: 'ESXI-80-000241'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n      domainstatus = powercli_command(command).stdout\n      if domainstatus.empty?\n        impact 0.0\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not joined to AD, so this control is not applicable.\"\n        end\n      else\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should_not cmp 'ESX Admins' }\n          its('stdout.strip') { should cmp \"#{input('adAdminGroup')}\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000241.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 4.6e-06,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "resource": "",
+              "skip_message": "The ESXi host 10.186.25.26 is not joined to AD, so this control is not applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000243",
+          "title": "The ESXi host must configure a persistent log location for all locally stored logs.",
+          "desc": "ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \"/scratch\" directory is linked to \"/tmp/scratch\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\nThis presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\nNote: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\nIf ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"Syslog.global.logDir\" value and verify it is set to a persistent location.\n\nIf the value of the setting is \"[] /scratch/logs\", verify the advanced setting \"ScratchConfig.CurrentScratchLocation\" is not set to \"/tmp/scratch\". This is a nonpersistent location.\n\nIf \"Syslog.global.logDir\" is not configured to a persistent location, this is a finding.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\nIf the \"LocalLogOutputIsPersistent\" value is not true, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"Syslog.global.logDir\" value and set it to a known persistent location.\n\nAn example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n/vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \"New Log Location\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000341-VMM-001220",
+            "gid": "V-ESXI-80-000243",
+            "rid": "SV-ESXI-80-000243",
+            "stig_id": "ESXI-80-000243",
+            "cci": [
+              "CCI-001849"
+            ],
+            "nist": [
+              "AU-4"
+            ]
+          },
+          "code": "control 'ESXI-80-000243' do\n  title 'The ESXi host must configure a persistent log location for all locally stored logs.'\n  desc  \"\n    ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \\\"/scratch\\\" directory is linked to \\\"/tmp/scratch\\\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\n    This presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\n    Note: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\n    If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"Syslog.global.logDir\\\" value and verify it is set to a persistent location.\n\n    If the value of the setting is \\\"[] /scratch/logs\\\", verify the advanced setting \\\"ScratchConfig.CurrentScratchLocation\\\" is not set to \\\"/tmp/scratch\\\". This is a nonpersistent location.\n\n    If \\\"Syslog.global.logDir\\\" is not configured to a persistent location, this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\n    If the \\\"LocalLogOutputIsPersistent\\\" value is not true, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logDir\\\" value and set it to a known persistent location.\n\n    An example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n    /vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \\\"New Log Location\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000243'\n  tag rid: 'SV-ESXI-80-000243'\n  tag stig_id: 'ESXI-80-000243'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000243.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.3779242,
+              "start_time": "2023-06-07T08:29:05-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000244",
+          "title": "The ESXi host must enforce the exclusive running of executables from approved VIBs.",
+          "desc": "The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\nFrom the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nSelect the \"VMkernel.Boot.execInstalledOnly\" value and verify that it is \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\nIf the \"VMkernel.Boot.execInstalledOnly\" setting is not \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Hosts and Clusters.\n\nSelect the ESXi Host >> Configure >> System >> Advanced System Settings.\n\nClick \"Edit\". Select the \"VMkernel.Boot.execInstalledOnly\" value and configure it to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\nGet-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000244",
+            "rid": "SV-ESXI-80-000244",
+            "stig_id": "ESXI-80-000244",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000244' do\n  title 'The ESXi host must enforce the exclusive running of executables from approved VIBs.'\n  desc  'The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and verify that it is \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\n    If the \\\"VMkernel.Boot.execInstalledOnly\\\" setting is not \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host >> Configure >> System >> Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000244'\n  tag rid: 'SV-ESXI-80-000244'\n  tag stig_id: 'ESXI-80-000244'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000244.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.6361998,
+              "start_time": "2023-06-07T08:29:06-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000245",
+          "title": "The ESXi host must use sufficient entropy for cryptographic operations.",
+          "desc": "Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\nIn computing, the term \"entropy\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\nFIPS entropy handling is the default behavior if the following conditions are true:\n\n-The hardware supports RDSEED.\n-The disableHwrng VMkernel boot option isn't present or is FALSE.\n-The entropySources VMkernel boot option isn't present or is 0 (zero)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel list -o disableHwrng\n# esxcli system settings kernel list -o entropySources\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \"disableHwrng\" -or $_.Name -eq \"entropySources\"}\n\nIf \"disableHwrng\" is not set to \"false\", this is a finding.\nIf \"entropySources\" is not set to \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following commands:\n\n# esxcli system settings kernel set -s disableHwrng -v FALSE\n# esxcli system settings kernel set -s entropySources -v 0\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n$arguments.setting = \"disableHwrng\"\n$arguments.value = \"FALSE\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n$arguments.setting = \"entropySources\"\n$arguments.value = \"0\"\n$esxcli.system.settings.kernel.set.invoke($arguments)\n\nReboot the ESXi host after updating entropy settings."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000245",
+            "rid": "SV-ESXI-80-000245",
+            "stig_id": "ESXI-80-000245",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000245' do\n  title 'The ESXi host must use sufficient entropy for cryptographic operations.'\n  desc  \"\n    Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\n    In computing, the term \\\"entropy\\\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\n    FIPS entropy handling is the default behavior if the following conditions are true:\n\n    -The hardware supports RDSEED.\n    -The disableHwrng VMkernel boot option isn't present or is FALSE.\n    -The entropySources VMkernel boot option isn't present or is 0 (zero).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel list -o disableHwrng\n    # esxcli system settings kernel list -o entropySources\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \\\"disableHwrng\\\" -or $_.Name -eq \\\"entropySources\\\"}\n\n    If \\\"disableHwrng\\\" is not set to \\\"false\\\", this is a finding.\n    If \\\"entropySources\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel set -s disableHwrng -v FALSE\n    # esxcli system settings kernel set -s entropySources -v 0\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n    $arguments.setting = \\\"disableHwrng\\\"\n    $arguments.value = \\\"FALSE\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n    $arguments.setting = \\\"entropySources\\\"\n    $arguments.value = \\\"0\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n\n    Reboot the ESXi host after updating entropy settings.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000245'\n  tag rid: 'SV-ESXI-80-000245'\n  tag stig_id: 'ESXI-80-000245'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'FALSE' }\n      end\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000245.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \"disableHwrng\"} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp == \"FALSE\"",
+              "run_time": 0.800001,
+              "start_time": "2023-06-07T08:29:06-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \"entropySources\"} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp == \"0\"",
+              "run_time": 0.8091229,
+              "start_time": "2023-06-07T08:29:07-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "ESXI-80-000246",
+          "title": "The ESXi host must not enable log filtering.",
+          "desc": "The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\nSetting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter get\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$esxcli.system.syslog.config.logfilter.get.invoke()\n\nIf \"LogFilteringEnabled\" is not set to \"false\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From an ESXi shell, run the following command:\n\n# esxcli system syslog config logfilter set --log-filtering-enabled=false\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n$esxcli = Get-EsxCli -v2\n$arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n$arguments.logfilteringenabled = $false\n$esxcli.system.syslog.config.logfilter.set.invoke($arguments)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-ESXI-80-000246",
+            "rid": "SV-ESXI-80-000246",
+            "stig_id": "ESXI-80-000246",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'ESXI-80-000246' do\n  title 'The ESXi host must not enable log filtering.'\n  desc  \"\n    The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\n    Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.logfilter.get.invoke()\n\n    If \\\"LogFilteringEnabled\\\" is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter set --log-filtering-enabled=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n    $arguments.logfilteringenabled = $false\n    $esxcli.system.syslog.config.logfilter.set.invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000246'\n  tag rid: 'SV-ESXI-80-000246'\n  tag stig_id: 'ESXI-80-000246'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/580ceed641893dd00175c2e1c5d112de5d50ae0b8cbb2819ec8a087021429b0f/controls/ESXI-80-000246.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3665214,
+              "start_time": "2023-06-07T08:29:08-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"]",
+              "resource_id": ""
+            }
+          ]
+        }
+      ],
+      "status": "loaded",
+      "status_message": ""
+    },
+    {
+      "name": "VMware vSphere 8.0 vCenter STIG Readiness Guide",
+      "version": "1.0.1",
+      "sha256": "8f9266052570c0249001c60d77de53eda9da5e60c4151c3472380f744e384add",
+      "title": "VMware vSphere 8.0 vCenter STIG Readiness Guide",
+      "maintainer": "The Authors",
+      "summary": "An InSpec Compliance Profile",
+      "license": "Apache-2.0",
+      "copyright": "The Authors",
+      "supports": [],
+      "attributes": [],
+      "parent_profile": "vmware-vsphere-8.0-stig-baseline",
+      "groups": [
+        {
+          "id": "controls/VCSA-80-000009.rb",
+          "controls": [
+            "VCSA-80-000009"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000023.rb",
+          "controls": [
+            "VCSA-80-000023"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000024.rb",
+          "controls": [
+            "VCSA-80-000024"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000034.rb",
+          "controls": [
+            "VCSA-80-000034"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000057.rb",
+          "controls": [
+            "VCSA-80-000057"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000059.rb",
+          "controls": [
+            "VCSA-80-000059"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000060.rb",
+          "controls": [
+            "VCSA-80-000060"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000069.rb",
+          "controls": [
+            "VCSA-80-000069"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000070.rb",
+          "controls": [
+            "VCSA-80-000070"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000071.rb",
+          "controls": [
+            "VCSA-80-000071"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000072.rb",
+          "controls": [
+            "VCSA-80-000072"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000073.rb",
+          "controls": [
+            "VCSA-80-000073"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000074.rb",
+          "controls": [
+            "VCSA-80-000074"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000077.rb",
+          "controls": [
+            "VCSA-80-000077"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000079.rb",
+          "controls": [
+            "VCSA-80-000079"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000080.rb",
+          "controls": [
+            "VCSA-80-000080"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000089.rb",
+          "controls": [
+            "VCSA-80-000089"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000095.rb",
+          "controls": [
+            "VCSA-80-000095"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000110.rb",
+          "controls": [
+            "VCSA-80-000110"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000123.rb",
+          "controls": [
+            "VCSA-80-000123"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000145.rb",
+          "controls": [
+            "VCSA-80-000145"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000148.rb",
+          "controls": [
+            "VCSA-80-000148"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000150.rb",
+          "controls": [
+            "VCSA-80-000150"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000158.rb",
+          "controls": [
+            "VCSA-80-000158"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000195.rb",
+          "controls": [
+            "VCSA-80-000195"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000196.rb",
+          "controls": [
+            "VCSA-80-000196"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000248.rb",
+          "controls": [
+            "VCSA-80-000248"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000253.rb",
+          "controls": [
+            "VCSA-80-000253"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000265.rb",
+          "controls": [
+            "VCSA-80-000265"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000266.rb",
+          "controls": [
+            "VCSA-80-000266"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000267.rb",
+          "controls": [
+            "VCSA-80-000267"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000268.rb",
+          "controls": [
+            "VCSA-80-000268"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000269.rb",
+          "controls": [
+            "VCSA-80-000269"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000270.rb",
+          "controls": [
+            "VCSA-80-000270"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000271.rb",
+          "controls": [
+            "VCSA-80-000271"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000272.rb",
+          "controls": [
+            "VCSA-80-000272"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000273.rb",
+          "controls": [
+            "VCSA-80-000273"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000274.rb",
+          "controls": [
+            "VCSA-80-000274"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000275.rb",
+          "controls": [
+            "VCSA-80-000275"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000276.rb",
+          "controls": [
+            "VCSA-80-000276"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000277.rb",
+          "controls": [
+            "VCSA-80-000277"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000278.rb",
+          "controls": [
+            "VCSA-80-000278"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000279.rb",
+          "controls": [
+            "VCSA-80-000279"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000280.rb",
+          "controls": [
+            "VCSA-80-000280"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000281.rb",
+          "controls": [
+            "VCSA-80-000281"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000282.rb",
+          "controls": [
+            "VCSA-80-000282"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000283.rb",
+          "controls": [
+            "VCSA-80-000283"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000284.rb",
+          "controls": [
+            "VCSA-80-000284"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000285.rb",
+          "controls": [
+            "VCSA-80-000285"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000286.rb",
+          "controls": [
+            "VCSA-80-000286"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000287.rb",
+          "controls": [
+            "VCSA-80-000287"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000288.rb",
+          "controls": [
+            "VCSA-80-000288"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000290.rb",
+          "controls": [
+            "VCSA-80-000290"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000291.rb",
+          "controls": [
+            "VCSA-80-000291"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000292.rb",
+          "controls": [
+            "VCSA-80-000292"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000293.rb",
+          "controls": [
+            "VCSA-80-000293"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000294.rb",
+          "controls": [
+            "VCSA-80-000294"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000295.rb",
+          "controls": [
+            "VCSA-80-000295"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000296.rb",
+          "controls": [
+            "VCSA-80-000296"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000298.rb",
+          "controls": [
+            "VCSA-80-000298"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000299.rb",
+          "controls": [
+            "VCSA-80-000299"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000300.rb",
+          "controls": [
+            "VCSA-80-000300"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000301.rb",
+          "controls": [
+            "VCSA-80-000301"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000302.rb",
+          "controls": [
+            "VCSA-80-000302"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000303.rb",
+          "controls": [
+            "VCSA-80-000303"
+          ]
+        },
+        {
+          "id": "controls/VCSA-80-000304.rb",
+          "controls": [
+            "VCSA-80-000304"
+          ]
+        }
+      ],
+      "controls": [
+        {
+          "id": "VCSA-80-000009",
+          "title": "The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.",
+          "desc": "Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\nIf the output indicates versions of TLS other than 1.2 are enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following command:\n\n# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\nvCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\nThe \"--no-restart\" flag can be added to restart services at a later time.\n\nChanges will not take effect until all services are restarted or the appliance is rebooted."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-APP-000014",
+            "satisfies": [
+              "SRG-APP-000156",
+              "SRG-APP-000157",
+              "SRG-APP-000219",
+              "SRG-APP-000439",
+              "SRG-APP-000440",
+              "SRG-APP-000441",
+              "SRG-APP-000442",
+              "SRG-APP-000560",
+              "SRG-APP-000565",
+              "SRG-APP-000625",
+              "SRG-APP-000645"
+            ],
+            "gid": "V-VCSA-80-000009",
+            "rid": "SV-VCSA-80-000009",
+            "stig_id": "VCSA-80-000009",
+            "cci": [
+              "CCI-000068",
+              "CCI-000382",
+              "CCI-001184",
+              "CCI-001453",
+              "CCI-001941",
+              "CCI-001942",
+              "CCI-002418",
+              "CCI-002420",
+              "CCI-002421",
+              "CCI-002422",
+              "CCI-002450"
+            ],
+            "nist": [
+              "AC-17 (2)",
+              "CM-7 b",
+              "IA-2 (8)",
+              "IA-2 (9)",
+              "SC-13",
+              "SC-23",
+              "SC-8",
+              "SC-8 (1)",
+              "SC-8 (2)"
+            ]
+          },
+          "code": "control 'VCSA-80-000009' do\n  title 'The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.'\n  desc  'Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.'\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\n    If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\n    vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\n    The \\\"--no-restart\\\" flag can be added to restart services at a later time.\n\n    Changes will not take effect until all services are restarted or the appliance is rebooted.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000014'\n  tag satisfies: ['SRG-APP-000156', 'SRG-APP-000157', 'SRG-APP-000219', 'SRG-APP-000439', 'SRG-APP-000440', 'SRG-APP-000441', 'SRG-APP-000442', 'SRG-APP-000560', 'SRG-APP-000565', 'SRG-APP-000625', 'SRG-APP-000645']\n  tag gid: 'V-VCSA-80-000009'\n  tag rid: 'SV-VCSA-80-000009'\n  tag stig_id: 'VCSA-80-000009'\n  tag cci: ['CCI-000068', 'CCI-000382', 'CCI-001184', 'CCI-001453', 'CCI-001941', 'CCI-001942', 'CCI-002418', 'CCI-002420', 'CCI-002421', 'CCI-002422', 'CCI-002450']\n  tag nist: ['AC-17 (2)', 'CM-7 b', 'IA-2 (8)', 'IA-2 (9)', 'SC-13', 'SC-23', 'SC-8', 'SC-8 (1)', 'SC-8 (2)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000009.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.43e-05,
+              "start_time": "2023-06-07T08:29:08-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000023",
+          "title": "The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.",
+          "desc": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nThe following lockout policy should be set as follows:\n\nMaximum number of failed login attempts: 3\n\nIf this account lockout policy is not configured as stated, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Maximum number of failed login attempts\" to \"3\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000065",
+            "gid": "V-VCSA-80-000023",
+            "rid": "SV-VCSA-80-000023",
+            "stig_id": "VCSA-80-000023",
+            "cci": [
+              "CCI-000044"
+            ],
+            "nist": [
+              "AC-7 a"
+            ]
+          },
+          "code": "control 'VCSA-80-000023' do\n  title 'The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    The following lockout policy should be set as follows:\n\n    Maximum number of failed login attempts: 3\n\n    If this account lockout policy is not configured as stated, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Maximum number of failed login attempts\\\" to \\\"3\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000065'\n  tag gid: 'V-VCSA-80-000023'\n  tag rid: 'SV-VCSA-80-000023'\n  tag stig_id: 'VCSA-80-000023'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  command = '(Get-SsoLockoutPolicy).MaxFailedAttempts'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '3' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000023.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoLockoutPolicy).MaxFailedAttempts stdout.strip is expected to cmp == \"3\"",
+              "run_time": 0.244666,
+              "start_time": "2023-06-07T08:29:08-06:00",
+              "message": "\nexpected: 3\n     got: 5\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoLockoutPolicy).MaxFailedAttempts\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000024",
+          "title": "The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.",
+          "desc": "Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\"",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nThe banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nUse the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n\"I've read (literal ampersand) consent to terms in IS user agreem't.\""
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nIf the selection box next to \"Show login message\" is disabled, \"Details of login message\" is not configured to the standard DOD User Agreement, or the \"Consent checkbox\" is disabled, this is a finding.\n\nNote: Refer to vulnerability discussion for user agreement language."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\nClick \"Edit\".\n\nClick the \"Show login message\" slider to enable.\n\nConfigure the \"Login message\" to \"DOD User Agreement\".\n\nClick the \"Consent checkbox\" slider to enable.\n\nSet the \"Details of login message\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000068",
+            "satisfies": [
+              "SRG-APP-000069",
+              "SRG-APP-000070"
+            ],
+            "gid": "V-VCSA-80-000024",
+            "rid": "SV-VCSA-80-000024",
+            "stig_id": "VCSA-80-000024",
+            "cci": [
+              "CCI-000048",
+              "CCI-000050",
+              "CCI-001384"
+            ],
+            "nist": [
+              "AC-8 a",
+              "AC-8 b",
+              "AC-8 c 1"
+            ]
+          },
+          "code": "control 'VCSA-80-000024' do\n  title 'The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.'\n  desc  \"\n    Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    If the selection box next to \\\"Show login message\\\" is disabled, \\\"Details of login message\\\" is not configured to the standard DOD User Agreement, or the \\\"Consent checkbox\\\" is disabled, this is a finding.\n\n    Note: Refer to vulnerability discussion for user agreement language.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Login Message.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Show login message\\\" slider to enable.\n\n    Configure the \\\"Login message\\\" to \\\"DOD User Agreement\\\".\n\n    Click the \\\"Consent checkbox\\\" slider to enable.\n\n    Set the \\\"Details of login message\\\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000068'\n  tag satisfies: ['SRG-APP-000069', 'SRG-APP-000070']\n  tag gid: 'V-VCSA-80-000024'\n  tag rid: 'SV-VCSA-80-000024'\n  tag stig_id: 'VCSA-80-000024'\n  tag cci: ['CCI-000048', 'CCI-000050', 'CCI-001384']\n  tag nist: ['AC-8 a', 'AC-8 b', 'AC-8 c 1']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000024.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.18e-05,
+              "start_time": "2023-06-07T08:29:09-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000034",
+          "title": "The vCenter Server must produce audit records containing information to establish what type of events occurred.",
+          "desc": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify the \"config.log.level\" value is set to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \"info\".\n\nIf the \"config.log.level\" value is not set to \"info\" or does not exist, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.log.level\" setting to \"info\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000095",
+            "gid": "V-VCSA-80-000034",
+            "rid": "SV-VCSA-80-000034",
+            "stig_id": "VCSA-80-000034",
+            "cci": [
+              "CCI-000130"
+            ],
+            "nist": [
+              "AU-3"
+            ]
+          },
+          "code": "control 'VCSA-80-000034' do\n  title 'The vCenter Server must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify the \\\"config.log.level\\\" value is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level and verify it is set to \\\"info\\\".\n\n    If the \\\"config.log.level\\\" value is not set to \\\"info\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.log.level\\\" setting to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.log.level | Set-AdvancedSetting -Value info\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000095'\n  tag gid: 'V-VCSA-80-000034'\n  tag rid: 'SV-VCSA-80-000034'\n  tag stig_id: 'VCSA-80-000034'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'info' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000034.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"info\"",
+              "run_time": 0.6675981,
+              "start_time": "2023-06-07T08:29:09-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000057",
+          "title": "vCenter Server plugins must be verified.",
+          "desc": "The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\nvSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\nAdditionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\nView the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\nIf any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \"Disable\".\n\nIf the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\nTo uninstall plug-ins, do the following:\n\nIf vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\nIn a web browser, navigate to \"http://vCenter_Server_name_or_IP/mob\", where \"vCenter_Server_name_or_IP/mob\" is the name of the vCenter Server or its IP address.\n\nClick \"Content\".\n\nClick \"ExtensionManager\".\n\nSelect and copy the name of the plug-in to be removed from the list of values under \"Properties\".\n\nClick \"UnregisterExtension\". A new window appears.\n\nPaste the name of the plug-in and click \"Invoke Method\". This removes the plug-in.\n\nClose the window.\n\nRefresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\nNote: If the plug-in still appears, restart the vSphere Client.\n\nNote: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000141",
+            "gid": "V-VCSA-80-000057",
+            "rid": "SV-VCSA-80-000057",
+            "stig_id": "VCSA-80-000057",
+            "cci": [
+              "CCI-000381"
+            ],
+            "nist": [
+              "CM-7 a"
+            ]
+          },
+          "code": "control 'VCSA-80-000057' do\n  title 'vCenter Server plugins must be verified.'\n  desc  \"\n    The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\n    vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\n    Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins.\n\n    View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\n    If any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Solutions >> Client Plug-Ins, click the radio button next to the unknown plug-in, and click \\\"Disable\\\".\n\n    If the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\n    To uninstall plug-ins, do the following:\n\n    If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\n    In a web browser, navigate to \\\"http://vCenter_Server_name_or_IP/mob\\\", where \\\"vCenter_Server_name_or_IP/mob\\\" is the name of the vCenter Server or its IP address.\n\n    Click \\\"Content\\\".\n\n    Click \\\"ExtensionManager\\\".\n\n    Select and copy the name of the plug-in to be removed from the list of values under \\\"Properties\\\".\n\n    Click \\\"UnregisterExtension\\\". A new window appears.\n\n    Paste the name of the plug-in and click \\\"Invoke Method\\\". This removes the plug-in.\n\n    Close the window.\n\n    Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\n    Note: If the plug-in still appears, restart the vSphere Client.\n\n    Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000141'\n  tag gid: 'V-VCSA-80-000057'\n  tag rid: 'SV-VCSA-80-000057'\n  tag stig_id: 'VCSA-80-000057'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000057.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 5.8e-06,
+              "start_time": "2023-06-07T08:29:09-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000059",
+          "title": "The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.",
+          "desc": "To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\nOrganizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\nUsing Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the identity provider type is \"embedded\" and there is no identity source of type \"Active Directory\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\nIf the identity provider type is \"Microsoft ADFS\" or another supported identity provider, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "When using the embedded identity provider type, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\nClick \"Add\".\n\nSelect either \"Active Directory over LDAP\" or \"Active Directory (Windows Integrated Authentication)\" and configure appropriately.\n\nNote: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\nOR\n\nTo change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\nFrom the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick \"Change Identity Provider\".\n\nSelect \"Microsoft ADFS\" and click \"Next\".\n\nEnter the ADFS server information and User and Group details and click \"Finish\".\n\nFor additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000148",
+            "satisfies": [
+              "SRG-APP-000153",
+              "SRG-APP-000163",
+              "SRG-APP-000180",
+              "SRG-APP-000234"
+            ],
+            "gid": "V-VCSA-80-000059",
+            "rid": "SV-VCSA-80-000059",
+            "stig_id": "VCSA-80-000059",
+            "cci": [
+              "CCI-000764",
+              "CCI-000770",
+              "CCI-000795",
+              "CCI-000804",
+              "CCI-001682"
+            ],
+            "nist": [
+              "AC-2 (2)",
+              "IA-2",
+              "IA-2 (5)",
+              "IA-4 e",
+              "IA-8"
+            ]
+          },
+          "code": "control 'VCSA-80-000059' do\n  title 'The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.'\n  desc  \"\n    To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n    (i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n    (ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\n    Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the identity provider type is \\\"embedded\\\" and there is no identity source of type \\\"Active Directory\\\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\n    If the identity provider type is \\\"Microsoft ADFS\\\" or another supported identity provider, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    When using the embedded identity provider type, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Identity Sources.\n\n    Click \\\"Add\\\".\n\n    Select either \\\"Active Directory over LDAP\\\" or \\\"Active Directory (Windows Integrated Authentication)\\\" and configure appropriately.\n\n    Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration >> Single Sign On >> Configuration >> Identity Provider >> Active Directory Domain.\n\n    OR\n\n    To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click \\\"Change Identity Provider\\\".\n\n    Select \\\"Microsoft ADFS\\\" and click \\\"Next\\\".\n\n    Enter the ADFS server information and User and Group details and click \\\"Finish\\\".\n\n    For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000148'\n  tag satisfies: ['SRG-APP-000153', 'SRG-APP-000163', 'SRG-APP-000180', 'SRG-APP-000234']\n  tag gid: 'V-VCSA-80-000059'\n  tag rid: 'SV-VCSA-80-000059'\n  tag stig_id: 'VCSA-80-000059'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-000795', 'CCI-000804', 'CCI-001682']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-4 e', 'IA-8']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000059.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 3.9e-06,
+              "start_time": "2023-06-07T08:29:09-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000060",
+          "title": "The vCenter Server must require multifactor authentication.",
+          "desc": "Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\nMultifactor authentication requires using two or more factors to achieve authentication.\n\nFactors include:\n(i) something a user knows (e.g., password/PIN);\n(ii) something a user has (e.g., cryptographic identification device, token); or\n(iii) something a user is (e.g., biometric)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nIf the embedded identity provider is used, click on \"Smart Card Authentication\".\n\nIf the embedded identity provider is used and \"Smart Card Authentication\" is not enabled, this is a finding.\n\nIf a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\nFor vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000149",
+            "satisfies": [
+              "SRG-APP-000080",
+              "SRG-APP-000150",
+              "SRG-APP-000391",
+              "SRG-APP-000402"
+            ],
+            "gid": "V-VCSA-80-000060",
+            "rid": "SV-VCSA-80-000060",
+            "stig_id": "VCSA-80-000060",
+            "cci": [
+              "CCI-000166",
+              "CCI-000765",
+              "CCI-000766",
+              "CCI-001953",
+              "CCI-002009"
+            ],
+            "nist": [
+              "AU-10",
+              "IA-2 (1)",
+              "IA-2 (12)",
+              "IA-2 (2)",
+              "IA-8 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000060' do\n  title 'The vCenter Server must require multifactor authentication.'\n  desc  \"\n    Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\n    Multifactor authentication requires using two or more factors to achieve authentication.\n\n    Factors include:\n    (i) something a user knows (e.g., password/PIN);\n    (ii) something a user has (e.g., cryptographic identification device, token); or\n    (iii) something a user is (e.g., biometric).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    If the embedded identity provider is used, click on \\\"Smart Card Authentication\\\".\n\n    If the embedded identity provider is used and \\\"Smart Card Authentication\\\" is not enabled, this is a finding.\n\n    If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.\n  \"\n  desc 'fix', \"\n    To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\n    For vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000149'\n  tag satisfies: ['SRG-APP-000080', 'SRG-APP-000150', 'SRG-APP-000391', 'SRG-APP-000402']\n  tag gid: 'V-VCSA-80-000060'\n  tag rid: 'SV-VCSA-80-000060'\n  tag stig_id: 'VCSA-80-000060'\n  tag cci: ['CCI-000166', 'CCI-000765', 'CCI-000766', 'CCI-001953', 'CCI-002009']\n  tag nist: ['AU-10', 'IA-2 (1)', 'IA-2 (12)', 'IA-2 (2)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    command = '(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled'\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000060.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.1935403,
+              "start_time": "2023-06-07T08:29:09-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000069",
+          "title": "The vCenter Server passwords must be at least 15 characters in length.",
+          "desc": "The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nPassword complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\nUse of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Minimum Length\" setting.\n\nMinimum Length: 15\n\nIf the password policy is not configured with a \"Minimum Length\" policy of \"15\" or more, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Minimum Length\" to \"15\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000164",
+            "gid": "V-VCSA-80-000069",
+            "rid": "SV-VCSA-80-000069",
+            "stig_id": "VCSA-80-000069",
+            "cci": [
+              "CCI-000205"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000069' do\n  title 'The vCenter Server passwords must be at least 15 characters in length.'\n  desc  \"\n    The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Minimum Length\\\" setting.\n\n    Minimum Length: 15\n\n    If the password policy is not configured with a \\\"Minimum Length\\\" policy of \\\"15\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Minimum Length\\\" to \\\"15\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000164'\n  tag gid: 'V-VCSA-80-000069'\n  tag rid: 'SV-VCSA-80-000069'\n  tag stig_id: 'VCSA-80-000069'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLength'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 15 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000069.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).MinLength stdout.strip is expected to cmp >= 15",
+              "run_time": 0.2033722,
+              "start_time": "2023-06-07T08:29:10-06:00",
+              "message": "\nexpected it to be >= 15\n     got: 8\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).MinLength\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000070",
+          "title": "The vCenter Server must prohibit password reuse for a minimum of five generations.",
+          "desc": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nTo meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\nIf the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Restrict reuse\" setting.\n\nRestrict reuse: Users cannot reuse any previous 5 passwords\n\nIf the password policy is not configured with a \"Restrict reuse\" policy of \"5\" or more, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet the \"Restrict reuse\" to \"5\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000165",
+            "gid": "V-VCSA-80-000070",
+            "rid": "SV-VCSA-80-000070",
+            "stig_id": "VCSA-80-000070",
+            "cci": [
+              "CCI-000200"
+            ],
+            "nist": [
+              "IA-5 (1) (e)"
+            ]
+          },
+          "code": "control 'VCSA-80-000070' do\n  title 'The vCenter Server must prohibit password reuse for a minimum of five generations.'\n  desc  \"\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    To meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\n    If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Restrict reuse\\\" setting.\n\n    Restrict reuse: Users cannot reuse any previous 5 passwords\n\n    If the password policy is not configured with a \\\"Restrict reuse\\\" policy of \\\"5\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Restrict reuse\\\" to \\\"5\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000165'\n  tag gid: 'V-VCSA-80-000070'\n  tag rid: 'SV-VCSA-80-000070'\n  tag stig_id: 'VCSA-80-000070'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  command = '(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 5 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000070.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount stdout.strip is expected to cmp >= 5",
+              "run_time": 0.2031329,
+              "start_time": "2023-06-07T08:29:10-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000071",
+          "title": "The vCenter Server passwords must contain at least one uppercase character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 uppercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more uppercase characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"uppercase characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000166",
+            "gid": "V-VCSA-80-000071",
+            "rid": "SV-VCSA-80-000071",
+            "stig_id": "VCSA-80-000071",
+            "cci": [
+              "CCI-000192"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000071' do\n  title 'The vCenter Server passwords must contain at least one uppercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 uppercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more uppercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"uppercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000166'\n  tag gid: 'V-VCSA-80-000071'\n  tag rid: 'SV-VCSA-80-000071'\n  tag stig_id: 'VCSA-80-000071'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinUppercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000071.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).MinUppercaseCount stdout.strip is expected to cmp >= 1",
+              "run_time": 0.2463944,
+              "start_time": "2023-06-07T08:29:10-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).MinUppercaseCount\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000072",
+          "title": "The vCenter Server passwords must contain at least one lowercase character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 lowercase characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more lowercase characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"lowercase characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000167",
+            "gid": "V-VCSA-80-000072",
+            "rid": "SV-VCSA-80-000072",
+            "stig_id": "VCSA-80-000072",
+            "cci": [
+              "CCI-000193"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000072' do\n  title 'The vCenter Server passwords must contain at least one lowercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 lowercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more lowercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"lowercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000167'\n  tag gid: 'V-VCSA-80-000072'\n  tag rid: 'SV-VCSA-80-000072'\n  tag stig_id: 'VCSA-80-000072'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLowercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000072.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).MinLowercaseCount stdout.strip is expected to cmp >= 1",
+              "run_time": 0.2471527,
+              "start_time": "2023-06-07T08:29:10-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).MinLowercaseCount\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000073",
+          "title": "The vCenter Server passwords must contain at least one numeric character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 numeric characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more numeric characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"numeric characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000168",
+            "gid": "V-VCSA-80-000073",
+            "rid": "SV-VCSA-80-000073",
+            "stig_id": "VCSA-80-000073",
+            "cci": [
+              "CCI-000194"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000073' do\n  title 'The vCenter Server passwords must contain at least one numeric character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 numeric characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more numeric characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"numeric characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000168'\n  tag gid: 'V-VCSA-80-000073'\n  tag rid: 'SV-VCSA-80-000073'\n  tag stig_id: 'VCSA-80-000073'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinNumericCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000073.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).MinNumericCount stdout.strip is expected to cmp >= 1",
+              "run_time": 0.190235,
+              "start_time": "2023-06-07T08:29:10-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).MinNumericCount\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000074",
+          "title": "The vCenter Server passwords must contain at least one special character.",
+          "desc": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\nPassword complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\nSpecial characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Character requirements\" setting.\n\nCharacter requirements: At least 1 special characters\n\nIf the password policy is not configured with \"Character requirements\" policy requiring \"1\" or more special characters, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"special characters\" to at least \"1\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000169",
+            "gid": "V-VCSA-80-000074",
+            "rid": "SV-VCSA-80-000074",
+            "stig_id": "VCSA-80-000074",
+            "cci": [
+              "CCI-001619"
+            ],
+            "nist": [
+              "IA-5 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000074' do\n  title 'The vCenter Server passwords must contain at least one special character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\n    Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 special characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more special characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"special characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000169'\n  tag gid: 'V-VCSA-80-000074'\n  tag rid: 'SV-VCSA-80-000074'\n  tag stig_id: 'VCSA-80-000074'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinSpecialCharCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 1 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000074.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).MinSpecialCharCount stdout.strip is expected to cmp >= 1",
+              "run_time": 0.2155519,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).MinSpecialCharCount\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000077",
+          "title": "The vCenter Server must enable FIPS-validated cryptography.",
+          "desc": "FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\nIn vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\nvSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Web Client, go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> GET.\n\nClick \"Execute\" and then \"Copy Response\" to view the results.\n\nExample response:\n\n{\n    \"enabled\": true\n}\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nInvoke-GetSystemGlobalFips\n\nIf global FIPS mode is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Web Client go to Developer Center >> API Explorer.\n\nFrom the \"Select API\" drop-down menu, select appliance.\n\nExpand system/security/global_fips >> PUT.\n\nIn the response body under \"Try it out\" paste the following:\n\n{\n    \"enabled\": true\n}\n\nClick \"Execute\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\nNote: The vCenter server reboots after FIPS is enabled or disabled."
+            }
+          ],
+          "impact": 0.7,
+          "refs": [],
+          "tags": {
+            "severity": "high",
+            "gtitle": "SRG-APP-000172",
+            "satisfies": [
+              "SRG-APP-000179",
+              "SRG-APP-000224",
+              "SRG-APP-000231",
+              "SRG-APP-000412",
+              "SRG-APP-000514",
+              "SRG-APP-000555",
+              "SRG-APP-000600",
+              "SRG-APP-000610",
+              "SRG-APP-000620",
+              "SRG-APP-000630",
+              "SRG-APP-000635"
+            ],
+            "gid": "V-VCSA-80-000077",
+            "rid": "SV-VCSA-80-000077",
+            "stig_id": "VCSA-80-000077",
+            "cci": [
+              "CCI-000197",
+              "CCI-000803",
+              "CCI-001188",
+              "CCI-001199",
+              "CCI-001967",
+              "CCI-002450",
+              "CCI-003123"
+            ],
+            "nist": [
+              "IA-3 (1)",
+              "IA-5 (1) (c)",
+              "IA-7",
+              "MA-4 (6)",
+              "SC-13",
+              "SC-23 (3)",
+              "SC-28"
+            ]
+          },
+          "code": "control 'VCSA-80-000077' do\n  title 'The vCenter Server must enable FIPS-validated cryptography.'\n  desc  \"\n    FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\n    In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\n    vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> GET.\n\n    Click \\\"Execute\\\" and then \\\"Copy Response\\\" to view the results.\n\n    Example response:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Invoke-GetSystemGlobalFips\n\n    If global FIPS mode is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Web Client go to Developer Center >> API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips >> PUT.\n\n    In the response body under \\\"Try it out\\\" paste the following:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    Click \\\"Execute\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\n    Note: The vCenter server reboots after FIPS is enabled or disabled.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000172'\n  tag satisfies: ['SRG-APP-000179', 'SRG-APP-000224', 'SRG-APP-000231', 'SRG-APP-000412', 'SRG-APP-000514', 'SRG-APP-000555', 'SRG-APP-000600', 'SRG-APP-000610', 'SRG-APP-000620', 'SRG-APP-000630', 'SRG-APP-000635']\n  tag gid: 'V-VCSA-80-000077'\n  tag rid: 'SV-VCSA-80-000077'\n  tag stig_id: 'VCSA-80-000077'\n  tag cci: ['CCI-000197', 'CCI-000803', 'CCI-001188', 'CCI-001199', 'CCI-001967', 'CCI-002450', 'CCI-003123']\n  tag nist: ['IA-3 (1)', 'IA-5 (1) (c)', 'IA-7', 'MA-4 (6)', 'SC-13', 'SC-23 (3)', 'SC-28']\n\n  command = 'Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'True' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000077.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.3184635,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "message": "\nexpected: True\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000079",
+          "title": "The vCenter Server must enforce a 90-day maximum password lifetime restriction.",
+          "desc": "Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\nOne method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\nThis requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nView the value of the \"Maximum lifetime\" setting.\n\nMaximum lifetime: Password must be changed every 90 days\n\nIf the password policy is not configured with \"Maximum lifetime\" policy of \"90\" or less, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\nClick \"Edit\".\n\nSet \"Maximum lifetime\" to \"90\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000174",
+            "gid": "V-VCSA-80-000079",
+            "rid": "SV-VCSA-80-000079",
+            "stig_id": "VCSA-80-000079",
+            "cci": [
+              "CCI-000199"
+            ],
+            "nist": [
+              "IA-5 (1) (d)"
+            ]
+          },
+          "code": "control 'VCSA-80-000079' do\n  title 'The vCenter Server must enforce a 90-day maximum password lifetime restriction.'\n  desc  \"\n    Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\n    One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\n    This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    View the value of the \\\"Maximum lifetime\\\" setting.\n\n    Maximum lifetime: Password must be changed every 90 days\n\n    If the password policy is not configured with \\\"Maximum lifetime\\\" policy of \\\"90\\\" or less, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"Maximum lifetime\\\" to \\\"90\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000174'\n  tag gid: 'V-VCSA-80-000079'\n  tag rid: 'SV-VCSA-80-000079'\n  tag stig_id: 'VCSA-80-000079'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  command = '(Get-SsoPasswordPolicy).PasswordLifetimeDays'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp <= 90 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000079.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoPasswordPolicy).PasswordLifetimeDays stdout.strip is expected to cmp <= 90",
+              "run_time": 0.1746309,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoPasswordPolicy).PasswordLifetimeDays\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000080",
+          "title": "The vCenter Server must enable revocation checking for certificate-based authentication.",
+          "desc": "The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, verify \"Revocation check\" does not show as disabled.\n\nIf \"Revocation check\" shows as disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder Smart card authentication settings >> Certificate revocation, click the \"Edit\" button.\n\nConfigure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\nBy default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000175",
+            "satisfies": [
+              "SRG-APP-000392",
+              "SRG-APP-000401",
+              "SRG-APP-000403"
+            ],
+            "gid": "V-VCSA-80-000080",
+            "rid": "SV-VCSA-80-000080",
+            "stig_id": "VCSA-80-000080",
+            "cci": [
+              "CCI-000185",
+              "CCI-001954",
+              "CCI-001991",
+              "CCI-002010"
+            ],
+            "nist": [
+              "IA-2 (12)",
+              "IA-5 (2) (a)",
+              "IA-5 (2) (d)",
+              "IA-8 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000080' do\n  title 'The vCenter Server must enable revocation checking for certificate-based authentication.'\n  desc  'The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, verify \\\"Revocation check\\\" does not show as disabled.\n\n    If \\\"Revocation check\\\" shows as disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under Smart card authentication settings >> Certificate revocation, click the \\\"Edit\\\" button.\n\n    Configure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\n    By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000175'\n  tag satisfies: ['SRG-APP-000392', 'SRG-APP-000401', 'SRG-APP-000403']\n  tag gid: 'V-VCSA-80-000080'\n  tag rid: 'SV-VCSA-80-000080'\n  tag stig_id: 'VCSA-80-000080'\n  tag cci: ['CCI-000185', 'CCI-001954', 'CCI-001991', 'CCI-002010']\n  tag nist: ['IA-2 (12)', 'IA-5 (2) (a)', 'IA-5 (2) (d)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    describe.one do\n      describe powercli_command('(Get-SsoAuthenticationPolicy).OCSPEnabled') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).UseInCertCRL') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).CRLUrl') do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000080.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-SsoAuthenticationPolicy).UseInCertCRL stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.000273,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoAuthenticationPolicy).UseInCertCRL\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000089",
+          "title": "The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.",
+          "desc": "Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nView the value of the \"Session timeout\" setting.\n\nIf the \"Session timeout\" is not set to \"15 minute(s)\" or less this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\nClick \"Edit\" and enter \"15\" minutes into the \"Session timeout\" setting. Click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000190",
+            "satisfies": [
+              "SRG-APP-000295",
+              "SRG-APP-000389"
+            ],
+            "gid": "V-VCSA-80-000089",
+            "rid": "SV-VCSA-80-000089",
+            "stig_id": "VCSA-80-000089",
+            "cci": [
+              "CCI-001133",
+              "CCI-002038",
+              "CCI-002361"
+            ],
+            "nist": [
+              "AC-12",
+              "IA-11",
+              "SC-10"
+            ]
+          },
+          "code": "control 'VCSA-80-000089' do\n  title 'The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.'\n  desc  'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    View the value of the \\\"Session timeout\\\" setting.\n\n    If the \\\"Session timeout\\\" is not set to \\\"15 minute(s)\\\" or less this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Client Configuration.\n\n    Click \\\"Edit\\\" and enter \\\"15\\\" minutes into the \\\"Session timeout\\\" setting. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000190'\n  tag satisfies: ['SRG-APP-000295', 'SRG-APP-000389']\n  tag gid: 'V-VCSA-80-000089'\n  tag rid: 'SV-VCSA-80-000089'\n  tag stig_id: 'VCSA-80-000089'\n  tag cci: ['CCI-001133', 'CCI-002038', 'CCI-002361']\n  tag nist: ['AC-12', 'IA-11', 'SC-10']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000089.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 7.1e-06,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000095",
+          "title": "The vCenter Server user roles must be verified.",
+          "desc": "Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView each role and verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nApplication service account and user required privileges should be documented.\n\nIf any user or service account has more privileges than required, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the user or group, click the pencil button, change the assigned role, and click \"OK\".\n\nNote: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\nTo create a new role with reduced permissions, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nClick the green plus sign and enter a name for the role and select only the specific permissions required.\n\nUsers can then be assigned to the newly created role."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000211",
+            "satisfies": [
+              "SRG-APP-000233",
+              "SRG-APP-000380"
+            ],
+            "gid": "V-VCSA-80-000095",
+            "rid": "SV-VCSA-80-000095",
+            "stig_id": "VCSA-80-000095",
+            "cci": [
+              "CCI-001082",
+              "CCI-001084",
+              "CCI-001813"
+            ],
+            "nist": [
+              "CM-5 (1)",
+              "SC-2",
+              "SC-3"
+            ]
+          },
+          "code": "control 'VCSA-80-000095' do\n  title 'The vCenter Server user roles must be verified.'\n  desc  'Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View each role and verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    Application service account and user required privileges should be documented.\n\n    If any user or service account has more privileges than required, this is a finding.\n  \"\n  desc 'fix', \"\n    To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the user or group, click the pencil button, change the assigned role, and click \\\"OK\\\".\n\n    Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\n    To create a new role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Click the green plus sign and enter a name for the role and select only the specific permissions required.\n\n    Users can then be assigned to the newly created role.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000211'\n  tag satisfies: ['SRG-APP-000233', 'SRG-APP-000380']\n  tag gid: 'V-VCSA-80-000095'\n  tag rid: 'SV-VCSA-80-000095'\n  tag stig_id: 'VCSA-80-000095'\n  tag cci: ['CCI-001082', 'CCI-001084', 'CCI-001813']\n  tag nist: ['CM-5 (1)', 'SC-2', 'SC-3']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000095.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 5.0e-06,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000110",
+          "title": "The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).",
+          "desc": "DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\nManaging excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nView the \"Properties\" pane and verify \"Network I/O Control\" is \"Enabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NIOC Enabled\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\nIf \"Network I/O Control\" is disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Networking.\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nIn the \"Properties\" pane, click \"Edit\". Change \"Network I/O Control\" to \"Enabled\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDSwitch \"VDSwitch Name\" | Get-View).EnableNetworkResourceManagement($true)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000247",
+            "gid": "V-VCSA-80-000110",
+            "rid": "SV-VCSA-80-000110",
+            "stig_id": "VCSA-80-000110",
+            "cci": [
+              "CCI-001095"
+            ],
+            "nist": [
+              "SC-5 (2)"
+            ]
+          },
+          "code": "control 'VCSA-80-000110' do\n  title 'The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).'\n  desc  \"\n    DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\n    Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    View the \\\"Properties\\\" pane and verify \\\"Network I/O Control\\\" is \\\"Enabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NIOC Enabled\\\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\n    If \\\"Network I/O Control\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    In the \\\"Properties\\\" pane, click \\\"Edit\\\". Change \\\"Network I/O Control\\\" to \\\"Enabled\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDSwitch \\\"VDSwitch Name\\\" | Get-View).EnableNetworkResourceManagement($true)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000247'\n  tag gid: 'V-VCSA-80-000110'\n  tag rid: 'SV-VCSA-80-000110'\n  tag stig_id: 'VCSA-80-000110'\n  tag cci: ['CCI-001095']\n  tag nist: ['SC-5 (2)']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000110.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\").ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.5353332,
+              "start_time": "2023-06-07T08:29:11-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\").ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.2552794,
+              "start_time": "2023-06-07T08:29:12-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000123",
+          "title": "The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.",
+          "desc": "Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\nTo ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \"com.vmware.sso.PrincipalManagement\" event ID and configure the alert mechanisms appropriately."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nVerify there is an alarm created to alert upon all SSO account actions.\n\nThe alarm name may vary, but it is suggested to name it \"SSO account actions - com.vmware.sso.PrincipalManagement\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select Name,Enabled,@{N=\"EventTypeId\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\nIf an alarm is not created to alert on SSO account actions, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\nClick \"Add\".\n\nProvide the alarm name of \"SSO account actions - com.vmware.sso.PrincipalManagement\" and an optional description.\n\nFrom the \"Target type\" dropdown menu, select \"vCenter Server\".\n\nClick \"Next\".\n\nPaste \"com.vmware.sso.PrincipalManagement\" (without quotes) in the line after \"IF\" and press \"Enter\".\n\nNext to \"Trigger the alarm and\", select \"Show as Warning\".\n\nConfigure the desired notification actions that will inform the SA and ISSO of the event.\n\nClick \"Next\". Click \"Next\" again. Click \"Create\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000291",
+            "satisfies": [
+              "SRG-APP-000292",
+              "SRG-APP-000293",
+              "SRG-APP-000294",
+              "SRG-APP-000320"
+            ],
+            "gid": "V-VCSA-80-000123",
+            "rid": "SV-VCSA-80-000123",
+            "stig_id": "VCSA-80-000123",
+            "cci": [
+              "CCI-001683",
+              "CCI-001684",
+              "CCI-001685",
+              "CCI-001686",
+              "CCI-002132"
+            ],
+            "nist": [
+              "AC-2 (4)"
+            ]
+          },
+          "code": "control 'VCSA-80-000123' do\n  title 'The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.'\n  desc  \"\n    Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\n    To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \\\"com.vmware.sso.PrincipalManagement\\\" event ID and configure the alert mechanisms appropriately.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Verify there is an alarm created to alert upon all SSO account actions.\n\n    The alarm name may vary, but it is suggested to name it \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select Name,Enabled,@{N=\\\"EventTypeId\\\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\n    If an alarm is not created to alert on SSO account actions, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Security >> Alarm Definitions.\n\n    Click \\\"Add\\\".\n\n    Provide the alarm name of \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\" and an optional description.\n\n    From the \\\"Target type\\\" dropdown menu, select \\\"vCenter Server\\\".\n\n    Click \\\"Next\\\".\n\n    Paste \\\"com.vmware.sso.PrincipalManagement\\\" (without quotes) in the line after \\\"IF\\\" and press \\\"Enter\\\".\n\n    Next to \\\"Trigger the alarm and\\\", select \\\"Show as Warning\\\".\n\n    Configure the desired notification actions that will inform the SA and ISSO of the event.\n\n    Click \\\"Next\\\". Click \\\"Next\\\" again. Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000291'\n  tag satisfies: ['SRG-APP-000292', 'SRG-APP-000293', 'SRG-APP-000294', 'SRG-APP-000320']\n  tag gid: 'V-VCSA-80-000123'\n  tag rid: 'SV-VCSA-80-000123'\n  tag stig_id: 'VCSA-80-000123'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001685', 'CCI-001686', 'CCI-002132']\n  tag nist: ['AC-2 (4)']\n\n  command = 'Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000123.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.9179929,
+              "start_time": "2023-06-07T08:29:12-06:00",
+              "message": "\nexpected: true\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select-Object -ExpandProperty Enabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000145",
+          "title": "The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.",
+          "desc": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Time interval between failures\" setting.\n\nTime interval between failures: 900 seconds\n\nIf the lockout policy is not configured with \"Time interval between failures\" policy of \"900\" or more, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Time interval between failures\" to \"900\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000345",
+            "gid": "V-VCSA-80-000145",
+            "rid": "SV-VCSA-80-000145",
+            "stig_id": "VCSA-80-000145",
+            "cci": [
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000145' do\n  title 'The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Time interval between failures\\\" setting.\n\n    Time interval between failures: 900 seconds\n\n    If the lockout policy is not configured with \\\"Time interval between failures\\\" policy of \\\"900\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Time interval between failures\\\" to \\\"900\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000145'\n  tag rid: 'SV-VCSA-80-000145'\n  tag stig_id: 'VCSA-80-000145'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).FailedAttemptIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= 900 }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000145.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoLockoutPolicy).FailedAttemptIntervalSec stdout.strip is expected to cmp >= 900",
+              "run_time": 0.2629529,
+              "start_time": "2023-06-07T08:29:13-06:00",
+              "message": "\nexpected it to be >= 900\n     got: 180\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoLockoutPolicy).FailedAttemptIntervalSec\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000148",
+          "title": "The vCenter Server must be configured to send logs to a central log server.",
+          "desc": "vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \"Reachable\".\n\nIf no valid syslog collector is configured or if the collector is not listed as \"Reachable\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Syslog\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" or \"Configure\".\n\nEdit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\nUser Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000358",
+            "gid": "V-VCSA-80-000148",
+            "rid": "SV-VCSA-80-000148",
+            "stig_id": "VCSA-80-000148",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000148' do\n  title 'The vCenter Server must be configured to send logs to a central log server.'\n  desc  'vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \\\"Reachable\\\".\n\n    If no valid syslog collector is configured or if the collector is not listed as \\\"Reachable\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" or \\\"Configure\\\".\n\n    Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\n    User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000148'\n  tag rid: 'SV-VCSA-80-000148'\n  tag stig_id: 'VCSA-80-000148'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Invoke-GetLoggingForwarding | Select-Object -ExpandProperty hostname'\n  logservers = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if logservers.empty?\n    describe \"No log servers configured: #{logservers}\" do\n      subject { logservers }\n      it { should_not be_empty }\n    end\n  else\n    logservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('syslogServers') }\n      end\n    end\n    logserverstatuscommand = 'Invoke-TestLoggingForwarding | Select-Object -ExpandProperty state'\n    logserverstatus = powercli_command(logserverstatuscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    logserverstatus.each do |status|\n      describe status do\n        subject { status }\n        it { should cmp 'UP' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000148.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "No log servers configured: [] is expected not to be empty",
+              "run_time": 0.0154104,
+              "start_time": "2023-06-07T08:29:13-06:00",
+              "message": "expected `[].empty?` to be falsey, got true",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No log servers configured: []"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000150",
+          "title": "The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.",
+          "desc": "It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\nAlerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\nIf there are no AO-defined events, this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000360",
+            "satisfies": [
+              "SRG-APP-000379",
+              "SRG-APP-000510"
+            ],
+            "gid": "V-VCSA-80-000150",
+            "rid": "SV-VCSA-80-000150",
+            "stig_id": "VCSA-80-000150",
+            "cci": [
+              "CCI-000172",
+              "CCI-001744",
+              "CCI-001858"
+            ],
+            "nist": [
+              "AU-12 c",
+              "AU-5 (2)",
+              "CM-3 (5)"
+            ]
+          },
+          "code": "control 'VCSA-80-000150' do\n  title 'The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.'\n  desc  \"\n    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\n    Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\n    If there are no AO-defined events, this is not a finding.\n  \"\n  desc 'fix', 'Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000360'\n  tag satisfies: ['SRG-APP-000379', 'SRG-APP-000510']\n  tag gid: 'V-VCSA-80-000150'\n  tag rid: 'SV-VCSA-80-000150'\n  tag stig_id: 'VCSA-80-000150'\n  tag cci: ['CCI-000172', 'CCI-001744', 'CCI-001858']\n  tag nist: ['AU-12 c', 'AU-5 (2)', 'CM-3 (5)']\n\n  describe 'This check is a manual or policy based check' do\n    skip 'This must be reviewed manually'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000150.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check",
+              "run_time": 4.8e-06,
+              "start_time": "2023-06-07T08:29:13-06:00",
+              "resource": "",
+              "skip_message": "This must be reviewed manually",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000158",
+          "title": "The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.",
+          "desc": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\nSynchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, verify at least one authorized time server is configured and is listed as \"Reachable\".\n\nIf \"NTP\" is not enabled and at least one authorized time server configured, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Time\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Edit\" under \"Time Synchronization\".\n\nSelect \"NTP\" for \"Mode\" and enter a list of authorized time servers separated by commas. Click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000371",
+            "gid": "V-VCSA-80-000158",
+            "rid": "SV-VCSA-80-000158",
+            "stig_id": "VCSA-80-000158",
+            "cci": [
+              "CCI-001891"
+            ],
+            "nist": [
+              "AU-8 (1) (a)"
+            ]
+          },
+          "code": "control 'VCSA-80-000158' do\n  title 'The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.'\n  desc  \"\n    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\n    Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one authorized time server is configured and is listed as \\\"Reachable\\\".\n\n    If \\\"NTP\\\" is not enabled and at least one authorized time server configured, this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" under \\\"Time Synchronization\\\".\n\n    Select \\\"NTP\\\" for \\\"Mode\\\" and enter a list of authorized time servers separated by commas. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000371'\n  tag gid: 'V-VCSA-80-000158'\n  tag rid: 'SV-VCSA-80-000158'\n  tag stig_id: 'VCSA-80-000158'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  command = 'Invoke-GetTimesync'\n  timesync = powercli_command(command).stdout.strip\n\n  if timesync == 'NTP'\n    ntpserverscommand = 'Invoke-GetNtp'\n    ntpservers = powercli_command(ntpserverscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    ntpservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('ntpServers') }\n      end\n      ntpstatuscommand = \"Initialize-NtpTestRequestBody -Servers #{server} | Invoke-TestNtp | Select-Object -ExpandProperty status\"\n      ntpstatus = powercli_command(ntpstatuscommand).stdout.strip\n      describe ntpstatus do\n        subject { ntpstatus }\n        it { should cmp 'SERVER_REACHABLE' }\n      end\n    end\n  else\n    describe \"Timesync Configuration: #{timesync}\" do\n      subject { timesync }\n      it { should cmp 'NTP' }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000158.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Timesync Configuration: HOST is expected to cmp == \"NTP\"",
+              "run_time": 0.0021716,
+              "start_time": "2023-06-07T08:29:13-06:00",
+              "message": "\nexpected: NTP\n     got: HOST\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Timesync Configuration: HOST"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000195",
+          "title": "The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.",
+          "desc": "Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\nThe DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\nThe default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick \"View Details\" and examine the \"Issuer Information\" block.\n\nIf the issuer specified is not a DOD approved certificate authority, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\nKey size: 2048 bits or more (PEM encoded)\nCRT format (Base-64)\nx509 version 3\nSubjectAltName must contain DNS Name=<machine_FQDN>\nContains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\nExport the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \".cer\" extension.\n\nFrom the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\nClick Actions >> Import and Replace Certificate.\n\nSelect the \"Replace with external CA certificate\" radio button and click \"Next\".\n\nSupply the CA-issued certificate , the exported roots file, and the private key.\n\nClick \"Replace\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000427",
+            "gid": "V-VCSA-80-000195",
+            "rid": "SV-VCSA-80-000195",
+            "stig_id": "VCSA-80-000195",
+            "cci": [
+              "CCI-002470"
+            ],
+            "nist": [
+              "SC-23 (5)"
+            ]
+          },
+          "code": "control 'VCSA-80-000195' do\n  title 'The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.'\n  desc  \"\n    Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\n    The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\n    The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click \\\"View Details\\\" and examine the \\\"Issuer Information\\\" block.\n\n    If the issuer specified is not a DOD approved certificate authority, this is a finding.\n  \"\n  desc 'fix', \"\n    Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n    CRT format (Base-64)\n    x509 version 3\n    SubjectAltName must contain DNS Name=<machine_FQDN>\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \\\".cer\\\" extension.\n\n    From the vSphere Client, go to Administration >> Certificates >> Certificate Management >> Machine SSL Certificate.\n\n    Click Actions >> Import and Replace Certificate.\n\n    Select the \\\"Replace with external CA certificate\\\" radio button and click \\\"Next\\\".\n\n    Supply the CA-issued certificate , the exported roots file, and the private key.\n\n    Click \\\"Replace\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000427'\n  tag gid: 'V-VCSA-80-000195'\n  tag rid: 'SV-VCSA-80-000195'\n  tag stig_id: 'VCSA-80-000195'\n  tag cci: ['CCI-002470']\n  tag nist: ['SC-23 (5)']\n\n  vcenter = powercli_command('$global:DefaultViServers.Name').stdout.strip\n  describe ssl_certificate(host: \"#{vcenter}\", port: 443) do\n    its('issuer_organization') { should cmp 'U.S. Government' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000195.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "ssl_certificate for '10.186.30.81' issuer_organization is expected to cmp == \"U.S. Government\"",
+              "run_time": 0.3951961,
+              "start_time": "2023-06-07T08:29:13-06:00",
+              "message": "\nexpected: U.S. Government\n     got: sc2-10-186-30-81.eng.vmware.com\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "ssl_certificate",
+              "resource_params": "[{:host=>\"10.186.30.81\", :port=>443}]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000196",
+          "title": "The vCenter Server must enable data at rest encryption for vSAN.",
+          "desc": "Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Applications handling data requiring \"data at rest\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\nData encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\nvSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-at-rest encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\nIf \"Data-At-Rest encryption\" is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-At-Rest encryption\" and select a pre-configured key provider from the drop down. Click \"Apply\".\n\nNote: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000428",
+            "gid": "V-VCSA-80-000196",
+            "rid": "SV-VCSA-80-000196",
+            "stig_id": "VCSA-80-000196",
+            "cci": [
+              "CCI-002475"
+            ],
+            "nist": [
+              "SC-28 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000196' do\n  title 'The vCenter Server must enable data at rest encryption for vSAN.'\n  desc  \"\n    Applications handling data requiring \\\"data at rest\\\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\n    Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\n    vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-at-rest encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\n    If \\\"Data-At-Rest encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-At-Rest encryption\\\" and select a pre-configured key provider from the drop down. Click \\\"Apply\\\".\n\n    Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000428'\n  tag gid: 'V-VCSA-80-000196'\n  tag rid: 'SV-VCSA-80-000196'\n  tag stig_id: 'VCSA-80-000196'\n  tag cci: ['CCI-002475']\n  tag nist: ['SC-28 (1)']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"Get-Cluster -Name #{cluster} | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000196.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-Cluster -Name cluster0 | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 1.4792283,
+              "start_time": "2023-06-07T08:29:14-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-Cluster -Name cluster0 | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000248",
+          "title": "The vCenter Server must disable the Customer Experience Improvement Program (CEIP).",
+          "desc": "The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nIf Customer Experience Improvement \"Program Status\" is \"Joined\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\nClick \"Leave Program\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000248",
+            "rid": "SV-VCSA-80-000248",
+            "stig_id": "VCSA-80-000248",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000248' do\n  title 'The vCenter Server must disable the Customer Experience Improvement Program (CEIP).'\n  desc  'The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    If Customer Experience Improvement \\\"Program Status\\\" is \\\"Joined\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Deployment >> Customer Experience Improvement Program.\n\n    Click \\\"Leave Program\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000248'\n  tag rid: 'SV-VCSA-80-000248'\n  tag stig_id: 'VCSA-80-000248'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000248.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.13e-05,
+              "start_time": "2023-06-07T08:29:15-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000253",
+          "title": "The vCenter server must enforce SNMPv3 security features where SNMP is required.",
+          "desc": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\nSNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\nSNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.get\n\nNote: The \"appliancesh\" command is not needed if the default shell has not been changed for root.\n\nIf \"Enable\" is set to \"False\", this is not a finding.\n\nIf \"Enable\" is set to \"True\" and \"Authentication\" is not set to \"SHA1\", this is a finding.\n\nIf \"Enable\" is set to \"True\" and \"Privacy\" is not set to \"AES128\", this is a finding.\n\nIf any \"Users\" are configured with a \"Sec_level\" that does not equal \"priv\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "At the command prompt on the vCenter Server Appliance, run the following commands:\n\n# appliancesh\n# snmp.set --authentication SHA1\n# snmp.set --privacy AES128\n\nTo change the security level of a user, run the following command:\n\n# snmp.set --users <username>/<auth_password> <priv_password>/priv"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000575",
+            "gid": "V-VCSA-80-000253",
+            "rid": "SV-VCSA-80-000253",
+            "stig_id": "VCSA-80-000253",
+            "cci": [
+              "CCI-001967"
+            ],
+            "nist": [
+              "IA-3 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000253' do\n  title 'The vCenter server must enforce SNMPv3 security features where SNMP is required.'\n  desc  \"\n    SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\n    SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\n    SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.get\n\n    Note: The \\\"appliancesh\\\" command is not needed if the default shell has not been changed for root.\n\n    If \\\"Enable\\\" is set to \\\"False\\\", this is not a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Authentication\\\" is not set to \\\"SHA1\\\", this is a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Privacy\\\" is not set to \\\"AES128\\\", this is a finding.\n\n    If any \\\"Users\\\" are configured with a \\\"Sec_level\\\" that does not equal \\\"priv\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.set --authentication SHA1\n    # snmp.set --privacy AES128\n\n    To change the security level of a user, run the following command:\n\n    # snmp.set --users <username>/<auth_password> <priv_password>/priv\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000253'\n  tag rid: 'SV-VCSA-80-000253'\n  tag stig_id: 'VCSA-80-000253'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000253.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 8.6e-06,
+              "start_time": "2023-06-07T08:29:15-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000265",
+          "title": "The vCenter server must disable SNMPv1/2 receivers.",
+          "desc": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, note the presence of any enabled receiver.\n\nIf there are any enabled receivers, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"SNMP receivers\" tab, ensure all receivers are disabled."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000575",
+            "gid": "V-VCSA-80-000265",
+            "rid": "SV-VCSA-80-000265",
+            "stig_id": "VCSA-80-000265",
+            "cci": [
+              "CCI-001967"
+            ],
+            "nist": [
+              "IA-3 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000265' do\n  title 'The vCenter server must disable SNMPv1/2 receivers.'\n  desc  'SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, note the presence of any enabled receiver.\n\n    If there are any enabled receivers, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, ensure all receivers are disabled.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000265'\n  tag rid: 'SV-VCSA-80-000265'\n  tag stig_id: 'VCSA-80-000265'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000265.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.3624992,
+              "start_time": "2023-06-07T08:29:15-06:00",
+              "message": "\nexpected: False\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1768221,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1930579,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1628827,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000266",
+          "title": "The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.",
+          "desc": "By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nView the value of the \"Unlock time\" setting.\n\nUnlock time: 0 seconds\n\nIf the lockout policy is not configured with \"Unlock time\" policy of \"0\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\nClick \"Edit\".\n\nSet the \"Unlock time\" to \"0\" and click \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000345",
+            "gid": "V-VCSA-80-000266",
+            "rid": "SV-VCSA-80-000266",
+            "stig_id": "VCSA-80-000266",
+            "cci": [
+              "CCI-002238"
+            ],
+            "nist": [
+              "AC-7 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000266' do\n  title 'The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.'\n  desc  'By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    View the value of the \\\"Unlock time\\\" setting.\n\n    Unlock time: 0 seconds\n\n    If the lockout policy is not configured with \\\"Unlock time\\\" policy of \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Local Accounts >> Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Unlock time\\\" to \\\"0\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000266'\n  tag rid: 'SV-VCSA-80-000266'\n  tag stig_id: 'VCSA-80-000266'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).AutoUnlockIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '0' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000266.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoLockoutPolicy).AutoUnlockIntervalSec stdout.strip is expected to cmp == \"0\"",
+              "run_time": 0.2036261,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "message": "\nexpected: 0\n     got: 300\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoLockoutPolicy).AutoUnlockIntervalSec\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000267",
+          "title": "The vCenter Server must disable the distributed virtual switch health check.",
+          "desc": "Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nView the health check pane and verify the \"VLAN and MTU\" and \"Teaming and failover\" checks are \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vds = Get-VDSwitch\n$vds.ExtensionData.Config.HealthCheckConfig\n\nIf the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Health Check.\n\nClick \"Edit\".\n\nDisable the \"VLAN and MTU\" and \"Teaming and failover\" checks.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \"False\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000267",
+            "rid": "SV-VCSA-80-000267",
+            "stig_id": "VCSA-80-000267",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000267' do\n  title 'The vCenter Server must disable the distributed virtual switch health check.'\n  desc  'Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    View the health check pane and verify the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks are \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vds = Get-VDSwitch\n    $vds.ExtensionData.Config.HealthCheckConfig\n\n    If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Health Check.\n\n    Click \\\"Edit\\\".\n\n    Disable the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \\\"False\\\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000267'\n  tag rid: 'SV-VCSA-80-000267'\n  tag stig_id: 'VCSA-80-000267'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.HealthCheckConfig | Select-Object -ExpandProperty Enable\"\n      checks = powercli_command(command)\n      checks.stdout.split.each do |hc|\n        describe \"Health check for #{vds}\" do\n          subject { hc }\n          it { should cmp 'false' }\n        end\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000267.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Health check for VDSwitch STIG 1 is expected to cmp == \"false\"",
+              "run_time": 0.0072569,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Health check for VDSwitch STIG 1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Health check for VDSwitch STIG 1 is expected to cmp == \"false\"",
+              "run_time": 0.0002122,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Health check for VDSwitch STIG 1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Health check for VDSwitch STIG 2 is expected to cmp == \"false\"",
+              "run_time": 0.0001312,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Health check for VDSwitch STIG 2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Health check for VDSwitch STIG 2 is expected to cmp == \"false\"",
+              "run_time": 0.0001188,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Health check for VDSwitch STIG 2"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000268",
+          "title": "The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".",
+          "desc": "If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nWhen the \"Forged Transmits\" option is set to \"Accept\", ESXi does not compare source and effective MAC addresses.\n\nTo protect against MAC impersonation, set the \"Forged Transmits\" option to \"Reject\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Forged Transmits\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Forged Transmits\" policy is set to accept for a non-uplink port, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Forged Transmits\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000268",
+            "rid": "SV-VCSA-80-000268",
+            "stig_id": "VCSA-80-000268",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000268' do\n  title 'The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    When the \\\"Forged Transmits\\\" option is set to \\\"Accept\\\", ESXi does not compare source and effective MAC addresses.\n\n    To protect against MAC impersonation, set the \\\"Forged Transmits\\\" option to \\\"Reject\\\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Forged Transmits\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Forged Transmits\\\" policy is set to accept for a non-uplink port, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Forged Transmits\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000268'\n  tag rid: 'SV-VCSA-80-000268'\n  tag stig_id: 'VCSA-80-000268'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000268.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4559017,
+              "start_time": "2023-06-07T08:29:16-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3428624,
+              "start_time": "2023-06-07T08:29:17-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4364241,
+              "start_time": "2023-06-07T08:29:17-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.6254497,
+              "start_time": "2023-06-07T08:29:18-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4285295,
+              "start_time": "2023-06-07T08:29:18-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.8635859,
+              "start_time": "2023-06-07T08:29:19-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000269",
+          "title": "The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".",
+          "desc": "If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\nThis will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"MAC Address Changes\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"MAC Address Changes\" policy is set to accept, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"MAC Address Changes\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000269",
+            "rid": "SV-VCSA-80-000269",
+            "stig_id": "VCSA-80-000269",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000269' do\n  title 'The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"MAC Address Changes\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"MAC Address Changes\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000269'\n  tag rid: 'SV-VCSA-80-000269'\n  tag stig_id: 'VCSA-80-000269'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000269.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3020193,
+              "start_time": "2023-06-07T08:29:20-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.350858,
+              "start_time": "2023-06-07T08:29:20-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.7810286,
+              "start_time": "2023-06-07T08:29:20-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4751133,
+              "start_time": "2023-06-07T08:29:21-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.404362,
+              "start_time": "2023-06-07T08:29:21-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4408188,
+              "start_time": "2023-06-07T08:29:22-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000270",
+          "title": "The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".",
+          "desc": "When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\nPromiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nVerify \"Promiscuous Mode\" is set to \"Reject\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\nIf the \"Promiscuous Mode\" policy is set to accept, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Security\" tab.\n\nSet \"Promiscuous Mode\" to \"Reject\".\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nGet-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\nGet-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000270",
+            "rid": "SV-VCSA-80-000270",
+            "stig_id": "VCSA-80-000270",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000270' do\n  title 'The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Verify \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Promiscuous Mode\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000270'\n  tag rid: 'SV-VCSA-80-000270'\n  tag stig_id: 'VCSA-80-000270'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000270.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.3311334,
+              "start_time": "2023-06-07T08:29:22-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.5081735,
+              "start_time": "2023-06-07T08:29:23-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.447688,
+              "start_time": "2023-06-07T08:29:23-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.5091141,
+              "start_time": "2023-06-07T08:29:24-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.9601561,
+              "start_time": "2023-06-07T08:29:24-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.4214615,
+              "start_time": "2023-06-07T08:29:25-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000271",
+          "title": "The vCenter Server must only send NetFlow traffic to authorized collectors.",
+          "desc": "The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nTo view NetFlow Collector IPs configured on distributed switches:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nView the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"NetFlowCollectorIPs\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\nTo view if NetFlow is enabled on any distributed port groups:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Manage >> Settings >> Policies.\n\nGo to \"Monitoring\" and view the NetFlow status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Select Name,VirtualSwitch,@{N=\"NetFlowEnabled\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\nIf NetFlow is configured and the collector IP is not known and documented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "To remove collector IPs, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> NetFlow.\n\nClick \"Edit\".\n\nRemove any unknown collector IPs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$dvs = Get-VDSwitch dvswitch | Get-View\nForEach($vs in $dvs){\n$spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n$spec.configversion = $vs.Config.ConfigVersion\n$spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n$spec.IpfixConfig.CollectorIpAddress = \"\"\n$spec.IpfixConfig.CollectorPort = \"0\"\n$spec.IpfixConfig.ActiveFlowTimeout = \"60\"\n$spec.IpfixConfig.IdleFlowTimeout = \"15\"\n$spec.IpfixConfig.SamplingRate = \"0\"\n$spec.IpfixConfig.InternalFlowsOnly = $False\n$vs.ReconfigureDvs_Task($spec)\n}\n\nNote: This will reset the NetFlow collector configuration back to the defaults.\n\nTo disable NetFlow on a distributed port group, do the following:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"Monitoring\" tab.\n\nChange \"NetFlow\" to \"Disabled\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n$spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n$spec.defaultPortConfig.ipfixEnabled.inherited = $false\n$spec.defaultPortConfig.ipfixEnabled.value = $false\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000271",
+            "rid": "SV-VCSA-80-000271",
+            "stig_id": "VCSA-80-000271",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000271' do\n  title 'The vCenter Server must only send NetFlow traffic to authorized collectors.'\n  desc  'The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    To view NetFlow Collector IPs configured on distributed switches:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NetFlowCollectorIPs\\\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\n    To view if NetFlow is enabled on any distributed port groups:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Manage >> Settings >> Policies.\n\n    Go to \\\"Monitoring\\\" and view the NetFlow status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Select Name,VirtualSwitch,@{N=\\\"NetFlowEnabled\\\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\n    If NetFlow is configured and the collector IP is not known and documented, this is a finding.\n  \"\n  desc 'fix', \"\n    To remove collector IPs, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> NetFlow.\n\n    Click \\\"Edit\\\".\n\n    Remove any unknown collector IPs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $dvs = Get-VDSwitch dvswitch | Get-View\n    ForEach($vs in $dvs){\n    $spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n    $spec.configversion = $vs.Config.ConfigVersion\n    $spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n    $spec.IpfixConfig.CollectorIpAddress = \\\"\\\"\n    $spec.IpfixConfig.CollectorPort = \\\"0\\\"\n    $spec.IpfixConfig.ActiveFlowTimeout = \\\"60\\\"\n    $spec.IpfixConfig.IdleFlowTimeout = \\\"15\\\"\n    $spec.IpfixConfig.SamplingRate = \\\"0\\\"\n    $spec.IpfixConfig.InternalFlowsOnly = $False\n    $vs.ReconfigureDvs_Task($spec)\n    }\n\n    Note: This will reset the NetFlow collector configuration back to the defaults.\n\n    To disable NetFlow on a distributed port group, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Monitoring\\\" tab.\n\n    Change \\\"NetFlow\\\" to \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n    $spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n    $spec.defaultPortConfig.ipfixEnabled.inherited = $false\n    $spec.defaultPortConfig.ipfixEnabled.value = $false\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000271'\n  tag rid: 'SV-VCSA-80-000271'\n  tag stig_id: 'VCSA-80-000271'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  if vdswitches.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed switches found to check. This is not applicable.'\n    end\n  else\n    setimpact = true\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.IpfixConfig.CollectorIpAddress\"\n      result = powercli_command(command).stdout.strip\n      if !result.empty?\n        describe '' do\n          subject { result }\n          it { should cmp \"#{input('ipfixCollectorAddress')}\" }\n        end\n        setimpact = false\n      else\n        describe '' do\n          skip \"Ipfix CollectorIpAddress not configured...skipping #{vds}.\"\n        end\n      end\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000271.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 1.26e-05,
+              "start_time": "2023-06-07T08:29:25-06:00",
+              "resource": "",
+              "skip_message": "Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 1.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            },
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 9.1e-06,
+              "start_time": "2023-06-07T08:29:25-06:00",
+              "resource": "",
+              "skip_message": "Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 2.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000272",
+          "title": "The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).",
+          "desc": "ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\nFor example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \"1\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \"1\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\nIf the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nChange the VLAN ID to a non-native VLAN.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000272",
+            "rid": "SV-VCSA-80-000272",
+            "stig_id": "VCSA-80-000272",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000272' do\n  title 'The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).'\n  desc  \"\n    ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\n    For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \\\"1\\\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \\\"1\\\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\n    If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Change the VLAN ID to a non-native VLAN.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000272'\n  tag rid: 'SV-VCSA-80-000272'\n  tag stig_id: 'VCSA-80-000272'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '1' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000272.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"",
+              "run_time": 0.2220219,
+              "start_time": "2023-06-07T08:29:25-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"",
+              "run_time": 0.2193449,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"",
+              "run_time": 0.2591679,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == \"1\"",
+              "run_time": 0.2532139,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000273",
+          "title": "The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.",
+          "desc": "When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\nThe virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\nIf VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group \"VLAN Type\" and \"VLAN trunk range\", if present.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \"True\"} | Select Name,VlanConfiguration\n\nIf any port group is configured with \"VLAN trunking\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\nIf any port group is authorized to be configured with \"VLAN trunking\" but is not configured with the most limited range necessary, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nIf \"VLAN trunking\" is not authorized, remove it by setting \"VLAN type\" to \"VLAN\" and configure an appropriate VLAN ID. Click \"OK\".\n\nIf \"VLAN trunking\" is authorized but the range is too broad, modify the range in the \"VLAN trunk range\" field to the minimum necessary and authorized range. An example range would be \"1,3-5,8\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanTrunkRange \"<VLAN Range(s) comma separated>\"\n\nor\n\nRun this command to configure a single VLAN ID:\n\nGet-VDPortgroup \"Portgroup Name\" | Set-VDVlanConfiguration -VlanId \"<New VLAN#>\""
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000273",
+            "rid": "SV-VCSA-80-000273",
+            "stig_id": "VCSA-80-000273",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000273' do\n  title 'The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.'\n  desc  \"\n    When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\n    The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\n    If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group \\\"VLAN Type\\\" and \\\"VLAN trunk range\\\", if present.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \\\"True\\\"} | Select Name,VlanConfiguration\n\n    If any port group is configured with \\\"VLAN trunking\\\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\n    If any port group is authorized to be configured with \\\"VLAN trunking\\\" but is not configured with the most limited range necessary, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    If \\\"VLAN trunking\\\" is not authorized, remove it by setting \\\"VLAN type\\\" to \\\"VLAN\\\" and configure an appropriate VLAN ID. Click \\\"OK\\\".\n\n    If \\\"VLAN trunking\\\" is authorized but the range is too broad, modify the range in the \\\"VLAN trunk range\\\" field to the minimum necessary and authorized range. An example range would be \\\"1,3-5,8\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanTrunkRange \\\"<VLAN Range(s) comma separated>\\\"\n\n    or\n\n    Run this command to configure a single VLAN ID:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanId \\\"<New VLAN#>\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000273'\n  tag rid: 'SV-VCSA-80-000273'\n  tag stig_id: 'VCSA-80-000273'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {(($_.IsUplink -eq $false) -and ($_.VlanConfiguration -match \"Trunk\"))} | Select-Object -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed port groups found to check. This is not applicable.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.Start\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '0' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.End\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '4094' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000273.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "run_time": 6.9e-06,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource": "",
+              "skip_message": "No distributed port groups found to check. This is not applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000274",
+          "title": "The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.",
+          "desc": "Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\nCheck with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nReview the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup | select Name, VlanConfiguration\n\nIf any port group is configured with a reserved VLAN ID, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDPortgroup \"portgroup name\" | Set-VDVlanConfiguration -VlanId \"New VLAN#\""
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000274",
+            "rid": "SV-VCSA-80-000274",
+            "stig_id": "VCSA-80-000274",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000274' do\n  title 'The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.'\n  desc  \"\n    Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\n    Check with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with a reserved VLAN ID, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000274'\n  tag rid: 'SV-VCSA-80-000274'\n  tag stig_id: 'VCSA-80-000274'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vlanlist = ['1001', '1024', '3968', '4047', '4094']\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not be_in vlanlist }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000274.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"",
+              "run_time": 0.0002922,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"",
+              "run_time": 0.0002454,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"",
+              "run_time": 0.0002127,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in \"1001\", \"1024\", \"3968\", \"4047\", and \"4094\"",
+              "run_time": 0.0004291,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000275",
+          "title": "The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.",
+          "desc": "By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By default, vCenter will change the \"vpxuser\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\nNote: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \"vpxuser\" password to preclude the possibility that vCenter might be locked out of an ESXi host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"VirtualCenter.VimPasswordExpirationInDays\" is set to \"30\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\nIf the \"VirtualCenter.VimPasswordExpirationInDays\" is set to a value other than \"30\" or does not exist, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"VirtualCenter.VimPasswordExpirationInDays\" value to \"30\" or if the value does not exist create it by entering the values in the \"Key\" and \"Value\" fields and clicking \"Add\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nIf the setting already exists:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\nIf the setting does not exist:\n\nNew-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000275",
+            "rid": "SV-VCSA-80-000275",
+            "stig_id": "VCSA-80-000275",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000275' do\n  title 'The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.'\n  desc  \"\n    By default, vCenter will change the \\\"vpxuser\\\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\n    Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \\\"vpxuser\\\" password to preclude the possibility that vCenter might be locked out of an ESXi host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays\n\n    If the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to a value other than \\\"30\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" value to \\\"30\\\" or if the value does not exist create it by entering the values in the \\\"Key\\\" and \\\"Value\\\" fields and clicking \\\"Add\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    If the setting already exists:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\n    If the setting does not exist:\n\n    New-AdvancedSetting -Entity <vcenter server name> -Name VirtualCenter.VimPasswordExpirationInDays -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000275'\n  tag rid: 'SV-VCSA-80-000275'\n  tag stig_id: 'VCSA-80-000275'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '30' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000275.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"30\"",
+              "run_time": 0.6119271,
+              "start_time": "2023-06-07T08:29:26-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000276",
+          "title": "The vCenter Server must configure the \"vpxuser\" password to meet length policy.",
+          "desc": "The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The \"vpxuser\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\nLonger passwords make brute-force password attacks more difficult. The \"vpxuser\" password is added by vCenter, meaning no manual intervention is normally required. The \"vpxuser\" password length must never be modified to less than the default length of 32 characters."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"config.vpxd.hostPasswordLength\" is set to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\nIf the \"config.vpxd.hostPasswordLength\" is set to a value other than \"32, this is a finding.\n\nIf the setting does not exist, this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"config.vpxd.hostPasswordLength\" value to \"32\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000276",
+            "rid": "SV-VCSA-80-000276",
+            "stig_id": "VCSA-80-000276",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000276' do\n  title 'The vCenter Server must configure the \"vpxuser\" password to meet length policy.'\n  desc  \"\n    The \\\"vpxuser\\\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\n    Longer passwords make brute-force password attacks more difficult. The \\\"vpxuser\\\" password is added by vCenter, meaning no manual intervention is normally required. The \\\"vpxuser\\\" password length must never be modified to less than the default length of 32 characters.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"config.vpxd.hostPasswordLength\\\" is set to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\n    If the \\\"config.vpxd.hostPasswordLength\\\" is set to a value other than \\\"32, this is a finding.\n\n    If the setting does not exist, this is not a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.vpxd.hostPasswordLength\\\" value to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000276'\n  tag rid: 'SV-VCSA-80-000276'\n  tag stig_id: 'VCSA-80-000276'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value'\n  describe.one do\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp '32' }\n    end\n    describe powercli_command(command) do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000276.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value stdout.strip is expected to be empty",
+              "run_time": 0.0002715,
+              "start_time": "2023-06-07T08:29:27-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000277",
+          "title": "The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.",
+          "desc": "vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\nThere are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\nAlternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Check the following conditions:\n\n1. Lifecycle Manager must be configured to use the UMDS.\n\nOR\n\n2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\nOR\n\n3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\nOption 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches from a UMDS shared repository\" radio button is selected and that a valid UMDS repository is supplied.\n\nClick \"Cancel\".\n\nIf this is not set, this is a finding.\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nVerify the \"Download patches directly from the internet\" radio button is selected.\n\nClick \"Cancel\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nVerify that \"HTTPS\" is \"Enabled\".\n\nClick the \"HTTPS\" row.\n\nVerify the proxy server configuration is accurate.\n\nIf this is not set, this is a finding.\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nVerify the \"Automatic downloads\" option is disabled.\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nVerify any download sources are disabled.\n\nIf this is not set, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Option 1:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches from a UMDS shared repository\" radio button and supply a valid UMDS repository.\n\nClick \"Save\".\n\nOption 2:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\nClick the \"Change Download Source\" button.\n\nSelect the \"Download patches directly from the internet\" radio button.\n\nClick \"Save\".\n\nNavigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\nClick \"Edit\".\n\nSlide \"HTTPS\" to \"Enabled\".\n\nSupply the appropriate proxy server configuration.\n\nClick \"Save\".\n\nOption 3:\n\nFrom the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\nClick \"Edit\" and uncheck \"Download patches\".\n\nUnder \"Patch Setup\" select each download source and click Disable."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000277",
+            "rid": "SV-VCSA-80-000277",
+            "stig_id": "VCSA-80-000277",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000277' do\n  title 'The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.'\n  desc  \"\n    vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\n    There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\n    Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Check the following conditions:\n\n    1. Lifecycle Manager must be configured to use the UMDS.\n\n    OR\n\n    2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\n    OR\n\n    3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches from a UMDS shared repository\\\" radio button is selected and that a valid UMDS repository is supplied.\n\n    Click \\\"Cancel\\\".\n\n    If this is not set, this is a finding.\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches directly from the internet\\\" radio button is selected.\n\n    Click \\\"Cancel\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Verify that \\\"HTTPS\\\" is \\\"Enabled\\\".\n\n    Click the \\\"HTTPS\\\" row.\n\n    Verify the proxy server configuration is accurate.\n\n    If this is not set, this is a finding.\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Verify the \\\"Automatic downloads\\\" option is disabled.\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Verify any download sources are disabled.\n\n    If this is not set, this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches from a UMDS shared repository\\\" radio button and supply a valid UMDS repository.\n\n    Click \\\"Save\\\".\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches directly from the internet\\\" radio button.\n\n    Click \\\"Save\\\".\n\n    Navigate to the vCenter Server Management interface at https://<vcenter dns>:5480 >> Networking >> Proxy Settings.\n\n    Click \\\"Edit\\\".\n\n    Slide \\\"HTTPS\\\" to \\\"Enabled\\\".\n\n    Supply the appropriate proxy server configuration.\n\n    Click \\\"Save\\\".\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager >> Settings >> Patch Downloads.\n\n    Click \\\"Edit\\\" and uncheck \\\"Download patches\\\".\n\n    Under \\\"Patch Setup\\\" select each download source and click Disable.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000277'\n  tag rid: 'SV-VCSA-80-000277'\n  tag stig_id: 'VCSA-80-000277'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000277.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 1.02e-05,
+              "start_time": "2023-06-07T08:29:27-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000278",
+          "title": "The vCenter Server must use unique service accounts when applications connect to vCenter.",
+          "desc": "To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\nFor example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\nIf any application shares a service account that is used to connect to vCenter, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\nWhen standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000278",
+            "rid": "SV-VCSA-80-000278",
+            "stig_id": "VCSA-80-000278",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000278' do\n  title 'The vCenter Server must use unique service accounts when applications connect to vCenter.'\n  desc  'To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\n    For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\n    If any application shares a service account that is used to connect to vCenter, this is a finding.\n  \"\n  desc  'fix', \"\n    For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\n    When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000278'\n  tag rid: 'SV-VCSA-80-000278'\n  tag stig_id: 'VCSA-80-000278'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000278.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 8.4e-06,
+              "start_time": "2023-06-07T08:29:27-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000279",
+          "title": "The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.",
+          "desc": "Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\nIP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\nTo restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If IP-based storage is not used, this is not applicable.\n\nIP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\nThe check for this will be unique per environment.\n\nTo check a standard switch, do the following:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\nVerify it is dedicated to that purpose and is logically separated from other traffic types.\n\nTo check a distributed switch, do the following,\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \"Summary\" tab.\n\nNote the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\nIf any IP-based storage networks are not isolated from other traffic types, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Configuration of an IP-based VMkernel will be unique to each environment.\n\nTo configure VLANs and traffic types, do the following:\n\nStandard switch:\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"Edit...\" and click the \"Port properties\" tab.\n\nUncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and click \"...\". Click \"Edit Settings\". On the \"Properties\" tab, enter the appropriate VLAN ID and click \"OK\".\n\nDistributed switch:\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Topology.\n\nSelect the Storage VMkernel (for any IP-based storage). Click \"...\" and click \"Edit Settings\".\n\nOn the \"Port properties\" tab, uncheck everything (unless vSAN).\n\nClick the \"IPv4\" settings or \"IPv6\" settings tab.\n\nEnter the appropriate IP address and subnet information.\n\nClick \"OK\".\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect and expand a distributed switch.\n\nFor each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nClick the \"VLAN\" tab.\n\nEnter the appropriate VLAN type and ID and click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000279",
+            "rid": "SV-VCSA-80-000279",
+            "stig_id": "VCSA-80-000279",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000279' do\n  title 'The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.'\n  desc  \"\n    Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\n    IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\n    The check for this will be unique per environment.\n\n    To check a standard switch, do the following:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\n    Verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    To check a distributed switch, do the following,\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \\\"Summary\\\" tab.\n\n    Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-based VMkernel will be unique to each environment.\n\n    To configure VLANs and traffic types, do the following:\n\n    Standard switch:\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> VMkernel adapters.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"Edit...\\\" and click the \\\"Port properties\\\" tab.\n\n    Uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, select the ESXi host and go to Configure >> Networking >> Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and click \\\"...\\\". Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, enter the appropriate VLAN ID and click \\\"OK\\\".\n\n    Distributed switch:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Topology.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"...\\\" and click \\\"Edit Settings\\\".\n\n    On the \\\"Port properties\\\" tab, uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Enter the appropriate VLAN type and ID and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000279'\n  tag rid: 'SV-VCSA-80-000279'\n  tag stig_id: 'VCSA-80-000279'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000279.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 8.9e-06,
+              "start_time": "2023-06-07T08:29:27-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000280",
+          "title": "The vCenter server must be configured to send events to a central log server.",
+          "desc": "vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\nThe vCenter server sends events to syslog by default, but this configuration must be verified and maintained."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nVerify that \"vpxd.event.syslog.enabled\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\nIf the \"vpxd.event.syslog.enabled\" value is not set to \"true\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\nClick \"Edit Settings\" and configure the \"vpxd.event.syslog.enabled\" setting to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000358",
+            "gid": "V-VCSA-80-000280",
+            "rid": "SV-VCSA-80-000280",
+            "stig_id": "VCSA-80-000280",
+            "cci": [
+              "CCI-001851"
+            ],
+            "nist": [
+              "AU-4 (1)"
+            ]
+          },
+          "code": "control 'VCSA-80-000280' do\n  title 'The vCenter server must be configured to send events to a central log server.'\n  desc  \"\n    vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\n    The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Verify that \\\"vpxd.event.syslog.enabled\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled\n\n    If the \\\"vpxd.event.syslog.enabled\\\" value is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"vpxd.event.syslog.enabled\\\" setting to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity <vcenter server name> -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000280'\n  tag rid: 'SV-VCSA-80-000280'\n  tag stig_id: 'VCSA-80-000280'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000280.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.6452781,
+              "start_time": "2023-06-07T08:29:27-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000281",
+          "title": "The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.",
+          "desc": "The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nIf the HCL internet download is not required, verify \"Status\" is \"Disabled\".\n\nIf the \"Status\" is \"Enabled\", this is a finding.\n\nIf the HCL internet download is required, verify \"Status\" is \"Enabled\" and a proxy host is configured.\n\nIf \"Status\" is \"Enabled\" and a proxy is not configured, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\nClick \"Edit\".\n\nIf the HCL internet download is not required, ensure that \"Status\" is \"Disabled\".\n\nIf the HCL internet download is required, ensure that \"Status\" is \"Enabled\" and that a proxy host is appropriately configured."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000281",
+            "rid": "SV-VCSA-80-000281",
+            "stig_id": "VCSA-80-000281",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000281' do\n  title 'The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.'\n  desc  'The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    If the HCL internet download is not required, verify \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the \\\"Status\\\" is \\\"Enabled\\\", this is a finding.\n\n    If the HCL internet download is required, verify \\\"Status\\\" is \\\"Enabled\\\" and a proxy host is configured.\n\n    If \\\"Status\\\" is \\\"Enabled\\\" and a proxy is not configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Configure >> vSAN >> Internet Connectivity.\n\n    Click \\\"Edit\\\".\n\n    If the HCL internet download is not required, ensure that \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the HCL internet download is required, ensure that \\\"Status\\\" is \\\"Enabled\\\" and that a proxy host is appropriately configured.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000281'\n  tag rid: 'SV-VCSA-80-000281'\n  tag stig_id: 'VCSA-80-000281'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    command = '$vsanphview = Get-VsanView -Id VsanPhoneHomeSystem-vsan-phonehome-system; $vsanphview.QueryVsanCloudHealthStatus().InternetConnectivity'\n    vcinternetenabled = powercli_command(command).stdout.strip\n\n    if vcinternetenabled == 'True'\n      proxycommand = '$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host'\n      describe powercli_command(proxycommand) do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    else\n      describe 'Enable Internet access for all vSAN clusters.' do\n        subject { vcinternetenabled }\n        it { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000281.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: $vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host stdout.strip is expected not to cmp == \"\"",
+              "run_time": 0.0795031,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "message": "\nexpected: \n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000282",
+          "title": "The vCenter Server must configure the vSAN Datastore name to a unique name.",
+          "desc": "A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nReview the datastores and identify any datastores with \"vSAN\" as the datastore type.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\nGet-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \"vsan\"}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}\n\nIf vSAN is enabled and a datastore is named \"vsanDatastore\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Datastores.\n\nRight-click on the datastore named \"vsanDatastore\" and select \"Rename\".\n\nRename the datastore based on site-specific naming standards.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\nIf($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\nWrite-Host \"vSAN Enabled Cluster found\"\n$Clusters = Get-Cluster | where {$_.VsanEnabled}\nForeach ($clus in $clusters){\n $clus | Get-Datastore | where {$_.type -match \"vsan\"} | Set-Datastore -Name $(($clus.name) + \"_vSAN_Datastore\")\n}\n}\nelse{\nWrite-Host \"vSAN is not enabled, this finding is not applicable.\"\n}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000282",
+            "rid": "SV-VCSA-80-000282",
+            "stig_id": "VCSA-80-000282",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000282' do\n  title 'The vCenter Server must configure the vSAN Datastore name to a unique name.'\n  desc  'A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Review the datastores and identify any datastores with \\\"vSAN\\\" as the datastore type.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \\\"vsan\\\"}\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n\n    If vSAN is enabled and a datastore is named \\\"vsanDatastore\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Datastores.\n\n    Right-click on the datastore named \\\"vsanDatastore\\\" and select \\\"Rename\\\".\n\n    Rename the datastore based on site-specific naming standards.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    $Clusters = Get-Cluster | where {$_.VsanEnabled}\n    Foreach ($clus in $clusters){\n     $clus | Get-Datastore | where {$_.type -match \\\"vsan\\\"} | Set-Datastore -Name $(($clus.name) + \\\"_vSAN_Datastore\\\")\n    }\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000282'\n  tag rid: 'SV-VCSA-80-000282'\n  tag stig_id: 'VCSA-80-000282'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-Cluster | Where-Object {$_.VsanEnabled} | Get-Datastore | Where-Object {$_.type -match \"vsan\"} | Select-Object -ExpandProperty Name'\n  vsandatastores = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vsandatastores.empty?\n    describe '' do\n      skip 'No VSAN datastores found to check.'\n    end\n  else\n    vsandatastores.each do |ds|\n      describe '' do\n        subject { ds }\n        it { should_not cmp 'vsanDatastore' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000282.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "is expected not to cmp == \"vsanDatastore\"",
+              "run_time": 0.0002802,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "message": "\nexpected: vsanDatastore\n     got: vsanDatastore\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000283",
+          "title": "The vCenter Server must disable Username/Password and Windows Integrated Authentication.",
+          "desc": "All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If a federated identity provider is configured and used for an identity source, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nUnder \"Authentication method\", examine the allowed methods.\n\nIf \"Smart card authentication\" is not enabled and \"Password and windows session authentication\" is not disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\nNext to \"Authentication method\", click \"Edit\".\n\nSelect to radio button to \"Enable smart card authentication\".\n\nClick \"Save\".\n\nTo re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n# /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000283",
+            "rid": "SV-VCSA-80-000283",
+            "stig_id": "VCSA-80-000283",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000283' do\n  title 'The vCenter Server must disable Username/Password and Windows Integrated Authentication.'\n  desc  'All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Under \\\"Authentication method\\\", examine the allowed methods.\n\n    If \\\"Smart card authentication\\\" is not enabled and \\\"Password and windows session authentication\\\" is not disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider >> Smart Card Authentication.\n\n    Next to \\\"Authentication method\\\", click \\\"Edit\\\".\n\n    Select to radio button to \\\"Enable smart card authentication\\\".\n\n    Click \\\"Save\\\".\n\n    To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n    # /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000283'\n  tag rid: 'SV-VCSA-80-000283'\n  tag stig_id: 'VCSA-80-000283'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('embeddedIdp')\n    describe powercli_command('(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    describe 'A federated IDP is configured so this is Not Applicable.' do\n      skip 'A federated IDP is configured so this is Not Applicable.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000283.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.000345,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "message": "\nexpected: true\n     got: False\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoAuthenticationPolicy).PasswordAuthnEnabled stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.1837198,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "message": "\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: (Get-SsoAuthenticationPolicy).WindowsAuthnEnabled stdout.strip is expected to cmp == \"false\"",
+              "run_time": 0.2947417,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "message": "\nexpected: false\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000284",
+          "title": "The vCenter Server must restrict access to the default roles with cryptographic permissions.",
+          "desc": "In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In vSphere, the built-in \"Administrator\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\nA new built-in role called \"No Cryptography Administrator\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \"No Cryptography Administrator\" role or more restrictive.\n\nThe \"Administrator\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Where {$_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\nThe built-in solution users assigned to the administrator role are NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nMove any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \"No Cryptography Administrator\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000284",
+            "rid": "SV-VCSA-80-000284",
+            "stig_id": "VCSA-80-000284",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000284' do\n  title 'The vCenter Server must restrict access to the default roles with cryptographic permissions.'\n  desc  \"\n    In vSphere, the built-in \\\"Administrator\\\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\n    A new built-in role called \\\"No Cryptography Administrator\\\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \\\"No Cryptography Administrator\\\" role or more restrictive.\n\n    The \\\"Administrator\\\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Where {$_.Role -eq \\\"Admin\\\" -or $_.Role -eq \\\"NoTrustedAdmin\\\" -or $_.Role -eq \\\"vCLSAdmin\\\" -or $_.Role -eq \\\"vSphereKubernetesManager\\\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\n    The built-in solution users assigned to the administrator role are NOT a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \\\"No Cryptography Administrator\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000284'\n  tag rid: 'SV-VCSA-80-000284'\n  tag stig_id: 'VCSA-80-000284'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoAdmins = input('vcCryptoAdmins')\n\n  # Get all users/groups with Admin/Administrator role excluding vpxd- accounts\n  command = 'Get-VIPermission | Where-Object {($_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\") -and $_.Principal -notmatch \"vpxd-\"} | Select-Object -ExpandProperty Principal'\n  cryptoadmins = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoadmins.empty?\n    cryptoadmins.each do |cryptoadmin|\n      describe cryptoadmin do\n        subject { cryptoadmin }\n        it { should be_in vcCryptoAdmins }\n      end\n    end\n  else\n    describe 'No users/groups found assigned to crypto roles...skipping tests.' do\n      skip 'No users/groups found assigned to crypto roles...skipping tests.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000284.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\Administrator is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0003841,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\Administrator"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0002994,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\Administrators"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0002966,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\Administrators"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0002984,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\vCLSAdmin"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0004221,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\Administrators"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0006365,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\vCLSAdmin"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0002881,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\Administrators"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0002754,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\vCLSAdmin"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\Administrators is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.000276,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\Administrators"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VSPHERE.LOCAL\\vCLSAdmin is expected to be in \"VSPHERE.LOCAL\\\\Administrator\", \"VSPHERE.LOCAL\\\\Administrators\", and \"VSPHERE.LOCAL\\\\vCLSAdmin\"",
+              "run_time": 0.0002728,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VSPHERE.LOCAL\\vCLSAdmin"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000285",
+          "title": "The vCenter Server must restrict access to cryptographic permissions.",
+          "desc": "These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\nFrom the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight each role and click the 'Privileges\" button in the right pane.\n\nVerify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$roles = Get-VIRole\nForEach($role in $roles){\n    $privileges = $role.PrivilegeList\n    If($privileges -match \"Crypto*\" -or $privileges -match \"Global.Diagnostics\" -or $privileges -match \"Host.Inventory.Add*\" -or $privileges -match \"Host.Local operations.Manage user groups\"){\n    Write-Host \"$role has Cryptographic privileges\"\n    }\n}\n\nIf any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nHighlight the target custom role and click \"Edit\".\n\nRemove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\nCryptographic Operations privileges\nGlobal.Diagnostics\nHost.Inventory.Add host to cluster\nHost.Inventory.Add standalone host\nHost.Local operations.Manage user groups"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000285",
+            "rid": "SV-VCSA-80-000285",
+            "stig_id": "VCSA-80-000285",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000285' do\n  title 'The vCenter Server must restrict access to cryptographic permissions.'\n  desc  'These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.'\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight each role and click the 'Privileges\\\" button in the right pane.\n\n    Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $roles = Get-VIRole\n    ForEach($role in $roles){\n        $privileges = $role.PrivilegeList\n        If($privileges -match \\\"Crypto*\\\" -or $privileges -match \\\"Global.Diagnostics\\\" -or $privileges -match \\\"Host.Inventory.Add*\\\" -or $privileges -match \\\"Host.Local operations.Manage user groups\\\"){\n        Write-Host \\\"$role has Cryptographic privileges\\\"\n        }\n    }\n\n    If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    Highlight the target custom role and click \\\"Edit\\\".\n\n    Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000285'\n  tag rid: 'SV-VCSA-80-000285'\n  tag stig_id: 'VCSA-80-000285'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoRoles = input('vcCryptoRoles')\n\n  command = 'Get-VIRole | Where-Object {$_.PrivilegeList -match \"Crypto*\" -or $_.PrivilegeList -match \"Global.Diagnostics\" -or $_.PrivilegeList -match \"Host.Inventory.Add*\" -or $_.PrivilegeList -match \"Host.Local operations.Manage user groups\"} | Select-Object -ExpandProperty Name'\n  cryptoroles = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoroles.empty?\n    cryptoroles.each do |cryptorole|\n      describe cryptorole do\n        subject { cryptorole }\n        it { should be_in vcCryptoRoles }\n      end\n    end\n  else\n    describe 'No roles found with crypto permissions...skipping tests.' do\n      skip 'No roles found with crypto permissions...skipping tests.'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000285.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "NoTrustedAdmin is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"",
+              "run_time": 0.0002811,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "NoTrustedAdmin"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Admin is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"",
+              "run_time": 0.0002912,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Admin"
+            },
+            {
+              "status": "passed",
+              "code_desc": "vSphereKubernetesManager is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"",
+              "run_time": 0.0006983,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "vSphereKubernetesManager"
+            },
+            {
+              "status": "passed",
+              "code_desc": "vCLSAdmin is expected to be in \"Admin\", \"NoTrustedAdmin\", \"vCLSAdmin\", and \"vSphereKubernetesManager\"",
+              "run_time": 0.0002581,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "vCLSAdmin"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000286",
+          "title": "The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.",
+          "desc": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, review the value in the \"Authentication\" column.\n\nIf the Authentication method is not set to \"CHAP_Mutual\" for any iSCSI target, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\nFor each iSCSI target, select the item and click \"Edit\".\n\nChange the \"Authentication\" field to \"Mutual CHAP\" and configure the incoming and outgoing users and secrets appropriately."
+            }
+          ],
+          "impact": 0.0,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000286",
+            "rid": "SV-VCSA-80-000286",
+            "stig_id": "VCSA-80-000286",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000286' do\n  title 'The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, review the value in the \\\"Authentication\\\" column.\n\n    If the Authentication method is not set to \\\"CHAP_Mutual\\\" for any iSCSI target, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster >> Configure >> vSAN >> iSCSI Target Service.\n\n    For each iSCSI target, select the item and click \\\"Edit\\\".\n\n    Change the \\\"Authentication\\\" field to \\\"Mutual CHAP\\\" and configure the incoming and outgoing users and secrets appropriately.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000286'\n  tag rid: 'SV-VCSA-80-000286'\n  tag stig_id: 'VCSA-80-000286'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !clusters.empty?\n    clusters.each do |cluster|\n      iscsiEnabled = powercli_command(\"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").IscsiTargetServiceEnabled\").stdout.strip\n      if iscsiEnabled == 'True'\n        command = \"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").DefaultIscsiAuthenticationType\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'MutualChap' }\n        end\n        setimpact = false\n      else\n        describe \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\" do\n          skip \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No vSAN enabled clusters found...this is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000286.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.",
+              "run_time": 9.9e-06,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource": "",
+              "skip_message": "vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000287",
+          "title": "The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).",
+          "desc": "The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\nThis operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If vSAN is not in use, this is not applicable.\n\nInterview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\nVMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\nIf vSAN encryption is not in use, this is not a finding.\n\nIf vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "If vSAN encryption is in use, ensure that a regular rekey procedure is in place."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000287",
+            "rid": "SV-VCSA-80-000287",
+            "stig_id": "VCSA-80-000287",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000287' do\n  title 'The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).'\n  desc  \"\n    The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\n    This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If vSAN is not in use, this is not applicable.\n\n    Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\n    VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\n    If vSAN encryption is not in use, this is not a finding.\n\n    If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.\n  \"\n  desc 'fix', 'If vSAN encryption is in use, ensure that a regular rekey procedure is in place.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000287'\n  tag rid: 'SV-VCSA-80-000287'\n  tag stig_id: 'VCSA-80-000287'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000287.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 7.3e-06,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000288",
+          "title": "The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.",
+          "desc": "LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\nWhen configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If LDAP is not used as an identity provider, this is not applicable.\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\", if the \"Server URL\" does not indicate \"ldaps://\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\nClick the \"Identity Sources\" tab.\n\nFor each identity source of type \"Active Directory over LDAP\" where LDAPS is not configured, highlight the item and click \"Edit\".\n\nEnsure the primary and secondary server URLs, if specified, are configured for \"ldaps://\".\n\nAt the bottom, click the \"Browse\" button, select the AD LDAP cert previously exported to your local computer, click \"Open\", and \"Save\" to complete modifications.\n\nNote: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000288",
+            "rid": "SV-VCSA-80-000288",
+            "stig_id": "VCSA-80-000288",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000288' do\n  title 'The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.'\n  desc  \"\n    LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\n    When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If LDAP is not used as an identity provider, this is not applicable.\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\", if the \\\"Server URL\\\" does not indicate \\\"ldaps://\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Configuration >> Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\" where LDAPS is not configured, highlight the item and click \\\"Edit\\\".\n\n    Ensure the primary and secondary server URLs, if specified, are configured for \\\"ldaps://\\\".\n\n    At the bottom, click the \\\"Browse\\\" button, select the AD LDAP cert previously exported to your local computer, click \\\"Open\\\", and \\\"Save\\\" to complete modifications.\n\n    Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000288'\n  tag rid: 'SV-VCSA-80-000288'\n  tag stig_id: 'VCSA-80-000288'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000288.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 6.2e-06,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000290",
+          "title": "The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.",
+          "desc": "vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \"SystemConfiguration.BashShellAdministrators\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \"sso-user\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\nTo force accountability and nonrepudiation, the SSO group \"SystemConfiguration.BashShellAdministrators\" must be severely restricted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: By default the Administrator and a unique service account similar to \"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\" will be in the group and should not be removed.\n\nIf there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"SystemConfiguration.BashShellAdministrators\" group appears.\n\nClick \"SystemConfiguration.BashShellAdministrators\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000290",
+            "rid": "SV-VCSA-80-000290",
+            "stig_id": "VCSA-80-000290",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000290' do\n  title 'The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.'\n  desc  \"\n    vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \\\"SystemConfiguration.BashShellAdministrators\\\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \\\"sso-user\\\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\n    To force accountability and nonrepudiation, the SSO group \\\"SystemConfiguration.BashShellAdministrators\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: By default the Administrator and a unique service account similar to \\\"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\\\" will be in the group and should not be removed.\n\n    If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000290'\n  tag rid: 'SV-VCSA-80-000290'\n  tag stig_id: 'VCSA-80-000290'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  bashShellAdminUsers = input('bashShellAdminUsers')\n  # Get appliance management user and add to list of authorized users. Unique to each vCenter.\n  applmgmtuser = powercli_command('Get-SsoGroup -Domain vsphere.local -Name applmgmtSvcUsers | Get-SsoPersonUser | Select-Object -ExpandProperty Name').stdout.strip\n  bashShellAdminUsers.push(applmgmtuser)\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in SystemConfiguration.BashShellAdministrators' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |user|\n      describe user do\n        it { should be_in bashShellAdminUsers }\n      end\n    end\n  end\n  bashShellAdminGroups = input('bashShellAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in SystemConfiguration.BashShellAdministrators' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |group|\n      describe group do\n        it { should be_in bashShellAdminGroups }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000290.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Administrator is expected to be in \"Administrator\" and \"vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d\"",
+              "run_time": 0.0002423,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Administrator"
+            },
+            {
+              "status": "passed",
+              "code_desc": "vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d is expected to be in \"Administrator\" and \"vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d\"",
+              "run_time": 0.0002087,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Stderr should be empty if no groups found is expected to be empty",
+              "run_time": 0.0130313,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Stderr should be empty if no groups found"
+            },
+            {
+              "status": "passed",
+              "code_desc": "No groups found in SystemConfiguration.BashShellAdministrators is expected to be empty",
+              "run_time": 0.0086464,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No groups found in SystemConfiguration.BashShellAdministrators"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000291",
+          "title": "The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.",
+          "desc": "The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere \"TrustedAdmins\" group grants additional rights to administer the vSphere Trust Authority feature.\n\nTo force accountability and nonrepudiation, the SSO group \"TrustedAdmins\" must be severely restricted."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nReview the members of the group and ensure that only authorized accounts are present.\n\nNote: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\nIf there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\nClick the next page arrow until the \"TrustedAdmins\" group appears.\n\nClick \"TrustedAdmins\".\n\nClick the three vertical dots next to the name of each unauthorized account.\n\nSelect \"Remove Member\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000291",
+            "rid": "SV-VCSA-80-000291",
+            "stig_id": "VCSA-80-000291",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000291' do\n  title 'The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.'\n  desc  \"\n    The vSphere \\\"TrustedAdmins\\\" group grants additional rights to administer the vSphere Trust Authority feature.\n\n    To force accountability and nonrepudiation, the SSO group \\\"TrustedAdmins\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\n    If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration >> Single Sign On >> Users and Groups >> Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000291'\n  tag rid: 'SV-VCSA-80-000291'\n  tag stig_id: 'VCSA-80-000291'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  trustedAdminUsers = input('trustedAdminUsers')\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in TrustedAdmins' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.split.each do |user|\n      describe user do\n        it { should be_in trustedAdminUsers }\n      end\n    end\n  end\n  trustedAdminGroups = input('trustedAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in TrustedAdmins' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.split.each do |group|\n      describe group do\n        it { should be_in trustedAdminGroups }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000291.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Stderr should be empty if no users found is expected to be empty",
+              "run_time": 0.0089216,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Stderr should be empty if no users found"
+            },
+            {
+              "status": "passed",
+              "code_desc": "No users found in TrustedAdmins is expected to be empty",
+              "run_time": 0.0087271,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No users found in TrustedAdmins"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Stderr should be empty if no groups found is expected to be empty",
+              "run_time": 0.0087042,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Stderr should be empty if no groups found"
+            },
+            {
+              "status": "passed",
+              "code_desc": "No groups found in TrustedAdmins is expected to be empty",
+              "run_time": 0.0085833,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "No groups found in TrustedAdmins"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000292",
+          "title": "The vCenter server configuration must be backed up on a regular basis.",
+          "desc": "vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\nFor sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Option 1:\n\nIf vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\nOption 2:\n\nFor vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, verify the \"Status\" is \"Enabled\".\n\nClick \"Status\" to expand the backup details.\n\nIf vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\nIf the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \"Daily\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Option 1:\n\nImplement and document a VMware-supported storage/image-based backup schedule.\n\nOption 2:\n\nTo configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with an SSO account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Backup\" on the left navigation pane.\n\nOn the resulting pane on the right, click \"Configure\" (or \"Edit\" for an existing configuration).\n\nEnter site-specific information for the backup job.\n\nEnsure \"Schedule\" is set to \"Daily\". Limiting the number of retained backups is recommended but not required.\n\nClick \"Create\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000292",
+            "rid": "SV-VCSA-80-000292",
+            "stig_id": "VCSA-80-000292",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000292' do\n  title 'The vCenter server configuration must be backed up on a regular basis.'\n  desc  \"\n    vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\n    For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Option 1:\n\n    If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\n    Option 2:\n\n    For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify the \\\"Status\\\" is \\\"Enabled\\\".\n\n    Click \\\"Status\\\" to expand the backup details.\n\n    If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\n    If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \\\"Daily\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    Implement and document a VMware-supported storage/image-based backup schedule.\n\n    Option 2:\n\n    To configure vCenter native backup functionality, open the VAMI by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Configure\\\" (or \\\"Edit\\\" for an existing configuration).\n\n    Enter site-specific information for the backup job.\n\n    Ensure \\\"Schedule\\\" is set to \\\"Daily\\\". Limiting the number of retained backups is recommended but not required.\n\n    Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000292'\n  tag rid: 'SV-VCSA-80-000292'\n  tag stig_id: 'VCSA-80-000292'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('backup3rdParty')\n    describe '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.' do\n      skip '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.'\n    end\n  else\n    command = '(Invoke-ListRecoveryBackupSchedules).default.enable'\n    backupsenabled = powercli_command(command).stdout.strip\n\n    describe 'File based backups should be enabled.' do\n      subject { backupsenabled }\n      it { should cmp 'true' }\n    end\n\n    if backupsenabled == 'True'\n      # check that backups are scheduled daily. if so the days configuration will be empty\n      # if a custom schedule is specified and every day is selected this will fail and that should be changed to daily\n      backupschedule = powercli_command('(Invoke-ListRecoveryBackupSchedules).default.recurrence_info.days').stdout.strip\n      describe 'Backups should be scheduled daily.' do\n        subject { backupschedule }\n        it { should cmp '' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000292.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "File based backups should be enabled. is expected to cmp == \"true\"",
+              "run_time": 0.0001691,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "message": "\nexpected: true\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "File based backups should be enabled."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000293",
+          "title": "The vCenter server must have task and event retention set to at least 30 days.",
+          "desc": "vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\nvCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick to expand the \"Database\" section.\n\nNote the \"Task retention\" and \"Event retention\" values.\n\nIf either value is configured to less than \"30\" days, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> General.\n\nClick \"Edit\".\n\nOn the \"Database\" tab, set the value for both \"Task retention\" and \"Event retention\" to \"30\" days (default) or greater, as required by your site.\n\nClick \"Save\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000293",
+            "rid": "SV-VCSA-80-000293",
+            "stig_id": "VCSA-80-000293",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000293' do\n  title 'The vCenter server must have task and event retention set to at least 30 days.'\n  desc  \"\n    vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\n    vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click to expand the \\\"Database\\\" section.\n\n    Note the \\\"Task retention\\\" and \\\"Event retention\\\" values.\n\n    If either value is configured to less than \\\"30\\\" days, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"Database\\\" tab, set the value for both \\\"Task retention\\\" and \\\"Event retention\\\" to \\\"30\\\" days (default) or greater, as required by your site.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000293'\n  tag rid: 'SV-VCSA-80-000293'\n  tag stig_id: 'VCSA-80-000293'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp >= '30' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000293.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp >= \"30\"",
+              "run_time": 0.5927463,
+              "start_time": "2023-06-07T08:29:28-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp >= \"30\"",
+              "run_time": 0.4440832,
+              "start_time": "2023-06-07T08:29:29-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000294",
+          "title": "The vCenter server Native Key Provider must be backed up with a strong password.",
+          "desc": "The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\nInterview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\nIf backups exist for the Native Key Provider that are not password protected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect a vCenter Server >> Configure >> Settings >> Key Providers.\n\nSelect the Native Key Provider, click \"Back-up\", and check the box \"Protect Native Key Provider data with password\".\n\nProvide a strong password and click \"Back up key provider\".\n\nDelete any previous backups that were not protected with a password."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000294",
+            "rid": "SV-VCSA-80-000294",
+            "stig_id": "VCSA-80-000294",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000294' do\n  title 'The vCenter server Native Key Provider must be backed up with a strong password.'\n  desc  'The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\n    Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\n    If backups exist for the Native Key Provider that are not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server >> Configure >> Settings >> Key Providers.\n\n    Select the Native Key Provider, click \\\"Back-up\\\", and check the box \\\"Protect Native Key Provider data with password\\\".\n\n    Provide a strong password and click \\\"Back up key provider\\\".\n\n    Delete any previous backups that were not protected with a password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000294'\n  tag rid: 'SV-VCSA-80-000294'\n  tag stig_id: 'VCSA-80-000294'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000294.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 6.5e-06,
+              "start_time": "2023-06-07T08:29:29-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000295",
+          "title": "The vCenter server must require authentication for published content libraries.",
+          "desc": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nReview the \"Password Protected\" column.\n\nIf a content library is published and is not password protected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Enable user authentication for access to this content library\".\n\nEnter and confirm a password for the content library. Click \"Ok\".\n\nNote: Any subscribed content libraries will need to be updated to enable authentication and provide the password."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000295",
+            "rid": "SV-VCSA-80-000295",
+            "stig_id": "VCSA-80-000295",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000295' do\n  title 'The vCenter server must require authentication for published content libraries.'\n  desc  'In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Password Protected\\\" column.\n\n    If a content library is published and is not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Enable user authentication for access to this content library\\\".\n\n    Enter and confirm a password for the content library. Click \\\"Ok\\\".\n\n    Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000295'\n  tag rid: 'SV-VCSA-80-000295'\n  tag stig_id: 'VCSA-80-000295'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      if libinfojson['publish_info']['published'] == true\n        describe \"Authentication should be enabled on Content Library: #{libinfojson['name']}\" do\n          subject { libinfojson }\n          its(['publish_info', 'authentication_method']) { should cmp 'BASIC' }\n        end\n        setimpact = false\n      else\n        describe \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\" do\n          skip \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000295.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Authentication should be enabled on Content Library: STIG Content Library [\"publish_info\", \"authentication_method\"] is expected to cmp == \"BASIC\"",
+              "run_time": 0.0002149,
+              "start_time": "2023-06-07T08:29:29-06:00",
+              "message": "\nexpected: BASIC\n     got: NONE\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "[\"publish_info\", \"authentication_method\"]"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000296",
+          "title": "The vCenter server must enable the OVF security policy for content libraries.",
+          "desc": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\nYou can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nReview the \"Security Policy\" column.\n\nIf a content library does not have the \"OVF default policy\" enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Content Libraries.\n\nSelect the target content library.\n\nSelect \"Actions\" then \"Edit Settings\".\n\nClick the checkbox to \"Apply Security Policy\". Click \"OK\".\n\nNote: If you disable the security policy of a content library, you cannot reuse the existing OVF items."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000296",
+            "rid": "SV-VCSA-80-000296",
+            "stig_id": "VCSA-80-000296",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000296' do\n  title 'The vCenter server must enable the OVF security policy for content libraries.'\n  desc  \"\n    In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\n    You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Security Policy\\\" column.\n\n    If a content library does not have the \\\"OVF default policy\\\" enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Apply Security Policy\\\". Click \\\"OK\\\".\n\n    Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000296'\n  tag rid: 'SV-VCSA-80-000296'\n  tag stig_id: 'VCSA-80-000296'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      describe \"OVF security policy should be enabled on Content Library: #{libinfojson['name']}\" do\n        subject { libinfojson }\n        its(['security_policy_id']) { should_not be nil }\n      end\n      setimpact = false\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000296.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "OVF security policy should be enabled on Content Library: STIG Content Library [\"security_policy_id\"] is expected not to equal nil",
+              "run_time": 0.0068081,
+              "start_time": "2023-06-07T08:29:29-06:00",
+              "message": "\nexpected not #<NilClass:8> => nil\n         got #<NilClass:8> => nil\n\nCompared using equal?, which compares object identity.\n\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "[\"security_policy_id\"]"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000298",
+          "title": "The vCenter Server must separate authentication and authorization for administrators.",
+          "desc": "Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\nThe use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "From the vSphere Client, go to Administration >> Access Control >> Roles.\n\nView the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \"Usage\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\nIf any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\nNote: Users and/or groups assigned to roles should be from the \"VSPHERE.LOCAL\" identity source."
+            },
+            {
+              "label": "fix",
+              "data": "To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\nFrom the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\nSelect the Administrators group and click \"Edit\".\n\nIn the \"Add Members\" section, select the identity source and type the name of the target user/group in the search bar.\n\nSelect the target user/group to add them and click \"Save\".\n\nNote: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\nTo remove identity provider users/groups from a role, do the following:\n\nFrom the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\nSelect the offending user/group and click \"Delete\".\n\nNote: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level)."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000298",
+            "rid": "SV-VCSA-80-000298",
+            "stig_id": "VCSA-80-000298",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000298' do\n  title 'The vCenter Server must separate authentication and authorization for administrators.'\n  desc  \"\n    Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\n    The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration >> Access Control >> Roles.\n\n    View the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\n    Note: Users and/or groups assigned to roles should be from the \\\"VSPHERE.LOCAL\\\" identity source.\n  \"\n  desc 'fix', \"\n    To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\n    From the vSphere Client, go to Administration >> Single Sign On >> Groups.\n\n    Select the Administrators group and click \\\"Edit\\\".\n\n    In the \\\"Add Members\\\" section, select the identity source and type the name of the target user/group in the search bar.\n\n    Select the target user/group to add them and click \\\"Save\\\".\n\n    Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\n    To remove identity provider users/groups from a role, do the following:\n\n    From the vSphere Client, go to Administration >> Access Control >> Global Permissions.\n\n    Select the offending user/group and click \\\"Delete\\\".\n\n    Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000298'\n  tag rid: 'SV-VCSA-80-000298'\n  tag stig_id: 'VCSA-80-000298'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000298.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "This check is a manual or policy based check and must be reviewed manually.",
+              "run_time": 4.9e-06,
+              "start_time": "2023-06-07T08:29:29-06:00",
+              "resource": "",
+              "skip_message": "This check is a manual or policy based check and must be reviewed manually.",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "This check is a manual or policy based check and must be reviewed manually."
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000299",
+          "title": "The vCenter Server must disable CDP/LLDP on distributed switches.",
+          "desc": "The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nReview the \"Discovery Protocol\" configuration.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\nIf any distributed switch does not have \"Discovery Protocols\" disabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect the advanced tab and update the \"Type\" under \"Discovery Protocol\" to disabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch -Name \"DSwitch\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \"Disabled\""
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000299",
+            "rid": "SV-VCSA-80-000299",
+            "stig_id": "VCSA-80-000299",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000299' do\n  title 'The vCenter Server must disable CDP/LLDP on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Review the \\\"Discovery Protocol\\\" configuration.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\n    If any distributed switch does not have \\\"Discovery Protocols\\\" disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select the advanced tab and update the \\\"Type\\\" under \\\"Discovery Protocol\\\" to disabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch -Name \\\"DSwitch\\\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \\\"Disabled\\\"\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000299'\n  tag rid: 'SV-VCSA-80-000299'\n  tag stig_id: 'VCSA-80-000299'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"Get-VDSwitch -Name \\\"#{vds}\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'Disabled' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000299.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VDSwitch -Name \"VDSwitch STIG 1\" | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp == \"Disabled\"",
+              "run_time": 0.292216,
+              "start_time": "2023-06-07T08:29:29-06:00",
+              "message": "\nexpected: Disabled\n     got: Listen\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: Get-VDSwitch -Name \"VDSwitch STIG 2\" | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp == \"Disabled\"",
+              "run_time": 0.2363636,
+              "start_time": "2023-06-07T08:29:30-06:00",
+              "message": "\nexpected: Disabled\n     got: Listen\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000300",
+          "title": "The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.",
+          "desc": "The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nReview any configured \"Port Mirroring\" sessions.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\nGet-VDSwitch | select Name,@{N=\"Port Mirroring Sessions\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\nIf there are any unauthorized port mirroring sessions configured, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Configure >> Settings >> Port Mirroring.\n\nSelect the unauthorized \"Port Mirroring\" session and click \"Remove\". Click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000300",
+            "rid": "SV-VCSA-80-000300",
+            "stig_id": "VCSA-80-000300",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000300' do\n  title 'The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Review any configured \\\"Port Mirroring\\\" sessions.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"Port Mirroring Sessions\\\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\n    If there are any unauthorized port mirroring sessions configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Configure >> Settings >> Port Mirroring.\n\n    Select the unauthorized \\\"Port Mirroring\\\" session and click \\\"Remove\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000300'\n  tag rid: 'SV-VCSA-80-000300'\n  tag stig_id: 'VCSA-80-000300'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.VspanSession\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000300.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 1\").ExtensionData.Config.VspanSession stdout.strip is expected to cmp == \"\"",
+              "run_time": 0.233848,
+              "start_time": "2023-06-07T08:29:30-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 1\\\").ExtensionData.Config.VspanSession\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDSwitch -Name \"VDSwitch STIG 2\").ExtensionData.Config.VspanSession stdout.strip is expected to cmp == \"\"",
+              "run_time": 0.2529015,
+              "start_time": "2023-06-07T08:29:30-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDSwitch -Name \\\"VDSwitch STIG 2\\\").ExtensionData.Config.VspanSession\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000301",
+          "title": "The vCenter Server must not override port group settings at the port level on distributed switches.",
+          "desc": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Override port policies\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy\n\nIf there are any distributed port groups that allow overridden port policies, this is a finding.\n\nNote: This does not apply to the \"Block Ports\" or \"Configure reset at disconnect\" policies."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update all port policies besides \"Block Ports\" to \"disabled\" and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.VlanOverrideAllowed = $False\n$spec.Policy.UplinkTeamingOverrideAllowed = $False\n$spec.Policy.SecurityPolicyOverrideAllowed = $False\n$spec.Policy.IpfixOverrideAllowed = $False\n$spec.Policy.BlockOverrideAllowed = $True\n$spec.Policy.ShapingOverrideAllowed = $False\n$spec.Policy.VendorConfigOverrideAllowed = $False\n$spec.Policy.TrafficFilterOverrideAllowed = $False\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000301",
+            "rid": "SV-VCSA-80-000301",
+            "stig_id": "VCSA-80-000301",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000301' do\n  title 'The vCenter Server must not override port group settings at the port level on distributed switches.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Override port policies\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy\n\n    If there are any distributed port groups that allow overridden port policies, this is a finding.\n\n    Note: This does not apply to the \\\"Block Ports\\\" or \\\"Configure reset at disconnect\\\" policies.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update all port policies besides \\\"Block Ports\\\" to \\\"disabled\\\" and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.VlanOverrideAllowed = $False\n    $spec.Policy.UplinkTeamingOverrideAllowed = $False\n    $spec.Policy.SecurityPolicyOverrideAllowed = $False\n    $spec.Policy.IpfixOverrideAllowed = $False\n    $spec.Policy.BlockOverrideAllowed = $True\n    $spec.Policy.ShapingOverrideAllowed = $False\n    $spec.Policy.VendorConfigOverrideAllowed = $False\n    $spec.Policy.TrafficFilterOverrideAllowed = $False\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000301'\n  tag rid: 'SV-VCSA-80-000301'\n  tag stig_id: 'VCSA-80-000301'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000301.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1546915,
+              "start_time": "2023-06-07T08:29:30-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1699411,
+              "start_time": "2023-06-07T08:29:31-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1467243,
+              "start_time": "2023-06-07T08:29:31-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1622732,
+              "start_time": "2023-06-07T08:29:31-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1767388,
+              "start_time": "2023-06-07T08:29:31-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1621705,
+              "start_time": "2023-06-07T08:29:31-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1694858,
+              "start_time": "2023-06-07T08:29:31-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1959621,
+              "start_time": "2023-06-07T08:29:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1532368,
+              "start_time": "2023-06-07T08:29:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1619532,
+              "start_time": "2023-06-07T08:29:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1522068,
+              "start_time": "2023-06-07T08:29:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1537002,
+              "start_time": "2023-06-07T08:29:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1688627,
+              "start_time": "2023-06-07T08:29:32-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1971577,
+              "start_time": "2023-06-07T08:29:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1677251,
+              "start_time": "2023-06-07T08:29:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.144164,
+              "start_time": "2023-06-07T08:29:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1940832,
+              "start_time": "2023-06-07T08:29:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.170277,
+              "start_time": "2023-06-07T08:29:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1654152,
+              "start_time": "2023-06-07T08:29:33-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1650417,
+              "start_time": "2023-06-07T08:29:34-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.160469,
+              "start_time": "2023-06-07T08:29:34-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1806513,
+              "start_time": "2023-06-07T08:29:34-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.2360072,
+              "start_time": "2023-06-07T08:29:34-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.3201454,
+              "start_time": "2023-06-07T08:29:34-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.157813,
+              "start_time": "2023-06-07T08:29:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1514803,
+              "start_time": "2023-06-07T08:29:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1667832,
+              "start_time": "2023-06-07T08:29:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1696385,
+              "start_time": "2023-06-07T08:29:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.169154,
+              "start_time": "2023-06-07T08:29:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1714135,
+              "start_time": "2023-06-07T08:29:35-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1658078,
+              "start_time": "2023-06-07T08:29:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1637918,
+              "start_time": "2023-06-07T08:29:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1787153,
+              "start_time": "2023-06-07T08:29:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1542535,
+              "start_time": "2023-06-07T08:29:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1515747,
+              "start_time": "2023-06-07T08:29:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1589998,
+              "start_time": "2023-06-07T08:29:36-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1604745,
+              "start_time": "2023-06-07T08:29:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1767409,
+              "start_time": "2023-06-07T08:29:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1704285,
+              "start_time": "2023-06-07T08:29:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1480373,
+              "start_time": "2023-06-07T08:29:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1682493,
+              "start_time": "2023-06-07T08:29:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1519765,
+              "start_time": "2023-06-07T08:29:37-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1709939,
+              "start_time": "2023-06-07T08:29:38-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1601971,
+              "start_time": "2023-06-07T08:29:38-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1929793,
+              "start_time": "2023-06-07T08:29:38-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1638443,
+              "start_time": "2023-06-07T08:29:38-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.183224,
+              "start_time": "2023-06-07T08:29:38-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.2113394,
+              "start_time": "2023-06-07T08:29:38-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1782939,
+              "start_time": "2023-06-07T08:29:39-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1560779,
+              "start_time": "2023-06-07T08:29:39-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1530496,
+              "start_time": "2023-06-07T08:29:39-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1652755,
+              "start_time": "2023-06-07T08:29:39-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.2892084,
+              "start_time": "2023-06-07T08:29:39-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.165344,
+              "start_time": "2023-06-07T08:29:40-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.165733,
+              "start_time": "2023-06-07T08:29:40-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1544808,
+              "start_time": "2023-06-07T08:29:40-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1621294,
+              "start_time": "2023-06-07T08:29:40-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.168038,
+              "start_time": "2023-06-07T08:29:40-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.175641,
+              "start_time": "2023-06-07T08:29:40-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == \"False\"",
+              "run_time": 0.1936875,
+              "start_time": "2023-06-07T08:29:41-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000302",
+          "title": "The vCenter Server must reset port configuration when virtual machines are disconnected.",
+          "desc": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\nIf any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If distributed switches are not used, this is not applicable.\n\nFrom the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nReview the \"Configure reset at disconnect\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n(Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\nIf there are any distributed port groups with \"Configure reset at disconnect\" configured to \"disabled\" or \"False\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to \"Networking\".\n\nSelect a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\nClick \"Edit\".\n\nSelect advanced and update \"Configure reset at disconnect\" to be enabled and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n$pgs = Get-VDPortgroup | Get-View\nForEach($pg in $pgs){\n$spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n$spec.configversion = $pg.Config.ConfigVersion\n$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n$spec.Policy.PortConfigResetAtDisconnect = $True\n$pg.ReconfigureDVPortgroup_Task($spec)\n}"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000302",
+            "rid": "SV-VCSA-80-000302",
+            "stig_id": "VCSA-80-000302",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000302' do\n  title 'The vCenter Server must reset port configuration when virtual machines are disconnected.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Review the \\\"Configure reset at disconnect\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\n    If there are any distributed port groups with \\\"Configure reset at disconnect\\\" configured to \\\"disabled\\\" or \\\"False\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch >> Select a distributed port group >> Configure >> Settings >> Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update \\\"Configure reset at disconnect\\\" to be enabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.PortConfigResetAtDisconnect = $True\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000302'\n  tag rid: 'SV-VCSA-80-000302'\n  tag stig_id: 'VCSA-80-000302'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'True' }\n      end\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000302.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 1-DVUplinks-40\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.1707933,
+              "start_time": "2023-06-07T08:29:41-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 1-DVUplinks-40\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 1\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.170781,
+              "start_time": "2023-06-07T08:29:41-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 1\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 2\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.1614423,
+              "start_time": "2023-06-07T08:29:41-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 2\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VDSwitch STIG 2-DVUplinks-44\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.1703843,
+              "start_time": "2023-06-07T08:29:41-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VDSwitch STIG 2-DVUplinks-44\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 3\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.1428798,
+              "start_time": "2023-06-07T08:29:41-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 3\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]",
+              "resource_id": ""
+            },
+            {
+              "status": "passed",
+              "code_desc": "PowerCLI Command: (Get-VDPortgroup -Name \"VD PG 4\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == \"True\"",
+              "run_time": 0.1550598,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"(Get-VDPortgroup -Name \\\"VD PG 4\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"]",
+              "resource_id": ""
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000303",
+          "title": "The vCenter Server must disable Secure Shell (SSH) access.",
+          "desc": "vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\nvCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nIf \"SSH Login\" is not \"Deactivated\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\nLog in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \"SystemConfiguration.BashShellAdministrator\" group.\n\nSelect \"Access\" on the left navigation pane.\n\nClick \"Edit\" then disable \"Activate SSH Login\" and click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000303",
+            "rid": "SV-VCSA-80-000303",
+            "stig_id": "VCSA-80-000303",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000303' do\n  title 'The vCenter Server must disable Secure Shell (SSH) access.'\n  desc  \"\n    vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\n    vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    If \\\"SSH Login\\\" is not \\\"Deactivated\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://<vCenter server>:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    Click \\\"Edit\\\" then disable \\\"Activate SSH Login\\\" and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000303'\n  tag rid: 'SV-VCSA-80-000303'\n  tag stig_id: 'VCSA-80-000303'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe powercli_command('Invoke-GetAccessSsh').stdout.strip do\n    it { should_not cmp 'true' }\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000303.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "True is expected not to cmp == \"true\"",
+              "run_time": 0.0003541,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "message": "\nexpected: true\n     got: True\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "True"
+            }
+          ]
+        },
+        {
+          "id": "VCSA-80-000304",
+          "title": "The vCenter Server must enable data in transit encryption for vSAN.",
+          "desc": "Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\nvSAN data-in-transit encryption has the following characteristics:\n-vSAN uses AES-256 bit encryption on data in transit.\n-Forward secrecy is enforced for vSAN data-in-transit encryption.\n-Traffic between data hosts and witness hosts is encrypted.\n-File service data traffic between the VDFS proxy and VDFS server is encrypted.\n-vSAN file services inter-host connections are encrypted.\n-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\nEach host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\nvSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If no clusters are enabled for vSAN, this is not applicable.\n\nFrom the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\nReview the \"Data-in-transit encryption\" status.\n\nor\n\nFrom a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n$vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\nRepeat these steps for each vSAN enabled cluster in the environment.\n\nIf \"Data-In-Transit encryption\" is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, go to Host and Clusters.\n\nSelect the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\nClick \"Edit\".\n\nEnable \"Data-In-Transit encryption\" and choose a rekey interval suitable for the environment then click \"Apply\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-APP-000516",
+            "gid": "V-VCSA-80-000304",
+            "rid": "SV-VCSA-80-000304",
+            "stig_id": "VCSA-80-000304",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VCSA-80-000304' do\n  title 'The vCenter Server must enable data in transit encryption for vSAN.'\n  desc  \"\n    Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\n    vSAN data-in-transit encryption has the following characteristics:\n    -vSAN uses AES-256 bit encryption on data in transit.\n    -Forward secrecy is enforced for vSAN data-in-transit encryption.\n    -Traffic between data hosts and witness hosts is encrypted.\n    -File service data traffic between the VDFS proxy and VDFS server is encrypted.\n    -vSAN file services inter-host connections are encrypted.\n    -vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\n    Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\n    vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Review the \\\"Data-in-transit encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n    $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name <cluster name>).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\n    Repeat these steps for each vSAN enabled cluster in the environment.\n\n    If \\\"Data-In-Transit encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server >> Select the target cluster >> Configure >> vSAN >> Services >> Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-In-Transit encryption\\\" and choose a rekey interval suitable for the environment then click \\\"Apply\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000304'\n  tag rid: 'SV-VCSA-80-000304'\n  tag stig_id: 'VCSA-80-000304'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name #{cluster}).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/ff2e5dc0ca67f397ef122a5d5d29d04238af45eed46b31d05bac0d54f7ee27e3/controls/VCSA-80-000304.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "PowerCLI Command: $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name cluster0).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled stdout.strip is expected to cmp == \"true\"",
+              "run_time": 0.4659353,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "message": "\nexpected: true\n     got: \n\n(compared using `cmp` matcher)\n",
+              "resource_class": "powercli_command",
+              "resource_params": "[\"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name cluster0).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"]",
+              "resource_id": ""
+            }
+          ]
+        }
+      ],
+      "status": "loaded",
+      "status_message": ""
+    },
+    {
+      "name": "VMware vSphere 8.0 Virtual Machine STIG Readiness Guide",
+      "version": "1.0.1",
+      "sha256": "cc17f45c259a96d6a8cb741456ffd8ca998c955288ae61117592e7365b236bc5",
+      "title": "VMware vSphere 8.0 Virtual Machine STIG Readiness Guide",
+      "maintainer": "The Authors",
+      "summary": "An InSpec Compliance Profile",
+      "license": "Apache-2.0",
+      "copyright": "The Authors",
+      "supports": [],
+      "attributes": [],
+      "parent_profile": "vmware-vsphere-8.0-stig-baseline",
+      "groups": [
+        {
+          "id": "controls/VMCH-80-000189.rb",
+          "controls": [
+            "VMCH-80-000189"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000191.rb",
+          "controls": [
+            "VMCH-80-000191"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000192.rb",
+          "controls": [
+            "VMCH-80-000192"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000193.rb",
+          "controls": [
+            "VMCH-80-000193"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000194.rb",
+          "controls": [
+            "VMCH-80-000194"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000195.rb",
+          "controls": [
+            "VMCH-80-000195"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000196.rb",
+          "controls": [
+            "VMCH-80-000196"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000197.rb",
+          "controls": [
+            "VMCH-80-000197"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000198.rb",
+          "controls": [
+            "VMCH-80-000198"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000199.rb",
+          "controls": [
+            "VMCH-80-000199"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000200.rb",
+          "controls": [
+            "VMCH-80-000200"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000201.rb",
+          "controls": [
+            "VMCH-80-000201"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000202.rb",
+          "controls": [
+            "VMCH-80-000202"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000203.rb",
+          "controls": [
+            "VMCH-80-000203"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000204.rb",
+          "controls": [
+            "VMCH-80-000204"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000205.rb",
+          "controls": [
+            "VMCH-80-000205"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000206.rb",
+          "controls": [
+            "VMCH-80-000206"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000207.rb",
+          "controls": [
+            "VMCH-80-000207"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000208.rb",
+          "controls": [
+            "VMCH-80-000208"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000209.rb",
+          "controls": [
+            "VMCH-80-000209"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000210.rb",
+          "controls": [
+            "VMCH-80-000210"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000211.rb",
+          "controls": [
+            "VMCH-80-000211"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000212.rb",
+          "controls": [
+            "VMCH-80-000212"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000213.rb",
+          "controls": [
+            "VMCH-80-000213"
+          ]
+        },
+        {
+          "id": "controls/VMCH-80-000214.rb",
+          "controls": [
+            "VMCH-80-000214"
+          ]
+        }
+      ],
+      "controls": [
+        {
+          "id": "VMCH-80-000189",
+          "title": "Virtual machines (VMs) must have copy operations disabled.",
+          "desc": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.copy.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.copy.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.copy.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000189",
+            "rid": "SV-VMCH-80-000189",
+            "stig_id": "VMCH-80-000189",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000189' do\n  title 'Virtual machines (VMs) must have copy operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.copy.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.copy.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000189'\n  tag rid: 'SV-VMCH-80-000189'\n  tag stig_id: 'VMCH-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.copy.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000189.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.0002568,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 0.0001892,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 0.0001531,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 0.0001559,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 0.0001475,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000191",
+          "title": "Virtual machines (VMs) must have drag and drop operations disabled.",
+          "desc": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.dnd.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.dnd.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.dnd.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000191",
+            "rid": "SV-VMCH-80-000191",
+            "stig_id": "VMCH-80-000191",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000191' do\n  title 'Virtual machines (VMs) must have drag and drop operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.dnd.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.dnd.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000191'\n  tag rid: 'SV-VMCH-80-000191'\n  tag stig_id: 'VMCH-80-000191'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000191.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.0001427,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 0.0001041,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 9.49e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 9.19e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 0.0003325,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000192",
+          "title": "Virtual machines (VMs) must have paste operations disabled.",
+          "desc": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.paste.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.paste.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.paste.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000192",
+            "rid": "SV-VMCH-80-000192",
+            "stig_id": "VMCH-80-000192",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000192' do\n  title 'Virtual machines (VMs) must have paste operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.paste.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.paste.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000192'\n  tag rid: 'SV-VMCH-80-000192'\n  tag stig_id: 'VMCH-80-000192'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.paste.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000192.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 8.7e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 7.92e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 7.87e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 7.08e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 8.53e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000193",
+          "title": "Virtual machines (VMs) must have virtual disk shrinking disabled.",
+          "desc": "Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskShrink.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskShrink.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskShrink.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000193",
+            "rid": "SV-VMCH-80-000193",
+            "stig_id": "VMCH-80-000193",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000193' do\n  title 'Virtual machines (VMs) must have virtual disk shrinking disabled.'\n  desc  \"\n    Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskShrink.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskShrink.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000193'\n  tag rid: 'SV-VMCH-80-000193'\n  tag stig_id: 'VMCH-80-000193'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000193.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 7.79e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 7.41e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 7.04e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 6.95e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 7.14e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000194",
+          "title": "Virtual machines (VMs) must have virtual disk wiping disabled.",
+          "desc": "Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\nHowever, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.tools.diskWiper.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.tools.diskWiper.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.tools.diskWiper.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000194",
+            "rid": "SV-VMCH-80-000194",
+            "stig_id": "VMCH-80-000194",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000194' do\n  title 'Virtual machines (VMs) must have virtual disk wiping disabled.'\n  desc  \"\n    Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskWiper.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskWiper.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000194'\n  tag rid: 'SV-VMCH-80-000194'\n  tag stig_id: 'VMCH-80-000194'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000194.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.0002323,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 6.55e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 6.17e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 6.14e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 6.05e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000195",
+          "title": "Virtual machines (VMs) must limit console sharing.",
+          "desc": "By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\nAlso, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"RemoteDisplay.maxConnections\" value is set to \"1\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\nIf the virtual machine advanced setting \"RemoteDisplay.maxConnections\" does not exist or is not set to \"1\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"RemoteDisplay.maxConnections\" value and set it to \"1\".\n\nIf the setting does not exist, add the Name and Value setting at the bottom of screen.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000195",
+            "rid": "SV-VMCH-80-000195",
+            "stig_id": "VMCH-80-000195",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000195' do\n  title 'Virtual machines (VMs) must limit console sharing.'\n  desc  \"\n    By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\n    Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"RemoteDisplay.maxConnections\\\" value is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\n    If the virtual machine advanced setting \\\"RemoteDisplay.maxConnections\\\" does not exist or is not set to \\\"1\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"RemoteDisplay.maxConnections\\\" value and set it to \\\"1\\\".\n\n    If the setting does not exist, add the Name and Value setting at the bottom of screen.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000195'\n  tag rid: 'SV-VMCH-80-000195'\n  tag stig_id: 'VMCH-80-000195'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp '1' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000195.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "VM: stig vm2 is expected to cmp == \"1\"",
+              "run_time": 0.0001447,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "message": "\nexpected: 1\n     got: -1\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "failed",
+              "code_desc": "VM: stigvm1 is expected to cmp == \"1\"",
+              "run_time": 0.0001217,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "message": "\nexpected: 1\n     got: -1\n\n(compared using `cmp` matcher)\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"1\"",
+              "run_time": 8.88e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"1\"",
+              "run_time": 0.0001429,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"1\"",
+              "run_time": 7.69e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000196",
+          "title": "Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.",
+          "desc": "The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\nThe value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.setinfo.sizeLimit\" value is set to \"1048576\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" is not set to \"1048576\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.setinfo.sizeLimit\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.setinfo.sizeLimit\" value and set it to \"1048576\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000196",
+            "rid": "SV-VMCH-80-000196",
+            "stig_id": "VMCH-80-000196",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000196' do\n  title 'Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.'\n  desc  \"\n    The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\n    The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.setinfo.sizeLimit\\\" value is set to \\\"1048576\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" is not set to \\\"1048576\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.setinfo.sizeLimit\\\" value and set it to \\\"1048576\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000196'\n  tag rid: 'SV-VMCH-80-000196'\n  tag stig_id: 'VMCH-80-000196'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '1048576' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000196.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 6.73e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 5.81e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 5.56e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 5.46e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 5.48e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000197",
+          "title": "Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.",
+          "desc": "In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\nBy default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n3. Modify settings on a device."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"isolation.device.connectable.disable\" value is set to \"true\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"isolation.device.connectable.disable\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"isolation.device.connectable.disable\" value and set it to \"true\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000197",
+            "rid": "SV-VMCH-80-000197",
+            "stig_id": "VMCH-80-000197",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000197' do\n  title 'Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.'\n  desc  \"\n    In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\n    By default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n    1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n    2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n    3. Modify settings on a device.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"isolation.device.connectable.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"isolation.device.connectable.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000197'\n  tag rid: 'SV-VMCH-80-000197'\n  tag stig_id: 'VMCH-80-000197'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.device.connectable.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000197.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 5.39e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 0.0001561,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 5.78e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 5.32e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 5.21e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000198",
+          "title": "Virtual machines (VMs) must not be able to obtain host information from the hypervisor.",
+          "desc": "If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"tools.guestlib.enableHostInfo\" value is set to \"false\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guestlib.enableHostInfo\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"tools.guestlib.enableHostInfo\" value and set it to \"false\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000198",
+            "rid": "SV-VMCH-80-000198",
+            "stig_id": "VMCH-80-000198",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000198' do\n  title 'Virtual machines (VMs) must not be able to obtain host information from the hypervisor.'\n  desc  'If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"tools.guestlib.enableHostInfo\\\" value is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"tools.guestlib.enableHostInfo\\\" value and set it to \\\"false\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000198'\n  tag rid: 'SV-VMCH-80-000198'\n  tag stig_id: 'VMCH-80-000198'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000198.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 5.44e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 5.06e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 5.22e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 5.32e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 5.16e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000199",
+          "title": "Virtual machines (VMs) must have shared salt values disabled.",
+          "desc": "When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \"sched.mem.pshare.salt\".\n\nIf this option is not present in the virtual machine's advanced settings, the value of the \"vc.uuid\" option is taken as the default value. Because the \"vc.uuid\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"sched.mem.pshare.salt\" setting does not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\nIf the virtual machine advanced setting \"sched.mem.pshare.salt\" exists, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nDelete the \"sched.mem.pshare.salt\" setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000199",
+            "rid": "SV-VMCH-80-000199",
+            "stig_id": "VMCH-80-000199",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000199' do\n  title 'Virtual machines (VMs) must have shared salt values disabled.'\n  desc  \"\n    When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \\\"sched.mem.pshare.salt\\\".\n\n    If this option is not present in the virtual machine's advanced settings, the value of the \\\"vc.uuid\\\" option is taken as the default value. Because the \\\"vc.uuid\\\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"sched.mem.pshare.salt\\\" setting does not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\n    If the virtual machine advanced setting \\\"sched.mem.pshare.salt\\\" exists, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Delete the \\\"sched.mem.pshare.salt\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000199'\n  tag rid: 'SV-VMCH-80-000199'\n  tag stig_id: 'VMCH-80-000199'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name sched.mem.pshare.salt | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000199.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.009577,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 0.0084832,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 0.0083997,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 0.0083547,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 0.0084383,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000200",
+          "title": "Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).",
+          "desc": "An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the settings with the format \"ethernet*.filter*.name\" do not exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name \"ethernet*.filter*.name*\"\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and dvfilters are not in use, this is a finding.\n\nIf the virtual machine advanced setting \"ethernet*.filter*.name\" exists and the value is not valid, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nLook for settings with the format \"ethernet*.filter*.name\".\n\nEnsure only required VMs use this setting.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\nNote: Change the X and Y values to match the specific setting in the organization's environment.\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000200",
+            "rid": "SV-VMCH-80-000200",
+            "stig_id": "VMCH-80-000200",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000200' do\n  title 'Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).'\n  desc  'An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the settings with the format \\\"ethernet*.filter*.name\\\" do not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name \\\"ethernet*.filter*.name*\\\"\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and dvfilters are not in use, this is a finding.\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and the value is not valid, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Look for settings with the format \\\"ethernet*.filter*.name\\\".\n\n    Ensure only required VMs use this setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\n    Note: Change the X and Y values to match the specific setting in the organization's environment.\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000200'\n  tag rid: 'SV-VMCH-80-000200'\n  tag stig_id: 'VMCH-80-000200'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name ethernet*.filter* | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000200.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.0082814,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 0.0083835,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty",
+              "run_time": 0.0083217,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty",
+              "run_time": 0.0082663,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty",
+              "run_time": 0.008406,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000201",
+          "title": "Virtual machines (VMs) must be configured to lock when the last console connection is closed.",
+          "desc": "When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nVerify the option \"Lock the guest operating system when the last remote user disconnects\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" is not set to \"true\", this is a finding.\n\nIf the virtual machine advanced setting \"tools.guest.desktop.autolock\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\nCheck the box next to \"Lock the guest operating system when the last remote user disconnects\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000201",
+            "rid": "SV-VMCH-80-000201",
+            "stig_id": "VMCH-80-000201",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000201' do\n  title 'Virtual machines (VMs) must be configured to lock when the last console connection is closed.'\n  desc  'When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Verify the option \\\"Lock the guest operating system when the last remote user disconnects\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> VMware Remote Console Options.\n\n    Check the box next to \\\"Lock the guest operating system when the last remote user disconnects\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000201'\n  tag rid: 'SV-VMCH-80-000201'\n  tag stig_id: 'VMCH-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000201.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 8.45e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 7.87e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"true\"",
+              "run_time": 0.0001126,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"true\"",
+              "run_time": 9.61e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"true\"",
+              "run_time": 8.08e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000202",
+          "title": "Virtual machines (VMs) must disable 3D features when not required.",
+          "desc": "For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications)."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and verify the \"Enable 3D Support\" checkbox is unchecked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d\n\nIf the virtual machine advanced setting \"mks.enable3d\" exists and is not set to \"false\", this is a finding.\n\nIf the virtual machine advanced setting \"mks.enable3d\" does not exist, this is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\nExpand the \"Video card\" and uncheck the \"Enable 3D Support\" checkbox.\n\nClick \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \"false\"\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000202",
+            "rid": "SV-VMCH-80-000202",
+            "stig_id": "VMCH-80-000202",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000202' do\n  title 'Virtual machines (VMs) must disable 3D features when not required.'\n  desc  'For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and verify the \\\"Enable 3D Support\\\" checkbox is unchecked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" exists and is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" does not exist, this is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and uncheck the \\\"Enable 3D Support\\\" checkbox.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \\\"false\\\"\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000202'\n  tag rid: 'SV-VMCH-80-000202'\n  tag stig_id: 'VMCH-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name mks.enable3d | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000202.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.000199,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 6.04e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"false\"",
+              "run_time": 7.42e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"false\"",
+              "run_time": 7.03e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"false\"",
+              "run_time": 7.27e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000203",
+          "title": "Virtual machines (VMs) must enable encryption for vMotion.",
+          "desc": "vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\".",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\nvSphere enables encrypted vMotion by default as \"Opportunistic\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\nFor example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \"Required\", vMotions to unsupported hosts will fail. This must be set to \"Opportunistic\" or \"Required\"."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \"disabled\")}\n\nIf the \"Encrypted vMotion\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted vMotion\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n$spec.MigrateEncryption = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000203",
+            "rid": "SV-VMCH-80-000203",
+            "stig_id": "VMCH-80-000203",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000203' do\n  title 'Virtual machines (VMs) must enable encryption for vMotion.'\n  desc  \"\n    vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\n    vSphere enables encrypted vMotion by default as \\\"Opportunistic\\\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\n    For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \\\"Required\\\", vMotions to unsupported hosts will fail. This must be set to \\\"Opportunistic\\\" or \\\"Required\\\".\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \\\"disabled\\\")}\n\n    If the \\\"Encrypted vMotion\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted vMotion\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n    $spec.MigrateEncryption = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000203'\n  tag rid: 'SV-VMCH-80-000203'\n  tag stig_id: 'VMCH-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['opportunistic', 'required']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.MigrateEncryption\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000203.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be in \"opportunistic\" and \"required\"",
+              "run_time": 0.0001248,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be in \"opportunistic\" and \"required\"",
+              "run_time": 8.41e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in \"opportunistic\" and \"required\"",
+              "run_time": 7.61e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in \"opportunistic\" and \"required\"",
+              "run_time": 8.77e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in \"opportunistic\" and \"required\"",
+              "run_time": 7.88e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000204",
+          "title": "Virtual machines (VMs) must enable encryption for Fault Tolerance.",
+          "desc": "Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\nvSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\nWhen Fault Tolerance is turned on, FT encryption is set to \"Opportunistic\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionOpportunistic\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \"ftEncryptionRequired\")}\n\nIf the \"Encrypted FT\" setting does not have a value of \"Opportunistic\" or \"Required\", this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\nFor \"Encrypted FT\" set the value to \"Opportunistic\" or \"Required\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n$spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000204",
+            "rid": "SV-VMCH-80-000204",
+            "stig_id": "VMCH-80-000204",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000204' do\n  title 'Virtual machines (VMs) must enable encryption for Fault Tolerance.'\n  desc  \"\n    Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\n    vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\n    When Fault Tolerance is turned on, FT encryption is set to \\\"Opportunistic\\\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionOpportunistic\\\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionRequired\\\")}\n\n    If the \\\"Encrypted FT\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Encryption.\n\n    For \\\"Encrypted FT\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n    $spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000204'\n  tag rid: 'SV-VMCH-80-000204'\n  tag stig_id: 'VMCH-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['ftEncryptionOpportunistic', 'ftEncryptionRequired']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.FtEncryptionMode\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000204.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"",
+              "run_time": 7.57e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"",
+              "run_time": 7.46e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"",
+              "run_time": 7.58e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"",
+              "run_time": 7.2e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in \"ftEncryptionOpportunistic\" and \"ftEncryptionRequired\"",
+              "run_time": 7.12e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000205",
+          "title": "Virtual machines (VMs) must configure log size.",
+          "desc": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.rotateSize\" value is set to \"2048000\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize\n\nIf the virtual machine advanced setting \"log.rotateSize\" is not set to \"2048000\", this is a finding.\n\nIf the virtual machine advanced setting \"log.rotateSize\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.rotateSize\" value and set it to \"2048000\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000205",
+            "rid": "SV-VMCH-80-000205",
+            "stig_id": "VMCH-80-000205",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000205' do\n  title 'Virtual machines (VMs) must configure log size.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.rotateSize\\\" value is set to \\\"2048000\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" is not set to \\\"2048000\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.rotateSize\\\" value and set it to \\\"2048000\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000205'\n  tag rid: 'SV-VMCH-80-000205'\n  tag stig_id: 'VMCH-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.rotateSize | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '2048000' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000205.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 0.0001893,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 6.16e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"2048000\"",
+              "run_time": 7.25e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"2048000\"",
+              "run_time": 6.81e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"2048000\"",
+              "run_time": 6.56e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000206",
+          "title": "Virtual machines (VMs) must configure log retention.",
+          "desc": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\nBy default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nVerify the \"log.keepOld\" value is set to \"10\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld\n\nIf the virtual machine advanced setting \"log.keepOld\" is not set to \"10\", this is a finding.\n\nIf the virtual machine advanced setting \"log.keepOld\" does NOT exist, this is NOT a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\nFind the \"log.keepOld\" value and set it to \"10\".\n\nIf the setting does not exist no action is needed.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\nNote: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000206",
+            "rid": "SV-VMCH-80-000206",
+            "stig_id": "VMCH-80-000206",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000206' do\n  title 'Virtual machines (VMs) must configure log retention.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Verify the \\\"log.keepOld\\\" value is set to \\\"10\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" is not set to \\\"10\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> Advanced Parameters.\n\n    Find the \\\"log.keepOld\\\" value and set it to \\\"10\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000206'\n  tag rid: 'SV-VMCH-80-000206'\n  tag stig_id: 'VMCH-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.keepOld | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '10' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000206.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to be empty",
+              "run_time": 5.93e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to be empty",
+              "run_time": 8.83e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"10\"",
+              "run_time": 7.28e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"10\"",
+              "run_time": 0.0003565,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"10\"",
+              "run_time": 7.28e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000207",
+          "title": "Virtual machines (VMs) must enable logging.",
+          "desc": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nEnsure that the checkbox next to \"Enable logging\" is checked.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \"True\"}\n\nIf logging is not enabled, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\nClick the checkbox next to \"Enable logging\". Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n$spec.Flags.enableLogging = $true\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000207",
+            "rid": "SV-VMCH-80-000207",
+            "stig_id": "VMCH-80-000207",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000207' do\n  title 'Virtual machines (VMs) must enable logging.'\n  desc  'The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Ensure that the checkbox next to \\\"Enable logging\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \\\"True\\\"}\n\n    If logging is not enabled, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings >> VM Options >> Advanced.\n\n    Click the checkbox next to \\\"Enable logging\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n    $spec.Flags.enableLogging = $true\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000207'\n  tag rid: 'SV-VMCH-80-000207'\n  tag stig_id: 'VMCH-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Flags.EnableLogging\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000207.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "VM: stig vm2 is expected to cmp == \"true\"",
+              "run_time": 0.0001426,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stig vm2"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: stigvm1 is expected to cmp == \"true\"",
+              "run_time": 7.39e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: stigvm1"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == \"true\"",
+              "run_time": 7.09e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == \"true\"",
+              "run_time": 6.91e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d"
+            },
+            {
+              "status": "passed",
+              "code_desc": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == \"true\"",
+              "run_time": 7.38e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000208",
+          "title": "Virtual machines (VMs) must not use independent, non-persistent disks.",
+          "desc": "The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\nThere can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\nIf the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the target hard disk and change the mode to persistent or uncheck Independent.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\nor\n\nGet-VM \"VM Name\" | Get-HardDisk | Set-HardDisk -Persistence Persistent"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000208",
+            "rid": "SV-VMCH-80-000208",
+            "stig_id": "VMCH-80-000208",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000208' do\n  title 'Virtual machines (VMs) must not use independent, non-persistent disks.'\n  desc  \"\n    The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\n    There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\n    If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the target hard disk and change the mode to persistent or uncheck Independent.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\n    or\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence Persistent\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000208'\n  tag rid: 'SV-VMCH-80-000208'\n  tag stig_id: 'VMCH-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-HardDisk | Select-Object -ExpandProperty Persistence\"\n      results = powercli_command(command)\n      results.stdout.split.each do |disk|\n        describe \"Checking the VM: #{vm} for Non-Persistent Hard Disks\" do\n          subject { disk }\n          it { should_not cmp 'IndependentNonPersistent' }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000208.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stig vm2 for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"",
+              "run_time": 8.15e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for Non-Persistent Hard Disks"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stigvm1 for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"",
+              "run_time": 7.5e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for Non-Persistent Hard Disks"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"",
+              "run_time": 7.28e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Non-Persistent Hard Disks"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"",
+              "run_time": 7.28e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Non-Persistent Hard Disks"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Non-Persistent Hard Disks is expected not to cmp == \"IndependentNonPersistent\"",
+              "run_time": 7.35e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Non-Persistent Hard Disks"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000209",
+          "title": "Virtual machines (VMs) must remove unneeded floppy devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\nIf a virtual machine has a floppy drive connected, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a floppy drive.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-FloppyDrive | Remove-FloppyDrive"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000209",
+            "rid": "SV-VMCH-80-000209",
+            "stig_id": "VMCH-80-000209",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000209' do\n  title 'Virtual machines (VMs) must remove unneeded floppy devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\n    If a virtual machine has a floppy drive connected, this is a finding.\n  \"\n  desc 'fix', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a floppy drive.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-FloppyDrive | Remove-FloppyDrive\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000209'\n  tag rid: 'SV-VMCH-80-000209'\n  tag stig_id: 'VMCH-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-FloppyDrive\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for Floppy drives\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000209.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stig vm2 for Floppy drives is expected to be empty",
+              "run_time": 0.0086651,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for Floppy drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stigvm1 for Floppy drives is expected to be empty",
+              "run_time": 0.0081981,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for Floppy drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Floppy drives is expected to be empty",
+              "run_time": 0.0083412,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Floppy drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Floppy drives is expected to be empty",
+              "run_time": 0.0084882,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Floppy drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Floppy drives is expected to be empty",
+              "run_time": 0.0082438,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Floppy drives"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000210",
+          "title": "Virtual machines (VMs) must remove unneeded CD/DVD devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no CD/DVD drives are connected.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\nIf a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the CD/DVD drive and uncheck \"Connected\" and \"Connect at power on\" and remove any attached ISOs.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-CDDrive | Set-CDDrive -NoMedia"
+            }
+          ],
+          "impact": 0.3,
+          "refs": [],
+          "tags": {
+            "severity": "low",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000210",
+            "rid": "SV-VMCH-80-000210",
+            "stig_id": "VMCH-80-000210",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000210' do\n  title 'Virtual machines (VMs) must remove unneeded CD/DVD devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no CD/DVD drives are connected.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\n    If a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the CD/DVD drive and uncheck \\\"Connected\\\" and \\\"Connect at power on\\\" and remove any attached ISOs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-CDDrive | Set-CDDrive -NoMedia\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000210'\n  tag rid: 'SV-VMCH-80-000210'\n  tag stig_id: 'VMCH-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}' | Get-CDDrive).ExtensionData.connectable.connected\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000210.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stig vm2 for CD/DVD drives is expected to cmp == \"false\"",
+              "run_time": 0.0001095,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for CD/DVD drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stigvm1 for CD/DVD drives is expected to cmp == \"false\"",
+              "run_time": 0.0002336,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for CD/DVD drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for CD/DVD drives is expected to be empty",
+              "run_time": 7.62e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for CD/DVD drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for CD/DVD drives is expected to be empty",
+              "run_time": 6.13e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for CD/DVD drives"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for CD/DVD drives is expected to be empty",
+              "run_time": 5.48e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for CD/DVD drives"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000211",
+          "title": "Virtual machines (VMs) must remove unneeded parallel devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"parallel\"}\n\nIf a virtual machine has a parallel device present, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\nThe VM must be powered off to remove a parallel device.\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n$pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \"Parallel\"}\n$spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n$spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n$spec.DeviceChange[-1].device = $pport\n$spec.DeviceChange[-1].operation = \"remove\"\n(Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000211",
+            "rid": "SV-VMCH-80-000211",
+            "stig_id": "VMCH-80-000211",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000211' do\n  title 'Virtual machines (VMs) must remove unneeded parallel devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"parallel\\\"}\n\n    If a virtual machine has a parallel device present, this is a finding.\n  \"\n  desc 'fix', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a parallel device.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $pport = (Get-VM -Name <vmname>).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \\\"Parallel\\\"}\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n    $spec.DeviceChange[-1].device = $pport\n    $spec.DeviceChange[-1].operation = \\\"remove\\\"\n    (Get-VM -Name <vmname>).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000211'\n  tag rid: 'SV-VMCH-80-000211'\n  tag stig_id: 'VMCH-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for parallel devices\" do\n        subject { result }\n        it { should_not match 'Parallel' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000211.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stig vm2 for parallel devices is expected not to match \"Parallel\"",
+              "run_time": 8.28e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for parallel devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stigvm1 for parallel devices is expected not to match \"Parallel\"",
+              "run_time": 5.38e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for parallel devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for parallel devices is expected not to match \"Parallel\"",
+              "run_time": 4.72e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for parallel devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for parallel devices is expected not to match \"Parallel\"",
+              "run_time": 5.26e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for parallel devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for parallel devices is expected not to match \"Parallel\"",
+              "run_time": 5.15e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for parallel devices"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000212",
+          "title": "Virtual machines (VMs) must remove unneeded serial devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no serial devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"serial\"}\n\nIf a virtual machine has a serial device present, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "The VM must be powered off to remove a serial device.\n\nFor each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the serial device, click the circled \"X\" to remove it, and click \"OK\"."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000212",
+            "rid": "SV-VMCH-80-000212",
+            "stig_id": "VMCH-80-000212",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000212' do\n  title 'Virtual machines (VMs) must remove unneeded serial devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no serial devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"serial\\\"}\n\n    If a virtual machine has a serial device present, this is a finding.\n  \"\n  desc  'fix', \"\n    The VM must be powered off to remove a serial device.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the serial device, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000212'\n  tag rid: 'SV-VMCH-80-000212'\n  tag stig_id: 'VMCH-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for serial devices\" do\n        subject { result }\n        it { should_not match 'Serial' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000212.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stig vm2 for serial devices is expected not to match \"Serial\"",
+              "run_time": 5.25e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for serial devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stigvm1 for serial devices is expected not to match \"Serial\"",
+              "run_time": 0.0003045,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for serial devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for serial devices is expected not to match \"Serial\"",
+              "run_time": 7.72e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for serial devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for serial devices is expected not to match \"Serial\"",
+              "run_time": 5.39e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for serial devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for serial devices is expected not to match \"Serial\"",
+              "run_time": 0.0001312,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for serial devices"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000213",
+          "title": "Virtual machines (VMs) must remove unneeded USB devices.",
+          "desc": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nReview the VMs hardware and verify no USB devices exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\nGet-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \"usb\"}\nGet-VM | Get-UsbDevice\n\nIf a virtual machine has any USB devices or USB controllers present, this is a finding.\n\nIf USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding."
+            },
+            {
+              "label": "fix",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, right-click the Virtual Machine and go to \"Edit Settings\".\n\nSelect the USB controller, click the circled \"X\" to remove it, and click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-USBDevice | Remove-USBDevice\n\nNote:  This will not remove the USB controller, just any connected devices."
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000213",
+            "rid": "SV-VMCH-80-000213",
+            "stig_id": "VMCH-80-000213",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000213' do\n  title 'Virtual machines (VMs) must remove unneeded USB devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no USB devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"usb\\\"}\n    Get-VM | Get-UsbDevice\n\n    If a virtual machine has any USB devices or USB controllers present, this is a finding.\n\n    If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the USB controller, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-USBDevice | Remove-USBDevice\n\n    Note:  This will not remove the USB controller, just any connected devices.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000213'\n  tag rid: 'SV-VMCH-80-000213'\n  tag stig_id: 'VMCH-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for USB devices\" do\n        subject { result }\n        it { should_not match 'USB' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000213.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "Checking the VM: stig vm2 for USB devices is expected not to match \"USB\"",
+              "run_time": 0.0005257,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "message": "expected \"IDE 0\\r\\nIDE 1\\r\\nPS2 controller 0\\r\\nPCI controller 0\\r\\nSIO controller 0\\r\\nKeyboard \\r\\nPointing ...er \\r\\nSCSI controller 0\\r\\nSATA controller 0\\r\\nCD/DVD drive 1\\r\\nHard disk 1\\r\\nNetwork adapter 1\" not to match \"USB\"\nDiff:\n@@ -1,15 +1,29 @@\n-USB\n+IDE 0\n+IDE 1\n+PS2 controller 0\n+PCI controller 0\n+SIO controller 0\n+Keyboard \n+Pointing device\n+Video card \n+VMCI device\n+USB xHCI controller \n+SCSI controller 0\n+SATA controller 0\n+CD/DVD drive 1\n+Hard disk 1\n+Network adapter 1\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for USB devices"
+            },
+            {
+              "status": "failed",
+              "code_desc": "Checking the VM: stigvm1 for USB devices is expected not to match \"USB\"",
+              "run_time": 0.0002042,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "message": "expected \"IDE 0\\r\\nIDE 1\\r\\nPS2 controller 0\\r\\nPCI controller 0\\r\\nSIO controller 0\\r\\nKeyboard \\r\\nPointing ...er \\r\\nSCSI controller 0\\r\\nSATA controller 0\\r\\nCD/DVD drive 1\\r\\nHard disk 1\\r\\nNetwork adapter 1\" not to match \"USB\"\nDiff:\n@@ -1,15 +1,29 @@\n-USB\n+IDE 0\n+IDE 1\n+PS2 controller 0\n+PCI controller 0\n+SIO controller 0\n+Keyboard \n+Pointing device\n+Video card \n+VMCI device\n+USB xHCI controller \n+SCSI controller 0\n+SATA controller 0\n+CD/DVD drive 1\n+Hard disk 1\n+Network adapter 1\n",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for USB devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for USB devices is expected not to match \"USB\"",
+              "run_time": 0.0002226,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for USB devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for USB devices is expected not to match \"USB\"",
+              "run_time": 5.77e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for USB devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for USB devices is expected not to match \"USB\"",
+              "run_time": 4.56e-05,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for USB devices"
+            }
+          ]
+        },
+        {
+          "id": "VMCH-80-000214",
+          "title": "Virtual machines (VMs) must disable DirectPath I/O devices when not required.",
+          "desc": "VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.",
+          "descriptions": [
+            {
+              "label": "default",
+              "data": "VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus."
+            },
+            {
+              "label": "rationale",
+              "data": ""
+            },
+            {
+              "label": "check",
+              "data": "For each virtual machine do the following:\n\nFrom the vSphere Client, view the Summary tab.\n\nReview the PCI devices section and verify none exist.\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice\n\nIf the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding."
+            },
+            {
+              "label": "fix",
+              "data": "From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\nFind the unexpected PCI device returned from the check.\n\nHover the mouse over the device and click the circled \"X\" to remove the device. Click \"OK\".\n\nor\n\nFrom a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\nGet-VM \"VM Name\" | Get-PassthroughDevice | Remove-PassthroughDevice"
+            }
+          ],
+          "impact": 0.5,
+          "refs": [],
+          "tags": {
+            "severity": "medium",
+            "gtitle": "SRG-OS-000480-VMM-002000",
+            "gid": "V-VMCH-80-000214",
+            "rid": "SV-VMCH-80-000214",
+            "stig_id": "VMCH-80-000214",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ]
+          },
+          "code": "control 'VMCH-80-000214' do\n  title 'Virtual machines (VMs) must disable DirectPath I/O devices when not required.'\n  desc  'VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, view the Summary tab.\n\n    Review the PCI devices section and verify none exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice\n\n    If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings >> Virtual Hardware tab.\n\n    Find the unexpected PCI device returned from the check.\n\n    Hover the mouse over the device and click the circled \\\"X\\\" to remove the device. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice | Remove-PassthroughDevice\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000214'\n  tag rid: 'SV-VMCH-80-000214'\n  tag stig_id: 'VMCH-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-PassthroughDevice\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for PCI passthrough devices\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n",
+          "source_location": {
+            "line": 1,
+            "ref": "C:/Users/rlakey/.inspec/cache/e8186ecb29a879f6c234680093c8d3b1f007fb81b3af588b7ff12cdf587bfd7e/controls/VMCH-80-000214.rb"
+          },
+          "waiver_data": {},
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stig vm2 for PCI passthrough devices is expected to be empty",
+              "run_time": 0.0084144,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stig vm2 for PCI passthrough devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: stigvm1 for PCI passthrough devices is expected to be empty",
+              "run_time": 0.00833,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: stigvm1 for PCI passthrough devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for PCI passthrough devices is expected to be empty",
+              "run_time": 0.0082416,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for PCI passthrough devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for PCI passthrough devices is expected to be empty",
+              "run_time": 0.0082677,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for PCI passthrough devices"
+            },
+            {
+              "status": "passed",
+              "code_desc": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for PCI passthrough devices is expected to be empty",
+              "run_time": 0.0081769,
+              "start_time": "2023-06-07T08:29:42-06:00",
+              "resource_class": "Object",
+              "resource_params": "[]",
+              "resource_id": "Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for PCI passthrough devices"
+            }
+          ]
+        }
+      ],
+      "status": "loaded",
+      "status_message": ""
+    }
+  ],
+  "statistics": {
+    "duration": 73.759917
+  },
+  "version": "5.22.3"
+}
\ No newline at end of file
diff --git a/test/sample_data/HDF/output/summary/rhel-8_hardened_output.json b/test/sample_data/HDF/output/summary/rhel-8_hardened_output.json
index 95a298281..4769e428c 100644
--- a/test/sample_data/HDF/output/summary/rhel-8_hardened_output.json
+++ b/test/sample_data/HDF/output/summary/rhel-8_hardened_output.json
@@ -34,7 +34,11 @@
       "total": 0
     },
     "no_impact": {
-      "none": 33,
+      "critical": 0,
+      "high": 3,
+      "low": 0,
+      "medium": 30,
+      "none": 0,
       "total": 33
     }
   }
diff --git a/test/sample_data/HDF/output/summary/rhel-8_hardened_output.md b/test/sample_data/HDF/output/summary/rhel-8_hardened_output.md
index 1d7fb56fd..c210eafad 100644
--- a/test/sample_data/HDF/output/summary/rhel-8_hardened_output.md
+++ b/test/sample_data/HDF/output/summary/rhel-8_hardened_output.md
@@ -2,6 +2,6 @@
 | :---------------------------- | :--------------------------: | :-----------: | :-----------------------------------------: | :----------------------------------: | :----------------: |
 | Total                         |             227              |      112      |                      3                      |                  33                  |         0          |
 | Critical                      |              0               |       0       |                      0                      |                  0                   |         0          |
-| High                          |              11              |       6       |                      1                      |                  0                   |         0          |
-| Medium                        |             208              |      87       |                      1                      |                  0                   |         0          |
+| High                          |              11              |       6       |                      1                      |                  3                   |         0          |
+| Medium                        |             208              |      87       |                      1                      |                  30                  |         0          |
 | Low                           |              8               |      19       |                      1                      |                  0                   |         0          |
diff --git a/test/sample_data/HDF/output/summary/rhel-8_hardened_output.yml b/test/sample_data/HDF/output/summary/rhel-8_hardened_output.yml
index 2ed67eb9b..9343cc067 100644
--- a/test/sample_data/HDF/output/summary/rhel-8_hardened_output.yml
+++ b/test/sample_data/HDF/output/summary/rhel-8_hardened_output.yml
@@ -27,5 +27,9 @@
     low: 0
     total: 0
   no_impact:
-    none: 33
+    critical: 0
+    high: 3
+    medium: 30
+    low: 0
+    none: 0
     total: 33
diff --git a/test/sample_data/checklist/checklist-RHEL8V1R3-hdf.json b/test/sample_data/checklist/checklist-RHEL8V1R3-hdf.json
index 3740c4e6c..33b2a3388 100644
--- a/test/sample_data/checklist/checklist-RHEL8V1R3-hdf.json
+++ b/test/sample_data/checklist/checklist-RHEL8V1R3-hdf.json
@@ -1,9 +1,9 @@
 {
   "platform": {
     "name": "Heimdall Tools",
-    "release": "2.10.1"
+    "release": "2.10.8"
   },
-  "version": "2.10.1",
+  "version": "2.10.8",
   "statistics": {},
   "profiles": [
     {
@@ -29,6 +29,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -69,6 +70,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -109,6 +111,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -149,6 +152,7 @@
             "nist": [
               "SC-28"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -189,6 +193,7 @@
             "nist": [
               "AC-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -229,6 +234,7 @@
             "nist": [
               "AC-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -269,6 +275,7 @@
             "nist": [
               "AC-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -309,6 +316,7 @@
             "nist": [
               "AC-17 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -349,6 +357,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -389,6 +398,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -429,6 +439,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -469,6 +480,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -509,6 +521,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -549,6 +562,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -589,6 +603,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -629,6 +644,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -669,6 +685,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -709,6 +726,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -749,6 +767,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -789,6 +808,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -829,6 +849,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -869,6 +890,7 @@
             "nist": [
               "SC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -909,6 +931,7 @@
             "nist": [
               "SC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -949,6 +972,7 @@
             "nist": [
               "SC-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -989,6 +1013,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1029,6 +1054,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1069,6 +1095,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1109,6 +1136,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1149,6 +1177,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1189,6 +1218,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1229,6 +1259,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1269,6 +1300,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1309,6 +1341,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1349,6 +1382,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1389,6 +1423,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1429,6 +1464,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1469,6 +1505,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1509,6 +1546,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1549,6 +1587,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1589,6 +1628,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1629,6 +1669,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1669,6 +1710,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1709,6 +1751,7 @@
             "nist": [
               "CM-3 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1749,6 +1792,7 @@
             "nist": [
               "CM-5 (3)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1789,6 +1833,7 @@
             "nist": [
               "CM-5 (3)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1829,6 +1874,7 @@
             "nist": [
               "CM-5 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1869,6 +1915,7 @@
             "nist": [
               "AC-3 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1909,6 +1956,7 @@
             "nist": [
               "AC-3 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1949,6 +1997,7 @@
             "nist": [
               "SC-4"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -1989,6 +2038,7 @@
             "nist": [
               "SC-4"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2029,6 +2079,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2069,6 +2120,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2109,6 +2161,7 @@
             "nist": [
               "IA-2 (11)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2149,6 +2202,7 @@
             "nist": [
               "IA-2 (11)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2189,6 +2243,7 @@
             "nist": [
               "IA-2 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2229,6 +2284,7 @@
             "nist": [
               "SI-16"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2269,6 +2325,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2309,6 +2366,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2349,6 +2407,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2389,6 +2448,7 @@
             "nist": [
               "SI-16"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2429,6 +2489,7 @@
             "nist": [
               "SI-2 (6)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2469,6 +2530,7 @@
             "nist": [
               "SI-6 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2509,6 +2571,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2549,6 +2612,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2589,6 +2653,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2629,6 +2694,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2669,6 +2735,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2709,6 +2776,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2749,6 +2817,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2789,6 +2858,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2829,6 +2899,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2869,6 +2940,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2909,6 +2981,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2949,6 +3022,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -2989,6 +3063,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3029,6 +3104,7 @@
             "nist": [
               "IA-2 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3069,6 +3145,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3109,6 +3186,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3149,6 +3227,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3189,6 +3268,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3229,6 +3309,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3269,6 +3350,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3309,6 +3391,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3349,6 +3432,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3389,6 +3473,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3429,6 +3514,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3469,6 +3555,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3509,6 +3596,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3549,6 +3637,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3589,6 +3678,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3629,6 +3719,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3669,6 +3760,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3709,6 +3801,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3749,6 +3842,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3789,6 +3883,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3829,6 +3924,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3869,6 +3965,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3909,6 +4006,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3949,6 +4047,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -3989,6 +4088,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4029,6 +4129,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4069,6 +4170,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4109,6 +4211,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4149,6 +4252,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4189,6 +4293,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4229,6 +4334,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4269,6 +4375,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4309,6 +4416,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4349,6 +4457,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4389,6 +4498,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4429,6 +4539,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4469,6 +4580,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4509,6 +4621,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4549,6 +4662,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4589,6 +4703,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4629,6 +4744,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4669,6 +4785,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4709,6 +4826,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4749,6 +4867,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4789,6 +4908,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4829,6 +4949,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4869,6 +4990,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4909,6 +5031,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4949,6 +5072,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -4989,6 +5113,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5029,6 +5154,7 @@
             "nist": [
               "AC-10"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5069,6 +5195,7 @@
             "nist": [
               "AC-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5109,6 +5236,7 @@
             "nist": [
               "AC-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5149,6 +5277,7 @@
             "nist": [
               "AC-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5189,6 +5318,7 @@
             "nist": [
               "AC-11 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5229,6 +5359,7 @@
             "nist": [
               "AC-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5269,6 +5400,7 @@
             "nist": [
               "AC-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5309,6 +5441,7 @@
             "nist": [
               "AC-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5349,6 +5482,7 @@
             "nist": [
               "AC-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5389,6 +5523,7 @@
             "nist": [
               "IA-5 (2) (a) (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5429,6 +5564,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5469,6 +5605,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5509,6 +5646,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5549,6 +5687,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5589,6 +5728,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5629,6 +5769,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5669,6 +5810,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5709,6 +5851,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5749,6 +5892,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5789,6 +5933,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5829,6 +5974,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5869,6 +6015,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5909,6 +6056,7 @@
             "nist": [
               "IA-5 (1) (e)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5949,6 +6097,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -5989,6 +6138,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6029,6 +6179,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6069,6 +6220,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6109,6 +6261,7 @@
             "nist": [
               "IA-4 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6149,6 +6302,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6189,6 +6343,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6229,6 +6384,7 @@
             "nist": [
               "IA-5 (13)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6269,6 +6425,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6309,6 +6466,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6349,6 +6507,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6389,6 +6548,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6429,6 +6589,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6469,6 +6630,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6509,6 +6671,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6549,6 +6712,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6589,6 +6753,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6629,6 +6794,7 @@
             "nist": [
               "AC-6 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6669,6 +6835,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6709,6 +6876,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6749,6 +6917,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6789,6 +6958,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6829,6 +6999,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6869,6 +7040,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6909,6 +7081,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6949,6 +7122,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -6989,6 +7163,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7029,6 +7204,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7069,6 +7245,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7109,6 +7286,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7149,6 +7327,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7189,6 +7368,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7229,6 +7409,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7269,6 +7450,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7309,6 +7491,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7349,6 +7532,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7389,6 +7573,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7429,6 +7614,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7469,6 +7655,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7509,6 +7696,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7549,6 +7737,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7589,6 +7778,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7629,6 +7819,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7669,6 +7860,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7709,6 +7901,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7749,6 +7942,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7789,6 +7983,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7829,6 +8024,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7869,6 +8065,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7909,6 +8106,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7949,6 +8147,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -7989,6 +8188,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8029,6 +8229,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8069,6 +8270,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8109,6 +8311,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8149,6 +8352,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8189,6 +8393,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8229,6 +8434,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8269,6 +8475,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8309,6 +8516,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8349,6 +8557,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8389,6 +8598,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8429,6 +8639,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8469,6 +8680,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8509,6 +8721,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8549,6 +8762,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8589,6 +8803,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8629,6 +8844,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8669,6 +8885,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8709,6 +8926,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8749,6 +8967,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8789,6 +9008,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8829,6 +9049,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8869,6 +9090,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8909,6 +9131,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8949,6 +9172,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -8989,6 +9213,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9029,6 +9254,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9069,6 +9295,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9109,6 +9336,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9149,6 +9377,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9189,6 +9418,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9229,6 +9459,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9269,6 +9500,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9309,6 +9541,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9349,6 +9582,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9389,6 +9623,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9429,6 +9664,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9469,6 +9705,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9509,6 +9746,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9549,6 +9787,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9589,6 +9828,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9629,6 +9869,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9669,6 +9910,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9709,6 +9951,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9749,6 +9992,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9789,6 +10033,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9829,6 +10074,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9869,6 +10115,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9909,6 +10156,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9949,6 +10197,7 @@
             "nist": [
               "AU-4"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -9989,6 +10238,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10029,6 +10279,7 @@
             "nist": [
               "AU-12 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10069,6 +10320,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10109,6 +10361,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10149,6 +10402,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10189,6 +10443,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10229,6 +10484,7 @@
             "nist": [
               "AU-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10269,6 +10525,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10309,6 +10566,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10349,6 +10607,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10389,6 +10648,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10429,6 +10689,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10469,6 +10730,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10509,6 +10771,7 @@
             "nist": [
               "AU-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10549,6 +10812,7 @@
             "nist": [
               "AU-8 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10589,6 +10853,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10629,6 +10894,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10669,6 +10935,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10709,6 +10976,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10749,6 +11017,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10789,6 +11058,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10829,6 +11099,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10869,6 +11140,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10909,6 +11181,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10949,6 +11222,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -10989,6 +11263,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11029,6 +11304,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11069,6 +11345,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11109,6 +11386,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11149,6 +11427,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11189,6 +11468,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11229,6 +11509,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11269,6 +11550,7 @@
             "nist": [
               "AC-17 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11309,6 +11591,7 @@
             "nist": [
               "AC-17 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11349,6 +11632,7 @@
             "nist": [
               "AC-18 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11389,6 +11673,7 @@
             "nist": [
               "AC-18 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11429,6 +11714,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11469,6 +11755,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11509,6 +11796,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11549,6 +11837,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11589,6 +11878,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11629,6 +11919,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11669,6 +11960,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11709,6 +12001,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11749,6 +12042,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11789,6 +12083,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11829,6 +12124,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11869,6 +12165,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11909,6 +12206,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11949,6 +12247,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -11989,6 +12288,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12029,6 +12329,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12069,6 +12370,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12109,6 +12411,7 @@
             "nist": [
               "SC-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12149,6 +12452,7 @@
             "nist": [
               "SC-8"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12189,6 +12493,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12229,6 +12534,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12269,6 +12575,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12309,6 +12616,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12349,6 +12657,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12389,6 +12698,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12429,6 +12739,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12469,6 +12780,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12509,6 +12821,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12549,6 +12862,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12589,6 +12903,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12629,6 +12944,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12669,6 +12985,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12709,6 +13026,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12749,6 +13067,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12789,6 +13108,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12829,6 +13149,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12869,6 +13190,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12909,6 +13231,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12949,6 +13272,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -12989,6 +13313,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13029,6 +13354,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13069,6 +13395,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13109,6 +13436,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13149,6 +13477,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13189,6 +13518,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13229,6 +13559,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13269,6 +13600,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13309,6 +13641,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13349,6 +13682,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13389,6 +13723,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13429,6 +13764,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13469,6 +13805,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13509,6 +13846,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13549,6 +13887,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13589,6 +13928,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13629,6 +13969,7 @@
             "nist": [
               "AC-6 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13669,6 +14010,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13709,6 +14051,7 @@
             "nist": [
               "AC-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13749,6 +14092,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13789,6 +14133,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13829,6 +14174,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13869,6 +14215,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13909,6 +14256,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13949,6 +14297,7 @@
             "nist": [
               "SC-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -13989,6 +14338,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14029,6 +14379,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14069,6 +14420,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14109,6 +14461,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14149,6 +14502,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14189,6 +14543,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14229,6 +14584,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14269,6 +14625,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14309,6 +14666,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14349,6 +14707,7 @@
             "nist": [
               "AC-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14389,6 +14748,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14429,6 +14789,7 @@
             "nist": [
               "AC-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14469,6 +14830,7 @@
             "nist": [
               "AC-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14509,6 +14871,7 @@
             "nist": [
               "AC-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14549,6 +14912,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14589,6 +14953,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14629,6 +14994,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14669,6 +15035,7 @@
             "nist": [
               "AU-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14709,6 +15076,7 @@
             "nist": [
               "AC-17 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14749,6 +15117,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14789,6 +15158,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14829,6 +15199,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14869,6 +15240,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14909,6 +15281,7 @@
             "nist": [
               "SC-8"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14949,6 +15322,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -14989,6 +15363,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -15029,6 +15404,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -15069,6 +15445,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -15109,6 +15486,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -15149,6 +15527,7 @@
             "nist": [
               "SI-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Red Hat Enterprise Linux 8 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 23 Jul 2021"
           },
@@ -15178,7 +15557,7 @@
           ]
         }
       ],
-      "sha256": "26f379f219eaff4c05580e7e4524d88f106f588d65426733aeeebb4e1ff6b3f1"
+      "sha256": "08034dcfc6ba3541b6d167c9cbaa8e4b67683e70414542af441959d2ee3be74c"
     }
   ],
   "passthrough": {
diff --git a/test/sample_data/checklist/converted-rhel7_overrides.ckl b/test/sample_data/checklist/converted-rhel7_overrides.ckl
new file mode 100644
index 000000000..86a16e3c6
--- /dev/null
+++ b/test/sample_data/checklist/converted-rhel7_overrides.ckl
@@ -0,0 +1,591 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--Heimdall Version :: 2.10.8-->
+<CHECKLIST>
+	<ASSET>
+		<ROLE>None</ROLE>
+		<ASSET_TYPE>Computing</ASSET_TYPE>
+		<MARKING></MARKING>
+		<HOST_NAME></HOST_NAME>
+		<HOST_IP></HOST_IP>
+		<HOST_MAC></HOST_MAC>
+		<HOST_FQDN></HOST_FQDN>
+		<TARGET_COMMENT></TARGET_COMMENT>
+		<TECH_AREA></TECH_AREA>
+		<TARGET_KEY></TARGET_KEY>
+		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
+		<WEB_DB_SITE></WEB_DB_SITE>
+		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
+	</ASSET>
+	<STIGS>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+					<SID_DATA>{"hdfSpecificData":{"copyright":"SIMP Team","copyright_email":"simp-dev@googlegroups.com","maintainer":"SIMP Team","version":"0.2.0"}}</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>disa_stig-el7</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>The `disa_stig-el7` inspec profile helps scan your system aginst the DISA RHEL7 STIG</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+					<SID_DATA>Release: 2</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>DISA RedHat Enterprise Linux 7 STIG - v1r4</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>Apache-2.0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71849</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000257-GPOS-00098</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86473r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The file permissions, ownership, and group membership of system files and commands must match the vendor values.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Discretionary access control is weakened if a user or group has access permissions to system files and directories greater than the default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the file permissions, ownership, and group membership of
+system files and commands match the vendor values.
+
+Check the file permissions, ownership, and group membership of system files and
+commands with the following command:
+
+# rpm -Va | grep '^.M'
+
+If there is any output from the command indicating that the ownership or group
+of a system file or command, or a system file, has permissions less restrictive
+than the default, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Run the following command to determine which package owns the
+file:
+
+# rpm -qf &lt;filename&gt;
+
+Reset the permissions of files within a package with the following command:
+
+#rpm --setperms &lt;packagename&gt;
+
+Reset the user and group ownership of files within a package with the following
+command:
+
+#rpm --setugids &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "critical",
+    "impact": 0.3
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>DISA RedHat Enterprise Linux 7 STIG - v1r4 :: Version 0, Release: 2</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST not important :: MESSAGE not important</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86479r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The cryptographic hash of system files and commands must match vendor
+values.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the cryptographic hash of system files and commands
+match the vendor values.
+
+Check the cryptographic hash of system files and commands with the following
+command:
+
+Note: System configuration files (indicated by a "c" in the second column)
+are expected to change over time. Unusual modifications should be investigated
+through the system audit log.
+
+# rpm -Va | grep '^..5'
+
+If there is any output from the command for system binaries, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Run the following command to determine which package owns the
+file:
+
+# rpm -qf &lt;filename&gt;
+
+The package can be reinstalled from a yum repository using the command:
+
+# sudo yum reinstall &lt;packagename&gt;
+
+Alternatively, the package can be reinstalled from trusted media using the
+command:
+
+# sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "impact": 0.7
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>DISA RedHat Enterprise Linux 7 STIG - v1r4 :: Version 0, Release: 2</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000663</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST [] should all be in</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE>medium</SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION>This system is not important</SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71859</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86483r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The operating system must display the Standard Mandatory DoD Notice
+and Consent Banner before granting local or remote access to the system via a
+graphical user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "impact": 0.95,
+    "severity": "critical"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>DISA RedHat Enterprise Linux 7 STIG - v1r4 :: Version 0, Release: 2</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST Command: `dconf read /org/gnome/login-screen/banner-message-enable` stdout.strip should cmp == "true" :: MESSAGE 
+expected: "true"
+     got: ""
+
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71861</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86485r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The operating system must display the approved Standard Mandatory DoD
+Notice and Consent Banner before granting local or remote access to the system
+via a graphical user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>not important</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "impact": 0.5
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>DISA RedHat Enterprise Linux 7 STIG - v1r4 :: Version 0, Release: 2</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST If no files specify the banner text then this is a finding should equal false :: MESSAGE 
+expected false
+     got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+	</STIGS>
+</CHECKLIST>
\ No newline at end of file
diff --git a/test/sample_data/checklist/metadata.json b/test/sample_data/checklist/metadata.json
index c38207bea..fe73ea8dc 100644
--- a/test/sample_data/checklist/metadata.json
+++ b/test/sample_data/checklist/metadata.json
@@ -1 +1,19 @@
-{"benchmark":{"title":"My title","version":"1.0.0","plaintext":"This is my release"},"stigid":null,"role":"Domain Controller","type":"Computing","hostname":"localhost","ip":null,"mac":null,"tech_area":"Other Review","target_key":null,"web_or_database":false,"web_db_site":null,"web_db_instance":null}
\ No newline at end of file
+{
+  "profiles": [
+    {
+      "name": "Red Hat Enterprise Linux 7 STIG",
+      "version": 2,
+      "releasenumber": 6,
+      "releasedate": "2024/06/08",
+      "showCalendar": false
+    }
+  ],
+  "marking": "CUI",
+  "hostname": "localhost",
+  "hostip": "127.0.0.1",
+  "role": "Domain Controller",
+  "assettype": "Computing",
+  "techarea": "Other Review",
+  "webordatabase": "false",
+  "vulidmapping": "id"
+}
\ No newline at end of file
diff --git a/test/sample_data/checklist/red_hat_good.ckl b/test/sample_data/checklist/red_hat_good.ckl
index 92850bf21..1e43d865b 100644
--- a/test/sample_data/checklist/red_hat_good.ckl
+++ b/test/sample_data/checklist/red_hat_good.ckl
@@ -1,101 +1,96 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--DISA STIG Viewer :: 2.14-->
-<CHECKLIST>
-	<ASSET>
-		<ROLE>None</ROLE>
-		<ASSET_TYPE>Computing</ASSET_TYPE>
-		<HOST_NAME></HOST_NAME>
-		<HOST_IP></HOST_IP>
-		<HOST_MAC></HOST_MAC>
-		<HOST_FQDN></HOST_FQDN>
-		<TARGET_COMMENT></TARGET_COMMENT>
-		<TECH_AREA></TECH_AREA>
-		<TARGET_KEY>0</TARGET_KEY>
-		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
-		<WEB_DB_SITE></WEB_DB_SITE>
-		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
-	</ASSET>
-	<STIGS>
-		<iSTIG>
-			<STIG_INFO>
-				<SI_DATA>
-					<SID_NAME>version</SID_NAME>
-					<SID_DATA>1</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>classification</SID_NAME>
-					<SID_DATA>UNCLASSIFIED</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>customname</SID_NAME>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>stigid</SID_NAME>
-					<SID_DATA>Red Hat Enterprise Linux 7 STIG</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>description</SID_NAME>
-					<SID_DATA>File Name: red_hat_good.json
-Version: 2.6.0
-SHA256 Hash: 6c28e36e632170e646f6b39f4c728be3ed456e3d0e511ed942afb42ff3670360
-Maintainer: MITRE SAF Team
-Copyright: MITRE, 2020
-Copyright Email: saf@groups.mitre.org
-Control Count: 247</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>filename</SID_NAME>
-					<SID_DATA>red_hat_good.json</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>releaseinfo</SID_NAME>
-					<SID_DATA></SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>title</SID_NAME>
-					<SID_DATA>Red Hat Enterprise Linux 7 STIG</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>uuid</SID_NAME>
-					<SID_DATA>b08904d9-939d-4eaf-822a-3697776e9f3a</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>notice</SID_NAME>
-					<SID_DATA>terms-of-use</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>source</SID_NAME>
-				</SI_DATA>
-			</STIG_INFO>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71973</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86597r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020030</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+<?xml version="1.0" encoding="UTF-8"?>
+<!--Heimdall Version :: 2.10.8-->
+<CHECKLIST>
+	<ASSET>
+		<ROLE>None</ROLE>
+		<ASSET_TYPE>Computing</ASSET_TYPE>
+		<MARKING></MARKING>
+		<HOST_NAME></HOST_NAME>
+		<HOST_IP></HOST_IP>
+		<HOST_MAC></HOST_MAC>
+		<HOST_FQDN></HOST_FQDN>
+		<TARGET_COMMENT></TARGET_COMMENT>
+		<TECH_AREA></TECH_AREA>
+		<TARGET_KEY></TARGET_KEY>
+		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
+		<WEB_DB_SITE></WEB_DB_SITE>
+		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
+	</ASSET>
+	<STIGS>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>2</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+					<SID_DATA>{"hdfSpecificData":{"attributes":[{"name":"disable_slow_controls","options":{"value":true}},{"name":"monitor_kernel_log","options":{"value":true}},{"name":"rpm_verify_perms_except","options":{"type":"Array","value":[]}},{"name":"rpm_verify_integrity_except","options":{"type":"Array","value":[]}},{"name":"banner_message_enabled","options":{"type":"String","value":"true"}},{"name":"log_aggregation_server","options":{"value":false}},{"name":"application_groups","options":{"type":"Array","value":[]}},{"name":"x11_enabled","options":{"value":false}},{"name":"user_accounts","options":{"type":"Array","value":[]}},{"name":"known_system_accounts","options":{"type":"Array","value":["root","bin","daemon","adm","lp","sync","shutdown","halt","mail","operator","nobody","systemd-bus-proxy"]}},{"name":"dconf_user","options":{"type":"String","value":"nil"}},{"name":"banner_message_text_gui","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_gui_limited","options":{"type":"String","value":"I've read &amp; consent to terms in IS user agreem't."}},{"name":"banner_message_text_cli","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_cli_limited","options":{"type":"String","value":"I've read &amp; consent to terms in IS user agreem't."}},{"name":"banner_message_text_ral","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_ral_limited","options":{"type":"String","value":"I've read &amp; consent to terms in IS user agreem't."}},{"name":"lock_delay","options":{"type":"Numeric","value":5}},{"name":"difok","options":{"type":"Numeric","value":8}},{"name":"min_reuse_generations","options":{"type":"Numeric","value":5}},{"name":"min_len","options":{"type":"Numeric","value":15}},{"name":"days_of_inactivity","options":{"type":"Numeric","value":0}},{"name":"unsuccessful_attempts","options":{"type":"Numeric","value":3}},{"name":"fail_interval","options":{"type":"Numeric","value":900}},{"name":"lockout_time","options":{"value":604800}},{"name":"file_integrity_tool","options":{"type":"String","value":"aide"}},{"name":"file_integrity_interval","options":{"type":"String","value":"weekly"}},{"name":"system_activity_timeout","options":{"type":"Numeric","value":600}},{"name":"client_alive_interval","options":{"type":"Numeric","value":600}},{"name":"smart_card_status","options":{"type":"String","value":"enabled"}},{"name":"log_pkg_path","options":{"type":"String","value":"/etc/rsyslog.conf"}},{"name":"exempt_home_users","options":{"type":"Array","value":[]}},{"name":"grub_main_cfg","options":{"type":"String","value":"/boot/grub2/grub.cfg"}},{"name":"grub_uefi_main_cfg","options":{"type":"String","value":"/boot/efi/EFI/redhat/grub.cfg"}},{"name":"grub_superuser","options":{"type":"String","value":"root"}},{"name":"grub_user_boot_files","options":{"type":"Array","value":["/boot/grub2/user.cfg"]}},{"name":"grub_uefi_user_boot_files","options":{"type":"Array","value":["/boot/efi/EFI/redhat/user.cfg"]}},{"name":"efi_superusers","options":{"type":"Array","value":["root"]}},{"name":"admin_logins","options":{"type":"Array","value":[]}},{"name":"max_rety","options":{"type":"Numeric","value":3}},{"name":"mfa_pkg_list","options":{"type":"Array","value":["nss-tools","nss-pam-ldapd","esc","pam_pkcs11","pam_krb5","opensc","pcsc-lite-ccid","gdm","authconfig","authconfig-gtk","krb5-libs","krb5-workstation","krb5-pkinit","pcsc-lite","pcsc-lite-libs"]}},{"name":"multifactor_enabled","options":{"type":"String","value":"true"}},{"name":"non_interactive_shells","options":{"type":"Array","value":["/sbin/nologin","/sbin/halt","/sbin/shutdown","/bin/false","/bin/sync","/bin/true"]}},{"name":"randomize_va_space","options":{"type":"Numeric","value":2}},{"name":"non_removable_media_fs","options":{"type":"Array","value":["xfs","ext4","swap","tmpfs"]}},{"name":"approved_tunnels","options":{"type":"Array","value":[]}},{"name":"virtual_machine","options":{"value":false}},{"name":"max_retry","options":{"type":"Numeric","value":3}},{"name":"firewalld_services","options":{"type":"Array","value":[]}},{"name":"firewalld_hosts_allow","options":{"type":"Array","value":[]}},{"name":"firewalld_hosts_deny","options":{"type":"Array","value":[]}},{"name":"firewalld_ports_allow","options":{"type":"Array","value":[]}},{"name":"firewalld_ports_deny","options":{"type":"Array","value":[]}},{"name":"tcpwrappers_allow","options":{"type":"Hash","value":{}}},{"name":"tcpwrappers_deny","options":{"type":"Hash","value":{}}},{"name":"iptables_rules","options":{"type":"Array","value":[]}},{"name":"firewalld_services_deny","options":{"type":"Hash","value":{}}},{"name":"firewalld_zones","options":{"type":"Array","value":[]}},{"name":"maxlogins_limit","options":{"type":"Numeric","value":10}},{"name":"custom_antivirus","options":{"type":"Boolean","value":false}},{"name":"custom_antivirus_description","options":{"type":"String","value":"None"}},{"name":"custom_hips","options":{"type":"Boolean","value":false}},{"name":"custom_hips_description","options":{"type":"String","value":"An6yTr21kC"}},{"name":"max_daemon_processes","options":{"type":"Numeric","value":1}},{"name":"aide_exclude_patterns","options":{"type":"Array","value":[]}},{"name":"terminal_mux_pkgs","options":{"type":"Array","value":["tmux","screen"]}},{"name":"disallowed_accounts","options":{"value":["games","gopher","ftp"]}},{"name":"grub_superusers","options":{"value":["root"]}},{"name":"efi_user_boot_files","options":{"value":["/boot/efi/EFI/redhat/user.cfg"]}},{"name":"efi_main_cfg","options":{"value":"/boot/efi/EFI/redhat/grub.cfg"}}],"copyright":"MITRE, 2020","copyright_email":"saf@groups.mitre.org","maintainer":"MITRE SAF Team","version":"2.6.0"}}</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>Red Hat Enterprise Linux 7 STIG</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>The Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems.  Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+					<SID_DATA>Release: 6</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>Apache-2.0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71973</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86597r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that a file integrity tool verifies the baseline operating system configuration
-at least weekly.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+at least weekly.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unauthorized changes to the baseline configuration could make the
 system vulnerable to various attacks or allow unauthorized access to the
 operating system. Changes to operating system configurations can have
@@ -103,17 +98,17 @@ unintended side effects, some of which may be relevant to security.
 
     Detecting such changes and providing an automated response can help avoid
 unintended, negative consequences that could ultimately affect the security
-state of the operating system. The operating system&#39;s Information Management
-Officer (IMO)&#x2F;Information System Security Officer (ISSO) and System
-Administrators (SAs) must be notified via email and&#x2F;or monitoring system trap
-when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+state of the operating system. The operating system's Information Management
+Officer (IMO)/Information System Security Officer (ISSO) and System
+Administrators (SAs) must be notified via email and/or monitoring system trap
+when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system routinely checks the baseline configuration for
 unauthorized changes.
 
@@ -136,308 +131,296 @@ command used in the example will use a daily occurrence.
 the file integrity application. For example, if AIDE is installed on the
 system, use the following command:
 
-    # ls -al &#x2F;etc&#x2F;cron.* | grep aide
+    # ls -al /etc/cron.* | grep aide
     -rwxr-xr-x 1 root root 29 Nov 22 2015 aide
 
-    # grep aide &#x2F;etc&#x2F;crontab &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root
-    &#x2F;etc&#x2F;crontab: 30 04 * * * &#x2F;root&#x2F;aide
-    &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root: 30 04 * * * &#x2F;root&#x2F;aide
+    # grep aide /etc/crontab /var/spool/cron/root
+    /etc/crontab: 30 04 * * * /root/aide
+    /var/spool/cron/root: 30 04 * * * /root/aide
 
     If the file integrity application does not exist, or a script file
 controlling the execution of the file integrity application does not exist,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to run automatically on the system at
 least weekly. The following example output is generic. It will set cron to run
 AIDE daily, but other file integrity tools may be used:
 
-    # more &#x2F;etc&#x2F;cron.daily&#x2F;aide
-    #!&#x2F;bin&#x2F;bash
-
-    &#x2F;usr&#x2F;sbin&#x2F;aide --check | &#x2F;bin&#x2F;mail -s &quot;$HOSTNAME - Daily aide integrity
-check run&quot; root@sysname.mil</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bfe7499a-6b0b-4bec-b0a4-4dc49a4ad2a9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-File &#x2F;etc&#x2F;cron.daily&#x2F;aide is expected to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81017</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95729r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # more /etc/cron.daily/aide
+    #!/bin/bash
+
+    /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity
+check run" root@sysname.mil</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71973\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat a file integrity tool verifies the baseline operating system configuration\nat least weekly.\"\n  desc  \"Unauthorized changes to the baseline configuration could make the\nsystem vulnerable to various attacks or allow unauthorized access to the\noperating system. Changes to operating system configurations can have\nunintended side effects, some of which may be relevant to security.\n\n    Detecting such changes and providing an automated response can help avoid\nunintended, negative consequences that could ultimately affect the security\nstate of the operating system. The operating system's Information Management\nOfficer (IMO)/Information System Security Officer (ISSO) and System\nAdministrators (SAs) must be notified via email and/or monitoring system trap\nwhen there is an unauthorized modification of a configuration item.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system routinely checks the baseline configuration for\nunauthorized changes.\n\n    Note: A file integrity tool other than Advanced Intrusion Detection\nEnvironment (AIDE) may be used, but the tool must be executed at least once per\nweek.\n\n    Check to see if AIDE is installed on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the SA how file integrity checks are\nperformed on the system.\n\n    Check for the presence of a cron job running daily or weekly on the system\nthat executes AIDE daily to scan for changes to the system baseline. The\ncommand used in the example will use a daily occurrence.\n\n    Check the cron directories for a script file controlling the execution of\nthe file integrity application. For example, if AIDE is installed on the\nsystem, use the following command:\n\n    # ls -al /etc/cron.* | grep aide\n    -rwxr-xr-x 1 root root 29 Nov 22 2015 aide\n\n    # grep aide /etc/crontab /var/spool/cron/root\n    /etc/crontab: 30 04 * * * /root/aide\n    /var/spool/cron/root: 30 04 * * * /root/aide\n\n    If the file integrity application does not exist, or a script file\ncontrolling the execution of the file integrity application does not exist,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to run automatically on the system at\nleast weekly. The following example output is generic. It will set cron to run\nAIDE daily, but other file integrity tools may be used:\n\n    # more /etc/cron.daily/aide\n    #!/bin/bash\n\n    /usr/sbin/aide --check | /bin/mail -s \\\"$HOSTNAME - Daily aide integrity\ncheck run\\\" root@sysname.mil\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000363-GPOS-00150\"\n  tag gid: \"V-71973\"\n  tag rid: \"SV-86597r2_rule\"\n  tag stig_id: \"RHEL-07-020030\"\n  tag fix_id: \"F-78325r2_fix\"\n  tag cci: [\"CCI-001744\"]\n  tag nist: [\"CM-3 (5)\", \"Rev_4\"]\n\n  file_integrity_tool = input('file_integrity_tool')\n  file_integrity_interval = input('file_integrity_interval')\n\n  describe package(file_integrity_tool) do\n    it { should be_installed }\n  end\n\n  if file_integrity_interval == 'monthly'\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      describe file(\"/etc/cron.monthly/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('months') { should cmp '*' }\n          its('weekdays') { should cmp '*' }\n        end\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('days') { should cmp '*' }\n          its('months') { should cmp '*' }\n        end\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('months') { should cmp '*' }\n        its('weekdays') { should cmp '*' }\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('days') { should cmp '*' }\n        its('months') { should cmp '*' }\n      end\n    end\n  elsif file_integrity_interval == 'weekly'\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('days') { should cmp '*' }\n          its('months') { should cmp '*' }\n        end\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('days') { should cmp '*' }\n        its('months') { should cmp '*' }\n      end\n    end\n  elsif file_integrity_interval == 'daily'\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('days') { should cmp '*' }\n          its('months') { should cmp '*' }\n          its('weekdays') { should cmp '*' }\n        end\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('days') { should cmp '*' }\n        its('months') { should cmp '*' }\n        its('weekdays') { should cmp '*' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST File /etc/cron.daily/aide is expected to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81017</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95729r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must configure the
-au-remote plugin to off-load audit logs using the audisp-remote daemon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+au-remote plugin to off-load audit logs using the audisp-remote daemon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
 storage capacity.
 
-    Without the configuration of the &quot;au-remote&quot; plugin, the audisp-remote
-daemon will not off load the logs from the system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the &quot;au-remote&quot; plugin is configured to always off-load audit logs
+    Without the configuration of the "au-remote" plugin, the audisp-remote
+daemon will not off load the logs from the system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the "au-remote" plugin is configured to always off-load audit logs
 using the audisp-remote daemon:
 
-    # cat &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf | grep -v &quot;^#&quot;
+    # cat /etc/audisp/plugins.d/au-remote.conf | grep -v "^#"
 
-    active &#x3D; yes
-    direction &#x3D; out
-    path &#x3D; &#x2F;sbin&#x2F;audisp-remote
-    type &#x3D; always
-    format &#x3D; string
+    active = yes
+    direction = out
+    path = /sbin/audisp-remote
+    type = always
+    format = string
 
-    If the &quot;direction&quot; setting is not set to &quot;out&quot;, or the line is
+    If the "direction" setting is not set to "out", or the line is
 commented out, this is a finding.
 
-    If the &quot;path&quot; setting is not set to &quot;&#x2F;sbin&#x2F;audisp-remote&quot;, or the line
+    If the "path" setting is not set to "/sbin/audisp-remote", or the line
 is commented out, this is a finding.
 
-    If the &quot;type&quot; setting is not set to &quot;always&quot;, or the line is commented
-out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf file and add or update the
+    If the "type" setting is not set to "always", or the line is commented
+out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/plugins.d/au-remote.conf file and add or update the
 following values:
 
-    direction &#x3D; out
-    path &#x3D; &#x2F;sbin&#x2F;audisp-remote
-    type &#x3D; always
+    direction = out
+    path = /sbin/audisp-remote
+    type = always
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8206cbe8-1a67-4905-8b1c-5ecac93caa69</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This test cannot be checked in a automated fashion and you must check it manually
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This check must be performed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95717r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010482</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81017\" do\n  title \"The Red Hat Enterprise Linux operating system must configure the\nau-remote plugin to off-load audit logs using the audisp-remote daemon.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    Without the configuration of the \\\"au-remote\\\" plugin, the audisp-remote\ndaemon will not off load the logs from the system being audited.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the \\\"au-remote\\\" plugin is configured to always off-load audit logs\nusing the audisp-remote daemon:\n\n    # cat /etc/audisp/plugins.d/au-remote.conf | grep -v \\\"^#\\\"\n\n    active = yes\n    direction = out\n    path = /sbin/audisp-remote\n    type = always\n    format = string\n\n    If the \\\"direction\\\" setting is not set to \\\"out\\\", or the line is\ncommented out, this is a finding.\n\n    If the \\\"path\\\" setting is not set to \\\"/sbin/audisp-remote\\\", or the line\nis commented out, this is a finding.\n\n    If the \\\"type\\\" setting is not set to \\\"always\\\", or the line is commented\nout, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/plugins.d/au-remote.conf file and add or update the\nfollowing values:\n\n    direction = out\n    path = /sbin/audisp-remote\n    type = always\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81017\"\n  tag rid: \"SV-95729r1_rule\"\n  tag stig_id: \"RHEL-07-030201\"\n  tag fix_id: \"F-87851r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  test_file = '/etc/audisp/plugins.d/au-remote.conf'\n\n  if file(test_file).exist?\n    describe parse_config_file(test_file) do\n      its('direction') { should match %r{out$} }\n      its('path') { should match %r{/sbin/audisp-remote$} }\n      its('type') { should match %r{always$} }\n    end\n  else\n    describe \"File '#{test_file}' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '#{test_file}' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually :: SKIP_MESSAGE File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This check must be performed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95717r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010482</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems version 7.2 or newer with a
-Basic Input&#x2F;Output System (BIOS) must require authentication upon booting into
-single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Basic Input/Output System (BIOS) must require authentication upon booting into
+single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use UEFI, this is Not Applicable.
 
     For systems that are running a version of RHEL prior to 7.2, this is Not
@@ -446,22 +429,22 @@ Applicable.
     Check to see if an encrypted root password is set. On systems that use a
 BIOS, use the following command:
 
-    # grep -iw grub2_password &#x2F;boot&#x2F;grub2&#x2F;user.cfg
-    GRUB2_PASSWORD&#x3D;grub.pbkdf2.sha512.[password_hash]
+    # grep -iw grub2_password /boot/grub2/user.cfg
+    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
 
-    If the root password does not begin with &quot;grub.pbkdf2.sha512&quot;, this is a
+    If the root password does not begin with "grub.pbkdf2.sha512", this is a
 finding.
 
-    Verify that the &quot;root&quot; account is set as the &quot;superusers&quot;:
+    Verify that the "root" account is set as the "superusers":
 
-    # grep -iw &quot;superusers&quot; &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
-        set superusers&#x3D;&quot;root&quot;
+    # grep -iw "superusers" /boot/grub2/grub.cfg
+        set superusers="root"
         export superusers
 
-    If &quot;superusers&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "superusers" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -472,703 +455,673 @@ finding.
     Enter password:
     Confirm password:
 
-    Edit the &#x2F;boot&#x2F;grub2&#x2F;grub.cfg file and add or modify the following lines in
-the &quot;### BEGIN &#x2F;etc&#x2F;grub.d&#x2F;01_users ###&quot; section:
-
-    set superusers&#x3D;&quot;root&quot;
-    export superusers</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f6d2cfa1-f34e-4dcb-a7bb-6e6b08941e1c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;boot&#x2F;grub2&#x2F;user.cfg
-Can&#39;t find file: &#x2F;boot&#x2F;grub2&#x2F;user.cfg
---------------------------------
-passed
-Parse Config File &#x2F;boot&#x2F;grub2&#x2F;grub.cfg set superusers is expected to cmp &#x3D;&#x3D; &quot;\&quot;root\&quot;&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71957</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86581r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010460</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Edit the /boot/grub2/grub.cfg file and add or modify the following lines in
+the "### BEGIN /etc/grub.d/01_users ###" section:
+
+    set superusers="root"
+    export superusers</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81005\" do\n  title \"Red Hat Enterprise Linux operating systems version 7.2 or newer with a\nBasic Input/Output System (BIOS) must require authentication upon booting into\nsingle-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use UEFI, this is Not Applicable.\n\n    For systems that are running a version of RHEL prior to 7.2, this is Not\nApplicable.\n\n    Check to see if an encrypted root password is set. On systems that use a\nBIOS, use the following command:\n\n    # grep -iw grub2_password /boot/grub2/user.cfg\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the root password does not begin with \\\"grub.pbkdf2.sha512\\\", this is a\nfinding.\n\n    Verify that the \\\"root\\\" account is set as the \\\"superusers\\\":\n\n    # grep -iw \\\"superusers\\\" /boot/grub2/grub.cfg\n        set superusers=\\\"root\\\"\n        export superusers\n\n    If \\\"superusers\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-setpassword\n    Enter password:\n    Confirm password:\n\n    Edit the /boot/grub2/grub.cfg file and add or modify the following lines in\nthe \\\"### BEGIN /etc/grub.d/01_users ###\\\" section:\n\n    set superusers=\\\"root\\\"\n    export superusers\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-81005\"\n  tag rid: \"SV-95717r1_rule\"\n  tag stig_id: \"RHEL-07-010482\"\n  tag fix_id: \"F-87839r2_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  if file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe \"System running UEFI\" do\n      skip \"The System is running UEFI, this control is Not Applicable.\"\n    end\n  else\n    unless os[:release] &gt;= \"7.2\"\n      impact 0.0\n      describe \"System running version of RHEL prior to 7.2\" do\n        skip \"The System is running an outdated version of RHEL, this control is Not Applicable.\"\n      end\n    else\n      impact 0.7\n      input('grub_user_boot_files').each do |grub_user_file|\n        describe parse_config_file(grub_user_file) do\n          its('GRUB2_PASSWORD') { should include \"grub.pbkdf2.sha512\"}\n        end\n      end\n\n      describe parse_config_file(input('grub_main_cfg')) do\n        its('set superusers') { should cmp '\"root\"' }  \n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /boot/grub2/user.cfg :: SKIP_MESSAGE Can't find file: /boot/grub2/user.cfg
+--------------------------------
+passed :: TEST Parse Config File /boot/grub2/grub.cfg set superusers is expected to cmp == "\"root\""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71957</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86581r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010460</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow users to
-override SSH environment variables.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+override SSH environment variables.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow users to override environment
 variables to the SSH daemon.
 
-    Check for the value of the &quot;PermitUserEnvironment&quot; keyword with the
+    Check for the value of the "PermitUserEnvironment" keyword with the
 following command:
 
-    # grep -i permituserenvironment &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i permituserenvironment /etc/ssh/sshd_config
     PermitUserEnvironment no
 
-    If the &quot;PermitUserEnvironment&quot; keyword is not set to &quot;no&quot;, is missing,
-or is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PermitUserEnvironment" keyword is not set to "no", is missing,
+or is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow users to override environment
 variables to the SSH daemon.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for
-&quot;PermitUserEnvironment&quot; keyword and set the value to &quot;no&quot;:
+    Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for
+"PermitUserEnvironment" keyword and set the value to "no":
 
     PermitUserEnvironment no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>32ada761-6572-4a8e-9889-d1475b04985d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PermitUserEnvironment is expected to eq &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77823</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92519r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010481</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71957\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow users to\noverride SSH environment variables.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow users to override environment\nvariables to the SSH daemon.\n\n    Check for the value of the \\\"PermitUserEnvironment\\\" keyword with the\nfollowing command:\n\n    # grep -i permituserenvironment /etc/ssh/sshd_config\n    PermitUserEnvironment no\n\n    If the \\\"PermitUserEnvironment\\\" keyword is not set to \\\"no\\\", is missing,\nor is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow users to override environment\nvariables to the SSH daemon.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for\n\\\"PermitUserEnvironment\\\" keyword and set the value to \\\"no\\\":\n\n    PermitUserEnvironment no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71957\"\n  tag rid: \"SV-86581r3_rule\"\n  tag stig_id: \"RHEL-07-010460\"\n  tag fix_id: \"F-78309r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('PermitUserEnvironment') { should eq 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PermitUserEnvironment is expected to eq "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77823</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92519r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010481</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must require
-authentication upon booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+authentication upon booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
-maintenance mode is granted privileged access to all files on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintenance mode is granted privileged access to all files on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must require authentication upon booting into
 single-user and maintenance modes.
 
     Check that the operating system requires authentication upon booting into
 single-user mode with the following command:
 
-    # grep -i execstart &#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;rescue.service | grep -i sulogin
+    # grep -i execstart /usr/lib/systemd/system/rescue.service | grep -i sulogin
 
-    ExecStart&#x3D;-&#x2F;bin&#x2F;sh -c &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin; &#x2F;usr&#x2F;bin&#x2F;systemctl --fail
---no-block default&quot;
+    ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail
+--no-block default"
 
-    If &quot;ExecStart&quot; does not have &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin&quot; as an option, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "ExecStart" does not have "/usr/sbin/sulogin" as an option, this is
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require authentication upon booting into
 single-user and maintenance modes.
 
-    Add or modify the &quot;ExecStart&quot; line in
-&quot;&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;rescue.service&quot; to include &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin&quot;:
-
-    ExecStart&#x3D;-&#x2F;bin&#x2F;sh -c &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin; &#x2F;usr&#x2F;bin&#x2F;systemctl --fail
---no-block default&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e772e738-6f2a-4ad9-aa64-dd981c6244fc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -i execstart &#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;rescue.service&#x60; stdout.strip is expected to match &#x2F;\&#x2F;usr\&#x2F;sbin\&#x2F;sulogin&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72243</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86867r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the "ExecStart" line in
+"/usr/lib/systemd/system/rescue.service" to include "/usr/sbin/sulogin":
+
+    ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail
+--no-block default"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-77823\" do\n  title \"The Red Hat Enterprise Linux operating system must require\nauthentication upon booting into single-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must require authentication upon booting into\nsingle-user and maintenance modes.\n\n    Check that the operating system requires authentication upon booting into\nsingle-user mode with the following command:\n\n    # grep -i execstart /usr/lib/systemd/system/rescue.service | grep -i sulogin\n\n    ExecStart=-/bin/sh -c \\\"/usr/sbin/sulogin; /usr/bin/systemctl --fail\n--no-block default\\\"\n\n    If \\\"ExecStart\\\" does not have \\\"/usr/sbin/sulogin\\\" as an option, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require authentication upon booting into\nsingle-user and maintenance modes.\n\n    Add or modify the \\\"ExecStart\\\" line in\n\\\"/usr/lib/systemd/system/rescue.service\\\" to include \\\"/usr/sbin/sulogin\\\":\n\n    ExecStart=-/bin/sh -c \\\"/usr/sbin/sulogin; /usr/bin/systemctl --fail\n--no-block default\\\"\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-77823\"\n  tag rid: \"SV-92519r2_rule\"\n  tag stig_id: \"RHEL-07-010481\"\n  tag fix_id: \"F-84523r2_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  describe command(\"grep -i execstart /usr/lib/systemd/system/rescue.service\") do\n    its('stdout.strip') { should match %r{/usr/sbin/sulogin} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -i execstart /usr/lib/systemd/system/rescue.service` stdout.strip is expected to match /\/usr\/sbin\/sulogin/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72243</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86867r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon does not allow authentication using rhosts authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon does not allow authentication using rhosts authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not allow authentication using known hosts
 authentication.
 
-    To determine how the SSH daemon&#39;s &quot;IgnoreRhosts&quot; option is set, run the
+    To determine how the SSH daemon's "IgnoreRhosts" option is set, run the
 following command:
 
-    # grep -i IgnoreRhosts &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i IgnoreRhosts /etc/ssh/sshd_config
 
     IgnoreRhosts yes
 
-    If the value is returned as &quot;no&quot;, the returned line is commented out, or
-no output is returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is returned as "no", the returned line is commented out, or
+no output is returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH daemon to not allow authentication using known hosts
 authentication.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;, or uncomment the line
-and set the value to &quot;yes&quot;:
-
-    IgnoreRhosts yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a143abd7-9ded-4334-bf6d-05a814c6b4c8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration IgnoreRhosts is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-79001</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93707r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030821</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add the following line in "/etc/ssh/sshd_config", or uncomment the line
+and set the value to "yes":
+
+    IgnoreRhosts yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72243\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using rhosts authentication.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not allow authentication using known hosts\nauthentication.\n\n    To determine how the SSH daemon's \\\"IgnoreRhosts\\\" option is set, run the\nfollowing command:\n\n    # grep -i IgnoreRhosts /etc/ssh/sshd_config\n\n    IgnoreRhosts yes\n\n    If the value is returned as \\\"no\\\", the returned line is commented out, or\nno output is returned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH daemon to not allow authentication using known hosts\nauthentication.\n\n    Add the following line in \\\"/etc/ssh/sshd_config\\\", or uncomment the line\nand set the value to \\\"yes\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72243\"\n  tag rid: \"SV-86867r3_rule\"\n  tag stig_id: \"RHEL-07-040350\"\n  tag fix_id: \"F-78597r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('IgnoreRhosts') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration IgnoreRhosts is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-79001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93707r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030821</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the finit_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the finit_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;finit_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "finit_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw finit_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw finit_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S finit_module -k module-change
+    -a always,exit -F arch=b32 -S finit_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S finit_module -k module-change
+    -a always,exit -F arch=b64 -S finit_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;finit_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"finit_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;finit_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S finit_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S finit_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b22fceeb-9187-4cd9-9aa5-64b5af9bbc23</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71967</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86591r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "finit_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S finit_module -k module-change
+
+    -a always,exit -F arch=b64 -S finit_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-79001\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe finit_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"finit_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw finit_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S finit_module -k module-change\n\n    -a always,exit -F arch=b64 -S finit_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"finit_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"finit_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S finit_module -k module-change\n\n    -a always,exit -F arch=b64 -S finit_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-79001\"\n  tag rid: \"SV-93707r3_rule\"\n  tag stig_id: \"RHEL-07-030821\"\n  tag fix_id: \"F-85751r3_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"finit_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"finit_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71967</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86591r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the
-rsh-server package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+rsh-server package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>It is detrimental for operating systems to provide, or install by
 default, functionality exceeding requirements or mission objectives. These
 unnecessary capabilities or services are often overlooked and therefore may
@@ -1185,147 +1138,142 @@ does not provide for the confidentiality and integrity of user passwords or the
 remote session and has very weak authentication.
 
     If a privileged user were to log on using this service, the privileged user
-password could be compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+password could be compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check to see if the rsh-server package is installed with the following
 command:
 
     # yum list installed rsh-server
 
-    If the rsh-server package is installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the rsh-server package is installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable non-essential capabilities by
 removing the rsh-server package from the system with the following command:
 
-    # yum remove rsh-server</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f51f75ad-34dd-4cdc-ad0f-146c36fe0473</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package rsh-server is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72301</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86925r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # yum remove rsh-server</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71967\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the\nrsh-server package installed.\"\n  desc  \"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check to see if the rsh-server package is installed with the following\ncommand:\n\n    # yum list installed rsh-server\n\n    If the rsh-server package is installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable non-essential capabilities by\nremoving the rsh-server package from the system with the following command:\n\n    # yum remove rsh-server\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000095-GPOS-00049\"\n  tag gid: \"V-71967\"\n  tag rid: \"SV-86591r2_rule\"\n  tag stig_id: \"RHEL-07-020000\"\n  tag fix_id: \"F-78319r1_fix\"\n  tag cci: [\"CCI-000381\"]\n  tag nist: [\"CM-7 a\", \"Rev_4\"]\n\n  describe package(\"rsh-server\") do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package rsh-server is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72301</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86925r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the
 Trivial File Transfer Protocol (TFTP) server package installed if not required
-for operational support.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+for operational support.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If TFTP is required for operational support (such as the transmission
 of router configurations) its use must be documented with the Information
 System Security Officer (ISSO), restricted to only authorized personnel, and
-have access control rules established.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+have access control rules established.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify a TFTP server has not been installed on the system.
 
     Check to see if a TFTP server has been installed with the following command:
@@ -1334,793 +1282,759 @@ have access control rules established.</ATTRIBUTE_DATA>
     tftp-server-0.49-9.el7.x86_64.rpm
 
     If TFTP is installed and the requirement for TFTP is not documented with
-the ISSO, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+the ISSO, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remove the TFTP package from the system with the following command:
 
-# yum remove tftp-server</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6507887c-c4d5-4ad9-86b0-2536aec92d04</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package tftp-server is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72147</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86771r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+# yum remove tftp-server</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72301\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the\nTrivial File Transfer Protocol (TFTP) server package installed if not required\nfor operational support.\"\n  desc  \"If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify a TFTP server has not been installed on the system.\n\n    Check to see if a TFTP server has been installed with the following command:\n\n    # yum list installed tftp-server\n    tftp-server-0.49-9.el7.x86_64.rpm\n\n    If TFTP is installed and the requirement for TFTP is not documented with\nthe ISSO, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Remove the TFTP package from the system with the following command:\n\n    # yum remove tftp-server\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72301\"\n  tag rid: \"SV-86925r2_rule\"\n  tag stig_id: \"RHEL-07-040700\"\n  tag fix_id: \"F-78655r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  describe package('tftp-server') do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package tftp-server is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72147</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86771r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
-records for all successful account access events.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+records for all successful account access events.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when successful account
 access events occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -i &#x2F;var&#x2F;log&#x2F;lastlog &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /var/log/lastlog /etc/audit/audit.rules
 
-    -w &#x2F;var&#x2F;log&#x2F;lastlog -p wa -k logins
+    -w /var/log/lastlog -p wa -k logins
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when successful
 account access events occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;var&#x2F;log&#x2F;lastlog -p wa -k logins
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>be38adb6-51b5-4981-9b46-bab71c6aabc7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;log&#x2F;lastlog&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;log&#x2F;lastlog&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71921</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86545r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /var/log/lastlog -p wa -k logins
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72147\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all successful account access events.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when successful account\naccess events occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -i /var/log/lastlog /etc/audit/audit.rules\n\n    -w /var/log/lastlog -p wa -k logins\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when successful\naccount access events occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /var/log/lastlog -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000470-GPOS-00214\",\n\"SRG-OS-000473-GPOS-00218\"]\n  tag gid: \"V-72147\"\n  tag rid: \"SV-86771r3_rule\"\n  tag stig_id: \"RHEL-07-030620\"\n  tag fix_id: \"F-78499r3_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/var/log/lastlog'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/var/log/lastlog" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/var/log/lastlog" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71921</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86545r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-use the shadow file to store only encrypted representations of passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+use the shadow file to store only encrypted representations of passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Passwords need to be protected at all times, and encryption is the
 standard method for protecting passwords. If passwords are not encrypted, they
 can be plainly read (i.e., clear text) and easily compromised. Passwords
 encrypted with a weak algorithm are no more protected than if they are kept in
-plain text.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the system&#39;s shadow file is configured to store only encrypted
+plain text.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the system's shadow file is configured to store only encrypted
 representations of passwords. The strength of encryption that must be used to
 hash passwords for all accounts is SHA512.
 
     Check that the system is configured to create SHA512 hashed passwords with
 the following command:
 
-    # grep -i encrypt &#x2F;etc&#x2F;login.defs
+    # grep -i encrypt /etc/login.defs
     ENCRYPT_METHOD SHA512
 
-    If the &quot;&#x2F;etc&#x2F;login.defs&quot; configuration file does not exist or allows for
-password hashes other than SHA512 to be used, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "/etc/login.defs" configuration file does not exist or allows for
+password hashes other than SHA512 to be used, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to store only SHA512 encrypted
 representations of passwords.
 
-    Add or update the following line in &quot;&#x2F;etc&#x2F;login.defs&quot;:
-
-    ENCRYPT_METHOD SHA512</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>266f5304-5074-4ca2-a29d-16dc0c81de77</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs ENCRYPT_METHOD is expected to cmp &#x3D;&#x3D; &quot;SHA512&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86829r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030910</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following line in "/etc/login.defs":
+
+    ENCRYPT_METHOD SHA512</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71921\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nuse the shadow file to store only encrypted representations of passwords.\"\n  desc  \"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised. Passwords\nencrypted with a weak algorithm are no more protected than if they are kept in\nplain text.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system's shadow file is configured to store only encrypted\nrepresentations of passwords. The strength of encryption that must be used to\nhash passwords for all accounts is SHA512.\n\n    Check that the system is configured to create SHA512 hashed passwords with\nthe following command:\n\n    # grep -i encrypt /etc/login.defs\n    ENCRYPT_METHOD SHA512\n\n    If the \\\"/etc/login.defs\\\" configuration file does not exist or allows for\npassword hashes other than SHA512 to be used, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to store only SHA512 encrypted\nrepresentations of passwords.\n\n    Add or update the following line in \\\"/etc/login.defs\\\":\n\n    ENCRYPT_METHOD SHA512\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000073-GPOS-00041\"\n  tag gid: \"V-71921\"\n  tag rid: \"SV-86545r2_rule\"\n  tag stig_id: \"RHEL-07-010210\"\n  tag fix_id: \"F-78273r1_fix\"\n  tag cci: [\"CCI-000196\"]\n  tag nist: [\"IA-5 (1) (c)\", \"Rev_4\"]\n\n  describe login_defs do\n    its('ENCRYPT_METHOD') { should cmp \"SHA512\" }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs ENCRYPT_METHOD is expected to cmp == "SHA512"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86829r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030910</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the unlink syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the unlink syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlink&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlink" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw unlink &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw unlink /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;unlink&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"unlink" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlink&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlink" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4bc4a70f-7bc2-4b8c-9021-ac09d24b0def</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72111</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86735r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72205\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe unlink syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlink\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw unlink /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"unlink\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlink\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72205\"\n  tag rid: \"SV-86829r5_rule\"\n  tag stig_id: \"RHEL-07-030910\"\n  tag fix_id: \"F-78559r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"unlink\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"unlink\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "unlink" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlink" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlink" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlink" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72111</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86735r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the setxattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the setxattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "setxattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw setxattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw setxattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;setxattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"setxattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "setxattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4f0fd0c6-69d8-479b-81b2-a99521c31e71</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71961</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86585r6_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72111\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe setxattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"setxattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw setxattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"setxattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"setxattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72111\"\n  tag rid: \"SV-86735r5_rule\"\n  tag stig_id: \"RHEL-07-030440\"\n  tag fix_id: \"F-78463r8_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"setxattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"setxattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71961</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86585r6_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems prior to version 7.2 with a
-Basic Input&#x2F;Output System (BIOS) must require authentication upon booting into
-single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Basic Input/Output System (BIOS) must require authentication upon booting into
+single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use UEFI, this is Not Applicable.
     For systems that are running RHEL 7.2 or newer, this is Not Applicable.
 
     Check to see if an encrypted root password is set. On systems that use a
 BIOS, use the following command:
 
-    # grep -i password_pbkdf2 &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # grep -i password_pbkdf2 /boot/grub2/grub.cfg
 
     password_pbkdf2 [superusers-account] [password-hash]
 
-    If the root password entry does not begin with &quot;password_pbkdf2&quot;, this is
+    If the root password entry does not begin with "password_pbkdf2", this is
 a finding.
 
-    If the &quot;superusers-account&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "superusers-account" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -2134,140 +2048,131 @@ a finding.
     PBKDF2 hash of your password is
 grub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45
 
-    Edit &quot;&#x2F;etc&#x2F;grub.d&#x2F;40_custom&quot; and add the following lines below the
+    Edit "/etc/grub.d/40_custom" and add the following lines below the
 comments:
 
-    # vi &#x2F;etc&#x2F;grub.d&#x2F;40_custom
+    # vi /etc/grub.d/40_custom
 
-    set superusers&#x3D;&quot;root&quot;
+    set superusers="root"
 
     password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}
 
-    Generate a new &quot;grub.conf&quot; file with the new password with the following
+    Generate a new "grub.conf" file with the new password with the following
 commands:
 
-    # grub2-mkconfig --output&#x3D;&#x2F;tmp&#x2F;grub2.cfg
-    # mv &#x2F;tmp&#x2F;grub2.cfg &#x2F;boot&#x2F;grub2&#x2F;grub.cfg</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bd86b573-d02b-4836-a573-5eaa92a29dcf</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-There must be only one grub2 superuser, and it must have the value root length is expected to cmp &#x3D;&#x3D; 1
---------------------------------
-passed
-There must be only one grub2 superuser, and it must have the value root first is expected to cmp &#x3D;&#x3D; &quot;root&quot;
---------------------------------
-passed
-The grub2 superuser password entry must begin with &#39;password_pbkdf2&#39; is expected to include &quot;password_pbkdf2&quot;
---------------------------------
-passed
-The grub2 superuser password entry must begin with &#39;password_pbkdf2&#39; length is expected to be &gt;&#x3D; 1
---------------------------------
-passed
-The grub2 superuser account password should be encrypted with pbkdf2. is expected to match &#x2F;password_pbkdf2\sroot\sgrub\.pbkdf2&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72295</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86919r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040670</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grub2-mkconfig --output=/tmp/grub2.cfg
+    # mv /tmp/grub2.cfg /boot/grub2/grub.cfg</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71961\" do\n  title \"Red Hat Enterprise Linux operating systems prior to version 7.2 with a\nBasic Input/Output System (BIOS) must require authentication upon booting into\nsingle-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use UEFI, this is Not Applicable.\n    For systems that are running RHEL 7.2 or newer, this is Not Applicable.\n\n    Check to see if an encrypted root password is set. On systems that use a\nBIOS, use the following command:\n\n    # grep -i password_pbkdf2 /boot/grub2/grub.cfg\n\n    password_pbkdf2 [superusers-account] [password-hash]\n\n    If the root password entry does not begin with \\\"password_pbkdf2\\\", this is\na finding.\n\n    If the \\\"superusers-account\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-mkpasswd-pbkdf2\n\n    Enter Password:\n    Reenter Password:\n    PBKDF2 hash of your password is\ngrub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45\n\n    Edit \\\"/etc/grub.d/40_custom\\\" and add the following lines below the\ncomments:\n\n    # vi /etc/grub.d/40_custom\n\n    set superusers=\\\"root\\\"\n\n    password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}\n\n    Generate a new \\\"grub.conf\\\" file with the new password with the following\ncommands:\n\n    # grub2-mkconfig --output=/tmp/grub2.cfg\n    # mv /tmp/grub2.cfg /boot/grub2/grub.cfg\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-71961\"\n  tag rid: \"SV-86585r6_rule\"\n  tag stig_id: \"RHEL-07-010480\"\n  tag fix_id: \"F-78313r3_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  grub_superuser = input('grub_superuser')\n  grub_user_boot_files = input('grub_user_boot_files')\n  grub_main_cfg = input('grub_main_cfg')\n\n  grub_main_content = file(grub_main_cfg).content\n\n  # Check if any additional superusers are set\n  pattern = %r{\\s*set superusers=\\\"(\\w+)\\\"}i\n  matches = grub_main_content.match(pattern)\n  superusers = matches.nil? ? [] : matches.captures\n  describe \"There must be only one grub2 superuser, and it must have the value #{grub_superuser}\" do\n    subject { superusers }\n    its('length') { should cmp 1 }\n    its('first') { should cmp grub_superuser }\n  end\n\n  # Need each password entry that has the superuser\n  pattern = %r{(.*)\\s#{grub_superuser}\\s}i\n  matches = grub_main_content.match(pattern)\n  password_entries = matches.nil? ? [] : matches.captures\n  # Each of the entries should start with password_pbkdf2\n  describe 'The grub2 superuser password entry must begin with \\'password_pbkdf2\\'' do\n    subject { password_entries }\n    its('length') { is_expected.to be &gt;= 1}\n    password_entries.each do |entry|\n      subject { entry }\n      it { should include 'password_pbkdf2'}\n    end\n  end\n\n  # Get lines such as 'password_pbkdf2 root ${ENV}'\n  pattern = %r{password_pbkdf2\\s#{grub_superuser}\\s(\\${\\w+})}i\n  matches = grub_main_content.match(pattern)\n  env_vars = matches.nil? ? [] : matches.captures\n  if env_vars.length &gt; 0\n    # If there is an environment variable in the configuration file check that it is set with correct values by looking\n    # in user.cfg files.\n    env_vars = env_vars.map { |env_var| env_var.gsub(/[${}]/, '') }\n    present_user_boot_files = grub_user_boot_files.select { |user_boot_file| file(user_boot_file).exist? }\n    describe 'grub2 user configuration files for the superuser should be present if they set an environment variable' do\n      subject { present_user_boot_files }\n      its('length') { is_expected.to be &gt;= 1 }\n      present_user_boot_files.each do |user_boot_file|\n        env_vars.each do |env_var|\n          describe \"#{user_boot_file} should set #{env_var} to a pbkdf2 value\" do\n              subject { file(user_boot_file) }\n              its('content') { should match %r{^#{env_var}=grub.pbkdf2}i }\n          end\n        end\n      end\n    end\n  else\n    # If there are no environment variable set, look for pbkdf2 after the superuser name\n    pattern = %r{password_pbkdf2\\s#{grub_superuser}\\sgrub\\.pbkdf2}i\n    describe 'The grub2 superuser account password should be encrypted with pbkdf2.' do\n      subject { grub_main_content }\n      it { should match pattern }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST There must be only one grub2 superuser, and it must have the value root length is expected to cmp == 1
+--------------------------------
+passed :: TEST There must be only one grub2 superuser, and it must have the value root first is expected to cmp == "root"
+--------------------------------
+passed :: TEST The grub2 superuser password entry must begin with 'password_pbkdf2' is expected to include "password_pbkdf2"
+--------------------------------
+passed :: TEST The grub2 superuser password entry must begin with 'password_pbkdf2' length is expected to be &gt;= 1
+--------------------------------
+passed :: TEST The grub2 superuser account password should be encrypted with pbkdf2. is expected to match /password_pbkdf2\sroot\sgrub\.pbkdf2/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72295</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86919r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040670</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Network interfaces configured on the Red Hat Enterprise Linux
-operating system must not be in promiscuous mode.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+operating system must not be in promiscuous mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Network interfaces in promiscuous mode allow for the capture of all
 network traffic visible to the system. If unauthorized individuals can access
 these applications, it may allow then to collect information such as logon IDs,
@@ -2275,14 +2180,14 @@ passwords, and key exchanges between systems.
 
     If the system is being used to perform a network troubleshooting function,
 the use of these tools must be documented with the Information System Security
-Officer (ISSO) and restricted to only authorized personnel.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Officer (ISSO) and restricted to only authorized personnel.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify network interfaces are not in promiscuous mode unless approved by
 the ISSO and documented.
 
@@ -2291,312 +2196,302 @@ the ISSO and documented.
     # ip link | grep -i promisc
 
     If network interfaces are found on the system in promiscuous mode and their
-use has not been approved by the ISSO and documented, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+use has not been approved by the ISSO and documented, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure network interfaces to turn off promiscuous mode unless approved
 by the ISSO and documented.
 
     Set the promiscuous mode of an interface to off with the following command:
 
-    #ip link set dev &lt;devicename&gt; multicast off promisc off</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1534be7b-f312-48f8-86c7-8608c13543c5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;ip link | grep -i promisc&#x60; stdout.strip is expected to match &#x2F;^$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86667r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    #ip link set dev &lt;devicename&gt; multicast off promisc off</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72295\" do\n  title \"Network interfaces configured on the Red Hat Enterprise Linux\noperating system must not be in promiscuous mode.\"\n  desc  \"Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow then to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify network interfaces are not in promiscuous mode unless approved by\nthe ISSO and documented.\n\n    Check for the status with the following command:\n\n    # ip link | grep -i promisc\n\n    If network interfaces are found on the system in promiscuous mode and their\nuse has not been approved by the ISSO and documented, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure network interfaces to turn off promiscuous mode unless approved\nby the ISSO and documented.\n\n    Set the promiscuous mode of an interface to off with the following command:\n\n    #ip link set dev &lt;devicename&gt; multicast off promisc off\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72295\"\n  tag rid: \"SV-86919r2_rule\"\n  tag stig_id: \"RHEL-07-040670\"\n  tag fix_id: \"F-78649r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe command(\"ip link | grep -i promisc\") do\n    its('stdout.strip') { should match %r{^$} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `ip link | grep -i promisc` stdout.strip is expected to match /^$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86667r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent files with
 the setuid and setgid bit set from being executed on file systems that are used
-with removable media.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute
-&quot;setuid&quot; and &quot;setgid&quot; files with owner privileges. This option must be used
-for mounting any file system not containing approved &quot;setuid&quot; and &quot;setguid&quot;
+with removable media.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute
+"setuid" and "setgid" files with owner privileges. This option must be used
+for mounting any file system not containing approved "setuid" and "setguid"
 files. Executing files from untrusted file systems increases the opportunity
-for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that are used for removable media are mounted with the
-&quot;nosuid&quot; option.
+"nosuid" option.
 
     Check the file systems that are mounted at boot time with the following
 command:
 
-    # more &#x2F;etc&#x2F;fstab
+    # more /etc/fstab
 
-    UUID&#x3D;2bc871e4-e2a3-4f29-9ece-3be60c835222 &#x2F;mnt&#x2F;usbflash vfat
+    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat
 noauto,owner,ro,nosuid 0 0
 
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to removable media and it
-does not have the &quot;nosuid&quot; option set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;nosuid&quot; option on
-file systems that are associated with removable media.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>293726a1-a312-4f85-a121-23c25073db6d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File system &quot;xfs&quot; does not correspond to removable media. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72081</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000046-GPOS-00022</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86705r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If a file system found in "/etc/fstab" refers to removable media and it
+does not have the "nosuid" option set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "nosuid" option on
+file systems that are associated with removable media.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72043\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent files with\nthe setuid and setgid bit set from being executed on file systems that are used\nwith removable media.\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute\n\\\"setuid\\\" and \\\"setgid\\\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \\\"setuid\\\" and \\\"setguid\\\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that are used for removable media are mounted with the\n\\\"nosuid\\\" option.\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    # more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid 0 0\n\n    If a file system found in \\\"/etc/fstab\\\" refers to removable media and it\ndoes not have the \\\"nosuid\\\" option set, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"nosuid\\\" option on\nfile systems that are associated with removable media.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72043\"\n  tag rid: \"SV-86667r2_rule\"\n  tag stig_id: \"RHEL-07-021010\"\n  tag fix_id: \"F-78395r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  non_removable_media_fs = input('non_removable_media_fs')\n\n  file_systems = etc_fstab.params\n  if !file_systems.nil? and !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !\"#{non_removable_media_fs}\".include?(file_sys_line['file_system_type']) then\n        describe file_sys_line['mount_options'] do\n          it { should include 'nosuid' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['file_system_type']}\\\" does not correspond to removable media.\" do\n          subject { \"#{non_removable_media_fs}\".include?(file_sys_line['file_system_type']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe \"No file systems were found.\" do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File system "xfs" does not correspond to removable media. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72081</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000046-GPOS-00022</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86705r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must shut down upon
 audit processing failure, unless availability is an overriding concern. If
 availability is a concern, the system must alert the designated staff (System
 Administrator [SA] and Information System Security Officer [ISSO] at a minimum)
-in the event of an audit processing failure.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+in the event of an audit processing failure.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>It is critical for the appropriate personnel to be aware if a system
 is at risk of failing to process audit logs as required. Without this
 notification, the security personnel may be unaware of an impending failure of
 the audit capability, and system operation may be adversely affected.
 
-    Audit processing failures include software&#x2F;hardware errors, failures in the
+    Audit processing failures include software/hardware errors, failures in the
 audit capturing mechanisms, and audit storage capacity being reached or
 exceeded.
 
     This requirement applies to each audit data storage repository (i.e.,
 distinct information system component where audit records are stored), the
 centralized audit storage capacity of organizations (i.e., all audit data
-storage repositories combined), or both.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage repositories combined), or both.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Confirm the audit configuration regarding how auditing processing failures
 are handled.
 
-    Check to see what level &quot;auditctl&quot; is set to with following command:
+    Check to see what level "auditctl" is set to with following command:
 
-    # auditctl -s | grep -i &quot;fail&quot;
+    # auditctl -s | grep -i "fail"
 
     failure 2
 
-    If the value of &quot;failure&quot; is set to &quot;2&quot;, the system is configured to
+    If the value of "failure" is set to "2", the system is configured to
 panic (shut down) in the event of an auditing failure.
 
-    If the value of &quot;failure&quot; is set to &quot;1&quot;, the system is configured to
+    If the value of "failure" is set to "1", the system is configured to
 only send information to the kernel log regarding the failure.
 
-    If the &quot;failure&quot; setting is not set, this is a CAT I finding.
+    If the "failure" setting is not set, this is a CAT I finding.
 
-    If the &quot;failure&quot; setting is set to any value other than &quot;1&quot; or &quot;2&quot;,
+    If the "failure" setting is set to any value other than "1" or "2",
 this is a CAT II finding.
 
-    If the &quot;failure&quot; setting is set to &quot;1&quot; but the availability concern is
+    If the "failure" setting is set to "1" but the availability concern is
 not documented or there is no monitoring of the kernel log, this is a CAT III
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to shut down in the event of an audit
 processing failure.
 
@@ -2605,7 +2500,7 @@ following command:
 
     # auditctl -f 2
 
-    Edit the &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot; file and add the following line:
+    Edit the "/etc/audit/rules.d/audit.rules" file and add the following line:
 
     -f 2
 
@@ -2616,556 +2511,534 @@ with the following command:
 
     # auditctl -f 1
 
-    Edit the &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot; file and add the following line:
+    Edit the "/etc/audit/rules.d/audit.rules" file and add the following line:
 
     -f 1
 
     Kernel log monitoring must also be configured to properly alert designated
 staff.
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9639449b-60e5-46ef-a901-9df4a5e0dbe0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000139</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-2 is expected to match &#x2F;^(1|2)$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72277</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86901r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040540</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72081\" do\n  title \"The Red Hat Enterprise Linux operating system must shut down upon\naudit processing failure, unless availability is an overriding concern. If\navailability is a concern, the system must alert the designated staff (System\nAdministrator [SA] and Information System Security Officer [ISSO] at a minimum)\nin the event of an audit processing failure.\"\n  desc  \"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Confirm the audit configuration regarding how auditing processing failures\nare handled.\n\n    Check to see what level \\\"auditctl\\\" is set to with following command:\n\n    # auditctl -s | grep -i \\\"fail\\\"\n\n    failure 2\n\n    If the value of \\\"failure\\\" is set to \\\"2\\\", the system is configured to\npanic (shut down) in the event of an auditing failure.\n\n    If the value of \\\"failure\\\" is set to \\\"1\\\", the system is configured to\nonly send information to the kernel log regarding the failure.\n\n    If the \\\"failure\\\" setting is not set, this is a CAT I finding.\n\n    If the \\\"failure\\\" setting is set to any value other than \\\"1\\\" or \\\"2\\\",\nthis is a CAT II finding.\n\n    If the \\\"failure\\\" setting is set to \\\"1\\\" but the availability concern is\nnot documented or there is no monitoring of the kernel log, this is a CAT III\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to shut down in the event of an audit\nprocessing failure.\n\n    Add or correct the option to shut down the operating system with the\nfollowing command:\n\n    # auditctl -f 2\n\n    Edit the \\\"/etc/audit/rules.d/audit.rules\\\" file and add the following line:\n\n    -f 2\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nwith the following command:\n\n    # auditctl -f 1\n\n    Edit the \\\"/etc/audit/rules.d/audit.rules\\\" file and add the following line:\n\n    -f 1\n\n    Kernel log monitoring must also be configured to properly alert designated\nstaff.\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000046-GPOS-00022\"\n  tag satisfies: [\"SRG-OS-000046-GPOS-00022\", \"SRG-OS-000047-GPOS-00023\"]\n  tag gid: \"V-72081\"\n  tag rid: \"SV-86705r4_rule\"\n  tag stig_id: \"RHEL-07-030010\"\n  tag fix_id: \"F-78433r2_fix\"\n  tag cci: [\"CCI-000139\"]\n  tag nist: [\"AU-5 a\", \"Rev_4\"]\n\n  monitor_kernel_log = input('monitor_kernel_log')\n\n  if auditd.status['failure'].nil?\n    impact 0.7\n  elsif auditd.status['failure'].match?(%r{^1$}) &amp;&amp; !monitor_kernel_log\n    impact 0.3\n  else\n    impact 0.5\n  end\n\n  if !monitor_kernel_log\n    describe auditd.status['failure'] do\n      it { should match %r{^2$} }\n    end\n  else\n    describe auditd.status['failure'] do\n      it { should match %r{^(1|2)$} }\n    end\n  end\nend"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000139</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST 2 is expected to match /^(1|2)$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72277</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86901r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040540</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not contain .shosts
-files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The .shosts files are used to configure host-based authentication for
 individual users or the system via SSH. Host-based authentication is not
 sufficient for preventing unauthorized access to the system, as it does not
 require interactive identification and authentication of a connection request,
-or for the use of two-factor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify there are no &quot;.shosts&quot; files on the system.
+or for the use of two-factor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify there are no ".shosts" files on the system.
 
     Check the system for the existence of these files with the following
 command:
 
-    # find &#x2F; -name &#39;*.shosts&#39;
-
-    If any &quot;.shosts&quot; files are found on the system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove any found &quot;.shosts&quot; files from the system.
-
-# rm &#x2F;[path]&#x2F;[to]&#x2F;[file]&#x2F;.shosts</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2e0e7bec-02ed-4568-813f-3170a6735e5e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -name &#39;*.shosts&#39;&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72185</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00215</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86809r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030810</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # find / -name '*.shosts'
+
+    If any ".shosts" files are found on the system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove any found ".shosts" files from the system.
+
+# rm /[path]/[to]/[file]/.shosts</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72277\" do\n  title \"The Red Hat Enterprise Linux operating system must not contain .shosts\nfiles.\"\n  desc  \"The .shosts files are used to configure host-based authentication for\nindividual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify there are no \\\".shosts\\\" files on the system.\n\n    Check the system for the existence of these files with the following\ncommand:\n\n    # find / -name '*.shosts'\n\n    If any \\\".shosts\\\" files are found on the system, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Remove any found \\\".shosts\\\" files from the system.\n\n    # rm /[path]/[to]/[file]/.shosts\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72277\"\n  tag rid: \"SV-86901r2_rule\"\n  tag stig_id: \"RHEL-07-040540\"\n  tag fix_id: \"F-78631r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe command(\"find / -xautofs -name '*.shosts'\") do\n    its('stdout.strip') { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -name '*.shosts'` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72185</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00215</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86809r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030810</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the pam_timestamp_check command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the pam_timestamp_check command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
-responsible for one.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+responsible for one.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;pam_timestamp_check&quot; command
+successful/unsuccessful attempts to use the "pam_timestamp_check" command
 occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw &quot;&#x2F;usr&#x2F;sbin&#x2F;pam_timestamp_check&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw "/usr/sbin/pam_timestamp_check" /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;pam_timestamp_check -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-pam
+    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-pam
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;pam_timestamp_check&quot; command
+successful/unsuccessful attempts to use the "pam_timestamp_check" command
 occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;pam_timestamp_check -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-pam
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fd2405a5-6a99-44dd-b350-2f48329c5f8b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;sbin&#x2F;pam_timestamp_check&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;sbin&#x2F;pam_timestamp_check&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72055</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86679r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021120</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-pam
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72185\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe pam_timestamp_check command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"pam_timestamp_check\\\" command\noccur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw \\\"/usr/sbin/pam_timestamp_check\\\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-pam\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"pam_timestamp_check\\\" command\noccur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-pam\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00215\"\n  tag gid: \"V-72185\"\n  tag rid: \"SV-86809r4_rule\"\n  tag stig_id: \"RHEL-07-030810\"\n  tag fix_id: \"F-78539r4_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  audit_file = '/sbin/pam_timestamp_check'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/sbin/pam_timestamp_check" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/sbin/pam_timestamp_check" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72055</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86679r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021120</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the cron.allow file, if it exists, is group-owned by root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the group owner of the &quot;cron.allow&quot; file is not set to root,
-sensitive information could be viewed or edited by unauthorized users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;cron.allow&quot; file is group-owned by root.
-
-    Check the group owner of the &quot;cron.allow&quot; file with the following command:
-
-    # ls -al &#x2F;etc&#x2F;cron.allow
-    -rw------- 1 root root 6 Mar  5  2011 &#x2F;etc&#x2F;cron.allow
-
-    If the &quot;cron.allow&quot; file exists and has a group owner other than root,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Set the group owner on the &quot;&#x2F;etc&#x2F;cron.allow&quot; file to root with the
+that the cron.allow file, if it exists, is group-owned by root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the group owner of the "cron.allow" file is not set to root,
+sensitive information could be viewed or edited by unauthorized users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "cron.allow" file is group-owned by root.
+
+    Check the group owner of the "cron.allow" file with the following command:
+
+    # ls -al /etc/cron.allow
+    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow
+
+    If the "cron.allow" file exists and has a group owner other than root,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Set the group owner on the "/etc/cron.allow" file to root with the
 following command:
 
-    # chgrp root &#x2F;etc&#x2F;cron.allow</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>07197847-1505-4c24-88cb-bea7b2ae3853</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;cron.allow group is expected to eq &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71997</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86621r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020250</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chgrp root /etc/cron.allow</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72055\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the cron.allow file, if it exists, is group-owned by root.\"\n  desc  \"If the group owner of the \\\"cron.allow\\\" file is not set to root,\nsensitive information could be viewed or edited by unauthorized users.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"cron.allow\\\" file is group-owned by root.\n\n    Check the group owner of the \\\"cron.allow\\\" file with the following command:\n\n    # ls -al /etc/cron.allow\n    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow\n\n    If the \\\"cron.allow\\\" file exists and has a group owner other than root,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the group owner on the \\\"/etc/cron.allow\\\" file to root with the\nfollowing command:\n\n    # chgrp root /etc/cron.allow\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72055\"\n  tag rid: \"SV-86679r2_rule\"\n  tag stig_id: \"RHEL-07-021120\"\n  tag fix_id: \"F-78407r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    # case where file doesn't exist\n    describe file('/etc/cron.allow') do\n      it { should_not exist }\n    end\n    # case where file exists\n    describe file('/etc/cron.allow') do\n      its('group') { should eq 'root' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/cron.allow group is expected to eq "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71997</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86621r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020250</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be a vendor
-supported release.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>An operating system release is considered &quot;supported&quot; if the vendor
+supported release.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>An operating system release is considered "supported" if the vendor
 continues to provide security patches for the product. With an unsupported
 release, it will not be possible to resolve security issues discovered in the
-system software.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+system software.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the version of the operating system is vendor supported.
 
 Check the version of the operating system with the following command:
 
-# cat &#x2F;etc&#x2F;redhat-release
+# cat /etc/redhat-release
 
 Red Hat Enterprise Linux Server release 7.4 (Maipo)
 
@@ -3183,120 +3056,115 @@ Current End of Life for RHEL 7.6 is 31 October 2020.
 
 Current End of Life for RHEL 7.7 is 30 August 2021.
 
-If the release is not supported by the vendor, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Upgrade to a supported version of the operating system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>88b9f2ca-3f23-4cf2-b154-99fae4010d78</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;redhat-release content is expected to match &#x2F;Release (6.7*|7.[2-9].*)&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71907</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000071-GPOS-00039</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86531r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010140</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+If the release is not supported by the vendor, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Upgrade to a supported version of the operating system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71997\" do\n  title \"The Red Hat Enterprise Linux operating system must be a vendor\nsupported release.\"\n  desc  \"An operating system release is considered \\\"supported\\\" if the vendor\ncontinues to provide security patches for the product. With an unsupported\nrelease, it will not be possible to resolve security issues discovered in the\nsystem software.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the version of the operating system is vendor supported.\n\n    Check the version of the operating system with the following command:\n\n    # cat /etc/redhat-release\n\n    Red Hat Enterprise Linux Server release 7.4 (Maipo)\n\n    Current End of Life for RHEL 7.1 is 31 March 2017.\n\n    Current End of Life for RHEL 7.2 is 30 November 2017.\n\n    Current End of Life for RHEL 7.3 is 30 November 2018.\n\n    Current End of Life for RHEL 7.4 is 31 August 2019.\n\n    Current End of Life for RHEL 7.5 is 30 April 2020.\n\n    Current End of Life for RHEL 7.6 is 31 October 2020.\n\n    Current End of Life for RHEL 7.7 is 30 August 2021.\n\n    If the release is not supported by the vendor, this is a finding.\n  \"\n  desc  \"fix\", \"Upgrade to a supported version of the operating system.\"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71997\"\n  tag rid: \"SV-86621r5_rule\"\n  tag stig_id: \"RHEL-07-020250\"\n  tag fix_id: \"F-78349r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe file('/etc/redhat-release') do\n    its('content') { should match %r{Release (6.7*|7.[2-9].*)}i }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/redhat-release content is expected to match /Release (6.7*|7.[2-9].*)/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71907</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000071-GPOS-00039</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86531r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010140</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are assigned, the new password
-must contain at least one numeric character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+must contain at least one numeric character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -3305,146 +3173,141 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: The value to require a number of numeric characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;dcredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "dcredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep dcredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    dcredit &#x3D; -1
+    # grep dcredit /etc/security/pwquality.conf
+    dcredit = -1
 
-    If the value of &quot;dcredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "dcredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce password complexity by requiring
-that at least one numeric character be used by setting the &quot;dcredit&quot; option.
+that at least one numeric character be used by setting the "dcredit" option.
 
-    Add the following line to &#x2F;etc&#x2F;security&#x2F;pwquality.conf (or modify the line
+    Add the following line to /etc/security/pwquality.conf (or modify the line
 to have the required value):
 
-    dcredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9af97beb-b0b6-4bcc-a94f-241c12f5ae31</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf dcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71991</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86615r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    dcredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71907\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are assigned, the new password\nmust contain at least one numeric character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Note: The value to require a number of numeric characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"dcredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep dcredit /etc/security/pwquality.conf\n    dcredit = -1\n\n    If the value of \\\"dcredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce password complexity by requiring\nthat at least one numeric character be used by setting the \\\"dcredit\\\" option.\n\n    Add the following line to /etc/security/pwquality.conf (or modify the line\nto have the required value):\n\n    dcredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000071-GPOS-00039\"\n  tag gid: \"V-71907\"\n  tag rid: \"SV-86531r3_rule\"\n  tag stig_id: \"RHEL-07-010140\"\n  tag fix_id: \"F-78259r1_fix\"\n  tag cci: [\"CCI-000194\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('dcredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf dcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71991</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86615r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable the SELinux
-targeted policy.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+targeted policy.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without verification of the security functions, security functions may
 not operate correctly and the failure may go unnoticed. Security function is
-defined as the hardware, software, and&#x2F;or firmware of the information system
+defined as the hardware, software, and/or firmware of the information system
 responsible for enforcing the system security policy and supporting the
 isolation of code and data on which the protection is based. Security
 functionality includes, but is not limited to, establishing system accounts,
@@ -3452,30 +3315,30 @@ configuring access authorizations (i.e., permissions, privileges), setting
 events to be audited, and setting intrusion detection parameters.
 
     This requirement applies to operating systems performing security function
-verification&#x2F;testing and&#x2F;or systems and environments that require this
-functionality.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+verification/testing and/or systems and environments that require this
+functionality.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an HBSS or HIPS is active on the system, this is Not Applicable.
 
     Verify the operating system verifies correct operation of all security
 functions.
 
-    Check if &quot;SELinux&quot; is active and is enforcing the targeted policy with
+    Check if "SELinux" is active and is enforcing the targeted policy with
 the following command:
 
     # sestatus
 
     SELinux status: enabled
 
-    SELinuxfs mount: &#x2F;selinux
+    SELinuxfs mount: /selinux
 
-    SELinux root directory: &#x2F;etc&#x2F;selinux
+    SELinux root directory: /etc/selinux
 
     Loaded policy name: targeted
 
@@ -3489,297 +3352,287 @@ the following command:
 
     Max kernel policy version: 28
 
-    If the &quot;Loaded policy name&quot; is not set to &quot;targeted&quot;, this is a finding.
+    If the "Loaded policy name" is not set to "targeted", this is a finding.
 
-    Verify that the &#x2F;etc&#x2F;selinux&#x2F;config file is configured to the
-&quot;SELINUXTYPE&quot; to &quot;targeted&quot;:
+    Verify that the /etc/selinux/config file is configured to the
+"SELINUXTYPE" to "targeted":
 
-    # grep -i &quot;selinuxtype&quot; &#x2F;etc&#x2F;selinux&#x2F;config | grep -v &#39;^#&#39;
+    # grep -i "selinuxtype" /etc/selinux/config | grep -v '^#'
 
-    SELINUXTYPE &#x3D; targeted
+    SELINUXTYPE = targeted
 
-    If no results are returned or &quot;SELINUXTYPE&quot; is not set to &quot;targeted&quot;,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If no results are returned or "SELINUXTYPE" is not set to "targeted",
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify correct operation of all security
 functions.
 
-    Set the &quot;SELinuxtype&quot; to the &quot;targeted&quot; policy by modifying the
-&quot;&#x2F;etc&#x2F;selinux&#x2F;config&quot; file to have the following line:
-
-    SELINUXTYPE&#x3D;targeted
-
-    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f6a091f9-45b9-4afd-9761-9d3cfcd68f7d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;sestatus&#x60; stdout is expected to match &#x2F;^Loaded\spolicy\sname:\s+targeted\n?$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72045</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86669r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the "SELinuxtype" to the "targeted" policy by modifying the
+"/etc/selinux/config" file to have the following line:
+
+    SELINUXTYPE=targeted
+
+    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71991\" do\n  title \"The Red Hat Enterprise Linux operating system must enable the SELinux\ntargeted policy.\"\n  desc  \"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If an HBSS or HIPS is active on the system, this is Not Applicable.\n\n    Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \\\"SELinux\\\" is active and is enforcing the targeted policy with\nthe following command:\n\n    # sestatus\n\n    SELinux status: enabled\n\n    SELinuxfs mount: /selinux\n\n    SELinux root directory: /etc/selinux\n\n    Loaded policy name: targeted\n\n    Current mode: enforcing\n\n    Mode from config file: enforcing\n\n    Policy MLS status: enabled\n\n    Policy deny_unknown status: allowed\n\n    Max kernel policy version: 28\n\n    If the \\\"Loaded policy name\\\" is not set to \\\"targeted\\\", this is a finding.\n\n    Verify that the /etc/selinux/config file is configured to the\n\\\"SELINUXTYPE\\\" to \\\"targeted\\\":\n\n    # grep -i \\\"selinuxtype\\\" /etc/selinux/config | grep -v '^#'\n\n    SELINUXTYPE = targeted\n\n    If no results are returned or \\\"SELINUXTYPE\\\" is not set to \\\"targeted\\\",\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \\\"SELinuxtype\\\" to the \\\"targeted\\\" policy by modifying the\n\\\"/etc/selinux/config\\\" file to have the following line:\n\n    SELINUXTYPE=targeted\n\n    A reboot is required for the changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000445-GPOS-00199\"\n  tag gid: \"V-71991\"\n  tag rid: \"SV-86615r5_rule\"\n  tag stig_id: \"RHEL-07-020220\"\n  tag fix_id: \"F-78343r2_fix\"\n  tag cci: [\"CCI-002165\", \"CCI-002696\"]\n  tag nist: [\"AC-3 (4)\", \"SI-6 a\", \"Rev_4\"]\n\n  describe.one do\n    describe command('sestatus') do\n      its('stdout') { should match %r{^Policy\\sfrom\\sconfigs\\sfile:\\s+targeted\\n?$} }\n    end\n    describe command('sestatus') do\n      its('stdout') { should match %r{^Loaded\\spolicy\\sname:\\s+targeted\\n?$} }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `sestatus` stdout is expected to match /^Loaded\spolicy\sname:\s+targeted\n?$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72045</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86669r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent files with
 the setuid and setgid bit set from being executed on file systems that are
-being imported via Network File System (NFS).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute
-&quot;setuid&quot; and &quot;setgid&quot; files with owner privileges. This option must be used
-for mounting any file system not containing approved &quot;setuid&quot; and &quot;setguid&quot;
+being imported via Network File System (NFS).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute
+"setuid" and "setgid" files with owner privileges. This option must be used
+for mounting any file system not containing approved "setuid" and "setguid"
 files. Executing files from untrusted file systems increases the opportunity
-for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that are being NFS imported are configured with the
-&quot;nosuid&quot; option.
+"nosuid" option.
 
     Find the file system(s) that contain the directories being exported with
 the following command:
 
-    # more &#x2F;etc&#x2F;fstab | grep nfs
+    # more /etc/fstab | grep nfs
 
-    UUID&#x3D;e06097bb-cfcd-437b-9e4d-a691f5662a7d &#x2F;store nfs rw,nosuid 0 0
+    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid 0 0
 
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to NFS and it does not have
-the &quot;nosuid&quot; option set, this is a finding.
+    If a file system found in "/etc/fstab" refers to NFS and it does not have
+the "nosuid" option set, this is a finding.
 
-    Verify the NFS is mounted with the &quot;nosuid&quot; option:
+    Verify the NFS is mounted with the "nosuid" option:
 
     # mount | grep nfs | grep nosuid
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;nosuid&quot; option on
-file systems that are being imported via NFS.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>32298575-1753-4e2d-9e6e-29610ea0d518</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72251</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000074-GPOS-00042</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86875r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040390</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "nosuid" option on
+file systems that are being imported via NFS.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72045\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent files with\nthe setuid and setgid bit set from being executed on file systems that are\nbeing imported via Network File System (NFS).\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute\n\\\"setuid\\\" and \\\"setgid\\\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \\\"setuid\\\" and \\\"setguid\\\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that are being NFS imported are configured with the\n\\\"nosuid\\\" option.\n\n    Find the file system(s) that contain the directories being exported with\nthe following command:\n\n    # more /etc/fstab | grep nfs\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid 0 0\n\n    If a file system found in \\\"/etc/fstab\\\" refers to NFS and it does not have\nthe \\\"nosuid\\\" option set, this is a finding.\n\n    Verify the NFS is mounted with the \\\"nosuid\\\" option:\n\n    # mount | grep nfs | grep nosuid\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"nosuid\\\" option on\nfile systems that are being imported via NFS.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72045\"\n  tag rid: \"SV-86669r2_rule\"\n  tag stig_id: \"RHEL-07-021020\"\n  tag fix_id: \"F-78397r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n  if !nfs_systems.nil? and !nfs_systems.empty?\n    nfs_systems.each do |partition|\n      describe partition do\n        its('mount_options') { should include 'nosuid' }\n      end\n    end\n  else\n    describe \"No NFS file systems were found.\" do\n      subject { nfs_systems.nil? or nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72251</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000074-GPOS-00042</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86875r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040390</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon is configured to only use the SSHv2 protocol.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon is configured to only use the SSHv2 protocol.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>SSHv1 is an insecure implementation of the SSH protocol and has many
 well-known vulnerability exploits. Exploits of the SSH daemon could provide
-immediate root access to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+immediate root access to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check the version of the operating system with the following command:
 
-    # cat &#x2F;etc&#x2F;redhat-release
+    # cat /etc/redhat-release
 
     If the release is 7.4 or newer this requirement is Not Applicable.
 
@@ -3788,393 +3641,375 @@ immediate root access to the system.</ATTRIBUTE_DATA>
     Check that the SSH daemon is configured to only use the SSHv2 protocol with
 the following command:
 
-    # grep -i protocol &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i protocol /etc/ssh/sshd_config
     Protocol 2
     #Protocol 1,2
 
-    If any protocol line other than &quot;Protocol 2&quot; is uncommented, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove all Protocol lines that reference version &quot;1&quot; in
-&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this file may be named differently or be in a
+    If any protocol line other than "Protocol 2" is uncommented, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove all Protocol lines that reference version "1" in
+"/etc/ssh/sshd_config" (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
-vendor). The &quot;Protocol&quot; line must be as follows:
+vendor). The "Protocol" line must be as follows:
 
     Protocol 2
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e51f08f4-8b88-483a-b191-8ec7e1503e85</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The release is 7.8
-The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71945</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86569r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72251\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon is configured to only use the SSHv2 protocol.\"\n  desc  \"SSHv1 is an insecure implementation of the SSH protocol and has many\nwell-known vulnerability exploits. Exploits of the SSH daemon could provide\nimmediate root access to the system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check the version of the operating system with the following command:\n\n    # cat /etc/redhat-release\n\n    If the release is 7.4 or newer this requirement is Not Applicable.\n\n    Verify the SSH daemon is configured to only use the SSHv2 protocol.\n\n    Check that the SSH daemon is configured to only use the SSHv2 protocol with\nthe following command:\n\n    # grep -i protocol /etc/ssh/sshd_config\n    Protocol 2\n    #Protocol 1,2\n\n    If any protocol line other than \\\"Protocol 2\\\" is uncommented, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Remove all Protocol lines that reference version \\\"1\\\" in\n\\\"/etc/ssh/sshd_config\\\" (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor). The \\\"Protocol\\\" line must be as follows:\n\n    Protocol 2\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000074-GPOS-00042\"\n  tag satisfies: [\"SRG-OS-000074-GPOS-00042\", \"SRG-OS-000480-GPOS-00227\"]\n  tag gid: \"V-72251\"\n  tag rid: \"SV-86875r4_rule\"\n  tag stig_id: \"RHEL-07-040390\"\n  tag fix_id: \"F-78605r2_fix\"\n  tag cci: [\"CCI-000197\", \"CCI-000366\"]\n  tag nist: [\"IA-5 (1) (c)\", \"CM-6 b\", \"Rev_4\"]\n\n  if os.release.to_f &gt;= 7.4\n    impact 0.0\n    describe \"The release is #{os.release}\" do\n      skip \"The release is newer than 7.4; this control is Not Applicable.\"\n    end\n  else\n    describe sshd_config do\n      its('Protocol') { should cmp '2' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The release is 7.8 :: SKIP_MESSAGE The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71945</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86569r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must lock the associated
 account after three unsuccessful root logon attempts are made within a
-15-minute period.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+15-minute period.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>By limiting the number of failed logon attempts, the risk of
 unauthorized system access via user password guessing, otherwise known as brute
-forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system automatically locks the root account until it
 is released by an administrator when three unsuccessful logon attempts in 15
 minutes are made.
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;password-auth
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    # grep pam_faillock.so /etc/pam.d/password-auth
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;even_deny_root&quot; setting is not defined on both lines with the
-&quot;pam_faillock.so&quot; module, is commented out, or is missing from a line, this
+    If the "even_deny_root" setting is not defined on both lines with the
+"pam_faillock.so" module, is commented out, or is missing from a line, this
 is a finding.
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;system-auth
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    # grep pam_faillock.so /etc/pam.d/system-auth
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;even_deny_root&quot; setting is not defined on both lines with the
-&quot;pam_faillock.so&quot; module, is commented out, or is missing from a line, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "even_deny_root" setting is not defined on both lines with the
+"pam_faillock.so" module, is commented out, or is missing from a line, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to lock automatically the root account until
 the locked account is released by an administrator when three unsuccessful
 logon attempts in 15 minutes are made.
 
     Modify the first three lines of the auth section and the first line of the
-account section of the &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; files to match the following lines:
+account section of the "/etc/pam.d/system-auth" and
+"/etc/pam.d/password-auth" files to match the following lines:
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     auth sufficient pam_unix.so try_first_pass
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>acece2eb-a5f8-4b62-9d9a-6b60158c307a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
-expected &quot;account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so&quot; to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71945\" do\n  title \"The Red Hat Enterprise Linux operating system must lock the associated\naccount after three unsuccessful root logon attempts are made within a\n15-minute period.\"\n  desc  \"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as brute\nforcing, is reduced. Limits are imposed by locking the account.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system automatically locks the root account until it\nis released by an administrator when three unsuccessful logon attempts in 15\nminutes are made.\n\n    # grep pam_faillock.so /etc/pam.d/password-auth\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"even_deny_root\\\" setting is not defined on both lines with the\n\\\"pam_faillock.so\\\" module, is commented out, or is missing from a line, this\nis a finding.\n\n    # grep pam_faillock.so /etc/pam.d/system-auth\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"even_deny_root\\\" setting is not defined on both lines with the\n\\\"pam_faillock.so\\\" module, is commented out, or is missing from a line, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to lock automatically the root account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts in 15 minutes are made.\n\n    Modify the first three lines of the auth section and the first line of the\naccount section of the \\\"/etc/pam.d/system-auth\\\" and\n\\\"/etc/pam.d/password-auth\\\" files to match the following lines:\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth sufficient pam_unix.so try_first_pass\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000329-GPOS-00128\"\n  tag satisfies: [\"SRG-OS-000329-GPOS-00128\", \"SRG-OS-000021-GPOS-00005\"]\n  tag gid: \"V-71945\"\n  tag rid: \"SV-86569r4_rule\"\n  tag stig_id: \"RHEL-07-010330\"\n  tag fix_id: \"F-78297r3_fix\"\n  tag cci: [\"CCI-002238\"]\n  tag nist: [\"AC-7 b\", \"Rev_4\"]\n\n  required_lines = [\n    'auth required pam_faillock.so even_deny_root',\n    'auth sufficient pam_unix.so try_first_pass',\n    'auth [default=die] pam_faillock.so even_deny_root'\n  ]\n\n  describe pam('/etc/pam.d/password-auth') do\n    its('lines') { should match_pam_rules(required_lines) }\n    its('lines') { should match_pam_rule('auth .* pam_faillock.so (preauth|authfail)').all_with_args('even_deny_root') }\n  end\n\n  describe pam('/etc/pam.d/system-auth') do\n    its('lines') { should match_pam_rules(required_lines) }\n    its('lines') { should match_pam_rule('auth .* pam_faillock.so (preauth|authfail)').all_with_args('even_deny_root') }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"] :: MESSAGE expected "account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so" to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"]
 Diff:
 @@ -1,4 +1,28 @@
 -auth required pam_faillock.so even_deny_root
 -auth sufficient pam_unix.so try_first_pass
--auth [default&#x3D;die] pam_faillock.so even_deny_root
+-auth [default=die] pam_faillock.so even_deny_root
 +account required pam_unix.so
 +account sufficient pam_localuser.so
 +account sufficient pam_succeed_if.so uid &lt; 1000 quiet
-+account [default&#x3D;bad success&#x3D;ok user_unknown&#x3D;ignore] pam_sss.so
++account [default=bad success=ok user_unknown=ignore] pam_sss.so
 +account required pam_permit.so
 +auth required pam_env.so
-+auth [default&#x3D;1 ignore&#x3D;ignore success&#x3D;ok] pam_succeed_if.so uid &gt;&#x3D; 1000 quiet
-+auth [default&#x3D;4 ignore&#x3D;ignore success&#x3D;ok] pam_localuser.so
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [success&#x3D;1 default&#x3D;bad] pam_unix.so try_first_pass
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth sufficient pam_faillock.so authsucc deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth requisite pam_succeed_if.so uid &gt;&#x3D; 1000 quiet_success
++auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid &gt;= 1000 quiet
++auth [default=4 ignore=ignore success=ok] pam_localuser.so
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [success=1 default=bad] pam_unix.so try_first_pass
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
++auth sufficient pam_faillock.so authsucc deny=3 unlock_time=604800 fail_interval=900
++auth requisite pam_succeed_if.so uid &gt;= 1000 quiet_success
 +auth sufficient pam_sss.so forward_pass
 +auth required pam_deny.so
-+password requisite pam_pwquality.so try_first_pass local_users_only retry&#x3D;3 authtok_type&#x3D;
-+password requisite pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
++password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
++password requisite pam_pwhistory.so use_authtok remember=5 retry=3
 +password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok
 +password sufficient pam_sss.so use_authtok
 +password required pam_deny.so
 +session optional pam_keyinit.so revoke
 +session required pam_limits.so
 +-session optional pam_systemd.so
-+session optional pam_oddjob_mkhomedir.so umask&#x3D;0077
-+session [success&#x3D;1 default&#x3D;ignore] pam_succeed_if.so service in crond quiet use_uid
++session optional pam_oddjob_mkhomedir.so umask=0077
++session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
 +session required pam_unix.so
 +session optional pam_sss.so
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
-expected &quot;auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900\nauth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900&quot; to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root :: MESSAGE expected "auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900\nauth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900" to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
 Diff:
 @@ -1,2 +1,3 @@
 -auth .* pam_faillock.so (preauth|authfail)
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
-expected &quot;account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so&quot; to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"] :: MESSAGE expected "account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so" to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"]
 Diff:
 @@ -1,4 +1,28 @@
 -auth required pam_faillock.so even_deny_root
 -auth sufficient pam_unix.so try_first_pass
--auth [default&#x3D;die] pam_faillock.so even_deny_root
+-auth [default=die] pam_faillock.so even_deny_root
 +account required pam_unix.so
 +account sufficient pam_localuser.so
 +account sufficient pam_succeed_if.so uid &lt; 1000 quiet
-+account [default&#x3D;bad success&#x3D;ok user_unknown&#x3D;ignore] pam_sss.so
++account [default=bad success=ok user_unknown=ignore] pam_sss.so
 +account required pam_permit.so
 +auth required pam_env.so
-+auth [default&#x3D;1 ignore&#x3D;ignore success&#x3D;ok] pam_succeed_if.so uid &gt;&#x3D; 1000 quiet
-+auth [default&#x3D;4 ignore&#x3D;ignore success&#x3D;ok] pam_localuser.so
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [success&#x3D;1 default&#x3D;bad] pam_unix.so try_first_pass
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth sufficient pam_faillock.so authsucc deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth requisite pam_succeed_if.so uid &gt;&#x3D; 1000 quiet_success
++auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid &gt;= 1000 quiet
++auth [default=4 ignore=ignore success=ok] pam_localuser.so
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [success=1 default=bad] pam_unix.so try_first_pass
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
++auth sufficient pam_faillock.so authsucc deny=3 unlock_time=604800 fail_interval=900
++auth requisite pam_succeed_if.so uid &gt;= 1000 quiet_success
 +auth sufficient pam_sss.so forward_pass
 +auth required pam_deny.so
-+password requisite pam_pwquality.so try_first_pass local_users_only retry&#x3D;3 authtok_type&#x3D;
-+password requisite pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
++password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
++password requisite pam_pwhistory.so use_authtok remember=5 retry=3
 +password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok
 +password sufficient pam_sss.so use_authtok
 +password required pam_deny.so
 +session optional pam_keyinit.so revoke
 +session required pam_limits.so
 +-session optional pam_systemd.so
-+session optional pam_oddjob_mkhomedir.so umask&#x3D;0077
-+session [success&#x3D;1 default&#x3D;ignore] pam_succeed_if.so service in crond quiet use_uid
++session optional pam_oddjob_mkhomedir.so umask=0077
++session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
 +session required pam_unix.so
 +session optional pam_sss.so
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
-expected &quot;auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900\nauth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900&quot; to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root :: MESSAGE expected "auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900\nauth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900" to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
 Diff:
 @@ -1,2 +1,3 @@
 -auth .* pam_faillock.so (preauth|authfail)
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71861</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86485r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71861</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86485r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 approved Standard Mandatory DoD Notice and Consent Banner before granting local
-or remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+or remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the operating system ensures privacy and security
 notification verbiage used is consistent with applicable federal laws,
@@ -4187,7 +4022,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -4212,14 +4047,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system displays the approved Standard Mandatory DoD
 Notice and Consent Banner before granting access to the operating system via a
 graphical user logon.
@@ -4230,9 +4065,9 @@ Applicable.
     Check that the operating system displays the exact approved Standard
 Mandatory DoD Notice and Consent Banner text with the command:
 
-    # grep banner-message-text &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    banner-message-text&#x3D;
-    &#39;You are accessing a U.S. Government (USG) Information System (IS) that is
+    # grep banner-message-text /etc/dconf/db/local.d/*
+    banner-message-text=
+    'You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.    By using this IS (which includes any device attached to this IS), you
 consent to the following conditions:    -The USG routinely intercepts and monitors communications on this IS for
 purposes including, but not limited to, penetration testing, COMSEC monitoring,
@@ -4245,16 +4080,16 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details. &#39;
+Agreement for details. '
 
-    Note: The &quot;     &quot; characters are for formatting only. They will not be displayed on the
+    Note: The "     " characters are for formatting only. They will not be displayed on the
 GUI.
 
     If the banner does not match the approved Standard Mandatory DoD Notice and
-Consent Banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Consent Banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the approved Standard Mandatory
 DoD Notice and Consent Banner before granting access to the system.
 
@@ -4264,16 +4099,16 @@ Applicable.
     Create a database to contain the system-wide graphical user logon settings
 (if it does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message
+    # touch /etc/dconf/db/local.d/01-banner-message
 
-    Add the following line to the [org&#x2F;gnome&#x2F;login-screen] section of the
-&quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message&quot;:
+    Add the following line to the [org/gnome/login-screen] section of the
+"/etc/dconf/db/local.d/01-banner-message":
 
-    [org&#x2F;gnome&#x2F;login-screen]
+    [org/gnome/login-screen]
 
-    banner-message-enable&#x3D;true
+    banner-message-enable=true
 
-    banner-message-text&#x3D;&#39;You are accessing a U.S. Government (USG) Information
+    banner-message-text='You are accessing a U.S. Government (USG) Information
 System (IS) that is provided for USG-authorized use only.    By using this IS (which includes any device attached to this IS), you
 consent to the following conditions:    -The USG routinely intercepts and monitors communications on this IS for
 purposes including, but not limited to, penetration testing, COMSEC monitoring,
@@ -4286,123 +4121,118 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details. &#39;
+Agreement for details. '
 
-    Note: The &quot;     &quot; characters are for formatting only. They will not be displayed on the
+    Note: The "     " characters are for formatting only. They will not be displayed on the
 GUI.
 
     Run the following command to update the database:
-    # dconf update</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8ebc2927-80b2-4077-a0c3-0a03f4b2dbbe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-        Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72217</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000027-GPOS-00008</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86841r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # dconf update</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71861\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\napproved Standard Mandatory DoD Notice and Consent Banner before granting local\nor remote access to the system via a graphical user logon.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system displays the approved Standard Mandatory DoD\nNotice and Consent Banner before granting access to the operating system via a\ngraphical user logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check that the operating system displays the exact approved Standard\nMandatory DoD Notice and Consent Banner text with the command:\n\n    # grep banner-message-text /etc/dconf/db/local.d/*\n    banner-message-text=\n    'You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\\\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\\\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\\\n    -At any time, the USG may inspect and seize data stored on this IS.\\\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\\\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\\\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details. '\n\n    Note: The \\\"\\\n     \\\" characters are for formatting only. They will not be displayed on the\nGUI.\n\n    If the banner does not match the approved Standard Mandatory DoD Notice and\nConsent Banner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the approved Standard Mandatory\nDoD Notice and Consent Banner before granting access to the system.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following line to the [org/gnome/login-screen] section of the\n\\\"/etc/dconf/db/local.d/01-banner-message\\\":\n\n    [org/gnome/login-screen]\n\n    banner-message-enable=true\n\n    banner-message-text='You are accessing a U.S. Government (USG) Information\nSystem (IS) that is provided for USG-authorized use only.\\\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\\\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\\\n    -At any time, the USG may inspect and seize data stored on this IS.\\\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\\\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\\\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details. '\n\n    Note: The \\\"\\\n     \\\" characters are for formatting only. They will not be displayed on the\nGUI.\n\n    Run the following command to update the database:\n    # dconf update\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\",\n\"SRG-OS-000228-GPOS-00088\"]\n  tag gid: \"V-71861\"\n  tag rid: \"SV-86485r4_rule\"\n  tag stig_id: \"RHEL-07-010040\"\n  tag fix_id: \"F-78213r5_fix\"\n  tag cci: [\"CCI-000048\"]\n  tag nist: [\"AC-8 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    #Get all files that have the banner-message-text specified.\n    banner_files =\n      command(\"grep -l banner-message-text /etc/dconf/db/local.d/*\").stdout.split(\"\\n\")\n\n    #If there are no banner files then this is a finding.\n    banner_missing = banner_files.empty?\n    describe \"If no files specify the banner text then this is a finding\" do\n      subject { banner_missing }\n      it{should be false}\n    end if banner_missing\n\n    #If there are banner files then check them to make sure they have the correct text.\n    banner_files.each do |banner_file|\n      banner_message =\n        parse_config_file(banner_file).params(\"banner-message-text\").gsub(%r{[\\r\\n\\s]}, '')\n      #dconf expects the banner-message-text to be quoted so remove leading and trailing quote.\n      #See https://developer.gnome.org/dconf/unstable/dconf-tool.html which states:\n      #  VALUE arguments must be in GVariant format, so e.g. a string must include\n      #  explicit quotes: \"'foo'\". This format is also used when printing out values.\n      if banner_message.start_with?('\"') || banner_message.start_with?('\\'')\n        banner_message = banner_message[1,banner_message.length]\n      end\n      if banner_message.end_with?('\"') || banner_message.end_with?('\\'')\n        banner_message = banner_message.chop\n      end\n      describe.one do\n        describe banner_message do\n          it{should cmp banner_message_text_gui.gsub(%r{[\\r\\n\\s]}, '')}\n        end\n        describe banner_message do\n          it{should cmp banner_message_text_gui_limited.gsub(%r{[\\r\\n\\s]}, '')}\n        end\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+        Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72217</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000027-GPOS-00008</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86841r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must limit the number of
-concurrent sessions to 10 for all accounts and&#x2F;or account types.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+concurrent sessions to 10 for all accounts and/or account types.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Operating system management includes the ability to control the number
 of users and user sessions that utilize an operating system. Limiting the
 number of allowed users and sessions per user is helpful in reducing the risks
@@ -4411,149 +4241,143 @@ related to DoS attacks.
     This requirement addresses concurrent sessions for information system
 accounts and does not address concurrent sessions by single users via multiple
 system accounts. The maximum number of concurrent sessions should be defined
-based on mission needs and the operational environment for each system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+based on mission needs and the operational environment for each system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system limits the number of concurrent sessions to
-&quot;10&quot; for all accounts and&#x2F;or account types by issuing the following command:
+"10" for all accounts and/or account types by issuing the following command:
 
-    # grep &quot;maxlogins&quot; &#x2F;etc&#x2F;security&#x2F;limits.conf &#x2F;etc&#x2F;security&#x2F;limits.d&#x2F;*.conf
+    # grep "maxlogins" /etc/security/limits.conf /etc/security/limits.d/*.conf
 
     * hard maxlogins 10
 
     This can be set as a global domain (with the * wildcard) but may be set
 differently for multiple domains.
 
-    If the &quot;maxlogins&quot; item is missing, commented out, or the value is not
-set to &quot;10&quot; or less for all domains that have the &quot;maxlogins&quot; item
-assigned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "maxlogins" item is missing, commented out, or the value is not
+set to "10" or less for all domains that have the "maxlogins" item
+assigned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to limit the number of concurrent sessions
-to &quot;10&quot; for all accounts and&#x2F;or account types.
-
-    Add the following line to the top of the &#x2F;etc&#x2F;security&#x2F;limits.conf or in a
-&quot;.conf&quot; file defined in &#x2F;etc&#x2F;security&#x2F;limits.d&#x2F; :
-
-    * hard maxlogins 10</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bd683fc7-c366-4015-8923-5d7f95bbe9cd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Files configuring maxlogins less than or equal to 10 is expected to be positive
---------------------------------
-passed
-Files configuring maxlogins greater than 10 is expected to cmp &#x3D;&#x3D; []</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72047</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86671r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021030</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+to "10" for all accounts and/or account types.
+
+    Add the following line to the top of the /etc/security/limits.conf or in a
+".conf" file defined in /etc/security/limits.d/ :
+
+    * hard maxlogins 10</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72217\" do\n  title \"The Red Hat Enterprise Linux operating system must limit the number of\nconcurrent sessions to 10 for all accounts and/or account types.\"\n  desc  \"Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system limits the number of concurrent sessions to\n\\\"10\\\" for all accounts and/or account types by issuing the following command:\n\n    # grep \\\"maxlogins\\\" /etc/security/limits.conf /etc/security/limits.d/*.conf\n\n    * hard maxlogins 10\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \\\"maxlogins\\\" item is missing, commented out, or the value is not\nset to \\\"10\\\" or less for all domains that have the \\\"maxlogins\\\" item\nassigned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to limit the number of concurrent sessions\nto \\\"10\\\" for all accounts and/or account types.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\\\".conf\\\" file defined in /etc/security/limits.d/ :\n\n    * hard maxlogins 10\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000027-GPOS-00008\"\n  tag gid: \"V-72217\"\n  tag rid: \"SV-86841r3_rule\"\n  tag stig_id: \"RHEL-07-040000\"\n  tag fix_id: \"F-78571r2_fix\"\n  tag cci: [\"CCI-000054\"]\n  tag nist: [\"AC-10\", \"Rev_4\"]\n\n  maxlogins_limit = input('maxlogins_limit')\n\n  # Collect any files under limits.d if they exist\n  limits_files = directory('/etc/security/limits.d').exist? ? command('ls /etc/security/limits.d/*.conf').stdout.strip.lines : []\n  # Add limits.conf to the list\n  limits_files.push('/etc/security/limits.conf')\n  compliant_files = []\n  noncompliant_files = []\n\n  limits_files.each do |limits_file|\n    # Get any universal limits from each file\n    local_limits = limits_conf(limits_file).*\n    # If we got an array (results) check further\n    if local_limits.is_a?(Array)\n      local_limits.each do |temp_limit|\n        # For each result check if it is a 'hard' limit for 'maxlogins'\n        if temp_limit.include?('hard') &amp;&amp; temp_limit.include?('maxlogins')\n          # If the limit is in range, push to compliant files\n          if temp_limit[-1].to_i &lt;= maxlogins_limit\n            compliant_files.push(limits_file)\n          # Otherwise add to noncompliant files\n          else\n            noncompliant_files.push(limits_file)\n          end\n        end\n      end\n    end\n  end\n\n  # It is required that at least 1 file contain compliant configuration\n  describe \"Files configuring maxlogins less than or equal to #{maxlogins_limit}\" do\n    subject { compliant_files.length }\n    it { should be_positive }\n  end\n\n  # No files should set 'hard' 'maxlogins' to any noncompliant value\n  describe \"Files configuring maxlogins greater than #{maxlogins_limit}\" do\n    subject { noncompliant_files }\n    it { should cmp [] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Files configuring maxlogins less than or equal to 10 is expected to be positive
+--------------------------------
+passed :: TEST Files configuring maxlogins greater than 10 is expected to cmp == []</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72047</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86671r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all world-writable directories are group-owned by root, sys, bin, or an
-application group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+application group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a world-writable directory has the sticky bit set and is not
 group-owned by a privileged Group Identifier (GID), unauthorized users may be
 able to modify files created by others.
@@ -4561,15 +4385,15 @@ able to modify files created by others.
     The only authorized public directories are those temporary directories
 supplied with the system or those designed to be temporary file repositories.
 The setting is normally reserved for directories used by the system and by
-users for temporary file storage, (e.g., &#x2F;tmp), and for directories requiring
-global read&#x2F;write access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+users for temporary file storage, (e.g., /tmp), and for directories requiring
+global read/write access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all world-writable directories are group-owned by root, sys, bin, or
 an application group.
 
@@ -4578,1919 +4402,1827 @@ an application group.
     Note: The value after -fstype must be replaced with the filesystem type.
 XFS is used as an example.
 
-    # find &#x2F; -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \;
-    drwxrwxrwt 2 root root 40 Aug 26 13:07 &#x2F;dev&#x2F;mqueue
-    drwxrwxrwt 2 root root 220 Aug 26 13:23 &#x2F;dev&#x2F;shm
-    drwxrwxrwt 14 root root 4096 Aug 26 13:29 &#x2F;tmp
+    # find / -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \;
+    drwxrwxrwt 2 root root 40 Aug 26 13:07 /dev/mqueue
+    drwxrwxrwt 2 root root 220 Aug 26 13:23 /dev/shm
+    drwxrwxrwt 14 root root 4096 Aug 26 13:29 /tmp
 
     If any world-writable directories are not owned by root, sys, bin, or an
-application group associated with the directory, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+application group associated with the directory, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Change the group of the world-writable directories to root with the
 following command:
 
-    # chgrp root &lt;directory&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2a8a9c3b-95b6-47e3-8ec9-89d573ec8a7a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;var&#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;var&#x2F;tmp&#x2F;cloud-init group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;var&#x2F;tmp&#x2F;systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-U8pkhb&#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.XIM-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.Test-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.ICE-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.font-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.X11-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-Te8mBP&#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72173</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86797r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030750</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chgrp root &lt;directory&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72047\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all world-writable directories are group-owned by root, sys, bin, or an\napplication group.\"\n  desc  \"If a world-writable directory has the sticky bit set and is not\ngroup-owned by a privileged Group Identifier (GID), unauthorized users may be\nable to modify files created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all world-writable directories are group-owned by root, sys, bin, or\nan application group.\n\n    Check the system for world-writable directories with the following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    # find / -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \\\\;\n    drwxrwxrwt 2 root root 40 Aug 26 13:07 /dev/mqueue\n    drwxrwxrwt 2 root root 220 Aug 26 13:23 /dev/shm\n    drwxrwxrwt 14 root root 4096 Aug 26 13:29 /tmp\n\n    If any world-writable directories are not owned by root, sys, bin, or an\napplication group associated with the directory, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group of the world-writable directories to root with the\nfollowing command:\n\n    # chgrp root &lt;directory&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72047\"\n  tag rid: \"SV-86671r4_rule\"\n  tag stig_id: \"RHEL-07-021030\"\n  tag fix_id: \"F-78399r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  application_groups = input('application_groups')\n\n  ww_dirs = Set[]\n  partitions = etc_fstab.params.map{|partition| partition['file_system_type']}.uniq\n  partitions.each do |part|\n    cmd = \"find / -perm -002 -xdev -type d -fstype #{part} -exec ls -lLd {} \\\\;\"\n    ww_dirs = ww_dirs + command(cmd).stdout.split(\"\\n\")\n  end\n\n  ww_dirs.to_a.each do |curr_dir|\n    dir_arr = curr_dir.split(' ')\n    describe file(dir_arr.last) do\n      its('group') { should be_in [\"root\",\"sys\",\"bin\"] + application_groups }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /var/tmp group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /var/tmp/cloud-init group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /var/tmp/systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-U8pkhb/tmp group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.XIM-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.Test-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.ICE-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.font-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.X11-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-Te8mBP/tmp group is expected to be in "root", "sys", and "bin"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72173</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86797r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030750</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the umount command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the umount command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged mount commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;umount&quot; command occur.
+successful/unsuccessful attempts to use the "umount" command occur.
 
     Check that the following system call is being audited by performing the
 following series of commands to check the file system rules in
-&quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+"/etc/audit/audit.rules":
 
-    # grep -iw &quot;&#x2F;usr&#x2F;bin&#x2F;umount&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw "/usr/bin/umount" /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;umount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;umount&quot; command occur.
+successful/unsuccessful attempts to use the "umount" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;umount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e71f2de9-b06f-4106-b3b7-1536b3414e85</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;bin&#x2F;umount&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;bin&#x2F;umount&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72149</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86773r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030630</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72173\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe umount command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged mount commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"umount\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing series of commands to check the file system rules in\n\\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw \\\"/usr/bin/umount\\\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"umount\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72173\"\n  tag rid: \"SV-86797r5_rule\"\n  tag stig_id: \"RHEL-07-030750\"\n  tag fix_id: \"F-78527r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/bin/umount'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/bin/umount" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/bin/umount" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72149</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86773r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030630</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the passwd command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the passwd command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;passwd&quot; command occur.
+successful/unsuccessful attempts to use the "passwd" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;passwd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/passwd /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;passwd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;passwd&quot; command occur.
+successful/unsuccessful attempts to use the "passwd" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;passwd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a9ccfe07-fea5-426a-8bd6-a269d900d84d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;passwd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;passwd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71927</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86551r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72149\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe passwd command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"passwd\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/passwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"passwd\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72149\"\n  tag rid: \"SV-86773r5_rule\"\n  tag stig_id: \"RHEL-07-030630\"\n  tag fix_id: \"F-78501r6_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n  \n  audit_file = '/usr/bin/passwd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/passwd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/passwd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71927</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86551r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords are restricted to a 24 hours&#x2F;1 day minimum lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords are restricted to a 24 hours/1 day minimum lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enforcing a minimum password lifetime helps to prevent repeated
 password changes to defeat the password reuse or history enforcement
 requirement. If users are allowed to immediately and continually change their
 password, the password could be repeatedly changed in a short period of time to
-defeat the organization&#39;s policy regarding password reuse.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+defeat the organization's policy regarding password reuse.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check whether the minimum time period between password changes for each
 user account is one day or greater.
 
-    # awk -F: &#39;$4 &lt; 1 {print $1 &quot; &quot; $4}&#39; &#x2F;etc&#x2F;shadow
+    # awk -F: '$4 &lt; 1 {print $1 " " $4}' /etc/shadow
 
     If any results are returned that are not associated with a system account,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure non-compliant accounts to enforce a 24 hours&#x2F;1 day minimum
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure non-compliant accounts to enforce a 24 hours/1 day minimum
 password lifetime:
 
-    # chage -m 1 [user]</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>91eebf62-4b86-48ce-9d66-a529353535c8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;shadow with user &#x3D;&#x3D; &quot;ec2-user&quot; min_days.first.to_i is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72105</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86729r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030410</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chage -m 1 [user]</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71927\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords are restricted to a 24 hours/1 day minimum lifetime.\"\n  desc  \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check whether the minimum time period between password changes for each\nuser account is one day or greater.\n\n    # awk -F: '$4 &lt; 1 {print $1 \\\" \\\" $4}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure non-compliant accounts to enforce a 24 hours/1 day minimum\npassword lifetime:\n\n    # chage -m 1 [user]\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000075-GPOS-00043\"\n  tag gid: \"V-71927\"\n  tag rid: \"SV-86551r2_rule\"\n  tag stig_id: \"RHEL-07-010240\"\n  tag fix_id: \"F-78279r1_fix\"\n  tag cci: [\"CCI-000198\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  shadow.users.each do |user|\n    # filtering on non-system accounts (uid &gt;= 1000)\n    next unless user(user).uid &gt;= 1000\n    describe shadow.users(user) do\n      its('min_days.first.to_i') { should cmp &gt;= 1 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/shadow with user == "ec2-user" min_days.first.to_i is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72105</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86729r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030410</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chmod syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chmod syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "chmod" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following command:
 
-    # grep -iw chmod &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw chmod /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;chmod&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"chmod" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "chmod" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>22941c29-4e2d-4d99-a548-d60fd2521112</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72255</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86879r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040410</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72105\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chmod syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chmod\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing command:\n\n    # grep -iw chmod /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"chmod\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chmod\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72105\"\n  tag rid: \"SV-86729r5_rule\"\n  tag stig_id: \"RHEL-07-030410\"\n  tag fix_id: \"F-78457r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"chmod\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"chmod\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "chmod" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chmod" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chmod" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chmod" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72255</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86879r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040410</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH public host key files have mode 0644 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH public host key files have mode 0644 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a public host key file is modified by an unauthorized user, the SSH
-service may be compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the SSH public host key files have mode &quot;0644&quot; or less permissive.
+service may be compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the SSH public host key files have mode "0644" or less permissive.
 
     Note: SSH public key files may be found in other directories on the system
 depending on the installation.
 
     The following command will find all SSH public key files on the system:
 
-    # find &#x2F;etc&#x2F;ssh -name &#39;*.pub&#39; -exec ls -lL {} \;
+    # find /etc/ssh -name '*.pub' -exec ls -lL {} \;
 
     -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub
     -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub
     -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub
 
-    If any file has a mode more permissive than &quot;0644&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any file has a mode more permissive than "0644", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: SSH public key files may be found in other directories on the system
 depending on the installation.
 
-    Change the mode of public host key files under &quot;&#x2F;etc&#x2F;ssh&quot; to &quot;0644&quot;
+    Change the mode of public host key files under "/etc/ssh" to "0644"
 with the following command:
 
-    # chmod 0644 &#x2F;etc&#x2F;ssh&#x2F;*.key.pub</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5a5715d1-5333-4c8c-9264-70683d02dfb5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72087</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86711r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chmod 0644 /etc/ssh/*.key.pub</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72255\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH public host key files have mode 0644 or less permissive.\"\n  desc  \"If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH public host key files have mode \\\"0644\\\" or less permissive.\n\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation.\n\n    The following command will find all SSH public key files on the system:\n\n    # find /etc/ssh -name '*.pub' -exec ls -lL {} \\\\;\n\n    -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub\n    -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub\n    -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub\n\n    If any file has a mode more permissive than \\\"0644\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation.\n\n    Change the mode of public host key files under \\\"/etc/ssh\\\" to \\\"0644\\\"\nwith the following command:\n\n    # chmod 0644 /etc/ssh/*.key.pub\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72255\"\n  tag rid: \"SV-86879r2_rule\"\n  tag stig_id: \"RHEL-07-040410\"\n  tag fix_id: \"F-78609r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  pub_files = command(\"find /etc/ssh -xdev -name '*.pub' -perm /133\").stdout.split(\"\\n\")\n  if !pub_files.nil? and !pub_files.empty?\n    pub_files.each do |pubfile|\n      describe file(pubfile) do\n        it { should_not be_executable.by('owner') }\n        it { should_not be_executable.by('group') }\n        it { should_not be_writable.by('group') }\n        it { should_not be_executable.by('others') }\n        it { should_not be_writable.by('others') }\n      end\n    end\n  else\n     describe \"No files have a more permissive mode.\" do\n      subject { pub_files.nil? or pub_files.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72087</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86711r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the audit system takes appropriate action when the audit storage volume is
-full.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+full.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Taking appropriate action in case of a filled audit storage volume
-will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the action the operating system takes if the disk the audit records
 are written to becomes full.
 
     To determine the action that takes place if the disk is full on the remote
 server, use the following command:
 
-    # grep -i disk_full_action &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    disk_full_action &#x3D; single
+    # grep -i disk_full_action /etc/audisp/audisp-remote.conf
+    disk_full_action = single
 
-    If the value of the &quot;disk_full_action&quot; option is not &quot;syslog&quot;,
-&quot;single&quot;, or &quot;halt&quot;, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "disk_full_action" option is not "syslog",
+"single", or "halt", or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the action the operating system takes if the disk the audit
 records are written to becomes full.
 
-    Uncomment or edit the &quot;disk_full_action&quot; option in
-&quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot; and set it to &quot;syslog&quot;, &quot;single&quot;, or
-&quot;halt&quot;, such as the following line:
-
-    disk_full_action &#x3D; single</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4391a574-ea2c-48b5-b874-175a694cf42e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
---------------------------------
-skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72259</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86883r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Uncomment or edit the "disk_full_action" option in
+"/etc/audisp/audisp-remote.conf" and set it to "syslog", "single", or
+"halt", such as the following line:
+
+    disk_full_action = single</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72087\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the audit system takes appropriate action when the audit storage volume is\nfull.\"\n  desc  \"Taking appropriate action in case of a filled audit storage volume\nwill minimize the possibility of losing audit records.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the action the operating system takes if the disk the audit records\nare written to becomes full.\n\n    To determine the action that takes place if the disk is full on the remote\nserver, use the following command:\n\n    # grep -i disk_full_action /etc/audisp/audisp-remote.conf\n    disk_full_action = single\n\n    If the value of the \\\"disk_full_action\\\" option is not \\\"syslog\\\",\n\\\"single\\\", or \\\"halt\\\", or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the action the operating system takes if the disk the audit\nrecords are written to becomes full.\n\n    Uncomment or edit the \\\"disk_full_action\\\" option in\n\\\"/etc/audisp/audisp-remote.conf\\\" and set it to \\\"syslog\\\", \\\"single\\\", or\n\\\"halt\\\", such as the following line:\n\n    disk_full_action = single\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag gid: \"V-72087\"\n  tag rid: \"SV-86711r3_rule\"\n  tag stig_id: \"RHEL-07-030320\"\n  tag fix_id: \"F-78439r4_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('disk_full_action'.to_s) { should be_in ['syslog', 'single', 'halt'] }\n  end\n\n# Test matches ./inspec-profiles/controls/V-73163.rb\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('network_failure_action'.to_s) { should be_in ['syslog', 'single', 'halt'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf
+--------------------------------
+skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72259</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86883r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not permit Generic Security Service Application
-Program Interface (GSSAPI) authentication unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Program Interface (GSSAPI) authentication unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>GSSAPI authentication is used to provide additional authentication
 mechanisms to applications. Allowing GSSAPI authentication through SSH exposes
-the system&#39;s GSSAPI to remote hosts, increasing the attack surface of the
-system. GSSAPI authentication must be disabled unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+the system's GSSAPI to remote hosts, increasing the attack surface of the
+system. GSSAPI authentication must be disabled unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not permit GSSAPI authentication unless approved.
 
     Check that the SSH daemon does not permit GSSAPI authentication with the
 following command:
 
-    # grep -i gssapiauth &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i gssapiauth /etc/ssh/sshd_config
     GSSAPIAuthentication no
 
-    If the &quot;GSSAPIAuthentication&quot; keyword is missing, is set to &quot;yes&quot; and
+    If the "GSSAPIAuthentication" keyword is missing, is set to "yes" and
 is not documented with the Information System Security Officer (ISSO), or the
-returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;GSSAPIAuthentication&quot; keyword in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;
+returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "GSSAPIAuthentication" keyword in "/etc/ssh/sshd_config"
 (this file may be named differently or be in a different location if using a
 version of SSH that is provided by a third-party vendor) and set the value to
-&quot;no&quot;:
+"no":
 
     GSSAPIAuthentication no
 
     The SSH service must be restarted for changes to take effect.
 
     If GSSAPI authentication is required, it must be documented, to include the
-location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>93671f32-afc5-4554-9078-8b4b9a60af37</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration GSSAPIAuthentication is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73163</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87815r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030321</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72259\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not permit Generic Security Service Application\nProgram Interface (GSSAPI) authentication unless needed.\"\n  desc  \"GSSAPI authentication is used to provide additional authentication\nmechanisms to applications. Allowing GSSAPI authentication through SSH exposes\nthe system's GSSAPI to remote hosts, increasing the attack surface of the\nsystem. GSSAPI authentication must be disabled unless needed.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not permit GSSAPI authentication unless approved.\n\n    Check that the SSH daemon does not permit GSSAPI authentication with the\nfollowing command:\n\n    # grep -i gssapiauth /etc/ssh/sshd_config\n    GSSAPIAuthentication no\n\n    If the \\\"GSSAPIAuthentication\\\" keyword is missing, is set to \\\"yes\\\" and\nis not documented with the Information System Security Officer (ISSO), or the\nreturned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"GSSAPIAuthentication\\\" keyword in \\\"/etc/ssh/sshd_config\\\"\n(this file may be named differently or be in a different location if using a\nversion of SSH that is provided by a third-party vendor) and set the value to\n\\\"no\\\":\n\n    GSSAPIAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n\n    If GSSAPI authentication is required, it must be documented, to include the\nlocation of the configuration file, with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000364-GPOS-00151\"\n  tag gid: \"V-72259\"\n  tag rid: \"SV-86883r3_rule\"\n  tag stig_id: \"RHEL-07-040430\"\n  tag fix_id: \"F-78613r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('GSSAPIAuthentication') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration GSSAPIAuthentication is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73163</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87815r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030321</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the audit system takes appropriate action when there is an error sending
-audit records to a remote system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+audit records to a remote system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Taking appropriate action when there is an error sending audit records
-to a remote system will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to a remote system will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the action the operating system takes if there is an error sending
 audit records to a remote system.
 
     Check the action that takes place if there is an error sending audit
 records to a remote system with the following command:
 
-    # grep -i network_failure_action &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    network_failure_action &#x3D; syslog
+    # grep -i network_failure_action /etc/audisp/audisp-remote.conf
+    network_failure_action = syslog
 
-    If the value of the &quot;network_failure_action&quot; option is not &quot;syslog&quot;,
-&quot;single&quot;, or &quot;halt&quot;, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "network_failure_action" option is not "syslog",
+"single", or "halt", or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the action the operating system takes if there is an error
 sending audit records to a remote system.
 
-    Uncomment the &quot;network_failure_action&quot; option in
-&quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot; and set it to &quot;syslog&quot;, &quot;single&quot;, or
-&quot;halt&quot;.
-
-    network_failure_action &#x3D; syslog</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>39110cd2-01b3-4e4a-85b5-71f69669e24b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72289</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86913r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040640</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Uncomment the "network_failure_action" option in
+"/etc/audisp/audisp-remote.conf" and set it to "syslog", "single", or
+"halt".
+
+    network_failure_action = syslog</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73163\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the audit system takes appropriate action when there is an error sending\naudit records to a remote system.\"\n  desc  \"Taking appropriate action when there is an error sending audit records\nto a remote system will minimize the possibility of losing audit records.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the action the operating system takes if there is an error sending\naudit records to a remote system.\n\n    Check the action that takes place if there is an error sending audit\nrecords to a remote system with the following command:\n\n    # grep -i network_failure_action /etc/audisp/audisp-remote.conf\n    network_failure_action = syslog\n\n    If the value of the \\\"network_failure_action\\\" option is not \\\"syslog\\\",\n\\\"single\\\", or \\\"halt\\\", or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the action the operating system takes if there is an error\nsending audit records to a remote system.\n\n    Uncomment the \\\"network_failure_action\\\" option in\n\\\"/etc/audisp/audisp-remote.conf\\\" and set it to \\\"syslog\\\", \\\"single\\\", or\n\\\"halt\\\".\n\n    network_failure_action = syslog\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag gid: \"V-73163\"\n  tag rid: \"SV-87815r3_rule\"\n  tag stig_id: \"RHEL-07-030321\"\n  tag fix_id: \"F-79609r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('network_failure_action'.to_s) { should be_in ['syslog', 'single', 'halt'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72289</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86913r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040640</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent Internet
 Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect
-messages from being accepted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+messages from being accepted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages modify the
-host&#39;s route table and are unauthenticated. An illicit ICMP redirect message
-could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+host's route table and are unauthenticated. An illicit ICMP redirect message
+could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system will not accept IPv4 ICMP redirect messages.
 
-    # grep &#39;net.ipv4.conf.default.accept_redirects&#39; &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.default.accept_redirects' /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    If &quot; net.ipv4.conf.default.accept_redirects &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.default.accept_redirects " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the value of the
-&quot;accept_redirects&quot; variables with the following command:
+"accept_redirects" variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.default.accept_redirects&#39;
-    net.ipv4.conf.default.accept_redirects &#x3D; 0
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.accept_redirects'
+    net.ipv4.conf.default.accept_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to not accept IPv4 ICMP redirect messages by adding the
-following line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the
-&#x2F;etc&#x2F;sysctl.d&#x2F; directory (or modify the line to have the required value):
+following line to "/etc/sysctl.conf" or a configuration file in the
+/etc/sysctl.d/ directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.accept_redirects &#x3D; 0
+    net.ipv4.conf.default.accept_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>be1ca85d-d4a5-478e-b635-18e1dfbc5acb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.accept_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72099</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86723r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030380</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72289\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent Internet\nProtocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect\nmessages from being accepted.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages modify the\nhost's route table and are unauthenticated. An illicit ICMP redirect message\ncould result in a man-in-the-middle attack.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system will not accept IPv4 ICMP redirect messages.\n\n    # grep 'net.ipv4.conf.default.accept_redirects' /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    If \\\" net.ipv4.conf.default.accept_redirects \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the value of the\n\\\"accept_redirects\\\" variables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.accept_redirects'\n    net.ipv4.conf.default.accept_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to not accept IPv4 ICMP redirect messages by adding the\nfollowing line to \\\"/etc/sysctl.conf\\\" or a configuration file in the\n/etc/sysctl.d/ directory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.accept_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72289\"\n  tag rid: \"SV-86913r3_rule\"\n  tag stig_id: \"RHEL-07-040640\"\n  tag fix_id: \"F-78643r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.accept_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.accept_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72099</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86723r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030380</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchown syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchown syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchown&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchown" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fchown &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchown /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchown&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchown" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>998ae376-5a9d-4f44-92cd-9997eb501f9a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71943</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86567r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72099\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchown syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchown\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fchown /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchown\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72099\"\n  tag rid: \"SV-86723r5_rule\"\n  tag stig_id: \"RHEL-07-030380\"\n  tag fix_id: \"F-78451r8_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchown\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchown\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchown" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchown" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchown" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchown" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71943</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86567r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
 lock accounts for a minimum of 15 minutes after three unsuccessful logon
-attempts within a 15-minute timeframe.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+attempts within a 15-minute timeframe.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>By limiting the number of failed logon attempts, the risk of
 unauthorized system access via user password guessing, otherwise known as
-brute-forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+brute-forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check that the system locks an account for a minimum of 15 minutes after
 three unsuccessful logon attempts within a period of 15 minutes with the
 following command:
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep pam_faillock.so /etc/pam.d/password-auth
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;deny&quot; parameter is set to &quot;0&quot; or a value less than &quot;3&quot; on
-both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module, or is missing from
+    If the "deny" parameter is set to "0" or a value less than "3" on
+both "auth" lines with the "pam_faillock.so" module, or is missing from
 these lines, this is a finding.
 
-    If the &quot;even_deny_root&quot; parameter is not set on both &quot;auth&quot; lines with
-the &quot;pam_faillock.so&quot; module, or is missing from these lines, this is a
+    If the "even_deny_root" parameter is not set on both "auth" lines with
+the "pam_faillock.so" module, or is missing from these lines, this is a
 finding.
 
-    If the &quot;fail_interval&quot; parameter is set to &quot;0&quot; or is set to a value
-less than &quot;900&quot; on both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module,
+    If the "fail_interval" parameter is set to "0" or is set to a value
+less than "900" on both "auth" lines with the "pam_faillock.so" module,
 or is missing from these lines, this is a finding.
 
-    If the &quot;unlock_time&quot; parameter is not set to &quot;0&quot;, &quot;never&quot;, or is set
-to a value less than &quot;900&quot; on both &quot;auth&quot; lines with the
-&quot;pam_faillock.so&quot; module, or is missing from these lines, this is a finding.
+    If the "unlock_time" parameter is not set to "0", "never", or is set
+to a value less than "900" on both "auth" lines with the
+"pam_faillock.so" module, or is missing from these lines, this is a finding.
 
-    Note: The maximum configurable value for &quot;unlock_time&quot; is &quot;604800&quot;.
+    Note: The maximum configurable value for "unlock_time" is "604800".
 
-    If any line referencing the &quot;pam_faillock.so&quot; module is commented out,
+    If any line referencing the "pam_faillock.so" module is commented out,
 this is a finding.
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;system-auth
+    # grep pam_faillock.so /etc/pam.d/system-auth
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;deny&quot; parameter is set to &quot;0&quot; or a value less than &quot;3&quot; on
-both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module, or is missing from
+    If the "deny" parameter is set to "0" or a value less than "3" on
+both "auth" lines with the "pam_faillock.so" module, or is missing from
 these lines, this is a finding.
 
-    If the &quot;even_deny_root&quot; parameter is not set on both &quot;auth&quot; lines with
-the &quot;pam_faillock.so&quot; module, or is missing from these lines, this is a
+    If the "even_deny_root" parameter is not set on both "auth" lines with
+the "pam_faillock.so" module, or is missing from these lines, this is a
 finding.
 
-    If the &quot;fail_interval&quot; parameter is set to &quot;0&quot; or is set to a value
-less than &quot;900&quot; on both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module,
+    If the "fail_interval" parameter is set to "0" or is set to a value
+less than "900" on both "auth" lines with the "pam_faillock.so" module,
 or is missing from these lines, this is a finding.
 
-    If the &quot;unlock_time&quot; parameter is not set to &quot;0&quot;, &quot;never&quot;, or is set
-to a value less than &quot;900&quot; on both &quot;auth&quot; lines with the
-&quot;pam_faillock.so&quot; module or is missing from these lines, this is a finding.
+    If the "unlock_time" parameter is not set to "0", "never", or is set
+to a value less than "900" on both "auth" lines with the
+"pam_faillock.so" module or is missing from these lines, this is a finding.
 
-    Note: The maximum configurable value for &quot;unlock_time&quot; is &quot;604800&quot;.
-    If any line referencing the &quot;pam_faillock.so&quot; module is commented out,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    Note: The maximum configurable value for "unlock_time" is "604800".
+    If any line referencing the "pam_faillock.so" module is commented out,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to lock an account for the maximum period
 when three unsuccessful logon attempts in 15 minutes are made.
 
     Modify the first three lines of the auth section and the first line of the
-account section of the &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; files to match the following lines:
+account section of the "/etc/pam.d/system-auth" and
+"/etc/pam.d/password-auth" files to match the following lines:
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     auth sufficient pam_unix.so try_first_pass
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a8564550-b7c1-4bcf-b532-85b07e154056</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002236</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>error
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines 
-undefined local variable or method &#x60;required_rules&#39; for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDPasswordAuth_2::Lines:0x00007fb47b50fc08&gt;
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71943\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nlock accounts for a minimum of 15 minutes after three unsuccessful logon\nattempts within a 15-minute timeframe.\"\n  desc  \"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-forcing, is reduced. Limits are imposed by locking the account.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check that the system locks an account for a minimum of 15 minutes after\nthree unsuccessful logon attempts within a period of 15 minutes with the\nfollowing command:\n\n    # grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"deny\\\" parameter is set to \\\"0\\\" or a value less than \\\"3\\\" on\nboth \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module, or is missing from\nthese lines, this is a finding.\n\n    If the \\\"even_deny_root\\\" parameter is not set on both \\\"auth\\\" lines with\nthe \\\"pam_faillock.so\\\" module, or is missing from these lines, this is a\nfinding.\n\n    If the \\\"fail_interval\\\" parameter is set to \\\"0\\\" or is set to a value\nless than \\\"900\\\" on both \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module,\nor is missing from these lines, this is a finding.\n\n    If the \\\"unlock_time\\\" parameter is not set to \\\"0\\\", \\\"never\\\", or is set\nto a value less than \\\"900\\\" on both \\\"auth\\\" lines with the\n\\\"pam_faillock.so\\\" module, or is missing from these lines, this is a finding.\n\n    Note: The maximum configurable value for \\\"unlock_time\\\" is \\\"604800\\\".\n\n    If any line referencing the \\\"pam_faillock.so\\\" module is commented out,\nthis is a finding.\n\n    # grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"deny\\\" parameter is set to \\\"0\\\" or a value less than \\\"3\\\" on\nboth \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module, or is missing from\nthese lines, this is a finding.\n\n    If the \\\"even_deny_root\\\" parameter is not set on both \\\"auth\\\" lines with\nthe \\\"pam_faillock.so\\\" module, or is missing from these lines, this is a\nfinding.\n\n    If the \\\"fail_interval\\\" parameter is set to \\\"0\\\" or is set to a value\nless than \\\"900\\\" on both \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module,\nor is missing from these lines, this is a finding.\n\n    If the \\\"unlock_time\\\" parameter is not set to \\\"0\\\", \\\"never\\\", or is set\nto a value less than \\\"900\\\" on both \\\"auth\\\" lines with the\n\\\"pam_faillock.so\\\" module or is missing from these lines, this is a finding.\n\n    Note: The maximum configurable value for \\\"unlock_time\\\" is \\\"604800\\\".\n    If any line referencing the \\\"pam_faillock.so\\\" module is commented out,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to lock an account for the maximum period\nwhen three unsuccessful logon attempts in 15 minutes are made.\n\n    Modify the first three lines of the auth section and the first line of the\naccount section of the \\\"/etc/pam.d/system-auth\\\" and\n\\\"/etc/pam.d/password-auth\\\" files to match the following lines:\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth sufficient pam_unix.so try_first_pass\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000329-GPOS-00128\"\n  tag satisfies: [\"SRG-OS-000329-GPOS-00128\", \"SRG-OS-000021-GPOS-00005\"]\n  tag gid: \"V-71943\"\n  tag rid: \"SV-86567r5_rule\"\n  tag stig_id: \"RHEL-07-010320\"\n  tag fix_id: \"F-78295r5_fix\"\n  tag cci: [\"CCI-000044\", \"CCI-002236\", \"CCI-002237\", \"CCI-002238\"]\n  tag nist: [\"AC-7 a\", \"AC-7 b\", \"AC-7 b\", \"AC-7 b\", \"Rev_4\"]\n\n  unsuccessful_attempts = input('unsuccessful_attempts')\n  fail_interval = input('fail_interval')\n  lockout_time = input('lockout_time')\n\n  describe pam('/etc/pam.d/password-auth') do\n    its('lines') {\n      should match_pam_rules(required_rules).exactly.or \\\n             match_pam_rules(alternate_rules).exactly\n    }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('deny', '&lt;=', unsuccessful_attempts) }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('fail_interval', '&lt;=', fail_interval) }\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n            (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&lt;=', 604800).and \\\n             match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&gt;=', lockout_time))\n    }\n  end\n\n  describe pam('/etc/pam.d/system-auth') do\n    its('lines') {\n      should match_pam_rules(required_rules).exactly.or \\\n             match_pam_rules(alternate_rules).exactly\n    }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('deny', '&lt;=', unsuccessful_attempts) }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('fail_interval', '&lt;=', fail_interval) }\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n            (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&lt;=', 604800).and \\\n             match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&gt;=', lockout_time))\n    }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002236</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/password-auth] lines  :: MESSAGE undefined local variable or method `required_rules' for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDPasswordAuth_2::Lines:0x00007fb47b50fc08&gt;
 Did you mean?  require_relative
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg deny &lt;&#x3D; 3
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg deny &lt;= 3
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg fail_interval &lt;&#x3D; 900
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg fail_interval &lt;= 900
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with args unlock_time&#x3D;(0|never) or include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &lt;&#x3D; 604800 and include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &gt;&#x3D; 604800
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with arg unlock_time &lt;= 604800 and include auth [default=die]|required pam_faillock.so, all with arg unlock_time &gt;= 604800
 --------------------------------
-error
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines 
-undefined local variable or method &#x60;required_rules&#39; for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDSystemAuth_2::Lines:0x00007fb47b5e4250&gt;
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines  :: MESSAGE undefined local variable or method `required_rules' for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDSystemAuth_2::Lines:0x00007fb47b5e4250&gt;
 Did you mean?  require_relative
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg deny &lt;&#x3D; 3
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg fail_interval &lt;&#x3D; 900
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with args unlock_time&#x3D;(0|never) or include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &lt;&#x3D; 604800 and include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &gt;&#x3D; 604800</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73155</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87807r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010081</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg deny &lt;= 3
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg fail_interval &lt;= 900
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with arg unlock_time &lt;= 604800 and include auth [default=die]|required pam_faillock.so, all with arg unlock_time &gt;= 604800</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73155</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87807r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010081</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
-  overriding the screensaver lock-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+  overriding the screensaver lock-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
   work and moves away from the immediate physical vicinity of the information
   system but does not log out because of the temporary nature of the absence.
   Rather than relying on the user to manually lock their operating system session
   prior to vacating the vicinity, operating systems need to be able to identify
-  when a user&#39;s session has idled and take action to initiate the session lock.
+  when a user's session has idled and take action to initiate the session lock.
 
       The session lock is implemented at the point where session activity can be
-  determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+  determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding a screensaver
 lock after a 15-minute period of inactivity for graphical user interfaces.
 
@@ -6500,24 +6232,24 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the lock delay setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i lock-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i lock-delay /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-delay
+    /org/gnome/desktop/screensaver/lock-delay
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a
 screensaver lock after a 15-minute period of inactivity for graphical user
 interfaces.
@@ -6525,139 +6257,134 @@ interfaces.
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in "/etc/dconf/profile/user", the
 file should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the screensaver lock delay:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-delay</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ecc53cdf-1fb7-42e2-bf30-d2707b8cfa15</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86851r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040180</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/screensaver/lock-delay</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-73155\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\n  overriding the screensaver lock-delay setting for the graphical user interface.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\n  work and moves away from the immediate physical vicinity of the information\n  system but does not log out because of the temporary nature of the absence.\n  Rather than relying on the user to manually lock their operating system session\n  prior to vacating the vicinity, operating systems need to be able to identify\n  when a user's session has idled and take action to initiate the session lock.\n\n      The session lock is implemented at the point where session activity can be\n  determined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding a screensaver\n  lock after a 15-minute period of inactivity for graphical user interfaces.\n\n      Note: If the system does not have GNOME installed, this requirement is Not\n  Applicable. The screen program must be installed to lock sessions on the\n  console.\n\n      Determine which profile the system database is using with the following\n  command:\n      # grep system-db /etc/dconf/profile/user\n\n      system-db:local\n\n      Check for the lock delay setting with the following command:\n\n      Note: The example below is using the database \\\"local\\\" for the system, so\n  the path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\n  other than \\\"local\\\" is being used.\n\n      # grep -i lock-delay /etc/dconf/db/local.d/locks/*\n\n      /org/gnome/desktop/screensaver/lock-delay\n\n      If the command does not return a result, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a\n    screensaver lock after a 15-minute period of inactivity for graphical user\n    interfaces.\n\n        Create a database to contain the system-wide screensaver settings (if it\n    does not already exist) with the following command:\n\n        Note: The example below is using the database \\\"local\\\" for the system, so\n    if the system is using another database in \\\"/etc/dconf/profile/user\\\", the\n    file should be created under the appropriate subdirectory.\n\n        # touch /etc/dconf/db/local.d/locks/session\n\n        Add the setting to lock the screensaver lock delay:\n\n        /org/gnome/desktop/screensaver/lock-delay\n  \"\n\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-73155\"\n  tag rid: \"SV-87807r4_rule\"\n  tag stig_id: \"RHEL-07-010081\"\n  tag fix_id: \"F-79601r2_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n    unless package('gnome-desktop3').installed?\n      impact 0.0\n      describe \"The GNOME desktop is not installed\" do\n        skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n      end\n    else\n      describe command(\"gsettings writable org.gnome.desktop.screensaver lock-delay\") do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86851r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040180</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
 cryptography to protect the integrity of Lightweight Directory Access Protocol
-(LDAP) authentication communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(LDAP) authentication communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, information can be
 altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If LDAP is not being utilized, this requirement is Not Applicable.
 
     Verify the operating system implements cryptography to protect the
@@ -6668,534 +6395,487 @@ command:
 
     # systemctl status sssd.service
     sssd.service - System Security Services Daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sssd.service; enabled; vendor
+    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
 preset: disabled)
     Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago
 
-    If the &quot;sssd.service&quot; is &quot;active&quot;, then LDAP is being used.
+    If the "sssd.service" is "active", then LDAP is being used.
 
-    Determine the &quot;id_provider&quot; the LDAP is currently using:
+    Determine the "id_provider" the LDAP is currently using:
 
-    # grep -i &quot;id_provider&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i "id_provider" /etc/sssd/sssd.conf
 
-    id_provider &#x3D; ad
+    id_provider = ad
 
-    If &quot;id_provider&quot; is set to &quot;ad&quot;, this is Not Applicable.
+    If "id_provider" is set to "ad", this is Not Applicable.
 
     Ensure that LDAP is configured to use TLS by using the following command:
 
-    # grep -i &quot;start_tls&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
-    ldap_id_use_start_tls &#x3D; true
+    # grep -i "start_tls" /etc/sssd/sssd.conf
+    ldap_id_use_start_tls = true
 
-    If the &quot;ldap_id_use_start_tls&quot; option is not &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "ldap_id_use_start_tls" option is not "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement cryptography to protect the
 integrity of LDAP authentication sessions.
 
-    Add or modify the following line in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot;:
-
-    ldap_id_use_start_tls &#x3D; true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8e499bd5-9759-4bc9-8e5c-884ab915e2e1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-LDAP not enabled
-LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72317</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86941r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040820</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the following line in "/etc/sssd/sssd.conf":
+
+    ldap_id_use_start_tls = true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72227\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncryptography to protect the integrity of Lightweight Directory Access Protocol\n(LDAP) authentication communications.\"\n  desc  \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If LDAP is not being utilized, this requirement is Not Applicable.\n\n    Verify the operating system implements cryptography to protect the\nintegrity of remote LDAP authentication sessions.\n\n    To determine if LDAP is being used for authentication, use the following\ncommand:\n\n    # systemctl status sssd.service\n    sssd.service - System Security Services Daemon\n    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor\npreset: disabled)\n    Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago\n\n    If the \\\"sssd.service\\\" is \\\"active\\\", then LDAP is being used.\n\n    Determine the \\\"id_provider\\\" the LDAP is currently using:\n\n    # grep -i \\\"id_provider\\\" /etc/sssd/sssd.conf\n\n    id_provider = ad\n\n    If \\\"id_provider\\\" is set to \\\"ad\\\", this is Not Applicable.\n\n    Ensure that LDAP is configured to use TLS by using the following command:\n\n    # grep -i \\\"start_tls\\\" /etc/sssd/sssd.conf\n    ldap_id_use_start_tls = true\n\n    If the \\\"ldap_id_use_start_tls\\\" option is not \\\"true\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement cryptography to protect the\nintegrity of LDAP authentication sessions.\n\n    Add or modify the following line in \\\"/etc/sssd/sssd.conf\\\":\n\n    ldap_id_use_start_tls = true\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72227\"\n  tag rid: \"SV-86851r4_rule\"\n  tag stig_id: \"RHEL-07-040180\"\n  tag fix_id: \"F-78581r2_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  sssd_id_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*id_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  pam_ldap_enabled = (!command('grep \"^[^#]*pam_ldap\\.so\" /etc/pam.d/*').stdout.strip.empty?)\n\n  if !(sssd_id_ldap_enabled or pam_ldap_enabled)\n    impact 0.0\n    describe \"LDAP not enabled\" do\n      skip \"LDAP not enabled using any known mechanisms, this control is Not Applicable.\"\n    end\n  end\n\n  if sssd_id_ldap_enabled\n    ldap_id_use_start_tls = command('grep ldap_id_use_start_tls /etc/sssd/sssd.conf')\n    describe ldap_id_use_start_tls do\n      its('stdout.strip') { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n    end\n\n    ldap_id_use_start_tls.stdout.strip.each_line do |line|\n      describe line do\n        it { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n      end\n    end\n  end\n\n  if pam_ldap_enabled\n    describe command('grep -i ssl /etc/pam_ldap.conf') do\n      its('stdout.strip') { should match %r{^ssl start_tls$}}\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST LDAP not enabled :: SKIP_MESSAGE LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72317</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86941r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040820</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have
-unauthorized IP tunnels configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unauthorized IP tunnels configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>IP tunneling mechanisms can be used to bypass network filtering. If
 tunneling is required, it must be documented with the Information System
-Security Officer (ISSO).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Security Officer (ISSO).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not have unauthorized IP tunnels configured.
 
-    Check to see if &quot;libreswan&quot; is installed with the following command:
+    Check to see if "libreswan" is installed with the following command:
 
     # yum list installed libreswan
     libreswan.x86-64 3.20-5.el7_4
 
-    If &quot;libreswan&quot; is installed, check to see if the &quot;IPsec&quot; service is
+    If "libreswan" is installed, check to see if the "IPsec" service is
 active with the following command:
 
     # systemctl status ipsec
     ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;ipsec.service; disabled)
+    Loaded: loaded (/usr/lib/systemd/system/ipsec.service; disabled)
     Active: inactive (dead)
 
-    If the &quot;IPsec&quot; service is active, check to see if any tunnels are
-configured in &quot;&#x2F;etc&#x2F;ipsec.conf&quot; and &quot;&#x2F;etc&#x2F;ipsec.d&#x2F;&quot; with the following
+    If the "IPsec" service is active, check to see if any tunnels are
+configured in "/etc/ipsec.conf" and "/etc/ipsec.d/" with the following
 commands:
 
-    # grep -iw conn &#x2F;etc&#x2F;ipsec.conf &#x2F;etc&#x2F;ipsec.d&#x2F;*.conf
+    # grep -iw conn /etc/ipsec.conf /etc/ipsec.d/*.conf
 
-    If there are indications that a &quot;conn&quot; parameter is configured for a
+    If there are indications that a "conn" parameter is configured for a
 tunnel, ask the System Administrator if the tunnel is documented with the ISSO.
 
-    If &quot;libreswan&quot; is installed, &quot;IPsec&quot; is active, and an undocumented
-tunnel is active, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "libreswan" is installed, "IPsec" is active, and an undocumented
+tunnel is active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remove all unapproved tunnels from the system, or document them
-with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10981dff-0b39-49b4-ad8d-013f02028c21</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have libreswan installed or the ipsec.service isn&#39;t running
-The system does not have libreswan installed or the ipsec.service isn&#39;t running, this requirement is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71937</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86561r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010290</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72317\" do\n  title \"The Red Hat Enterprise Linux operating system must not have\nunauthorized IP tunnels configured.\"\n  desc  \"IP tunneling mechanisms can be used to bypass network filtering. If\ntunneling is required, it must be documented with the Information System\nSecurity Officer (ISSO).\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not have unauthorized IP tunnels configured.\n\n    Check to see if \\\"libreswan\\\" is installed with the following command:\n\n    # yum list installed libreswan\n    libreswan.x86-64 3.20-5.el7_4\n\n    If \\\"libreswan\\\" is installed, check to see if the \\\"IPsec\\\" service is\nactive with the following command:\n\n    # systemctl status ipsec\n    ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec\n    Loaded: loaded (/usr/lib/systemd/system/ipsec.service; disabled)\n    Active: inactive (dead)\n\n    If the \\\"IPsec\\\" service is active, check to see if any tunnels are\nconfigured in \\\"/etc/ipsec.conf\\\" and \\\"/etc/ipsec.d/\\\" with the following\ncommands:\n\n    # grep -iw conn /etc/ipsec.conf /etc/ipsec.d/*.conf\n\n    If there are indications that a \\\"conn\\\" parameter is configured for a\ntunnel, ask the System Administrator if the tunnel is documented with the ISSO.\n\n    If \\\"libreswan\\\" is installed, \\\"IPsec\\\" is active, and an undocumented\ntunnel is active, this is a finding.\n  \"\n  desc  \"fix\", \"Remove all unapproved tunnels from the system, or document them\nwith the ISSO.\"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72317\"\n  tag rid: \"SV-86941r2_rule\"\n  tag stig_id: \"RHEL-07-040820\"\n  tag fix_id: \"F-78671r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  approved_tunnels = input('approved_tunnels')\n\n  if package('libreswan').installed? &amp;&amp; service('ipsec.service').running?\n    impact 0.5\n    processed = []\n    to_process = ['/etc/ipsec.conf']\n\n    while !to_process.empty?\n      in_process = to_process.pop\n      next if processed.include? in_process\n      processed.push in_process\n\n      to_process.concat(\n        command(\"grep -E '^\\\\s*include\\\\s+' #{in_process} | sed 's/^[[:space:]]*include[[:space:]]*//g'\").\n          stdout.strip.split(%r{\\s*\\n+\\s*}).\n          map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n          map { |f|\n            dir = f.sub(%r{[^/]*[\\*\\?\\[].*$}, '') # gets the longest ancestor path which doesn't contain wildcards\n            command(\"find #{dir} -wholename '#{f}'\").stdout.strip.split(\"\\n\")\n          }.\n          flatten.\n          select { |f| file(f).file? }\n      )\n    end\n\n    conn_grep = processed.map do |conf|\n      command(\"grep -E '^\\\\s*conn\\\\s+' #{conf}\").\n        stdout.strip.split(%r{\\s*\\n\\s*})\n    end.flatten\n\n    describe conn_grep do\n      it { should all(be_in approved_tunnels) }\n    end\n  else\n    impact 0.0\n    describe \"The system does not have libreswan installed or the ipsec.service isn't running\" do\n      skip \"The system does not have libreswan installed or the ipsec.service isn't running, this requirement is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have libreswan installed or the ipsec.service isn't running :: SKIP_MESSAGE The system does not have libreswan installed or the ipsec.service isn't running, this requirement is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71937</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86561r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010290</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have accounts
-configured with blank or null passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+configured with blank or null passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an account has an empty password, anyone could log on and run
 commands with the privileges of that account. Accounts with empty passwords
-should never be used in operational environments.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+should never be used in operational environments.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To verify that null passwords cannot be used, run the following command:
 
-    # grep nullok &#x2F;etc&#x2F;pam.d&#x2F;system-auth &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep nullok /etc/pam.d/system-auth /etc/pam.d/password-auth
 
     If this produces any output, it may be possible to log on with accounts
 with empty passwords.
 
-    If null passwords can be used, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If null passwords can be used, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an account is configured for password authentication but does not have
 an assigned password, it may be possible to log on to the account without
 authenticating.
 
-    Remove any instances of the &quot;nullok&quot; option in &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot;
-and &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; to prevent logons with empty passwords.
+    Remove any instances of the "nullok" option in "/etc/pam.d/system-auth"
+and "/etc/pam.d/password-auth" to prevent logons with empty passwords.
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>aec1ac5c-f3cb-4501-8fdf-4d84868041c2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;config-util] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;other] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;chfn] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;chsh] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;login] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;remote] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;runuser] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;runuser-l] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;su] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;su-l] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;systemd-user] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;polkit-1] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;crond] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;rhn_register] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;subscription-manager] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sshd] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;smtp.postfix] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;smtp] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;vlock] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sudo] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sudo-i] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;fingerprint-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;smartcard-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;atd] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sssd-shadowutils] lines is expected to include .* .* pam_unix.so, all without args nullok
-expected &quot;auth [success&#x3D;done ignore&#x3D;ignore default&#x3D;die] pam_unix.so nullok try_first_pass\naccount required pam_unix.so&quot; to include .* .* pam_unix.so, all without args nullok
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71937\" do\n  title \"The Red Hat Enterprise Linux operating system must not have accounts\nconfigured with blank or null passwords.\"\n  desc  \"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    To verify that null passwords cannot be used, run the following command:\n\n    # grep nullok /etc/pam.d/system-auth /etc/pam.d/password-auth\n\n    If this produces any output, it may be possible to log on with accounts\nwith empty passwords.\n\n    If null passwords can be used, this is a finding.\n  \"\n  desc  \"fix\", \"\n    If an account is configured for password authentication but does not have\nan assigned password, it may be possible to log on to the account without\nauthenticating.\n\n    Remove any instances of the \\\"nullok\\\" option in \\\"/etc/pam.d/system-auth\\\"\nand \\\"/etc/pam.d/password-auth\\\" to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71937\"\n  tag rid: \"SV-86561r3_rule\"\n  tag stig_id: \"RHEL-07-010290\"\n  tag fix_id: \"F-78289r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  # Fetch all files under /etc/pam.d excluding '*-ac' files\n  # but including symlinks\n  pam_file_list = command('find /etc/pam.d ! -name \\'*-ac\\' -a \\( -type f -o -type l \\)').stdout.strip.split\n\n  pam_file_list.each do |pam_file|\n    describe pam(pam_file) do\n      its('lines') { should match_pam_rule('.* .* pam_unix.so').all_without_args('nullok') }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/config-util] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/other] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/chfn] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/chsh] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/login] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/remote] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/runuser] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/runuser-l] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/su] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/su-l] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/systemd-user] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/polkit-1] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/crond] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/rhn_register] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/subscription-manager] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sshd] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/smtp.postfix] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/smtp] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/vlock] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sudo] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sudo-i] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/fingerprint-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/smartcard-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/atd] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sssd-shadowutils] lines is expected to include .* .* pam_unix.so, all without args nullok :: MESSAGE expected "auth [success=done ignore=ignore default=die] pam_unix.so nullok try_first_pass\naccount required pam_unix.so" to include .* .* pam_unix.so, all without args nullok
 Diff:
 @@ -1,2 +1,3 @@
 -.* .* pam_unix.so
-+auth [success&#x3D;done ignore&#x3D;ignore default&#x3D;die] pam_unix.so nullok try_first_pass
++auth [success=done ignore=ignore default=die] pam_unix.so nullok try_first_pass
 +account required pam_unix.so
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;screen] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;postlogin] lines is expected to include .* .* pam_unix.so, all without args nullok</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-78995</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93701r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010062</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+passed :: TEST PAM Config[/etc/pam.d/screen] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/password-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/postlogin] lines is expected to include .* .* pam_unix.so, all without args nullok</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-78995</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93701r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010062</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
 overriding the screensaver lock-enabled setting for the graphical user
-interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session lock is a temporary action taken when a user stops work and
 moves away from the immediate physical vicinity of the information system but
 does not want to log out because of the temporary nature of the absence.
@@ -7203,17 +6883,17 @@ does not want to log out because of the temporary nature of the absence.
     The session lock is implemented at the point where session activity can be
 determined.
 
-    The ability to enable&#x2F;disable a session lock is given to the user by
-default. Disabling the users ability to disengage the graphical user interface
+    The ability to enable/disable a session lock is given to the user by
+default. Disabling the user’s ability to disengage the graphical user interface
 session lock provides the assurance that all sessions will lock after the
-specified period of time.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+specified period of time.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding the screensaver
 lock-enabled setting for the graphical user interface.
 
@@ -7223,24 +6903,24 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the lock-enabled setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i lock-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i lock-enabled /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-enabled
+    /org/gnome/desktop/screensaver/lock-enabled
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a
 screensaver lock after a 15-minute period of inactivity for graphical user
 interfaces.
@@ -7248,290 +6928,278 @@ interfaces.
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in "/etc/dconf/profile/user", the
 file should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the screensaver lock-enabled setting:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-enabled</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f4a23e63-4c7c-47e6-9dc1-8ab9198a4a7d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72137</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86761r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030570</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/screensaver/lock-enabled</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-78995\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\noverriding the screensaver lock-enabled setting for the graphical user\ninterface.\"\n  desc  \"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    The ability to enable/disable a session lock is given to the user by\ndefault. Disabling the user’s ability to disengage the graphical user interface\nsession lock provides the assurance that all sessions will lock after the\nspecified period of time.\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding the screensaver\nlock-enabled setting for the graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    Determine which profile the system database is using with the following\ncommand:\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check for the lock-enabled setting with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nthe path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\nother than \\\"local\\\" is being used.\n\n    # grep -i lock-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n    If the command does not return a result, this is a finding.\n\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a\nscreensaver lock after a 15-minute period of inactivity for graphical user\ninterfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nif the system is using another database in \\\"/etc/dconf/profile/user\\\", the\nfile should be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/locks/session\n\n    Add the setting to lock the screensaver lock-enabled setting:\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-78995\"\n  tag rid: \"SV-93701r3_rule\"\n  tag stig_id: \"RHEL-07-010062\"\n  tag fix_id: \"F-85745r1_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command(\"gsettings writable org.gnome.desktop.screensaver lock-enabled\") do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    impact 0.0\n    describe \"The GNOME desktop is not installed\" do\n      skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n    end\n  end  \nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72137</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86761r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030570</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the setsebool command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the setsebool command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setsebool&quot; command occur.
+successful/unsuccessful attempts to use the "setsebool" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;sbin&#x2F;setsebool &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/sbin/setsebool /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setsebool -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-priv_change
+    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setsebool&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setsebool -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-priv_change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4f0a51f0-e221-4a15-9857-910dcdd855e0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setsebool&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setsebool&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86633r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "setsebool" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-priv_change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72137\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe setsebool command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"setsebool\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/sbin/setsebool /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"setsebool\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72137\"\n  tag rid: \"SV-86761r4_rule\"\n  tag stig_id: \"RHEL-07-030570\"\n  tag fix_id: \"F-78489r6_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n  \n  audit_file = '/usr/sbin/setsebool'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/setsebool" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/setsebool" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86633r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all files and directories have a valid group owner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all files and directories have a valid group owner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Files without a valid group owner may be unintentionally inherited if
 a group is assigned the same Group Identifier (GID) as the GID of the files
-without a valid group owner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+without a valid group owner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories on the system have a valid group.
 
     Check the owner of all files and directories with the following command:
@@ -7539,162 +7207,150 @@ without a valid group owner.</ATTRIBUTE_DATA>
     Note: The value after -fstype must be replaced with the filesystem type.
 XFS is used as an example.
 
-    # find &#x2F; -fstype xfs -nogroup
+    # find / -fstype xfs -nogroup
 
-    If any files on the system do not have an assigned group, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any files on the system do not have an assigned group, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Either remove all files and directories from the system that do not have a
 valid group, or assign a valid group to all files and directories on the system
-with the &quot;chgrp&quot; command:
-
-    # chgrp &lt;group&gt; &lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>30ebf580-30d2-44ea-95d8-cc04adfb00e6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -fstype xfs -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext3 -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext2 -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext4 -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype msdos -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype vfat -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype btrfs -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype fuseblk -nogroup&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73157</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87809r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010082</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+with the "chgrp" command:
+
+    # chgrp &lt;group&gt; &lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72009\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories have a valid group owner.\"\n  desc  \"Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories on the system have a valid group.\n\n    Check the owner of all files and directories with the following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    # find / -fstype xfs -nogroup\n\n    If any files on the system do not have an assigned group, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Either remove all files and directories from the system that do not have a\nvalid group, or assign a valid group to all files and directories on the system\nwith the \\\"chgrp\\\" command:\n\n    # chgrp &lt;group&gt; &lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72009\"\n  tag rid: \"SV-86633r3_rule\"\n  tag stig_id: \"RHEL-07-020330\"\n  tag fix_id: \"F-78361r1_fix\"\n  tag cci: [\"CCI-002165\"]\n  tag nist: [\"AC-3 (4)\", \"Rev_4\"]\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'').\n    stdout.strip.split(\"\\n\").each do |fs|\n      describe command(\"find / -xautofs -fstype #{fs} -nogroup\") do\n        its('stdout.strip') { should be_empty }\n      end\n    end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -fstype xfs -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext3 -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext2 -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext4 -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype msdos -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype vfat -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype btrfs -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype fuseblk -nogroup` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73157</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87809r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010082</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
-overriding the session idle-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+overriding the session idle-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding session idle
 delay after a 15-minute period of inactivity for graphical user interfaces.
 
@@ -7704,675 +7360,641 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the session idle delay setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i idle-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i idle-delay /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;session&#x2F;idle-delay
+    /org/gnome/desktop/session/idle-delay
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a session
 lock after a 15-minute period of inactivity for graphical user interfaces.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user, the file
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in /etc/dconf/profile/user, the file
 should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the session idle delay:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;session&#x2F;idle-delay</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>cc608fa5-3a11-4483-a97d-c86af1745420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72097</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86721r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030370</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/session/idle-delay</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-73157\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\noverriding the session idle-delay setting for the graphical user interface.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding session idle\ndelay after a 15-minute period of inactivity for graphical user interfaces.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    Determine which profile the system database is using with the following\ncommand:\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check for the session idle delay setting with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nthe path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\nother than \\\"local\\\" is being used.\n\n    # grep -i idle-delay /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/session/idle-delay\n\n    If the command does not return a result, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a session\nlock after a 15-minute period of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nif the system is using another database in /etc/dconf/profile/user, the file\nshould be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/locks/session\n\n    Add the setting to lock the session idle delay:\n\n    /org/gnome/desktop/session/idle-delay\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-73157\"\n  tag rid: \"SV-87809r4_rule\"\n  tag stig_id: \"RHEL-07-010082\"\n  tag fix_id: \"F-79603r1_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  unless package('gnome-desktop3').installed?\n    impact 0.0\n    describe \"The GNOME desktop is not installed\" do\n      skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n    end\n  else\n    describe command(\"gsettings writable org.gnome.desktop.session idle-delay\") do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72097</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86721r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030370</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chown syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chown syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chown&quot; syscall occur.
+successful/unsuccessful attempts to use the "chown" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw chown &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw chown /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;chown&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"chown" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>06ad62a9-8c00-4372-99f3-785c7df14315</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72075</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86699r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72097\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chown syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chown\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw chown /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"chown\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72097\"\n  tag rid: \"SV-86721r5_rule\"\n  tag stig_id: \"RHEL-07-030370\"\n  tag fix_id: \"F-78449r8_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"chown\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"chown\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "chown" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chown" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chown" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chown" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72075</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86699r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow removable
-media to be used as the boot loader unless approved.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+media to be used as the boot loader unless approved.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Malicious users with removable boot media can gain access to a system
 configured to use removable media as the boot loader. If removable media is
 designed to be used as the boot loader, the requirement must be documented with
-the Information System Security Officer (ISSO).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+the Information System Security Officer (ISSO).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system is not configured to use a boot loader on removable media.
 
-    Note: GRUB 2 reads its configuration from the &quot;&#x2F;boot&#x2F;grub2&#x2F;grub.cfg&quot; file
+    Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file
 on traditional BIOS-based machines and from the
-&quot;&#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg&quot; file on UEFI machines.
+"/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 
     Check for the existence of alternate boot loader configuration files with
 the following command:
 
-    # find &#x2F; -name grub.cfg
-    &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # find / -name grub.cfg
+    /boot/grub2/grub.cfg
 
-    If a &quot;grub.cfg&quot; is found in any subdirectories other than &quot;&#x2F;boot&#x2F;grub2&quot;
-and &quot;&#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&quot;, ask the System Administrator if there is
+    If a "grub.cfg" is found in any subdirectories other than "/boot/grub2"
+and "/boot/efi/EFI/redhat", ask the System Administrator if there is
 documentation signed by the ISSO to approve the use of removable media as a
 boot loader.
 
     Check that the grub configuration file has the set root command in each
 menu entry with the following commands:
 
-    # grep -c menuentry &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # grep -c menuentry /boot/grub2/grub.cfg
     1
-    # grep &#39;set root&#39; &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
-    set root&#x3D;(hd0,1)
+    # grep 'set root' /boot/grub2/grub.cfg
+    set root=(hd0,1)
 
     If the system is using an alternate boot loader on removable media, and
 documentation does not exist approving the alternate configuration, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remove alternate methods of booting the system from removable
-media or document the configuration to boot from removable media with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f283d816-f11f-4a9c-be5f-0bcf7e47fa48</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist
-expected File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
---------------------------------
-passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-expected &quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot; to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
+media or document the configuration to boot from removable media with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72075\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow removable\nmedia to be used as the boot loader unless approved.\"\n  desc  \"Malicious users with removable boot media can gain access to a system\nconfigured to use removable media as the boot loader. If removable media is\ndesigned to be used as the boot loader, the requirement must be documented with\nthe Information System Security Officer (ISSO).\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system is not configured to use a boot loader on removable media.\n\n    Note: GRUB 2 reads its configuration from the \\\"/boot/grub2/grub.cfg\\\" file\non traditional BIOS-based machines and from the\n\\\"/boot/efi/EFI/redhat/grub.cfg\\\" file on UEFI machines.\n\n    Check for the existence of alternate boot loader configuration files with\nthe following command:\n\n    # find / -name grub.cfg\n    /boot/grub2/grub.cfg\n\n    If a \\\"grub.cfg\\\" is found in any subdirectories other than \\\"/boot/grub2\\\"\nand \\\"/boot/efi/EFI/redhat\\\", ask the System Administrator if there is\ndocumentation signed by the ISSO to approve the use of removable media as a\nboot loader.\n\n    Check that the grub configuration file has the set root command in each\nmenu entry with the following commands:\n\n    # grep -c menuentry /boot/grub2/grub.cfg\n    1\n    # grep 'set root' /boot/grub2/grub.cfg\n    set root=(hd0,1)\n\n    If the system is using an alternate boot loader on removable media, and\ndocumentation does not exist approving the alternate configuration, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Remove alternate methods of booting the system from removable\nmedia or document the configuration to boot from removable media with the ISSO.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000364-GPOS-00151\"\n  tag gid: \"V-72075\"\n  tag rid: \"SV-86699r2_rule\"\n  tag stig_id: \"RHEL-07-021700\"\n  tag fix_id: \"F-78427r1_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  roots = command('grubby --info=ALL | grep \"^root=\" | sed \"s/^root=//g\"').\n    stdout.strip.split(\"\\n\")\n\n  blocks = roots.map { |root|\n    root_file = file(root)\n    root_file.symlink? ? root_file.link_path : root_file.path\n  }\n\n  blocks.each { |block|\n    block_file = file(block)\n    describe block_file do\n      it { should exist }\n      its('path') { should match %r{^/dev/} }\n    end\n\n    if block_file.exist? and block_file.path.match? %r{^/dev/}\n      removable = ['/sys/block', block.sub(%r{^/dev/}, ''), 'removable'].join('/')\n      describe file(removable) do\n        it { should exist }\n        its('content.strip') { should eq '0' }\n      end\n    end\n  }\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist :: MESSAGE expected File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
+--------------------------------
+passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match /^\/dev\// :: MESSAGE expected "UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033" to match /^\/dev\//
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-+&quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot;
+-/^\/dev\//
++"UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033"
 
 --------------------------------
-passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist
-expected File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
+passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist :: MESSAGE expected File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
 --------------------------------
-passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-expected &quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot; to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
+passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match /^\/dev\// :: MESSAGE expected "UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033" to match /^\/dev\//
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-+&quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot;
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72179</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86803r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030780</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+-/^\/dev\//
++"UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72179</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86803r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030780</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the ssh-keysign command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the ssh-keysign command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged ssh commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ssh-keysign&quot; command occur.
+successful/unsuccessful attempts to use the "ssh-keysign" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/libexec/openssh/ssh-keysign /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-ssh
+    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-ssh
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ssh-keysign&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-ssh
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>96d1af51-9d72-40ba-a709-3279c4c5e3b9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72305</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86929r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040720</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "ssh-keysign" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-ssh
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72179\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe ssh-keysign command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged ssh commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"ssh-keysign\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/libexec/openssh/ssh-keysign /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-ssh\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"ssh-keysign\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72179\"\n  tag rid: \"SV-86803r3_rule\"\n  tag stig_id: \"RHEL-07-030780\"\n  tag fix_id: \"F-78533r4_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/libexec/openssh/ssh-keysign'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/libexec/openssh/ssh-keysign" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/libexec/openssh/ssh-keysign" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72305</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86929r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040720</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that if the Trivial File Transfer Protocol (TFTP) server is required, the TFTP
-daemon is configured to operate in secure mode.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+daemon is configured to operate in secure mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Restricting TFTP to a specific directory prevents remote users from
-copying, transferring, or overwriting system files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+copying, transferring, or overwriting system files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the TFTP daemon is configured to operate in secure mode.
 
     Check to see if a TFTP server has been installed with the following
@@ -8386,128 +8008,123 @@ commands:
     If a TFTP server is installed, check for the server arguments with the
 following command:
 
-    # grep server_args &#x2F;etc&#x2F;xinetd.d&#x2F;tftp
-    server_args &#x3D; -s &#x2F;var&#x2F;lib&#x2F;tftpboot
+    # grep server_args /etc/xinetd.d/tftp
+    server_args = -s /var/lib/tftpboot
 
-    If the &quot;server_args&quot; line does not have a &quot;-s&quot; option and a
-subdirectory is not assigned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "server_args" line does not have a "-s" option and a
+subdirectory is not assigned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the TFTP daemon to operate in secure mode by adding the following
-line to &quot;&#x2F;etc&#x2F;xinetd.d&#x2F;tftp&quot; (or modify the line to have the required value):
-
-    server_args &#x3D; -s &#x2F;var&#x2F;lib&#x2F;tftpboot</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>598f15a9-f64d-47b4-8a9a-2e07440d4d83</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The TFTP package is not installed
-If a TFTP server is not installed, this is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71913</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86537r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010170</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+line to "/etc/xinetd.d/tftp" (or modify the line to have the required value):
+
+    server_args = -s /var/lib/tftpboot</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72305\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat if the Trivial File Transfer Protocol (TFTP) server is required, the TFTP\ndaemon is configured to operate in secure mode.\"\n  desc  \"Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the TFTP daemon is configured to operate in secure mode.\n\n    Check to see if a TFTP server has been installed with the following\ncommands:\n\n    # yum list installed tftp-server\n    tftp-server.x86_64 x.x-x.el7 rhel-7-server-rpms\n\n    If a TFTP server is not installed, this is Not Applicable.\n\n    If a TFTP server is installed, check for the server arguments with the\nfollowing command:\n\n    # grep server_args /etc/xinetd.d/tftp\n    server_args = -s /var/lib/tftpboot\n\n    If the \\\"server_args\\\" line does not have a \\\"-s\\\" option and a\nsubdirectory is not assigned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the TFTP daemon to operate in secure mode by adding the following\nline to \\\"/etc/xinetd.d/tftp\\\" (or modify the line to have the required value):\n\n    server_args = -s /var/lib/tftpboot\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72305\"\n  tag rid: \"SV-86929r3_rule\"\n  tag stig_id: \"RHEL-07-040720\"\n  tag fix_id: \"F-78659r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  if package('tftp-server').installed?\n    impact 0.5\n    describe command('grep server_args /etc/xinetd.d/tftp') do\n      its('stdout.strip') { should match %r{^\\s*server_args\\s+=\\s+(-s|--secure)\\s(\\/\\S+)$} }\n    end\n  else\n    impact 0.0\n    describe \"The TFTP package is not installed\" do\n      skip \"If a TFTP server is not installed, this is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The TFTP package is not installed :: SKIP_MESSAGE If a TFTP server is not installed, this is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71913</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86537r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010170</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed a minimum of four character classes must be
-changed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+changed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -8516,289 +8133,279 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;minclass&quot; option sets the minimum number of required classes of
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "minclass" option sets the minimum number of required classes of
 characters for the new password (digits, upper-case, lower-case, others).
 
-    Check for the value of the &quot;minclass&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "minclass" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep minclass &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    minclass &#x3D; 4
+    # grep minclass /etc/security/pwquality.conf
+    minclass = 4
 
-    If the value of &quot;minclass&quot; is set to less than &quot;4&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "minclass" is set to less than "4", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of at least four
-character classes when passwords are changed by setting the &quot;minclass&quot; option.
+character classes when passwords are changed by setting the "minclass" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf conf&quot; (or modify
+    Add the following line to "/etc/security/pwquality.conf conf" (or modify
 the line to have the required value):
 
-    minclass &#x3D; 4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>80d6f26e-63ed-440c-8bec-3d048b119049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf minclass.to_i is expected to cmp &gt;&#x3D; 4</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87813r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021021</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    minclass = 4</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71913\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed a minimum of four character classes must be\nchanged.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"minclass\\\" option sets the minimum number of required classes of\ncharacters for the new password (digits, upper-case, lower-case, others).\n\n    Check for the value of the \\\"minclass\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep minclass /etc/security/pwquality.conf\n    minclass = 4\n\n    If the value of \\\"minclass\\\" is set to less than \\\"4\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of at least four\ncharacter classes when passwords are changed by setting the \\\"minclass\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf conf\\\" (or modify\nthe line to have the required value):\n\n    minclass = 4\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71913\"\n  tag rid: \"SV-86537r2_rule\"\n  tag stig_id: \"RHEL-07-010170\"\n  tag fix_id: \"F-78265r1_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('minclass.to_i') { should cmp &gt;= 4 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf minclass.to_i is expected to cmp &gt;= 4</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87813r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021021</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent binary
 files from being executed on file systems that are being imported via Network
-File System (NFS).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;noexec&quot; mount option causes the system to not execute binary
+File System (NFS).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "noexec" mount option causes the system to not execute binary
 files. This option must be used for mounting any file system not containing
 approved binary files as they may be incompatible. Executing files from
 untrusted file systems increases the opportunity for unprivileged users to
-attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that are being NFS imported are configured with the
-&quot;noexec&quot; option.
+"noexec" option.
 
     Find the file system(s) that contain the directories being imported with
 the following command:
 
-    # more &#x2F;etc&#x2F;fstab | grep nfs
+    # more /etc/fstab | grep nfs
 
-    UUID&#x3D;e06097bb-cfcd-437b-9e4d-a691f5662a7d &#x2F;store nfs rw,noexec 0 0
+    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,noexec 0 0
 
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to NFS and it does not have
-the &quot;noexec&quot; option set, and use of NFS imported binaries is not documented
+    If a file system found in "/etc/fstab" refers to NFS and it does not have
+the "noexec" option set, and use of NFS imported binaries is not documented
 with the Information System Security Officer (ISSO) as an operational
 requirement, this is a finding.
 
-    Verify the NFS is mounted with the &quot;noexec&quot;option:
+    Verify the NFS is mounted with the "noexec"option:
 
     # mount | grep nfs | grep noexec
     If no results are returned and use of NFS imported binaries is not
 documented with the Information System Security Officer (ISSO) as an
-operational requirement, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;noexec&quot; option on
-file systems that are being imported via NFS.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3151ef8a-a0ef-4eea-8c41-600eea60d821</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72433</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87057r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041003</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+operational requirement, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "noexec" option on
+file systems that are being imported via NFS.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73161\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent binary\nfiles from being executed on file systems that are being imported via Network\nFile System (NFS).\"\n  desc  \"The \\\"noexec\\\" mount option causes the system to not execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that are being NFS imported are configured with the\n\\\"noexec\\\" option.\n\n    Find the file system(s) that contain the directories being imported with\nthe following command:\n\n    # more /etc/fstab | grep nfs\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,noexec 0 0\n\n    If a file system found in \\\"/etc/fstab\\\" refers to NFS and it does not have\nthe \\\"noexec\\\" option set, and use of NFS imported binaries is not documented\nwith the Information System Security Officer (ISSO) as an operational\nrequirement, this is a finding.\n\n    Verify the NFS is mounted with the \\\"noexec\\\"option:\n\n    # mount | grep nfs | grep noexec\n    If no results are returned and use of NFS imported binaries is not\ndocumented with the Information System Security Officer (ISSO) as an\noperational requirement, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"noexec\\\" option on\nfile systems that are being imported via NFS.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-73161\"\n  tag rid: \"SV-87813r2_rule\"\n  tag stig_id: \"RHEL-07-021021\"\n  tag fix_id: \"F-79607r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n  if !nfs_systems.nil? and !nfs_systems.empty?\n    nfs_systems.each do |file_system|\n      describe file_system do\n        its ('mount_options') { should include 'noexec' }\n      end\n    end\n  else\n    describe \"No NFS file systems were found.\" do\n      subject { nfs_systems.nil? or nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72433</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87057r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
-certificate status checking for PKI authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+certificate status checking for PKI authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Using an authentication device, such as a CAC or token that is
 separate from the information system, ensures that even if the information
 system is compromised, that compromise will not affect credentials stored on
@@ -8821,534 +8428,505 @@ example, dial-up, broadband, and wireless.
     This requirement only applies to components where this is specific to the
 function of the device or has the concept of an organizational user (e.g., VPN,
 proxy capability). This does not apply to authentication for the purpose of
-configuring the device itself (management).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+configuring the device itself (management).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements certificate status checking for PKI
 authentication.
 
     Check to see if Online Certificate Status Protocol (OCSP) is enabled on the
 system with the following command:
 
-    # grep cert_policy &#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf | grep -v &quot;^#&quot;
+    # grep cert_policy /etc/pam_pkcs11/pam_pkcs11.conf | grep -v "^#"
 
-    cert_policy &#x3D; ca, ocsp_on, signature;
-    cert_policy &#x3D; ca, ocsp_on, signature;
-    cert_policy &#x3D; ca, ocsp_on, signature;
+    cert_policy = ca, ocsp_on, signature;
+    cert_policy = ca, ocsp_on, signature;
+    cert_policy = ca, ocsp_on, signature;
 
     There should be at least three lines returned.
 
-    If &quot;ocsp_on&quot; is not present in all uncommented &quot;cert_policy&quot; lines in
-&quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "ocsp_on" is not present in all uncommented "cert_policy" lines in
+"/etc/pam_pkcs11/pam_pkcs11.conf", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to do certificate status checking for PKI
 authentication.
 
-    Modify all of the &quot;cert_policy&quot; lines in
-&quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf&quot; to include &quot;ocsp_on&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8316ef53-a5f3-4a24-b530-4e3274793292</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf is expected to exist
-expected File &#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72175</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86799r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030760</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Modify all of the "cert_policy" lines in
+"/etc/pam_pkcs11/pam_pkcs11.conf" to include "ocsp_on".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72433\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncertificate status checking for PKI authentication.\"\n  desc  \"Using an authentication device, such as a CAC or token that is\nseparate from the information system, ensures that even if the information\nsystem is compromised, that compromise will not affect credentials stored on\nthe authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD Common Access\nCard.\n\n    A privileged account is defined as an information system account with\nauthorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\nfunction of the device or has the concept of an organizational user (e.g., VPN,\nproxy capability). This does not apply to authentication for the purpose of\nconfiguring the device itself (management).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements certificate status checking for PKI\nauthentication.\n\n    Check to see if Online Certificate Status Protocol (OCSP) is enabled on the\nsystem with the following command:\n\n    # grep cert_policy /etc/pam_pkcs11/pam_pkcs11.conf | grep -v \\\"^#\\\"\n\n    cert_policy = ca, ocsp_on, signature;\n    cert_policy = ca, ocsp_on, signature;\n    cert_policy = ca, ocsp_on, signature;\n\n    There should be at least three lines returned.\n\n    If \\\"ocsp_on\\\" is not present in all uncommented \\\"cert_policy\\\" lines in\n\\\"/etc/pam_pkcs11/pam_pkcs11.conf\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to do certificate status checking for PKI\nauthentication.\n\n    Modify all of the \\\"cert_policy\\\" lines in\n\\\"/etc/pam_pkcs11/pam_pkcs11.conf\\\" to include \\\"ocsp_on\\\".\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00160\", \"SRG-OS-000375-GPOS-00161\",\n\"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-72433\"\n  tag rid: \"SV-87057r5_rule\"\n  tag stig_id: \"RHEL-07-041003\"\n  tag fix_id: \"F-78785r3_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\", \"Rev_4\"]\n\n  smart_card_status = input('smart_card_status')\n\n  if smart_card_status.eql?('enabled')\n    impact 0.5\n    if ((pam_file = file('/etc/pam_pkcs11/pam_pkcs11.conf')).exist?)\n      cert_policy_lines = (pam_file.content.nil?)?[]:\n        pam_file.content.lines.grep(%r{^(?!.+#).*cert_policy}i)\n      if (cert_policy_lines.length &lt; 3)\n        describe \"should contain at least 3 cert policy lines\" do\n          subject { cert_policy_lines.length }\n          it { should &gt;= 3 }\n        end\n      else\n        describe \"each cert policy line should include oscp_on\" do\n          cert_policy_lines.each do |line|\n           subject { line }\n           it { should match %r{=[^;]*ocsp_on}i }\n\t  end\n        end\n      end\n    else\n      describe pam_file do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system is not smartcard enabled\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/pam_pkcs11/pam_pkcs11.conf is expected to exist :: MESSAGE expected File /etc/pam_pkcs11/pam_pkcs11.conf to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72175</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86799r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030760</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the postdrop command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the postdrop command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged postfix commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postdrop&quot; command occur.
+successful/unsuccessful attempts to use the "postdrop" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;postdrop &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/postdrop /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postdrop -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-postfix
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postdrop&quot; command occur.
+successful/unsuccessful attempts to use the "postdrop" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postdrop -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-postfix
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>71975ac2-a7ef-4314-a1ea-fb243d29d211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postdrop&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postdrop&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72129</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86753r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030530</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72175\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe postdrop command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged postfix commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"postdrop\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/sbin/postdrop /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-postfix\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"postdrop\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-postfix\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72175\"\n  tag rid: \"SV-86799r4_rule\"\n  tag stig_id: \"RHEL-07-030760\"\n  tag fix_id: \"F-78529r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/postdrop'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/postdrop" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/postdrop" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72129</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86753r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030530</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the open_by_handle_at syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the open_by_handle_at syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open_by_handle_at&quot; syscall occur.
+successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw open_by_handle_at &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw open_by_handle_at /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;open_by_handle_at&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"open_by_handle_at" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open_by_handle_at&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3a8d7652-cbb9-455f-9a4a-46580b302f38</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86855r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72129\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe open_by_handle_at syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"open_by_handle_at\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw open_by_handle_at /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"open_by_handle_at\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"open_by_handle_at\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72129\"\n  tag rid: \"SV-86753r5_rule\"\n  tag stig_id: \"RHEL-07-030530\"\n  tag fix_id: \"F-78481r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86855r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
 cryptography to protect the integrity of Lightweight Directory Access Protocol
-(LDAP) communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(LDAP) communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, information can be
 altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If LDAP is not being utilized, this requirement is Not Applicable.
 
     Verify the operating system implements cryptography to protect the
@@ -9359,626 +8937,601 @@ command:
 
     # systemctl status sssd.service
     sssd.service - System Security Services Daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sssd.service; enabled; vendor
+    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
 preset: disabled)
     Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago
 
-    If the &quot;sssd.service&quot; is &quot;active&quot;, then LDAP is being used.
+    If the "sssd.service" is "active", then LDAP is being used.
 
-    Determine the &quot;id_provider&quot; that the LDAP is currently using:
+    Determine the "id_provider" that the LDAP is currently using:
 
-    # grep -i &quot;id_provider&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i "id_provider" /etc/sssd/sssd.conf
 
-    id_provider &#x3D; ad
+    id_provider = ad
 
-    If &quot;id_provider&quot; is set to &quot;ad&quot;, this is Not Applicable.
+    If "id_provider" is set to "ad", this is Not Applicable.
 
     Check the path to the X.509 certificate for peer authentication with the
 following command:
 
-    # grep -i tls_cacert &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i tls_cacert /etc/sssd/sssd.conf
 
-    ldap_tls_cacert &#x3D; &#x2F;etc&#x2F;pki&#x2F;tls&#x2F;certs&#x2F;ca-bundle.crt
+    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt
 
-    Verify the &quot;ldap_tls_cacert&quot; option points to a file that contains the
+    Verify the "ldap_tls_cacert" option points to a file that contains the
 trusted CA certificate.
 
     If this file does not exist, or the option is commented out or missing,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement cryptography to protect the
 integrity of LDAP remote access sessions.
 
-    Add or modify the following line in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot;:
-
-    ldap_tls_cacert &#x3D; &#x2F;etc&#x2F;pki&#x2F;tls&#x2F;certs&#x2F;ca-bundle.crt</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>88308d26-e975-499b-adb3-cacc53765082</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-LDAP not enabled
-LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72159</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86783r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030680</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the following line in "/etc/sssd/sssd.conf":
+
+    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72231\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncryptography to protect the integrity of Lightweight Directory Access Protocol\n(LDAP) communications.\"\n  desc  \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If LDAP is not being utilized, this requirement is Not Applicable.\n\n    Verify the operating system implements cryptography to protect the\nintegrity of remote LDAP access sessions.\n\n    To determine if LDAP is being used for authentication, use the following\ncommand:\n\n    # systemctl status sssd.service\n    sssd.service - System Security Services Daemon\n    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor\npreset: disabled)\n    Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago\n\n    If the \\\"sssd.service\\\" is \\\"active\\\", then LDAP is being used.\n\n    Determine the \\\"id_provider\\\" that the LDAP is currently using:\n\n    # grep -i \\\"id_provider\\\" /etc/sssd/sssd.conf\n\n    id_provider = ad\n\n    If \\\"id_provider\\\" is set to \\\"ad\\\", this is Not Applicable.\n\n    Check the path to the X.509 certificate for peer authentication with the\nfollowing command:\n\n    # grep -i tls_cacert /etc/sssd/sssd.conf\n\n    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt\n\n    Verify the \\\"ldap_tls_cacert\\\" option points to a file that contains the\ntrusted CA certificate.\n\n    If this file does not exist, or the option is commented out or missing,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement cryptography to protect the\nintegrity of LDAP remote access sessions.\n\n    Add or modify the following line in \\\"/etc/sssd/sssd.conf\\\":\n\n    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72231\"\n  tag rid: \"SV-86855r4_rule\"\n  tag stig_id: \"RHEL-07-040200\"\n  tag fix_id: \"F-78585r3_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  sssd_id_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*id_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  sssd_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*[a-z]*_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  pam_ldap_enabled = (!command('grep \"^[^#]*pam_ldap\\.so\" /etc/pam.d/*').stdout.strip.empty?)\n\n  if !(sssd_id_ldap_enabled or sssd_ldap_enabled or pam_ldap_enabled)\n    impact 0.0\n    describe \"LDAP not enabled\" do\n      skip \"LDAP not enabled using any known mechanisms, this control is Not Applicable.\"\n    end\n  end\n\n  if sssd_id_ldap_enabled\n    ldap_id_use_start_tls = command('grep ldap_id_use_start_tls /etc/sssd/sssd.conf')\n    describe ldap_id_use_start_tls do\n      its('stdout.strip') { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n    end\n\n    ldap_id_use_start_tls.stdout.strip.each_line do |line|\n      describe line do\n        it { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n      end\n    end\n  end\n\n  if sssd_ldap_enabled\n    ldap_tls_cacert = command('grep -i ldap_tls_cacert /etc/sssd/sssd.conf').\n      stdout.strip.scan(%r{^ldap_tls_cacert\\s*=\\s*(.*)}).last\n\n    describe \"ldap_tls_cacert\" do\n      subject { ldap_tls_cacert }\n      it { should_not eq nil }\n    end\n\n    describe file(ldap_tls_cacert.last) do\n      it { should exist }\n      it { should be_file }\n    end if !ldap_tls_cacert.nil?\n  end\n\n  if pam_ldap_enabled\n    tls_cacertfile = command('grep -i tls_cacertfile /etc/pam_ldap.conf').\n      stdout.strip.scan(%r{^tls_cacertfile\\s+(.*)}).last\n\n    describe \"tls_cacertfile\" do\n      subject { tls_cacertfile }\n      it { should_not eq nil }\n    end\n\n    describe file(tls_cacertfile.last) do\n      it { should exist }\n      it { should be_file }\n    end if !tls_cacertfile.nil?\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST LDAP not enabled :: SKIP_MESSAGE LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72159</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86783r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030680</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the su command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the su command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;su&quot; command occur.
+successful/unsuccessful attempts to use the "su" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;bin&#x2F;su &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/bin/su /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;su -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;su&quot; command occur.
+successful/unsuccessful attempts to use the "su" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;su -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bdc95ce0-1ab0-45eb-90af-6ff9720f8372</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;su&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;su&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72115</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86739r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030460</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72159\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe su command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"su\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/bin/su /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"su\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72159\"\n  tag rid: \"SV-86783r5_rule\"\n  tag stig_id: \"RHEL-07-030680\"\n  tag fix_id: \"F-78511r6_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/su'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/su" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/su" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72115</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86739r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030460</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the lsetxattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the lsetxattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw lsetxattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw lsetxattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;lsetxattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"lsetxattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3314c9b7-c9b0-48b0-a6a4-a376b264afd4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-92253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-102355r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040612</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72115\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe lsetxattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"lsetxattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw lsetxattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"lsetxattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"lsetxattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72115\"\n  tag rid: \"SV-86739r5_rule\"\n  tag stig_id: \"RHEL-07-030460\"\n  tag fix_id: \"F-78467r10_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"lsetxattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"lsetxattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-92253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-102355r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040612</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a reverse-path
-filter for IPv4 network traffic when possible by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+filter for IPv4 network traffic when possible by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enabling reverse path filtering drops packets with source addresses
 that should not have been able to be received on the interface they were
 received on. It should not be used on systems which are routers for complicated
-networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system uses a reverse-path filter for IPv4:
 
-    # grep net.ipv4.conf.default.rp_filter &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
-    net.ipv4.conf.default.rp_filter &#x3D; 1
+    # grep net.ipv4.conf.default.rp_filter /etc/sysctl.conf /etc/sysctl.d/*
+    net.ipv4.conf.default.rp_filter = 1
 
-    If &quot;net.ipv4.conf.default.rp_filter&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;1&quot;, this is a finding.
+    If "net.ipv4.conf.default.rp_filter" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "1", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.default.rp_filter
-    net.ipv4.conf.default.rp_filter &#x3D; 1
+    # /sbin/sysctl -a | grep net.ipv4.conf.default.rp_filter
+    net.ipv4.conf.default.rp_filter = 1
 
-    If the returned line does not have a value of &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.rp_filter &#x3D; 1
+    net.ipv4.conf.default.rp_filter = 1
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1b4fdb23-4b4f-477b-ba14-16e062000382</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.rp_filter value is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72223</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86847r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-92253\" do\n  title \"The Red Hat Enterprise Linux operating system must use a reverse-path\nfilter for IPv4 network traffic when possible by default.\"\n  desc  \"Enabling reverse path filtering drops packets with source addresses\nthat should not have been able to be received on the interface they were\nreceived on. It should not be used on systems which are routers for complicated\nnetworks, but is helpful for end hosts and routers serving small networks.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system uses a reverse-path filter for IPv4:\n\n    # grep net.ipv4.conf.default.rp_filter /etc/sysctl.conf /etc/sysctl.d/*\n    net.ipv4.conf.default.rp_filter = 1\n\n    If \\\"net.ipv4.conf.default.rp_filter\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"1\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.default.rp_filter\n    net.ipv4.conf.default.rp_filter = 1\n\n    If the returned line does not have a value of \\\"1\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.rp_filter = 1\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-92253\"\n  tag rid: \"SV-102355r1_rule\"\n  tag stig_id: \"RHEL-07-040612\"\n  tag fix_id: \"F-98475r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.rp_filter') do\n    its('value') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.rp_filter value is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72223</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86847r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all network connections associated with a communication session are
 terminated at the end of the session or after 10 minutes of inactivity from the
 user at a command prompt, except to fulfill documented and validated mission
-requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Terminating an idle session within a short time period reduces the
 window of opportunity for unauthorized personnel to take control of a
 management session enabled on the console or console port that has been left
@@ -9986,318 +9539,307 @@ unattended. In addition, quickly terminating an idle session will also free up
 resources committed by the managed network element.
 
     Terminating network connections associated with communications sessions
-includes, for example, de-allocating associated TCP&#x2F;IP address&#x2F;port pairs at
+includes, for example, de-allocating associated TCP/IP address/port pairs at
 the operating system level and de-allocating networking assignments at the
 application level if multiple application sessions are using a single operating
 system-level network connection. This does not mean that the operating system
 terminates all sessions or network access; it only ends the inactive session
-and releases the resources associated with that session.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and releases the resources associated with that session.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system terminates all network connections associated
 with a communications session at the end of the session or based on inactivity.
 
     Check the value of the system inactivity timeout with the following command:
 
-    # grep -i tmout &#x2F;etc&#x2F;profile.d&#x2F;*
+    # grep -i tmout /etc/profile.d/*
 
-    etc&#x2F;profile.d&#x2F;tmout.sh:TMOUT&#x3D;600
+    etc/profile.d/tmout.sh:TMOUT=600
 
-    &#x2F;etc&#x2F;profile.d&#x2F;tmout.sh:readonly TMOUT
+    /etc/profile.d/tmout.sh:readonly TMOUT
 
-    &#x2F;etc&#x2F;profile.d&#x2F;tmout.sh:export TMOUT
+    /etc/profile.d/tmout.sh:export TMOUT
 
-    If &quot;TMOUT&quot; is not set to &quot;600&quot; or less in a script located in the
-&#x2F;etc&#x2F;profile.d&#x2F; directory to enforce session termination after inactivity, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "TMOUT" is not set to "600" or less in a script located in the
+/etc/profile.d/ directory to enforce session termination after inactivity, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to terminate all network connections
 associated with a communications session at the end of the session or after a
 period of inactivity.
 
     Create a script to enforce the inactivity timeout (for example
-&#x2F;etc&#x2F;profile.d&#x2F;tmout.sh) such as:
+/etc/profile.d/tmout.sh) such as:
 
-    #!&#x2F;bin&#x2F;bash
+    #!/bin/bash
 
-    TMOUT&#x3D;600
+    TMOUT=600
     readonly TMOUT
-    export TMOUT</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fd83bd51-bd25-4b3f-8450-0dd2347f7b2f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Environment variable TMOUT is expected to be &lt;&#x3D; 600
---------------------------------
-passed
-The TMOUT setting is configured properly is expected to be &lt;&#x3D; 600</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71995</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00228</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86619r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    export TMOUT</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72223\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all network connections associated with a communication session are\nterminated at the end of the session or after 10 minutes of inactivity from the\nuser at a command prompt, except to fulfill documented and validated mission\nrequirements.\"\n  desc  \"Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean that the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system terminates all network connections associated\nwith a communications session at the end of the session or based on inactivity.\n\n    Check the value of the system inactivity timeout with the following command:\n\n    # grep -i tmout /etc/profile.d/*\n\n    etc/profile.d/tmout.sh:TMOUT=600\n\n    /etc/profile.d/tmout.sh:readonly TMOUT\n\n    /etc/profile.d/tmout.sh:export TMOUT\n\n    If \\\"TMOUT\\\" is not set to \\\"600\\\" or less in a script located in the\n/etc/profile.d/ directory to enforce session termination after inactivity, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to terminate all network connections\nassociated with a communications session at the end of the session or after a\nperiod of inactivity.\n\n    Create a script to enforce the inactivity timeout (for example\n/etc/profile.d/tmout.sh) such as:\n\n    #!/bin/bash\n\n    TMOUT=600\n    readonly TMOUT\n    export TMOUT\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000163-GPOS-00072\"\n  tag gid: \"V-72223\"\n  tag rid: \"SV-86847r4_rule\"\n  tag stig_id: \"RHEL-07-040160\"\n  tag fix_id: \"F-78577r5_fix\"\n  tag cci: [\"CCI-001133\", \"CCI-002361\"]\n  tag nist: [\"SC-10\", \"AC-12\", \"Rev_4\"]\n\n  system_activity_timeout = input('system_activity_timeout')\n\n  # Get current TMOUT environment variable (active test)\n  describe 'Environment variable TMOUT' do\n    subject { os_env('TMOUT').content.to_i }\n    it { should be &lt;= system_activity_timeout }\n  end\n\n  # Check if TMOUT is set in files (passive test)\n  files = ['/etc/bashrc'] + ['/etc/profile'] + command(\"find /etc/profile.d/*\").stdout.split(\"\\n\")\n  latest_val = nil\n\n  files.each do |file|\n    readonly = false\n\n    # Skip to next file if TMOUT isn't present. Otherwise, get the last occurrence of TMOUT\n    next if (values = command(\"grep -Po '.*TMOUT.*' #{file}\").stdout.split(\"\\n\")).empty?\n\n    # Loop through each TMOUT match and see if set TMOUT's value or makes it readonly\n    values.each_with_index { |value, index|\n\n      # Skip if starts with '#' - it represents a comment\n      next if !value.match(/^#/).nil?\n      # If readonly and value is inline - use that value\n      if !value.match(/^readonly[\\s]+TMOUT[\\s]*=[\\s]*[\\d]+$/).nil?\n        latest_val = value.match(/[\\d]+/)[0].to_i\n        readonly = true\n        break\n      # If readonly, but, value is not inline - use the most recent value\n      elsif !value.match(/^readonly[\\s]+([\\w]+[\\s]+)?TMOUT[\\s]*([\\s]+[\\w]+[\\s]*)*$/).nil?\n        # If the index is greater than 0, the configuraiton setting value.\n        # Otherwise, the configuration setting value is in the previous file\n        # and is already set in latest_val.\n        if index &gt;= 1\n          latest_val = values[index - 1].match(/[\\d]+/)[0].to_i\n        end\n        readonly = true\n        break\n      # Readonly is not set use the lastest value\n      else\n        latest_val = value.match(/[\\d]+/)[0].to_i\n      end\n    }\n   # Readonly is set - stop processing files\n    break if readonly === true\n  end\n\n  if latest_val.nil?\n    describe \"The TMOUT setting is configured\" do\n      subject { !latest_val.nil? }\n      it { should be true }\n    end\n  else\n    describe\"The TMOUT setting is configured properly\" do\n      subject { latest_val }\n      it { should be &lt;= system_activity_timeout }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Environment variable TMOUT is expected to be &lt;= 600
+--------------------------------
+passed :: TEST The TMOUT setting is configured properly is expected to be &lt;= 600</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71995</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00228</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86619r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must define default
 permissions for all authenticated users in such a way that the user can only
-read and modify their own files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+read and modify their own files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Setting the most restrictive default permissions ensures that when new
-accounts are created, they do not have unnecessary access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+accounts are created, they do not have unnecessary access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system defines default permissions for all
 authenticated users in such a way that the user can only read and modify their
 own files.
 
-    Check for the value of the &quot;UMASK&quot; parameter in &quot;&#x2F;etc&#x2F;login.defs&quot; file
+    Check for the value of the "UMASK" parameter in "/etc/login.defs" file
 with the following command:
 
-    Note: If the value of the &quot;UMASK&quot; parameter is set to &quot;000&quot; in
-&quot;&#x2F;etc&#x2F;login.defs&quot; file, the Severity is raised to a CAT I.
+    Note: If the value of the "UMASK" parameter is set to "000" in
+"/etc/login.defs" file, the Severity is raised to a CAT I.
 
-    # grep -i umask &#x2F;etc&#x2F;login.defs
+    # grep -i umask /etc/login.defs
     UMASK  077
 
-    If the value for the &quot;UMASK&quot; parameter is not &quot;077&quot;, or the &quot;UMASK&quot;
-parameter is missing or is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value for the "UMASK" parameter is not "077", or the "UMASK"
+parameter is missing or is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to define default permissions for all
 authenticated users in such a way that the user can only read and modify their
 own files.
 
-    Add or edit the line for the &quot;UMASK&quot; parameter in &quot;&#x2F;etc&#x2F;login.defs&quot;
-file to &quot;077&quot;:
-
-    UMASK  077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b6bbc1a3-b7ea-42bd-88a3-fe46df63680e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs UMASK is expected to eq &quot;077&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72071</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86695r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or edit the line for the "UMASK" parameter in "/etc/login.defs"
+file to "077":
+
+    UMASK  077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71995\" do\n  title \"The Red Hat Enterprise Linux operating system must define default\npermissions for all authenticated users in such a way that the user can only\nread and modify their own files.\"\n  desc  \"Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system defines default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Check for the value of the \\\"UMASK\\\" parameter in \\\"/etc/login.defs\\\" file\nwith the following command:\n\n    Note: If the value of the \\\"UMASK\\\" parameter is set to \\\"000\\\" in\n\\\"/etc/login.defs\\\" file, the Severity is raised to a CAT I.\n\n    # grep -i umask /etc/login.defs\n    UMASK  077\n\n    If the value for the \\\"UMASK\\\" parameter is not \\\"077\\\", or the \\\"UMASK\\\"\nparameter is missing or is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to define default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Add or edit the line for the \\\"UMASK\\\" parameter in \\\"/etc/login.defs\\\"\nfile to \\\"077\\\":\n\n    UMASK  077\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00228\"\n  tag gid: \"V-71995\"\n  tag rid: \"SV-86619r2_rule\"\n  tag stig_id: \"RHEL-07-020240\"\n  tag fix_id: \"F-78347r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n\n  if login_defs.read_params[\"UMASK\"].eql?('000')\n    impact 0.7\n  else\n    impact 0.5\n  end\n  describe login_defs do\n    its('UMASK') { should eq '077' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs UMASK is expected to eq "077"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72071</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86695r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the file integrity tool is configured to verify extended attributes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the file integrity tool is configured to verify extended attributes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Extended attributes in file systems are used to contain arbitrary data
-and file metadata with security implications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and file metadata with security implications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file integrity tool is configured to verify extended attributes.
 
     Check to see if Advanced Intrusion Detection Environment (AIDE) is
@@ -10312,311 +9854,300 @@ checks are performed on the system.
 is a finding.
 
     Note: AIDE is highly configurable at install time. These commands assume
-the &quot;aide.conf&quot; file is under the &quot;&#x2F;etc&quot; directory.
+the "aide.conf" file is under the "/etc" directory.
 
     Use the following command to determine if the file is in another location:
 
-    # find &#x2F; -name aide.conf
+    # find / -name aide.conf
 
-    Check the &quot;aide.conf&quot; file to determine if the &quot;xattrs&quot; rule has been
+    Check the "aide.conf" file to determine if the "xattrs" rule has been
 added to the rule list being applied to the files and directories selection
 lists.
 
-    An example rule that includes the &quot;xattrs&quot; rule follows:
+    An example rule that includes the "xattrs" rule follows:
 
-    All&#x3D; p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
-    &#x2F;bin All # apply the custom rule to the files in bin
-    &#x2F;sbin All # apply the same custom rule to the files in sbin
+    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+    /bin All # apply the custom rule to the files in bin
+    /sbin All # apply the same custom rule to the files in sbin
 
-    If the &quot;xattrs&quot; rule is not being used on all uncommented selection lines
-in the &quot;&#x2F;etc&#x2F;aide.conf&quot; file, or extended attributes are not being checked by
-another file integrity tool, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "xattrs" rule is not being used on all uncommented selection lines
+in the "/etc/aide.conf" file, or extended attributes are not being checked by
+another file integrity tool, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to check file and directory extended
 attributes.
 
-    If AIDE is installed, ensure the &quot;xattrs&quot; rule is present on all
-uncommented file and directory selection lists.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e641da94-89be-44b2-bc66-4949663c4e46</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-List of monitored files&#x2F;directories without &#39;xattrs&#39; rule is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71929</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86553r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010250</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If AIDE is installed, ensure the "xattrs" rule is present on all
+uncommented file and directory selection lists.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72071\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the file integrity tool is configured to verify extended attributes.\"\n  desc  \"Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file integrity tool is configured to verify extended attributes.\n\n    Check to see if Advanced Intrusion Detection Environment (AIDE) is\ninstalled on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    If there is no application installed to perform file integrity checks, this\nis a finding.\n\n    Note: AIDE is highly configurable at install time. These commands assume\nthe \\\"aide.conf\\\" file is under the \\\"/etc\\\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    # find / -name aide.conf\n\n    Check the \\\"aide.conf\\\" file to determine if the \\\"xattrs\\\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \\\"xattrs\\\" rule follows:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \\\"xattrs\\\" rule is not being used on all uncommented selection lines\nin the \\\"/etc/aide.conf\\\" file, or extended attributes are not being checked by\nanother file integrity tool, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to check file and directory extended\nattributes.\n\n    If AIDE is installed, ensure the \\\"xattrs\\\" rule is present on all\nuncommented file and directory selection lists.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72071\"\n  tag rid: \"SV-86695r3_rule\"\n  tag stig_id: \"RHEL-07-021610\"\n  tag fix_id: \"F-78423r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe package(\"aide\") do\n    it { should be_installed }\n  end\n\n  findings = []\n  aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n    unless selection.rules.include? 'xattrs'\n      findings.append(selection.selection_line)\n    end\n  end\n\n  describe \"List of monitored files/directories without 'xattrs' rule\" do\n    subject { findings }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST List of monitored files/directories without 'xattrs' rule is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71929</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86553r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010250</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords for new users are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords for new users are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Any password, no matter how complex, can eventually be cracked.
 Therefore, passwords need to be changed periodically. If the operating system
 does not limit the lifetime of passwords and force users to change their
 passwords, there is the risk that the operating system passwords could be
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If passwords are not being used for authentication, this is Not Applicable.
 
     Verify the operating system enforces a 60-day maximum password lifetime
 restriction for new user accounts.
 
-    Check for the value of &quot;PASS_MAX_DAYS&quot; in &quot;&#x2F;etc&#x2F;login.defs&quot; with the
+    Check for the value of "PASS_MAX_DAYS" in "/etc/login.defs" with the
 following command:
 
-    # grep -i pass_max_days &#x2F;etc&#x2F;login.defs
+    # grep -i pass_max_days /etc/login.defs
     PASS_MAX_DAYS 60
 
-    If the &quot;PASS_MAX_DAYS&quot; parameter value is not 60 or less, or is commented
-out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PASS_MAX_DAYS" parameter value is not 60 or less, or is commented
+out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce a 60-day maximum password
 lifetime restriction.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;login.defs&quot; (or modify the line to have
+    Add the following line in "/etc/login.defs" (or modify the line to have
 the required value):
 
-    PASS_MAX_DAYS     60</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>74f7fff9-afef-4f30-bd70-664608545b60</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs PASS_MAX_DAYS.to_i is expected to cmp &lt;&#x3D; 60</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71985</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86609r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    PASS_MAX_DAYS     60</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71929\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords for new users are restricted to a 60-day maximum lifetime.\"\n  desc  \"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If the operating system\ndoes not limit the lifetime of passwords and force users to change their\npasswords, there is the risk that the operating system passwords could be\ncompromised.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If passwords are not being used for authentication, this is Not Applicable.\n\n    Verify the operating system enforces a 60-day maximum password lifetime\nrestriction for new user accounts.\n\n    Check for the value of \\\"PASS_MAX_DAYS\\\" in \\\"/etc/login.defs\\\" with the\nfollowing command:\n\n    # grep -i pass_max_days /etc/login.defs\n    PASS_MAX_DAYS 60\n\n    If the \\\"PASS_MAX_DAYS\\\" parameter value is not 60 or less, or is commented\nout, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce a 60-day maximum password\nlifetime restriction.\n\n    Add the following line in \\\"/etc/login.defs\\\" (or modify the line to have\nthe required value):\n\n    PASS_MAX_DAYS     60\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000076-GPOS-00044\"\n  tag gid: \"V-71929\"\n  tag rid: \"SV-86553r2_rule\"\n  tag stig_id: \"RHEL-07-010250\"\n  tag fix_id: \"F-78281r1_fix\"\n  tag cci: [\"CCI-000199\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  describe login_defs do\n    its('PASS_MAX_DAYS.to_i') { should cmp &lt;= 60 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs PASS_MAX_DAYS.to_i is expected to cmp &lt;= 60</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71985</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86609r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must disable the file
-system automounter unless required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system automounter unless required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Automatically mounting file systems permits easy introduction of
-unknown devices, thereby facilitating malicious activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unknown devices, thereby facilitating malicious activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system disables the ability to automount devices.
 
     Check to see if automounter service is active with the following command:
 
     # systemctl status autofs
     autofs.service - Automounts filesystems on demand
-       Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;autofs.service; disabled)
+       Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)
        Active: inactive (dead)
 
-    If the &quot;autofs&quot; status is set to &quot;active&quot; and is not documented with
+    If the "autofs" status is set to "active" and is not documented with
 the Information System Security Officer (ISSO) as an operational requirement,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable the ability to automount devices.
 
     Turn off the automount service with the following commands:
@@ -10624,143 +10155,136 @@ this is a finding.</ATTRIBUTE_DATA>
     # systemctl stop autofs
     # systemctl disable autofs
 
-    If &quot;autofs&quot; is required for Network File System (NFS), it must be
-documented with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>153338d2-957d-4e63-a642-7d6098a59eee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service autofs.service is expected not to be running
---------------------------------
-passed
-Service autofs.service is expected not to be enabled
---------------------------------
-passed
-Service autofs.service is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71993</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86617r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If "autofs" is required for Network File System (NFS), it must be
+documented with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71985\" do\n  title \"The Red Hat Enterprise Linux operating system must disable the file\nsystem automounter unless required.\"\n  desc  \"Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system disables the ability to automount devices.\n\n    Check to see if automounter service is active with the following command:\n\n    # systemctl status autofs\n    autofs.service - Automounts filesystems on demand\n       Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)\n       Active: inactive (dead)\n\n    If the \\\"autofs\\\" status is set to \\\"active\\\" and is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable the ability to automount devices.\n\n    Turn off the automount service with the following commands:\n\n    # systemctl stop autofs\n    # systemctl disable autofs\n\n    If \\\"autofs\\\" is required for Network File System (NFS), it must be\ndocumented with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000114-GPOS-00059\"\n  tag satisfies: [\"SRG-OS-000114-GPOS-00059\", \"SRG-OS-000378-GPOS-00163\",\n\"SRG-OS-000480-GPOS-00227\"]\n  tag gid: \"V-71985\"\n  tag rid: \"SV-86609r2_rule\"\n  tag stig_id: \"RHEL-07-020110\"\n  tag fix_id: \"F-78337r2_fix\"\n  tag cci: [\"CCI-000366\", \"CCI-000778\", \"CCI-001958\"]\n  tag nist: [\"CM-6 b\", \"IA-3\", \"IA-3\", \"Rev_4\"]\n\n  describe systemd_service('autofs.service') do\n    it { should_not be_running }\n    it { should_not be_enabled }\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service autofs.service is expected not to be running
+--------------------------------
+passed :: TEST Service autofs.service is expected not to be enabled
+--------------------------------
+passed :: TEST Service autofs.service is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71993</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86617r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A locally logged-on user who presses Ctrl-Alt-Delete, when at the
 console, can reboot the system. If accidentally pressed, as could happen in the
 case of a mixed OS environment, this can create the risk of short-term loss of
 availability of systems due to unintentional reboot. In the GNOME graphical
 environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is
-reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system is not configured to reboot the system when
 Ctrl-Alt-Delete is pressed.
 
@@ -10770,870 +10294,816 @@ following command:
     # systemctl status ctrl-alt-del.target
 
     ctrl-alt-del.target
-    Loaded: masked (&#x2F;dev&#x2F;null; bad)
+    Loaded: masked (/dev/null; bad)
     Active: inactive (dead)
 
     If the ctrl-alt-del.target is not masked, this is a finding.
 
-    If the ctrl-alt-del.target is active, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the ctrl-alt-del.target is active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to disable the Ctrl-Alt-Delete sequence for the
 command line with the following command:
 
-    # systemctl mask ctrl-alt-del.target</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d74464b3-5c6f-4de5-93ef-83d69e503af2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service ctrl-alt-del.target is expected not to be running
---------------------------------
-passed
-Service ctrl-alt-del.target is expected not to be enabled</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000327-GPOS-00127</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86719r7_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030360</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl mask ctrl-alt-del.target</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71993\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.\"\n  desc  \"A locally logged-on user who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In the GNOME graphical\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system is not configured to reboot the system when\nCtrl-Alt-Delete is pressed.\n\n    Check that the ctrl-alt-del.target is masked and not active with the\nfollowing command:\n\n    # systemctl status ctrl-alt-del.target\n\n    ctrl-alt-del.target\n    Loaded: masked (/dev/null; bad)\n    Active: inactive (dead)\n\n    If the ctrl-alt-del.target is not masked, this is a finding.\n\n    If the ctrl-alt-del.target is active, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to disable the Ctrl-Alt-Delete sequence for the\ncommand line with the following command:\n\n    # systemctl mask ctrl-alt-del.target\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71993\"\n  tag rid: \"SV-86617r5_rule\"\n  tag stig_id: \"RHEL-07-020230\"\n  tag fix_id: \"F-78345r6_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe systemd_service('ctrl-alt-del.target') do\n    it { should_not be_running }\n    it { should_not be_enabled }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service ctrl-alt-del.target is expected not to be running
+--------------------------------
+passed :: TEST Service ctrl-alt-del.target is expected not to be enabled</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000327-GPOS-00127</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86719r7_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030360</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all
-executions of privileged functions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+executions of privileged functions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Misuse of privileged functions, either intentionally or
 unintentionally by authorized users, or by unauthorized external entities that
 have compromised information system accounts, is a serious and ongoing concern
 and can have significant adverse impacts on organizations. Auditing the use of
 privileged functions is one way to detect such misuse and identify the risk
-from insider threats and the advanced persistent threat.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+from insider threats and the advanced persistent threat.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system audits the execution of privileged functions
 using the following command:
 
-    # grep -iw execve &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw execve /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b64 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b32 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
-    -a always,exit -F arch&#x3D;b64 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
+    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid
+    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid
 
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules for &quot;SUID&quot; files are not
+    If both the "b32" and "b64" audit rules for "SUID" files are not
 defined, this is a finding.
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules for &quot;SGID&quot; files are not
-defined, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules for "SGID" files are not
+defined, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to audit the execution of privileged
 functions.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b64 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b32 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
-    -a always,exit -F arch&#x3D;b64 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ffbf3327-f23b-4768-896f-8e29e58f938a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002234</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; action.uniq is expected to eq [&quot;always&quot;]
-
-expected: [&quot;always&quot;]
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid
+    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72095\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all\nexecutions of privileged functions.\"\n  desc  \"Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system audits the execution of privileged functions\nusing the following command:\n\n    # grep -iw execve /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid\n\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules for \\\"SUID\\\" files are not\ndefined, this is a finding.\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules for \\\"SGID\\\" files are not\ndefined, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to audit the execution of privileged\nfunctions.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000327-GPOS-00127\"\n  tag gid: \"V-72095\"\n  tag rid: \"SV-86719r7_rule\"\n  tag stig_id: \"RHEL-07-030360\"\n  tag fix_id: \"F-78447r9_fix\"\n  tag cci: [\"CCI-002234\"]\n  tag nist: [\"AC-6 (9)\", \"Rev_4\"]\n\n  # All execve calls should use 'always,exit'\n  describe auditd.syscall('execve') do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n\n  # Work with the SUID rules\n  describe auditd.syscall('execve').where { fields.include?('euid=0') } do\n    its ('arch.uniq') { should include 'b32' }\n    its ('arch.uniq') { should include 'b64' }\n  end\n\n  # Work with the SGID rules\n  describe auditd.syscall('execve').where { fields.include?('egid=0') } do\n    its ('arch.uniq') { should include 'b32' }\n    its ('arch.uniq') { should include 'b64' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002234</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "execve" action.uniq is expected to eq ["always"] :: MESSAGE 
+expected: ["always"]
      got: []
 
-(compared using &#x3D;&#x3D;)
+(compared using ==)
 
 --------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; list.uniq is expected to eq [&quot;exit&quot;]
-
-expected: [&quot;exit&quot;]
+passed :: TEST Auditd Rules with syscall == "execve" list.uniq is expected to eq ["exit"] :: MESSAGE 
+expected: ["exit"]
      got: []
 
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;euid&#x3D;0&quot; arch.uniq is expected to include &quot;b32&quot;
-expected [] to include &quot;b32&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;euid&#x3D;0&quot; arch.uniq is expected to include &quot;b64&quot;
-expected [] to include &quot;b64&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;egid&#x3D;0&quot; arch.uniq is expected to include &quot;b32&quot;
-expected [] to include &quot;b32&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;egid&#x3D;0&quot; arch.uniq is expected to include &quot;b64&quot;
-expected [] to include &quot;b64&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72127</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86751r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030520</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using ==)
+
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "euid=0" arch.uniq is expected to include "b32" :: MESSAGE expected [] to include "b32"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "euid=0" arch.uniq is expected to include "b64" :: MESSAGE expected [] to include "b64"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "egid=0" arch.uniq is expected to include "b32" :: MESSAGE expected [] to include "b32"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "egid=0" arch.uniq is expected to include "b64" :: MESSAGE expected [] to include "b64"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72127</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86751r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030520</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the openat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the openat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;openat&quot; syscall occur.
+successful/unsuccessful attempts to use the "openat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw openat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw openat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;openat&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"openat" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;openat&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>43593b76-59df-449b-bdca-110ac3bcf275</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72167</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86791r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030720</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "openat" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72127\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe openat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"openat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw openat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"openat\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"openat\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72127\"\n  tag rid: \"SV-86751r5_rule\"\n  tag stig_id: \"RHEL-07-030520\"\n  tag fix_id: \"F-78479r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"openat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"openat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"openat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"openat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72167</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86791r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030720</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chsh command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chsh command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chsh&quot; command occur.
+successful/unsuccessful attempts to use the "chsh" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;chsh &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/chsh /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chsh -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chsh&quot; command occur.
+successful/unsuccessful attempts to use the "chsh" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chsh -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0b326906-72de-4659-9a34-27f9795c2989</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chsh&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chsh&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73171</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87823r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030873</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72167\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chsh command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chsh\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -i /usr/bin/chsh /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chsh\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72167\"\n  tag rid: \"SV-86791r4_rule\"\n  tag stig_id: \"RHEL-07-030720\"\n  tag fix_id: \"F-78521r5_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/chsh'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/chsh" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/chsh" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73171</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87823r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030873</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;shadow.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/shadow.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;shadow.
+/etc/shadow.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;shadow &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/shadow /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;shadow -p wa -k identity
+    -w /etc/shadow -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;shadow.
+/etc/shadow.
 
     Add or update the following file system rule in
-&quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;shadow -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ea44afc4-6f9b-4274-8a04-1607a380ac32</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;shadow&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;shadow&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72297</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86921r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040680</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/audit/rules.d/audit.rules":
+
+    -w /etc/shadow -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73171\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/shadow.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/shadow.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/shadow /etc/audit/audit.rules\n\n    -w /etc/shadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/shadow.\n\n    Add or update the following file system rule in\n\\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/shadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73171\"\n  tag rid: \"SV-87823r4_rule\"\n  tag stig_id: \"RHEL-07-030873\"\n  tag fix_id: \"F-79617r4_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/shadow'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/shadow" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/shadow" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72297</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86921r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040680</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-prevent unrestricted mail relaying.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+prevent unrestricted mail relaying.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If unrestricted mail relaying is permitted, unauthorized senders could
 use this host as a mail relay for the purpose of sending spam or other
-unauthorized activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system is configured to prevent unrestricted mail relaying.
 
-    Determine if &quot;postfix&quot; is installed with the following commands:
+    Determine if "postfix" is installed with the following commands:
 
     # yum list installed postfix
     postfix-2.6.6-6.el7.x86_64.rpm
@@ -11644,474 +11114,449 @@ unauthorized activity.</ATTRIBUTE_DATA>
 connections from unknown or untrusted networks with the following command:
 
     # postconf -n smtpd_client_restrictions
-    smtpd_client_restrictions &#x3D; permit_mynetworks, reject
-
-    If the &quot;smtpd_client_restrictions&quot; parameter contains any entries other
-than &quot;permit_mynetworks&quot; and &quot;reject&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If &quot;postfix&quot; is installed, modify the &quot;&#x2F;etc&#x2F;postfix&#x2F;main.cf&quot; file to
+    smtpd_client_restrictions = permit_mynetworks, reject
+
+    If the "smtpd_client_restrictions" parameter contains any entries other
+than "permit_mynetworks" and "reject", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If "postfix" is installed, modify the "/etc/postfix/main.cf" file to
 restrict client connections to the local network with the following command:
 
-    # postconf -e &#39;smtpd_client_restrictions &#x3D; permit_mynetworks,reject&#39;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a6f0824e-0045-46ed-a617-2e88dc9df8ef</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;postconf -n smtpd_client_restrictions&#x60; stdout.strip is expected to match &#x2F;^smtpd_client_restrictions\s+&#x3D;\s+permit_mynetworks,\s*reject\s*$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72163</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86787r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72297\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nprevent unrestricted mail relaying.\"\n  desc  \"If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system is configured to prevent unrestricted mail relaying.\n\n    Determine if \\\"postfix\\\" is installed with the following commands:\n\n    # yum list installed postfix\n    postfix-2.6.6-6.el7.x86_64.rpm\n\n    If postfix is not installed, this is Not Applicable.\n\n    If postfix is installed, determine if it is configured to reject\nconnections from unknown or untrusted networks with the following command:\n\n    # postconf -n smtpd_client_restrictions\n    smtpd_client_restrictions = permit_mynetworks, reject\n\n    If the \\\"smtpd_client_restrictions\\\" parameter contains any entries other\nthan \\\"permit_mynetworks\\\" and \\\"reject\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    If \\\"postfix\\\" is installed, modify the \\\"/etc/postfix/main.cf\\\" file to\nrestrict client connections to the local network with the following command:\n\n    # postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72297\"\n  tag rid: \"SV-86921r3_rule\"\n  tag stig_id: \"RHEL-07-040680\"\n  tag fix_id: \"F-78651r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  # Only permit_mynetworks and reject should be allowed\n  describe.one do\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+permit_mynetworks,\\s*reject\\s*$} }\n    end\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+permit_mynetworks\\s*$} }\n    end\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+reject\\s*$} }\n    end\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+reject,\\s*permit_mynetworks\\s*$} }\n    end\n  end if package('postfix').installed?\n\n  describe \"The `postfix` package is not installed\" do\n    skip \"The `postfix` package is not installed, this control is Not Applicable\"\n  end if !package('postfix').installed?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `postconf -n smtpd_client_restrictions` stdout.strip is expected to match /^smtpd_client_restrictions\s+=\s+permit_mynetworks,\s*reject\s*$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72163</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86787r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the sudoers file and all files in the &#x2F;etc&#x2F;sudoers.d&#x2F; directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the sudoers file and all files in the /etc/sudoers.d/ directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to access the &quot;&#x2F;etc&#x2F;sudoers&quot; file and files
-in the &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;&quot; directory.
+successful/unsuccessful attempts to access the "/etc/sudoers" file and files
+in the "/etc/sudoers.d/" directory.
 
     Check for modification of the following files being audited by performing
 the following commands to check the file system rules in
-&quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+"/etc/audit/audit.rules":
 
-    # grep -i &quot;&#x2F;etc&#x2F;sudoers&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i "/etc/sudoers" /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;sudoers -p wa -k privileged-actions
+    -w /etc/sudoers -p wa -k privileged-actions
 
-    # grep -i &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i "/etc/sudoers.d/" /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;sudoers.d&#x2F; -p wa -k privileged-actions
+    -w /etc/sudoers.d/ -p wa -k privileged-actions
 
     If the commands do not return output that match the examples, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to access the &quot;&#x2F;etc&#x2F;sudoers&quot; file and files
-in the &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;&quot; directory.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;sudoers -p wa -k privileged-actions
-
-    -w &#x2F;etc&#x2F;sudoers.d&#x2F; -p wa -k privileged-actions
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>547b04e6-9a2b-41b9-93b7-27ea919ea10d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers.d&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers.d&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72109</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86733r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to access the "/etc/sudoers" file and files
+in the "/etc/sudoers.d/" directory.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/sudoers -p wa -k privileged-actions
+
+    -w /etc/sudoers.d/ -p wa -k privileged-actions
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72163\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe sudoers file and all files in the /etc/sudoers.d/ directory.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to access the \\\"/etc/sudoers\\\" file and files\nin the \\\"/etc/sudoers.d/\\\" directory.\n\n    Check for modification of the following files being audited by performing\nthe following commands to check the file system rules in\n\\\"/etc/audit/audit.rules\\\":\n\n    # grep -i \\\"/etc/sudoers\\\" /etc/audit/audit.rules\n\n    -w /etc/sudoers -p wa -k privileged-actions\n\n    # grep -i \\\"/etc/sudoers.d/\\\" /etc/audit/audit.rules\n\n    -w /etc/sudoers.d/ -p wa -k privileged-actions\n\n    If the commands do not return output that match the examples, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to access the \\\"/etc/sudoers\\\" file and files\nin the \\\"/etc/sudoers.d/\\\" directory.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/sudoers -p wa -k privileged-actions\n\n    -w /etc/sudoers.d/ -p wa -k privileged-actions\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72163\"\n  tag rid: \"SV-86787r5_rule\"\n  tag stig_id: \"RHEL-07-030700\"\n  tag fix_id: \"F-78517r6_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_files = ['/etc/sudoers', '/etc/sudoers.d']\n\n  if audit_files.any? { |audit_file| file(audit_file).exist? }\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  audit_files.each do |audit_file|\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n    end if file(audit_file).exist?\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end if file(audit_file).exist?\n  end\n\n  describe \"The #{audit_files} files do not exist\" do\n    skip \"The #{audit_files} files do not exist, this requirement is Not Applicable.\"\n  end if !audit_files.any? { |audit_file| file(audit_file).exist? }\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/sudoers" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/sudoers" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/sudoers.d" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/sudoers.d" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72109</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86733r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchmodat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchmodat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmodat&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmodat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following command:
 
-    # grep -iw fchmodat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchmodat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchmodat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchmodat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmodat&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmodat" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0ccc1589-84fa-479c-b8f5-ab7b19835826</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71999</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86623r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020260</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72109\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchmodat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmodat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing command:\n\n    # grep -iw fchmodat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchmodat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmodat\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72109\"\n  tag rid: \"SV-86733r5_rule\"\n  tag stig_id: \"RHEL-07-030430\"\n  tag fix_id: \"F-78461r8_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchmodat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchmodat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71999</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86623r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020260</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system security patches and
-updates must be installed and up to date.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+updates must be installed and up to date.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Timely patching is critical for maintaining the operational
 availability, confidentiality, and integrity of information technology (IT)
 systems. However, failure to keep operating system and application software
@@ -12121,20 +11566,20 @@ keep abreast of all the new patches. When new weaknesses in an operating system
 exist, patches are usually made available by the vendor to resolve the
 problems. If the most recent security patches and updates are not installed,
 unauthorized users may take advantage of weaknesses in the unpatched software.
-The lack of prompt attention to patching could result in a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The lack of prompt attention to patching could result in a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system security patches and updates are installed and
 up to date. Updates are required to be applied with a frequency determined by
 the site or Program Management Office (PMO).
 
     Obtain the list of available package security updates from Red Hat. The URL
-for updates is https:&#x2F;&#x2F;rhn.redhat.com&#x2F;errata&#x2F;. It is important to note that
+for updates is https://rhn.redhat.com/errata/. It is important to note that
 updates provided by Red Hat may not be present on the system if the underlying
 packages are not installed.
 
@@ -12157,228 +11602,201 @@ Altered
 84 EE
 
     If package updates have not been performed on the system within the
-timeframe that the site&#x2F;program documentation requires, this is a finding.
+timeframe that the site/program documentation requires, this is a finding.
 
     Typical update frequency may be overridden by Information Assurance
 Vulnerability Alert (IAVA) notifications from CYBERCOM.
 
     If the operating system is in non-compliance with the Information Assurance
-Vulnerability Management (IAVM) process, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Vulnerability Management (IAVM) process, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install the operating system patches or updated packages
-available from Red Hat within 30 days or sooner as local policy dictates.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>83f077aa-b7b6-4dd8-acf0-7b5f5bab520b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-List of out-of-date packages is expected to be empty
-expected &#x60;[&quot;bind-export-libs&quot;, &quot;device-mapper&quot;, &quot;device-mapper-libs&quot;, &quot;python-requests&quot;, &quot;systemd&quot;, &quot;puppet5-release&quot;, &quot;systemd-sysv&quot;, &quot;systemd-libs&quot;, &quot;libgudev1&quot;, &quot;rh-amazon-rhui-client&quot;].empty?&#x60; to return true, got false
---------------------------------
-passed
-System Package bind-export-libs version is expected to eq &quot;9.11.4-16.P2.el7_8.2&quot;
-
-expected: &quot;9.11.4-16.P2.el7_8.2&quot;
-     got: &quot;9.11.4-16.P2.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package device-mapper version is expected to eq &quot;1.02.164-7.el7_8.1&quot;
-
-expected: &quot;1.02.164-7.el7_8.1&quot;
-     got: &quot;1.02.164-7.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package device-mapper-libs version is expected to eq &quot;1.02.164-7.el7_8.1&quot;
-
-expected: &quot;1.02.164-7.el7_8.1&quot;
-     got: &quot;1.02.164-7.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package python-requests version is expected to eq &quot;2.6.0-9.el7_8&quot;
-
-expected: &quot;2.6.0-9.el7_8&quot;
-     got: &quot;2.6.0-8.el7_7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package systemd version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package puppet5-release version is expected to eq &quot;5.0.0-11.el6&quot;
-
-expected: &quot;5.0.0-11.el6&quot;
-     got: &quot;5.0.0-4.el6&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package systemd-sysv version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package systemd-libs version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package libgudev1 version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package rh-amazon-rhui-client version is expected to eq &quot;3.0.26-1.el7&quot;
-
-expected: &quot;3.0.26-1.el7&quot;
-     got: &quot;3.0.18-1.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72073</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86697r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+available from Red Hat within 30 days or sooner as local policy dictates.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71999\" do\n  title \"The Red Hat Enterprise Linux operating system security patches and\nupdates must be installed and up to date.\"\n  desc  \"Timely patching is critical for maintaining the operational\navailability, confidentiality, and integrity of information technology (IT)\nsystems. However, failure to keep operating system and application software\npatched is a common mistake made by IT professionals. New patches are released\ndaily, and it is often difficult for even experienced System Administrators to\nkeep abreast of all the new patches. When new weaknesses in an operating system\nexist, patches are usually made available by the vendor to resolve the\nproblems. If the most recent security patches and updates are not installed,\nunauthorized users may take advantage of weaknesses in the unpatched software.\nThe lack of prompt attention to patching could result in a system compromise.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system security patches and updates are installed and\nup to date. Updates are required to be applied with a frequency determined by\nthe site or Program Management Office (PMO).\n\n    Obtain the list of available package security updates from Red Hat. The URL\nfor updates is https://rhn.redhat.com/errata/. It is important to note that\nupdates provided by Red Hat may not be present on the system if the underlying\npackages are not installed.\n\n    Check that the available package security updates have been installed on\nthe system with the following command:\n\n    # yum history list | more\n    Loaded plugins: langpacks, product-id, subscription-manager\n    ID     | Command line             | Date and time    | Action(s)      |\nAltered\n\n-------------------------------------------------------------------------------\n        70 | install aide             | 2016-05-05 10:58 | Install       |\n1\n        69 | update -y                | 2016-05-04 14:34 | Update     |   18 EE\n        68 | install vlc                | 2016-04-21 17:12 | Install        |\n21\n        67 | update -y                | 2016-04-21 17:04 | Update     |     7 EE\n        66 | update -y                | 2016-04-15 16:47 | E, I, U         |\n84 EE\n\n    If package updates have not been performed on the system within the\ntimeframe that the site/program documentation requires, this is a finding.\n\n    Typical update frequency may be overridden by Information Assurance\nVulnerability Alert (IAVA) notifications from CYBERCOM.\n\n    If the operating system is in non-compliance with the Information Assurance\nVulnerability Management (IAVM) process, this is a finding.\n  \"\n  desc  \"fix\", \"Install the operating system patches or updated packages\navailable from Red Hat within 30 days or sooner as local policy dictates.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71999\"\n  tag rid: \"SV-86623r4_rule\"\n  tag stig_id: \"RHEL-07-020260\"\n  tag fix_id: \"F-78351r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  updates = linux_update.updates\n  package_names = updates.map { |h| h['name'] }\n\n  describe.one do\n    describe 'List of out-of-date packages' do\n      subject { package_names }\n      it { should be_empty }\n    end\n\n    updates.each do |update|\n      describe package(update['name']) do\n        its('version') { should eq update['version'] }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST List of out-of-date packages is expected to be empty :: MESSAGE expected `["bind-export-libs", "device-mapper", "device-mapper-libs", "python-requests", "systemd", "puppet5-release", "systemd-sysv", "systemd-libs", "libgudev1", "rh-amazon-rhui-client"].empty?` to return true, got false
+--------------------------------
+passed :: TEST System Package bind-export-libs version is expected to eq "9.11.4-16.P2.el7_8.2" :: MESSAGE 
+expected: "9.11.4-16.P2.el7_8.2"
+     got: "9.11.4-16.P2.el7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package device-mapper version is expected to eq "1.02.164-7.el7_8.1" :: MESSAGE 
+expected: "1.02.164-7.el7_8.1"
+     got: "1.02.164-7.el7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package device-mapper-libs version is expected to eq "1.02.164-7.el7_8.1" :: MESSAGE 
+expected: "1.02.164-7.el7_8.1"
+     got: "1.02.164-7.el7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package python-requests version is expected to eq "2.6.0-9.el7_8" :: MESSAGE 
+expected: "2.6.0-9.el7_8"
+     got: "2.6.0-8.el7_7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package systemd version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package puppet5-release version is expected to eq "5.0.0-11.el6" :: MESSAGE 
+expected: "5.0.0-11.el6"
+     got: "5.0.0-4.el6"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package systemd-sysv version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package systemd-libs version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package libgudev1 version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package rh-amazon-rhui-client version is expected to eq "3.0.26-1.el7" :: MESSAGE 
+expected: "3.0.26-1.el7"
+     got: "3.0.18-1.el7"
+
+(compared using ==)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72073</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86697r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a file
 integrity tool that is configured to use FIPS 140-2 approved cryptographic
-hashes for validating file contents and directories.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+hashes for validating file contents and directories.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>File integrity tools use cryptographic hashes for verifying file
 contents and directories have not been altered. These hashes must be FIPS 140-2
-approved cryptographic hashes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+approved cryptographic hashes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file integrity tool is configured to use FIPS 140-2 approved
 cryptographic hashes for validating file contents and directories.
 
@@ -12398,147 +11816,140 @@ checks are performed on the system.
 is a finding.
 
     Note: AIDE is highly configurable at install time. These commands assume
-the &quot;aide.conf&quot; file is under the &quot;&#x2F;etc&quot; directory.
+the "aide.conf" file is under the "/etc" directory.
 
     Use the following command to determine if the file is in another location:
 
-    # find &#x2F; -name aide.conf
+    # find / -name aide.conf
 
-    Check the &quot;aide.conf&quot; file to determine if the &quot;sha512&quot; rule has been
+    Check the "aide.conf" file to determine if the "sha512" rule has been
 added to the rule list being applied to the files and directories selection
 lists.
 
-    An example rule that includes the &quot;sha512&quot; rule follows:
+    An example rule that includes the "sha512" rule follows:
 
-    All&#x3D;p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
-    &#x2F;bin All # apply the custom rule to the files in bin
-    &#x2F;sbin All # apply the same custom rule to the files in sbin
+    All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+    /bin All # apply the custom rule to the files in bin
+    /sbin All # apply the same custom rule to the files in sbin
 
-    If the &quot;sha512&quot; rule is not being used on all uncommented selection lines
-in the &quot;&#x2F;etc&#x2F;aide.conf&quot; file, or another file integrity tool is not using
+    If the "sha512" rule is not being used on all uncommented selection lines
+in the "/etc/aide.conf" file, or another file integrity tool is not using
 FIPS 140-2 approved cryptographic hashes for validating file contents and
-directories, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+directories, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to use FIPS 140-2 cryptographic hashes
 for validating file and directory contents.
 
-    If AIDE is installed, ensure the &quot;sha512&quot; rule is present on all
-uncommented file and directory selection lists.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b5ad6509-71e6-49fd-aa5c-8f5f8c1ca614</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-List of monitored files&#x2F;directories without &#39;sha512&#39; rule is expected to be empty
-expected &#x60;[&quot;&#x2F;root&#x2F;\\..*&quot;, &quot;&#x2F;var&#x2F;log&#x2F;faillog$&quot;, &quot;&#x2F;var&#x2F;log&#x2F;lastlog$&quot;, &quot;&#x2F;var&#x2F;run&#x2F;faillock&quot;, &quot;&#x2F;var&#x2F;log&quot;, &quot;&#x2F;var&#x2F;run&#x2F;utmp$&quot;, &quot;&#x2F;etc&quot;].empty?&#x60; to return true, got false</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71863</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86487r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If AIDE is installed, ensure the "sha512" rule is present on all
+uncommented file and directory selection lists.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72073\" do\n  title \"The Red Hat Enterprise Linux operating system must use a file\nintegrity tool that is configured to use FIPS 140-2 approved cryptographic\nhashes for validating file contents and directories.\"\n  desc  \"File integrity tools use cryptographic hashes for verifying file\ncontents and directories have not been altered. These hashes must be FIPS 140-2\napproved cryptographic hashes.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file integrity tool is configured to use FIPS 140-2 approved\ncryptographic hashes for validating file contents and directories.\n\n    Note: If RHEL-07-021350 is a finding, this is automatically a finding too\nas the system cannot implement FIPS 140-2 approved cryptographic algorithms and\nhashes.\n\n    Check to see if Advanced Intrusion Detection Environment (AIDE) is\ninstalled on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    If there is no application installed to perform file integrity checks, this\nis a finding.\n\n    Note: AIDE is highly configurable at install time. These commands assume\nthe \\\"aide.conf\\\" file is under the \\\"/etc\\\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    # find / -name aide.conf\n\n    Check the \\\"aide.conf\\\" file to determine if the \\\"sha512\\\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \\\"sha512\\\" rule follows:\n\n    All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \\\"sha512\\\" rule is not being used on all uncommented selection lines\nin the \\\"/etc/aide.conf\\\" file, or another file integrity tool is not using\nFIPS 140-2 approved cryptographic hashes for validating file contents and\ndirectories, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to use FIPS 140-2 cryptographic hashes\nfor validating file and directory contents.\n\n    If AIDE is installed, ensure the \\\"sha512\\\" rule is present on all\nuncommented file and directory selection lists.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72073\"\n  tag rid: \"SV-86697r3_rule\"\n  tag stig_id: \"RHEL-07-021620\"\n  tag fix_id: \"F-78425r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe package(\"aide\") do\n    it { should be_installed }\n  end\n\n  exclude_patterns = input('aide_exclude_patterns')\n\n  findings = aide_conf.where { !selection_line.start_with?('!') &amp;&amp; !exclude_patterns.include?(selection_line) &amp;&amp; !rules.include?('sha512')}\n\n  describe \"List of monitored files/directories without 'sha512' rule\" do\n    subject { findings.selection_lines }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST List of monitored files/directories without 'sha512' rule is expected to be empty :: MESSAGE expected `["/root/\\..*", "/var/log/faillog$", "/var/log/lastlog$", "/var/run/faillock", "/var/log", "/var/run/utmp$", "/etc"].empty?` to return true, got false</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71863</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86487r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 Standard Mandatory DoD Notice and Consent Banner before granting local or
-remote access to the system via a command line user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+remote access to the system via a command line user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the operating system ensures privacy and security
 notification verbiage used is consistent with applicable federal laws,
@@ -12551,7 +11962,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -12576,14 +11987,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system displays the Standard Mandatory DoD Notice and
 Consent Banner before granting access to the operating system via a command
 line user logon.
@@ -12591,10 +12002,10 @@ line user logon.
     Check to see if the operating system displays a banner at the command line
 logon screen with the following command:
 
-    # more &#x2F;etc&#x2F;issue
+    # more /etc/issue
 
     The command should return the following text:
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -12619,24 +12030,24 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;
+Agreement for details."
 
     If the operating system does not display a graphical logon banner or the
 banner does not match the Standard Mandatory DoD Notice and Consent Banner,
 this is a finding.
 
-    If the text in the &quot;&#x2F;etc&#x2F;issue&quot; file does not match the Standard
-Mandatory DoD Notice and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the text in the "/etc/issue" file does not match the Standard
+Mandatory DoD Notice and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the Standard Mandatory DoD Notice
 and Consent Banner before granting access to the system via the command line by
-editing the &quot;&#x2F;etc&#x2F;issue&quot; file.
+editing the "/etc/issue" file.
 
     Replace the default text with the Standard Mandatory DoD Notice and Consent
 Banner. The DoD required text is:
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -12661,297 +12072,283 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants.  Such
 communications and work product are private and confidential.  See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ca2b57a6-0128-470e-abc2-5bcb630e61aa</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The banner text should match the standard banner is expected to cmp &#x3D;&#x3D; &quot;YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.&quot;
-
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71863\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\nStandard Mandatory DoD Notice and Consent Banner before granting local or\nremote access to the system via a command line user logon.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system displays the Standard Mandatory DoD Notice and\nConsent Banner before granting access to the operating system via a command\nline user logon.\n\n    Check to see if the operating system displays a banner at the command line\nlogon screen with the following command:\n\n    # more /etc/issue\n\n    The command should return the following text:\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n    If the operating system does not display a graphical logon banner or the\nbanner does not match the Standard Mandatory DoD Notice and Consent Banner,\nthis is a finding.\n\n    If the text in the \\\"/etc/issue\\\" file does not match the Standard\nMandatory DoD Notice and Consent Banner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the command line by\nediting the \\\"/etc/issue\\\" file.\n\n    Replace the default text with the Standard Mandatory DoD Notice and Consent\nBanner. The DoD required text is:\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants.  Such\ncommunications and work product are private and confidential.  See User\nAgreement for details.\\\"\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\"]\n  tag gid: \"V-71863\"\n  tag rid: \"SV-86487r3_rule\"\n  tag stig_id: \"RHEL-07-010050\"\n  tag fix_id: \"F-78217r2_fix\"\n  tag cci: [\"CCI-000048\"]\n  tag nist: [\"AC-8 a\", \"Rev_4\"]\n\n  banner_message_text_cli = input('banner_message_text_cli')\n  banner_message_text_cli_limited = input('banner_message_text_cli_limited')\n\n  clean_banner = banner_message_text_cli.gsub(%r{[\\r\\n\\s]}, '')\n  clean_banner_limited = banner_message_text_cli_limited.gsub(%r{[\\r\\n\\s]}, '')\n  banner_file = file(\"/etc/issue\")\n  banner_missing = !banner_file.exist?\n\n  describe \"The banner text is not set because /etc/issue does not exist\" do\n    subject { banner_missing }\n    it { should be false }\n  end if banner_missing\n\n  banner_message = banner_file.content.gsub(%r{[\\r\\n\\s]}, '')\n  describe.one do\n    describe \"The banner text should match the standard banner\" do\n      subject { banner_message }\n      it { should cmp clean_banner }\n    end\n    describe \"The banner text should match the limited banner\" do\n      subject { banner_message }\n      it{should cmp clean_banner_limited }\n    end\n  end if !banner_missing\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The banner text should match the standard banner is expected to cmp == "YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails." :: MESSAGE 
 expected: YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-passed
-The banner text should match the limited banner is expected to cmp &#x3D;&#x3D; &quot;I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.&quot;
-
-expected: I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.
+passed :: TEST The banner text should match the limited banner is expected to cmp == "I'veread&amp;consenttotermsinISuseragreem't." :: MESSAGE 
+expected: I'veread&amp;consenttotermsinISuseragreem't.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72319</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86943r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040830</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72319</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86943r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040830</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not forward IPv6
-source-routed packets.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+source-routed packets.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Source-routed packets allow the source of the packet to suggest that
 routers forward the packet along a different path than configured on the
 router, which can be used to bypass network security measures. This requirement
 applies only to the forwarding of source-routed traffic, such as when IPv6
-forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If IPv6 is not enabled, the key will not exist, and this is Not Applicable.
 
     Verify the system does not accept IPv6 source-routed packets.
 
-    # grep net.ipv6.conf.all.accept_source_route &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv6.conf.all.accept_source_route /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    net.ipv6.conf.all.accept_source_route &#x3D; 0
+    net.ipv6.conf.all.accept_source_route = 0
 
-    If &quot;net.ipv6.conf.all.accept_source_route&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out or
-does not have a value of &quot;0&quot;, this is a finding.
+    If "net.ipv6.conf.all.accept_source_route" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv6.conf.all.accept_source_route
-    net.ipv6.conf.all.accept_source_route &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv6.conf.all.accept_source_route
+    net.ipv6.conf.all.accept_source_route = 0
 
-    If the returned lines do not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned lines do not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter, if IPv6 is enabled, by
-adding the following line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in
-the &#x2F;etc&#x2F;sysctl.d&#x2F; directory (or modify the line to have the required value):
+adding the following line to "/etc/sysctl.conf" or a configuration file in
+the /etc/sysctl.d/ directory (or modify the line to have the required value):
 
-    net.ipv6.conf.all.accept_source_route &#x3D; 0
+    net.ipv6.conf.all.accept_source_route = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>89609011-f2a8-4c1a-b1be-5aa6ecbbb2d5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv6.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86853r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040190</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72319\" do\n  title \"The Red Hat Enterprise Linux operating system must not forward IPv6\nsource-routed packets.\"\n  desc  \"Source-routed packets allow the source of the packet to suggest that\nrouters forward the packet along a different path than configured on the\nrouter, which can be used to bypass network security measures. This requirement\napplies only to the forwarding of source-routed traffic, such as when IPv6\nforwarding is enabled and the system is functioning as a router.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If IPv6 is not enabled, the key will not exist, and this is Not Applicable.\n\n    Verify the system does not accept IPv6 source-routed packets.\n\n    # grep net.ipv6.conf.all.accept_source_route /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    net.ipv6.conf.all.accept_source_route = 0\n\n    If \\\"net.ipv6.conf.all.accept_source_route\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv6.conf.all.accept_source_route\n    net.ipv6.conf.all.accept_source_route = 0\n\n    If the returned lines do not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter, if IPv6 is enabled, by\nadding the following line to \\\"/etc/sysctl.conf\\\" or a configuration file in\nthe /etc/sysctl.d/ directory (or modify the line to have the required value):\n\n    net.ipv6.conf.all.accept_source_route = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72319\"\n  tag rid: \"SV-86943r2_rule\"\n  tag stig_id: \"RHEL-07-040830\"\n  tag fix_id: \"F-78673r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe kernel_parameter('net.ipv6.conf.all.accept_source_route') do\n      its('value') { should eq 0 }\n    end\n\t# If IPv6 is disabled in the kernel it will return NIL\n    describe kernel_parameter('net.ipv6.conf.all.accept_source_route') do\n      its('value') { should eq nil }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv6.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86853r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040190</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
 cryptography to protect the integrity of Lightweight Directory Access Protocol
-(LDAP) communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(LDAP) communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, information can be
 altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If LDAP is not being utilized, this requirement is Not Applicable.
 
     Verify the operating system implements cryptography to protect the
@@ -12962,311 +12359,298 @@ command:
 
     # systemctl status sssd.service
     sssd.service - System Security Services Daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sssd.service; enabled; vendor
+    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
 preset: disabled)
     Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago
 
-    If the &quot;sssd.service&quot; is &quot;active&quot;, then LDAP is being used.
+    If the "sssd.service" is "active", then LDAP is being used.
 
-    Determine the &quot;id_provider&quot; the LDAP is currently using:
+    Determine the "id_provider" the LDAP is currently using:
 
-    # grep -i &quot;id_provider&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i "id_provider" /etc/sssd/sssd.conf
 
-    id_provider &#x3D; ad
+    id_provider = ad
 
-    If &quot;id_provider&quot; is set to &quot;ad&quot;, this is Not Applicable.
+    If "id_provider" is set to "ad", this is Not Applicable.
 
     Verify the sssd service is configured to require the use of certificates:
 
-    # grep -i tls_reqcert &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
-    ldap_tls_reqcert &#x3D; demand
+    # grep -i tls_reqcert /etc/sssd/sssd.conf
+    ldap_tls_reqcert = demand
 
-    If the &quot;ldap_tls_reqcert&quot; setting is missing, commented out, or does not
+    If the "ldap_tls_reqcert" setting is missing, commented out, or does not
 exist, this is a finding.
 
-    If the &quot;ldap_tls_reqcert&quot; setting is not set to &quot;demand&quot; or &quot;hard&quot;,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "ldap_tls_reqcert" setting is not set to "demand" or "hard",
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement cryptography to protect the
 integrity of LDAP remote access sessions.
 
-    Add or modify the following line in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot;:
-
-    ldap_tls_reqcert &#x3D; demand</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0e504cb3-3075-4f77-910e-53810975e797</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-LDAP not enabled
-LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72103</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86727r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030400</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the following line in "/etc/sssd/sssd.conf":
+
+    ldap_tls_reqcert = demand</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72229\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncryptography to protect the integrity of Lightweight Directory Access Protocol\n(LDAP) communications.\"\n  desc  \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If LDAP is not being utilized, this requirement is Not Applicable.\n\n    Verify the operating system implements cryptography to protect the\nintegrity of remote LDAP access sessions.\n\n    To determine if LDAP is being used for authentication, use the following\ncommand:\n\n    # systemctl status sssd.service\n    sssd.service - System Security Services Daemon\n    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor\npreset: disabled)\n    Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago\n\n    If the \\\"sssd.service\\\" is \\\"active\\\", then LDAP is being used.\n\n    Determine the \\\"id_provider\\\" the LDAP is currently using:\n\n    # grep -i \\\"id_provider\\\" /etc/sssd/sssd.conf\n\n    id_provider = ad\n\n    If \\\"id_provider\\\" is set to \\\"ad\\\", this is Not Applicable.\n\n    Verify the sssd service is configured to require the use of certificates:\n\n    # grep -i tls_reqcert /etc/sssd/sssd.conf\n    ldap_tls_reqcert = demand\n\n    If the \\\"ldap_tls_reqcert\\\" setting is missing, commented out, or does not\nexist, this is a finding.\n\n    If the \\\"ldap_tls_reqcert\\\" setting is not set to \\\"demand\\\" or \\\"hard\\\",\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement cryptography to protect the\nintegrity of LDAP remote access sessions.\n\n    Add or modify the following line in \\\"/etc/sssd/sssd.conf\\\":\n\n    ldap_tls_reqcert = demand\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72229\"\n  tag rid: \"SV-86853r4_rule\"\n  tag stig_id: \"RHEL-07-040190\"\n  tag fix_id: \"F-78583r4_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  sssd_id_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*id_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  sssd_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*[a-z]*_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  pam_ldap_enabled = (!command('grep \"^[^#]*pam_ldap\\.so\" /etc/pam.d/*').stdout.strip.empty?)\n\n  if !(sssd_id_ldap_enabled or sssd_ldap_enabled or pam_ldap_enabled)\n    impact 0.0\n    describe \"LDAP not enabled\" do\n      skip \"LDAP not enabled using any known mechanisms, this control is Not Applicable.\"\n    end\n  end\n\n  if sssd_id_ldap_enabled\n    ldap_id_use_start_tls = command('grep ldap_id_use_start_tls /etc/sssd/sssd.conf')\n    describe ldap_id_use_start_tls do\n      its('stdout.strip') { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n    end\n\n    ldap_id_use_start_tls.stdout.strip.each_line do |line|\n      describe line do\n        it { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n      end\n    end\n  end\n\n  if sssd_ldap_enabled\n    ldap_tls_cacertdir = command('grep -i ldap_tls_cacertdir /etc/sssd/sssd.conf').\n      stdout.strip.scan(%r{^ldap_tls_cacertdir\\s*=\\s*(.*)}).last\n\n    describe \"ldap_tls_cacertdir\" do\n      subject { ldap_tls_cacertdir }\n      it { should_not eq nil }\n    end\n\n    describe file(ldap_tls_cacertdir.last) do\n      it { should exist }\n      it { should be_directory }\n    end if !ldap_tls_cacertdir.nil?\n  end\n\n  if pam_ldap_enabled\n    tls_cacertdir = command('grep -i tls_cacertdir /etc/pam_ldap.conf').\n      stdout.strip.scan(%r{^tls_cacertdir\\s+(.*)}).last\n\n    describe \"tls_cacertdir\" do\n      subject { tls_cacertdir }\n      it { should_not eq nil }\n    end\n\n    describe file(tls_cacertdir.last) do\n      it { should exist }\n      it { should be_directory }\n    end if !tls_cacertdir.nil?\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST LDAP not enabled :: SKIP_MESSAGE LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72103</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86727r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030400</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchownat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchownat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchownat&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchownat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fchownat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchownat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchownat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchownat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>abff3fdf-06ba-4e50-986d-4b4811117a1f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86701r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72103\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchownat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchownat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fchownat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchownat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72103\"\n  tag rid: \"SV-86727r5_rule\"\n  tag stig_id: \"RHEL-07-030400\"\n  tag fix_id: \"F-78455r7_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchownat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchownat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86701r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the
-telnet-server package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+telnet-server package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>It is detrimental for operating systems to provide, or install by
 default, functionality exceeding requirements or mission objectives. These
 unnecessary capabilities or services are often overlooked and therefore may
@@ -13281,14 +12665,14 @@ functions).
     Examples of non-essential capabilities include, but are not limited to,
 games, software packages, tools, and demonstration software not related to
 requirements or providing a wide array of functionality not required for every
-mission, but which cannot be disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+mission, but which cannot be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system is configured to disable non-essential
 capabilities. The most secure way of ensuring a non-essential capability is
 disabled is to not have the capability installed.
@@ -13305,415 +12689,399 @@ command:
 
     # yum list installed telnet-server
 
-    If the telnet-server package is installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the telnet-server package is installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable non-essential capabilities by
 removing the telnet-server package from the system with the following command:
 
-    # yum remove telnet-server</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>eae1322e-aa77-4852-8358-e1bfae3334f7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package telnet-server is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71949</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86573r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # yum remove telnet-server</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72077\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the\ntelnet-server package installed.\"\n  desc  \"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.\n\n    Check to see if the telnet-server package is installed with the following\ncommand:\n\n    # yum list installed telnet-server\n\n    If the telnet-server package is installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable non-essential capabilities by\nremoving the telnet-server package from the system with the following command:\n\n    # yum remove telnet-server\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000095-GPOS-00049\"\n  tag gid: \"V-72077\"\n  tag rid: \"SV-86701r2_rule\"\n  tag stig_id: \"RHEL-07-021710\"\n  tag fix_id: \"F-78429r1_fix\"\n  tag cci: [\"CCI-000381\"]\n  tag nist: [\"CM-7 a\", \"Rev_4\"]\n\n  describe package('telnet-server') do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package telnet-server is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71949</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86573r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that users must re-authenticate for privilege escalation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that users must re-authenticate for privilege escalation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without re-authentication, users may access resources or perform tasks
 for which they do not have authorization.
 
     When operating systems provide the capability to escalate a functional
-capability, it is critical the user reauthenticate.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+capability, it is critical the user reauthenticate.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system requires users to reauthenticate for privilege
 escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; and &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;*&quot;
+    Check the configuration of the "/etc/sudoers" and "/etc/sudoers.d/*"
 files with the following command:
 
-    # grep -i authenticate &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*
+    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*
 
-    If any uncommented line is found with a &quot;!authenticate&quot; tag, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any uncommented line is found with a "!authenticate" tag, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require users to reauthenticate for
 privilege escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; file with the following
+    Check the configuration of the "/etc/sudoers" file with the following
 command:
 
     # visudo
-    Remove any occurrences of &quot;!authenticate&quot; tags in the file.
+    Remove any occurrences of "!authenticate" tags in the file.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;*&quot; files with the
+    Check the configuration of the "/etc/sudoers.d/*" files with the
 following command:
 
-    # grep -i authenticate &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*
-    Remove any occurrences of &quot;!authenticate&quot; tags in the file(s).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7900e602-35bd-44a4-940f-ef71ab2bccdd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -ir authenticate &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*&#x60; stdout is expected not to match &#x2F;!authenticate&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86657r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*
+    Remove any occurrences of "!authenticate" tags in the file(s).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71949\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat users must re-authenticate for privilege escalation.\"\n  desc  \"Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system requires users to reauthenticate for privilege\nescalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" and \\\"/etc/sudoers.d/*\\\"\nfiles with the following command:\n\n    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*\n\n    If any uncommented line is found with a \\\"!authenticate\\\" tag, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require users to reauthenticate for\nprivilege escalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" file with the following\ncommand:\n\n    # visudo\n    Remove any occurrences of \\\"!authenticate\\\" tags in the file.\n\n    Check the configuration of the \\\"/etc/sudoers.d/*\\\" files with the\nfollowing command:\n\n    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*\n    Remove any occurrences of \\\"!authenticate\\\" tags in the file(s).\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000373-GPOS-00156\"\n  tag satisfies: [\"SRG-OS-000373-GPOS-00156\", \"SRG-OS-000373-GPOS-00157\",\n\"SRG-OS-000373-GPOS-00158\"]\n  tag gid: \"V-71949\"\n  tag rid: \"SV-86573r3_rule\"\n  tag stig_id: \"RHEL-07-010350\"\n  tag fix_id: \"F-78301r3_fix\"\n  tag cci: [\"CCI-002038\"]\n  tag nist: [\"IA-11\", \"Rev_4\"]\n\n  describe command(\"grep -ir authenticate /etc/sudoers /etc/sudoers.d/*\") do\n    its('stdout') { should_not match %r{!authenticate} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -ir authenticate /etc/sudoers /etc/sudoers.d/*` stdout is expected not to match /!authenticate/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86657r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all local initialization files have mode 0740 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Local initialization files are used to configure the user&#39;s shell
+that all local initialization files have mode 0740 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Local initialization files are used to configure the user's shell
 environment upon logon. Malicious modification of these files could compromise
-accounts upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that all local initialization files have a mode of &quot;0740&quot; or less
+accounts upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that all local initialization files have a mode of "0740" or less
 permissive.
 
     Check the mode on all local initialization files with the following command:
 
-    Note: The example will be for the &quot;smithj&quot; user, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the "smithj" user, who has a home directory
+of "/home/smithj".
 
-    # ls -al &#x2F;home&#x2F;smithj&#x2F;.[^.]* | more
+    # ls -al /home/smithj/.[^.]* | more
 
     -rwxr----- 1 smithj users 896 Mar 10 2011 .profile
     -rwxr----- 1 smithj users 497 Jan 6 2007 .login
     -rwxr----- 1 smithj users 886 Jan 6 2007 .something
 
     If any local initialization files have a mode more permissive than
-&quot;0740&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Set the mode of the local initialization files to &quot;0740&quot; with the
+"0740", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Set the mode of the local initialization files to "0740" with the
 following command:
 
-    Note: The example will be for the &quot;smithj&quot; user, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chmod 0740 &#x2F;home&#x2F;smithj&#x2F;.[^.]*</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>34d1bc8c-7673-4e50-b112-837c2b0dadbf</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-#&lt;Set: {&quot;&#x2F;root&#x2F;.bash_logout&quot;, &quot;&#x2F;root&#x2F;.bash_profile&quot;, &quot;&#x2F;root&#x2F;.bashrc&quot;, &quot;&#x2F;root&#x2F;.cshrc&quot;, &quot;&#x2F;root&#x2F;.tcshrc&quot;}&gt; is expected to be empty
-expected &#x60;#&lt;Set: {&quot;&#x2F;root&#x2F;.bash_logout&quot;, &quot;&#x2F;root&#x2F;.bash_profile&quot;, &quot;&#x2F;root&#x2F;.bashrc&quot;, &quot;&#x2F;root&#x2F;.cshrc&quot;, &quot;&#x2F;root&#x2F;.tcshrc&quot;}&gt;.empty?&#x60; to return true, got false</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71911</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86535r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Note: The example will be for the "smithj" user, who has a home directory
+of "/home/smithj".
+
+    # chmod 0740 /home/smithj/.[^.]*</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72033\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local initialization files have mode 0740 or less permissive.\"\n  desc  \"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that all local initialization files have a mode of \\\"0740\\\" or less\npermissive.\n\n    Check the mode on all local initialization files with the following command:\n\n    Note: The example will be for the \\\"smithj\\\" user, who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -al /home/smithj/.[^.]* | more\n\n    -rwxr----- 1 smithj users 896 Mar 10 2011 .profile\n    -rwxr----- 1 smithj users 497 Jan 6 2007 .login\n    -rwxr----- 1 smithj users 886 Jan 6 2007 .something\n\n    If any local initialization files have a mode more permissive than\n\\\"0740\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the mode of the local initialization files to \\\"0740\\\" with the\nfollowing command:\n\n    Note: The example will be for the \\\"smithj\\\" user, who has a home directory\nof \\\"/home/smithj\\\".\n\n    # chmod 0740 /home/smithj/.[^.]*\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72033\"\n  tag rid: \"SV-86657r3_rule\"\n  tag stig_id: \"RHEL-07-020710\"\n  tag fix_id: \"F-78385r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    findings = findings + command(\"find #{user_info.home} -xdev -maxdepth 1 -name '.*' -type f -perm /037\").stdout.split(\"\\n\")\n  end\n  describe findings do\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST #&lt;Set: {"/root/.bash_logout", "/root/.bash_profile", "/root/.bashrc", "/root/.cshrc", "/root/.tcshrc"}&gt; is expected to be empty :: MESSAGE expected `#&lt;Set: {"/root/.bash_logout", "/root/.bash_profile", "/root/.bashrc", "/root/.cshrc", "/root/.tcshrc"}&gt;.empty?` to return true, got false</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71911</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86535r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed a minimum of eight of the total number of
-characters must be changed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+characters must be changed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -13722,146 +13090,141 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;difok&quot; option sets the number of characters in a password that must
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "difok" option sets the number of characters in a password that must
 not be present in the old password.
 
-    Check for the value of the &quot;difok&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "difok" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep difok &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    difok &#x3D; 8
+    # grep difok /etc/security/pwquality.conf
+    difok = 8
 
-    If the value of &quot;difok&quot; is set to less than &quot;8&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "difok" is set to less than "8", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of at least eight of
 the total number of characters when passwords are changed by setting the
-&quot;difok&quot; option.
+"difok" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    difok &#x3D; 8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>43824e45-e719-4bad-97ed-664eb7b69996</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf difok.to_i is expected to cmp &gt;&#x3D; 8</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72269</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000355-GPOS-00143</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86893r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    difok = 8</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71911\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed a minimum of eight of the total number of\ncharacters must be changed.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"difok\\\" option sets the number of characters in a password that must\nnot be present in the old password.\n\n    Check for the value of the \\\"difok\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep difok /etc/security/pwquality.conf\n    difok = 8\n\n    If the value of \\\"difok\\\" is set to less than \\\"8\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of at least eight of\nthe total number of characters when passwords are changed by setting the\n\\\"difok\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    difok = 8\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71911\"\n  tag rid: \"SV-86535r2_rule\"\n  tag stig_id: \"RHEL-07-010160\"\n  tag fix_id: \"F-78263r1_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  difok = input('difok')\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('difok.to_i') { should cmp &gt;= difok }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf difok.to_i is expected to cmp &gt;= 8</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72269</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000355-GPOS-00143</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86893r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must, for networked
 systems, synchronize clocks with a server that is synchronized to one of the
 redundant United States Naval Observatory (USNO) time servers, a time server
-designated for the appropriate DoD network (NIPRNet&#x2F;SIPRNet), and&#x2F;or the Global
-Positioning System (GPS).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global
+Positioning System (GPS).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Inaccurate time stamps make it more difficult to correlate events and
 can lead to an inaccurate analysis. Determining the correct time a particular
 event occurred on a system is critical when conducting forensic analysis and
@@ -13874,62 +13237,62 @@ connected over a network.
 
     Organizations should consider endpoints that may not have regular access to
 the authoritative time server (e.g., mobile, teleworking, and tactical
-endpoints).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+endpoints).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check to see if NTP is running in continuous mode:
 
     # ps -ef | grep ntp
 
-    If NTP is not running, check to see if &quot;chronyd&quot; is running in continuous
+    If NTP is not running, check to see if "chronyd" is running in continuous
 mode:
 
     # ps -ef | grep chronyd
 
-    If NTP or &quot;chronyd&quot; is not running, this is a finding.
+    If NTP or "chronyd" is not running, this is a finding.
 
-    If the NTP process is found, then check the &quot;ntp.conf&quot; file for the
-&quot;maxpoll&quot; option setting:
+    If the NTP process is found, then check the "ntp.conf" file for the
+"maxpoll" option setting:
 
-    # grep maxpoll &#x2F;etc&#x2F;ntp.conf
+    # grep maxpoll /etc/ntp.conf
 
     server 0.rhel.pool.ntp.org iburst maxpoll 10
 
-    If the option is set to &quot;17&quot; or is not set, this is a finding.
+    If the option is set to "17" or is not set, this is a finding.
 
-    If the file does not exist, check the &quot;&#x2F;etc&#x2F;cron.daily&quot; subdirectory for
-a crontab file controlling the execution of the &quot;ntpd -q&quot; command.
+    If the file does not exist, check the "/etc/cron.daily" subdirectory for
+a crontab file controlling the execution of the "ntpd -q" command.
 
-    # grep -i &quot;ntpd -q&quot; &#x2F;etc&#x2F;cron.daily&#x2F;*
-    # ls -al &#x2F;etc&#x2F;cron.* | grep ntp
+    # grep -i "ntpd -q" /etc/cron.daily/*
+    # ls -al /etc/cron.* | grep ntp
 
     ntp
 
-    If a crontab file does not exist in the &quot;&#x2F;etc&#x2F;cron.daily&quot; that executes
-the &quot;ntpd -q&quot; command, this is a finding.
+    If a crontab file does not exist in the "/etc/cron.daily" that executes
+the "ntpd -q" command, this is a finding.
 
-    If the &quot;chronyd&quot; process is found, then check the &quot;chrony.conf&quot; file
-for the &quot;maxpoll&quot; option setting:
+    If the "chronyd" process is found, then check the "chrony.conf" file
+for the "maxpoll" option setting:
 
-    # grep maxpoll &#x2F;etc&#x2F;chrony.conf
+    # grep maxpoll /etc/chrony.conf
 
     server 0.rhel.pool.ntp.org iburst maxpoll 10
 
-    If the option is not set or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &quot;&#x2F;etc&#x2F;ntp.conf&quot; or &quot;&#x2F;etc&#x2F;chrony.conf&quot; file and add or update
-an entry to define &quot;maxpoll&quot; to &quot;10&quot; as follows:
+    If the option is not set or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the "/etc/ntp.conf" or "/etc/chrony.conf" file and add or update
+an entry to define "maxpoll" to "10" as follows:
 
     server 0.rhel.pool.ntp.org iburst maxpoll 10
 
-    If NTP was running and &quot;maxpoll&quot; was updated, the NTP service must be
+    If NTP was running and "maxpoll" was updated, the NTP service must be
 restarted:
 
     # systemctl restart ntpd
@@ -13938,419 +13301,398 @@ restarted:
 
     # systemctl start ntpd
 
-    If &quot;chronyd&quot; was running and &quot;maxpoll&quot; was updated, the service must be
+    If "chronyd" was running and "maxpoll" was updated, the service must be
 restarted:
 
     # systemctl restart chronyd.service
 
-    If &quot;chronyd&quot; was not running, it must be started:
-
-    # systemctl start chronyd.service</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>139eb42c-799d-4e6d-b553-58ce39529cce</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002046</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service chronyd is expected to be running
---------------------------------
-passed
-Service chronyd is expected to be enabled
---------------------------------
-passed
-Service chronyd is expected to be installed
---------------------------------
-passed
-chronyd time sources list is expected not to be empty
---------------------------------
-passed
-chronyd maxpoll values (99&#x3D;maxpoll absent) is expected to all be &lt; 17</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71931</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86555r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010260</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If "chronyd" was not running, it must be started:
+
+    # systemctl start chronyd.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72269\" do\n  title \"The Red Hat Enterprise Linux operating system must, for networked\nsystems, synchronize clocks with a server that is synchronized to one of the\nredundant United States Naval Observatory (USNO) time servers, a time server\ndesignated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global\nPositioning System (GPS).\"\n  desc  \"Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check to see if NTP is running in continuous mode:\n\n    # ps -ef | grep ntp\n\n    If NTP is not running, check to see if \\\"chronyd\\\" is running in continuous\nmode:\n\n    # ps -ef | grep chronyd\n\n    If NTP or \\\"chronyd\\\" is not running, this is a finding.\n\n    If the NTP process is found, then check the \\\"ntp.conf\\\" file for the\n\\\"maxpoll\\\" option setting:\n\n    # grep maxpoll /etc/ntp.conf\n\n    server 0.rhel.pool.ntp.org iburst maxpoll 10\n\n    If the option is set to \\\"17\\\" or is not set, this is a finding.\n\n    If the file does not exist, check the \\\"/etc/cron.daily\\\" subdirectory for\na crontab file controlling the execution of the \\\"ntpd -q\\\" command.\n\n    # grep -i \\\"ntpd -q\\\" /etc/cron.daily/*\n    # ls -al /etc/cron.* | grep ntp\n\n    ntp\n\n    If a crontab file does not exist in the \\\"/etc/cron.daily\\\" that executes\nthe \\\"ntpd -q\\\" command, this is a finding.\n\n    If the \\\"chronyd\\\" process is found, then check the \\\"chrony.conf\\\" file\nfor the \\\"maxpoll\\\" option setting:\n\n    # grep maxpoll /etc/chrony.conf\n\n    server 0.rhel.pool.ntp.org iburst maxpoll 10\n\n    If the option is not set or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the \\\"/etc/ntp.conf\\\" or \\\"/etc/chrony.conf\\\" file and add or update\nan entry to define \\\"maxpoll\\\" to \\\"10\\\" as follows:\n\n    server 0.rhel.pool.ntp.org iburst maxpoll 10\n\n    If NTP was running and \\\"maxpoll\\\" was updated, the NTP service must be\nrestarted:\n\n    # systemctl restart ntpd\n\n    If NTP was not running, it must be started:\n\n    # systemctl start ntpd\n\n    If \\\"chronyd\\\" was running and \\\"maxpoll\\\" was updated, the service must be\nrestarted:\n\n    # systemctl restart chronyd.service\n\n    If \\\"chronyd\\\" was not running, it must be started:\n\n    # systemctl start chronyd.service\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000355-GPOS-00143\"\n  tag satisfies: [\"SRG-OS-000355-GPOS-00143\", \"SRG-OS-000356-GPOS-00144\"]\n  tag gid: \"V-72269\"\n  tag rid: \"SV-86893r5_rule\"\n  tag stig_id: \"RHEL-07-040500\"\n  tag fix_id: \"F-78623r5_fix\"\n  tag cci: [\"CCI-001891\", \"CCI-002046\"]\n  tag nist: [\"AU-8 (1) (a)\", \"AU-8 (1) (b)\", \"Rev_4\"]\n\n  # Either ntpd or chronyd should be running\n  describe.one do\n    [service('ntpd'), service('chronyd')].each do |time_service|\n      describe time_service do\n        it { should be_running }\n        it { should be_enabled }\n        it { should be_installed }\n      end\n    end\n  end\n\n  if service('ntpd').installed?\n    time_service = service('ntpd')\n    time_sources = ntp_conf('/etc/ntp.conf').server\n    max_poll_values = time_sources.map { |val| val.match?(/.*maxpoll.*/) ? val.gsub(/.*maxpoll\\s+(\\d+)(\\s+.*|$)/,'\\1').to_i : 99 }\n    ntpdate_crons = command('grep -l \"ntpd -q\" /etc/cron.daily/*').stdout.strip.lines\n\n    describe \"ntpd time sources list\" do\n      subject { time_sources }\n      it { should_not be_empty }\n    end\n\n    describe.one do\n      # Case where maxpoll empty\n      describe \"Daily cron jobs for 'ntpd -q'\" do\n        subject { ntpdate_crons }\n        it { should_not be_empty }\n      end\n      # All time sources must contain valid maxpoll entries\n      describe \"ntpd maxpoll values (99=maxpoll absent)\" do\n        subject { max_poll_values }\n        it { should all be &lt; 17 }\n      end\n    end\n  end\n\n  if service('chronyd').installed?\n    time_service = service('chronyd')\n    time_sources = ntp_conf('/etc/chrony.conf').server\n    max_poll_values = time_sources.map { |val| val.match?(/.*maxpoll.*/) ? val.gsub(/.*maxpoll\\s+(\\d+)(\\s+.*|$)/,'\\1').to_i : 99 }\n\n    describe \"chronyd time sources list\" do\n      subject { time_sources }\n      it { should_not be_empty }\n    end\n      \n    # All time sources must contain valid maxpoll entries\n    describe \"chronyd maxpoll values (99=maxpoll absent)\" do\n      subject { max_poll_values }\n      it { should all be &lt; 17 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002046</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service chronyd is expected to be running
+--------------------------------
+passed :: TEST Service chronyd is expected to be enabled
+--------------------------------
+passed :: TEST Service chronyd is expected to be installed
+--------------------------------
+passed :: TEST chronyd time sources list is expected not to be empty
+--------------------------------
+passed :: TEST chronyd maxpoll values (99=maxpoll absent) is expected to all be &lt; 17</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71931</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86555r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010260</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that existing passwords are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that existing passwords are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Any password, no matter how complex, can eventually be cracked.
 Therefore, passwords need to be changed periodically. If the operating system
 does not limit the lifetime of passwords and force users to change their
 passwords, there is the risk that the operating system passwords could be
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check whether the maximum time period for existing passwords is restricted
 to 60 days.
 
-    # awk -F: &#39;$5 &gt; 60 {print $1 &quot; &quot; $5}&#39; &#x2F;etc&#x2F;shadow
+    # awk -F: '$5 &gt; 60 {print $1 " " $5}' /etc/shadow
 
     If any results are returned that are not associated with a system account,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure non-compliant accounts to enforce a 60-day maximum password
 lifetime restriction.
 
-    # chage -M 60 [user]</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>579f4b5c-0d47-4a88-9fa7-ccb3a6e585c8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;shadow with user &#x3D;&#x3D; &quot;ec2-user&quot; max_days.first.to_i is expected to cmp &lt;&#x3D; 60</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72061</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86685r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chage -M 60 [user]</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71931\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat existing passwords are restricted to a 60-day maximum lifetime.\"\n  desc  \"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If the operating system\ndoes not limit the lifetime of passwords and force users to change their\npasswords, there is the risk that the operating system passwords could be\ncompromised.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check whether the maximum time period for existing passwords is restricted\nto 60 days.\n\n    # awk -F: '$5 &gt; 60 {print $1 \\\" \\\" $5}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.\n\n  \"\n  desc  \"fix\", \"\n    Configure non-compliant accounts to enforce a 60-day maximum password\nlifetime restriction.\n\n    # chage -M 60 [user]\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000076-GPOS-00044\"\n  tag gid: \"V-71931\"\n  tag rid: \"SV-86555r3_rule\"\n  tag stig_id: \"RHEL-07-010260\"\n  tag fix_id: \"F-78283r1_fix\"\n  tag cci: [\"CCI-000199\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  shadow.users.each do |user|\n    # filtering on non-system accounts (uid &gt;= 1000)\n    next unless user(user).uid &gt;= 1000\n    describe shadow.users(user) do\n      its('max_days.first.to_i') { should cmp &lt;= 60 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/shadow with user == "ec2-user" max_days.first.to_i is expected to cmp &lt;= 60</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72061</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86685r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a separate file
-system for &#x2F;var.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system for /var.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that a separate file system&#x2F;partition has been created for &quot;&#x2F;var&quot;.
-
-    Check that a file system&#x2F;partition has been created for &quot;&#x2F;var&quot; with the
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that a separate file system/partition has been created for "/var".
+
+    Check that a file system/partition has been created for "/var" with the
 following command:
 
-    # grep &#x2F;var &#x2F;etc&#x2F;fstab
-    UUID&#x3D;c274f65f    &#x2F;var                    ext4    noatime,nobarrier        1
+    # grep /var /etc/fstab
+    UUID=c274f65f    /var                    ext4    noatime,nobarrier        1
 2
 
-    If a separate entry for &quot;&#x2F;var&quot; is not in use, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Migrate the &quot;&#x2F;var&quot; path onto a separate file system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c385e71c-9d6b-4721-90d5-d2c89cfc5e98</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;var is expected to be mounted
-
-Mount &#x2F;var is not mounted
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-92255</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-102357r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If a separate entry for "/var" is not in use, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Migrate the "/var" path onto a separate file system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72061\" do\n  title \"The Red Hat Enterprise Linux operating system must use a separate file\nsystem for /var.\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a separate file system/partition has been created for \\\"/var\\\".\n\n    Check that a file system/partition has been created for \\\"/var\\\" with the\nfollowing command:\n\n    # grep /var /etc/fstab\n    UUID=c274f65f    /var                    ext4    noatime,nobarrier        1\n2\n\n    If a separate entry for \\\"/var\\\" is not in use, this is a finding.\n  \"\n  desc  \"fix\", \"Migrate the \\\"/var\\\" path onto a separate file system.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72061\"\n  tag rid: \"SV-86685r2_rule\"\n  tag stig_id: \"RHEL-07-021320\"\n  tag fix_id: \"F-78413r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe mount('/var') do\n    it { should be_mounted }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /var is expected to be mounted :: MESSAGE 
+Mount /var is not mounted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-92255</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-102357r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020019</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have a host-based
-intrusion detection tool installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+intrusion detection tool installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Adding host-based intrusion detection tools can provide the capability
 to automatically take actions in response to malicious behavior, which can
 provide additional agility in reacting to network threats. These tools also
 often include a reporting capability to provide network awareness of the
-system, which may not otherwise exist in an organization&#39;s systems management
-regime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+system, which may not otherwise exist in an organization's systems management
+regime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Ask the SA or ISSO if a host-based intrusion detection application is
 loaded on the system. Per OPORD 16-0080, the preferred intrusion detection
 system is McAfee HBSS available through the U.S. Cyber Command (USCYBERCOM).
@@ -14366,12 +13708,12 @@ SELinux, this must be documented and approved by the local Authorizing Official.
 
     Verify that the McAfee HIPS module is active on the system:
 
-    # ps -ef | grep -i hipclient
+    # ps -ef | grep -i “hipclient”
 
     If the MFEhiplsm package is not installed, check for another intrusion
 detection system:
 
-    # find &#x2F; -name &lt;daemon name&gt;
+    # find / -name &lt;daemon name&gt;
 
     Where &lt;daemon name&gt; is the name of the primary application daemon to
 determine if the application is loaded on the system.
@@ -14385,146 +13727,138 @@ intrusion detection application has not been documented for use, this is a
 finding.
 
     If no host-based intrusion detection system is installed and running on the
-system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install and enable the latest McAfee HIPS package, available from
 USCYBERCOM.
 
     Note: If the system does not support the McAfee HIPS package, install and
 enable a supported intrusion detection system application and document its use
-with the Authorizing Official.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a5444bed-ef08-4dd4-aeb7-078c530dd994</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001263</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package MFEhiplsm is expected to be installed
-expected that &#x60;System Package MFEhiplsm&#x60; is installed
---------------------------------
-passed
-Processes &#x2F;hipclient&#x2F; is expected to exist
-expected Processes &#x2F;hipclient&#x2F; to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71893</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86517r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010070</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+with the Authorizing Official.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-92255\" do\n  title \"The Red Hat Enterprise Linux operating system must have a host-based\nintrusion detection tool installed.\"\n  desc  \"Adding host-based intrusion detection tools can provide the capability\nto automatically take actions in response to malicious behavior, which can\nprovide additional agility in reacting to network threats. These tools also\noften include a reporting capability to provide network awareness of the\nsystem, which may not otherwise exist in an organization's systems management\nregime.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Ask the SA or ISSO if a host-based intrusion detection application is\nloaded on the system. Per OPORD 16-0080, the preferred intrusion detection\nsystem is McAfee HBSS available through the U.S. Cyber Command (USCYBERCOM).\n\n    If another host-based intrusion detection application is in use, such as\nSELinux, this must be documented and approved by the local Authorizing Official.\n\n    Procedure:\n    Examine the system to determine if the Host Intrusion Prevention System\n(HIPS) is installed:\n\n    # rpm -qa | grep MFEhiplsm\n\n    Verify that the McAfee HIPS module is active on the system:\n\n    # ps -ef | grep -i “hipclient”\n\n    If the MFEhiplsm package is not installed, check for another intrusion\ndetection system:\n\n    # find / -name &lt;daemon name&gt;\n\n    Where &lt;daemon name&gt; is the name of the primary application daemon to\ndetermine if the application is loaded on the system.\n\n    Determine if the application is active on the system:\n\n    # ps -ef | grep -i &lt;daemon name&gt;\n\n    If the MFEhiplsm package is not installed and an alternate host-based\nintrusion detection application has not been documented for use, this is a\nfinding.\n\n    If no host-based intrusion detection system is installed and running on the\nsystem, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Install and enable the latest McAfee HIPS package, available from\nUSCYBERCOM.\n\n    Note: If the system does not support the McAfee HIPS package, install and\nenable a supported intrusion detection system application and document its use\nwith the Authorizing Official.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000196\"\n  tag gid: \"V-92255\"\n  tag rid: \"SV-102357r1_rule\"\n  tag stig_id: \"RHEL-07-020019\"\n  tag fix_id: \"F-98477r1_fix\"\n  tag cci: [\"CCI-001263\"]\n  tag nist: [\"SI-4 (5)\", \"Rev_4\"]\n\n  custom_hips = input('custom_hips')\n\n  if ! custom_hips\n    describe package('MFEhiplsm') do\n      it { should be_installed }\n    end\n    describe processes(/hipclient/) do\n      it { should exist }\n    end\n  else\n    # Special case for SELinux\n    sel_mode = command('getenforce').stdout.strip\n    custom_hips_daemon = input('custom_hips_daemon')\n    max_daemon_processes = input('max_daemon_processes')\n\n    describe.one do\n      describe \"SELinux mode\" do\n        subject { sel_mode }\n        it { should cmp 'Enforcing' }\n      end\n      describe processes(/#{custom_hips_daemon}/) do\n        it { should exist }\n        its('count') { should be &lt; max_daemon_processes }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001263</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package MFEhiplsm is expected to be installed :: MESSAGE expected that `System Package MFEhiplsm` is installed
+--------------------------------
+passed :: TEST Processes /hipclient/ is expected to exist :: MESSAGE expected Processes /hipclient/ to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71893</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86517r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010070</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate a
 screensaver after a 15-minute period of inactivity for graphical user
-interfaces.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+interfaces.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates a screensaver after a 15-minute
 period of inactivity for graphical user interfaces. The screen program must be
 installed to lock sessions on the console.
@@ -14535,148 +13869,143 @@ Applicable.
     Check to see if GNOME is configured to display a screensaver after a 15
 minute delay with the following command:
 
-    # grep -i idle-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    idle-delay&#x3D;uint32 900
+    # grep -i idle-delay /etc/dconf/db/local.d/*
+    idle-delay=uint32 900
 
-    If the &quot;idle-delay&quot; setting is missing or is not set to &quot;900&quot; or less,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "idle-delay" setting is missing or is not set to "900" or less,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate a screensaver after a 15-minute
 period of inactivity for graphical user interfaces.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
-    Edit &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver and add or update the following
+    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following
 lines:
 
-    [org&#x2F;gnome&#x2F;desktop&#x2F;session]
+    [org/gnome/desktop/session]
     # Set the lock time out to 900 seconds before the session is considered idle
-    idle-delay&#x3D;uint32 900
+    idle-delay=uint32 900
 
-    You must include the &quot;uint32&quot; along with the integer key values as shown.
+    You must include the "uint32" along with the integer key values as shown.
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0eadcb3a-1d77-4501-9fbc-c2cc83e706c9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71915</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86539r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010180</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71893\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate a\nscreensaver after a 15-minute period of inactivity for graphical user\ninterfaces.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces. The screen program must be\ninstalled to lock sessions on the console.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check to see if GNOME is configured to display a screensaver after a 15\nminute delay with the following command:\n\n    # grep -i idle-delay /etc/dconf/db/local.d/*\n    idle-delay=uint32 900\n\n    If the \\\"idle-delay\\\" setting is missing or is not set to \\\"900\\\" or less,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following\nlines:\n\n    [org/gnome/desktop/session]\n    # Set the lock time out to 900 seconds before the session is considered idle\n    idle-delay=uint32 900\n\n    You must include the \\\"uint32\\\" along with the integer key values as shown.\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71893\"\n  tag rid: \"SV-86517r5_rule\"\n  tag stig_id: \"RHEL-07-010070\"\n  tag fix_id: \"F-78245r5_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  unless package('gnome-desktop3').installed?\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  else \n    describe command(\"gsettings get org.gnome.desktop.session idle-delay | cut -d ' ' -f2\") do\n      its('stdout.strip') { should cmp &lt;= 900 }\n    end \n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71915</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86539r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010180</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed the number of repeating consecutive characters
-must not be more than three characters.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+must not be more than three characters.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -14685,617 +14014,590 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;maxrepeat&quot; option sets the maximum number of allowed same
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "maxrepeat" option sets the maximum number of allowed same
 consecutive characters in a new password.
 
-    Check for the value of the &quot;maxrepeat&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "maxrepeat" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep maxrepeat &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    maxrepeat &#x3D; 3
+    # grep maxrepeat /etc/security/pwquality.conf
+    maxrepeat = 3
 
-    If the value of &quot;maxrepeat&quot; is set to more than &quot;3&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "maxrepeat" is set to more than "3", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of the number of
 repeating consecutive characters when passwords are changed by setting the
-&quot;maxrepeat&quot; option.
+"maxrepeat" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf conf&quot; (or modify
+    Add the following line to "/etc/security/pwquality.conf conf" (or modify
 the line to have the required value):
 
-    maxrepeat &#x3D; 3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>99e5ee91-32d4-48f1-95cc-89f4786c6b86</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf maxrepeat.to_i is expected to cmp &lt;&#x3D; 3</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81013</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95725r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021024</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount &#x2F;dev&#x2F;shm with
-the noexec option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;noexec&quot; mount option causes the system to not execute binary
+    maxrepeat = 3</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71915\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed the number of repeating consecutive characters\nmust not be more than three characters.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"maxrepeat\\\" option sets the maximum number of allowed same\nconsecutive characters in a new password.\n\n    Check for the value of the \\\"maxrepeat\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep maxrepeat /etc/security/pwquality.conf\n    maxrepeat = 3\n\n    If the value of \\\"maxrepeat\\\" is set to more than \\\"3\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of the number of\nrepeating consecutive characters when passwords are changed by setting the\n\\\"maxrepeat\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf conf\\\" (or modify\nthe line to have the required value):\n\n    maxrepeat = 3\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71915\"\n  tag rid: \"SV-86539r3_rule\"\n  tag stig_id: \"RHEL-07-010180\"\n  tag fix_id: \"F-78267r2_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('maxrepeat.to_i') { should cmp &lt;= 3 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf maxrepeat.to_i is expected to cmp &lt;= 3</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81013</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95725r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount /dev/shm with
+the noexec option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "noexec" mount option causes the system to not execute binary
 files. This option must be used for mounting any file system not containing
 approved binary files as they may be incompatible. Executing files from
 untrusted file systems increases the opportunity for unprivileged users to
-attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;noexec&quot; option is configured for &#x2F;dev&#x2F;shm:
+attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "noexec" option is configured for /dev/shm:
 
-    # cat &#x2F;etc&#x2F;fstab | grep &#x2F;dev&#x2F;shm
+    # cat /etc/fstab | grep /dev/shm
 
-    tmpfs &#x2F;dev&#x2F;shm tmpfs defaults,nodev,nosuid,noexec 0 0
+    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
 
-    If any results are returned and the &quot;noexec&quot; option is not listed, this
+    If any results are returned and the "noexec" option is not listed, this
 is a finding.
 
-    Verify &quot;&#x2F;dev&#x2F;shm&quot; is mounted with the &quot;noexec&quot; option:
-
-    # mount | grep &quot;&#x2F;dev&#x2F;shm&quot; | grep noexec
-
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the system so that &#x2F;dev&#x2F;shm is mounted with the
-&quot;noexec&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e8a88863-8766-43e4-8db6-4133445ce753</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;dev&#x2F;shm options is expected to include &quot;noexec&quot;
-expected [&quot;rw&quot;, &quot;nosuid&quot;, &quot;nodev&quot;, &quot;seclabel&quot;] to include &quot;noexec&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73173</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87825r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030874</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Verify "/dev/shm" is mounted with the "noexec" option:
+
+    # mount | grep "/dev/shm" | grep noexec
+
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system so that /dev/shm is mounted with the
+"noexec" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81013\" do\n  title \"The Red Hat Enterprise Linux operating system must mount /dev/shm with\nthe noexec option.\"\n  desc  \"The \\\"noexec\\\" mount option causes the system to not execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"noexec\\\" option is configured for /dev/shm:\n\n    # cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If any results are returned and the \\\"noexec\\\" option is not listed, this\nis a finding.\n\n    Verify \\\"/dev/shm\\\" is mounted with the \\\"noexec\\\" option:\n\n    # mount | grep \\\"/dev/shm\\\" | grep noexec\n\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system so that /dev/shm is mounted with the\n\\\"noexec\\\" option.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000368-GPOS-00154\"\n  tag gid: \"V-81013\"\n  tag rid: \"SV-95725r2_rule\"\n  tag stig_id: \"RHEL-07-021024\"\n  tag fix_id: \"F-87847r2_fix\"\n  tag cci: [\"CCI-001764\"]\n  tag nist: [\"CM-7 (2)\", \"Rev_4\"]\n\n  describe mount('/dev/shm') do\n    its('options') { should include 'noexec' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /dev/shm options is expected to include "noexec" :: MESSAGE expected ["rw", "nosuid", "nodev", "seclabel"] to include "noexec"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73173</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87825r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030874</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;opasswd.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/opasswd.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;opasswd.
+/etc/opasswd.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;security&#x2F;opasswd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/security/opasswd /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;security&#x2F;opasswd -p wa -k identity
+    -w /etc/security/opasswd -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;opasswd.
+/etc/opasswd.
 
     Add or update the following file system rule in
-&quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+"/etc/audit/rules.d/audit.rules":
 
-    -w &#x2F;etc&#x2F;security&#x2F;opasswd -p wa -k identity
+    -w /etc/security/opasswd -p wa -k identity
 
     The audit daemon must be restarted for the changes to take effect:
-    # systemctl restart auditd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>501ebea6-050c-45b4-b0fa-cdb9f4ca930d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;security&#x2F;opasswd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;security&#x2F;opasswd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72117</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86741r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl restart auditd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73173\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/opasswd.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/opasswd.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/security/opasswd /etc/audit/audit.rules\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/opasswd.\n\n    Add or update the following file system rule in\n\\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect:\n    # systemctl restart auditd\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73173\"\n  tag rid: \"SV-87825r5_rule\"\n  tag stig_id: \"RHEL-07-030874\"\n  tag fix_id: \"F-79619r6_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/security/opasswd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/security/opasswd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/security/opasswd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72117</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86741r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the removexattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the removexattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;removexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "removexattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw removexattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw removexattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;removexattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"removexattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;removexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "removexattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10fd571a-d4e0-49e5-b77a-06b9e1a4d7f7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71951</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00226</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86575r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72117\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe removexattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"removexattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw removexattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"removexattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"removexattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72117\"\n  tag rid: \"SV-86741r5_rule\"\n  tag stig_id: \"RHEL-07-030470\"\n  tag fix_id: \"F-78469r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"removexattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"removexattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71951</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00226</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86575r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the delay between logon prompts following a failed console logon attempt
-is at least four seconds.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+is at least four seconds.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring the operating system to implement organization-wide
 security implementation guides and security checklists verifies compliance with
 federal standards and establishes a common security baseline across DoD that
@@ -15304,605 +14606,580 @@ requirements.
 
     Configuration settings are the set of parameters that can be changed in
 hardware, software, or firmware components of the system that affect the
-security posture and&#x2F;or functionality of the system. Security-related
+security posture and/or functionality of the system. Security-related
 parameters are those parameters impacting the security state of the system,
 including the parameters required to satisfy other security control
 requirements. Security-related parameters include, for example, registry
 settings; account, file, and directory permission settings; and settings for
-functions, ports, protocols, services, and remote connections.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+functions, ports, protocols, services, and remote connections.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enforces a delay of at least four seconds
 between console logon prompts following a failed logon attempt.
 
-    Check the value of the &quot;fail_delay&quot; parameter in the &quot;&#x2F;etc&#x2F;login.defs&quot;
+    Check the value of the "fail_delay" parameter in the "/etc/login.defs"
 file with the following command:
 
-    # grep -i fail_delay &#x2F;etc&#x2F;login.defs
+    # grep -i fail_delay /etc/login.defs
     FAIL_DELAY 4
 
-    If the value of &quot;FAIL_DELAY&quot; is not set to &quot;4&quot; or greater, or the line
-is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "FAIL_DELAY" is not set to "4" or greater, or the line
+is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce a delay of at least four seconds
 between logon prompts following a failed console logon attempt.
 
-    Modify the &quot;&#x2F;etc&#x2F;login.defs&quot; file to set the &quot;FAIL_DELAY&quot; parameter to
-&quot;4&quot; or greater:
-
-    FAIL_DELAY 4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>702115a1-936b-4dcd-a484-e50e28c4e8ee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs FAIL_DELAY.to_i is expected to cmp &gt;&#x3D; 4</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86661r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020730</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Modify the "/etc/login.defs" file to set the "FAIL_DELAY" parameter to
+"4" or greater:
+
+    FAIL_DELAY 4</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71951\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the delay between logon prompts following a failed console logon attempt\nis at least four seconds.\"\n  desc  \"Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces a delay of at least four seconds\nbetween console logon prompts following a failed logon attempt.\n\n    Check the value of the \\\"fail_delay\\\" parameter in the \\\"/etc/login.defs\\\"\nfile with the following command:\n\n    # grep -i fail_delay /etc/login.defs\n    FAIL_DELAY 4\n\n    If the value of \\\"FAIL_DELAY\\\" is not set to \\\"4\\\" or greater, or the line\nis commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce a delay of at least four seconds\nbetween logon prompts following a failed console logon attempt.\n\n    Modify the \\\"/etc/login.defs\\\" file to set the \\\"FAIL_DELAY\\\" parameter to\n\\\"4\\\" or greater:\n\n    FAIL_DELAY 4\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00226\"\n  tag gid: \"V-71951\"\n  tag rid: \"SV-86575r2_rule\"\n  tag stig_id: \"RHEL-07-010430\"\n  tag fix_id: \"F-78303r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe login_defs do\n    its('FAIL_DELAY.to_i') { should cmp &gt;= 4 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs FAIL_DELAY.to_i is expected to cmp &gt;= 4</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86661r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020730</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that local initialization files do not execute world-writable programs.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that local initialization files do not execute world-writable programs.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>This control consistently takes a long to run and has been disabled
-          using the disable_slow_controls attribute.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+          using the disable_slow_controls attribute.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that local initialization files do not execute world-writable
 programs.
 
     Check the system for world-writable files with the following command:
 
-    # find &#x2F; -xdev -perm -002 -type f -exec ls -ld {} \; | more
+    # find / -xdev -perm -002 -type f -exec ls -ld {} \; | more
 
     For all files listed, check for their presence in the local initialization
 files with the following commands:
 
-    Note: The example will be for a system that is configured to create users&#39;
-home directories in the &quot;&#x2F;home&quot; directory.
+    Note: The example will be for a system that is configured to create users'
+home directories in the "/home" directory.
 
-    # grep &lt;file&gt; &#x2F;home&#x2F;*&#x2F;.*
+    # grep &lt;file&gt; /home/*/.*
 
     If any local initialization files are found to reference world-writable
-files, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+files, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the mode on files being executed by the local initialization files with
 the following command:
 
-    # chmod 0755 &lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e1c75eb7-1199-419f-96ce-84e21611f6ab</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This control consistently takes a long to run and has been disabled
-  using the disable_slow_controls attribute.
-This control consistently takes a long to run and has been disabled
+    # chmod 0755 &lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72037\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat local initialization files do not execute world-writable programs.\"\n  if input('disable_slow_controls')\n    desc \"This control consistently takes a long to run and has been disabled\n          using the disable_slow_controls attribute.\"\n  else\n  desc  \"If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level.\"\n  end\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that local initialization files do not execute world-writable\nprograms.\n\n    Check the system for world-writable files with the following command:\n\n    # find / -xdev -perm -002 -type f -exec ls -ld {} \\\\; | more\n\n    For all files listed, check for their presence in the local initialization\nfiles with the following commands:\n\n    Note: The example will be for a system that is configured to create users'\nhome directories in the \\\"/home\\\" directory.\n\n    # grep &lt;file&gt; /home/*/.*\n\n    If any local initialization files are found to reference world-writable\nfiles, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the mode on files being executed by the local initialization files with\nthe following command:\n\n    # chmod 0755 &lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72037\"\n  tag rid: \"SV-86661r2_rule\"\n  tag stig_id: \"RHEL-07-020730\"\n  tag fix_id: \"F-78389r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  if input('disable_slow_controls')\n    describe \"This control consistently takes a long to run and has been disabled\n  using the disable_slow_controls attribute.\" do\n      skip \"This control consistently takes a long to run and has been disabled\n  using the disable_slow_controls attribute. You must enable this control for a\n  full accredidation for production.\"\n  end\n  else\n    ignore_shells = non_interactive_shells.join('|')\n\n    #Get home directory for users with UID &gt;= 1000 or UID == 0 and support interactive logins.\n    dotfiles = Set[]\n    u = users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries\n    #For each user, build and execute a find command that identifies initialization files\n    #in a user's home directory.\n    u.each do |user|\n      dotfiles = dotfiles + command(\"find #{user.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n    end\n    ww_files = Set[]\n    ww_files = command('find / -xdev -perm -002 -type f -exec ls {} \\;').stdout.lines\n\n    #To reduce the number of commands ran, we use a pattern file in the grep command below\n    #So we don't have too long of a grep command, we chunk the list of ww_files\n    #into strings not longer than PATTERN_FILE_MAX_LENGTH\n    #Based on MAX_ARG_STRLEN, /usr/include/linux/binfmts.h\n    #We cut off 100 to leave room for the rest of the arguments\n    PATTERN_FILE_MAX_LENGTH=command(\"getconf PAGE_SIZE\").stdout.to_i * 32 - 100\n    ww_chunked=[\"\"]\n    ww_files.each do |item|\n      item = item.strip\n      if item.length + \"\\n\".length &gt; PATTERN_FILE_MAX_LENGTH\n        raise \"Single pattern is longer than PATTERN_FILE_MAX_LENGTH\"\n      end\n      if ww_chunked[-1].length + \"\\n\".length + item.length &gt; PATTERN_FILE_MAX_LENGTH\n        ww_chunked.append(\"\")\n      end\n      ww_chunked[-1] += \"\\n\" + item  # This will leave an extra newline at the beginning of chunks\n    end\n    ww_chunked = ww_chunked.map(&amp;:strip)  # This gets rid of the beginning newlines\n    if ww_chunked[0] == \"\"\n      ww_chunked = []  # If we didn't have any ww_files, this will prevent an empty grep pattern\n    end\n\n    #Check each dotfile for existence of each world-writeable file\n    findings = Set[]\n    dotfiles.each do |dotfile|\n      dotfile = dotfile.strip\n      ww_chunked.each do |ww_pattern_file|\n        count = command(\"grep -c -f &lt;(echo \\\"#{ww_pattern_file}\\\") \\\"#{dotfile}\\\"\").stdout.strip.to_i\n        findings &lt;&lt; dotfile if count &gt; 0\n      end\n    end\n    describe \"Local initialization files that are found to reference world-writable files\" do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This control consistently takes a long to run and has been disabled
+  using the disable_slow_controls attribute. :: SKIP_MESSAGE This control consistently takes a long to run and has been disabled
   using the disable_slow_controls attribute. You must enable this control for a
-  full accredidation for production.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72121</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86745r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030490</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+  full accredidation for production.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72121</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86745r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030490</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the lremovexattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the lremovexattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lremovexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw lremovexattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw lremovexattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;lremovexattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"lremovexattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lremovexattr&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    -a always,exit -F arch&#x3D;b64 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3f38ef9b-ecb0-41f7-9de4-5aebb4532688</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86629r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72121\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe lremovexattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"lremovexattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw lremovexattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"lremovexattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"lremovexattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72121\"\n  tag rid: \"SV-86745r5_rule\"\n  tag stig_id: \"RHEL-07-030490\"\n  tag fix_id: \"F-78473r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"lremovexattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"lremovexattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86629r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the root account must be the only account having unrestricted access to
-the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an account other than root also has a User Identifier (UID) of
-&quot;0&quot;, it has root authority, giving that account unrestricted access to the
-entire operating system. Multiple accounts with a UID of &quot;0&quot; afford an
+"0", it has root authority, giving that account unrestricted access to the
+entire operating system. Multiple accounts with a UID of "0" afford an
 opportunity for potential intruders to guess a password for a privileged
-account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Check the system for duplicate UID &quot;0&quot; assignments with the following
+account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Check the system for duplicate UID "0" assignments with the following
 command:
 
-    # awk -F: &#39;$3 &#x3D;&#x3D; 0 {print $1}&#39; &#x2F;etc&#x2F;passwd
+    # awk -F: '$3 == 0 {print $1}' /etc/passwd
 
-    If any accounts other than root have a UID of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any accounts other than root have a UID of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Change the UID of any account on the system, other than root, that has a
-UID of &quot;0&quot;.
+UID of "0".
 
     If the account is associated with system commands or applications, the UID
-should be changed to one greater than &quot;0&quot; but less than &quot;1000&quot;. Otherwise,
-assign a UID of greater than &quot;1000&quot; that has not already been assigned.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>975f6164-8cc0-417c-9220-eefd6b7d71fb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;passwd with uid &#x3D;&#x3D; 0 users is expected to cmp &#x3D;&#x3D; &quot;root&quot;
---------------------------------
-passed
-&#x2F;etc&#x2F;passwd with uid &#x3D;&#x3D; 0 entries.length is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86877r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040400</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+should be changed to one greater than "0" but less than "1000". Otherwise,
+assign a UID of greater than "1000" that has not already been assigned.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72005\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the root account must be the only account having unrestricted access to\nthe system.\"\n  desc  \"If an account other than root also has a User Identifier (UID) of\n\\\"0\\\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \\\"0\\\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check the system for duplicate UID \\\"0\\\" assignments with the following\ncommand:\n\n    # awk -F: '$3 == 0 {print $1}' /etc/passwd\n\n    If any accounts other than root have a UID of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the UID of any account on the system, other than root, that has a\nUID of \\\"0\\\".\n\n    If the account is associated with system commands or applications, the UID\nshould be changed to one greater than \\\"0\\\" but less than \\\"1000\\\". Otherwise,\nassign a UID of greater than \\\"1000\\\" that has not already been assigned.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72005\"\n  tag rid: \"SV-86629r2_rule\"\n  tag stig_id: \"RHEL-07-020310\"\n  tag fix_id: \"F-78357r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe passwd.uids(0) do\n    its('users') { should cmp 'root' }\n    its('entries.length') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/passwd with uid == 0 users is expected to cmp == "root"
+--------------------------------
+passed :: TEST /etc/passwd with uid == 0 entries.length is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86877r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040400</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon is configured to only use Message Authentication Codes
-(MACs) employing FIPS 140-2 approved cryptographic hash algorithms.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(MACs) employing FIPS 140-2 approved cryptographic hash algorithms.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>DoD information systems are required to use FIPS 140-2 approved
 cryptographic hash functions. The only SSHv2 hash algorithm meeting this
-requirement is SHA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+requirement is SHA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon is configured to only use MACs employing FIPS
 140-2-approved ciphers.
 
@@ -15913,1495 +15190,1440 @@ hashes.
     Check that the SSH daemon is configured to only use MACs employing FIPS
 140-2-approved ciphers with the following command:
 
-    # grep -i macs &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i macs /etc/ssh/sshd_config
     MACs hmac-sha2-256,hmac-sha2-512
 
-    If any ciphers other than &quot;hmac-sha2-256&quot; or &quot;hmac-sha2-512&quot; are listed
-or the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for the
-&quot;MACs&quot; keyword and set its value to &quot;hmac-sha2-256&quot; and&#x2F;or
-&quot;hmac-sha2-512&quot; (this file may be named differently or be in a different
+    If any ciphers other than "hmac-sha2-256" or "hmac-sha2-512" are listed
+or the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the
+"MACs" keyword and set its value to "hmac-sha2-256" and/or
+"hmac-sha2-512" (this file may be named differently or be in a different
 location if using a version of SSH that is provided by a third-party vendor):
 
     MACs hmac-sha2-256,hmac-sha2-512
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e743dc53-0179-416a-9537-7fa49cf80e7d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-hmac-sha2-256 is expected to be in &quot;hmac-sha2-256&quot; and &quot;hmac-sha2-512&quot;
---------------------------------
-passed
-hmac-sha2-512 is expected to be in &quot;hmac-sha2-256&quot; and &quot;hmac-sha2-512&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86673r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72253\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon is configured to only use Message Authentication Codes\n(MACs) employing FIPS 140-2 approved cryptographic hash algorithms.\"\n  desc  \"DoD information systems are required to use FIPS 140-2 approved\ncryptographic hash functions. The only SSHv2 hash algorithm meeting this\nrequirement is SHA.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon is configured to only use MACs employing FIPS\n140-2-approved ciphers.\n\n    Note: If RHEL-07-021350 is a finding, this is automatically a finding as\nthe system cannot implement FIPS 140-2-approved cryptographic algorithms and\nhashes.\n\n    Check that the SSH daemon is configured to only use MACs employing FIPS\n140-2-approved ciphers with the following command:\n\n    # grep -i macs /etc/ssh/sshd_config\n    MACs hmac-sha2-256,hmac-sha2-512\n\n    If any ciphers other than \\\"hmac-sha2-256\\\" or \\\"hmac-sha2-512\\\" are listed\nor the returned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for the\n\\\"MACs\\\" keyword and set its value to \\\"hmac-sha2-256\\\" and/or\n\\\"hmac-sha2-512\\\" (this file may be named differently or be in a different\nlocation if using a version of SSH that is provided by a third-party vendor):\n\n    MACs hmac-sha2-256,hmac-sha2-512\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72253\"\n  tag rid: \"SV-86877r3_rule\"\n  tag stig_id: \"RHEL-07-040400\"\n  tag fix_id: \"F-78607r2_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  @macs = inspec.sshd_config.params(\"macs\")\n  if @macs.nil?\n    # fail fast\n    describe 'The `sshd_config` setting for `MACs`' do\n    subject { @macs }\n      it 'should be explicitly set and not commented out' do\n        expect(subject).not_to be_nil\n      end\n    end\n  else\n    @macs.first.split(\",\").each do |mac|\n      describe mac do\n        it { should be_in ['hmac-sha2-256', 'hmac-sha2-512'] }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST hmac-sha2-256 is expected to be in "hmac-sha2-256" and "hmac-sha2-512"
+--------------------------------
+passed :: TEST hmac-sha2-512 is expected to be in "hmac-sha2-256" and "hmac-sha2-512"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86673r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must set the umask value
-to 077 for all local interactive user accounts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+to 077 for all local interactive user accounts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The umask controls the default access mode assigned to newly created
 files. A umask of 077 limits new files to mode 700 or less permissive. Although
 umask can be represented as a four-digit number, the first digit representing
-special access modes is typically ignored or required to be &quot;0&quot;. This
+special access modes is typically ignored or required to be "0". This
 requirement applies to the globally configured system defaults and the local
-interactive user defaults for each account on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the default umask for all local interactive users is &quot;077&quot;.
+interactive user defaults for each account on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the default umask for all local interactive users is "077".
 
     Identify the locations of all local interactive user home directories by
-looking at the &quot;&#x2F;etc&#x2F;passwd&quot; file.
+looking at the "/etc/passwd" file.
 
     Check all local interactive user initialization files for interactive users
 with the following command:
 
     Note: The example is for a system that is configured to create users home
-directories in the &quot;&#x2F;home&quot; directory.
+directories in the "/home" directory.
 
-    # grep -i umask &#x2F;home&#x2F;*&#x2F;.*
+    # grep -i umask /home/*/.*
 
     If any local interactive user initialization files are found to have a
-umask statement that has a value less restrictive than &quot;077&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove the umask statement from all local interactive user&#39;s initialization
+umask statement that has a value less restrictive than "077", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove the umask statement from all local interactive user's initialization
 files.
 
     If the account is for an application, the requirement for a umask less
-restrictive than &quot;077&quot; can be documented with the Information System Security
+restrictive than "077" can be documented with the Information System Security
 Officer, but the user agreement for access to the account must specify that the
 local interactive user must log on to their account first and then switch the
-user to the application account with the correct option to gain the account&#39;s
-environment variables.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>820ae9d3-f59d-4661-a3f6-e78afa3be035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No interactive user initialization files with a less restrictive umask were found. is expected to eq true
---------------------------------
-passed
-No users were found with a less restrictive umask were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72309</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86933r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040740</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+user to the application account with the correct option to gain the account's
+environment variables.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72049\" do\n  title \"The Red Hat Enterprise Linux operating system must set the umask value\nto 077 for all local interactive user accounts.\"\n  desc  \"The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 700 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \\\"0\\\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the default umask for all local interactive users is \\\"077\\\".\n\n    Identify the locations of all local interactive user home directories by\nlooking at the \\\"/etc/passwd\\\" file.\n\n    Check all local interactive user initialization files for interactive users\nwith the following command:\n\n    Note: The example is for a system that is configured to create users home\ndirectories in the \\\"/home\\\" directory.\n\n    # grep -i umask /home/*/.*\n\n    If any local interactive user initialization files are found to have a\numask statement that has a value less restrictive than \\\"077\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Remove the umask statement from all local interactive user's initialization\nfiles.\n\n    If the account is for an application, the requirement for a umask less\nrestrictive than \\\"077\\\" can be documented with the Information System Security\nOfficer, but the user agreement for access to the account must specify that the\nlocal interactive user must log on to their account first and then switch the\nuser to the application account with the correct option to gain the account's\nenvironment variables.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72049\"\n  tag rid: \"SV-86673r2_rule\"\n  tag stig_id: \"RHEL-07-021040\"\n  tag fix_id: \"F-78401r3_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  non_interactive_shells = input('non_interactive_shells')\n\n  # Get all interactive users\n  ignore_shells = non_interactive_shells.join('|')\n\n  # Get home directory for users with UID &gt;= 1000 or UID == 0 and support interactive logins.\n  findings = Set[]\n  dotfiles = Set[]\n  umasks = {}\n  umask_findings = Set[]\n\n  # Get UID_MIN from login.defs\n  uid_min = 1000\n  if file(\"/etc/login.defs\").exist?\n    uid_min_val = command(\"grep '^UID_MIN' /etc/login.defs | grep -Po '[0-9]+'\").stdout.split(\"\\n\")\n    if !uid_min_val.empty?\n      uid_min = uid_min_val[0].to_i\n    end\n  end\n\n  interactive_users = users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries\n\n  # For each user, build and execute a find command that identifies initialization files\n  # in a user's home directory.\n  interactive_users.each do |u|\n\n    # Only check if the home directory is local\n    is_local = command(\"df -l #{u.home}\").exit_status\n\n    if is_local == 0\n      # Get user's initialization files\n      dotfiles = dotfiles + command(\"find #{u.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n\n      # Get user's umask\n      umasks.store(u.username,command(\"su -c 'umask' -l #{u.username}\").stdout.chomp(\"\\n\"))\n\n      # Check all local initialization files to see whether or not they are less restrictive than 077.\n      dotfiles.each do |df|\n        if file(df).more_permissive_than?(\"0077\")\n          findings = findings + df\n        end\n      end\n\n      # Check umask for all interactive users\n      umasks.each do |key,value|\n        max_mode = (\"0077\").to_i(8)\n        inv_mode = 0777 ^ max_mode\n        if inv_mode &amp; (value).to_i(8) != 0\n          umask_findings = umask_findings + key\n        end\n      end\n    else\n      describe \"This control skips non-local filesystems\" do\n       skip \"This control has skipped the #{u.home} home directory for #{u.username} because it is not a local filesystem.\"\n     end\n    end\n  end\n\n  # Report on any interactive files that are less restrictive than 077.\n  describe \"No interactive user initialization files with a less restrictive umask were found.\" do\n    subject { findings.empty? }\n    it { should eq true }\n  end\n\n  # Report on any interactive users that have a umask less restrictive than 077.\n  describe \"No users were found with a less restrictive umask were found.\" do\n    subject { umask_findings.empty? }\n    it { should eq true }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No interactive user initialization files with a less restrictive umask were found. is expected to eq true
+--------------------------------
+passed :: TEST No users were found with a less restrictive umask were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72309</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86933r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040740</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not be performing
-packet forwarding unless the system is a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+packet forwarding unless the system is a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Routing protocol daemons are typically used on routers to exchange
 network topology information with other routers. If this software is used when
 not required, system network information may be unnecessarily transmitted
-across the network.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+across the network.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system is not performing packet forwarding, unless the system is
 a router.
 
-    # grep net.ipv4.ip_forward &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv4.ip_forward /etc/sysctl.conf /etc/sysctl.d/*
 
-    net.ipv4.ip_forward &#x3D; 0
+    net.ipv4.ip_forward = 0
 
-    If &quot;net.ipv4.ip_forward&quot; is not configured in the &#x2F;etc&#x2F;sysctl.conf file
-or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or does not have a value
-of &quot;0&quot;, this is a finding.
+    If "net.ipv4.ip_forward" is not configured in the /etc/sysctl.conf file
+or in the /etc/sysctl.d/ directory, is commented out, or does not have a value
+of "0", this is a finding.
 
     Check that the operating system does not implement IP forwarding using the
 following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.ip_forward
-    net.ipv4.ip_forward &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv4.ip_forward
+    net.ipv4.ip_forward = 0
 
-    If IP forwarding value is &quot;1&quot; and the system is hosting any application,
-database, or web servers, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If IP forwarding value is "1" and the system is hosting any application,
+database, or web servers, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.ip_forward &#x3D; 0
+    net.ipv4.ip_forward = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>30a44626-ba34-4883-ad09-4dbec0b3bb60</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.ip_forward value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81003</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95715r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010118</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72309\" do\n  title \"The Red Hat Enterprise Linux operating system must not be performing\npacket forwarding unless the system is a router.\"\n  desc  \"Routing protocol daemons are typically used on routers to exchange\nnetwork topology information with other routers. If this software is used when\nnot required, system network information may be unnecessarily transmitted\nacross the network.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system is not performing packet forwarding, unless the system is\na router.\n\n    # grep net.ipv4.ip_forward /etc/sysctl.conf /etc/sysctl.d/*\n\n    net.ipv4.ip_forward = 0\n\n    If \\\"net.ipv4.ip_forward\\\" is not configured in the /etc/sysctl.conf file\nor in the /etc/sysctl.d/ directory, is commented out, or does not have a value\nof \\\"0\\\", this is a finding.\n\n    Check that the operating system does not implement IP forwarding using the\nfollowing command:\n\n    # /sbin/sysctl -a | grep net.ipv4.ip_forward\n    net.ipv4.ip_forward = 0\n\n    If IP forwarding value is \\\"1\\\" and the system is hosting any application,\ndatabase, or web servers, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.ip_forward = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72309\"\n  tag rid: \"SV-86933r2_rule\"\n  tag stig_id: \"RHEL-07-040740\"\n  tag fix_id: \"F-78663r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.ip_forward') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.ip_forward value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95715r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010118</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that &#x2F;etc&#x2F;pam.d&#x2F;passwd implements &#x2F;etc&#x2F;pam.d&#x2F;system-auth when changing
-passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing
+passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Pluggable authentication modules (PAM) allow for a modular approach to
 integrating authentication methods. PAM operates in a top-down processing model
 and if the modules are not listed in the correct order, an important security
-function could be bypassed if stack entries are not centralized.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that &#x2F;etc&#x2F;pam.d&#x2F;passwd is configured to use &#x2F;etc&#x2F;pam.d&#x2F;system-auth
+function could be bypassed if stack entries are not centralized.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that /etc/pam.d/passwd is configured to use /etc/pam.d/system-auth
 when changing passwords:
 
-    # cat &#x2F;etc&#x2F;pam.d&#x2F;passwd | grep -i substack | grep -i system-auth
+    # cat /etc/pam.d/passwd | grep -i substack | grep -i system-auth
     password     substack     system-auth
 
-    If no results are returned, the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure PAM to utilize &#x2F;etc&#x2F;pam.d&#x2F;system-auth when changing passwords.
+    If no results are returned, the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure PAM to utilize /etc/pam.d/system-auth when changing passwords.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;pam.d&#x2F;passwd&quot; (or modify the line to have
+    Add the following line to "/etc/pam.d/passwd" (or modify the line to have
 the required value):
 
-    password     substack    system-auth</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>af3dcecb-3716-43c1-9ee0-4014a43952a0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;pam.d&#x2F;passwd substacks system-auth</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72021</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86645r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020650</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    password     substack    system-auth</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81003\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing\npasswords.\"\n  desc  \"Pluggable authentication modules (PAM) allow for a modular approach to\nintegrating authentication methods. PAM operates in a top-down processing model\nand if the modules are not listed in the correct order, an important security\nfunction could be bypassed if stack entries are not centralized.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that /etc/pam.d/passwd is configured to use /etc/pam.d/system-auth\nwhen changing passwords:\n\n    # cat /etc/pam.d/passwd | grep -i substack | grep -i system-auth\n    password     substack     system-auth\n\n    If no results are returned, the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure PAM to utilize /etc/pam.d/system-auth when changing passwords.\n\n    Add the following line to \\\"/etc/pam.d/passwd\\\" (or modify the line to have\nthe required value):\n\n    password     substack    system-auth\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000069-GPOS-00037\"\n  tag gid: \"V-81003\"\n  tag rid: \"SV-95715r1_rule\"\n  tag stig_id: \"RHEL-07-010118\"\n  tag fix_id: \"F-87837r1_fix\"\n  tag cci: [\"CCI-000192\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  # Get the content of /etc/pam.d/passwd as an array\n  pam_passwd_content = file('/etc/pam.d/passwd').content.strip.split(\"\\n\")\n  # Make a new array of any line matching the target pattern:\n  # /password\\s+substack\\s+system-auth\n  matching_lines = pam_passwd_content.select { |i| i.match(/password\\s+substack\\s+system-auth/) }\n\n  describe '/etc/pam.d/passwd' do\n    subject { matching_lines }\n    it 'substacks system-auth' do\n      expect(subject.length).to(eql 1)\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/pam.d/passwd substacks system-auth</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72021</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86645r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020650</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user home directories are group-owned by the home
-directory owners primary group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the Group Identifier (GID) of a local interactive user&#39;s home
+directory owners primary group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the Group Identifier (GID) of a local interactive user's home
 directory is not the same as the primary GID of the user, this would allow
-unauthorized access to the user&#39;s files, and users that share the same group
-may not be able to access files that they legitimately should.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized access to the user's files, and users that share the same group
+may not be able to access files that they legitimately should.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users is
-group-owned by that user&#39;s primary GID.
+group-owned by that user's primary GID.
 
     Check the home directory assignment for all local interactive users on the
 system with the following command:
 
-    # ls -ld $(egrep &#39;:[0-9]{4}&#39; &#x2F;etc&#x2F;passwd | cut -d: -f6)
+    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)
 
-    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 &#x2F;home&#x2F;smithj
+    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
 
-    Check the user&#39;s primary group with the following command:
+    Check the user's primary group with the following command:
 
-    # grep users &#x2F;etc&#x2F;group
+    # grep users /etc/group
 
     users:x:250:smithj,jonesj,jacksons
 
-    If the user home directory referenced in &quot;&#x2F;etc&#x2F;passwd&quot; is not group-owned
-by that user&#39;s primary GID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the group owner of a local interactive user&#39;s home directory to the
-group found in &quot;&#x2F;etc&#x2F;passwd&quot;. To change the group owner of a local
-interactive user&#39;s home directory, use the following command:
-
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;, and has a primary group of users.
-
-    # chgrp users &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7fc68934-942f-4593-b916-ca3accbed0c5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directories that are not group-owned by the user&#39;s primary GID is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72183</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86807r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030800</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If the user home directory referenced in "/etc/passwd" is not group-owned
+by that user's primary GID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the group owner of a local interactive user's home directory to the
+group found in "/etc/passwd". To change the group owner of a local
+interactive user's home directory, use the following command:
+
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj", and has a primary group of users.
+
+    # chgrp users /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72021\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories are group-owned by the home\ndirectory owners primary group.\"\n  desc  \"If the Group Identifier (GID) of a local interactive user's home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user's files, and users that share the same group\nmay not be able to access files that they legitimately should.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users is\ngroup-owned by that user's primary GID.\n\n    Check the home directory assignment for all local interactive users on the\nsystem with the following command:\n\n    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)\n\n    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj\n\n    Check the user's primary group with the following command:\n\n    # grep users /etc/group\n\n    users:x:250:smithj,jonesj,jacksons\n\n    If the user home directory referenced in \\\"/etc/passwd\\\" is not group-owned\nby that user's primary GID, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group owner of a local interactive user's home directory to the\ngroup found in \\\"/etc/passwd\\\". To change the group owner of a local\ninteractive user's home directory, use the following command:\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\", and has a primary group of users.\n\n    # chgrp users /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72021\"\n  tag rid: \"SV-86645r5_rule\"\n  tag stig_id: \"RHEL-07-020650\"\n  tag fix_id: \"F-78373r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -maxdepth 0 -not -gid #{user_info.gid}\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories that are not group-owned by the user's primary GID\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directories that are not group-owned by the user's primary GID is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72183</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86807r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030800</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the crontab command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the crontab command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged commands. The organization must maintain audit trails in sufficient
-detail to reconstruct events to determine the cause and impact of compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+detail to reconstruct events to determine the cause and impact of compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;crontab&quot; command occur.
+successful/unsuccessful attempts to use the "crontab" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;bin&#x2F;crontab &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/bin/crontab /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;crontab -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-cron
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;crontab&quot; command occur.
+successful/unsuccessful attempts to use the "crontab" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;crontab -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-cron
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a2c3accc-0822-4bba-811e-324a85e2c50a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;crontab&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;crontab&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72083</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86707r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72183\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe crontab command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"crontab\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/bin/crontab /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-cron\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"crontab\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-cron\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72183\"\n  tag rid: \"SV-86807r3_rule\"\n  tag stig_id: \"RHEL-07-030800\"\n  tag fix_id: \"F-78537r4_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/crontab'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/crontab" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/crontab" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72083</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86707r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must off-load audit
-records onto a different system or media from the system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+records onto a different system or media from the system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
-storage capacity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage capacity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system off-loads audit records onto a different system
 or media from the system being audited.
 
     To determine the remote server that the records are being sent to, use the
 following command:
 
-    # grep -i remote_server &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    remote_server &#x3D; 10.0.21.1
+    # grep -i remote_server /etc/audisp/audisp-remote.conf
+    remote_server = 10.0.21.1
 
     If a remote server is not configured, or the line is commented out, ask the
 System Administrator to indicate how the audit logs are off-loaded to a
 different system or media.
 
     If there is no evidence that the audit logs are being off-loaded to another
-system or media, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+system or media, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to off-load audit records onto a different
 system or media from the system being audited.
 
-    Set the remote server option in &quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot; with the
-IP address of the log aggregation server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6fd56940-3b57-4eb0-9023-d77e7706bc39</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&#39; cannot be found. This test cannot be checked in a automated fashion and you must check it manually
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&#39; cannot be found. This check must be performed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72245</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86869r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040360</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the remote server option in "/etc/audisp/audisp-remote.conf" with the
+IP address of the log aggregation server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72083\" do\n  title \"The Red Hat Enterprise Linux operating system must off-load audit\nrecords onto a different system or media from the system being audited.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system off-loads audit records onto a different system\nor media from the system being audited.\n\n    To determine the remote server that the records are being sent to, use the\nfollowing command:\n\n    # grep -i remote_server /etc/audisp/audisp-remote.conf\n    remote_server = 10.0.21.1\n\n    If a remote server is not configured, or the line is commented out, ask the\nSystem Administrator to indicate how the audit logs are off-loaded to a\ndifferent system or media.\n\n    If there is no evidence that the audit logs are being off-loaded to another\nsystem or media, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to off-load audit records onto a different\nsystem or media from the system being audited.\n\n    Set the remote server option in \\\"/etc/audisp/audisp-remote.conf\\\" with the\nIP address of the log aggregation server.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-72083\"\n  tag rid: \"SV-86707r2_rule\"\n  tag stig_id: \"RHEL-07-030300\"\n  tag fix_id: \"F-78435r1_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  if file('/etc/audisp/audisp-remote.conf').exist?\n    describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n      its('remote_server'.to_s) { should match %r{^\\S+$} }\n      its('remote_server'.to_s) { should_not be_in ['localhost', '127.0.0.1'] }\n    end\n  else\n    describe \"File '/etc/audisp/audisp-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audisp/audisp-remote.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST File '/etc/audisp/audisp-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually :: SKIP_MESSAGE File '/etc/audisp/audisp-remote.conf' cannot be found. This check must be performed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72245</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86869r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040360</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the date
-and time of the last successful account logon upon an SSH logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+and time of the last successful account logon upon an SSH logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Providing users with feedback on when account accesses via SSH last
 occurred facilitates user recognition and reporting of unauthorized account
-use.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+use.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify SSH provides users with feedback on when account accesses last
 occurred.
 
-    Check that &quot;PrintLastLog&quot; keyword in the sshd daemon configuration file
-is used and set to &quot;yes&quot; with the following command:
+    Check that "PrintLastLog" keyword in the sshd daemon configuration file
+is used and set to "yes" with the following command:
 
-    # grep -i printlastlog &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i printlastlog /etc/ssh/sshd_config
     PrintLastLog yes
 
-    If the &quot;PrintLastLog&quot; keyword is set to &quot;no&quot;, is missing, or is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PrintLastLog" keyword is set to "no", is missing, or is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to provide users with feedback on when account accesses last
-occurred by setting the required configuration options in &quot;&#x2F;etc&#x2F;pam.d&#x2F;sshd&quot;
-or in the &quot;sshd_config&quot; file used by the system (&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;
+occurred by setting the required configuration options in "/etc/pam.d/sshd"
+or in the "sshd_config" file used by the system ("/etc/ssh/sshd_config"
 will be used in the example) (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
 vendor).
 
-    Modify the &quot;PrintLastLog&quot; line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; to match the
+    Modify the "PrintLastLog" line in "/etc/ssh/sshd_config" to match the
 following:
 
     PrintLastLog yes
 
-    The SSH service must be restarted for changes to &quot;sshd_config&quot; to take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>de8fcce9-9f97-42d4-a533-08b553e74a68</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PrintLastLog is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71959</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86583r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to "sshd_config" to take
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72245\" do\n  title \"The Red Hat Enterprise Linux operating system must display the date\nand time of the last successful account logon upon an SSH logon.\"\n  desc  \"Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify SSH provides users with feedback on when account accesses last\noccurred.\n\n    Check that \\\"PrintLastLog\\\" keyword in the sshd daemon configuration file\nis used and set to \\\"yes\\\" with the following command:\n\n    # grep -i printlastlog /etc/ssh/sshd_config\n    PrintLastLog yes\n\n    If the \\\"PrintLastLog\\\" keyword is set to \\\"no\\\", is missing, or is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to provide users with feedback on when account accesses last\noccurred by setting the required configuration options in \\\"/etc/pam.d/sshd\\\"\nor in the \\\"sshd_config\\\" file used by the system (\\\"/etc/ssh/sshd_config\\\"\nwill be used in the example) (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor).\n\n    Modify the \\\"PrintLastLog\\\" line in \\\"/etc/ssh/sshd_config\\\" to match the\nfollowing:\n\n    PrintLastLog yes\n\n    The SSH service must be restarted for changes to \\\"sshd_config\\\" to take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72245\"\n  tag rid: \"SV-86869r3_rule\"\n  tag stig_id: \"RHEL-07-040360\"\n  tag fix_id: \"F-78599r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  if sshd_config.params['printlastlog'] == ['yes']\n    describe sshd_config do\n      its('PrintLastLog') { should cmp 'yes' }\n    end\n  else\n    describe pam('/etc/pam.d/sshd') do\n      its('lines') { should match_pam_rule('session required pam_lastlog.so showfailed') }\n      its('lines') { should match_pam_rule('session required pam_lastlog.so showfailed').all_without_args('silent') }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PrintLastLog is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71959</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86583r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow a
-non-certificate trusted host SSH logon to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+non-certificate trusted host SSH logon to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow a non-certificate trusted host
 SSH logon to the system.
 
-    Check for the value of the &quot;HostbasedAuthentication&quot; keyword with the
+    Check for the value of the "HostbasedAuthentication" keyword with the
 following command:
 
-    # grep -i hostbasedauthentication &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i hostbasedauthentication /etc/ssh/sshd_config
     HostbasedAuthentication no
 
-    If the &quot;HostbasedAuthentication&quot; keyword is not set to &quot;no&quot;, is
-missing, or is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "HostbasedAuthentication" keyword is not set to "no", is
+missing, or is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow a non-certificate trusted host
 SSH logon to the system.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for
-&quot;HostbasedAuthentication&quot; keyword and set the value to &quot;no&quot;:
+    Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for
+"HostbasedAuthentication" keyword and set the value to "no":
 
     HostbasedAuthentication no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0858a516-dfe3-4e0a-a592-df5c9dcd3402</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration HostbasedAuthentication is expected to eq &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72285</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86909r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71959\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow a\nnon-certificate trusted host SSH logon to the system.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow a non-certificate trusted host\nSSH logon to the system.\n\n    Check for the value of the \\\"HostbasedAuthentication\\\" keyword with the\nfollowing command:\n\n    # grep -i hostbasedauthentication /etc/ssh/sshd_config\n    HostbasedAuthentication no\n\n    If the \\\"HostbasedAuthentication\\\" keyword is not set to \\\"no\\\", is\nmissing, or is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow a non-certificate trusted host\nSSH logon to the system.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for\n\\\"HostbasedAuthentication\\\" keyword and set the value to \\\"no\\\":\n\n    HostbasedAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71959\"\n  tag rid: \"SV-86583r3_rule\"\n  tag stig_id: \"RHEL-07-010470\"\n  tag fix_id: \"F-78311r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('HostbasedAuthentication') { should eq 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration HostbasedAuthentication is expected to eq "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72285</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86909r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not forward
-Internet Protocol version 4 (IPv4) source-routed packets by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Internet Protocol version 4 (IPv4) source-routed packets by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Source-routed packets allow the source of the packet to suggest that
 routers forward the packet along a different path than configured on the
 router, which can be used to bypass network security measures. This requirement
 applies only to the forwarding of source-routed traffic, such as when IPv4
-forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not accept IPv4 source-routed packets by default.
 
-    # grep net.ipv4.conf.default.accept_source_route &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
-    net.ipv4.conf.default.accept_source_route &#x3D; 0
+    # grep net.ipv4.conf.default.accept_source_route /etc/sysctl.conf
+/etc/sysctl.d/*
+    net.ipv4.conf.default.accept_source_route = 0
 
-    If &quot; net.ipv4.conf.default.accept_source_route &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.default.accept_source_route " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.default.accept_source_route
-    net.ipv4.conf.default.accept_source_route &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv4.conf.default.accept_source_route
+    net.ipv4.conf.default.accept_source_route = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.accept_source_route &#x3D; 0
+    net.ipv4.conf.default.accept_source_route = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>323db053-f487-4eb1-a340-2fc75a09abe3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.accept_source_route value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72025</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86649r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020670</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72285\" do\n  title \"The Red Hat Enterprise Linux operating system must not forward\nInternet Protocol version 4 (IPv4) source-routed packets by default.\"\n  desc  \"Source-routed packets allow the source of the packet to suggest that\nrouters forward the packet along a different path than configured on the\nrouter, which can be used to bypass network security measures. This requirement\napplies only to the forwarding of source-routed traffic, such as when IPv4\nforwarding is enabled and the system is functioning as a router.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not accept IPv4 source-routed packets by default.\n\n    # grep net.ipv4.conf.default.accept_source_route /etc/sysctl.conf\n/etc/sysctl.d/*\n    net.ipv4.conf.default.accept_source_route = 0\n\n    If \\\" net.ipv4.conf.default.accept_source_route \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.default.accept_source_route\n    net.ipv4.conf.default.accept_source_route = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.accept_source_route = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72285\"\n  tag rid: \"SV-86909r2_rule\"\n  tag stig_id: \"RHEL-07-040620\"\n  tag fix_id: \"F-78639r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.accept_source_route') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.accept_source_route value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72025</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86649r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020670</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all files and directories contained in local interactive user home
 directories are group-owned by a group of which the home directory owner is a
-member.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a local interactive user&#39;s files are group-owned by a group of
-which the user is not a member, unintended users may be able to access them.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+member.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a local interactive user's files are group-owned by a group of
+which the user is not a member, unintended users may be able to access them.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories in a local interactive user home directory
 are group-owned by a group the user is a member of.
 
     Check the group owner of all files and directories in a local interactive
-user&#39;s home directory with the following command:
+user's home directory with the following command:
 
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj".
 
-    # ls -lLR &#x2F;&lt;home directory&gt;&#x2F;&lt;users home directory&gt;&#x2F;
+    # ls -lLR /&lt;home directory&gt;/&lt;users home directory&gt;/
     -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1
     -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2
     -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3
@@ -17410,301 +16632,288 @@ of &quot;&#x2F;home&#x2F;smithj&quot;.
 directory user, check to see if the user is a member of that group with the
 following command:
 
-    # grep smithj &#x2F;etc&#x2F;group
+    # grep smithj /etc/group
     sa:x:100:juan,shelley,bob,smithj
     smithj:x:521:smithj
 
     If the user is not a member of a group that group owns file(s) in a local
-interactive user&#39;s home directory, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the group of a local interactive user&#39;s files and directories to a
+interactive user's home directory, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the group of a local interactive user's files and directories to a
 group that the interactive user is a member of. To change the group owner of a
-local interactive user&#39;s files and directories, use the following command:
+local interactive user's files and directories, use the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and is a member of the users group.
-
-    # chgrp users &#x2F;home&#x2F;smithj&#x2F;&lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d43e3cb4-6614-43a2-abec-83e4eaa790e8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directory files with incorrect group ownership or not &#39;root&#39; owned is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86811r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030820</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj" and is a member of the users group.
+
+    # chgrp users /home/smithj/&lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72025\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories contained in local interactive user home\ndirectories are group-owned by a group of which the home directory owner is a\nmember.\"\n  desc  \"If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories in a local interactive user home directory\nare group-owned by a group the user is a member of.\n\n    Check the group owner of all files and directories in a local interactive\nuser's home directory with the following command:\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -lLR /&lt;home directory&gt;/&lt;users home directory&gt;/\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3\n\n    If any files are found with an owner different than the group home\ndirectory user, check to see if the user is a member of that group with the\nfollowing command:\n\n    # grep smithj /etc/group\n    sa:x:100:juan,shelley,bob,smithj\n    smithj:x:521:smithj\n\n    If the user is not a member of a group that group owns file(s) in a local\ninteractive user's home directory, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group of a local interactive user's files and directories to a\ngroup that the interactive user is a member of. To change the group owner of a\nlocal interactive user's files and directories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\" and is a member of the users group.\n\n    # chgrp users /home/smithj/&lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72025\"\n  tag rid: \"SV-86649r2_rule\"\n  tag stig_id: \"RHEL-07-020670\"\n  tag fix_id: \"F-78377r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    find_args = \"\"\n    user_info.groups.each { |curr_group|\n      # some key files and secure dirs (like .ssh) are group owned 'root'\n      find_args = find_args + \"-not -group #{curr_group} -o root\"\n    }\n    findings = findings + command(\"find #{user_info.home} -xdev -xautofs #{find_args}\").stdout.split(\"\\n\")\n  end\n  describe \"Home directory files with incorrect group ownership or not 'root' owned\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directory files with incorrect group ownership or not 'root' owned is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86811r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030820</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the init_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the init_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;init_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "init_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw init_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw init_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S init_module -k module-change
+    -a always,exit -F arch=b32 -S init_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S init_module -k module-change
+    -a always,exit -F arch=b64 -S init_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;init_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"init_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;init_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S init_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S init_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>72b8c5df-1ed5-4bdd-82f9-6679bbdd1f47</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86717r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "init_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S init_module -k module-change
+
+    -a always,exit -F arch=b64 -S init_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72187\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe init_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"init_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw init_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S init_module -k module-change\n\n    -a always,exit -F arch=b64 -S init_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"init_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"init_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S init_module -k module-change\n\n    -a always,exit -F arch=b64 -S init_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-72187\"\n  tag rid: \"SV-86811r5_rule\"\n  tag stig_id: \"RHEL-07-030820\"\n  tag fix_id: \"F-78541r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"init_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"init_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "init_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "init_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "init_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "init_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86717r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must immediately notify
 the System Administrator (SA) and Information System Security Officer (ISSO)
 (at a minimum) when the threshold for the repository maximum audit record
-storage capacity is reached.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+storage capacity is reached.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If security personnel are not notified immediately when the threshold
 for the repository maximum audit record storage capacity is reached, they are
-unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system immediately notifies the SA and ISSO (at a
 minimum) via email when the threshold for the repository maximum audit record
 storage capacity is reached.
@@ -17713,445 +16922,427 @@ storage capacity is reached.
 repository maximum audit record storage capacity is reached with the following
 command:
 
-    # grep -i action_mail_acct  &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    action_mail_acct &#x3D; root
+    # grep -i action_mail_acct  /etc/audit/auditd.conf
+    action_mail_acct = root
 
-    If the value of the &quot;action_mail_acct&quot; keyword is not set to &quot;root&quot; and
-other accounts for security personnel, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "action_mail_acct" keyword is not set to "root" and
+other accounts for security personnel, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to immediately notify the SA and ISSO (at a
 minimum) when the threshold for the repository maximum audit record storage
 capacity is reached.
 
-    Uncomment or edit the &quot;action_mail_acct&quot; keyword in
-&quot;&#x2F;etc&#x2F;audit&#x2F;auditd.conf&quot; and set it to root and any other accounts associated
+    Uncomment or edit the "action_mail_acct" keyword in
+"/etc/audit/auditd.conf" and set it to root and any other accounts associated
 with security personnel.
 
-    action_mail_acct &#x3D; root</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bc87c0d8-3e5f-4bbb-b395-85bfd1df5af1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Audit Daemon Config action_mail_acct is expected to cmp &#x3D;&#x3D; &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86825r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030890</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    action_mail_acct = root</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72093\" do\n  title \"The Red Hat Enterprise Linux operating system must immediately notify\nthe System Administrator (SA) and Information System Security Officer (ISSO)\n(at a minimum) when the threshold for the repository maximum audit record\nstorage capacity is reached.\"\n  desc  \"If security personnel are not notified immediately when the threshold\nfor the repository maximum audit record storage capacity is reached, they are\nunable to expand the audit record storage capacity before records are lost.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system immediately notifies the SA and ISSO (at a\nminimum) via email when the threshold for the repository maximum audit record\nstorage capacity is reached.\n\n    Check what account the operating system emails when the threshold for the\nrepository maximum audit record storage capacity is reached with the following\ncommand:\n\n    # grep -i action_mail_acct  /etc/audit/auditd.conf\n    action_mail_acct = root\n\n    If the value of the \\\"action_mail_acct\\\" keyword is not set to \\\"root\\\" and\nother accounts for security personnel, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to immediately notify the SA and ISSO (at a\nminimum) when the threshold for the repository maximum audit record storage\ncapacity is reached.\n\n    Uncomment or edit the \\\"action_mail_acct\\\" keyword in\n\\\"/etc/audit/auditd.conf\\\" and set it to root and any other accounts associated\nwith security personnel.\n\n    action_mail_acct = root\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000343-GPOS-00134\"\n  tag gid: \"V-72093\"\n  tag rid: \"SV-86717r3_rule\"\n  tag stig_id: \"RHEL-07-030350\"\n  tag fix_id: \"F-78445r3_fix\"\n  tag cci: [\"CCI-001855\"]\n  tag nist: [\"AU-5 (1)\", \"Rev_4\"]\n\n  describe auditd_conf  do\n    its('action_mail_acct') { should cmp 'root' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Audit Daemon Config action_mail_acct is expected to cmp == "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86825r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030890</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the renameat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the renameat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;renameat&quot; syscall occur.
+successful/unsuccessful attempts to use the "renameat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw renameat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw renameat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;renameat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"renameat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;renameat&quot; syscall occur.
+successful/unsuccessful attempts to use the "renameat" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>78768756-5253-44d4-b437-2c87f3319b3f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86659r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020720</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72201\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe renameat syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"renameat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw renameat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"renameat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"renameat\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72201\"\n  tag rid: \"SV-86825r5_rule\"\n  tag stig_id: \"RHEL-07-030890\"\n  tag fix_id: \"F-78555r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"renameat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"renameat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "renameat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "renameat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "renameat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "renameat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72035</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86659r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020720</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user initialization files executable search paths
-contain only paths that resolve to the users home directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+contain only paths that resolve to the users home directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The executable search path (typically the PATH environment variable)
 contains a list of directories for the shell to search to find executables. If
-this path includes the current working directory (other than the user&#39;s home
+this path includes the current working directory (other than the user's home
 directory), executables in these directories may be executed instead of system
 commands. This variable is formatted as a colon-separated list of directories.
 If there is an empty entry, such as a leading or trailing colon or two
 consecutive colons, this is interpreted as the current working directory. If
 deviations from the default system search path for the local interactive user
 are required, they must be documented with the Information System Security
-Officer (ISSO).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that all local interactive user initialization files&#39; executable
+Officer (ISSO).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that all local interactive user initialization files' executable
 search path statements do not contain statements that will reference a working
-directory other than the users&#39; home directory.
+directory other than the users' home directory.
 
     Check the executable search path statement for all local interactive user
-initialization files in the users&#39; home directory with the following commands:
+initialization files in the users' home directory with the following commands:
 
     Note: The example will be for the smithj user, which has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+of "/home/smithj".
 
-    # grep -i path &#x2F;home&#x2F;smithj&#x2F;.*
-    &#x2F;home&#x2F;smithj&#x2F;.bash_profile:PATH&#x3D;$PATH:$HOME&#x2F;.local&#x2F;bin:$HOME&#x2F;bin
-    &#x2F;home&#x2F;smithj&#x2F;.bash_profile:export PATH
+    # grep -i path /home/smithj/.*
+    /home/smithj/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin
+    /home/smithj/.bash_profile:export PATH
 
     If any local interactive user initialization files have executable search
 path statements that include directories outside of their home directory, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Edit the local interactive user initialization files to change any PATH
 variable statements that reference directories other than their home directory.
 
     If a local interactive user requires path variables to reference a
-directory owned by the application, it must be documented with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c064d4e7-cf00-4e25-9a61-67945c8738f0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Initialization files that include executable search paths that include directories outside their home directories is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71917</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86541r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010190</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+directory owned by the application, it must be documented with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72035\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user initialization files executable search paths\ncontain only paths that resolve to the users home directory.\"\n  desc  \"The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO).\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that all local interactive user initialization files' executable\nsearch path statements do not contain statements that will reference a working\ndirectory other than the users' home directory.\n\n    Check the executable search path statement for all local interactive user\ninitialization files in the users' home directory with the following commands:\n\n    Note: The example will be for the smithj user, which has a home directory\nof \\\"/home/smithj\\\".\n\n    # grep -i path /home/smithj/.*\n    /home/smithj/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin\n    /home/smithj/.bash_profile:export PATH\n\n    If any local interactive user initialization files have executable search\npath statements that include directories outside of their home directory, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the local interactive user initialization files to change any PATH\nvariable statements that reference directories other than their home directory.\n\n    If a local interactive user requires path variables to reference a\ndirectory owned by the application, it must be documented with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72035\"\n  tag rid: \"SV-86659r4_rule\"\n  tag stig_id: \"RHEL-07-020720\"\n  tag fix_id: \"F-78387r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    grep_results =  command(\"grep -i path --exclude=\\\".bash_history\\\" #{user_info.home}/.*\").stdout.split(\"\\\\n\")\n    grep_results.each do |result|\n      result.slice! \"PATH=\"\n      # Case when last value in exec search path is :\n      if result[-1] == \":\" then\n        result = result + \" \"\n      end\n      result.slice! \"$PATH:\"\n      result.gsub! '$HOME', \"#{user_info.home}\"\n      result.gsub! '~', \"#{user_info.home}\"\n      line_arr = result.split(\":\")\n      line_arr.delete_at(0)\n      line_arr.each do |line|\n        # Don't run test on line that exports PATH and is not commented out\n        if !line.start_with?('export') &amp;&amp; !line.start_with?('#') then\n          # Case when :: found in exec search path or : found at beginning\n          if line.strip.empty? then\n            curr_work_dir = command(\"pwd\").stdout.gsub(\"\\n\", \"\")\n            if curr_work_dir.start_with?(\"#{user_info.home}\") then\n              line = curr_work_dir\n            end\n          end\n          # This will fail if non-home directory found in path\n          if !line.start_with?(user_info.home)\n            findings.add(line)\n          end\n        end\n      end\n    end\n  end\n  describe.one do\n    describe etc_fstab do\n      its('home_mount_options') { should include 'nosuid' }\n    end\n    describe \"Initialization files that include executable search paths that include directories outside their home directories\" do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Initialization files that include executable search paths that include directories outside their home directories is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71917</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86541r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010190</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed the number of repeating characters of the same
-character class must not be more than four characters.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+character class must not be more than four characters.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -18160,145 +17351,140 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;maxclassrepeat&quot; option sets the maximum number of allowed same
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "maxclassrepeat" option sets the maximum number of allowed same
 consecutive characters in the same class in the new password.
 
-    Check for the value of the &quot;maxclassrepeat&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "maxclassrepeat" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep maxclassrepeat &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    maxclassrepeat &#x3D; 4
+    # grep maxclassrepeat /etc/security/pwquality.conf
+    maxclassrepeat = 4
 
-    If the value of &quot;maxclassrepeat&quot; is set to more than &quot;4&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "maxclassrepeat" is set to more than "4", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of the number of
 repeating characters of the same character class when passwords are changed by
-setting the &quot;maxclassrepeat&quot; option.
+setting the "maxclassrepeat" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; conf (or modify
+    Add the following line to "/etc/security/pwquality.conf" conf (or modify
 the line to have the required value):
 
-    maxclassrepeat &#x3D; 4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>849363c7-3e89-4425-afaf-614dfe075427</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf maxclassrepeat.to_i is expected to cmp &lt;&#x3D; 4</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72225</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86849r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040170</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    maxclassrepeat = 4</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71917\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed the number of repeating characters of the same\ncharacter class must not be more than four characters.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"maxclassrepeat\\\" option sets the maximum number of allowed same\nconsecutive characters in the same class in the new password.\n\n    Check for the value of the \\\"maxclassrepeat\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep maxclassrepeat /etc/security/pwquality.conf\n    maxclassrepeat = 4\n\n    If the value of \\\"maxclassrepeat\\\" is set to more than \\\"4\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of the number of\nrepeating characters of the same character class when passwords are changed by\nsetting the \\\"maxclassrepeat\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" conf (or modify\nthe line to have the required value):\n\n    maxclassrepeat = 4\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71917\"\n  tag rid: \"SV-86541r2_rule\"\n  tag stig_id: \"RHEL-07-010190\"\n  tag fix_id: \"F-78269r1_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('maxclassrepeat.to_i') { should cmp &lt;= 4 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf maxclassrepeat.to_i is expected to cmp &lt;= 4</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72225</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86849r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040170</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 Standard Mandatory DoD Notice and Consent Banner immediately prior to, or as
-part of, remote access logon prompts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+part of, remote access logon prompts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the publicly accessible operating system ensures privacy and
 security notification verbiage used is consistent with applicable federal laws,
@@ -18311,7 +17497,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -18336,14 +17522,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify any publicly accessible connection to the operating system displays
 the Standard Mandatory DoD Notice and Consent Banner before granting access to
 the system.
@@ -18351,19 +17537,19 @@ the system.
     Check for the location of the banner file being used with the following
 command:
 
-    # grep -i banner &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i banner /etc/ssh/sshd_config
 
-    banner &#x2F;etc&#x2F;issue
+    banner /etc/issue
 
     This command will return the banner keyword and the name of the file that
-contains the ssh banner (in this case &quot;&#x2F;etc&#x2F;issue&quot;).
+contains the ssh banner (in this case "/etc/issue").
 
     If the line is commented out, this is a finding.
 
     View the file specified by the banner keyword to check that it matches the
 text of the Standard Mandatory DoD Notice and Consent Banner:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only. By using this IS (which includes any
 device attached to this IS), you consent to the following conditions:
 
@@ -18386,32 +17572,32 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;
+Agreement for details."
 
     If the system does not display a graphical logon banner or the banner does
 not match the Standard Mandatory DoD Notice and Consent Banner, this is a
 finding.
 
     If the text in the file does not match the Standard Mandatory DoD Notice
-and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the Standard Mandatory DoD Notice
 and Consent Banner before granting access to the system via the ssh.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment the banner keyword and
+    Edit the "/etc/ssh/sshd_config" file to uncomment the banner keyword and
 configure it to point to a file that will contain the logon banner (this file
 may be named differently or be in a different location if using a version of
 SSH that is provided by a third-party vendor). An example configuration line is:
 
-    banner &#x2F;etc&#x2F;issue
+    banner /etc/issue
 
     Either create the file containing the banner or replace the text in the
 file with the Standard Mandatory DoD Notice and Consent Banner. The DoD
 required text is:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only. By using this IS (which includes any
 device attached to this IS), you consent to the following conditions:
 
@@ -18434,1508 +17620,1443 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;
-
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>68760ad2-e633-46e1-baa6-ce5860964f7b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001385</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001386</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001387</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001388</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The SSHD Banner is set to the standard banner and has the correct text is expected to cmp &#x3D;&#x3D; &quot;YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.&quot;
-
+Agreement for details."
+
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72225\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\nStandard Mandatory DoD Notice and Consent Banner immediately prior to, or as\npart of, remote access logon prompts.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the publicly accessible operating system ensures privacy and\nsecurity notification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify any publicly accessible connection to the operating system displays\nthe Standard Mandatory DoD Notice and Consent Banner before granting access to\nthe system.\n\n    Check for the location of the banner file being used with the following\ncommand:\n\n    # grep -i banner /etc/ssh/sshd_config\n\n    banner /etc/issue\n\n    This command will return the banner keyword and the name of the file that\ncontains the ssh banner (in this case \\\"/etc/issue\\\").\n\n    If the line is commented out, this is a finding.\n\n    View the file specified by the banner keyword to check that it matches the\ntext of the Standard Mandatory DoD Notice and Consent Banner:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n    If the system does not display a graphical logon banner or the banner does\nnot match the Standard Mandatory DoD Notice and Consent Banner, this is a\nfinding.\n\n    If the text in the file does not match the Standard Mandatory DoD Notice\nand Consent Banner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the ssh.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment the banner keyword and\nconfigure it to point to a file that will contain the logon banner (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor). An example configuration line is:\n\n    banner /etc/issue\n\n    Either create the file containing the banner or replace the text in the\nfile with the Standard Mandatory DoD Notice and Consent Banner. The DoD\nrequired text is:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\",\n\"SRG-OS-000228-GPOS-00088\"]\n  tag gid: \"V-72225\"\n  tag rid: \"SV-86849r4_rule\"\n  tag stig_id: \"RHEL-07-040170\"\n  tag fix_id: \"F-78579r4_fix\"\n  tag cci: [\"CCI-000048\", \"CCI-000050\", \"CCI-001384\", \"CCI-001385\",\n\"CCI-001386\", \"CCI-001387\", \"CCI-001388\"]\n  tag nist: [\"AC-8 a\", \"AC-8 b\", \"AC-8 c 1\", \"AC-8 c 2\", \"AC-8 c 2\", \"AC-8 c\n2\", \"AC-8 c 3\", \"Rev_4\"]\n\n  banner_message_text_ral = input('banner_message_text_ral')\n  banner_message_text_ral_limited = input('banner_message_text_ral_limited')\n\n  #When Banner is commented, not found, disabled, or the specified file does not exist, this is a finding.\n  banner_files = [sshd_config.banner].flatten\n\n  banner_files.each do |banner_file|\n\n    #Banner property is commented out.\n    describe \"The SSHD Banner is not set\" do\n      subject { banner_file.nil? }\n      it { should be false }\n    end if banner_file.nil?\n\n    #Banner property is set to \"none\"\n    describe \"The SSHD Banner is disabled\" do\n      subject { banner_file.match(/none/i).nil? }\n      it { should be true }\n    end if !banner_file.nil? &amp;&amp; !banner_file.match(/none/i).nil?\n\n    #Banner property provides a path to a file, however, it does not exist.\n    describe \"The SSHD Banner is set, but, the file does not exist\" do\n      subject { file(banner_file).exist? }\n      it { should be true }\n    end if !banner_file.nil? &amp;&amp; banner_file.match(/none/i).nil? &amp;&amp; !file(banner_file).exist?\n\n    #Banner property provides a path to a file and it exists.\n    describe.one do\n      banner = file(banner_file).content.gsub(%r{[\\r\\n\\s]}, '')\n      clean_banner = banner_message_text_ral.gsub(%r{[\\r\\n\\s]}, '')\n      clean_banner_limited = banner_message_text_ral_limited.gsub(%r{[\\r\\n\\s]}, '')\n\n      describe \"The SSHD Banner is set to the standard banner and has the correct text\" do\n        subject { banner }\n        it { should cmp clean_banner }\n      end\n\n      describe \"The SSHD Banner is set to the standard limited banner and has the correct text\" do\n        subject { banner }\n        it { should cmp clean_banner_limited }\n      end\n    end if !banner_file.nil? &amp;&amp; banner_file.match(/none/i).nil? &amp;&amp; file(banner_file).exist?\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001385</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001386</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001387</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001388</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The SSHD Banner is set to the standard banner and has the correct text is expected to cmp == "YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails." :: MESSAGE 
 expected: YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-passed
-The SSHD Banner is set to the standard limited banner and has the correct text is expected to cmp &#x3D;&#x3D; &quot;I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.&quot;
-
-expected: I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.
+passed :: TEST The SSHD Banner is set to the standard limited banner and has the correct text is expected to cmp == "I'veread&amp;consenttotermsinISuseragreem't." :: MESSAGE 
+expected: I'veread&amp;consenttotermsinISuseragreem't.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72257</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86881r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72257</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86881r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH private host key files have mode 0640 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH private host key files have mode 0640 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an unauthorized user obtains the private SSH host key file, the
-host could be impersonated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the SSH private host key files have mode &quot;0640&quot; or less permissive.
+host could be impersonated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the SSH private host key files have mode "0640" or less permissive.
 
     The following command will find all SSH private key files on the system and
 list their modes:
 
-    # find &#x2F; -name &#39;*ssh_host*key&#39; | xargs ls -lL
+    # find / -name '*ssh_host*key' | xargs ls -lL
 
     -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key
     -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key
     -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key
 
-    If any file has a mode more permissive than &quot;0640&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the mode of SSH private host key files under &quot;&#x2F;etc&#x2F;ssh&quot; to
-&quot;0640&quot; with the following command:
-
-    # chmod 0640 &#x2F;path&#x2F;to&#x2F;file&#x2F;ssh_host*key</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>08c991ac-9825-4663-b3ad-ac0b4dbba05c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86831r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030920</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If any file has a mode more permissive than "0640", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the mode of SSH private host key files under "/etc/ssh" to
+"0640" with the following command:
+
+    # chmod 0640 /path/to/file/ssh_host*key</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72257\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH private host key files have mode 0640 or less permissive.\"\n  desc  \"If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH private host key files have mode \\\"0640\\\" or less permissive.\n\n    The following command will find all SSH private key files on the system and\nlist their modes:\n\n    # find / -name '*ssh_host*key' | xargs ls -lL\n\n    -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key\n    -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key\n    -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key\n\n    If any file has a mode more permissive than \\\"0640\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the mode of SSH private host key files under \\\"/etc/ssh\\\" to\n\\\"0640\\\" with the following command:\n\n    # chmod 0640 /path/to/file/ssh_host*key\n\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72257\"\n  tag rid: \"SV-86881r3_rule\"\n  tag stig_id: \"RHEL-07-040420\"\n  tag fix_id: \"F-78611r5_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  key_files = command(\"find /etc/ssh -xdev -name '*ssh_host*key' -perm /177\").stdout.split(\"\\n\")\n  if !key_files.nil? and !key_files.empty?\n    key_files.each do |keyfile|\n      describe file(keyfile) do\n        it { should_not be_executable.by('owner') }\n        it { should_not be_readable.by('group') }\n        it { should_not be_writable.by('group') }\n        it { should_not be_executable.by('group') }\n        it { should_not be_readable.by('others') }\n        it { should_not be_writable.by('others') }\n        it { should_not be_executable.by('others') }\n      end\n    end\n  else\n    describe \"No files have a more permissive mode.\" do\n      subject { key_files.nil? or key_files.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86831r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030920</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the unlinkat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the unlinkat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlinkat&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlinkat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw unlinkat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw unlinkat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;unlinkat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"unlinkat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlinkat&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlinkat" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>176daa0e-1692-44aa-aaa2-af58afb0f749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86683r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72207\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe unlinkat syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlinkat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw unlinkat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"unlinkat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlinkat\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72207\"\n  tag rid: \"SV-86831r5_rule\"\n  tag stig_id: \"RHEL-07-030920\"\n  tag fix_id: \"F-78561r10_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"unlinkat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"unlinkat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86683r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that a separate file system is used for user home directories (such as &#x2F;home or
-an equivalent).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that a separate file system is used for user home directories (such as /home or
+an equivalent).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that a separate file system&#x2F;partition has been created for
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that a separate file system/partition has been created for
 non-privileged local interactive user home directories.
 
     Check the home directory assignment for all non-privileged users (those
 with a UID greater than 1000) on the system with the following command:
 
-    #cut -d: -f 1,3,6,7 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot; | tr &quot;:&quot;
-&quot;\t&quot;
+    #cut -d: -f 1,3,6,7 /etc/passwd | egrep ":[1-4][0-9]{3}" | tr ":"
+"\t"
 
-    adamsj &#x2F;home&#x2F;adamsj &#x2F;bin&#x2F;bash
-    jacksonm &#x2F;home&#x2F;jacksonm &#x2F;bin&#x2F;bash
-    smithj &#x2F;home&#x2F;smithj &#x2F;bin&#x2F;bash
+    adamsj /home/adamsj /bin/bash
+    jacksonm /home/jacksonm /bin/bash
+    smithj /home/smithj /bin/bash
 
-    The output of the command will give the directory&#x2F;partition that contains
+    The output of the command will give the directory/partition that contains
 the home directories for the non-privileged users on the system (in this
-example, &#x2F;home) and users&#39; shell. All accounts with a valid shell (such as
-&#x2F;bin&#x2F;bash) are considered interactive users.
+example, /home) and users' shell. All accounts with a valid shell (such as
+/bin/bash) are considered interactive users.
 
-    Check that a file system&#x2F;partition has been created for the non-privileged
+    Check that a file system/partition has been created for the non-privileged
 interactive users with the following command:
 
-    Note: The partition of &#x2F;home is used in the example.
+    Note: The partition of /home is used in the example.
 
-    # grep &#x2F;home &#x2F;etc&#x2F;fstab
-    UUID&#x3D;333ada18    &#x2F;home                   ext4    noatime,nobarrier,nodev  1
+    # grep /home /etc/fstab
+    UUID=333ada18    /home                   ext4    noatime,nobarrier,nodev  1
 2
 
-    If a separate entry for the file system&#x2F;partition that contains the
-non-privileged interactive users&#39; home directories does not exist, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Migrate the &quot;&#x2F;home&quot; directory onto a separate file
-system&#x2F;partition.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8ee65e57-ccb8-415c-9a5d-24044cb85808</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-ec2-user with mountpoint &#x2F; is expected not to be empty
---------------------------------
-passed
-ec2-user with mountpoint &#x2F; is expected not to match &#x2F;^\&#x2F;$&#x2F;
-expected &quot;&#x2F;&quot; not to match &#x2F;^\&#x2F;$&#x2F;
+    If a separate entry for the file system/partition that contains the
+non-privileged interactive users' home directories does not exist, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Migrate the "/home" directory onto a separate file
+system/partition.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72059\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat a separate file system is used for user home directories (such as /home or\nan equivalent).\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a separate file system/partition has been created for\nnon-privileged local interactive user home directories.\n\n    Check the home directory assignment for all non-privileged users (those\nwith a UID greater than 1000) on the system with the following command:\n\n    #cut -d: -f 1,3,6,7 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\" | tr \\\":\\\"\n\\\"\\\\t\\\"\n\n    adamsj /home/adamsj /bin/bash\n    jacksonm /home/jacksonm /bin/bash\n    smithj /home/smithj /bin/bash\n\n    The output of the command will give the directory/partition that contains\nthe home directories for the non-privileged users on the system (in this\nexample, /home) and users' shell. All accounts with a valid shell (such as\n/bin/bash) are considered interactive users.\n\n    Check that a file system/partition has been created for the non-privileged\ninteractive users with the following command:\n\n    Note: The partition of /home is used in the example.\n\n    # grep /home /etc/fstab\n    UUID=333ada18    /home                   ext4    noatime,nobarrier,nodev  1\n2\n\n    If a separate entry for the file system/partition that contains the\nnon-privileged interactive users' home directories does not exist, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Migrate the \\\"/home\\\" directory onto a separate file\nsystem/partition.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72059\"\n  tag rid: \"SV-86683r2_rule\"\n  tag stig_id: \"RHEL-07-021310\"\n  tag fix_id: \"F-78411r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  # excluding root because its home directory is usually \"/root\" (mountpoint \"/\")\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n\n    home_mount = command(%(df #{user_info.home} --output=target | tail -1)).stdout.strip\n    describe user_info.username do\n      context 'with mountpoint' do\n        context home_mount do\n          it { should_not be_empty }\n          it { should_not match(%r(^/$)) }\n        end\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST ec2-user with mountpoint / is expected not to be empty
+--------------------------------
+passed :: TEST ec2-user with mountpoint / is expected not to match /^\/$/ :: MESSAGE expected "/" not to match /^\/$/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^\&#x2F;$&#x2F;
-+&quot;&#x2F;&quot;
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72113</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86737r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+-/^\/$/
++"/"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72113</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86737r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fsetxattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fsetxattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fsetxattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fsetxattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fsetxattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fsetxattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0a768fc8-5efe-48a7-8e7c-f8d87ba0db33</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72287</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86911r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040630</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72113\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fsetxattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fsetxattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fsetxattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fsetxattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fsetxattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72113\"\n  tag rid: \"SV-86737r5_rule\"\n  tag stig_id: \"RHEL-07-030450\"\n  tag fix_id: \"F-78465r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fsetxattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fsetxattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72287</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86911r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040630</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not respond to
 Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP)
-echoes sent to a broadcast address.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+echoes sent to a broadcast address.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Responding to broadcast (ICMP) echoes facilitates network mapping and
-provides a vector for amplification attacks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+provides a vector for amplification attacks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not respond to IPv4 ICMP echoes sent to a broadcast
 address.
 
-    # grep net.ipv4.icmp_echo_ignore_broadcasts &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv4.icmp_echo_ignore_broadcasts /etc/sysctl.conf /etc/sysctl.d/*
 
-    If &quot; net.ipv4.icmp_echo_ignore_broadcasts&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;1&quot;, this is a finding.
+    If " net.ipv4.icmp_echo_ignore_broadcasts" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "1", this is a finding.
 
     Check that the operating system implements the
-&quot;icmp_echo_ignore_broadcasts&quot; variable with the following command:
+"icmp_echo_ignore_broadcasts" variable with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.icmp_echo_ignore_broadcasts
-    net.ipv4.icmp_echo_ignore_broadcasts &#x3D; 1
+    # /sbin/sysctl -a | grep net.ipv4.icmp_echo_ignore_broadcasts
+    net.ipv4.icmp_echo_ignore_broadcasts = 1
 
-    If the returned line does not have a value of &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.icmp_echo_ignore_broadcasts &#x3D; 1
+    net.ipv4.icmp_echo_ignore_broadcasts = 1
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>da18d677-6c3c-409d-88d9-79d6b8fb80a0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.icmp_echo_ignore_broadcasts value is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72013</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86637r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72287\" do\n  title \"The Red Hat Enterprise Linux operating system must not respond to\nInternet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP)\nechoes sent to a broadcast address.\"\n  desc  \"Responding to broadcast (ICMP) echoes facilitates network mapping and\nprovides a vector for amplification attacks.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not respond to IPv4 ICMP echoes sent to a broadcast\naddress.\n\n    # grep net.ipv4.icmp_echo_ignore_broadcasts /etc/sysctl.conf /etc/sysctl.d/*\n\n    If \\\" net.ipv4.icmp_echo_ignore_broadcasts\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"1\\\", this is a finding.\n\n    Check that the operating system implements the\n\\\"icmp_echo_ignore_broadcasts\\\" variable with the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.icmp_echo_ignore_broadcasts\n    net.ipv4.icmp_echo_ignore_broadcasts = 1\n\n    If the returned line does not have a value of \\\"1\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.icmp_echo_ignore_broadcasts = 1\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72287\"\n  tag rid: \"SV-86911r2_rule\"\n  tag stig_id: \"RHEL-07-040630\"\n  tag fix_id: \"F-78641r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.icmp_echo_ignore_broadcasts') do\n    its('value') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.icmp_echo_ignore_broadcasts value is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72013</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86637r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user accounts, upon creation, are assigned a home
-directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If local interactive users are not assigned a valid home directory,
-there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all local interactive users on the system are assigned a home
 directory upon creation.
 
     Check to see if the system is configured to create home directories for
 local interactive users with the following command:
 
-    # grep -i create_home &#x2F;etc&#x2F;login.defs
+    # grep -i create_home /etc/login.defs
     CREATE_HOME yes
 
-    If the value for &quot;CREATE_HOME&quot; parameter is not set to &quot;yes&quot;, the line
-is missing, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value for "CREATE_HOME" parameter is not set to "yes", the line
+is missing, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to assign home directories to all new local
-interactive users by setting the &quot;CREATE_HOME&quot; parameter in
-&quot;&#x2F;etc&#x2F;login.defs&quot; to &quot;yes&quot; as follows.
-
-    CREATE_HOME yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0567b5c1-6e2a-4cb2-bd29-f845041deab4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs CREATE_HOME is expected to eq &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72153</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86777r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030650</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+interactive users by setting the "CREATE_HOME" parameter in
+"/etc/login.defs" to "yes" as follows.
+
+    CREATE_HOME yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72013\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user accounts, upon creation, are assigned a home\ndirectory.\"\n  desc  \"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all local interactive users on the system are assigned a home\ndirectory upon creation.\n\n    Check to see if the system is configured to create home directories for\nlocal interactive users with the following command:\n\n    # grep -i create_home /etc/login.defs\n    CREATE_HOME yes\n\n    If the value for \\\"CREATE_HOME\\\" parameter is not set to \\\"yes\\\", the line\nis missing, or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to assign home directories to all new local\ninteractive users by setting the \\\"CREATE_HOME\\\" parameter in\n\\\"/etc/login.defs\\\" to \\\"yes\\\" as follows.\n\n    CREATE_HOME yes\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72013\"\n  tag rid: \"SV-86637r2_rule\"\n  tag stig_id: \"RHEL-07-020610\"\n  tag fix_id: \"F-78365r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe login_defs do\n    its('CREATE_HOME') { should eq 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs CREATE_HOME is expected to eq "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72153</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86777r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030650</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the gpasswd command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the gpasswd command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;gpasswd&quot; command occur.
+successful/unsuccessful attempts to use the "gpasswd" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;gpasswd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/gpasswd /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;gpasswd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;gpasswd&quot; command occur.
+successful/unsuccessful attempts to use the "gpasswd" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;gpasswd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-passwd
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3cfdd125-db7d-4549-bc4e-dfac1f8ed0f3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;gpasswd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;gpasswd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71933</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000077-GPOS-00045</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86557r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72153\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe gpasswd command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"gpasswd\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/gpasswd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"gpasswd\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72153\"\n  tag rid: \"SV-86777r5_rule\"\n  tag stig_id: \"RHEL-07-030650\"\n  tag fix_id: \"F-78505r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/gpasswd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/gpasswd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/gpasswd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71933</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000077-GPOS-00045</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86557r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords are prohibited from reuse for a minimum of five generations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords are prohibited from reuse for a minimum of five generations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Password complexity, or strength, is a measure of the effectiveness of
 a password in resisting attempts at guessing and brute-force attacks. If the
 information system or application allows the user to consecutively reuse their
 password when that password has exceeded its defined lifetime, the end result
-is a password that is not changed per policy requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+is a password that is not changed per policy requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prohibits password reuse for a minimum of five
 generations.
 
-    Check for the value of the &quot;remember&quot; argument in
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; with the following
+    Check for the value of the "remember" argument in
+"/etc/pam.d/system-auth" and "/etc/pam.d/password-auth" with the following
 command:
 
-    # grep -i remember &#x2F;etc&#x2F;pam.d&#x2F;system-auth &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep -i remember /etc/pam.d/system-auth /etc/pam.d/password-auth
 
-    password    requisite     pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
+    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3
 
-    If the line containing the &quot;pam_pwhistory.so&quot; line does not have the
-&quot;remember&quot; module argument set, is commented out, or the value of the
-&quot;remember&quot; module argument is set to less than &quot;5&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the line containing the "pam_pwhistory.so" line does not have the
+"remember" module argument set, is commented out, or the value of the
+"remember" module argument is set to less than "5", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prohibit password reuse for a minimum of
 five generations.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; (or modify the line to have the required value):
+    Add the following line in "/etc/pam.d/system-auth" and
+"/etc/pam.d/password-auth" (or modify the line to have the required value):
 
-    password    requisite     pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
+    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>53ab8c7b-2ac4-4036-948a-b57d61654d9d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include password (required|requisite|sufficient) pam_(unix|pwhistory).so, any with arg remember &gt;&#x3D; 5</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95721r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021022</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount &#x2F;dev&#x2F;shm with
-the nodev option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nodev&quot; mount option causes the system to not interpret
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71933\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords are prohibited from reuse for a minimum of five generations.\"\n  desc  \"Password complexity, or strength, is a measure of the effectiveness of\na password in resisting attempts at guessing and brute-force attacks. If the\ninformation system or application allows the user to consecutively reuse their\npassword when that password has exceeded its defined lifetime, the end result\nis a password that is not changed per policy requirements.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prohibits password reuse for a minimum of five\ngenerations.\n\n    Check for the value of the \\\"remember\\\" argument in\n\\\"/etc/pam.d/system-auth\\\" and \\\"/etc/pam.d/password-auth\\\" with the following\ncommand:\n\n    # grep -i remember /etc/pam.d/system-auth /etc/pam.d/password-auth\n\n    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3\n\n    If the line containing the \\\"pam_pwhistory.so\\\" line does not have the\n\\\"remember\\\" module argument set, is commented out, or the value of the\n\\\"remember\\\" module argument is set to less than \\\"5\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prohibit password reuse for a minimum of\nfive generations.\n\n    Add the following line in \\\"/etc/pam.d/system-auth\\\" and\n\\\"/etc/pam.d/password-auth\\\" (or modify the line to have the required value):\n\n    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000077-GPOS-00045\"\n  tag gid: \"V-71933\"\n  tag rid: \"SV-86557r3_rule\"\n  tag stig_id: \"RHEL-07-010270\"\n  tag fix_id: \"F-78285r3_fix\"\n  tag cci: [\"CCI-000200\"]\n  tag nist: [\"IA-5 (1) (e)\", \"Rev_4\"]\n\n  min_reuse_generations = input('min_reuse_generations')\n\n  describe pam(\"/etc/pam.d/system-auth\") do\n    its('lines') { should match_pam_rule('password (required|requisite|sufficient) pam_(unix|pwhistory).so').any_with_integer_arg('remember', '&gt;=', min_reuse_generations) }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite|sufficient) pam_(unix|pwhistory).so, any with arg remember &gt;= 5</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95721r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021022</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount /dev/shm with
+the nodev option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nodev" mount option causes the system to not interpret
 character or block special devices. Executing character or block special
 devices from untrusted file systems increases the opportunity for unprivileged
-users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;nodev&quot; option is configured for &#x2F;dev&#x2F;shm:
+users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "nodev" option is configured for /dev/shm:
 
 
-    # cat &#x2F;etc&#x2F;fstab | grep &#x2F;dev&#x2F;shm
-    tmpfs &#x2F;dev&#x2F;shm tmpfs defaults,nodev,nosuid,noexec 0 0
+    # cat /etc/fstab | grep /dev/shm
+    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
 
-    If any results are returned and the &quot;nodev&quot; option is not listed, this is
+    If any results are returned and the "nodev" option is not listed, this is
 a finding.
 
-    Verify &quot;&#x2F;dev&#x2F;shm&quot; is mounted with the &quot;nodev&quot; option:
-
-    # mount | grep &quot;&#x2F;dev&#x2F;shm&quot; | grep nodev
-
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the system so that &#x2F;dev&#x2F;shm is mounted with the
-&quot;nodev&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2ab01a8b-e225-4f55-bf56-3ffe7a578e94</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;dev&#x2F;shm options is expected to include &quot;nodev&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71965</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86589r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Verify "/dev/shm" is mounted with the "nodev" option:
+
+    # mount | grep "/dev/shm" | grep nodev
+
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system so that /dev/shm is mounted with the
+"nodev" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81009\" do\n  title \"The Red Hat Enterprise Linux operating system must mount /dev/shm with\nthe nodev option.\"\n  desc  \"The \\\"nodev\\\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"nodev\\\" option is configured for /dev/shm:\n\n\n    # cat /etc/fstab | grep /dev/shm\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If any results are returned and the \\\"nodev\\\" option is not listed, this is\na finding.\n\n    Verify \\\"/dev/shm\\\" is mounted with the \\\"nodev\\\" option:\n\n    # mount | grep \\\"/dev/shm\\\" | grep nodev\n\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system so that /dev/shm is mounted with the\n\\\"nodev\\\" option.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000368-GPOS-00154\"\n  tag gid: \"V-81009\"\n  tag rid: \"SV-95721r2_rule\"\n  tag stig_id: \"RHEL-07-021022\"\n  tag fix_id: \"F-87843r2_fix\"\n  tag cci: [\"CCI-001764\"]\n  tag nist: [\"CM-7 (2)\", \"Rev_4\"]\n\n  describe mount('/dev/shm') do\n    its('options') { should include 'nodev' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /dev/shm options is expected to include "nodev"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71965</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86589r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must uniquely identify
 and must authenticate organizational users (or processes acting on behalf of
-organizational users) using multifactor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+organizational users) using multifactor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To assure accountability and prevent unauthenticated access,
 organizational users must be identified and authenticated to prevent potential
 misuse and compromise of the system.
@@ -19954,209 +19075,198 @@ information system without identification or authentication;
     2) Accesses that occur through authorized use of group authenticators
 without individual authentication. Organizations may require unique
 identification of individuals in group accounts (e.g., shared privilege
-accounts) or for detailed accountability of individual activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+accounts) or for detailed accountability of individual activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system requires multifactor authentication to uniquely
 identify organizational users using multifactor authentication.
 
     Check to see if smartcard authentication is enforced on the system:
 
-    # authconfig --test | grep &quot;pam_pkcs11 is enabled&quot;
+    # authconfig --test | grep "pam_pkcs11 is enabled"
 
     If no results are returned, this is a finding.
 
-    # authconfig --test | grep &quot;smartcard removal action&quot;
+    # authconfig --test | grep "smartcard removal action"
 
-    If &quot;smartcard removal action&quot; is blank, this is a finding.
+    If "smartcard removal action" is blank, this is a finding.
 
-    # authconfig --test | grep &quot;smartcard module&quot;
+    # authconfig --test | grep "smartcard module"
 
-    If &quot;smartcard module&quot; is blank, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "smartcard module" is blank, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require individuals to be authenticated
 with a multifactor authenticator.
 
     Enable smartcard logons with the following commands:
 
-    # authconfig --enablesmartcard --smartcardaction&#x3D;0 --update
+    # authconfig --enablesmartcard --smartcardaction=0 --update
     # authconfig --enablerequiresmartcard -update
 
-    Modify the &quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pkcs11_eventmgr.conf&quot; file to uncomment the
+    Modify the "/etc/pam_pkcs11/pkcs11_eventmgr.conf" file to uncomment the
 following line:
 
-    #&#x2F;usr&#x2F;X11R6&#x2F;bin&#x2F;xscreensaver-command -lock
-
-    Modify the &quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf&quot; file to use the cackey
-module if required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b7ac909a-39b0-4674-8b0f-5f0ef6fbcf4b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;authconfig --test | grep -i smartcard&#x60; stdout is expected to match &#x2F;use\sonly\ssmartcard\sfor\slogin\sis\senabled&#x2F;
-expected &quot;SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module &#x3D; \&quot;\&quot;\n smartcard removal action &#x3D; \&quot;\&quot;\n&quot; to match &#x2F;use\sonly\ssmartcard\sfor\slogin\sis\senabled&#x2F;
+    #/usr/X11R6/bin/xscreensaver-command -lock
+
+    Modify the "/etc/pam_pkcs11/pam_pkcs11.conf" file to use the cackey
+module if required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71965\" do\n  title \"The Red Hat Enterprise Linux operating system must uniquely identify\nand must authenticate organizational users (or processes acting on behalf of\norganizational users) using multifactor authentication.\"\n  desc  \"To assure accountability and prevent unauthenticated access,\norganizational users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nOrganizational users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication;\n\n    and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system requires multifactor authentication to uniquely\nidentify organizational users using multifactor authentication.\n\n    Check to see if smartcard authentication is enforced on the system:\n\n    # authconfig --test | grep \\\"pam_pkcs11 is enabled\\\"\n\n    If no results are returned, this is a finding.\n\n    # authconfig --test | grep \\\"smartcard removal action\\\"\n\n    If \\\"smartcard removal action\\\" is blank, this is a finding.\n\n    # authconfig --test | grep \\\"smartcard module\\\"\n\n    If \\\"smartcard module\\\" is blank, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require individuals to be authenticated\nwith a multifactor authenticator.\n\n    Enable smartcard logons with the following commands:\n\n    # authconfig --enablesmartcard --smartcardaction=0 --update\n    # authconfig --enablerequiresmartcard -update\n\n    Modify the \\\"/etc/pam_pkcs11/pkcs11_eventmgr.conf\\\" file to uncomment the\nfollowing line:\n\n    #/usr/X11R6/bin/xscreensaver-command -lock\n\n    Modify the \\\"/etc/pam_pkcs11/pam_pkcs11.conf\\\" file to use the cackey\nmodule if required.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000104-GPOS-00051\"\n  tag satisfies: [\"SRG-OS-000104-GPOS-00051\", \"SRG-OS-000106-GPOS-00053\",\n\"SRG-OS-000107-GPOS-00054\", \"SRG-OS-000109-GPOS-00056\",\n\"SRG-OS-000108-GPOS-00055\", \"SRG-OS-000108-GPOS-00057\",\n\"SRG-OS-000108-GPOS-00058\"]\n  tag gid: \"V-71965\"\n  tag rid: \"SV-86589r2_rule\"\n  tag stig_id: \"RHEL-07-010500\"\n  tag fix_id: \"F-78317r3_fix\"\n  tag cci: [\"CCI-000766\"]\n  tag nist: [\"IA-2 (2)\", \"Rev_4\"]\n\n  smart_card_status = input('smart_card_status')\n  if smart_card_status.eql?('enabled')\n    impact 0.5\n    describe command(\"authconfig --test | grep -i smartcard\") do\n      its('stdout') { should match %r{use\\sonly\\ssmartcard\\sfor\\slogin\\sis\\s#{smart_card_status}} }\n      its('stdout') { should match %r{smartcard\\smodule\\s=\\s\".+\"} }\n      its('stdout') { should match %r{smartcard\\sremoval\\saction\\s=\\s\".+\"} }\n    end\n  else\n    impact 0.0\n    describe \"The system is not smartcard enabled\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `authconfig --test | grep -i smartcard` stdout is expected to match /use\sonly\ssmartcard\sfor\slogin\sis\senabled/ :: MESSAGE expected "SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module = \"\"\n smartcard removal action = \"\"\n" to match /use\sonly\ssmartcard\sfor\slogin\sis\senabled/
 Diff:
 @@ -1,2 +1,5 @@
--&#x2F;use\sonly\ssmartcard\sfor\slogin\sis\senabled&#x2F;
+-/use\sonly\ssmartcard\sfor\slogin\sis\senabled/
 +SSSD smartcard support is disabled
 + use only smartcard for login is disabled
-+ smartcard module &#x3D; &quot;&quot;
-+ smartcard removal action &#x3D; &quot;&quot;
++ smartcard module = ""
++ smartcard removal action = ""
 
 --------------------------------
-passed
-Command: &#x60;authconfig --test | grep -i smartcard&#x60; stdout is expected to match &#x2F;smartcard\smodule\s&#x3D;\s&quot;.+&quot;&#x2F;
-expected &quot;SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module &#x3D; \&quot;\&quot;\n smartcard removal action &#x3D; \&quot;\&quot;\n&quot; to match &#x2F;smartcard\smodule\s&#x3D;\s&quot;.+&quot;&#x2F;
+passed :: TEST Command: `authconfig --test | grep -i smartcard` stdout is expected to match /smartcard\smodule\s=\s".+"/ :: MESSAGE expected "SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module = \"\"\n smartcard removal action = \"\"\n" to match /smartcard\smodule\s=\s".+"/
 Diff:
 @@ -1,2 +1,5 @@
--&#x2F;smartcard\smodule\s&#x3D;\s&quot;.+&quot;&#x2F;
+-/smartcard\smodule\s=\s".+"/
 +SSSD smartcard support is disabled
 + use only smartcard for login is disabled
-+ smartcard module &#x3D; &quot;&quot;
-+ smartcard removal action &#x3D; &quot;&quot;
++ smartcard module = ""
++ smartcard removal action = ""
 
 --------------------------------
-passed
-Command: &#x60;authconfig --test | grep -i smartcard&#x60; stdout is expected to match &#x2F;smartcard\sremoval\saction\s&#x3D;\s&quot;.+&quot;&#x2F;
-expected &quot;SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module &#x3D; \&quot;\&quot;\n smartcard removal action &#x3D; \&quot;\&quot;\n&quot; to match &#x2F;smartcard\sremoval\saction\s&#x3D;\s&quot;.+&quot;&#x2F;
+passed :: TEST Command: `authconfig --test | grep -i smartcard` stdout is expected to match /smartcard\sremoval\saction\s=\s".+"/ :: MESSAGE expected "SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module = \"\"\n smartcard removal action = \"\"\n" to match /smartcard\sremoval\saction\s=\s".+"/
 Diff:
 @@ -1,2 +1,5 @@
--&#x2F;smartcard\sremoval\saction\s&#x3D;\s&quot;.+&quot;&#x2F;
+-/smartcard\sremoval\saction\s=\s".+"/
 +SSSD smartcard support is disabled
 + use only smartcard for login is disabled
-+ smartcard module &#x3D; &quot;&quot;
-+ smartcard removal action &#x3D; &quot;&quot;
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72313</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86937r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040800</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
++ smartcard module = ""
++ smartcard removal action = ""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72313</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86937r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040800</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>SNMP community strings on the Red Hat Enterprise Linux operating
-system must be changed from the default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system must be changed from the default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Whether active or not, default Simple Network Management Protocol
 (SNMP) community strings must be changed to maintain security. If the service
 is running with the default authenticators, anyone can gather data about the
 system and the network and use the information to potentially compromise the
 integrity of the system or network(s). It is highly recommended that SNMP
 version 3 user authentication and message encryption be used in place of the
-version 2 community strings.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+version 2 community strings.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that a system using SNMP is not using default community strings.
 
-    Check to see if the &quot;&#x2F;etc&#x2F;snmp&#x2F;snmpd.conf&quot; file exists with the following
+    Check to see if the "/etc/snmp/snmpd.conf" file exists with the following
 command:
 
-    # ls -al &#x2F;etc&#x2F;snmp&#x2F;snmpd.conf
+    # ls -al /etc/snmp/snmpd.conf
      -rw-------   1 root root      52640 Mar 12 11:08 snmpd.conf
 
     If the file does not exist, this is Not Applicable.
@@ -20164,284 +19274,274 @@ command:
     If the file does exist, check for the default community strings with the
 following commands:
 
-    # grep public &#x2F;etc&#x2F;snmp&#x2F;snmpd.conf
-    # grep private &#x2F;etc&#x2F;snmp&#x2F;snmpd.conf
-
-    If either of these commands returns any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the &quot;&#x2F;etc&#x2F;snmp&#x2F;snmpd.conf&quot; file exists, modify any lines
-that contain a community string value of &quot;public&quot; or &quot;private&quot; to another
-string value.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b467adac-af3f-44f0-ba18-b3599c6ffb20</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The &#x60;snmpd.conf&#x60; does not exist
-The snmpd.conf file does not exist, this control is Not Applicable</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72029</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86653r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020690</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grep public /etc/snmp/snmpd.conf
+    # grep private /etc/snmp/snmpd.conf
+
+    If either of these commands returns any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the "/etc/snmp/snmpd.conf" file exists, modify any lines
+that contain a community string value of "public" or "private" to another
+string value.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72313\" do\n  title \"SNMP community strings on the Red Hat Enterprise Linux operating\nsystem must be changed from the default.\"\n  desc  \"Whether active or not, default Simple Network Management Protocol\n(SNMP) community strings must be changed to maintain security. If the service\nis running with the default authenticators, anyone can gather data about the\nsystem and the network and use the information to potentially compromise the\nintegrity of the system or network(s). It is highly recommended that SNMP\nversion 3 user authentication and message encryption be used in place of the\nversion 2 community strings.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a system using SNMP is not using default community strings.\n\n    Check to see if the \\\"/etc/snmp/snmpd.conf\\\" file exists with the following\ncommand:\n\n    # ls -al /etc/snmp/snmpd.conf\n     -rw-------   1 root root      52640 Mar 12 11:08 snmpd.conf\n\n    If the file does not exist, this is Not Applicable.\n\n    If the file does exist, check for the default community strings with the\nfollowing commands:\n\n    # grep public /etc/snmp/snmpd.conf\n    # grep private /etc/snmp/snmpd.conf\n\n    If either of these commands returns any output, this is a finding.\n  \"\n  desc  \"fix\", \"If the \\\"/etc/snmp/snmpd.conf\\\" file exists, modify any lines\nthat contain a community string value of \\\"public\\\" or \\\"private\\\" to another\nstring value.\"\n\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72313\"\n  tag rid: \"SV-86937r2_rule\"\n  tag stig_id: \"RHEL-07-040800\"\n  tag fix_id: \"F-78667r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  if file('/etc/snmp/snmpd.conf').exist?\n    impact 0.7\n    processed = []\n    to_process = ['/etc/snmp/snmpd.conf']\n\n    while !to_process.empty?\n      in_process = to_process.pop\n      next if processed.include? in_process\n      processed.push in_process\n\n      if file(in_process).directory?\n        to_process.concat(\n          command(\"find #{in_process} -maxdepth 1 -mindepth 1 -name '*.conf'\").\n            stdout.strip.split(\"\\n\").\n            select { |f| file(f).file? }\n        )\n      elsif file(in_process).file?\n        to_process.concat(\n          command(\"grep -E '^\\\\s*includeFile\\\\s+' #{in_process} | sed 's/^[[:space:]]*includeFile[[:space:]]*//g'\").\n            stdout.strip.split(%r{\\n+}).\n            map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n            select { |f| file(f).file? }\n        )\n        to_process.concat(\n          command(\"grep -E '^\\\\s*includeDir\\\\s+' #{in_process} | sed 's/^[[:space:]]*includeDir[[:space:]]*//g'\").\n            stdout.strip.split(%r{\\n+}).\n            map { |f| f.start_with?('/') ? f : File.join('/', f) }. # relative dirs are treated as absolute\n            select { |f| file(f).directory? }\n        )\n      end\n    end\n\n    config_files = processed.select { |f| file(f).file? }\n\n    config_files.each do |config|\n      describe file(config) do\n        its('content') { should_not match %r{^[^#]*(public|private)} }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The `snmpd.conf` does not exist\" do\n      skip \"The snmpd.conf file does not exist, this control is Not Applicable\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The `snmpd.conf` does not exist :: SKIP_MESSAGE The snmpd.conf file does not exist, this control is Not Applicable</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72029</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86653r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020690</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local initialization files for interactive users are owned by the home
-directory user or root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Local initialization files are used to configure the user&#39;s shell
+directory user or root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Local initialization files are used to configure the user's shell
 environment upon logon. Malicious modification of these files could compromise
-accounts upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+accounts upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the local initialization files of all local interactive users are
-group-owned by that user&#39;s primary Group Identifier (GID).
+group-owned by that user's primary Group Identifier (GID).
 
     Check the home directory assignment for all non-privileged users on the
 system with the following command:
 
     Note: The example will be for the smithj user, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and a primary group of &quot;users&quot;.
+"/home/smithj" and a primary group of "users".
 
-    # cut -d: -f 1,4,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
-    smithj:1000:&#x2F;home&#x2F;smithj
+    # cut -d: -f 1,4,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
+    smithj:1000:/home/smithj
 
-    # grep 1000 &#x2F;etc&#x2F;group
+    # grep 1000 /etc/group
     users:x:1000:smithj,jonesj,jacksons
 
     Note: This may miss interactive users that have been assigned a privileged
 User Identifier (UID). Evidence of interactive use may be obtained from a
 number of log files containing system logon information.
 
-    Check the group owner of all local interactive user&#39;s initialization files
+    Check the group owner of all local interactive user's initialization files
 with the following command:
 
-    # ls -al &#x2F;home&#x2F;smithj&#x2F;.[^.]* | more
+    # ls -al /home/smithj/.[^.]* | more
 
     -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile
     -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login
     -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something
 
-    If all local interactive user&#39;s initialization files are not group-owned by
-that user&#39;s primary GID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If all local interactive user's initialization files are not group-owned by
+that user's primary GID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the owner of the local initialization files for interactive users to
 either the directory owner or root with the following command:
 
     Note: The example will be for the smithj user, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chown smithj &#x2F;home&#x2F;smithj&#x2F;.[^.]*</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0688783b-95a6-483a-be25-e46e4eca4dbf</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Files and Directories not owned by the user or root of the parent home directory is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72417</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87041r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041001</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj".
+
+    # chown smithj /home/smithj/.[^.]*</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72029\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local initialization files for interactive users are owned by the home\ndirectory user or root.\"\n  desc  \"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the local initialization files of all local interactive users are\ngroup-owned by that user's primary Group Identifier (GID).\n\n    Check the home directory assignment for all non-privileged users on the\nsystem with the following command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\\\"/home/smithj\\\" and a primary group of \\\"users\\\".\n\n    # cut -d: -f 1,4,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n    smithj:1000:/home/smithj\n\n    # grep 1000 /etc/group\n    users:x:1000:smithj,jonesj,jacksons\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    Check the group owner of all local interactive user's initialization files\nwith the following command:\n\n    # ls -al /home/smithj/.[^.]* | more\n\n    -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile\n    -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login\n    -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something\n\n    If all local interactive user's initialization files are not group-owned by\nthat user's primary GID, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the owner of the local initialization files for interactive users to\neither the directory owner or root with the following command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\\\"/home/smithj\\\".\n\n    # chown smithj /home/smithj/.[^.]*\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72029\"\n  tag rid: \"SV-86653r3_rule\"\n  tag stig_id: \"RHEL-07-020690\"\n  tag fix_id: \"F-78381r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -name '.*' -not -user #{user_info.username} -a -not -user root\").stdout.split(\"\\n\")\n  end\n  describe \"Files and Directories not owned by the user or root of the parent home directory\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Files and Directories not owned by the user or root of the parent home directory is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72417</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87041r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have the required
-        packages for multifactor authentication installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+        packages for multifactor authentication installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Using an authentication device, such as a CAC or token that is
         separate from the information system, ensures that even if the information
         system is compromised, that compromise will not affect credentials stored on
@@ -20464,14 +19564,14 @@ Files and Directories not owned by the user or root of the parent home directory
         This requirement only applies to components where this is specific to the
         function of the device or has the concept of an organizational user (e.g., VPN,
         proxy capability). This does not apply to authentication for the purpose of
-        configuring the device itself (management).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+        configuring the device itself (management).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system has the packages required for multifactor
 authentication installed.
 
@@ -20484,205 +19584,174 @@ esc-1.1.0-26.el7.noarch.rpm
 # yum list installed pam_pkcs11
 pam_pkcs11-0.6.2-14.el7.noarch.rpm
 
-If the &quot;esc&quot; and &quot;pam_pkcs11&quot; packages are not installed, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "esc" and "pam_pkcs11" packages are not installed, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement multifactor authentication by
 installing the required packages.
 
-Install the &quot;esc&quot; and &quot;pam_pkcs11&quot; packages on the system with the
+Install the "esc" and "pam_pkcs11" packages on the system with the
 following command:
 
-# yum install esc pam_pkcs11</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3c10b862-ed3b-4f0c-b645-0db8206565c4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The package is expected to be installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package nss-pam-ldapd&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package esc&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pam_pkcs11&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pam_krb5&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package opensc&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pcsc-lite-ccid&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package gdm&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package authconfig-gtk&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package krb5-workstation&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package krb5-pkinit&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pcsc-lite&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pcsc-lite-libs&#x60; is installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73177</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000424-GPOS-00188</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87829r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+# yum install esc pam_pkcs11</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72417\" do\n  title \"The Red Hat Enterprise Linux operating system must have the required\n        packages for multifactor authentication installed.\"\n\n  desc  \"Using an authentication device, such as a CAC or token that is\n        separate from the information system, ensures that even if the information\n        system is compromised, that compromise will not affect credentials stored on\n        the authentication device.\n\n        Multifactor solutions that require devices separate from information\n        systems gaining access include, for example, hardware tokens providing\n        time-based or challenge-response authenticators and smart cards such as the\n        U.S. Government Personal Identity Verification card and the DoD Common Access\n        Card.\n\n        A privileged account is defined as an information system account with\n        authorizations of a privileged user.\n\n        Remote access is access to DoD nonpublic information systems by an\n        authorized user (or an information system) communicating through an external,\n        non-organization-controlled network. Remote access methods include, for\n        example, dial-up, broadband, and wireless.\n\n        This requirement only applies to components where this is specific to the\n        function of the device or has the concept of an organizational user (e.g., VPN,\n        proxy capability). This does not apply to authentication for the purpose of\n        configuring the device itself (management).\"\n\n  desc  \"check\", \"\n        Verify the operating system has the packages required for multifactor\n        authentication installed.\n\n        Check for the presence of the packages required to support multifactor\n        authentication with the following commands:\n\n        # yum list installed esc\n        esc-1.1.0-26.el7.noarch.rpm\n\n        # yum list installed pam_pkcs11\n        pam_pkcs11-0.6.2-14.el7.noarch.rpm\n\n        If the \\\"esc\\\" and \\\"pam_pkcs11\\\" packages are not installed, this is a\n        finding.\"\n\n  desc  \"fix\", \"\n        Configure the operating system to implement multifactor authentication by\n        installing the required packages.\n\n        Install the \\\"esc\\\" and \\\"pam_pkcs11\\\" packages on the system with the\n        following command:\n\n        # yum install esc pam_pkcs11\"\n\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00160\", \"SRG-OS-000375-GPOS-00161\", \"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-72417\"\n  tag rid: \"SV-87041r4_rule\"\n  tag stig_id: \"RHEL-07-041001\"\n  tag fix_id: \"F-78769r4_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\", \"Rev_4\"]\n\n  mfa_pkg_list = input('mfa_pkg_list')\n  smart_card_status = input('smart_card_status')\n\n  if smart_card_status.eql?('disabled')\n    impact 0.0\n    describe \"The system is not smartcard enabled thus this control is Not Applicable\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.\"\n    end \n  elsif mfa_pkg_list.empty?\n    describe \"The required Smartcard packages have not beed defined, plese define them in your `inputs`.\" do\n      subjec { mfa_pkg_list }\n      it { should_not be_empty }\n    end\n  else\n    mfa_pkg_list.each do |pkg|\n      describe \"The package\" do\n        subject { package(\"#{pkg}\") }\n        it { should be_installed }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The package is expected to be installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package nss-pam-ldapd` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package esc` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pam_pkcs11` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pam_krb5` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package opensc` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pcsc-lite-ccid` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package gdm` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package authconfig-gtk` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package krb5-workstation` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package krb5-pkinit` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pcsc-lite` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pcsc-lite-libs` is installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73177</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000424-GPOS-00188</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87829r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all wireless network adapters are disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all wireless network adapters are disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of wireless networking can introduce many different attack
-vectors into the organization&#39;s network. Common attack vectors such as
+vectors into the organization's network. Common attack vectors such as
 malicious association and ad hoc networks will allow an attacker to spoof a
 wireless access point (AP), allowing validated systems to connect to the
 malicious AP and enabling the attacker to monitor and record network traffic.
 These malicious APs can also serve to create a man-in-the-middle attack or be
-used to create a denial of service to valid network resources.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+used to create a denial of service to valid network resources.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that there are no wireless interfaces configured on the system.
 
-    This is N&#x2F;A for systems that do not have wireless network adapters.
+    This is N/A for systems that do not have wireless network adapters.
 
     Check for the presence of active wireless interfaces with the following
 command:
@@ -20695,437 +19764,420 @@ command:
 
     If a wireless interface is configured and its use on the system is not
 documented with the Information System Security Officer (ISSO), this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to disable all wireless network interfaces with the
 following command:
 
-    #nmcli radio wifi off</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1f4900d7-9beb-4c7b-9b14-fac55a316407</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001443</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001444</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;nmcli device&#x60; stdout.strip is expected not to match &#x2F;wifi connected&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72027</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86651r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020680</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    #nmcli radio wifi off</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73177\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all wireless network adapters are disabled.\"\n  desc  \"The use of wireless networking can introduce many different attack\nvectors into the organization's network. Common attack vectors such as\nmalicious association and ad hoc networks will allow an attacker to spoof a\nwireless access point (AP), allowing validated systems to connect to the\nmalicious AP and enabling the attacker to monitor and record network traffic.\nThese malicious APs can also serve to create a man-in-the-middle attack or be\nused to create a denial of service to valid network resources.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that there are no wireless interfaces configured on the system.\n\n    This is N/A for systems that do not have wireless network adapters.\n\n    Check for the presence of active wireless interfaces with the following\ncommand:\n\n    # nmcli device\n    DEVICE TYPE STATE\n    eth0 ethernet connected\n    wlp3s0 wifi disconnected\n    lo loopback unmanaged\n\n    If a wireless interface is configured and its use on the system is not\ndocumented with the Information System Security Officer (ISSO), this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to disable all wireless network interfaces with the\nfollowing command:\n\n    #nmcli radio wifi off\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000424-GPOS-00188\"\n  tag gid: \"V-73177\"\n  tag rid: \"SV-87829r2_rule\"\n  tag stig_id: \"RHEL-07-041010\"\n  tag fix_id: \"F-79623r1_fix\"\n  tag cci: [\"CCI-001443\", \"CCI-001444\", \"CCI-002418\"]\n  tag nist: [\"AC-18 (1)\", \"AC-18 (1)\", \"SC-8\", \"Rev_4\"]\n\n  describe command('nmcli device') do\n    its('stdout.strip') { should_not match %r{wifi connected} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001443</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001444</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `nmcli device` stdout.strip is expected not to match /wifi connected/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72027</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86651r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020680</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all files and directories contained in local interactive user home
-directories have a mode of 0750 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directories have a mode of 0750 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a local interactive user files have excessive permissions,
-unintended users may be able to access or modify them.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unintended users may be able to access or modify them.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories contained in a local interactive user home
-directory, excluding local initialization files, have a mode of &quot;0750&quot;.
+directory, excluding local initialization files, have a mode of "0750".
 
     Check the mode of all non-initialization files in a local interactive user
 home directory with the following command:
 
-    Files that begin with a &quot;.&quot; are excluded from this requirement.
+    Files that begin with a "." are excluded from this requirement.
 
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj".
 
-    # ls -lLR &#x2F;home&#x2F;smithj
+    # ls -lLR /home/smithj
     -rwxr-x--- 1 smithj smithj  18 Mar  5 17:06 file1
     -rwxr----- 1 smithj smithj 193 Mar  5 17:06 file2
     -rw-r-x--- 1 smithj smithj 231 Mar  5 17:06 file3
 
-    If any files are found with a mode more permissive than &quot;0750&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any files are found with a mode more permissive than "0750", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the mode on files and directories in the local interactive user home
 directory with the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and is a member of the users group.
-
-    # chmod 0750 &#x2F;home&#x2F;smithj&#x2F;&lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>298b387f-cc92-446e-960d-8bcb499964c4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72155</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86779r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030660</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj" and is a member of the users group.
+
+    # chmod 0750 /home/smithj/&lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72027\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories contained in local interactive user home\ndirectories have a mode of 0750 or less permissive.\"\n  desc  \"If a local interactive user files have excessive permissions,\nunintended users may be able to access or modify them.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories contained in a local interactive user home\ndirectory, excluding local initialization files, have a mode of \\\"0750\\\".\n\n    Check the mode of all non-initialization files in a local interactive user\nhome directory with the following command:\n\n    Files that begin with a \\\".\\\" are excluded from this requirement.\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -lLR /home/smithj\n    -rwxr-x--- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rwxr----- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r-x--- 1 smithj smithj 231 Mar  5 17:06 file3\n\n    If any files are found with a mode more permissive than \\\"0750\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Set the mode on files and directories in the local interactive user home\ndirectory with the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\" and is a member of the users group.\n\n    # chmod 0750 /home/smithj/&lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72027\"\n  tag rid: \"SV-86651r2_rule\"\n  tag stig_id: \"RHEL-07-020680\"\n  tag fix_id: \"F-78379r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -xdev ! -name '.*' -perm /027 ! -type l\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories with excessive permissions\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72155</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86779r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030660</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chage command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chage command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chage&quot; command occur.
+successful/unsuccessful attempts to use the "chage" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;chage &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/chage /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chage&quot; command occur.
+successful/unsuccessful attempts to use the "chage" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2349fcc0-892b-4665-a79d-e2aef7b750f7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chage&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chage&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71905</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000070-GPOS-00038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86529r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72155\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chage command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chage\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/chage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chage\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72155\"\n  tag rid: \"SV-86779r5_rule\"\n  tag stig_id: \"RHEL-07-030660\"\n  tag fix_id: \"F-78507r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/chage'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/chage" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/chage" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71905</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000070-GPOS-00038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86529r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, the new
-password must contain at least one lower-case character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+password must contain at least one lower-case character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -21134,492 +20186,474 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: The value to require a number of lower-case characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;lcredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "lcredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep lcredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    lcredit &#x3D; -1
+    # grep lcredit /etc/security/pwquality.conf
+    lcredit = -1
 
-    If the value of &quot;lcredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "lcredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to require at least one lower-case character when
 creating or changing a password.
 
     Add or modify the following line
-    in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;:
-
-    lcredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>83e09e31-8a98-41bc-ac42-ff195ea24521</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf lcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72281</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86905r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    in "/etc/security/pwquality.conf":
+
+    lcredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71905\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, the new\npassword must contain at least one lower-case character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Note: The value to require a number of lower-case characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"lcredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep lcredit /etc/security/pwquality.conf\n    lcredit = -1\n\n    If the value of \\\"lcredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to require at least one lower-case character when\ncreating or changing a password.\n\n    Add or modify the following line\n    in \\\"/etc/security/pwquality.conf\\\":\n\n    lcredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000070-GPOS-00038\"\n  tag gid: \"V-71905\"\n  tag rid: \"SV-86529r5_rule\"\n  tag stig_id: \"RHEL-07-010130\"\n  tag fix_id: \"F-78257r6_fix\"\n  tag cci: [\"CCI-000193\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('lcredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf lcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72281</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86905r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For Red Hat Enterprise Linux operating systems using DNS resolution,
-at least two name servers must be configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+at least two name servers must be configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To provide availability for name resolution services, multiple
 redundant name servers are mandated. A failure in name resolution could lead to
 the failure of security functions requiring name resolution, which may include
-time synchronization, centralized authentication, and remote system logging.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+time synchronization, centralized authentication, and remote system logging.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Determine whether the system is using local or DNS name resolution with the
 following command:
 
-    # grep hosts &#x2F;etc&#x2F;nsswitch.conf
+    # grep hosts /etc/nsswitch.conf
     hosts:   files dns
 
-    If the DNS entry is missing from the host&#39;s line in the
-&quot;&#x2F;etc&#x2F;nsswitch.conf&quot; file, the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file must be empty.
+    If the DNS entry is missing from the host's line in the
+"/etc/nsswitch.conf" file, the "/etc/resolv.conf" file must be empty.
 
-    Verify the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file is empty with the following command:
+    Verify the "/etc/resolv.conf" file is empty with the following command:
 
-    # ls -al &#x2F;etc&#x2F;resolv.conf
+    # ls -al /etc/resolv.conf
     -rw-r--r--  1 root root        0 Aug 19 08:31 resolv.conf
 
-    If local host authentication is being used and the &quot;&#x2F;etc&#x2F;resolv.conf&quot;
+    If local host authentication is being used and the "/etc/resolv.conf"
 file is not empty, this is a finding.
 
-    If the DNS entry is found on the host&#39;s line of the &quot;&#x2F;etc&#x2F;nsswitch.conf&quot;
+    If the DNS entry is found on the host's line of the "/etc/nsswitch.conf"
 file, verify the operating system is configured to use two or more name servers
 for DNS resolution.
 
     Determine the name servers used by the system with the following command:
 
-    # grep nameserver &#x2F;etc&#x2F;resolv.conf
+    # grep nameserver /etc/resolv.conf
     nameserver 192.168.1.2
     nameserver 192.168.1.3
 
     If less than two lines are returned that are not commented out, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to use two or more name servers for DNS
 resolution.
 
-    Edit the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file to uncomment or add the two or more
-&quot;nameserver&quot; option lines with the IP address of local authoritative name
-servers. If local host resolution is being performed, the &quot;&#x2F;etc&#x2F;resolv.conf&quot;
-file must be empty. An empty &quot;&#x2F;etc&#x2F;resolv.conf&quot; file can be created as
+    Edit the "/etc/resolv.conf" file to uncomment or add the two or more
+"nameserver" option lines with the IP address of local authoritative name
+servers. If local host resolution is being performed, the "/etc/resolv.conf"
+file must be empty. An empty "/etc/resolv.conf" file can be created as
 follows:
 
-    # echo -n &gt; &#x2F;etc&#x2F;resolv.conf
+    # echo -n &gt; /etc/resolv.conf
 
     And then make the file immutable with the following command:
 
-    # chattr +i &#x2F;etc&#x2F;resolv.conf
+    # chattr +i /etc/resolv.conf
 
-    If the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file must be mutable, the required
+    If the "/etc/resolv.conf" file must be mutable, the required
 configuration must be documented with the Information System Security Officer
-(ISSO) and the file must be verified by the system file integrity tool.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3ea1dec2-bd6b-48eb-905a-2bd78121ed07</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The system&#39;s nameservers: [&quot;nameserver 172.31.0.2&quot;] is expected not to equal nil
---------------------------------
-passed
-The number of nameservers is expected to cmp &gt;&#x3D; 2
-
-expected it to be &gt;&#x3D; 2
+(ISSO) and the file must be verified by the system file integrity tool.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72281\" do\n  title \"For Red Hat Enterprise Linux operating systems using DNS resolution,\nat least two name servers must be configured.\"\n  desc  \"To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Determine whether the system is using local or DNS name resolution with the\nfollowing command:\n\n    # grep hosts /etc/nsswitch.conf\n    hosts:   files dns\n\n    If the DNS entry is missing from the host's line in the\n\\\"/etc/nsswitch.conf\\\" file, the \\\"/etc/resolv.conf\\\" file must be empty.\n\n    Verify the \\\"/etc/resolv.conf\\\" file is empty with the following command:\n\n    # ls -al /etc/resolv.conf\n    -rw-r--r--  1 root root        0 Aug 19 08:31 resolv.conf\n\n    If local host authentication is being used and the \\\"/etc/resolv.conf\\\"\nfile is not empty, this is a finding.\n\n    If the DNS entry is found on the host's line of the \\\"/etc/nsswitch.conf\\\"\nfile, verify the operating system is configured to use two or more name servers\nfor DNS resolution.\n\n    Determine the name servers used by the system with the following command:\n\n    # grep nameserver /etc/resolv.conf\n    nameserver 192.168.1.2\n    nameserver 192.168.1.3\n\n    If less than two lines are returned that are not commented out, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to use two or more name servers for DNS\nresolution.\n\n    Edit the \\\"/etc/resolv.conf\\\" file to uncomment or add the two or more\n\\\"nameserver\\\" option lines with the IP address of local authoritative name\nservers. If local host resolution is being performed, the \\\"/etc/resolv.conf\\\"\nfile must be empty. An empty \\\"/etc/resolv.conf\\\" file can be created as\nfollows:\n\n    # echo -n &gt; /etc/resolv.conf\n\n    And then make the file immutable with the following command:\n\n    # chattr +i /etc/resolv.conf\n\n    If the \\\"/etc/resolv.conf\\\" file must be mutable, the required\nconfiguration must be documented with the Information System Security Officer\n(ISSO) and the file must be verified by the system file integrity tool.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72281\"\n  tag rid: \"SV-86905r2_rule\"\n  tag stig_id: \"RHEL-07-040600\"\n  tag fix_id: \"F-78635r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  dns_in_host_line = parse_config_file(\"/etc/nsswitch.conf\",\n    {\n      comment_char: '#',\n      assignment_regex: /^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/,\n    }\n  ).params['hosts'].include?('dns')\n\n  describe \"If `local` resolution is being used, a `hosts` entry in /etc/nsswitch.conf having `dns`\" do\n    subject { dns_in_host_line }\n    it { should be false }\n  end if !dns_in_host_line\n\n  describe \"If `local` resoultion is being used, the /etc/resolv.conf file should\" do\n    subject { parse_config_file(\"/etc/resolv.conf\", { comment_char: '#'}).params }\n    it { should be_empty }\n  end if !dns_in_host_line\n\n  nameservers = parse_config_file(\"/etc/resolv.conf\",\n    { comment_char: '#'}\n  ).params.keys.grep(/nameserver/)\n\n  describe \"The system's nameservers: #{nameservers}\" do\n  subject { nameservers }\n    it { should_not be nil }\n  end if dns_in_host_line\n\n  describe \"The number of nameservers\" do\n  subject { nameservers.count }\n    it { should cmp &gt;= 2 }\n  end if dns_in_host_line\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The system's nameservers: ["nameserver 172.31.0.2"] is expected not to equal nil
+--------------------------------
+passed :: TEST The number of nameservers is expected to cmp &gt;= 2 :: MESSAGE 
+expected it to be &gt;= 2
      got: 1
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77825</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92521r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77825</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92521r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement virtual
-address space randomization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+address space randomization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Address space layout randomization (ASLR) makes it more difficult for
 an attacker to predict the location of attack code he or she has introduced
-into a process&#39;s address space during an attempt at exploitation. Additionally,
+into a process's address space during an attempt at exploitation. Additionally,
 ASLR also makes it more difficult for an attacker to know the location of
 existing code in order to repurpose it using return-oriented programming (ROP)
-techniques.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+techniques.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements virtual address space randomization.
 
-    # grep kernel.randomize_va_space &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep kernel.randomize_va_space /etc/sysctl.conf /etc/sysctl.d/*
 
-    kernel.randomize_va_space &#x3D; 2
+    kernel.randomize_va_space = 2
 
-    If &quot;kernel.randomize_va_space&quot; is not configured in the &#x2F;etc&#x2F;sysctl.conf
-file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out or does not have a
-value of &quot;2&quot;, this is a finding.
+    If "kernel.randomize_va_space" is not configured in the /etc/sysctl.conf
+file or in the /etc/sysctl.d/ directory, is commented out or does not have a
+value of "2", this is a finding.
 
     Check that the operating system implements virtual address space
 randomization with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep kernel.randomize_va_space
+    # /sbin/sysctl -a | grep kernel.randomize_va_space
 
-    kernel.randomize_va_space &#x3D; 2
+    kernel.randomize_va_space = 2
 
-    If &quot;kernel.randomize_va_space&quot; does not have a value of &quot;2&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "kernel.randomize_va_space" does not have a value of "2", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system implement virtual address space
 randomization.
 
     Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a config file in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory
+line to "/etc/sysctl.conf" or a config file in the /etc/sysctl.d/ directory
 (or modify the line to have the required value):
 
-    kernel.randomize_va_space &#x3D; 2
+    kernel.randomize_va_space = 2
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a89f5d3b-d3b7-4f57-a5f8-cfd27cddc03f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter kernel.randomize_va_space value is expected to eq 2</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77821</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000378-GPOS-00163</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92517r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-77825\" do\n  title \"The Red Hat Enterprise Linux operating system must implement virtual\naddress space randomization.\"\n  desc  \"Address space layout randomization (ASLR) makes it more difficult for\nan attacker to predict the location of attack code he or she has introduced\ninto a process's address space during an attempt at exploitation. Additionally,\nASLR also makes it more difficult for an attacker to know the location of\nexisting code in order to repurpose it using return-oriented programming (ROP)\ntechniques.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements virtual address space randomization.\n\n    # grep kernel.randomize_va_space /etc/sysctl.conf /etc/sysctl.d/*\n\n    kernel.randomize_va_space = 2\n\n    If \\\"kernel.randomize_va_space\\\" is not configured in the /etc/sysctl.conf\nfile or in the /etc/sysctl.d/ directory, is commented out or does not have a\nvalue of \\\"2\\\", this is a finding.\n\n    Check that the operating system implements virtual address space\nrandomization with the following command:\n\n    # /sbin/sysctl -a | grep kernel.randomize_va_space\n\n    kernel.randomize_va_space = 2\n\n    If \\\"kernel.randomize_va_space\\\" does not have a value of \\\"2\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system implement virtual address space\nrandomization.\n\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a config file in the /etc/sysctl.d/ directory\n(or modify the line to have the required value):\n\n    kernel.randomize_va_space = 2\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-77825\"\n  tag rid: \"SV-92521r2_rule\"\n  tag stig_id: \"RHEL-07-040201\"\n  tag fix_id: \"F-84531r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  randomize_va_space = input('randomize_va_space')\n\n  describe kernel_parameter('kernel.randomize_va_space') do\n    its('value') { should eq randomize_va_space }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter kernel.randomize_va_space value is expected to eq 2</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77821</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000378-GPOS-00163</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92517r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the Datagram Congestion Control Protocol (DCCP) kernel module is disabled
-unless required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unless required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Disabling DCCP protects the system against exploitation of any flaws
-in the protocol implementation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+in the protocol implementation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system disables the ability to load the DCCP kernel
 module.
 
-    # grep -r dccp &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;&#x2F;bin&#x2F;true&quot; | grep -v &quot;^#&quot;
+    # grep -r dccp /etc/modprobe.d/* | grep -i "/bin/true" | grep -v "^#"
 
-    install dccp &#x2F;bin&#x2F;true
+    install dccp /bin/true
 
     If the command does not return any output, or the line is commented out,
 and use of DCCP is not documented with the Information System Security Officer
@@ -21631,594 +20665,570 @@ module.
     Check to see if the DCCP kernel module is disabled with the following
 command:
 
-    # grep -i dccp &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;blacklist&quot; | grep -v &quot;^#&quot;
+    # grep -i dccp /etc/modprobe.d/* | grep -i "blacklist" | grep -v "^#"
 
     blacklist dccp
 
-    If the command does not return any output or the output is not &quot;blacklist
-dccp&quot;, and use of the dccp kernel module is not documented with the
+    If the command does not return any output or the output is not "blacklist
+dccp", and use of the dccp kernel module is not documented with the
 Information System Security Officer (ISSO) as an operational requirement, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable the ability to use the DCCP
 kernel module.
 
-    Create a file under &quot;&#x2F;etc&#x2F;modprobe.d&quot; with the following command:
+    Create a file under "/etc/modprobe.d" with the following command:
 
-    # touch &#x2F;etc&#x2F;modprobe.d&#x2F;dccp.conf
+    # touch /etc/modprobe.d/dccp.conf
 
     Add the following line to the created file:
 
-    install dccp &#x2F;bin&#x2F;true
+    install dccp /bin/true
 
     Ensure that the DCCP module is blacklisted:
 
-    # vi &#x2F;etc&#x2F;modprobe.d&#x2F;blacklist.conf
+    # vi /etc/modprobe.d/blacklist.conf
 
     Add or update the line:
 
-    blacklist dccp</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>af2ab556-3e92-46c3-a7cd-3a39b76823a3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Module dccp is expected not to be loaded
---------------------------------
-passed
-Kernel Module dccp is expected to be blacklisted</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86643r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020640</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    blacklist dccp</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-77821\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the Datagram Congestion Control Protocol (DCCP) kernel module is disabled\nunless required.\"\n  desc  \"Disabling DCCP protects the system against exploitation of any flaws\nin the protocol implementation.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system disables the ability to load the DCCP kernel\nmodule.\n\n    # grep -r dccp /etc/modprobe.d/* | grep -i \\\"/bin/true\\\" | grep -v \\\"^#\\\"\n\n    install dccp /bin/true\n\n    If the command does not return any output, or the line is commented out,\nand use of DCCP is not documented with the Information System Security Officer\n(ISSO) as an operational requirement, this is a finding.\n\n    Verify the operating system disables the ability to use the DCCP kernel\nmodule.\n\n    Check to see if the DCCP kernel module is disabled with the following\ncommand:\n\n    # grep -i dccp /etc/modprobe.d/* | grep -i \\\"blacklist\\\" | grep -v \\\"^#\\\"\n\n    blacklist dccp\n\n    If the command does not return any output or the output is not \\\"blacklist\ndccp\\\", and use of the dccp kernel module is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable the ability to use the DCCP\nkernel module.\n\n    Create a file under \\\"/etc/modprobe.d\\\" with the following command:\n\n    # touch /etc/modprobe.d/dccp.conf\n\n    Add the following line to the created file:\n\n    install dccp /bin/true\n\n    Ensure that the DCCP module is blacklisted:\n\n    # vi /etc/modprobe.d/blacklist.conf\n\n    Add or update the line:\n\n    blacklist dccp\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000378-GPOS-00163\"\n  tag gid: \"V-77821\"\n  tag rid: \"SV-92517r3_rule\"\n  tag stig_id: \"RHEL-07-020101\"\n  tag fix_id: \"F-84521r3_fix\"\n  tag cci: [\"CCI-001958\"]\n  tag nist: [\"IA-3\", \"Rev_4\"]\n\n  describe kernel_module('dccp') do\n    it { should_not be_loaded }\n    it { should be_blacklisted }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Module dccp is expected not to be loaded
+--------------------------------
+passed :: TEST Kernel Module dccp is expected to be blacklisted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72019</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86643r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020640</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user home directories are owned by their respective
-users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a local interactive user does not own their home directory,
-unauthorized users could access or modify the user&#39;s files, and the users may
-not be able to access their own files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized users could access or modify the user's files, and the users may
+not be able to access their own files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users on the
 system exists.
 
     Check the home directory assignment for all local interactive users on the
 system with the following command:
 
-    # ls -ld $(egrep &#39;:[0-9]{4}&#39; &#x2F;etc&#x2F;passwd | cut -d: -f6)
+    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)
 
-    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 &#x2F;home&#x2F;smithj
+    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
 
-    If any home directories referenced in &quot;&#x2F;etc&#x2F;passwd&quot; are not owned by the
-interactive user, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the owner of a local interactive user&#39;s home directories to that
-owner. To change the owner of a local interactive user&#39;s home directory, use
+    If any home directories referenced in "/etc/passwd" are not owned by the
+interactive user, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the owner of a local interactive user's home directories to that
+owner. To change the owner of a local interactive user's home directory, use
 the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chown smithj &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bf162056-a4a3-4e37-9606-ffd8092d4dc1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Directory &#x2F;root is expected to exist
---------------------------------
-passed
-Directory &#x2F;root owner is expected to eq &quot;root&quot;
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user is expected to exist
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user owner is expected to eq &quot;ec2-user&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71925</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86549r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj".
+
+    # chown smithj /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72019\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories are owned by their respective\nusers.\"\n  desc  \"If a local interactive user does not own their home directory,\nunauthorized users could access or modify the user's files, and the users may\nnot be able to access their own files.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users on the\nsystem exists.\n\n    Check the home directory assignment for all local interactive users on the\nsystem with the following command:\n\n    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)\n\n    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj\n\n    If any home directories referenced in \\\"/etc/passwd\\\" are not owned by the\ninteractive user, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the owner of a local interactive user's home directories to that\nowner. To change the owner of a local interactive user's home directory, use\nthe following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\".\n\n    # chown smithj /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72019\"\n  tag rid: \"SV-86643r5_rule\"\n  tag stig_id: \"RHEL-07-020640\"\n  tag fix_id: \"F-78371r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    describe directory(user_info.home) do\n      it { should exist }\n      its('owner') { should eq user_info.username }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Directory /root is expected to exist
+--------------------------------
+passed :: TEST Directory /root owner is expected to eq "root"
+--------------------------------
+passed :: TEST Directory /home/ec2-user is expected to exist
+--------------------------------
+passed :: TEST Directory /home/ec2-user owner is expected to eq "ec2-user"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71925</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86549r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords for new users are restricted to a 24 hours&#x2F;1 day minimum
-lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords for new users are restricted to a 24 hours/1 day minimum
+lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enforcing a minimum password lifetime helps to prevent repeated
 password changes to defeat the password reuse or history enforcement
 requirement. If users are allowed to immediately and continually change their
 password, the password could be repeatedly changed in a short period of time to
-defeat the organization&#39;s policy regarding password reuse.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the operating system enforces 24 hours&#x2F;1 day as the minimum password
+defeat the organization's policy regarding password reuse.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the operating system enforces 24 hours/1 day as the minimum password
 lifetime for new user accounts.
 
-    Check for the value of &quot;PASS_MIN_DAYS&quot; in &quot;&#x2F;etc&#x2F;login.defs&quot; with the
+    Check for the value of "PASS_MIN_DAYS" in "/etc/login.defs" with the
 following command:
 
-    # grep -i pass_min_days &#x2F;etc&#x2F;login.defs
+    # grep -i pass_min_days /etc/login.defs
     PASS_MIN_DAYS     1
 
-    If the &quot;PASS_MIN_DAYS&quot; parameter value is not &quot;1&quot; or greater, or is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the operating system to enforce 24 hours&#x2F;1 day as the minimum
+    If the "PASS_MIN_DAYS" parameter value is not "1" or greater, or is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the operating system to enforce 24 hours/1 day as the minimum
 password lifetime.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;login.defs&quot; (or modify the line to have
+    Add the following line in "/etc/login.defs" (or modify the line to have
 the required value):
 
-    PASS_MIN_DAYS     1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7a49c708-b30a-453a-ad5e-044506c1107b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs PASS_MIN_DAYS.to_i is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72247</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86871r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040370</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    PASS_MIN_DAYS     1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71925\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords for new users are restricted to a 24 hours/1 day minimum\nlifetime.\"\n  desc  \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces 24 hours/1 day as the minimum password\nlifetime for new user accounts.\n\n    Check for the value of \\\"PASS_MIN_DAYS\\\" in \\\"/etc/login.defs\\\" with the\nfollowing command:\n\n    # grep -i pass_min_days /etc/login.defs\n    PASS_MIN_DAYS     1\n\n    If the \\\"PASS_MIN_DAYS\\\" parameter value is not \\\"1\\\" or greater, or is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce 24 hours/1 day as the minimum\npassword lifetime.\n\n    Add the following line in \\\"/etc/login.defs\\\" (or modify the line to have\nthe required value):\n\n    PASS_MIN_DAYS     1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000075-GPOS-00043\"\n  tag gid: \"V-71925\"\n  tag rid: \"SV-86549r2_rule\"\n  tag stig_id: \"RHEL-07-010230\"\n  tag fix_id: \"F-78277r1_fix\"\n  tag cci: [\"CCI-000198\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  describe login_defs do\n    its('PASS_MIN_DAYS.to_i') { should cmp &gt;= 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs PASS_MIN_DAYS.to_i is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72247</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86871r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040370</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not permit direct
-logons to the root account using remote access via SSH.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+logons to the root account using remote access via SSH.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Even though the communications channel may be encrypted, an additional
 layer of security is gained by extending the policy of not logging on directly
 as root. In addition, logging on with a user-specific account provides
-individual accountability of actions performed on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+individual accountability of actions performed on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify remote access using SSH prevents users from logging on directly as
 root.
 
     Check that SSH prevents users from logging on directly as root with the
 following command:
 
-    # grep -i permitrootlogin &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i permitrootlogin /etc/ssh/sshd_config
     PermitRootLogin no
 
-    If the &quot;PermitRootLogin&quot; keyword is set to &quot;yes&quot;, is missing, or is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PermitRootLogin" keyword is set to "yes", is missing, or is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to stop users from logging on remotely as the root user.
 
-    Edit the appropriate  &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the
-line for the &quot;PermitRootLogin&quot; keyword and set its value to &quot;no&quot; (this file
+    Edit the appropriate  "/etc/ssh/sshd_config" file to uncomment or add the
+line for the "PermitRootLogin" keyword and set its value to "no" (this file
 may be named differently or be in a different location if using a version of
 SSH that is provided by a third-party vendor):
 
     PermitRootLogin no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b9a1c665-48f2-4353-be88-7dcaaacd0e07</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PermitRootLogin is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72091</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86715r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72247\" do\n  title \"The Red Hat Enterprise Linux operating system must not permit direct\nlogons to the root account using remote access via SSH.\"\n  desc  \"Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify remote access using SSH prevents users from logging on directly as\nroot.\n\n    Check that SSH prevents users from logging on directly as root with the\nfollowing command:\n\n    # grep -i permitrootlogin /etc/ssh/sshd_config\n    PermitRootLogin no\n\n    If the \\\"PermitRootLogin\\\" keyword is set to \\\"yes\\\", is missing, or is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to stop users from logging on remotely as the root user.\n\n    Edit the appropriate  \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the\nline for the \\\"PermitRootLogin\\\" keyword and set its value to \\\"no\\\" (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor):\n\n    PermitRootLogin no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72247\"\n  tag rid: \"SV-86871r3_rule\"\n  tag stig_id: \"RHEL-07-040370\"\n  tag fix_id: \"F-78601r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('PermitRootLogin') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PermitRootLogin is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72091</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86715r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must immediately notify
 the System Administrator (SA) and Information System Security Officer (ISSO)
 (at a minimum) via email when the threshold for the repository maximum audit
-record storage capacity is reached.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+record storage capacity is reached.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If security personnel are not notified immediately when the threshold
 for the repository maximum audit record storage capacity is reached, they are
-unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system immediately notifies the SA and ISSO (at a
 minimum) via email when the allocated audit record storage volume reaches 75
 percent of the repository maximum audit record storage capacity.
@@ -22227,160 +21237,155 @@ percent of the repository maximum audit record storage capacity.
 repository maximum audit record storage capacity is reached with the following
 command:
 
-    # grep -i space_left_action  &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    space_left_action &#x3D; email
+    # grep -i space_left_action  /etc/audit/auditd.conf
+    space_left_action = email
 
-    If the value of the &quot;space_left_action&quot; keyword is not set to &quot;email&quot;,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "space_left_action" keyword is not set to "email",
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to immediately notify the SA and ISSO (at a
 minimum) when the threshold for the repository maximum audit record storage
 capacity is reached.
 
-    Uncomment or edit the &quot;space_left_action&quot; keyword in
-&quot;&#x2F;etc&#x2F;audit&#x2F;auditd.conf&quot; and set it to &quot;email&quot;.
-
-    space_left_action &#x3D; email</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2b72475b-be67-4d98-9dcd-4b6473c9a871</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Audit Daemon Config space_left_action.downcase is expected to cmp &#x3D;&#x3D; &quot;email&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71963</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86587r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010490</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Uncomment or edit the "space_left_action" keyword in
+"/etc/audit/auditd.conf" and set it to "email".
+
+    space_left_action = email</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72091\" do\n  title \"The Red Hat Enterprise Linux operating system must immediately notify\nthe System Administrator (SA) and Information System Security Officer (ISSO)\n(at a minimum) via email when the threshold for the repository maximum audit\nrecord storage capacity is reached.\"\n  desc  \"If security personnel are not notified immediately when the threshold\nfor the repository maximum audit record storage capacity is reached, they are\nunable to expand the audit record storage capacity before records are lost.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system immediately notifies the SA and ISSO (at a\nminimum) via email when the allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity.\n\n    Check what action the operating system takes when the threshold for the\nrepository maximum audit record storage capacity is reached with the following\ncommand:\n\n    # grep -i space_left_action  /etc/audit/auditd.conf\n    space_left_action = email\n\n    If the value of the \\\"space_left_action\\\" keyword is not set to \\\"email\\\",\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to immediately notify the SA and ISSO (at a\nminimum) when the threshold for the repository maximum audit record storage\ncapacity is reached.\n\n    Uncomment or edit the \\\"space_left_action\\\" keyword in\n\\\"/etc/audit/auditd.conf\\\" and set it to \\\"email\\\".\n\n    space_left_action = email\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000343-GPOS-00134\"\n  tag gid: \"V-72091\"\n  tag rid: \"SV-86715r2_rule\"\n  tag stig_id: \"RHEL-07-030340\"\n  tag fix_id: \"F-78443r1_fix\"\n  tag cci: [\"CCI-001855\"]\n  tag nist: [\"AU-5 (1)\", \"Rev_4\"]\n\n  describe auditd_conf do\n    its('space_left_action.downcase') { should cmp 'email' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Audit Daemon Config space_left_action.downcase is expected to cmp == "email"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71963</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86587r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010490</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems prior to version 7.2 using
 Unified Extensible Firmware Interface (UEFI) must require authentication upon
-booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use BIOS, this is Not Applicable.
     For systems that are running RHEL 7.2 or newer, this is Not Applicable.
 
     Check to see if an encrypted root password is set. On systems that use
 UEFI, use the following command:
 
-    # grep -i password &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg
+    # grep -i password /boot/efi/EFI/redhat/grub.cfg
 
     password_pbkdf2 [superusers-account] [password-hash]
 
-    If the root password entry does not begin with &quot;password_pbkdf2&quot;, this is
+    If the root password entry does not begin with "password_pbkdf2", this is
 a finding.
 
-    If the &quot;superusers-account&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "superusers-account" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -22394,130 +21399,125 @@ a finding.
     PBKDF2 hash of your password is
 grub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45
 
-    Edit &quot;&#x2F;etc&#x2F;grub.d&#x2F;40_custom&quot; and add the following lines below the
+    Edit "/etc/grub.d/40_custom" and add the following lines below the
 comments:
 
-    # vi &#x2F;etc&#x2F;grub.d&#x2F;40_custom
+    # vi /etc/grub.d/40_custom
 
-    set superusers&#x3D;&quot;root&quot;
+    set superusers="root"
 
     password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}
 
-    Generate a new &quot;grub.conf&quot; file with the new password with the following
+    Generate a new "grub.conf" file with the new password with the following
 commands:
 
-    # grub2-mkconfig --output&#x3D;&#x2F;tmp&#x2F;grub2.cfg
-    # mv &#x2F;tmp&#x2F;grub2.cfg &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b0ecf8b5-c3d5-4b39-b1d4-a741f64f33a3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-EFI is not in use
-EFI is not in use so this control is NA</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72427</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87051r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041002</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grub2-mkconfig --output=/tmp/grub2.cfg
+    # mv /tmp/grub2.cfg /boot/efi/EFI/redhat/grub.cfg</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71963\" do\n  title \"Red Hat Enterprise Linux operating systems prior to version 7.2 using\nUnified Extensible Firmware Interface (UEFI) must require authentication upon\nbooting into single-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use BIOS, this is Not Applicable.\n    For systems that are running RHEL 7.2 or newer, this is Not Applicable.\n\n    Check to see if an encrypted root password is set. On systems that use\nUEFI, use the following command:\n\n    # grep -i password /boot/efi/EFI/redhat/grub.cfg\n\n    password_pbkdf2 [superusers-account] [password-hash]\n\n    If the root password entry does not begin with \\\"password_pbkdf2\\\", this is\na finding.\n\n    If the \\\"superusers-account\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-mkpasswd-pbkdf2\n\n    Enter Password:\n    Reenter Password:\n    PBKDF2 hash of your password is\ngrub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45\n\n    Edit \\\"/etc/grub.d/40_custom\\\" and add the following lines below the\ncomments:\n\n    # vi /etc/grub.d/40_custom\n\n    set superusers=\\\"root\\\"\n\n    password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}\n\n    Generate a new \\\"grub.conf\\\" file with the new password with the following\ncommands:\n\n    # grub2-mkconfig --output=/tmp/grub2.cfg\n    # mv /tmp/grub2.cfg /boot/efi/EFI/redhat/grub.cfg\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-71963\"\n  tag rid: \"SV-86587r4_rule\"\n  tag stig_id: \"RHEL-07-010490\"\n  tag fix_id: \"F-78315r3_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  os_minor_version = os().release.split('.')[1].to_i\n\n  # If OS version is 7.2 or later ONLY root is allowed\n  efi_superusers = os_minor_version &lt; 2 ? input('efi_superusers') : ['root']\n  # Also ensure that 'root' is in the list always\n  efi_superusers.push('root') if !efi_superusers.include?('root')\n  # Define the main cfg with the os name in the path to allow\n  # for this to work with RHEL variants (e.g. CentOS)\n  efi_main_cfg = \"/boot/efi/EFI/#{os().name}/grub.cfg\"\n\n  # If the main EFI config file does not exist this system is\n  # not using EFI and the control is NA\n  if !file(efi_main_cfg).exist?\n    impact 0.0\n    describe 'EFI is not in use' do\n      skip 'EFI is not in use so this control is NA'\n    end\n  # Ensure any superusers are configured with PBDKF2 passwords\n  else\n    efi_superusers.each do |user|\n      describe file(efi_main_cfg) do\n          its('content') { should match %r{^\\s*password_pbkdf2\\s+#{user} } }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST EFI is not in use :: SKIP_MESSAGE EFI is not in use so this control is NA</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72427</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87051r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041002</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
   multifactor authentication for access to privileged accounts via pluggable
-  authentication modules (PAM).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+  authentication modules (PAM).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Using an authentication device, such as a CAC or token that is
   separate from the information system, ensures that even if the information
   system is compromised, that compromise will not affect credentials stored on
@@ -22540,150 +21540,145 @@ EFI is not in use so this control is NA</FINDING_DETAILS>
       This requirement only applies to components where this is specific to the
   function of the device or has the concept of an organizational user (e.g., VPN,
   proxy capability). This does not apply to authentication for the purpose of
-  configuring the device itself (management).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+  configuring the device itself (management).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements multifactor authentication for
 remote access to privileged accounts via pluggable authentication modules (PAM).
 
-    Check the &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot; file for the authentication services that
+    Check the "/etc/sssd/sssd.conf" file for the authentication services that
 are being used with the following command:
 
-    # grep services &#x2F;etc&#x2F;sssd&#x2F;sssd.conf &#x2F;etc&#x2F;sssd&#x2F;conf.d&#x2F;*.conf
+    # grep services /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf
 
-    services &#x3D; nss, pam
+    services = nss, pam
 
-    If the &quot;pam&quot; service is not present on all &quot;services&quot; lines, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "pam" service is not present on all "services" lines, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement multifactor authentication for
 remote access to privileged accounts via pluggable authentication modules (PAM).
 
-    Modify all of the services lines in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot; or in
-configuration files found under &quot;&#x2F;etc&#x2F;sssd&#x2F;conf.d&quot; to include pam.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fc8a1fca-385c-4157-bd68-924ca0653b2c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -i -E &#39;services( )*&#x3D;( )*(.+*)pam&#39; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf&#x60; stdout.strip is expected to include &quot;pam&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72221</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86845r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Modify all of the services lines in "/etc/sssd/sssd.conf" or in
+configuration files found under "/etc/sssd/conf.d" to include pam.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72427\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\n  multifactor authentication for access to privileged accounts via pluggable\n  authentication modules (PAM).\"\n  desc  \"Using an authentication device, such as a CAC or token that is\n  separate from the information system, ensures that even if the information\n  system is compromised, that compromise will not affect credentials stored on\n  the authentication device.\n\n      Multifactor solutions that require devices separate from information\n  systems gaining access include, for example, hardware tokens providing\n  time-based or challenge-response authenticators and smart cards such as the\n  U.S. Government Personal Identity Verification card and the DoD Common Access\n  Card.\n\n      A privileged account is defined as an information system account with\n  authorizations of a privileged user.\n\n      Remote access is access to DoD nonpublic information systems by an\n  authorized user (or an information system) communicating through an external,\n  non-organization-controlled network. Remote access methods include, for\n  example, dial-up, broadband, and wireless.\n\n      This requirement only applies to components where this is specific to the\n  function of the device or has the concept of an organizational user (e.g., VPN,\n  proxy capability). This does not apply to authentication for the purpose of\n  configuring the device itself (management).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements multifactor authentication for\n    remote access to privileged accounts via pluggable authentication modules (PAM).\n\n        Check the \\\"/etc/sssd/sssd.conf\\\" file for the authentication services that\n    are being used with the following command:\n\n        # grep services /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf\n\n        services = nss, pam\n\n        If the \\\"pam\\\" service is not present on all \\\"services\\\" lines, this is a\n    finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement multifactor authentication for\n    remote access to privileged accounts via pluggable authentication modules (PAM).\n\n        Modify all of the services lines in \\\"/etc/sssd/sssd.conf\\\" or in\n    configuration files found under \\\"/etc/sssd/conf.d\\\" to include pam.\"\n\n  impact 0.5  \n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00160\", \"SRG-OS-000375-GPOS-00161\",\n\"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-72427\"\n  tag rid: \"SV-87051r4_rule\"\n  tag stig_id: \"RHEL-07-041002\"\n  tag fix_id: \"F-78779r3_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\", \"Rev_4\"]\n\n  unless package('sssd').installed?\n    impact 0.0\n    describe \"The SSSD Package is not installed on the system\" do\n      skip \"This control is Not Appliciable without the SSSD Package installed.\"\n    end\n  else\n    if (!(sssd_files = command(\"find /etc/sssd -name *.conf\").stdout.split(\"\\n\")).empty?)\n      sssd_files.each do |file|\n        describe.one do\n          describe parse_config_file(file) do\n            its('services') { should include 'pam' }\n          end if package('sssd').installed?\n          describe command(\"grep -i -E 'services(\\s)*=(\\s)*(.+*)pam' #{file}\") do\n            its('stdout.strip') { should include 'pam' }\n          end if package('sssd').installed?\n        end if package('sssd').installed?\n      end\n    else\n      describe \"The set of SSSD configuration files\" do\n          subject { sssd_files.to_a }\n          it { should_not be_empty }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -i -E 'services( )*=( )*(.+*)pam' /etc/sssd/sssd.conf` stdout.strip is expected to include "pam"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72221</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86845r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a FIPS 140-2
-approved cryptographic algorithm for SSH communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+approved cryptographic algorithm for SSH communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unapproved mechanisms that are used for authentication to the
 cryptographic module are not verified and therefore cannot be relied upon to
 provide confidentiality or integrity, and DoD data may be compromised.
@@ -22694,14 +21689,14 @@ mechanisms for authenticating to cryptographic modules.
     FIPS 140-2 is the current standard for validating that mechanisms used to
 access cryptographic modules utilize authentication that meets DoD
 requirements. This allows for Security Levels 1, 2, 3, or 4 for use on a
-general purpose computing system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+general purpose computing system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system uses mechanisms meeting the requirements of
 applicable federal laws, Executive orders, directives, policies, regulations,
 standards, and guidance for authentication to a cryptographic module.
@@ -22710,516 +21705,487 @@ standards, and guidance for authentication to a cryptographic module.
 the system cannot implement FIPS 140-2-approved cryptographic algorithms and
 hashes.
 
-    The location of the &quot;sshd_config&quot; file may vary if a different daemon is
+    The location of the "sshd_config" file may vary if a different daemon is
 in use.
 
-    Inspect the &quot;Ciphers&quot; configuration with the following command:
+    Inspect the "Ciphers" configuration with the following command:
 
-    # grep -i ciphers &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i ciphers /etc/ssh/sshd_config
     Ciphers aes128-ctr,aes192-ctr,aes256-ctr
 
-    If any ciphers other than &quot;aes128-ctr&quot;, &quot;aes192-ctr&quot;, or &quot;aes256-ctr&quot;
-are listed, the &quot;Ciphers&quot; keyword is missing, or the returned line is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any ciphers other than "aes128-ctr", "aes192-ctr", or "aes256-ctr"
+are listed, the "Ciphers" keyword is missing, or the returned line is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to use FIPS 140-2 approved cryptographic algorithms.
 
     Add the following line (or modify the line to have the required value) to
-the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file (this file may be named differently or be in
+the "/etc/ssh/sshd_config" file (this file may be named differently or be in
 a different location if using a version of SSH that is provided by a
 third-party vendor).
 
     Ciphers aes128-ctr,aes192-ctr,aes256-ctr
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f9139ba5-0a28-4baf-8c59-eb3b01b5857a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000803</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-[&quot;aes128-ctr&quot;, &quot;aes192-ctr&quot;, &quot;aes256-ctr&quot;] is expected to be in &quot;aes128-ctr&quot;, &quot;aes192-ctr&quot;, and &quot;aes256-ctr&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72131</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86755r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030540</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72221\" do\n  title \"The Red Hat Enterprise Linux operating system must use a FIPS 140-2\napproved cryptographic algorithm for SSH communications.\"\n  desc  \"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    Operating systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral purpose computing system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system uses mechanisms meeting the requirements of\napplicable federal laws, Executive orders, directives, policies, regulations,\nstandards, and guidance for authentication to a cryptographic module.\n\n    Note: If RHEL-07-021350 is a finding, this is automatically a finding as\nthe system cannot implement FIPS 140-2-approved cryptographic algorithms and\nhashes.\n\n    The location of the \\\"sshd_config\\\" file may vary if a different daemon is\nin use.\n\n    Inspect the \\\"Ciphers\\\" configuration with the following command:\n\n    # grep -i ciphers /etc/ssh/sshd_config\n    Ciphers aes128-ctr,aes192-ctr,aes256-ctr\n\n    If any ciphers other than \\\"aes128-ctr\\\", \\\"aes192-ctr\\\", or \\\"aes256-ctr\\\"\nare listed, the \\\"Ciphers\\\" keyword is missing, or the returned line is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to use FIPS 140-2 approved cryptographic algorithms.\n\n    Add the following line (or modify the line to have the required value) to\nthe \\\"/etc/ssh/sshd_config\\\" file (this file may be named differently or be in\na different location if using a version of SSH that is provided by a\nthird-party vendor).\n\n    Ciphers aes128-ctr,aes192-ctr,aes256-ctr\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000033-GPOS-00014\"\n  tag satisfies: [\"SRG-OS-000033-GPOS-00014\", \"SRG-OS-000120-GPOS-00061\",\n\"SRG-OS-000125-GPOS-00065\", \"SRG-OS-000250-GPOS-00093\",\n\"SRG-OS-000393-GPOS-00173\"]\n  tag gid: \"V-72221\"\n  tag rid: \"SV-86845r3_rule\"\n  tag stig_id: \"RHEL-07-040110\"\n  tag fix_id: \"F-78575r3_fix\"\n  tag cci: [\"CCI-000068\", \"CCI-000366\", \"CCI-000803\"]\n  tag nist: [\"AC-17 (2)\", \"CM-6 b\", \"IA-7\", \"Rev_4\"]\n\n  @ciphers_array = inspec.sshd_config.params['ciphers']\n\n  unless @ciphers_array.nil?\n    @ciphers_array = @ciphers_array.first.split(\",\")\n  end\n\n  describe @ciphers_array do\n    it { should be_in ['aes128-ctr', 'aes192-ctr', 'aes256-ctr'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000803</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST ["aes128-ctr", "aes192-ctr", "aes256-ctr"] is expected to be in "aes128-ctr", "aes192-ctr", and "aes256-ctr"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72131</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86755r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030540</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the truncate syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the truncate syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;truncate&quot; syscall occur.
+successful/unsuccessful attempts to use the "truncate" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw truncate &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw truncate /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;truncate&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"truncate" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;truncate&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f7a6e3da-6ecc-4fb7-8655-449b9203e0d1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86823r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030880</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "truncate" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72131\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe truncate syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"truncate\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw truncate /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"truncate\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"truncate\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72131\"\n  tag rid: \"SV-86755r5_rule\"\n  tag stig_id: \"RHEL-07-030540\"\n  tag fix_id: \"F-78483r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"truncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"truncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"truncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"truncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86823r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030880</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the rename syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the rename syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rename&quot; syscall occur.
+successful/unsuccessful attempts to use the "rename" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw rename &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw rename /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;rename&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"rename" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rename&quot; syscall occur.
+successful/unsuccessful attempts to use the "rename" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>cd1ec92c-4f6a-4b16-b3d5-d40f7a3c30a1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72233</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86857r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72199\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe rename syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"rename\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw rename /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"rename\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"rename\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72199\"\n  tag rid: \"SV-86823r5_rule\"\n  tag stig_id: \"RHEL-07-030880\"\n  tag fix_id: \"F-78553r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"rename\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"rename\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "rename" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rename" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rename" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rename" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72233</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86857r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all networked systems have SSH installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all networked systems have SSH installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without protection of the transmitted information, confidentiality and
 integrity may be compromised because unprotected communications can be
 intercepted and either read or altered.
@@ -23235,310 +22201,298 @@ interception and modification.
 can be accomplished by physical means (e.g., employing physical distribution
 systems) or by logical means (e.g., employing cryptographic techniques). If
 physical means of protection are employed, logical means (cryptography) do not
-have to be employed, and vice versa.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+have to be employed, and vice versa.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check to see if sshd is installed with the following command:
 
 # yum list installed \*ssh\*
-libssh2.x86_64 1.4.3-8.el7 @anaconda&#x2F;7.1
-openssh.x86_64 6.6.1p1-11.el7 @anaconda&#x2F;7.1
-openssh-server.x86_64 6.6.1p1-11.el7 @anaconda&#x2F;7.1
-
-If the &quot;SSH server&quot; package is not installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+libssh2.x86_64 1.4.3-8.el7 @anaconda/7.1
+openssh.x86_64 6.6.1p1-11.el7 @anaconda/7.1
+openssh-server.x86_64 6.6.1p1-11.el7 @anaconda/7.1
+
+If the "SSH server" package is not installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install SSH packages onto the host with the following commands:
 
-# yum install openssh-server.x86_64</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0c4d033f-71bf-4346-8b5d-12eaf8ed7d05</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package openssh-server is expected to be installed
---------------------------------
-passed
-System Package openssh-clients is expected to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72011</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86635r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+# yum install openssh-server.x86_64</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72233\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all networked systems have SSH installed.\"\n  desc  \"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, logical means (cryptography) do not\nhave to be employed, and vice versa.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check to see if sshd is installed with the following command:\n\n    # yum list installed \\\\*ssh\\\\*\n    libssh2.x86_64 1.4.3-8.el7 @anaconda/7.1\n    openssh.x86_64 6.6.1p1-11.el7 @anaconda/7.1\n    openssh-server.x86_64 6.6.1p1-11.el7 @anaconda/7.1\n\n    If the \\\"SSH server\\\" package is not installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Install SSH packages onto the host with the following commands:\n\n    # yum install openssh-server.x86_64\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000423-GPOS-00187\"\n  tag satisfies: [\"SRG-OS-000423-GPOS-00187\", \"SRG-OS-000424-GPOS-00188\",\n\"SRG-OS-000425-GPOS-00189\", \"SRG-OS-000426-GPOS-00190\"]\n  tag gid: \"V-72233\"\n  tag rid: \"SV-86857r3_rule\"\n  tag stig_id: \"RHEL-07-040300\"\n  tag fix_id: \"F-78587r3_fix\"\n  tag cci: [\"CCI-002418\", \"CCI-002420\", \"CCI-002421\", \"CCI-002422\"]\n  tag nist: [\"SC-8\", \"SC-8 (2)\", \"SC-8 (1)\", \"SC-8 (2)\", \"Rev_4\"]\n\n  describe package('openssh-server') do\n    it { should be_installed }\n  end\n  describe package('openssh-clients') do\n    it { should be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package openssh-server is expected to be installed
+--------------------------------
+passed :: TEST System Package openssh-clients is expected to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72011</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86635r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive users have a home directory assigned in the
-&#x2F;etc&#x2F;passwd file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+/etc/passwd file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If local interactive users are not assigned a valid home directory,
-there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify local interactive users on the system have a home directory assigned.
 
     Check for missing local interactive user home directories with the
 following command:
 
     # pwck -r
-    user &#39;lp&#39;: directory &#39;&#x2F;var&#x2F;spool&#x2F;lpd&#39; does not exist
-    user &#39;news&#39;: directory &#39;&#x2F;var&#x2F;spool&#x2F;news&#39; does not exist
-    user &#39;uucp&#39;: directory &#39;&#x2F;var&#x2F;spool&#x2F;uucp&#39; does not exist
-    user &#39;smithj&#39;: directory &#39;&#x2F;home&#x2F;smithj&#39; does not exist
+    user 'lp': directory '/var/spool/lpd' does not exist
+    user 'news': directory '/var/spool/news' does not exist
+    user 'uucp': directory '/var/spool/uucp' does not exist
+    user 'smithj': directory '/home/smithj' does not exist
 
     Ask the System Administrator (SA) if any users found without home
 directories are local interactive users. If the SA is unable to provide a
 response, check for users with a User Identifier (UID) of 1000 or greater with
 the following command:
 
-    # cut -d: -f 1,3 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{2}$|:[0-9]{1,2}$&quot;
+    # cut -d: -f 1,3 /etc/passwd | egrep ":[1-4][0-9]{2}$|:[0-9]{1,2}$"
 
     If any interactive users do not have a home directory assigned, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Assign home directories to all local interactive users that
-currently do not have a home directory assigned.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b02b4849-81c7-498f-9ce6-60d15a219a29</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Directory &#x2F;root is expected to exist
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user is expected to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71919</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86543r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+currently do not have a home directory assigned.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72011\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive users have a home directory assigned in the\n/etc/passwd file.\"\n  desc  \"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify local interactive users on the system have a home directory assigned.\n\n    Check for missing local interactive user home directories with the\nfollowing command:\n\n    # pwck -r\n    user 'lp': directory '/var/spool/lpd' does not exist\n    user 'news': directory '/var/spool/news' does not exist\n    user 'uucp': directory '/var/spool/uucp' does not exist\n    user 'smithj': directory '/home/smithj' does not exist\n\n    Ask the System Administrator (SA) if any users found without home\ndirectories are local interactive users. If the SA is unable to provide a\nresponse, check for users with a User Identifier (UID) of 1000 or greater with\nthe following command:\n\n    # cut -d: -f 1,3 /etc/passwd | egrep \\\":[1-4][0-9]{2}$|:[0-9]{1,2}$\\\"\n\n    If any interactive users do not have a home directory assigned, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Assign home directories to all local interactive users that\ncurrently do not have a home directory assigned.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72011\"\n  tag rid: \"SV-86635r2_rule\"\n  tag stig_id: \"RHEL-07-020600\"\n  tag fix_id: \"F-78363r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    describe directory(user_info.home) do\n      it { should exist }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Directory /root is expected to exist
+--------------------------------
+passed :: TEST Directory /home/ec2-user is expected to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71919</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86543r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the PAM system service is configured to store only encrypted
-representations of passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+representations of passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Passwords need to be protected at all times, and encryption is the
 standard method for protecting passwords. If passwords are not encrypted, they
 can be plainly read (i.e., clear text) and easily compromised. Passwords
 encrypted with a weak algorithm are no more protected than if they are kept in
-plain text.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+plain text.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the PAM system service is configured to store only encrypted
 representations of passwords. The strength of encryption that must be used to
 hash passwords for all accounts is SHA512.
@@ -23546,1083 +22500,1038 @@ hash passwords for all accounts is SHA512.
     Check that the system is configured to create SHA512 hashed passwords with
 the following command:
 
-    # grep password &#x2F;etc&#x2F;pam.d&#x2F;system-auth &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep password /etc/pam.d/system-auth /etc/pam.d/password-auth
 
     Outcome should look like following:
-    &#x2F;etc&#x2F;pam.d&#x2F;system-auth-ac:password    sufficient    pam_unix.so sha512
+    /etc/pam.d/system-auth-ac:password    sufficient    pam_unix.so sha512
 shadow try_first_pass use_authtok
-    &#x2F;etc&#x2F;pam.d&#x2F;password-auth:password    sufficient    pam_unix.so sha512
+    /etc/pam.d/password-auth:password    sufficient    pam_unix.so sha512
 shadow try_first_pass use_authtok
 
-    If the &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot;
+    If the "/etc/pam.d/system-auth" and "/etc/pam.d/password-auth"
 configuration files allow for password hashes other than SHA512 to be used,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to store only SHA512 encrypted
 representations of passwords.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot;:
+    Add the following line in "/etc/pam.d/system-auth":
     pam_unix.so sha512 shadow try_first_pass use_authtok
 
-    Add the following line in &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot;:
+    Add the following line in "/etc/pam.d/password-auth":
     pam_unix.so sha512 shadow try_first_pass use_authtok
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b2cea29b-2d5d-4112-85ef-a082e90824bd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include password sufficient pam_unix.so sha512
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include password .* pam_unix.so, all without args ^(md5|bigcrypt|sha256|blowfish)$</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86789r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71919\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the PAM system service is configured to store only encrypted\nrepresentations of passwords.\"\n  desc  \"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised. Passwords\nencrypted with a weak algorithm are no more protected than if they are kept in\nplain text.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the PAM system service is configured to store only encrypted\nrepresentations of passwords. The strength of encryption that must be used to\nhash passwords for all accounts is SHA512.\n\n    Check that the system is configured to create SHA512 hashed passwords with\nthe following command:\n\n    # grep password /etc/pam.d/system-auth /etc/pam.d/password-auth\n\n    Outcome should look like following:\n    /etc/pam.d/system-auth-ac:password    sufficient    pam_unix.so sha512\nshadow try_first_pass use_authtok\n    /etc/pam.d/password-auth:password    sufficient    pam_unix.so sha512\nshadow try_first_pass use_authtok\n\n    If the \\\"/etc/pam.d/system-auth\\\" and \\\"/etc/pam.d/password-auth\\\"\nconfiguration files allow for password hashes other than SHA512 to be used,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to store only SHA512 encrypted\nrepresentations of passwords.\n\n    Add the following line in \\\"/etc/pam.d/system-auth\\\":\n    pam_unix.so sha512 shadow try_first_pass use_authtok\n\n    Add the following line in \\\"/etc/pam.d/password-auth\\\":\n    pam_unix.so sha512 shadow try_first_pass use_authtok\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000073-GPOS-00041\"\n  tag gid: \"V-71919\"\n  tag rid: \"SV-86543r3_rule\"\n  tag stig_id: \"RHEL-07-010200\"\n  tag fix_id: \"F-78271r4_fix\"\n  tag cci: [\"CCI-000196\"]\n  tag nist: [\"IA-5 (1) (c)\", \"Rev_4\"]\n\n  describe pam(\"/etc/pam.d/system-auth\") do\n    its('lines') { should match_pam_rule('password sufficient pam_unix.so sha512') }\n    its('lines') { should match_pam_rule('password .* pam_unix.so').all_without_args('^(md5|bigcrypt|sha256|blowfish)$') }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include password sufficient pam_unix.so sha512
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include password .* pam_unix.so, all without args ^(md5|bigcrypt|sha256|blowfish)$</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86789r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the newgrp command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the newgrp command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;newgrp&quot; command occur.
+successful/unsuccessful attempts to use the "newgrp" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;newgrp &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/newgrp /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;newgrp -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;newgrp&quot; command occur.
+successful/unsuccessful attempts to use the "newgrp" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;newgrp -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>67b2afca-9392-4acd-8687-0132182d0f8c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;newgrp&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;newgrp&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72157</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86781r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030670</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72165\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe newgrp command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"newgrp\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -i /usr/bin/newgrp /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"newgrp\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72165\"\n  tag rid: \"SV-86789r4_rule\"\n  tag stig_id: \"RHEL-07-030710\"\n  tag fix_id: \"F-78519r5_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/newgrp'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/newgrp" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/newgrp" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72157</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86781r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030670</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the userhelper command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the userhelper command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;userhelper&quot; command occur.
+successful/unsuccessful attempts to use the "userhelper" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;sbin&#x2F;userhelper &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/sbin/userhelper /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;userhelper -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
+    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;userhelper&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;userhelper -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a7863fbe-0ea6-40d1-bf8b-4946ab070fd9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;userhelper&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;userhelper&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73167</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87819r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030872</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "userhelper" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72157\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe userhelper command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"userhelper\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/sbin/userhelper /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"userhelper\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72157\"\n  tag rid: \"SV-86781r5_rule\"\n  tag stig_id: \"RHEL-07-030670\"\n  tag fix_id: \"F-78509r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/userhelper'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/userhelper" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/userhelper" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73167</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87819r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030872</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;gshadow.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/gshadow.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;gshadow&quot;.
+"/etc/gshadow".
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;gshadow &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/gshadow /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;gshadow -p wa -k identity
+    -w /etc/gshadow -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;gshadow&quot;.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;gshadow -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>87f83a85-93e6-4569-bf2c-89ae7f0c28f3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;gshadow&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;gshadow&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71955</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86579r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/gshadow".
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/gshadow -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73167\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/gshadow.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/gshadow\\\".\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/gshadow /etc/audit/audit.rules\n\n    -w /etc/gshadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/gshadow\\\".\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/gshadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73167\"\n  tag rid: \"SV-87819r4_rule\"\n  tag stig_id: \"RHEL-07-030872\"\n  tag fix_id: \"F-79613r3_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/gshadow'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/gshadow" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/gshadow" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71955</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86579r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow an
-unrestricted logon to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unrestricted logon to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow an unrestricted logon to the
 system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Check for the value of the &quot;TimedLoginEnable&quot; parameter in
-&quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file with the following command:
+    Check for the value of the "TimedLoginEnable" parameter in
+"/etc/gdm/custom.conf" file with the following command:
 
-    # grep -i timedloginenable &#x2F;etc&#x2F;gdm&#x2F;custom.conf
-    TimedLoginEnable&#x3D;false
+    # grep -i timedloginenable /etc/gdm/custom.conf
+    TimedLoginEnable=false
 
-    If the value of &quot;TimedLoginEnable&quot; is not set to &quot;false&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "TimedLoginEnable" is not set to "false", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow an unrestricted account to log
 on to the system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Add or edit the line for the &quot;TimedLoginEnable&quot; parameter in the [daemon]
-section of the &quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file to &quot;false&quot;:
+    Add or edit the line for the "TimedLoginEnable" parameter in the [daemon]
+section of the "/etc/gdm/custom.conf" file to "false":
 
     [daemon]
-    TimedLoginEnable&#x3D;false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fecb4943-73b8-4e1c-884d-e1739f907f4d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GDM installed
-The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86775r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030640</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    TimedLoginEnable=false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71955\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow an\nunrestricted logon to the system.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow an unrestricted logon to the\nsystem via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check for the value of the \\\"TimedLoginEnable\\\" parameter in\n\\\"/etc/gdm/custom.conf\\\" file with the following command:\n\n    # grep -i timedloginenable /etc/gdm/custom.conf\n    TimedLoginEnable=false\n\n    If the value of \\\"TimedLoginEnable\\\" is not set to \\\"false\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow an unrestricted account to log\non to the system via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Add or edit the line for the \\\"TimedLoginEnable\\\" parameter in the [daemon]\nsection of the \\\"/etc/gdm/custom.conf\\\" file to \\\"false\\\":\n\n    [daemon]\n    TimedLoginEnable=false\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71955\"\n  tag rid: \"SV-86579r3_rule\"\n  tag stig_id: \"RHEL-07-010450\"\n  tag fix_id: \"F-78307r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  custom_conf = '/etc/gdm/custom.conf'\n\n  if package('gdm').installed?\n    impact 0.7\n    if ((f = file(custom_conf)).exist?)\n      describe ini(custom_conf) do\n        its('daemon.TimedLoginEnable') { cmp false }\n      end\n    else\n      describe f do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GDM installed\" do\n      skip \"The system does not have GDM installed, this requirement is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GDM installed :: SKIP_MESSAGE The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86775r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030640</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the unix_chkpwd command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the unix_chkpwd command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unix_chkpwd&quot; command occur.
+successful/unsuccessful attempts to use the "unix_chkpwd" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/unix_chkpwd /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
+    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unix_chkpwd&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>65ba7a66-c805-49d9-a2a9-604189780089</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71987</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000437-GPOS-00194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86611r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "unix_chkpwd" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72151\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe unix_chkpwd command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"unix_chkpwd\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw /usr/sbin/unix_chkpwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"unix_chkpwd\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72151\"\n  tag rid: \"SV-86775r5_rule\"\n  tag stig_id: \"RHEL-07-030640\"\n  tag fix_id: \"F-78503r8_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/unix_chkpwd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/unix_chkpwd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/unix_chkpwd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71987</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000437-GPOS-00194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86611r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must remove all software
-components after updated versions have been installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+components after updated versions have been installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Previous versions of software components that are not removed from the
 information system after updates have been installed may be exploited by
 adversaries. Some information technology products may remove older versions of
-software automatically from the information system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+software automatically from the information system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system removes all software components after updated
 versions have been installed.
 
     Check if yum is configured to remove unneeded packages with the following
 command:
 
-    # grep -i clean_requirements_on_remove &#x2F;etc&#x2F;yum.conf
-    clean_requirements_on_remove&#x3D;1
+    # grep -i clean_requirements_on_remove /etc/yum.conf
+    clean_requirements_on_remove=1
 
-    If &quot;clean_requirements_on_remove&quot; is not set to &quot;1&quot;, &quot;True&quot;, or
-&quot;yes&quot;, or is not set in &quot;&#x2F;etc&#x2F;yum.conf&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "clean_requirements_on_remove" is not set to "1", "True", or
+"yes", or is not set in "/etc/yum.conf", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to remove all software components after
 updated versions have been installed.
 
-    Set the &quot;clean_requirements_on_remove&quot; option to &quot;1&quot; in the
-&quot;&#x2F;etc&#x2F;yum.conf&quot; file:
-
-    clean_requirements_on_remove&#x3D;1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ab28007a-7e90-4a8a-a941-f1527b74d4d5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002617</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;yum.conf main.clean_requirements_on_remove is expected to match &#x2F;1|True|yes&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71909</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000266-GPOS-00101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86533r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the "clean_requirements_on_remove" option to "1" in the
+"/etc/yum.conf" file:
+
+    clean_requirements_on_remove=1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71987\" do\n  title \"The Red Hat Enterprise Linux operating system must remove all software\ncomponents after updated versions have been installed.\"\n  desc  \"Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system removes all software components after updated\nversions have been installed.\n\n    Check if yum is configured to remove unneeded packages with the following\ncommand:\n\n    # grep -i clean_requirements_on_remove /etc/yum.conf\n    clean_requirements_on_remove=1\n\n    If \\\"clean_requirements_on_remove\\\" is not set to \\\"1\\\", \\\"True\\\", or\n\\\"yes\\\", or is not set in \\\"/etc/yum.conf\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \\\"clean_requirements_on_remove\\\" option to \\\"1\\\" in the\n\\\"/etc/yum.conf\\\" file:\n\n    clean_requirements_on_remove=1\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000437-GPOS-00194\"\n  tag gid: \"V-71987\"\n  tag rid: \"SV-86611r2_rule\"\n  tag stig_id: \"RHEL-07-020200\"\n  tag fix_id: \"F-78339r1_fix\"\n  tag cci: [\"CCI-002617\"]\n  tag nist: [\"SI-2 (6)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/yum.conf\") do\n    its('main.clean_requirements_on_remove') { should match %r{1|True|yes}i }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002617</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/yum.conf main.clean_requirements_on_remove is expected to match /1|True|yes/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71909</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000266-GPOS-00101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86533r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, the new
-password must contain at least one special character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+password must contain at least one special character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -24631,293 +23540,282 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enforces password complexity by requiring that
 at least one special character be used.
 
     Note: The value to require a number of special characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;ocredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "ocredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep ocredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    ocredit&#x3D;-1
+    # grep ocredit /etc/security/pwquality.conf
+    ocredit=-1
 
-    If the value of &quot;ocredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "ocredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce password complexity by requiring
-that at least one special character be used by setting the &quot;ocredit&quot; option.
+that at least one special character be used by setting the "ocredit" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    ocredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>afc29767-6dc9-431b-b226-f3c2bb0d2952</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf ocredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72085</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86709r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    ocredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71909\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, the new\npassword must contain at least one special character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces password complexity by requiring that\nat least one special character be used.\n\n    Note: The value to require a number of special characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"ocredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep ocredit /etc/security/pwquality.conf\n    ocredit=-1\n\n    If the value of \\\"ocredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce password complexity by requiring\nthat at least one special character be used by setting the \\\"ocredit\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    ocredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000266-GPOS-00101\"\n  tag gid: \"V-71909\"\n  tag rid: \"SV-86533r2_rule\"\n  tag stig_id: \"RHEL-07-010150\"\n  tag fix_id: \"F-78261r2_fix\"\n  tag cci: [\"CCI-001619\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('ocredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf ocredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72085</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86709r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must encrypt the
 transfer of audit records off-loaded onto a different system or media from the
-system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
-storage capacity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage capacity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system encrypts audit records off-loaded onto a
 different system or media from the system being audited.
 
     To determine if the transfer is encrypted, use the following command:
 
-    # grep -i enable_krb5 &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    enable_krb5 &#x3D; yes
+    # grep -i enable_krb5 /etc/audisp/audisp-remote.conf
+    enable_krb5 = yes
 
-    If the value of the &quot;enable_krb5&quot; option is not set to &quot;yes&quot; or the
+    If the value of the "enable_krb5" option is not set to "yes" or the
 line is commented out, ask the System Administrator to indicate how the audit
 logs are off-loaded to a different system or media.
 
     If there is no evidence that the transfer of the audit logs being
-off-loaded to another system or media is encrypted, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+off-loaded to another system or media is encrypted, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to encrypt the transfer of off-loaded audit
 records onto a different system or media from the system being audited.
 
-    Uncomment the &quot;enable_krb5&quot; option in &quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot;
+    Uncomment the "enable_krb5" option in "/etc/audisp/audisp-remote.conf"
 and set it with the following line:
 
-    enable_krb5 &#x3D; yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a2cf18b2-ef79-4b6e-9d89-09016cbbf77f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71859</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86483r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010030</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    enable_krb5 = yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72085\" do\n  title \"The Red Hat Enterprise Linux operating system must encrypt the\ntransfer of audit records off-loaded onto a different system or media from the\nsystem being audited.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system encrypts audit records off-loaded onto a\ndifferent system or media from the system being audited.\n\n    To determine if the transfer is encrypted, use the following command:\n\n    # grep -i enable_krb5 /etc/audisp/audisp-remote.conf\n    enable_krb5 = yes\n\n    If the value of the \\\"enable_krb5\\\" option is not set to \\\"yes\\\" or the\nline is commented out, ask the System Administrator to indicate how the audit\nlogs are off-loaded to a different system or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media is encrypted, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to encrypt the transfer of off-loaded audit\nrecords onto a different system or media from the system being audited.\n\n    Uncomment the \\\"enable_krb5\\\" option in \\\"/etc/audisp/audisp-remote.conf\\\"\nand set it with the following line:\n\n    enable_krb5 = yes\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-72085\"\n  tag rid: \"SV-86709r2_rule\"\n  tag stig_id: \"RHEL-07-030310\"\n  tag fix_id: \"F-78437r1_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('enable_krb5'.to_s) { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71859</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86483r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 Standard Mandatory DoD Notice and Consent Banner before granting local or
-remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the operating system ensures privacy and security
 notification verbiage used is consistent with applicable federal laws,
@@ -24930,7 +23828,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -24955,14 +23853,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system displays the Standard Mandatory DoD Notice and
 Consent Banner before granting access to the operating system via a graphical
 user logon.
@@ -24973,14 +23871,14 @@ Applicable.
     Check to see if the operating system displays a banner at the logon screen
 with the following command:
 
-    # grep banner-message-enable &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    banner-message-enable&#x3D;true
+    # grep banner-message-enable /etc/dconf/db/local.d/*
+    banner-message-enable=true
 
-    If &quot;banner-message-enable&quot; is set to &quot;false&quot; or is missing, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "banner-message-enable" is set to "false" or is missing, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the Standard Mandatory DoD Notice
 and Consent Banner before granting access to the system.
 
@@ -24990,129 +23888,124 @@ Applicable.
     Create a database to contain the system-wide graphical user logon settings
 (if it does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message
+    # touch /etc/dconf/db/local.d/01-banner-message
 
-    Add the following line to the [org&#x2F;gnome&#x2F;login-screen] section of the
-&quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message&quot;:
+    Add the following line to the [org/gnome/login-screen] section of the
+"/etc/dconf/db/local.d/01-banner-message":
 
-    [org&#x2F;gnome&#x2F;login-screen]
-    banner-message-enable&#x3D;true
+    [org/gnome/login-screen]
+    banner-message-enable=true
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f7bb16fc-10fa-467f-b21c-39b19c846a3e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95731r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71859\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\nStandard Mandatory DoD Notice and Consent Banner before granting local or\nremote access to the system via a graphical user logon.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system displays the Standard Mandatory DoD Notice and\nConsent Banner before granting access to the operating system via a graphical\nuser logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check to see if the operating system displays a banner at the logon screen\nwith the following command:\n\n    # grep banner-message-enable /etc/dconf/db/local.d/*\n    banner-message-enable=true\n\n    If \\\"banner-message-enable\\\" is set to \\\"false\\\" or is missing, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following line to the [org/gnome/login-screen] section of the\n\\\"/etc/dconf/db/local.d/01-banner-message\\\":\n\n    [org/gnome/login-screen]\n    banner-message-enable=true\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\",\n\"SRG-OS-000228-GPOS-00088\"]\n  tag gid: \"V-71859\"\n  tag rid: \"SV-86483r4_rule\"\n  tag stig_id: \"RHEL-07-010030\"\n  tag fix_id: \"F-78211r4_fix\"\n  tag cci: [\"CCI-000048\"]\n  tag nist: [\"AC-8 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    if !dconf_user.nil? and command('whoami').stdout.strip == 'root'\n      describe command(\"sudo -u #{dconf_user} dconf read /org/gnome/login-screen/banner-message-enable\") do\n        its('stdout.strip') { should cmp banner_message_enabled.to_s }\n      end\n    else\n      describe command(\"dconf read /org/gnome/login-screen/banner-message-enable\") do\n        its('stdout.strip') { should cmp banner_message_enabled.to_s }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The GNOME desktop is not installed\" do      \n      skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81019</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95731r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must take appropriate
-action when the audisp-remote buffer is full.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+action when the audisp-remote buffer is full.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
@@ -25120,301 +24013,288 @@ incidental deletion or alteration.
 storage capacity.
 
     When the remote buffer is full, audit logs will not be collected and sent
-to the central log server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to the central log server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the audisp daemon is configured to take an appropriate action when
 the internal queue is full:
 
-    # grep &quot;overflow_action&quot; &#x2F;etc&#x2F;audisp&#x2F;audispd.conf
+    # grep "overflow_action" /etc/audisp/audispd.conf
 
-    overflow_action &#x3D; syslog
+    overflow_action = syslog
 
-    If the &quot;overflow_action&quot; option is not &quot;syslog&quot;, &quot;single&quot;, or
-&quot;halt&quot;, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;audispd.conf file and add or update the
-&quot;overflow_action&quot; option:
+    If the "overflow_action" option is not "syslog", "single", or
+"halt", or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/audispd.conf file and add or update the
+"overflow_action" option:
 
-    overflow_action &#x3D; syslog
+    overflow_action = syslog
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d0624aab-b73c-4340-bc0f-c07079e8539e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audispd.conf overflow_action is expected to match &#x2F;syslog$|single$|halt$&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-78999</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93705r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030819</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81019\" do\n  title \"The Red Hat Enterprise Linux operating system must take appropriate\naction when the audisp-remote buffer is full.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    When the remote buffer is full, audit logs will not be collected and sent\nto the central log server.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the audisp daemon is configured to take an appropriate action when\nthe internal queue is full:\n\n    # grep \\\"overflow_action\\\" /etc/audisp/audispd.conf\n\n    overflow_action = syslog\n\n    If the \\\"overflow_action\\\" option is not \\\"syslog\\\", \\\"single\\\", or\n\\\"halt\\\", or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/audispd.conf file and add or update the\n\\\"overflow_action\\\" option:\n\n    overflow_action = syslog\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81019\"\n  tag rid: \"SV-95731r1_rule\"\n  tag stig_id: \"RHEL-07-030210\"\n  tag fix_id: \"F-87853r3_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  if file('/etc/audisp/audispd.conf').exist?\n    describe parse_config_file('/etc/audisp/audispd.conf') do\n      its('overflow_action') { should match %r{syslog$|single$|halt$}i }\n    end\n  else\n    describe \"File '/etc/audisp/audispd.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audisp/audispd.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/audisp/audispd.conf overflow_action is expected to match /syslog$|single$|halt$/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-78999</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93705r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030819</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the create_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the create_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;create_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "create_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw create_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw create_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S create_module -k module-change
+    -a always,exit -F arch=b32 -S create_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S create_module -k module-change
+    -a always,exit -F arch=b64 -S create_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;create_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"create_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;create_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S create_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S create_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b487243e-3b40-47aa-8e6c-7176219754d5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72241</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86865r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "create_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S create_module -k module-change
+
+    -a always,exit -F arch=b64 -S create_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-78999\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe create_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"create_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw create_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S create_module -k module-change\n\n    -a always,exit -F arch=b64 -S create_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"create_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"create_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S create_module -k module-change\n\n    -a always,exit -F arch=b64 -S create_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-78999\"\n  tag rid: \"SV-93705r3_rule\"\n  tag stig_id: \"RHEL-07-030819\"\n  tag fix_id: \"F-85749r4_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"create_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"create_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "create_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "create_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "create_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "create_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72241</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86865r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all network connections associated with SSH traffic terminate after a
-period of inactivity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+period of inactivity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Terminating an idle SSH session within a short time period reduces the
 window of opportunity for unauthorized personnel to take control of a
 management session enabled on the console or console port that has been left
@@ -25422,185 +24302,180 @@ unattended. In addition, quickly terminating an idle SSH session will also free
 up resources committed by the managed network element.
 
     Terminating network connections associated with communications sessions
-includes, for example, de-allocating associated TCP&#x2F;IP address&#x2F;port pairs at
+includes, for example, de-allocating associated TCP/IP address/port pairs at
 the operating system level and de-allocating networking assignments at the
 application level if multiple application sessions are using a single operating
 system-level network connection. This does not mean that the operating system
 terminates all sessions or network access; it only ends the inactive session
-and releases the resources associated with that session.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and releases the resources associated with that session.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system automatically terminates a user session after
 inactivity time-outs have expired.
 
-    Check for the value of the &quot;ClientAliveCountMax&quot; keyword with the
+    Check for the value of the "ClientAliveCountMax" keyword with the
 following command:
 
-    # grep -i clientalivecount &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i clientalivecount /etc/ssh/sshd_config
     ClientAliveCountMax 0
 
-    If &quot;ClientAliveCountMax&quot; is not set to &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "ClientAliveCountMax" is not set to "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to terminate automatically a user session
 after inactivity time-outs have expired or at shutdown.
 
     Add the following line (or modify the line to have the required value) to
-the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file (this file may be named differently or be in
+the "/etc/ssh/sshd_config" file (this file may be named differently or be in
 a different location if using a version of SSH that is provided by a
 third-party vendor):
 
     ClientAliveCountMax 0
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bc34d95c-71e5-4f06-b225-c5ed5fb0da04</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The release is 7.8
-The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71849</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000257-GPOS-00098</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86473r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72241\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all network connections associated with SSH traffic terminate after a\nperiod of inactivity.\"\n  desc  \"Terminating an idle SSH session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle SSH session will also free\nup resources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean that the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system automatically terminates a user session after\ninactivity time-outs have expired.\n\n    Check for the value of the \\\"ClientAliveCountMax\\\" keyword with the\nfollowing command:\n\n    # grep -i clientalivecount /etc/ssh/sshd_config\n    ClientAliveCountMax 0\n\n    If \\\"ClientAliveCountMax\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to terminate automatically a user session\nafter inactivity time-outs have expired or at shutdown.\n\n    Add the following line (or modify the line to have the required value) to\nthe \\\"/etc/ssh/sshd_config\\\" file (this file may be named differently or be in\na different location if using a version of SSH that is provided by a\nthird-party vendor):\n\n    ClientAliveCountMax 0\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000163-GPOS-00072\"\n  tag satisfies: [\"SRG-OS-000163-GPOS-00072\", \"SRG-OS-000279-GPOS-00109\"]\n  tag gid: \"V-72241\"\n  tag rid: \"SV-86865r4_rule\"\n  tag stig_id: \"RHEL-07-040340\"\n  tag fix_id: \"F-78595r4_fix\"\n  tag cci: [\"CCI-001133\", \"CCI-002361\"]\n  tag nist: [\"SC-10\", \"AC-12\", \"Rev_4\"]\n\n  if os.release.to_f &gt;= 7.4\n    impact 0.0\n    describe \"The release is #{os.release}\" do\n      skip \"The release is newer than 7.4; this control is Not Applicable.\"\n    end\n  else\n    describe sshd_config do\n      its('ClientAliveCountMax') { should cmp '0' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The release is 7.8 :: SKIP_MESSAGE The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71849</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000257-GPOS-00098</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86473r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the file permissions, ownership, and group membership of system files and
-commands match the vendor values.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+commands match the vendor values.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Discretionary access control is weakened if a user or group has access
-permissions to system files and directories greater than the default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+permissions to system files and directories greater than the default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file permissions, ownership, and group membership of system
 files and commands match the vendor values.
 
     Check the default file permissions, ownership, and group membership of
 system files and commands with the following command:
 
-    # for i in &#x60;rpm -Va | egrep -i &#39;^\.[M|U|G|.]{8}&#39; | cut -d &quot; &quot; -f4,5&#x60;;do
-for j in &#x60;rpm -qf $i&#x60;;do rpm -ql $j --dump | cut -d &quot; &quot; -f1,5,6,7 | grep
+    # for i in `rpm -Va | egrep -i '^\.[M|U|G|.]{8}' | cut -d " " -f4,5`;do
+for j in `rpm -qf $i`;do rpm -ql $j --dump | cut -d " " -f1,5,6,7 | grep
 $i;done;done
 
-    &#x2F;var&#x2F;log&#x2F;gdm 040755 root root
-    &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf 0100640 root root
-    &#x2F;usr&#x2F;bin&#x2F;passwd 0104755 root root
+    /var/log/gdm 040755 root root
+    /etc/audisp/audisp-remote.conf 0100640 root root
+    /usr/bin/passwd 0104755 root root
 
     For each file returned, verify the current permissions, ownership, and
 group membership:
     # ls -la &lt;filename&gt;
 
-    -rw-------. 1 root root 133 Jan 11 13:25 &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
+    -rw-------. 1 root root 133 Jan 11 13:25 /etc/audisp/audisp-remote.conf
 
     If the file is more permissive than the default permissions, this is a
 finding.
@@ -25609,10 +24484,10 @@ finding.
 the Information System Security Officer (ISSO), this is a finding.
 
     If the file is not a member of the default group and is not documented with
-the Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+the Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Run the following command to determine which package owns the file:
 
     # rpm -qf &lt;filename&gt;
@@ -25625,589 +24500,567 @@ following command:
 
     Reset the permissions of files within a package with the following command:
 
-    #rpm --setperms &lt;packagename&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ef2a5bdf-78a4-4bea-a587-9e82ed514f6f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This control consistently takes a long time to run and has been disabled
-    using the disable_slow_controls attribute.
-This control consistently takes a long time to run and has been disabled
+    #rpm --setperms &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71849\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the file permissions, ownership, and group membership of system files and\ncommands match the vendor values.\"\n  desc  \"Discretionary access control is weakened if a user or group has access\npermissions to system files and directories greater than the default.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file permissions, ownership, and group membership of system\nfiles and commands match the vendor values.\n\n    Check the default file permissions, ownership, and group membership of\nsystem files and commands with the following command:\n\n    # for i in `rpm -Va | egrep -i '^\\\\.[M|U|G|.]{8}' | cut -d \\\" \\\" -f4,5`;do\nfor j in `rpm -qf $i`;do rpm -ql $j --dump | cut -d \\\" \\\" -f1,5,6,7 | grep\n$i;done;done\n\n    /var/log/gdm 040755 root root\n    /etc/audisp/audisp-remote.conf 0100640 root root\n    /usr/bin/passwd 0104755 root root\n\n    For each file returned, verify the current permissions, ownership, and\ngroup membership:\n    # ls -la &lt;filename&gt;\n\n    -rw-------. 1 root root 133 Jan 11 13:25 /etc/audisp/audisp-remote.conf\n\n    If the file is more permissive than the default permissions, this is a\nfinding.\n\n    If the file is not owned by the default owner and is not documented with\nthe Information System Security Officer (ISSO), this is a finding.\n\n    If the file is not a member of the default group and is not documented with\nthe Information System Security Officer (ISSO), this is a finding.\n  \"\n  desc  \"fix\", \"\n    Run the following command to determine which package owns the file:\n\n    # rpm -qf &lt;filename&gt;\n\n    Reset the user and group ownership of files within a package with the\nfollowing command:\n\n    #rpm --setugids &lt;packagename&gt;\n\n\n    Reset the permissions of files within a package with the following command:\n\n    #rpm --setperms &lt;packagename&gt;\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000257-GPOS-00098\"\n  tag satisfies: [\"SRG-OS-000257-GPOS-00098\", \"SRG-OS-000278-GPOS-00108\"]\n  tag gid: \"V-71849\"\n  tag rid: \"SV-86473r4_rule\"\n  tag stig_id: \"RHEL-07-010010\"\n  tag fix_id: \"F-78201r4_fix\"\n  tag cci: [\"CCI-001494\", \"CCI-001496\", \"CCI-002165\", \"CCI-002235\"]\n  tag nist: [\"AU-9\", \"AU-9 (3)\", \"AC-3 (4)\", \"AC-6 (10)\", \"Rev_4\"]\n\n  if input('disable_slow_controls')\n    describe \"This control consistently takes a long time to run and has been disabled\n    using the disable_slow_controls attribute.\" do\n      skip \"This control consistently takes a long time to run and has been disabled\n            using the disable_slow_controls attribute. You must enable this control for a\n            full accredidation for production.\"\n    end\n  else\n    describe command(\"rpm -Va | grep '^.M' | awk 'NF&gt;1{print $NF}'\").stdout.strip.split(\"\\n\") do\n      it { should all(be_in rpm_verify_perms_except) }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This control consistently takes a long time to run and has been disabled
+    using the disable_slow_controls attribute. :: SKIP_MESSAGE This control consistently takes a long time to run and has been disabled
             using the disable_slow_controls attribute. You must enable this control for a
-            full accredidation for production.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72267</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86891r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+            full accredidation for production.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72267</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86891r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not allow compression or only allows compression after
-successful authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+successful authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If compression is allowed in an SSH connection prior to
 authentication, vulnerabilities in the compression software could result in
 compromise of the system from an unauthenticated connection, potentially with
-root privileges.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+root privileges.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon performs compression after a user successfully
 authenticates.
 
     Check that the SSH daemon performs compression after a user successfully
 authenticates with the following command:
 
-    # grep -i compression &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i compression /etc/ssh/sshd_config
     Compression delayed
 
-    If the &quot;Compression&quot; keyword is set to &quot;yes&quot;, is missing, or the
-returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;Compression&quot; keyword in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this
+    If the "Compression" keyword is set to "yes", is missing, or the
+returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "Compression" keyword in "/etc/ssh/sshd_config" (this
 file may be named differently or be in a different location if using a version
 of SSH that is provided by a third-party vendor) on the system and set the
-value to &quot;delayed&quot; or &quot;no&quot;:
+value to "delayed" or "no":
 
     Compression no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>01a52a2d-fe3f-4825-aef5-511b897b4548</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration Compression is expected to cmp &#x3D;&#x3D; &quot;delayed&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86835r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-031010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72267\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow compression or only allows compression after\nsuccessful authentication.\"\n  desc  \"If compression is allowed in an SSH connection prior to\nauthentication, vulnerabilities in the compression software could result in\ncompromise of the system from an unauthenticated connection, potentially with\nroot privileges.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon performs compression after a user successfully\nauthenticates.\n\n    Check that the SSH daemon performs compression after a user successfully\nauthenticates with the following command:\n\n    # grep -i compression /etc/ssh/sshd_config\n    Compression delayed\n\n    If the \\\"Compression\\\" keyword is set to \\\"yes\\\", is missing, or the\nreturned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"Compression\\\" keyword in \\\"/etc/ssh/sshd_config\\\" (this\nfile may be named differently or be in a different location if using a version\nof SSH that is provided by a third-party vendor) on the system and set the\nvalue to \\\"delayed\\\" or \\\"no\\\":\n\n    Compression no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72267\"\n  tag rid: \"SV-86891r3_rule\"\n  tag stig_id: \"RHEL-07-040470\"\n  tag fix_id: \"F-78621r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe sshd_config do\n      its('Compression') { should cmp 'delayed' }\n    end\n    describe sshd_config do\n      its('Compression') { should cmp 'no' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration Compression is expected to cmp == "delayed"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86835r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-031010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the rsyslog daemon does not accept log messages from other servers unless
-the server is being used for log aggregation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the server is being used for log aggregation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unintentionally running a rsyslog server accepting remote messages
 puts the system at increased risk. Malicious rsyslog messages sent to the
 server could exploit vulnerabilities in the server software itself, could
-introduce misleading information in to the system&#39;s logs, or could fill the
-system&#39;s storage leading to a Denial of Service.
+introduce misleading information in to the system's logs, or could fill the
+system's storage leading to a Denial of Service.
 
     If the system is intended to be a log aggregation server its use must be
-documented with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the system is not accepting &quot;rsyslog&quot; messages from other
+documented with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the system is not accepting "rsyslog" messages from other
 systems unless it is documented as a log aggregation server.
 
-    Check the configuration of &quot;rsyslog&quot; with the following command:
+    Check the configuration of "rsyslog" with the following command:
 
-    # grep imtcp &#x2F;etc&#x2F;rsyslog.conf
+    # grep imtcp /etc/rsyslog.conf
     $ModLoad imtcp
-    # grep imudp &#x2F;etc&#x2F;rsyslog.conf
+    # grep imudp /etc/rsyslog.conf
     $ModLoad imudp
-    # grep imrelp &#x2F;etc&#x2F;rsyslog.conf
+    # grep imrelp /etc/rsyslog.conf
     $ModLoad imrelp
 
-    If any of the above modules are being loaded in the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot;
+    If any of the above modules are being loaded in the "/etc/rsyslog.conf"
 file, ask to see the documentation for the system being used for log
 aggregation.
 
     If the documentation does not exist, or does not specify the server as a
-log aggregation system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Modify the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; file to remove the &quot;ModLoad
-imtcp&quot;, &quot;ModLoad imudp&quot;, and &quot;ModLoad imrelp&quot; configuration lines, or
-document the system as being used for log aggregation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>53489344-d648-4150-9a65-d5dee7b2da31</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;rsyslog.conf content is expected to match &#x2F;\$ModLoad\s+imtcp.*\n?$&#x2F;
---------------------------------
-passed
-File &#x2F;etc&#x2F;rsyslog.conf content is expected not to match &#x2F;^\$ModLoad\s+imtcp.*\n?$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72239</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86863r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+log aggregation system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Modify the "/etc/rsyslog.conf" file to remove the "ModLoad
+imtcp", "ModLoad imudp", and "ModLoad imrelp" configuration lines, or
+document the system as being used for log aggregation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72211\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the rsyslog daemon does not accept log messages from other servers unless\nthe server is being used for log aggregation.\"\n  desc  \"Unintentionally running a rsyslog server accepting remote messages\nputs the system at increased risk. Malicious rsyslog messages sent to the\nserver could exploit vulnerabilities in the server software itself, could\nintroduce misleading information in to the system's logs, or could fill the\nsystem's storage leading to a Denial of Service.\n\n    If the system is intended to be a log aggregation server its use must be\ndocumented with the ISSO.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the system is not accepting \\\"rsyslog\\\" messages from other\nsystems unless it is documented as a log aggregation server.\n\n    Check the configuration of \\\"rsyslog\\\" with the following command:\n\n    # grep imtcp /etc/rsyslog.conf\n    $ModLoad imtcp\n    # grep imudp /etc/rsyslog.conf\n    $ModLoad imudp\n    # grep imrelp /etc/rsyslog.conf\n    $ModLoad imrelp\n\n    If any of the above modules are being loaded in the \\\"/etc/rsyslog.conf\\\"\nfile, ask to see the documentation for the system being used for log\naggregation.\n\n    If the documentation does not exist, or does not specify the server as a\nlog aggregation system, this is a finding.\n  \"\n  desc  \"fix\", \"Modify the \\\"/etc/rsyslog.conf\\\" file to remove the \\\"ModLoad\nimtcp\\\", \\\"ModLoad imudp\\\", and \\\"ModLoad imrelp\\\" configuration lines, or\ndocument the system as being used for log aggregation.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72211\"\n  tag rid: \"SV-86835r2_rule\"\n  tag stig_id: \"RHEL-07-031010\"\n  tag fix_id: \"F-78565r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  log_aggregation_server = input('log_aggregation_server')\n\n  if log_aggregation_server\n    describe file('/etc/rsyslog.conf') do\n      its('content') { should match %r{^\\$ModLoad\\s+imtcp.*\\n?$} }\n    end\n  else\n    describe.one do\n      describe file('/etc/rsyslog.conf') do\n        its('content') { should match %r{\\$ModLoad\\s+imtcp.*\\n?$} }\n      end\n      describe file('/etc/rsyslog.conf') do\n        its('content') { should_not match %r{^\\$ModLoad\\s+imtcp.*\\n?$} }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/rsyslog.conf content is expected to match /\$ModLoad\s+imtcp.*\n?$/
+--------------------------------
+passed :: TEST File /etc/rsyslog.conf content is expected not to match /^\$ModLoad\s+imtcp.*\n?$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72239</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86863r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not allow authentication using RSA rhosts
-authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check the version of the operating system with the following command:
 
-    # cat &#x2F;etc&#x2F;redhat-release
+    # cat /etc/redhat-release
 
     If the release is 7.4 or newer this requirement is Not Applicable.
 
     Verify the SSH daemon does not allow authentication using RSA rhosts
 authentication.
 
-    To determine how the SSH daemon&#39;s &quot;RhostsRSAAuthentication&quot; option is
+    To determine how the SSH daemon's "RhostsRSAAuthentication" option is
 set, run the following command:
 
-    # grep RhostsRSAAuthentication &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep RhostsRSAAuthentication /etc/ssh/sshd_config
     RhostsRSAAuthentication no
 
-    If the value is returned as &quot;yes&quot;, the returned line is commented out, or
-no output is returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is returned as "yes", the returned line is commented out, or
+no output is returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH daemon to not allow authentication using RSA rhosts
 authentication.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;, or uncomment the line
-and set the value to &quot;no&quot;:
+    Add the following line in "/etc/ssh/sshd_config", or uncomment the line
+and set the value to "no":
 
     RhostsRSAAuthentication no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d586110e-2a2b-47b9-aba8-95ead3f2fa4e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration RhostsRSAAuthentication is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77819</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92515r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010061</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72239\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using RSA rhosts\nauthentication.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check the version of the operating system with the following command:\n\n    # cat /etc/redhat-release\n\n    If the release is 7.4 or newer this requirement is Not Applicable.\n\n    Verify the SSH daemon does not allow authentication using RSA rhosts\nauthentication.\n\n    To determine how the SSH daemon's \\\"RhostsRSAAuthentication\\\" option is\nset, run the following command:\n\n    # grep RhostsRSAAuthentication /etc/ssh/sshd_config\n    RhostsRSAAuthentication no\n\n    If the value is returned as \\\"yes\\\", the returned line is commented out, or\nno output is returned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH daemon to not allow authentication using RSA rhosts\nauthentication.\n\n    Add the following line in \\\"/etc/ssh/sshd_config\\\", or uncomment the line\nand set the value to \\\"no\\\":\n\n    RhostsRSAAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72239\"\n  tag rid: \"SV-86863r4_rule\"\n  tag stig_id: \"RHEL-07-040330\"\n  tag fix_id: \"F-78593r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('RhostsRSAAuthentication') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration RhostsRSAAuthentication is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77819</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92515r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010061</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must uniquely identify
 and must authenticate users using multifactor authentication via a graphical
-user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To assure accountability and prevent unauthenticated access, users
 must be identified and authenticated to prevent potential misuse and compromise
 of the system.
@@ -26216,14 +25069,14 @@ of the system.
 systems gaining access include, for example, hardware tokens providing
 time-based or challenge-response authenticators and smart cards such as the
 U.S. Government Personal Identity Verification card and the DoD Common Access
-Card.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Card.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system uniquely identifies and authenticates users
 using multifactor authentication via a graphical user logon.
 
@@ -26233,23 +25086,23 @@ Applicable.
     Determine which profile the system database is using with the following
 command:
 
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Note: The example is using the database local for the system, so the path
-is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database other
+is "/etc/dconf/db/local.d". This path must be modified if a database other
 than local is being used.
 
-    # grep enable-smartcard-authentication &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
+    # grep enable-smartcard-authentication /etc/dconf/db/local.d/*
 
-    enable-smartcard-authentication&#x3D;true
+    enable-smartcard-authentication=true
 
-    If &quot;enable-smartcard-authentication&quot; is set to &quot;false&quot; or the keyword
-is missing, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "enable-smartcard-authentication" is set to "false" or the keyword
+is missing, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to uniquely identify and authenticate users
 using multifactor authentication via a graphical user logon.
 
@@ -26260,955 +25113,906 @@ Applicable.
 does not already exist) with the following command:
 
     Note: The example is using the database local for the system, so if the
-system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the file
+system is using another database in "/etc/dconf/profile/user", the file
 should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-defaults
+    # touch /etc/dconf/db/local.d/00-defaults
 
-    Edit &quot;[org&#x2F;gnome&#x2F;login-screen]&quot; and add or update the following line:
-    enable-smartcard-authentication&#x3D;true
+    Edit "[org/gnome/login-screen]" and add or update the following line:
+    enable-smartcard-authentication=true
 
     Update the system databases:
-    # dconf update</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9d576b89-da27-4c3d-884d-7498951ebc1c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.
---------------------------------
-skipped
-The pcsc-lite package is not installed
-The pcsc-lite package is not installed, this control is Not Applicable.
---------------------------------
-skipped
-The esc package is not installed
-The esc package is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86725r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030390</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # dconf update</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-77819\" do\n  title \"The Red Hat Enterprise Linux operating system must uniquely identify\nand must authenticate users using multifactor authentication via a graphical\nuser logon.\"\n  desc  \"To assure accountability and prevent unauthenticated access, users\nmust be identified and authenticated to prevent potential misuse and compromise\nof the system.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD Common Access\nCard.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system uniquely identifies and authenticates users\nusing multifactor authentication via a graphical user logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Note: The example is using the database local for the system, so the path\nis \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database other\nthan local is being used.\n\n    # grep enable-smartcard-authentication /etc/dconf/db/local.d/*\n\n    enable-smartcard-authentication=true\n\n    If \\\"enable-smartcard-authentication\\\" is set to \\\"false\\\" or the keyword\nis missing, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to uniquely identify and authenticate users\nusing multifactor authentication via a graphical user logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example is using the database local for the system, so if the\nsystem is using another database in \\\"/etc/dconf/profile/user\\\", the file\nshould be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/00-defaults\n\n    Edit \\\"[org/gnome/login-screen]\\\" and add or update the following line:\n    enable-smartcard-authentication=true\n\n    Update the system databases:\n    # dconf update\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00161\", \"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-77819\"\n  tag rid: \"SV-92515r2_rule\"\n  tag stig_id: \"RHEL-07-010061\"\n  tag fix_id: \"F-84519r4_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\"]\n\n  multifactor_enabled = input('multifactor_enabled')\n  dconf_user = input('dconf_user')\n\n  if package('gnome-desktop3').installed? &amp;&amp; package('pcsc-lite').installed? || package('esc').installed?\n    impact 0.5\n    if !dconf_user.nil? &amp;&amp; command('whoami').stdout.strip == 'root'\n      describe command(\"sudo -u #{dconf_user} dconf read /org/gnome/login-screen/enable-smartcard-authentication\") do\n        its('stdout.strip') { should eq multifactor_enabled.to_s }\n      end\n    else\n      describe command(\"dconf read /org/gnome/login-screen/enable-smartcard-authentication\") do\n        its('stdout.strip') { should eq multifactor_enabled.to_s }\n      end\n    end\n  else\n    impact 0.0\n    if !package('gnome-desktop3').installed?\n      describe \"The GNOME desktop is not installed\" do\n        skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n      end\n    end\n\n    if !package('pcsc-lite').installed?\n      describe \"The pcsc-lite package is not installed\" do\n        skip \"The pcsc-lite package is not installed, this control is Not Applicable.\"\n      end\n    end\n    if !package('esc').installed?\n      describe \"The esc package is not installed\" do\n        skip \"The esc package is not installed, this control is Not Applicable.\"\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.
+--------------------------------
+skipped :: TEST The pcsc-lite package is not installed :: SKIP_MESSAGE The pcsc-lite package is not installed, this control is Not Applicable.
+--------------------------------
+skipped :: TEST The esc package is not installed :: SKIP_MESSAGE The esc package is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86725r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030390</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the lchown syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the lchown syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lchown&quot; syscall occur.
+successful/unsuccessful attempts to use the "lchown" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw lchown &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw lchown /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;lchown&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"lchown" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2d25c7aa-ec5a-408c-ae56-432fe269f0e2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72123</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86747r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72101\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe lchown syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"lchown\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw lchown /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"lchown\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72101\"\n  tag rid: \"SV-86725r5_rule\"\n  tag stig_id: \"RHEL-07-030390\"\n  tag fix_id: \"F-78453r8_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"lchown\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"lchown\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "lchown" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lchown" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lchown" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lchown" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72123</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86747r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the creat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the creat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;creat&quot; syscall occur.
+successful/unsuccessful attempts to use the "creat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw creat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw creat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S creat F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S creat F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;creat&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"creat" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;creat&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules:
-
-    -a always,exit -F arch&#x3D;b32 -S creat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f6fcb7b1-135f-43d7-bcac-0e1537ed9b67</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86665r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "creat" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules:
+
+    -a always,exit -F arch=b32 -S creat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72123\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe creat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"creat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw creat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S creat F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"creat\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"creat\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules:\n\n    -a always,exit -F arch=b32 -S creat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72123\"\n  tag rid: \"SV-86747r5_rule\"\n  tag stig_id: \"RHEL-07-030500\"\n  tag fix_id: \"F-78475r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"creat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"creat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n\n  if os.arch == 'x86_64'\n     describe auditd.syscall(\"creat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"creat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86665r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that file systems containing user home directories are mounted to prevent files
-with the setuid and setgid bit set from being executed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute setuid
+with the setuid and setgid bit set from being executed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute setuid
 and setgid files with owner privileges. This option must be used for mounting
 any file system not containing approved setuid and setguid files. Executing
 files from untrusted file systems increases the opportunity for unprivileged
-users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that contain user home directories are mounted with the
-&quot;nosuid&quot; option.
+"nosuid" option.
 
     Find the file system(s) that contain the user home directories with the
 following command:
 
     Note: If a separate file system has not been created for the user home
-directories (user home directories are mounted under &quot;&#x2F;&quot;), this is not a
-finding as the &quot;nosuid&quot; option cannot be used on the &quot;&#x2F;&quot; system.
+directories (user home directories are mounted under "/"), this is not a
+finding as the "nosuid" option cannot be used on the "/" system.
 
-    # cut -d: -f 1,3,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
-    smithj:1001:&#x2F;home&#x2F;smithj
-    thomasr:1002:&#x2F;home&#x2F;thomasr
+    # cut -d: -f 1,3,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
+    smithj:1001:/home/smithj
+    thomasr:1002:/home/thomasr
 
     Check the file systems that are mounted at boot time with the following
 command:
 
-    # more &#x2F;etc&#x2F;fstab
-
-    UUID&#x3D;a411dc99-f2a1-4c87-9e05-184977be8539 &#x2F;home   ext4
-rw,relatime,discard,data&#x3D;ordered,nosuid 0 2
-
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to the user home directory
-file system and it does not have the &quot;nosuid&quot; option set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;nosuid&quot; option on
-file systems that contain user home directories.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6c8d677e-8f8c-40a6-9e66-a41fec3045f5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;home options is expected to include &quot;nosuid&quot;
-expected nil to include &quot;nosuid&quot;, but it does not respond to &#x60;include?&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86577r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # more /etc/fstab
+
+    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home   ext4
+rw,relatime,discard,data=ordered,nosuid 0 2
+
+    If a file system found in "/etc/fstab" refers to the user home directory
+file system and it does not have the "nosuid" option set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "nosuid" option on
+file systems that contain user home directories.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72041\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat file systems containing user home directories are mounted to prevent files\nwith the setuid and setgid bit set from being executed.\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute setuid\nand setgid files with owner privileges. This option must be used for mounting\nany file system not containing approved setuid and setguid files. Executing\nfiles from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that contain user home directories are mounted with the\n\\\"nosuid\\\" option.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \\\"/\\\"), this is not a\nfinding as the \\\"nosuid\\\" option cannot be used on the \\\"/\\\" system.\n\n    # cut -d: -f 1,3,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n    smithj:1001:/home/smithj\n    thomasr:1002:/home/thomasr\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    # more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home   ext4\nrw,relatime,discard,data=ordered,nosuid 0 2\n\n    If a file system found in \\\"/etc/fstab\\\" refers to the user home directory\nfile system and it does not have the \\\"nosuid\\\" option set, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"nosuid\\\" option on\nfile systems that contain user home directories.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72041\"\n  tag rid: \"SV-86665r4_rule\"\n  tag stig_id: \"RHEL-07-021000\"\n  tag fix_id: \"F-78393r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe mount('/home') do\n    its('options') { should include 'nosuid' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /home options is expected to include "nosuid" :: MESSAGE expected nil to include "nosuid", but it does not respond to `include?`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86577r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow an
-unattended or automatic logon to the system via a graphical user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unattended or automatic logon to the system via a graphical user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow an unattended or automatic logon
 to the system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Check for the value of the &quot;AutomaticLoginEnable&quot; in the
-&quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file with the following command:
+    Check for the value of the "AutomaticLoginEnable" in the
+"/etc/gdm/custom.conf" file with the following command:
 
-    # grep -i automaticloginenable &#x2F;etc&#x2F;gdm&#x2F;custom.conf
-    AutomaticLoginEnable&#x3D;false
+    # grep -i automaticloginenable /etc/gdm/custom.conf
+    AutomaticLoginEnable=false
 
-    If the value of &quot;AutomaticLoginEnable&quot; is not set to &quot;false&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "AutomaticLoginEnable" is not set to "false", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow an unattended or automatic
 logon to the system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Add or edit the line for the &quot;AutomaticLoginEnable&quot; parameter in the
-[daemon] section of the &quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file to &quot;false&quot;:
+    Add or edit the line for the "AutomaticLoginEnable" parameter in the
+[daemon] section of the "/etc/gdm/custom.conf" file to "false":
 
     [daemon]
-    AutomaticLoginEnable&#x3D;false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d3351625-6632-4dfb-9e4f-4a06b7f918e5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GDM installed
-The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71969</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86593r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    AutomaticLoginEnable=false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71953\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow an\nunattended or automatic logon to the system via a graphical user interface.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow an unattended or automatic logon\nto the system via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check for the value of the \\\"AutomaticLoginEnable\\\" in the\n\\\"/etc/gdm/custom.conf\\\" file with the following command:\n\n    # grep -i automaticloginenable /etc/gdm/custom.conf\n    AutomaticLoginEnable=false\n\n    If the value of \\\"AutomaticLoginEnable\\\" is not set to \\\"false\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow an unattended or automatic\nlogon to the system via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Add or edit the line for the \\\"AutomaticLoginEnable\\\" parameter in the\n[daemon] section of the \\\"/etc/gdm/custom.conf\\\" file to \\\"false\\\":\n\n    [daemon]\n    AutomaticLoginEnable=false\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71953\"\n  tag rid: \"SV-86577r2_rule\"\n  tag stig_id: \"RHEL-07-010440\"\n  tag fix_id: \"F-78305r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  custom_conf = '/etc/gdm/custom.conf'\n\n  if package('gdm').installed?\n    if ((f = file(custom_conf)).exist?)\n      describe ini(custom_conf) do\n        its('daemon.AutomaticLoginEnable') { cmp false }\n      end\n    else\n      describe f do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GDM installed\" do\n      skip \"The system does not have GDM installed, this requirement is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GDM installed :: SKIP_MESSAGE The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71969</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86593r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the ypserv
-package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Removing the &quot;ypserv&quot; package decreases the risk of the accidental
-(or intentional) activation of NIS or NIS+ services.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Removing the "ypserv" package decreases the risk of the accidental
+(or intentional) activation of NIS or NIS+ services.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The NIS service provides an unencrypted authentication service that does
 not provide for the confidentiality and integrity of user passwords or the
 remote session.
 
-    Check to see if the &quot;ypserve&quot; package is installed with the following
+    Check to see if the "ypserve" package is installed with the following
 command:
 
     # yum list installed ypserv
 
-    If the &quot;ypserv&quot; package is installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "ypserv" package is installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable non-essential capabilities by
-removing the &quot;ypserv&quot; package from the system with the following command:
-
-    # yum remove ypserv</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bc830ad5-7c14-4224-bacd-05b041d18d25</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package ypserv is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72017</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86641r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020630</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+removing the "ypserv" package from the system with the following command:
+
+    # yum remove ypserv</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71969\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the ypserv\npackage installed.\"\n  desc  \"Removing the \\\"ypserv\\\" package decreases the risk of the accidental\n(or intentional) activation of NIS or NIS+ services.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The NIS service provides an unencrypted authentication service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    Check to see if the \\\"ypserve\\\" package is installed with the following\ncommand:\n\n    # yum list installed ypserv\n\n    If the \\\"ypserv\\\" package is installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable non-essential capabilities by\nremoving the \\\"ypserv\\\" package from the system with the following command:\n\n    # yum remove ypserv\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000095-GPOS-00049\"\n  tag gid: \"V-71969\"\n  tag rid: \"SV-86593r2_rule\"\n  tag stig_id: \"RHEL-07-020010\"\n  tag fix_id: \"F-78321r1_fix\"\n  tag cci: [\"CCI-000381\"]\n  tag nist: [\"CM-7 a\", \"Rev_4\"]\n\n  describe package(\"ypserv\") do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package ypserv is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72017</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86641r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020630</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user home directories have mode 0750 or less
-permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Excessive permissions on local interactive user home directories may
-allow unauthorized access to user files by other users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+allow unauthorized access to user files by other users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users has a
-mode of &quot;0750&quot; or less permissive.
+mode of "0750" or less permissive.
 
     Check the home directory assignment for all non-privileged users on the
 system with the following command:
@@ -27217,280 +26021,268 @@ system with the following command:
 User Identifier (UID). Evidence of interactive use may be obtained from a
 number of log files containing system logon information.
 
-    # ls -ld $(egrep &#39;:[0-9]{4}&#39; &#x2F;etc&#x2F;passwd | cut -d: -f6)
-    -rwxr-x--- 1 smithj users  18 Mar  5 17:06 &#x2F;home&#x2F;smithj
+    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)
+    -rwxr-x--- 1 smithj users  18 Mar  5 17:06 /home/smithj
 
-    If home directories referenced in &quot;&#x2F;etc&#x2F;passwd&quot; do not have a mode of
-&quot;0750&quot; or less permissive, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the mode of interactive user&#39;s home directories to &quot;0750&quot;. To
-change the mode of a local interactive user&#39;s home directory, use the following
+    If home directories referenced in "/etc/passwd" do not have a mode of
+"0750" or less permissive, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the mode of interactive user's home directories to "0750". To
+change the mode of a local interactive user's home directory, use the following
 command:
 
-    Note: The example will be for the user &quot;smithj&quot;.
-
-    # chmod 0750 &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bcab3926-0534-4b33-8f04-98ca3ea4eab7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86815r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030840</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Note: The example will be for the user "smithj".
+
+    # chmod 0750 /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72017\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories have mode 0750 or less\npermissive.\"\n  desc  \"Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users has a\nmode of \\\"0750\\\" or less permissive.\n\n    Check the home directory assignment for all non-privileged users on the\nsystem with the following command:\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)\n    -rwxr-x--- 1 smithj users  18 Mar  5 17:06 /home/smithj\n\n    If home directories referenced in \\\"/etc/passwd\\\" do not have a mode of\n\\\"0750\\\" or less permissive, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the mode of interactive user's home directories to \\\"0750\\\". To\nchange the mode of a local interactive user's home directory, use the following\ncommand:\n\n    Note: The example will be for the user \\\"smithj\\\".\n\n    # chmod 0750 /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72017\"\n  tag rid: \"SV-86641r3_rule\"\n  tag stig_id: \"RHEL-07-020630\"\n  tag fix_id: \"F-78369r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -maxdepth 0 -perm /027\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories with excessive permissions\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86815r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030840</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the kmod command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the kmod command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;kmod&quot; command occur.
+successful/unsuccessful attempts to use the "kmod" command occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw kmod &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw kmod /etc/audit/audit.rules
 
-    -w &#x2F;usr&#x2F;bin&#x2F;kmod -p x -F auid!&#x3D;4294967295 -k module-change
+    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;kmod&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;usr&#x2F;bin&#x2F;kmod -p x -F auid!&#x3D;4294967295 -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>660d3189-c709-4831-a327-fb725ba8d2a0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;kmod&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;kmod&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71903</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86527r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010120</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "kmod" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72191\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe kmod command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"kmod\\\" command occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw kmod /etc/audit/audit.rules\n\n    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"kmod\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-72191\"\n  tag rid: \"SV-86815r5_rule\"\n  tag stig_id: \"RHEL-07-030840\"\n  tag fix_id: \"F-78545r10_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/kmod'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/kmod" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/kmod" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71903</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86527r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010120</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, the new
-password must contain at least one upper-case character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+password must contain at least one upper-case character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -27499,144 +26291,139 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: The value to require a number of upper-case characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;ucredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "ucredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep ucredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    ucredit &#x3D; -1
+    # grep ucredit /etc/security/pwquality.conf
+    ucredit = -1
 
-    If the value of &quot;ucredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "ucredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce password complexity by requiring
-that at least one upper-case character be used by setting the &quot;ucredit&quot;
+that at least one upper-case character be used by setting the "ucredit"
 option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    ucredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>30872b23-3704-4462-908c-5ebdbd530478</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf ucredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81021</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95733r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    ucredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71903\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, the new\npassword must contain at least one upper-case character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Note: The value to require a number of upper-case characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"ucredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep ucredit /etc/security/pwquality.conf\n    ucredit = -1\n\n    If the value of \\\"ucredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce password complexity by requiring\nthat at least one upper-case character be used by setting the \\\"ucredit\\\"\noption.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    ucredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000069-GPOS-00037\"\n  tag gid: \"V-71903\"\n  tag rid: \"SV-86527r3_rule\"\n  tag stig_id: \"RHEL-07-010120\"\n  tag fix_id: \"F-78255r1_fix\"\n  tag cci: [\"CCI-000192\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('ucredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf ucredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81021</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95733r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must label all
-off-loaded audit logs before sending them to the central log server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+off-loaded audit logs before sending them to the central log server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
@@ -27645,312 +26432,302 @@ storage capacity.
 
     When audit logs are not labeled before they are sent to a central log
 server, the audit data will not be able to be analyzed and tied back to the
-correct system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+correct system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the audisp daemon is configured to label all off-loaded audit logs:
 
-    # grep &quot;name_format&quot; &#x2F;etc&#x2F;audisp&#x2F;audispd.conf
+    # grep "name_format" /etc/audisp/audispd.conf
 
-    name_format &#x3D; hostname
+    name_format = hostname
 
-    If the &quot;name_format&quot; option is not &quot;hostname&quot;, &quot;fqd&quot;, or &quot;numeric&quot;,
-or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;audispd.conf file and add or update the
-&quot;name_format&quot; option:
+    If the "name_format" option is not "hostname", "fqd", or "numeric",
+or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/audispd.conf file and add or update the
+"name_format" option:
 
-    name_format &#x3D; hostname
+    name_format = hostname
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b20aa1e7-a471-4a7a-b4ff-7da1efddc5d5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audispd.conf name_format is expected to match &#x2F;^hostname$|^fqd$|^numeric$&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72051</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86675r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81021\" do\n  title \"The Red Hat Enterprise Linux operating system must label all\noff-loaded audit logs before sending them to the central log server.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the audisp daemon is configured to label all off-loaded audit logs:\n\n    # grep \\\"name_format\\\" /etc/audisp/audispd.conf\n\n    name_format = hostname\n\n    If the \\\"name_format\\\" option is not \\\"hostname\\\", \\\"fqd\\\", or \\\"numeric\\\",\nor the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/audispd.conf file and add or update the\n\\\"name_format\\\" option:\n\n    name_format = hostname\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81021\"\n  tag rid: \"SV-95733r1_rule\"\n  tag stig_id: \"RHEL-07-030211\"\n  tag fix_id: \"F-87855r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  if file('/etc/audisp/audispd.conf').exist?\n    describe parse_config_file('/etc/audisp/audispd.conf') do\n      its('name_format') { should match %r{^hostname$|^fqd$|^numeric$}i }\n    end\n  else\n    describe \"File '/etc/audisp/audispd.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audisp/audispd.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/audisp/audispd.conf name_format is expected to match /^hostname$|^fqd$|^numeric$/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72051</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86675r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have cron logging
-implemented.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+implemented.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Cron logging can be used to trace the successful or unsuccessful
 execution of cron jobs. It can also be used to spot intrusions into the use of
-the cron facility by unauthorized and malicious users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that &quot;rsyslog&quot; is configured to log cron events.
-
-    Check the configuration of &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or
-&quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; files for the cron facility with the following
+the cron facility by unauthorized and malicious users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that "rsyslog" is configured to log cron events.
+
+    Check the configuration of "/etc/rsyslog.conf" or
+"/etc/rsyslog.d/*.conf" files for the cron facility with the following
 command:
 
     Note: If another logging package is used, substitute the utility
-configuration file for &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or &quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; files.
+configuration file for "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files.
 
-    # grep cron &#x2F;etc&#x2F;rsyslog.conf  &#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf
-    cron.* &#x2F;var&#x2F;log&#x2F;cron.log
+    # grep cron /etc/rsyslog.conf  /etc/rsyslog.d/*.conf
+    cron.* /var/log/cron.log
 
     If the command does not return a response, check for cron logging all
-facilities by inspecting the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or &quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot;
+facilities by inspecting the "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf"
 files.
 
     Look for the following entry:
 
-    *.* &#x2F;var&#x2F;log&#x2F;messages
-
-    If &quot;rsyslog&quot; is not logging messages for the cron facility or all
-facilities, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure &quot;rsyslog&quot; to log all cron messages by adding or updating the
-following line to &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or a configuration file in the
-&#x2F;etc&#x2F;rsyslog.d&#x2F; directory:
-
-    cron.* &#x2F;var&#x2F;log&#x2F;cron.log</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f623198e-158a-469e-a0c0-c3d1307bd619</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep cron &#x2F;etc&#x2F;rsyslog.conf&#x60; stdout.strip is expected to match &#x2F;^cron&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72079</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000038-GPOS-00016</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86703r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    *.* /var/log/messages
+
+    If "rsyslog" is not logging messages for the cron facility or all
+facilities, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure "rsyslog" to log all cron messages by adding or updating the
+following line to "/etc/rsyslog.conf" or a configuration file in the
+/etc/rsyslog.d/ directory:
+
+    cron.* /var/log/cron.log</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72051\" do\n  title \"The Red Hat Enterprise Linux operating system must have cron logging\nimplemented.\"\n  desc  \"Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that \\\"rsyslog\\\" is configured to log cron events.\n\n    Check the configuration of \\\"/etc/rsyslog.conf\\\" or\n\\\"/etc/rsyslog.d/*.conf\\\" files for the cron facility with the following\ncommand:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \\\"/etc/rsyslog.conf\\\" or \\\"/etc/rsyslog.d/*.conf\\\" files.\n\n    # grep cron /etc/rsyslog.conf  /etc/rsyslog.d/*.conf\n    cron.* /var/log/cron.log\n\n    If the command does not return a response, check for cron logging all\nfacilities by inspecting the \\\"/etc/rsyslog.conf\\\" or \\\"/etc/rsyslog.d/*.conf\\\"\nfiles.\n\n    Look for the following entry:\n\n    *.* /var/log/messages\n\n    If \\\"rsyslog\\\" is not logging messages for the cron facility or all\nfacilities, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure \\\"rsyslog\\\" to log all cron messages by adding or updating the\nfollowing line to \\\"/etc/rsyslog.conf\\\" or a configuration file in the\n/etc/rsyslog.d/ directory:\n\n    cron.* /var/log/cron.log\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72051\"\n  tag rid: \"SV-86675r2_rule\"\n  tag stig_id: \"RHEL-07-021100\"\n  tag fix_id: \"F-78403r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  log_pkg_path = input('log_pkg_path')\n\n  describe.one do\n    describe command(\"grep cron #{log_pkg_path}\") do\n      its('stdout.strip') { should match %r{^cron} }\n    end\n    describe file(\"#{log_pkg_path}\") do\n      its('content') { should match %r{^\\*\\.\\* \\/var\\/log\\/messages\\n?$} }\n      its('content') { should_not match %r{^*.*\\s+~$.*^*\\.\\* \\/var\\/log\\/messages\\n?$}m }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep cron /etc/rsyslog.conf` stdout.strip is expected to match /^cron/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72079</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000038-GPOS-00016</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86703r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that auditing is configured to produce records containing information to
 establish what type of events occurred, where the events occurred, the source
 of the events, and the outcome of the events. These audit records must also
-identify individual identities of group account users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+identify individual identities of group account users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without establishing what type of events occurred, it would be
 difficult to establish, correlate, and investigate the events leading up to an
 outage or attack.
 
     Audit record content that may be necessary to satisfy this requirement
 includes, for example, time stamps, source and destination addresses,
-user&#x2F;process identifiers, event descriptions, success&#x2F;fail indications,
+user/process identifiers, event descriptions, success/fail indications,
 filenames involved, and access control or flow control rules invoked.
 
     Associating event types with detected events in the operating system audit
 logs provides a means of investigating an attack; recognizing resource
 utilization or capacity thresholds; or identifying an improperly configured
-operating system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+operating system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system produces audit records containing information
 to establish when (date and time) the events occurred.
 
@@ -27959,134 +26736,129 @@ to establish when (date and time) the events occurred.
     # systemctl is-active auditd.service
     active
 
-    If the &quot;auditd&quot; status is not active, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "auditd" status is not active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to produce audit records containing
 information to establish when (date and time) the events occurred.
 
     Enable the auditd service with the following command:
 
-    # systemctl start auditd.service</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ad03199c-c78c-46f2-85f2-80aa622e70fe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000131</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service auditd is expected to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72219</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000096-GPOS-00050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86843r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl start auditd.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72079\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat auditing is configured to produce records containing information to\nestablish what type of events occurred, where the events occurred, the source\nof the events, and the outcome of the events. These audit records must also\nidentify individual identities of group account users.\"\n  desc  \"Without establishing what type of events occurred, it would be\ndifficult to establish, correlate, and investigate the events leading up to an\noutage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the operating system audit\nlogs provides a means of investigating an attack; recognizing resource\nutilization or capacity thresholds; or identifying an improperly configured\noperating system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system produces audit records containing information\nto establish when (date and time) the events occurred.\n\n    Check to see if auditing is active by issuing the following command:\n\n    # systemctl is-active auditd.service\n    active\n\n    If the \\\"auditd\\\" status is not active, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to produce audit records containing\ninformation to establish when (date and time) the events occurred.\n\n    Enable the auditd service with the following command:\n\n    # systemctl start auditd.service\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000038-GPOS-00016\"\n  tag satisfies: [\"SRG-OS-000038-GPOS-00016\", \"SRG-OS-000039-GPOS-00017\",\n\"SRG-OS-000042-GPOS-00021\", \"SRG-OS-000254-GPOS-00095\",\n\"SRG-OS-000255-GPOS-00096\"]\n  tag gid: \"V-72079\"\n  tag rid: \"SV-86703r3_rule\"\n  tag stig_id: \"RHEL-07-030000\"\n  tag fix_id: \"F-78431r2_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000131\"]\n  tag nist: [\"AU-2 d\", \"AU-3\", \"Rev_4\"]\n\n  describe service('auditd') do\n    it { should be_running }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000131</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service auditd is expected to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72219</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000096-GPOS-00050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86843r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-prohibit or restrict the use of functions, ports, protocols, and&#x2F;or services,
+prohibit or restrict the use of functions, ports, protocols, and/or services,
 as defined in the Ports, Protocols, and Services Management Component Local
-Service Assessment (PPSM CLSA) and vulnerability assessments.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Service Assessment (PPSM CLSA) and vulnerability assessments.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>In order to prevent unauthorized connection of devices, unauthorized
 transfer of information, or unauthorized tunneling (i.e., embedding of data
 types within data types), organizations must disable or restrict unused or
-unnecessary physical and logical ports&#x2F;protocols on information systems.
+unnecessary physical and logical ports/protocols on information systems.
 
     Operating systems are capable of providing a wide variety of functions and
 services. Some of the functions and services provided by default may not be
@@ -28097,19 +26869,19 @@ services provided by any one component.
 
     To support the requirements and principles of least functionality, the
 operating system must support the organizational requirements, providing only
-essential capabilities and limiting the use of ports, protocols, and&#x2F;or
+essential capabilities and limiting the use of ports, protocols, and/or
 services to only those required, authorized, and approved to conduct official
-business or to address authorized quality of life issues.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+business or to address authorized quality of life issues.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Inspect the firewall configuration and running services to verify that it
 is configured to prohibit or restrict the use of functions, ports, protocols,
-and&#x2F;or services that are unnecessary or prohibited.
+and/or services that are unnecessary or prohibited.
 
     Check which services are currently active with the following command:
 
@@ -28129,130 +26901,123 @@ services allowed by the firewall match the PPSM CLSA.
 
     If there are additional ports, protocols, or services that are not in the
 PPSM CLSA, or there are ports, protocols, or services that are prohibited by
-the PPSM Category Assurance List (CAL), this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Update the host&#39;s firewall settings and&#x2F;or running services to
-comply with the PPSM CLSA for the site or program and the PPSM CAL.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>67353682-fd91-40b2-ad43-af3ce3874c54</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000382</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002314</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Firewalld zones are not specified. Check &#39;firewalld_zones&#39; input. is expected to equal false
-
+the PPSM Category Assurance List (CAL), this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Update the host's firewall settings and/or running services to
+comply with the PPSM CLSA for the site or program and the PPSM CAL.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72219\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nprohibit or restrict the use of functions, ports, protocols, and/or services,\nas defined in the Ports, Protocols, and Services Management Component Local\nService Assessment (PPSM CLSA) and vulnerability assessments.\"\n  desc  \"In order to prevent unauthorized connection of devices, unauthorized\ntransfer of information, or unauthorized tunneling (i.e., embedding of data\ntypes within data types), organizations must disable or restrict unused or\nunnecessary physical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality of life issues.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Inspect the firewall configuration and running services to verify that it\nis configured to prohibit or restrict the use of functions, ports, protocols,\nand/or services that are unnecessary or prohibited.\n\n    Check which services are currently active with the following command:\n\n    # firewall-cmd --list-all\n    public (default, active)\n      interfaces: enp0s3\n      sources:\n      services: dhcpv6-client dns http https ldaps rpc-bind ssh\n      ports:\n      masquerade: no\n      forward-ports:\n      icmp-blocks:\n      rich rules:\n\n    Ask the System Administrator for the site or program PPSM CLSA. Verify the\nservices allowed by the firewall match the PPSM CLSA.\n\n    If there are additional ports, protocols, or services that are not in the\nPPSM CLSA, or there are ports, protocols, or services that are prohibited by\nthe PPSM Category Assurance List (CAL), this is a finding.\n  \"\n  desc  \"fix\", \"Update the host's firewall settings and/or running services to\ncomply with the PPSM CLSA for the site or program and the PPSM CAL.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000096-GPOS-00050\"\n  tag satisfies: [\"SRG-OS-000096-GPOS-00050\", \"SRG-OS-000297-GPOS-00115\"]\n  tag gid: \"V-72219\"\n  tag rid: \"SV-86843r2_rule\"\n  tag stig_id: \"RHEL-07-040100\"\n  tag fix_id: \"F-78573r1_fix\"\n  tag cci: [\"CCI-000382\", \"CCI-002314\"]\n  tag nist: [\"CM-7 b\", \"AC-17 (1)\", \"Rev_4\"]\n\n  firewalld_services_deny = input('firewalld_services_deny')\n  firewalld_hosts_deny = input('firewalld_hosts_deny')\n  firewalld_ports_deny = input('firewalld_ports_deny')\n  firewalld_zones = input('firewalld_zones')\n  iptables_rules = input('iptables_rules')\n\n  if service('firewalld').running?\n\n    # Check that the rules specified in 'firewalld_host_deny' are not enabled\n    describe firewalld do\n      firewalld_hosts_deny.each do |rule|\n        it { should_not have_rule_enabled(rule) }\n      end\n    end\n\n    # Check to make sure zones are specified\n    if firewalld_zones.empty?\n      describe \"Firewalld zones are not specified. Check 'firewalld_zones' input.\" do\n        subject { firewalld_zones.empty? }\n        it { should be false }\n      end\n    end\n\n    # Check that the services specified in 'firewalld_services_deny' and\n    # ports specified in 'firewalld_ports_deny' are not enabled\n    firewalld_zones.each do |zone|\n      if firewalld.has_zone?(zone)\n        zone_services = firewalld_services_deny[\"public\"]\n        zone_ports = firewalld_ports_deny[zone]\n\n        if !zone_services.nil?\n          describe firewalld do\n            zone_services.each do |serv|\n              it { should_not have_service_enabled_in_zone(serv,zone) }\n            end\n          end\n        else\n          describe \"Services for zone '#{zone}' are not specified. Check 'firewalld_services_deny' input.\" do\n            subject { zone_services.nil? }\n            it { should be false }\n          end\n        end\n\n        if !zone_ports.nil?\n          describe firewalld do\n            zone_ports.each do |port|\n              it { should_not have_port_enabled_in_zone(port,zone) }\n            end\n          end\n        else\n          describe \"Ports for zone '#{zone}' are not specified. Check 'firewalld_ports_deny' input.\" do\n            subject { zone_ports.nil? }\n            it { should be false }\n          end\n        end\n      else\n        describe \"Firewalld zone '#{zone}' exists\" do\n          subject { firewalld.has_zone?(zone) }\n          it { should be true }\n        end\n      end\n    end\n  elsif service('iptables').running?\n    describe iptables do\n      iptables_rules.each do |rule|\n        it { should have_rule(rule) }\n      end\n    end\n  else\n    describe \"No application firewall is installed\" do\n      subject { service('firewalld').running? || service('iptables').running? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000382</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002314</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Firewalld zones are not specified. Check 'firewalld_zones' input. is expected to equal false :: MESSAGE 
 expected false
-     got true
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86859r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+     got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86859r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all networked systems use SSH for confidentiality and integrity of
 transmitted and received information as well as information during preparation
-for transmission.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+for transmission.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without protection of the transmitted information, confidentiality and
 integrity may be compromised because unprotected communications can be
 intercepted and either read or altered.
@@ -28268,1048 +27033,1008 @@ interception and modification.
 can be accomplished by physical means (e.g., employing physical distribution
 systems) or by logical means (e.g., employing cryptographic techniques). If
 physical means of protection are employed, then logical means (cryptography) do
-not have to be employed, and vice versa.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+not have to be employed, and vice versa.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify SSH is loaded and active with the following command:
 
     # systemctl status sshd
     sshd.service - OpenSSH server daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sshd.service; enabled)
+    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
     Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days
 ago
     Main PID: 1348 (sshd)
-    CGroup: &#x2F;system.slice&#x2F;sshd.service
-    1053 &#x2F;usr&#x2F;sbin&#x2F;sshd -D
-
-    If &quot;sshd&quot; does not show a status of &quot;active&quot; and &quot;running&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    CGroup: /system.slice/sshd.service
+    1053 /usr/sbin/sshd -D
+
+    If "sshd" does not show a status of "active" and "running", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH service to automatically start after reboot with the
 following command:
 
-    # systemctl enable sshd.service</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4d64c12a-7290-4a7e-9796-0302bd78cc41</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service sshd.service is expected to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86903r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040550</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl enable sshd.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72235\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all networked systems use SSH for confidentiality and integrity of\ntransmitted and received information as well as information during preparation\nfor transmission.\"\n  desc  \"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify SSH is loaded and active with the following command:\n\n    # systemctl status sshd\n    sshd.service - OpenSSH server daemon\n    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)\n    Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days\nago\n    Main PID: 1348 (sshd)\n    CGroup: /system.slice/sshd.service\n    1053 /usr/sbin/sshd -D\n\n    If \\\"sshd\\\" does not show a status of \\\"active\\\" and \\\"running\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH service to automatically start after reboot with the\nfollowing command:\n\n    # systemctl enable sshd.service\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000423-GPOS-00187\"\n  tag satisfies: [\"SRG-OS-000423-GPOS-00187\", \"SRG-OS-000423-GPOS-00188\",\n\"SRG-OS-000423-GPOS-00189\", \"SRG-OS-000423-GPOS-00190\"]\n  tag gid: \"V-72235\"\n  tag rid: \"SV-86859r3_rule\"\n  tag stig_id: \"RHEL-07-040310\"\n  tag fix_id: \"F-78589r2_fix\"\n  tag cci: [\"CCI-002418\", \"CCI-002420\", \"CCI-002421\", \"CCI-002422\"]\n  tag nist: [\"SC-8\", \"SC-8 (2)\", \"SC-8 (1)\", \"SC-8 (2)\", \"Rev_4\"]\n\n  describe systemd_service('sshd.service') do\n    it { should be_running }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service sshd.service is expected to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72279</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86903r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040550</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not contain
-shosts.equiv files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+shosts.equiv files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The shosts.equiv files are used to configure host-based authentication
 for the system via SSH. Host-based authentication is not sufficient for
 preventing unauthorized access to the system, as it does not require
 interactive identification and authentication of a connection request, or for
-the use of two-factor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify there are no &quot;shosts.equiv&quot; files on the system.
+the use of two-factor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify there are no "shosts.equiv" files on the system.
 
     Check the system for the existence of these files with the following
 command:
 
-    # find &#x2F; -name shosts.equiv
-
-    If any &quot;shosts.equiv&quot; files are found on the system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove any found &quot;shosts.equiv&quot; files from the system.
-
-# rm &#x2F;[path]&#x2F;[to]&#x2F;[file]&#x2F;shosts.equiv</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>cb5610cd-a56d-4fcb-aed4-2ba6bfd2d8f0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -name shosts.equiv&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86769r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # find / -name shosts.equiv
+
+    If any "shosts.equiv" files are found on the system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove any found "shosts.equiv" files from the system.
+
+# rm /[path]/[to]/[file]/shosts.equiv</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72279\" do\n  title \"The Red Hat Enterprise Linux operating system must not contain\nshosts.equiv files.\"\n  desc  \"The shosts.equiv files are used to configure host-based authentication\nfor the system via SSH. Host-based authentication is not sufficient for\npreventing unauthorized access to the system, as it does not require\ninteractive identification and authentication of a connection request, or for\nthe use of two-factor authentication.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify there are no \\\"shosts.equiv\\\" files on the system.\n\n    Check the system for the existence of these files with the following\ncommand:\n\n    # find / -name shosts.equiv\n\n    If any \\\"shosts.equiv\\\" files are found on the system, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Remove any found \\\"shosts.equiv\\\" files from the system.\n\n    # rm /[path]/[to]/[file]/shosts.equiv\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72279\"\n  tag rid: \"SV-86903r2_rule\"\n  tag stig_id: \"RHEL-07-040550\"\n  tag fix_id: \"F-78633r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe command('find / -xautofs -name shosts.equiv') do\n    its('stdout.strip') { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -name shosts.equiv` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86769r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
-records for all unsuccessful account access events.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+records for all unsuccessful account access events.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when unsuccessful
 account access events occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 commands:
 
-    # grep -i &#x2F;var&#x2F;run&#x2F;faillock &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /var/run/faillock /etc/audit/audit.rules
 
-    -w &#x2F;var&#x2F;run&#x2F;faillock -p wa -k logins
+    -w /var/run/faillock -p wa -k logins
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when unsuccessful
 account access events occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;var&#x2F;run&#x2F;faillock -p wa -k logins
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>662847e6-aedf-4dcf-b0c6-dc4ea13f2288</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;run&#x2F;faillock&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;run&#x2F;faillock&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-94843</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-104673r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /var/run/faillock -p wa -k logins
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72145\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all unsuccessful account access events.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when unsuccessful\naccount access events occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommands:\n\n    # grep -i /var/run/faillock /etc/audit/audit.rules\n\n    -w /var/run/faillock -p wa -k logins\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when unsuccessful\naccount access events occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /var/run/faillock -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000470-GPOS-00214\",\n\"SRG-OS-000473-GPOS-00218\"]\n  tag gid: \"V-72145\"\n  tag rid: \"SV-86769r4_rule\"\n  tag stig_id: \"RHEL-07-030610\"\n  tag fix_id: \"F-78497r4_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/var/run/faillock'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/var/run/faillock" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/var/run/faillock" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-94843</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-104673r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the x86 Ctrl-Alt-Delete key sequence is disabled in the GUI.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the x86 Ctrl-Alt-Delete key sequence is disabled in the GUI.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A locally logged-on user who presses Ctrl-Alt-Delete, when at the
 console, can reboot the system. If accidentally pressed, as could happen in the
 case of a mixed OS environment, this can create the risk of short-term loss of
 availability of systems due to unintentional reboot. In the GNOME graphical
 environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is
-reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system is not configured to reboot the system when
 Ctrl-Alt-Delete is pressed.
 
     Check that the ctrl-alt-del.target is masked and not active in the GUI with
 the following command:
 
-    # grep logout &#x2F;etc&#x2F;dconf&#x2F;local.d&#x2F;*
+    # grep logout /etc/dconf/local.d/*
 
-    logout&#x3D;&#39;&#39;
+    logout=''
 
-    If &quot;logout&quot; is not set to use two single quotations, or is missing, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "logout" is not set to use two single quotations, or is missing, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to disable the Ctrl-Alt-Delete sequence for the GUI
 with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-disable-CAD
+    # touch /etc/dconf/db/local.d/00-disable-CAD
 
     Add the setting to disable the Ctrl-Alt-Delete sequence for GNOME:
 
-    [org&#x2F;gnome&#x2F;settings-daemon&#x2F;plugins&#x2F;media-keys]
-    logout&#x3D;&#39;&#39;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fa283771-47ff-4c76-8a1c-ceac1ff98308</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72249</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86873r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040380</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    [org/gnome/settings-daemon/plugins/media-keys]
+    logout=''</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-94843\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the x86 Ctrl-Alt-Delete key sequence is disabled in the GUI.\"\n  desc  \"A locally logged-on user who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In the GNOME graphical\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system is not configured to reboot the system when\nCtrl-Alt-Delete is pressed.\n\n    Check that the ctrl-alt-del.target is masked and not active in the GUI with\nthe following command:\n\n    # grep logout /etc/dconf/local.d/*\n\n    logout=''\n\n    If \\\"logout\\\" is not set to use two single quotations, or is missing, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to disable the Ctrl-Alt-Delete sequence for the GUI\nwith the following command:\n\n    # touch /etc/dconf/db/local.d/00-disable-CAD\n\n    Add the setting to disable the Ctrl-Alt-Delete sequence for GNOME:\n\n    [org/gnome/settings-daemon/plugins/media-keys]\n    logout=''\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-94843\"\n  tag rid: \"SV-104673r1_rule\"\n  tag stig_id: \"RHEL-07-020231\"\n  tag fix_id: \"F-100967r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  unless package('gnome-settings-daemon').installed?\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  else \n    describe command(\"gsettings get org.gnome.settings-daemon.media-keys logout\") do\n      its('stdout.strip') { should cmp \"''\" }\n    end \n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72249</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86873r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040380</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not allow authentication using known hosts
-authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not allow authentication using known hosts
 authentication.
 
-    To determine how the SSH daemon&#39;s &quot;IgnoreUserKnownHosts&quot; option is set,
+    To determine how the SSH daemon's "IgnoreUserKnownHosts" option is set,
 run the following command:
 
-    # grep -i IgnoreUserKnownHosts &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i IgnoreUserKnownHosts /etc/ssh/sshd_config
 
     IgnoreUserKnownHosts yes
 
-    If the value is returned as &quot;no&quot;, the returned line is commented out, or
-no output is returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is returned as "no", the returned line is commented out, or
+no output is returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH daemon to not allow authentication using known hosts
 authentication.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;, or uncomment the line
-and set the value to &quot;yes&quot;:
+    Add the following line in "/etc/ssh/sshd_config", or uncomment the line
+and set the value to "yes":
 
     IgnoreUserKnownHosts yes
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a1b1a6d3-4449-4504-b9dd-8a2498bc60e5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration IgnoreUserKnownHosts is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73159</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87811r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010119</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72249\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using known hosts\nauthentication.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not allow authentication using known hosts\nauthentication.\n\n    To determine how the SSH daemon's \\\"IgnoreUserKnownHosts\\\" option is set,\nrun the following command:\n\n    # grep -i IgnoreUserKnownHosts /etc/ssh/sshd_config\n\n    IgnoreUserKnownHosts yes\n\n    If the value is returned as \\\"no\\\", the returned line is commented out, or\nno output is returned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH daemon to not allow authentication using known hosts\nauthentication.\n\n    Add the following line in \\\"/etc/ssh/sshd_config\\\", or uncomment the line\nand set the value to \\\"yes\\\":\n\n    IgnoreUserKnownHosts yes\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72249\"\n  tag rid: \"SV-86873r3_rule\"\n  tag stig_id: \"RHEL-07-040380\"\n  tag fix_id: \"F-78603r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('IgnoreUserKnownHosts') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration IgnoreUserKnownHosts is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73159</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87811r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010119</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, pwquality
-must be used.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+must be used.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
-and brute-force attacks. &quot;pwquality&quot; enforces complex password construction
-configuration and has the ability to limit brute-force attacks on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the operating system uses &quot;pwquality&quot; to enforce the password
+and brute-force attacks. "pwquality" enforces complex password construction
+configuration and has the ability to limit brute-force attacks on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the operating system uses "pwquality" to enforce the password
 complexity rules.
 
-    Check for the use of &quot;pwquality&quot; with the following command:
+    Check for the use of "pwquality" with the following command:
 
-    # cat &#x2F;etc&#x2F;pam.d&#x2F;system-auth | grep pam_pwquality
+    # cat /etc/pam.d/system-auth | grep pam_pwquality
 
-    password required pam_pwquality.so retry&#x3D;3
+    password required pam_pwquality.so retry=3
 
     If the command does not return an uncommented line containing the value
-&quot;pam_pwquality.so&quot;, this is a finding.
-
-    If the value of &quot;retry&quot; is set to &quot;0&quot; or greater than &quot;3&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the operating system to use &quot;pwquality&quot; to enforce password
+"pam_pwquality.so", this is a finding.
+
+    If the value of "retry" is set to "0" or greater than "3", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the operating system to use "pwquality" to enforce password
 complexity rules.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; (or modify the line to
+    Add the following line to "/etc/pam.d/system-auth" (or modify the line to
 have the required value):
 
-    password required pam_pwquality.so retry&#x3D;3
-
-    Note: The value of &quot;retry&quot; should be between &quot;1&quot; and &quot;3&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a26b4557-ec16-4418-9f5d-c01ea08c701f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include password (required|requisite) pam_pwquality.so
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &gt;&#x3D; 1
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &lt;&#x3D; 3</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86681r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    password required pam_pwquality.so retry=3
+
+    Note: The value of "retry" should be between "1" and "3".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73159\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, pwquality\nmust be used.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks. \\\"pwquality\\\" enforces complex password construction\nconfiguration and has the ability to limit brute-force attacks on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system uses \\\"pwquality\\\" to enforce the password\ncomplexity rules.\n\n    Check for the use of \\\"pwquality\\\" with the following command:\n\n    # cat /etc/pam.d/system-auth | grep pam_pwquality\n\n    password required pam_pwquality.so retry=3\n\n    If the command does not return an uncommented line containing the value\n\\\"pam_pwquality.so\\\", this is a finding.\n\n    If the value of \\\"retry\\\" is set to \\\"0\\\" or greater than \\\"3\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to use \\\"pwquality\\\" to enforce password\ncomplexity rules.\n\n    Add the following line to \\\"/etc/pam.d/system-auth\\\" (or modify the line to\nhave the required value):\n\n    password required pam_pwquality.so retry=3\n\n    Note: The value of \\\"retry\\\" should be between \\\"1\\\" and \\\"3\\\".\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000069-GPOS-00037\"\n  tag gid: \"V-73159\"\n  tag rid: \"SV-87811r4_rule\"\n  tag stig_id: \"RHEL-07-010119\"\n  tag fix_id: \"F-79605r5_fix\"\n  tag cci: [\"CCI-000192\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  max_retry = input('max_retry')\n\n  describe pam('/etc/pam.d/passwd') do\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so') }\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '&gt;=', 1) }\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '&lt;=', max_retry) }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include password (required|requisite) pam_pwquality.so
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &gt;= 1
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &lt;= 3</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86681r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must disable Kernel core
-dumps unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+dumps unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Kernel core dumps may contain the full contents of system memory at
 the time of the crash. Kernel core dumps may consume a considerable amount of
 disk space and may result in denial of service by exhausting the available
-space on the target file system partition.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+space on the target file system partition.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that kernel core dumps are disabled unless needed.
 
-    Check the status of the &quot;kdump&quot; service with the following command:
+    Check the status of the "kdump" service with the following command:
 
     # systemctl status kdump.service
     kdump.service - Crash recovery kernel arming
-       Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;kdump.service; enabled)
+       Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled)
        Active: active (exited) since Wed 2015-08-26 13:08:09 EDT; 43min ago
-     Main PID: 1130 (code&#x3D;exited, status&#x3D;0&#x2F;SUCCESS)
+     Main PID: 1130 (code=exited, status=0/SUCCESS)
     kernel arming.
 
-    If the &quot;kdump&quot; service is active, ask the System Administrator if the use
+    If the "kdump" service is active, ask the System Administrator if the use
 of the service is required and documented with the Information System Security
 Officer (ISSO).
 
-    If the service is active and is not documented, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If kernel core dumps are not required, disable the &quot;kdump&quot; service with
+    If the service is active and is not documented, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If kernel core dumps are not required, disable the "kdump" service with
 the following command:
 
     # systemctl disable kdump.service
 
-    If kernel core dumps are required, document the need with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9a726d26-5d41-4963-bdfe-734007181dee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service kdump.service is expected not to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72089</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86713r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If kernel core dumps are required, document the need with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72057\" do\n  title \"The Red Hat Enterprise Linux operating system must disable Kernel core\ndumps unless needed.\"\n  desc  \"Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that kernel core dumps are disabled unless needed.\n\n    Check the status of the \\\"kdump\\\" service with the following command:\n\n    # systemctl status kdump.service\n    kdump.service - Crash recovery kernel arming\n       Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled)\n       Active: active (exited) since Wed 2015-08-26 13:08:09 EDT; 43min ago\n     Main PID: 1130 (code=exited, status=0/SUCCESS)\n    kernel arming.\n\n    If the \\\"kdump\\\" service is active, ask the System Administrator if the use\nof the service is required and documented with the Information System Security\nOfficer (ISSO).\n\n    If the service is active and is not documented, this is a finding.\n  \"\n  desc  \"fix\", \"\n    If kernel core dumps are not required, disable the \\\"kdump\\\" service with\nthe following command:\n\n    # systemctl disable kdump.service\n\n    If kernel core dumps are required, document the need with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72057\"\n  tag rid: \"SV-86681r2_rule\"\n  tag stig_id: \"RHEL-07-021300\"\n  tag fix_id: \"F-78409r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe systemd_service('kdump.service') do\n    it { should_not be_running }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service kdump.service is expected not to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72089</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86713r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate an action
 to notify the System Administrator (SA) and Information System Security Officer
 ISSO, at a minimum, when allocated audit record storage volume reaches 75% of
-the repository maximum audit record storage capacity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the repository maximum audit record storage capacity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If security personnel are not notified immediately when storage volume
 reaches 75 percent utilization, they are unable to plan for audit record
-storage capacity expansion.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage capacity expansion.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates an action to notify the SA and ISSO
 (at a minimum) when allocated audit record storage volume reaches 75 percent of
 the repository maximum audit record storage capacity.
@@ -29317,34 +28042,34 @@ the repository maximum audit record storage capacity.
     Check the system configuration to determine the partition the audit records
 are being written to with the following command:
 
-    # grep -iw log_file &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    log_file &#x3D; &#x2F;var&#x2F;log&#x2F;audit&#x2F;audit.log
+    # grep -iw log_file /etc/audit/auditd.conf
+    log_file = /var/log/audit/audit.log
 
     Check the size of the partition that audit records are written to (with the
-example being &quot;&#x2F;var&#x2F;log&#x2F;audit&#x2F;&quot;):
+example being "/var/log/audit/"):
 
-    # df -h &#x2F;var&#x2F;log&#x2F;audit&#x2F;
-    0.9G &#x2F;var&#x2F;log&#x2F;audit
+    # df -h /var/log/audit/
+    0.9G /var/log/audit
 
     If the audit records are not being written to a partition specifically
-created for audit records (in this example &quot;&#x2F;var&#x2F;log&#x2F;audit&quot; is a separate
+created for audit records (in this example "/var/log/audit" is a separate
 partition), determine the amount of space other files in the partition are
 currently occupying with the following command:
 
     # du -sh &lt;partition&gt;
-    1.8G &#x2F;var
+    1.8G /var
 
     Determine what the threshold is for the system to take action when 75
 percent of the repository maximum audit record storage capacity is reached:
 
-    # grep -iw space_left &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    space_left &#x3D; 225
+    # grep -iw space_left /etc/audit/auditd.conf
+    space_left = 225
 
-    If the value of the &quot;space_left&quot; keyword is not set to 25 percent of the
-total partition size, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "space_left" keyword is not set to 25 percent of the
+total partition size, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate an action to notify the SA and
 ISSO (at a minimum) when allocated audit record storage volume reaches 75
 percent of the repository maximum audit record storage capacity.
@@ -29352,155 +28077,150 @@ percent of the repository maximum audit record storage capacity.
     Check the system configuration to determine the partition the audit records
 are being written to:
 
-    # grep -iw log_file &#x2F;etc&#x2F;audit&#x2F;auditd.conf
+    # grep -iw log_file /etc/audit/auditd.conf
 
     Determine the size of the partition that audit records are written to (with
-the example being &quot;&#x2F;var&#x2F;log&#x2F;audit&#x2F;&quot;):
-
-    # df -h &#x2F;var&#x2F;log&#x2F;audit&#x2F;
-
-    Set the value of the &quot;space_left&quot; keyword in &quot;&#x2F;etc&#x2F;audit&#x2F;auditd.conf&quot;
-to 25 percent of the partition size.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>45c58c85-63ac-46fa-ba94-e62d03c736c7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Audit Daemon Config space_left.to_i is expected to be &gt;&#x3D; 7676</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72315</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86939r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040810</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+the example being "/var/log/audit/"):
+
+    # df -h /var/log/audit/
+
+    Set the value of the "space_left" keyword in "/etc/audit/auditd.conf"
+to 25 percent of the partition size.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72089\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate an action\nto notify the System Administrator (SA) and Information System Security Officer\nISSO, at a minimum, when allocated audit record storage volume reaches 75% of\nthe repository maximum audit record storage capacity.\"\n  desc  \"If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates an action to notify the SA and ISSO\n(at a minimum) when allocated audit record storage volume reaches 75 percent of\nthe repository maximum audit record storage capacity.\n\n    Check the system configuration to determine the partition the audit records\nare being written to with the following command:\n\n    # grep -iw log_file /etc/audit/auditd.conf\n    log_file = /var/log/audit/audit.log\n\n    Check the size of the partition that audit records are written to (with the\nexample being \\\"/var/log/audit/\\\"):\n\n    # df -h /var/log/audit/\n    0.9G /var/log/audit\n\n    If the audit records are not being written to a partition specifically\ncreated for audit records (in this example \\\"/var/log/audit\\\" is a separate\npartition), determine the amount of space other files in the partition are\ncurrently occupying with the following command:\n\n    # du -sh &lt;partition&gt;\n    1.8G /var\n\n    Determine what the threshold is for the system to take action when 75\npercent of the repository maximum audit record storage capacity is reached:\n\n    # grep -iw space_left /etc/audit/auditd.conf\n    space_left = 225\n\n    If the value of the \\\"space_left\\\" keyword is not set to 25 percent of the\ntotal partition size, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate an action to notify the SA and\nISSO (at a minimum) when allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity.\n\n    Check the system configuration to determine the partition the audit records\nare being written to:\n\n    # grep -iw log_file /etc/audit/auditd.conf\n\n    Determine the size of the partition that audit records are written to (with\nthe example being \\\"/var/log/audit/\\\"):\n\n    # df -h /var/log/audit/\n\n    Set the value of the \\\"space_left\\\" keyword in \\\"/etc/audit/auditd.conf\\\"\nto 25 percent of the partition size.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000343-GPOS-00134\"\n  tag gid: \"V-72089\"\n  tag rid: \"SV-86713r4_rule\"\n  tag stig_id: \"RHEL-07-030330\"\n  tag fix_id: \"F-78441r3_fix\"\n  tag cci: [\"CCI-001855\"]\n  tag nist: [\"AU-5 (1)\", \"Rev_4\"]\n\n  if((f = file(audit_log_dir = command(\"dirname #{auditd_conf.log_file}\").stdout.strip)).directory?)\n    # Fetch partition sizes in 1K blocks for consistency\n    partition_info = command(\"df -B 1K #{audit_log_dir}\").stdout.split(\"\\n\")\n    partition_sz_arr = partition_info.last.gsub(/\\s+/m, ' ').strip.split(\" \")\n\n    # Get partition size\n    partition_sz = partition_sz_arr[1]\n\n    # Convert to MB and get 25%\n    exp_space_left = partition_sz.to_i / 1024 / 4\n\n    describe auditd_conf do\n      its('space_left.to_i') { should be &gt;= exp_space_left }\n    end\n  else\n    describe f.directory? do\n     it { should be true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Audit Daemon Config space_left.to_i is expected to be &gt;= 7676</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72315</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86939r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040810</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system access control program
 must be configured to grant or deny system access to specific hosts and
-services.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+services.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the systems access control program is not configured with
 appropriate rules for allowing and denying access to system network resources,
-services may be accessible to unauthorized hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the &quot;firewalld&quot; package is not installed, ask the System Administrator
+services may be accessible to unauthorized hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the "firewalld" package is not installed, ask the System Administrator
 (SA) if another firewall application (such as iptables) is installed. If an
 application firewall is not installed, this is a finding.
 
-    Verify the system&#39;s access control program is configured to grant or deny
+    Verify the system's access control program is configured to grant or deny
 system access to specific hosts.
 
-    Check to see if &quot;firewalld&quot; is active with the following command:
+    Check to see if "firewalld" is active with the following command:
 
     # systemctl status firewalld
     firewalld.service - firewalld - dynamic firewall daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;firewalld.service; enabled)
+    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
     Active: active (running) since Sun 2014-04-20 14:06:46 BST; 30s ago
 
-    If &quot;firewalld&quot; is active, check to see if it is configured to grant or
+    If "firewalld" is active, check to see if it is configured to grant or
 deny access to specific hosts or services with the following commands:
 
     # firewall-cmd --get-default-zone
     public
 
-    # firewall-cmd --list-all --zone&#x3D;public
+    # firewall-cmd --list-all --zone=public
     public (active)
     target: default
     icmp-block-inversion: no
@@ -29513,282 +28233,272 @@ deny access to specific hosts or services with the following commands:
     forward-ports:
     icmp-blocks:
 
-    If &quot;firewalld&quot; is not active, determine whether &quot;tcpwrappers&quot; is being
-used by checking whether the &quot;hosts.allow&quot; and &quot;hosts.deny&quot; files are empty
+    If "firewalld" is not active, determine whether "tcpwrappers" is being
+used by checking whether the "hosts.allow" and "hosts.deny" files are empty
 with the following commands:
 
-    # ls -al &#x2F;etc&#x2F;hosts.allow
-    rw-r----- 1 root root 9 Aug 2 23:13 &#x2F;etc&#x2F;hosts.allow
+    # ls -al /etc/hosts.allow
+    rw-r----- 1 root root 9 Aug 2 23:13 /etc/hosts.allow
 
-    # ls -al &#x2F;etc&#x2F;hosts.deny
-    -rw-r----- 1 root root 9 Apr 9 2007 &#x2F;etc&#x2F;hosts.deny
+    # ls -al /etc/hosts.deny
+    -rw-r----- 1 root root 9 Apr 9 2007 /etc/hosts.deny
 
-    If &quot;firewalld&quot; and &quot;tcpwrappers&quot; are not installed, configured, and
+    If "firewalld" and "tcpwrappers" are not installed, configured, and
 active, ask the SA if another access control program (such as iptables) is
 installed and active. Ask the SA to show that the running configuration grants
 or denies access to specific hosts or services.
 
-    If &quot;firewalld&quot; is active and is not configured to grant access to
-specific hosts or &quot;tcpwrappers&quot; is not configured to grant or deny access to
-specific hosts, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If &quot;firewalld&quot; is installed and active on the system, configure rules for
+    If "firewalld" is active and is not configured to grant access to
+specific hosts or "tcpwrappers" is not configured to grant or deny access to
+specific hosts, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If "firewalld" is installed and active on the system, configure rules for
 allowing specific services and hosts.
 
-    If &quot;firewalld&quot; is not &quot;active&quot;, enable &quot;tcpwrappers&quot; by configuring
-&quot;&#x2F;etc&#x2F;hosts.allow&quot; and &quot;&#x2F;etc&#x2F;hosts.deny&quot; to allow or deny access to
-specific hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>018cff2c-c802-4668-83ff-ee62c7bec1bf</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Firewall Rules with services is expected to be in</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72311</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86935r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040750</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If "firewalld" is not "active", enable "tcpwrappers" by configuring
+"/etc/hosts.allow" and "/etc/hosts.deny" to allow or deny access to
+specific hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72315\" do\n  title \"The Red Hat Enterprise Linux operating system access control program\nmust be configured to grant or deny system access to specific hosts and\nservices.\"\n  desc  \"If the systems access control program is not configured with\nappropriate rules for allowing and denying access to system network resources,\nservices may be accessible to unauthorized hosts.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If the \\\"firewalld\\\" package is not installed, ask the System Administrator\n(SA) if another firewall application (such as iptables) is installed. If an\napplication firewall is not installed, this is a finding.\n\n    Verify the system's access control program is configured to grant or deny\nsystem access to specific hosts.\n\n    Check to see if \\\"firewalld\\\" is active with the following command:\n\n    # systemctl status firewalld\n    firewalld.service - firewalld - dynamic firewall daemon\n    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)\n    Active: active (running) since Sun 2014-04-20 14:06:46 BST; 30s ago\n\n    If \\\"firewalld\\\" is active, check to see if it is configured to grant or\ndeny access to specific hosts or services with the following commands:\n\n    # firewall-cmd --get-default-zone\n    public\n\n    # firewall-cmd --list-all --zone=public\n    public (active)\n    target: default\n    icmp-block-inversion: no\n    interfaces: eth0\n    sources:\n    services: mdns ssh\n    ports:\n    protocols:\n    masquerade: no\n    forward-ports:\n    icmp-blocks:\n\n    If \\\"firewalld\\\" is not active, determine whether \\\"tcpwrappers\\\" is being\nused by checking whether the \\\"hosts.allow\\\" and \\\"hosts.deny\\\" files are empty\nwith the following commands:\n\n    # ls -al /etc/hosts.allow\n    rw-r----- 1 root root 9 Aug 2 23:13 /etc/hosts.allow\n\n    # ls -al /etc/hosts.deny\n    -rw-r----- 1 root root 9 Apr 9 2007 /etc/hosts.deny\n\n    If \\\"firewalld\\\" and \\\"tcpwrappers\\\" are not installed, configured, and\nactive, ask the SA if another access control program (such as iptables) is\ninstalled and active. Ask the SA to show that the running configuration grants\nor denies access to specific hosts or services.\n\n    If \\\"firewalld\\\" is active and is not configured to grant access to\nspecific hosts or \\\"tcpwrappers\\\" is not configured to grant or deny access to\nspecific hosts, this is a finding.\n  \"\n  desc  \"fix\", \"\n    If \\\"firewalld\\\" is installed and active on the system, configure rules for\nallowing specific services and hosts.\n\n    If \\\"firewalld\\\" is not \\\"active\\\", enable \\\"tcpwrappers\\\" by configuring\n\\\"/etc/hosts.allow\\\" and \\\"/etc/hosts.deny\\\" to allow or deny access to\nspecific hosts.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72315\"\n  tag rid: \"SV-86939r3_rule\"\n  tag stig_id: \"RHEL-07-040810\"\n  tag fix_id: \"F-78669r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  firewalld_services = input('firewalld_services')\n  firewalld_hosts_allow = input('firewalld_hosts_allow')\n  firewalld_hosts_deny = input('firewalld_hosts_deny')\n  firewalld_ports_allow = input('firewalld_ports_allow')\n  firewalld_ports_deny = input('firewalld_ports_deny')\n  tcpwrappers_allow = input('tcpwrappers_allow')\n  tcpwrappers_deny = input('tcpwrappers_deny')\n  iptable_rules = input('iptables_rules')\n\n  if service('firewalld').running?\n    @default_zone = firewalld.default_zone\n\n    describe firewalld.where{ zone = @default_zone } do\n      its('services') { should be_in firewalld_services }\n    end\n\n    describe firewalld do\n      firewalld_hosts_allow.each do |rule|\n        it { should have_rule_enabled(rule) }\n      end\n      firewalld_hosts_deny.each do |rule|\n        it { should_not have_rule_enabled(rule) }\n      end\n      firewalld_ports_allow.each do |port|\n        it { should have_port_enabled_in_zone(port) }\n      end\n      firewalld_ports_deny.each do |port|\n        it { should_not have_port_enabled_in_zone(port) }\n      end\n    end\n  elsif service('iptables').running?\n    describe iptables do\n      iptable_rules.each do |rule|\n        it { should have_rule(rule) }\n      end\n    end\n  else\n    describe package('tcp_wrappers') do\n      it { should be_installed }\n    end\n    tcpwrappers_allow.each do |rule|\n      describe etc_hosts_allow.where { daemon == rule['daemon'] } do\n        its('client_list') { should be rule['client_list'] }\n        its('options') { should be rule['options'] }\n      end\n    end\n    tcpwrappers_deny.each do |rule|\n      describe etc_hosts_deny.where { daemon == rule['daemon'] } do\n        its('client_list') { should be rule['client_list'] }\n        its('options') { should be rule['options'] }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Firewall Rules with services is expected to be in</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72311</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86935r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040750</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the Network File System (NFS) is configured to use RPCSEC_GSS.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the Network File System (NFS) is configured to use RPCSEC_GSS.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>When an NFS server is configured to use RPCSEC_SYS, a selected userid
 and groupid are used to handle requests from the remote user. The userid and
 groupid could mistakenly or maliciously be set incorrectly. The RPCSEC_GSS
 method of authentication uses certificates on the server and client systems to
-more securely authenticate the remote mount request.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify &quot;AUTH_GSS&quot; is being used to authenticate NFS mounts.
+more securely authenticate the remote mount request.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify "AUTH_GSS" is being used to authenticate NFS mounts.
 
     To check if the system is importing an NFS file system, look for any
-entries in the &quot;&#x2F;etc&#x2F;fstab&quot; file that have a file system type of &quot;nfs&quot; with
+entries in the "/etc/fstab" file that have a file system type of "nfs" with
 the following command:
 
-    # cat &#x2F;etc&#x2F;fstab | grep nfs
-    192.168.21.5:&#x2F;mnt&#x2F;export &#x2F;data1 nfs4 rw,sync ,soft,sec&#x3D;krb5:krb5i:krb5p
+    # cat /etc/fstab | grep nfs
+    192.168.21.5:/mnt/export /data1 nfs4 rw,sync ,soft,sec=krb5:krb5i:krb5p
 
     If the system is mounting file systems via NFS and has the sec option
-without the &quot;krb5:krb5i:krb5p&quot; settings, the &quot;sec&quot; option has the &quot;sys&quot;
-setting, or the &quot;sec&quot; option is missing, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Update the &quot;&#x2F;etc&#x2F;fstab&quot; file so the option &quot;sec&quot; is defined for each
-NFS mounted file system and the &quot;sec&quot; option does not have the &quot;sys&quot;
+without the "krb5:krb5i:krb5p" settings, the "sec" option has the "sys"
+setting, or the "sec" option is missing, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Update the "/etc/fstab" file so the option "sec" is defined for each
+NFS mounted file system and the "sec" option does not have the "sys"
 setting.
 
-    Ensure the &quot;sec&quot; option is defined as &quot;krb5:krb5i:krb5p&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>cf77acea-7f4d-4a55-8220-51af48873300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71975</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86599r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Ensure the "sec" option is defined as "krb5:krb5i:krb5p".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72311\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the Network File System (NFS) is configured to use RPCSEC_GSS.\"\n  desc  \"When an NFS server is configured to use RPCSEC_SYS, a selected userid\nand groupid are used to handle requests from the remote user. The userid and\ngroupid could mistakenly or maliciously be set incorrectly. The RPCSEC_GSS\nmethod of authentication uses certificates on the server and client systems to\nmore securely authenticate the remote mount request.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify \\\"AUTH_GSS\\\" is being used to authenticate NFS mounts.\n\n    To check if the system is importing an NFS file system, look for any\nentries in the \\\"/etc/fstab\\\" file that have a file system type of \\\"nfs\\\" with\nthe following command:\n\n    # cat /etc/fstab | grep nfs\n    192.168.21.5:/mnt/export /data1 nfs4 rw,sync ,soft,sec=krb5:krb5i:krb5p\n\n    If the system is mounting file systems via NFS and has the sec option\nwithout the \\\"krb5:krb5i:krb5p\\\" settings, the \\\"sec\\\" option has the \\\"sys\\\"\nsetting, or the \\\"sec\\\" option is missing, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Update the \\\"/etc/fstab\\\" file so the option \\\"sec\\\" is defined for each\nNFS mounted file system and the \\\"sec\\\" option does not have the \\\"sys\\\"\nsetting.\n\n    Ensure the \\\"sec\\\" option is defined as \\\"krb5:krb5i:krb5p\\\".\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72311\"\n  tag rid: \"SV-86935r4_rule\"\n  tag stig_id: \"RHEL-07-040750\"\n  tag fix_id: \"F-78665r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n  if !nfs_systems.nil? and !nfs_systems.empty?\n    nfs_systems.each do |file_system|\n      describe file_system do\n        its ('mount_options') { should include 'sec=krb5:krb5i:krb5p' }\n      end\n    end\n  else\n    describe \"No NFS file systems were found.\" do\n      subject { nfs_systems.nil? or nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71975</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86599r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that designated personnel are notified if baseline configurations are changed
-in an unauthorized manner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+in an unauthorized manner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unauthorized changes to the baseline configuration could make the
 system vulnerable to various attacks or allow unauthorized access to the
 operating system. Changes to operating system configurations can have
@@ -29796,17 +28506,17 @@ unintended side effects, some of which may be relevant to security.
 
     Detecting such changes and providing an automated response can help avoid
 unintended, negative consequences that could ultimately affect the security
-state of the operating system. The operating system&#39;s Information Management
-Officer (IMO)&#x2F;Information System Security Officer (ISSO) and System
-Administrators (SAs) must be notified via email and&#x2F;or monitoring system trap
-when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+state of the operating system. The operating system's Information Management
+Officer (IMO)/Information System Security Officer (ISSO) and System
+Administrators (SAs) must be notified via email and/or monitoring system trap
+when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system notifies designated personnel if baseline
 configurations are changed in an unauthorized manner.
 
@@ -29825,32 +28535,32 @@ performed on the system.
 executes AIDE to scan for changes to the system baseline. The commands used in
 the example will use a daily occurrence.
 
-    Check the cron directories for a &quot;crontab&quot; script file controlling the
+    Check the cron directories for a "crontab" script file controlling the
 execution of the file integrity application. For example, if AIDE is installed
 on the system, use the following command:
 
-    # ls -al &#x2F;etc&#x2F;cron.* | grep aide
+    # ls -al /etc/cron.* | grep aide
     -rwxr-xr-x 1 root root 32 Jul 1 2011 aide
 
-    # grep aide &#x2F;etc&#x2F;crontab &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root
-    &#x2F;etc&#x2F;crontab: 30 04 * * * &#x2F;root&#x2F;aide
-    &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root: 30 04 * * * &#x2F;root&#x2F;aide
+    # grep aide /etc/crontab /var/spool/cron/root
+    /etc/crontab: 30 04 * * * /root/aide
+    /var/spool/cron/root: 30 04 * * * /root/aide
 
     AIDE does not have a configuration that will send a notification, so the
 cron job uses the mail application on the system to email the results of the
 file integrity run as in the following example:
 
-    # more &#x2F;etc&#x2F;cron.daily&#x2F;aide
-    #!&#x2F;bin&#x2F;bash
+    # more /etc/cron.daily/aide
+    #!/bin/bash
 
-    &#x2F;usr&#x2F;sbin&#x2F;aide --check | &#x2F;bin&#x2F;mail -s &quot;$HOSTNAME - Daily aide integrity
-check run&quot; root@sysname.mil
+    /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity
+check run" root@sysname.mil
 
     If the file integrity application does not notify designated personnel of
-changes, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+changes, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to notify designated personnel if baseline
 configurations are changed in an unauthorized manner. The AIDE tool can be
 configured to email designated personnel with the use of the cron system.
@@ -29858,140 +28568,134 @@ configured to email designated personnel with the use of the cron system.
     The following example output is generic. It will set cron to run AIDE daily
 and to send email at the completion of the analysis.
 
-    # more &#x2F;etc&#x2F;cron.daily&#x2F;aide
-
-    &#x2F;usr&#x2F;sbin&#x2F;aide --check | &#x2F;bin&#x2F;mail -s &quot;$HOSTNAME - Daily aide integrity
-check run&quot; root@sysname.mil</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>cac4aa82-dc0f-49f5-b544-4a4116798b1f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-File &#x2F;etc&#x2F;cron.daily&#x2F;aide content is expected to match &#x2F;\&#x2F;bin\&#x2F;mail&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71983</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86607r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # more /etc/cron.daily/aide
+
+    /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity
+check run" root@sysname.mil</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71975\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat designated personnel are notified if baseline configurations are changed\nin an unauthorized manner.\"\n  desc  \"Unauthorized changes to the baseline configuration could make the\nsystem vulnerable to various attacks or allow unauthorized access to the\noperating system. Changes to operating system configurations can have\nunintended side effects, some of which may be relevant to security.\n\n    Detecting such changes and providing an automated response can help avoid\nunintended, negative consequences that could ultimately affect the security\nstate of the operating system. The operating system's Information Management\nOfficer (IMO)/Information System Security Officer (ISSO) and System\nAdministrators (SAs) must be notified via email and/or monitoring system trap\nwhen there is an unauthorized modification of a configuration item.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system notifies designated personnel if baseline\nconfigurations are changed in an unauthorized manner.\n\n    Note: A file integrity tool other than Advanced Intrusion Detection\nEnvironment (AIDE) may be used, but the tool must be executed and notify\nspecified individuals via email or an alert.\n\n    Check to see if AIDE is installed on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the SA how file integrity checks are\nperformed on the system.\n\n    Check for the presence of a cron job running routinely on the system that\nexecutes AIDE to scan for changes to the system baseline. The commands used in\nthe example will use a daily occurrence.\n\n    Check the cron directories for a \\\"crontab\\\" script file controlling the\nexecution of the file integrity application. For example, if AIDE is installed\non the system, use the following command:\n\n    # ls -al /etc/cron.* | grep aide\n    -rwxr-xr-x 1 root root 32 Jul 1 2011 aide\n\n    # grep aide /etc/crontab /var/spool/cron/root\n    /etc/crontab: 30 04 * * * /root/aide\n    /var/spool/cron/root: 30 04 * * * /root/aide\n\n    AIDE does not have a configuration that will send a notification, so the\ncron job uses the mail application on the system to email the results of the\nfile integrity run as in the following example:\n\n    # more /etc/cron.daily/aide\n    #!/bin/bash\n\n    /usr/sbin/aide --check | /bin/mail -s \\\"$HOSTNAME - Daily aide integrity\ncheck run\\\" root@sysname.mil\n\n    If the file integrity application does not notify designated personnel of\nchanges, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to notify designated personnel if baseline\nconfigurations are changed in an unauthorized manner. The AIDE tool can be\nconfigured to email designated personnel with the use of the cron system.\n\n    The following example output is generic. It will set cron to run AIDE daily\nand to send email at the completion of the analysis.\n\n    # more /etc/cron.daily/aide\n\n    /usr/sbin/aide --check | /bin/mail -s \\\"$HOSTNAME - Daily aide integrity\ncheck run\\\" root@sysname.mil\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000363-GPOS-00150\"\n  tag gid: \"V-71975\"\n  tag rid: \"SV-86599r2_rule\"\n  tag stig_id: \"RHEL-07-020040\"\n  tag fix_id: \"F-78327r3_fix\"\n  tag cci: [\"CCI-001744\"]\n  tag nist: [\"CM-3 (5)\", \"Rev_4\"]\n\n  file_integrity_tool = input('file_integrity_tool')\n\n  describe package(file_integrity_tool) do\n    it { should be_installed }\n  end\n  describe.one do\n    describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n      its('content') { should match %r{/bin/mail} }\n    end\n    describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n      its('content') { should match %r{/bin/mail} }\n    end\n    describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n      its('commands.flatten') { should include(match %r{/bin/mail}) }\n    end\n    if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n      describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n        its('commands') { should include(match %r{/bin/mail}) }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST File /etc/cron.daily/aide content is expected to match /\/bin\/mail/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71983</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86607r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-disable USB mass storage.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+disable USB mass storage.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>USB mass storage permits easy introduction of unknown devices, thereby
-facilitating malicious activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+facilitating malicious activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If there is an HBSS with a Device Control Module and a Data Loss Prevention
 mechanism, this requirement is not applicable.
 
     Verify the operating system disables the ability to load the USB Storage
 kernel module.
 
-    # grep -r usb-storage &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;&#x2F;bin&#x2F;true&quot; | grep -v
-&quot;^#&quot;
+    # grep -r usb-storage /etc/modprobe.d/* | grep -i "/bin/true" | grep -v
+"^#"
 
-    install usb-storage &#x2F;bin&#x2F;true
+    install usb-storage /bin/true
 
     If the command does not return any output, or the line is commented out,
 and use of USB Storage is not documented with the Information System Security
@@ -30002,612 +28706,589 @@ devices.
 
     Check to see if USB mass storage is disabled with the following command:
 
-    # grep usb-storage &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;blacklist&quot; | grep -v
-&quot;^#&quot;
+    # grep usb-storage /etc/modprobe.d/* | grep -i "blacklist" | grep -v
+"^#"
     blacklist usb-storage
 
-    If the command does not return any output or the output is not &quot;blacklist
-usb-storage&quot;, and use of USB storage devices is not documented with the
+    If the command does not return any output or the output is not "blacklist
+usb-storage", and use of USB storage devices is not documented with the
 Information System Security Officer (ISSO) as an operational requirement, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable the ability to use the USB
 Storage kernel module.
 
-    Create a file under &quot;&#x2F;etc&#x2F;modprobe.d&quot; with the following command:
+    Create a file under "/etc/modprobe.d" with the following command:
 
-    # touch &#x2F;etc&#x2F;modprobe.d&#x2F;usb-storage.conf
+    # touch /etc/modprobe.d/usb-storage.conf
 
     Add the following line to the created file:
 
-    install usb-storage &#x2F;bin&#x2F;true
+    install usb-storage /bin/true
 
     Configure the operating system to disable the ability to use USB mass
 storage devices.
 
-    # vi &#x2F;etc&#x2F;modprobe.d&#x2F;blacklist.conf
+    # vi /etc/modprobe.d/blacklist.conf
 
     Add or update the line:
 
-    blacklist usb-storage</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2722bacb-9897-4f03-9fdf-10dd1c3fe2ca</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Module usb_storage is expected not to be loaded
---------------------------------
-passed
-Kernel Module usb_storage is expected to be blacklisted</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86759r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030560</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    blacklist usb-storage</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71983\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\ndisable USB mass storage.\"\n  desc  \"USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If there is an HBSS with a Device Control Module and a Data Loss Prevention\nmechanism, this requirement is not applicable.\n\n    Verify the operating system disables the ability to load the USB Storage\nkernel module.\n\n    # grep -r usb-storage /etc/modprobe.d/* | grep -i \\\"/bin/true\\\" | grep -v\n\\\"^#\\\"\n\n    install usb-storage /bin/true\n\n    If the command does not return any output, or the line is commented out,\nand use of USB Storage is not documented with the Information System Security\nOfficer (ISSO) as an operational requirement, this is a finding.\n\n    Verify the operating system disables the ability to use USB mass storage\ndevices.\n\n    Check to see if USB mass storage is disabled with the following command:\n\n    # grep usb-storage /etc/modprobe.d/* | grep -i \\\"blacklist\\\" | grep -v\n\\\"^#\\\"\n    blacklist usb-storage\n\n    If the command does not return any output or the output is not \\\"blacklist\nusb-storage\\\", and use of USB storage devices is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable the ability to use the USB\nStorage kernel module.\n\n    Create a file under \\\"/etc/modprobe.d\\\" with the following command:\n\n    # touch /etc/modprobe.d/usb-storage.conf\n\n    Add the following line to the created file:\n\n    install usb-storage /bin/true\n\n    Configure the operating system to disable the ability to use USB mass\nstorage devices.\n\n    # vi /etc/modprobe.d/blacklist.conf\n\n    Add or update the line:\n\n    blacklist usb-storage\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000114-GPOS-00059\"\n  tag satisfies: [\"SRG-OS-000114-GPOS-00059\", \"SRG-OS-000378-GPOS-00163\",\n\"SRG-OS-000480-GPOS-00227\"]\n  tag gid: \"V-71983\"\n  tag rid: \"SV-86607r4_rule\"\n  tag stig_id: \"RHEL-07-020100\"\n  tag fix_id: \"F-78335r4_fix\"\n  tag cci: [\"CCI-000366\", \"CCI-000778\", \"CCI-001958\"]\n  tag nist: [\"CM-6 b\", \"IA-3\", \"IA-3\", \"Rev_4\"]\n\n  describe kernel_module('usb_storage') do\n    it { should_not be_loaded }\n    it { should be_blacklisted }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Module usb_storage is expected not to be loaded
+--------------------------------
+passed :: TEST Kernel Module usb_storage is expected to be blacklisted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86759r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030560</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the semanage command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the semanage command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;semanage&quot; command occur.
+successful/unsuccessful attempts to use the "semanage" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;sbin&#x2F;semanage &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/sbin/semanage /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;semanage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;semanage&quot; command occur.
+successful/unsuccessful attempts to use the "semanage" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;semanage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>93d277db-e8e3-406f-af65-d8e94fecdacd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;semanage&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;semanage&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72291</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86915r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040650</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72135\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe semanage command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"semanage\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/sbin/semanage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"semanage\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72135\"\n  tag rid: \"SV-86759r4_rule\"\n  tag stig_id: \"RHEL-07-030560\"\n  tag fix_id: \"F-78487r5_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/semanage'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/semanage" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/semanage" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72291</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86915r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040650</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow
 interfaces to perform Internet Protocol version 4 (IPv4) Internet Control
-Message Protocol (ICMP) redirects by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Message Protocol (ICMP) redirects by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages contain
-information from the system&#39;s route table, possibly revealing portions of the
-network topology.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information from the system's route table, possibly revealing portions of the
+network topology.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not allow interfaces to perform IPv4 ICMP redirects
 by default.
 
-    # grep &#39;net.ipv4.conf.default.send_redirects&#39; &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.default.send_redirects' /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    If &quot;net.ipv4.conf.default.send_redirects&quot; is not configured in the
-&quot;&#x2F;etc&#x2F;sysctl.conf&quot; file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out
-or does not have a value of &quot;0&quot;, this is a finding.
+    If "net.ipv4.conf.default.send_redirects" is not configured in the
+"/etc/sysctl.conf" file or in the /etc/sysctl.d/ directory, is commented out
+or does not have a value of "0", this is a finding.
 
-    Check that the operating system implements the &quot;default send_redirects&quot;
+    Check that the operating system implements the "default send_redirects"
 variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.default.send_redirects&#39;
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.send_redirects'
 
-    net.ipv4.conf.default.send_redirects &#x3D; 0
+    net.ipv4.conf.default.send_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to not allow interfaces to perform IPv4 ICMP redirects
 by default.
 
     Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.send_redirects &#x3D; 0
+    net.ipv4.conf.default.send_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1bdd003b-a603-4f33-93a1-38f79df99cae</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.send_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86647r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020660</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72291\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow\ninterfaces to perform Internet Protocol version 4 (IPv4) Internet Control\nMessage Protocol (ICMP) redirects by default.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages contain\ninformation from the system's route table, possibly revealing portions of the\nnetwork topology.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not allow interfaces to perform IPv4 ICMP redirects\nby default.\n\n    # grep 'net.ipv4.conf.default.send_redirects' /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    If \\\"net.ipv4.conf.default.send_redirects\\\" is not configured in the\n\\\"/etc/sysctl.conf\\\" file or in the /etc/sysctl.d/ directory, is commented out\nor does not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the \\\"default send_redirects\\\"\nvariables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.send_redirects'\n\n    net.ipv4.conf.default.send_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to not allow interfaces to perform IPv4 ICMP redirects\nby default.\n\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.send_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72291\"\n  tag rid: \"SV-86915r4_rule\"\n  tag stig_id: \"RHEL-07-040650\"\n  tag fix_id: \"F-78645r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.send_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.send_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86647r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020660</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all files and directories contained in local interactive user home
-directories are owned by the owner of the home directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directories are owned by the owner of the home directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If local interactive users do not own the files in their directories,
 unauthorized users may be able to access them. Additionally, if files are not
-owned by the user, this could be an indication of system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify all files and directories in a local interactive user&#39;s home
+owned by the user, this could be an indication of system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify all files and directories in a local interactive user's home
 directory are owned by the user.
 
-    Check the owner of all files and directories in a local interactive user&#39;s
+    Check the owner of all files and directories in a local interactive user's
 home directory with the following command:
 
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj".
 
-    # ls -lLR &#x2F;home&#x2F;smithj
+    # ls -lLR /home/smithj
     -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1
     -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2
     -rw-r--r-- 1 smithj smithj 231 Mar  5 17:06 file3
 
     If any files are found with an owner different than the home directory
-user, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the owner of a local interactive user&#39;s files and directories to
-that owner. To change the owner of a local interactive user&#39;s files and
+user, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the owner of a local interactive user's files and directories to
+that owner. To change the owner of a local interactive user's files and
 directories, use the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chown smithj &#x2F;home&#x2F;smithj&#x2F;&lt;file or directory&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>839bd59b-7cc5-4f33-a629-79cc16a369af</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Files and directories that are not owned by the user is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86861r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj".
+
+    # chown smithj /home/smithj/&lt;file or directory&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72023\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories contained in local interactive user home\ndirectories are owned by the owner of the home directory.\"\n  desc  \"If local interactive users do not own the files in their directories,\nunauthorized users may be able to access them. Additionally, if files are not\nowned by the user, this could be an indication of system compromise.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories in a local interactive user's home\ndirectory are owned by the user.\n\n    Check the owner of all files and directories in a local interactive user's\nhome directory with the following command:\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -lLR /home/smithj\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj smithj 231 Mar  5 17:06 file3\n\n    If any files are found with an owner different than the home directory\nuser, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the owner of a local interactive user's files and directories to\nthat owner. To change the owner of a local interactive user's files and\ndirectories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\".\n\n    # chown smithj /home/smithj/&lt;file or directory&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72023\"\n  tag rid: \"SV-86647r2_rule\"\n  tag stig_id: \"RHEL-07-020660\"\n  tag fix_id: \"F-78375r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -xdev -xautofs -not -user #{user_info.username}\").stdout.split(\"\\n\")\n  end\n  describe \"Files and directories that are not owned by the user\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Files and directories that are not owned by the user is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86861r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all network connections associated with SSH traffic are terminated at the
 end of the session or after 10 minutes of inactivity, except to fulfill
-documented and validated mission requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+documented and validated mission requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Terminating an idle SSH session within a short time period reduces the
 window of opportunity for unauthorized personnel to take control of a
 management session enabled on the console or console port that has been left
@@ -30615,169 +29296,162 @@ unattended. In addition, quickly terminating an idle SSH session will also free
 up resources committed by the managed network element.
 
     Terminating network connections associated with communications sessions
-includes, for example, de-allocating associated TCP&#x2F;IP address&#x2F;port pairs at
+includes, for example, de-allocating associated TCP/IP address/port pairs at
 the operating system level and de-allocating networking assignments at the
 application level if multiple application sessions are using a single operating
 system-level network connection. This does not mean that the operating system
 terminates all sessions or network access; it only ends the inactive session
-and releases the resources associated with that session.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and releases the resources associated with that session.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system automatically terminates a user session after
 inactivity time-outs have expired.
 
-    Check for the value of the &quot;ClientAliveInterval&quot; keyword with the
+    Check for the value of the "ClientAliveInterval" keyword with the
 following command:
 
-    # grep -iw clientaliveinterval &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -iw clientaliveinterval /etc/ssh/sshd_config
 
     ClientAliveInterval 600
 
-    If &quot;ClientAliveInterval&quot; is not configured, commented out, or has a value
-of &quot;0&quot;, this is a finding.
+    If "ClientAliveInterval" is not configured, commented out, or has a value
+of "0", this is a finding.
 
-    If &quot;ClientAliveInterval&quot; has a value that is greater than &quot;600&quot; and is
+    If "ClientAliveInterval" has a value that is greater than "600" and is
 not documented with the Information System Security Officer (ISSO) as an
-operational requirement, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+operational requirement, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to automatically terminate a user session
 after inactivity time-outs have expired or at shutdown.
 
     Add the following line (or modify the line to have the required value) to
-the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file (this file may be named differently or be in
+the "/etc/ssh/sshd_config" file (this file may be named differently or be in
 a different location if using a version of SSH that is provided by a
 third-party vendor):
 
     ClientAliveInterval 600
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>11e7cbf0-5b19-48ab-afe2-89e7860d3f52</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration ClientAliveInterval.to_i is expected to cmp &gt;&#x3D; 1
---------------------------------
-passed
-SSHD Configuration ClientAliveInterval.to_i is expected to cmp &lt;&#x3D; 600
---------------------------------
-passed
-SSHD Configuration ClientAliveInterval is expected not to eq nil</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71989</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86613r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable SELinux.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72237\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all network connections associated with SSH traffic are terminated at the\nend of the session or after 10 minutes of inactivity, except to fulfill\ndocumented and validated mission requirements.\"\n  desc  \"Terminating an idle SSH session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle SSH session will also free\nup resources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean that the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system automatically terminates a user session after\ninactivity time-outs have expired.\n\n    Check for the value of the \\\"ClientAliveInterval\\\" keyword with the\nfollowing command:\n\n    # grep -iw clientaliveinterval /etc/ssh/sshd_config\n\n    ClientAliveInterval 600\n\n    If \\\"ClientAliveInterval\\\" is not configured, commented out, or has a value\nof \\\"0\\\", this is a finding.\n\n    If \\\"ClientAliveInterval\\\" has a value that is greater than \\\"600\\\" and is\nnot documented with the Information System Security Officer (ISSO) as an\noperational requirement, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to automatically terminate a user session\nafter inactivity time-outs have expired or at shutdown.\n\n    Add the following line (or modify the line to have the required value) to\nthe \\\"/etc/ssh/sshd_config\\\" file (this file may be named differently or be in\na different location if using a version of SSH that is provided by a\nthird-party vendor):\n\n    ClientAliveInterval 600\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000163-GPOS-00072\"\n  tag satisfies: [\"SRG-OS-000163-GPOS-00072\", \"SRG-OS-000279-GPOS-00109\"]\n  tag gid: \"V-72237\"\n  tag rid: \"SV-86861r4_rule\"\n  tag stig_id: \"RHEL-07-040320\"\n  tag fix_id: \"F-78591r2_fix\"\n  tag cci: [\"CCI-001133\", \"CCI-002361\"]\n  tag nist: [\"SC-10\", \"AC-12\", \"Rev_4\"]\n\n  client_alive_interval = input('client_alive_interval')\n\n  #This may show slightly confusing results when a ClientAliveInterValue is not\n  #specified. Specifically, because the value will be nil and when you try to\n  #convert it to an integer using to_i it will convert it to 0 and pass the\n  #&lt;= client_alive_interval check. However, the control as a whole will still fail.\n  describe sshd_config do\n    its(\"ClientAliveInterval.to_i\"){should cmp &gt;= 1}\n    its(\"ClientAliveInterval.to_i\"){should cmp &lt;= client_alive_interval}\n    its(\"ClientAliveInterval\"){should_not eq nil}\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration ClientAliveInterval.to_i is expected to cmp &gt;= 1
+--------------------------------
+passed :: TEST SSHD Configuration ClientAliveInterval.to_i is expected to cmp &lt;= 600
+--------------------------------
+passed :: TEST SSHD Configuration ClientAliveInterval is expected not to eq nil</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71989</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86613r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable SELinux.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without verification of the security functions, security functions may
 not operate correctly and the failure may go unnoticed. Security function is
-defined as the hardware, software, and&#x2F;or firmware of the information system
+defined as the hardware, software, and/or firmware of the information system
 responsible for enforcing the system security policy and supporting the
 isolation of code and data on which the protection is based. Security
 functionality includes, but is not limited to, establishing system accounts,
@@ -30785,1431 +29459,1358 @@ configuring access authorizations (i.e., permissions, privileges), setting
 events to be audited, and setting intrusion detection parameters.
 
     This requirement applies to operating systems performing security function
-verification&#x2F;testing and&#x2F;or systems and environments that require this
-functionality.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+verification/testing and/or systems and environments that require this
+functionality.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an HBSS or HIPS is active on the system, this is Not Applicable.
 
     Verify the operating system verifies correct operation of all security
 functions.
 
-    Check if &quot;SELinux&quot; is active and in &quot;Enforcing&quot; mode with the following
+    Check if "SELinux" is active and in "Enforcing" mode with the following
 command:
 
     # getenforce
     Enforcing
 
-    If &quot;SELinux&quot; is not active and not in &quot;Enforcing&quot; mode, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "SELinux" is not active and not in "Enforcing" mode, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify correct operation of all security
 functions.
 
-    Set the &quot;SELinux&quot; status and the &quot;Enforcing&quot; mode by modifying the
-&quot;&#x2F;etc&#x2F;selinux&#x2F;config&quot; file to have the following line:
-
-    SELINUX&#x3D;enforcing
-
-    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>634a4141-f45b-4ec2-9efd-47a330a14cfe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;getenforce&#x60; stdout.strip is expected to eq &quot;Enforcing&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95727r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the "SELinux" status and the "Enforcing" mode by modifying the
+"/etc/selinux/config" file to have the following line:
+
+    SELINUX=enforcing
+
+    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71989\" do\n  title \"The Red Hat Enterprise Linux operating system must enable SELinux.\"\n  desc  \"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If an HBSS or HIPS is active on the system, this is Not Applicable.\n\n    Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \\\"SELinux\\\" is active and in \\\"Enforcing\\\" mode with the following\ncommand:\n\n    # getenforce\n    Enforcing\n\n    If \\\"SELinux\\\" is not active and not in \\\"Enforcing\\\" mode, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \\\"SELinux\\\" status and the \\\"Enforcing\\\" mode by modifying the\n\\\"/etc/selinux/config\\\" file to have the following line:\n\n    SELINUX=enforcing\n\n    A reboot is required for the changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000445-GPOS-00199\"\n  tag gid: \"V-71989\"\n  tag rid: \"SV-86613r3_rule\"\n  tag stig_id: \"RHEL-07-020210\"\n  tag fix_id: \"F-78341r2_fix\"\n  tag cci: [\"CCI-002165\", \"CCI-002696\"]\n  tag nist: [\"AC-3 (4)\", \"SI-6 a\", \"Rev_4\"]\n\n  describe command('getenforce') do\n    its('stdout.strip') { should eq 'Enforcing' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `getenforce` stdout.strip is expected to eq "Enforcing"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95727r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-use the au-remote plugin.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+use the au-remote plugin.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
 storage capacity.
 
-    Without the configuration of the &quot;au-remote&quot; plugin, the audisp-remote
-daemon will not off-load the logs from the system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the &quot;au-remote&quot; plugin is active on the system:
-
-    # grep &quot;active&quot; &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf
-
-    active &#x3D; yes
-
-    If the &quot;active&quot; setting is not set to &quot;yes&quot;, or the line is commented
-out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf file and change the value of
-&quot;active&quot; to &quot;yes&quot;.
+    Without the configuration of the "au-remote" plugin, the audisp-remote
+daemon will not off-load the logs from the system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the "au-remote" plugin is active on the system:
+
+    # grep "active" /etc/audisp/plugins.d/au-remote.conf
+
+    active = yes
+
+    If the "active" setting is not set to "yes", or the line is commented
+out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/plugins.d/au-remote.conf file and change the value of
+"active" to "yes".
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>faac7b74-f692-449b-91fe-2764903670f1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This test cannot be checked in a automated fashion and you must check it manually
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This check must be performed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72003</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86627r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81015\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nuse the au-remote plugin.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    Without the configuration of the \\\"au-remote\\\" plugin, the audisp-remote\ndaemon will not off-load the logs from the system being audited.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the \\\"au-remote\\\" plugin is active on the system:\n\n    # grep \\\"active\\\" /etc/audisp/plugins.d/au-remote.conf\n\n    active = yes\n\n    If the \\\"active\\\" setting is not set to \\\"yes\\\", or the line is commented\nout, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/plugins.d/au-remote.conf file and change the value of\n\\\"active\\\" to \\\"yes\\\".\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81015\"\n  tag rid: \"SV-95727r1_rule\"\n  tag stig_id: \"RHEL-07-030200\"\n  tag fix_id: \"F-87849r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  test_file = '/etc/audisp/plugins.d/au-remote.conf'\n\n  if file(test_file).exist?\n    describe parse_config_file(test_file) do\n      its('active') { should match %r{yes$} }\n    end\n  else\n    describe \"File '#{test_file}' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '#{test_file}' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually :: SKIP_MESSAGE File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This check must be performed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86627r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all Group Identifiers (GIDs) referenced in the &#x2F;etc&#x2F;passwd file are
-defined in the &#x2F;etc&#x2F;group file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all Group Identifiers (GIDs) referenced in the /etc/passwd file are
+defined in the /etc/group file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a user is assigned the GID of a group not existing on the system,
 and a group with the GID is subsequently created, the user may have unintended
-rights to any files associated with the group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify all GIDs referenced in the &quot;&#x2F;etc&#x2F;passwd&quot; file are defined in the
-&quot;&#x2F;etc&#x2F;group&quot; file.
+rights to any files associated with the group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify all GIDs referenced in the "/etc/passwd" file are defined in the
+"/etc/group" file.
 
     Check that all referenced GIDs exist with the following command:
 
     # pwck -r
 
-    If GIDs referenced in &quot;&#x2F;etc&#x2F;passwd&quot; file are returned as not defined in
-&quot;&#x2F;etc&#x2F;group&quot; file, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If GIDs referenced in "/etc/passwd" file are returned as not defined in
+"/etc/group" file, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to define all GIDs found in the
-&quot;&#x2F;etc&#x2F;passwd&quot; file by modifying the &quot;&#x2F;etc&#x2F;group&quot; file to add any
-non-existent group referenced in the &quot;&#x2F;etc&#x2F;passwd&quot; file, or change the GIDs
-referenced in the &quot;&#x2F;etc&#x2F;passwd&quot; file to a group that exists in
-&quot;&#x2F;etc&#x2F;group&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>912d7023-b9ca-45e9-bded-6a2d19606ed4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 1
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 2
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 4
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 7
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 12
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 99
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 192
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 81
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 998
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 74
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 89
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 995
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 1000
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 59
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 993</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-92251</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-102353r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040611</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/passwd" file by modifying the "/etc/group" file to add any
+non-existent group referenced in the "/etc/passwd" file, or change the GIDs
+referenced in the "/etc/passwd" file to a group that exists in
+"/etc/group".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72003\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all Group Identifiers (GIDs) referenced in the /etc/passwd file are\ndefined in the /etc/group file.\"\n  desc  \"If a user is assigned the GID of a group not existing on the system,\nand a group with the GID is subsequently created, the user may have unintended\nrights to any files associated with the group.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all GIDs referenced in the \\\"/etc/passwd\\\" file are defined in the\n\\\"/etc/group\\\" file.\n\n    Check that all referenced GIDs exist with the following command:\n\n    # pwck -r\n\n    If GIDs referenced in \\\"/etc/passwd\\\" file are returned as not defined in\n\\\"/etc/group\\\" file, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system to define all GIDs found in the\n\\\"/etc/passwd\\\" file by modifying the \\\"/etc/group\\\" file to add any\nnon-existent group referenced in the \\\"/etc/passwd\\\" file, or change the GIDs\nreferenced in the \\\"/etc/passwd\\\" file to a group that exists in\n\\\"/etc/group\\\".\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000104-GPOS-00051\"\n  tag gid: \"V-72003\"\n  tag rid: \"SV-86627r2_rule\"\n  tag stig_id: \"RHEL-07-020300\"\n  tag fix_id: \"F-78355r1_fix\"\n  tag cci: [\"CCI-000764\"]\n  tag nist: [\"IA-2\", \"Rev_4\"]\n\n  passwd.gids.each do |gid|\n    describe etc_group do\n      its('gids') { should include gid.to_i }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 1
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 2
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 4
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 7
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 12
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 99
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 192
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 81
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 998
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 74
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 89
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 995
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 1000
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 59
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 993</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-92251</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-102353r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040611</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a reverse-path
-filter for IPv4 network traffic when possible on all interfaces.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+filter for IPv4 network traffic when possible on all interfaces.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enabling reverse path filtering drops packets with source addresses
 that should not have been able to be received on the interface they were
 received on. It should not be used on systems which are routers for complicated
-networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system uses a reverse-path filter for IPv4:
 
-    # grep net.ipv4.conf.all.rp_filter &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
-    net.ipv4.conf.all.rp_filter &#x3D; 1
+    # grep net.ipv4.conf.all.rp_filter /etc/sysctl.conf /etc/sysctl.d/*
+    net.ipv4.conf.all.rp_filter = 1
 
-    If &quot;net.ipv4.conf.all.rp_filter&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;1&quot;, this is a finding.
+    If "net.ipv4.conf.all.rp_filter" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "1", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.all.rp_filter
-    net.ipv4.conf.all.rp_filter &#x3D; 1
+    # /sbin/sysctl -a | grep net.ipv4.conf.all.rp_filter
+    net.ipv4.conf.all.rp_filter = 1
 
-    If the returned line does not have a value of &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.rp_filter &#x3D; 1
+    net.ipv4.conf.all.rp_filter = 1
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>69c12179-8209-4de8-9db0-b75592e4077b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.rp_filter value is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86813r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030830</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-92251\" do\n  title \"The Red Hat Enterprise Linux operating system must use a reverse-path\nfilter for IPv4 network traffic when possible on all interfaces.\"\n  desc  \"Enabling reverse path filtering drops packets with source addresses\nthat should not have been able to be received on the interface they were\nreceived on. It should not be used on systems which are routers for complicated\nnetworks, but is helpful for end hosts and routers serving small networks.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system uses a reverse-path filter for IPv4:\n\n    # grep net.ipv4.conf.all.rp_filter /etc/sysctl.conf /etc/sysctl.d/*\n    net.ipv4.conf.all.rp_filter = 1\n\n    If \\\"net.ipv4.conf.all.rp_filter\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"1\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.all.rp_filter\n    net.ipv4.conf.all.rp_filter = 1\n\n    If the returned line does not have a value of \\\"1\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.rp_filter = 1\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-92251\"\n  tag rid: \"SV-102353r1_rule\"\n  tag stig_id: \"RHEL-07-040611\"\n  tag fix_id: \"F-98473r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.rp_filter') do\n    its('value') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.rp_filter value is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86813r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030830</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the delete_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the delete_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;delete_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "delete_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw delete_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw delete_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S delete_module -k module-change
+    -a always,exit -F arch=b32 -S delete_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S delete_module -k module-change
+    -a always,exit -F arch=b64 -S delete_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;delete_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"delete_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;delete_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S delete_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S delete_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>35b0e522-b36a-44df-b8e9-19f3886ff872</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73175</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87827r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040641</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "delete_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S delete_module -k module-change
+
+    -a always,exit -F arch=b64 -S delete_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72189\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe delete_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"delete_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw delete_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S delete_module -k module-change\n\n    -a always,exit -F arch=b64 -S delete_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"delete_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"delete_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S delete_module -k module-change\n\n    -a always,exit -F arch=b64 -S delete_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-72189\"\n  tag rid: \"SV-86813r5_rule\"\n  tag stig_id: \"RHEL-07-030830\"\n  tag fix_id: \"F-78543r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"delete_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"delete_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73175</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87827r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040641</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must ignore Internet
 Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect
-messages.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+messages.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages modify the
-host&#39;s route table and are unauthenticated. An illicit ICMP redirect message
-could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+host's route table and are unauthenticated. An illicit ICMP redirect message
+could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system ignores IPv4 ICMP redirect messages.
 
-    # grep &#39;net.ipv4.conf.all.accept_redirects&#39; &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.all.accept_redirects' /etc/sysctl.conf /etc/sysctl.d/*
 
-    If &quot; net.ipv4.conf.all.accept_redirects &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.all.accept_redirects " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
-    Check that the operating system implements the &quot;accept_redirects&quot;
+    Check that the operating system implements the "accept_redirects"
 variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.all.accept_redirects&#39;
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.accept_redirects'
 
-    net.ipv4.conf.all.accept_redirects &#x3D; 0
+    net.ipv4.conf.all.accept_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to ignore IPv4 ICMP redirect messages by adding the
-following line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the
-&#x2F;etc&#x2F;sysctl.d&#x2F; directory (or modify the line to have the required value):
+following line to "/etc/sysctl.conf" or a configuration file in the
+/etc/sysctl.d/ directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.accept_redirects &#x3D; 0
+    net.ipv4.conf.all.accept_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e719f98a-ac01-4c56-8228-8adea290896f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.accept_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72261</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86885r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73175\" do\n  title \"The Red Hat Enterprise Linux operating system must ignore Internet\nProtocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect\nmessages.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages modify the\nhost's route table and are unauthenticated. An illicit ICMP redirect message\ncould result in a man-in-the-middle attack.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system ignores IPv4 ICMP redirect messages.\n\n    # grep 'net.ipv4.conf.all.accept_redirects' /etc/sysctl.conf /etc/sysctl.d/*\n\n    If \\\" net.ipv4.conf.all.accept_redirects \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the \\\"accept_redirects\\\"\nvariables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.accept_redirects'\n\n    net.ipv4.conf.all.accept_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to ignore IPv4 ICMP redirect messages by adding the\nfollowing line to \\\"/etc/sysctl.conf\\\" or a configuration file in the\n/etc/sysctl.d/ directory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.accept_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-73175\"\n  tag rid: \"SV-87827r4_rule\"\n  tag stig_id: \"RHEL-07-040641\"\n  tag fix_id: \"F-79621r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.accept_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.accept_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72261</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86885r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon does not permit Kerberos authentication unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon does not permit Kerberos authentication unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Kerberos authentication for SSH is often implemented using Generic
 Security Service Application Program Interface (GSSAPI). If Kerberos is enabled
-through SSH, the SSH daemon provides a means of access to the system&#39;s Kerberos
-implementation. Vulnerabilities in the system&#39;s Kerberos implementation may
+through SSH, the SSH daemon provides a means of access to the system's Kerberos
+implementation. Vulnerabilities in the system's Kerberos implementation may
 then be subject to exploitation. To reduce the attack surface of the system,
 the Kerberos authentication mechanism within SSH must be disabled for systems
-not using this capability.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+not using this capability.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not permit Kerberos to authenticate passwords
 unless approved.
 
     Check that the SSH daemon does not permit Kerberos to authenticate
 passwords with the following command:
 
-    # grep -i kerberosauth &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i kerberosauth /etc/ssh/sshd_config
     KerberosAuthentication no
 
-    If the &quot;KerberosAuthentication&quot; keyword is missing, or is set to &quot;yes&quot;
+    If the "KerberosAuthentication" keyword is missing, or is set to "yes"
 and is not documented with the Information System Security Officer (ISSO), or
-the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;KerberosAuthentication&quot; keyword in
-&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this file may be named differently or be in a
+the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "KerberosAuthentication" keyword in
+"/etc/ssh/sshd_config" (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
-vendor) and set the value to &quot;no&quot;:
+vendor) and set the value to "no":
 
     KerberosAuthentication no
 
     The SSH service must be restarted for changes to take effect.
 
     If Kerberos authentication is required, it must be documented, to include
-the location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1509f431-54e5-4114-a748-92be9ad17ee0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration KerberosAuthentication is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72171</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86795r7_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030740</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+the location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72261\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not permit Kerberos authentication unless needed.\"\n  desc  \"Kerberos authentication for SSH is often implemented using Generic\nSecurity Service Application Program Interface (GSSAPI). If Kerberos is enabled\nthrough SSH, the SSH daemon provides a means of access to the system's Kerberos\nimplementation. Vulnerabilities in the system's Kerberos implementation may\nthen be subject to exploitation. To reduce the attack surface of the system,\nthe Kerberos authentication mechanism within SSH must be disabled for systems\nnot using this capability.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not permit Kerberos to authenticate passwords\nunless approved.\n\n    Check that the SSH daemon does not permit Kerberos to authenticate\npasswords with the following command:\n\n    # grep -i kerberosauth /etc/ssh/sshd_config\n    KerberosAuthentication no\n\n    If the \\\"KerberosAuthentication\\\" keyword is missing, or is set to \\\"yes\\\"\nand is not documented with the Information System Security Officer (ISSO), or\nthe returned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"KerberosAuthentication\\\" keyword in\n\\\"/etc/ssh/sshd_config\\\" (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor) and set the value to \\\"no\\\":\n\n    KerberosAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n\n    If Kerberos authentication is required, it must be documented, to include\nthe location of the configuration file, with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000364-GPOS-00151\"\n  tag gid: \"V-72261\"\n  tag rid: \"SV-86885r3_rule\"\n  tag stig_id: \"RHEL-07-040440\"\n  tag fix_id: \"F-78615r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('KerberosAuthentication') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration KerberosAuthentication is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72171</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86795r7_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030740</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the mount command and syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the mount command and syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged mount commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;mount&quot; command and syscall occur.
+successful/unsuccessful attempts to use the "mount" command and syscall occur.
 
     Check that the following system call is being audited by performing the
 following series of commands to check the file system rules in
-&quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+"/etc/audit/audit.rules":
 
-    # grep -iw &quot;mount&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw "mount" /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F arch&#x3D;b64 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;mount&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"mount" syscall, this is a finding.
 
-    If all uses of the &quot;mount&quot; command are not being audited, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If all uses of the "mount" command are not being audited, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;mount&quot; command and syscall occur.
+successful/unsuccessful attempts to use the "mount" command and syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F arch&#x3D;b64 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>83a3ff1a-84a3-498d-a735-b420b015558a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with path &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;mount&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with path &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;mount&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81011</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95723r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount &#x2F;dev&#x2F;shm with
-the nosuid option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute
-&quot;setuid&quot; and &quot;setgid&quot; files with owner privileges. This option must be used
-for mounting any file system not containing approved &quot;setuid&quot; and &quot;setguid&quot;
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72171\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe mount command and syscall.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged mount commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"mount\\\" command and syscall occur.\n\n    Check that the following system call is being audited by performing the\nfollowing series of commands to check the file system rules in\n\\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw \\\"mount\\\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"mount\\\" syscall, this is a finding.\n\n    If all uses of the \\\"mount\\\" command are not being audited, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"mount\\\" command and syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72171\"\n  tag rid: \"SV-86795r7_rule\"\n  tag stig_id: \"RHEL-07-030740\"\n  tag fix_id: \"F-78525r9_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"mount\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"mount\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\n\n  describe auditd.path(\"/usr/bin/mount\") do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "mount" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "mount" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "mount" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "mount" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with path == "/usr/bin/mount" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with path == "/usr/bin/mount" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81011</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95723r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount /dev/shm with
+the nosuid option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute
+"setuid" and "setgid" files with owner privileges. This option must be used
+for mounting any file system not containing approved "setuid" and "setguid"
 files. Executing files from untrusted file systems increases the opportunity
-for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;nosuid&quot; option is configured for &#x2F;dev&#x2F;shm:
+for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "nosuid" option is configured for /dev/shm:
 
-    # cat &#x2F;etc&#x2F;fstab | grep &#x2F;dev&#x2F;shm
+    # cat /etc/fstab | grep /dev/shm
 
-    tmpfs &#x2F;dev&#x2F;shm tmpfs defaults,nodev,nosuid,noexec 0 0
+    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
 
-    If any results are returned and the &quot;nosuid&quot; option is not listed, this
+    If any results are returned and the "nosuid" option is not listed, this
 is a finding.
 
-    Verify &quot;&#x2F;dev&#x2F;shm&quot; is mounted with the &quot;nosuid&quot; option:
-
-    # mount | grep &quot;&#x2F;dev&#x2F;shm&quot; | grep nosuid
-
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the system so that &#x2F;dev&#x2F;shm is mounted with the
-&quot;nosuid&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6bb5f85f-6698-4988-990f-1257a2521589</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;dev&#x2F;shm options is expected to include &quot;nosuid&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72001</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86625r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Verify "/dev/shm" is mounted with the "nosuid" option:
+
+    # mount | grep "/dev/shm" | grep nosuid
+
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system so that /dev/shm is mounted with the
+"nosuid" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81011\" do\n  title \"The Red Hat Enterprise Linux operating system must mount /dev/shm with\nthe nosuid option.\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute\n\\\"setuid\\\" and \\\"setgid\\\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \\\"setuid\\\" and \\\"setguid\\\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"nosuid\\\" option is configured for /dev/shm:\n\n    # cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If any results are returned and the \\\"nosuid\\\" option is not listed, this\nis a finding.\n\n    Verify \\\"/dev/shm\\\" is mounted with the \\\"nosuid\\\" option:\n\n    # mount | grep \\\"/dev/shm\\\" | grep nosuid\n\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system so that /dev/shm is mounted with the\n\\\"nosuid\\\" option.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000368-GPOS-00154\"\n  tag gid: \"V-81011\"\n  tag rid: \"SV-95723r2_rule\"\n  tag stig_id: \"RHEL-07-021023\"\n  tag fix_id: \"F-87845r2_fix\"\n  tag cci: [\"CCI-001764\"]\n  tag nist: [\"CM-7 (2)\", \"Rev_4\"]\n\n  describe mount('/dev/shm') do\n    its('options') { should include 'nosuid' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /dev/shm options is expected to include "nosuid"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86625r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have
-unnecessary accounts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unnecessary accounts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Accounts providing no operational purpose provide additional
 opportunities for system compromise. Unnecessary accounts include user accounts
 for individuals not requiring access to the system and application accounts for
-applications not installed on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+applications not installed on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all accounts on the system are assigned to an active system,
 application, or user account.
 
@@ -32218,207 +30819,174 @@ Security Officer (ISSO).
 
     Check the system accounts on the system with the following command:
 
-    # more &#x2F;etc&#x2F;passwd
-    root:x:0:0:root:&#x2F;root:&#x2F;bin&#x2F;bash
-    bin:x:1:1:bin:&#x2F;bin:&#x2F;sbin&#x2F;nologin
-    daemon:x:2:2:daemon:&#x2F;sbin:&#x2F;sbin&#x2F;nologin
-    sync:x:5:0:sync:&#x2F;sbin:&#x2F;bin&#x2F;sync
-    shutdown:x:6:0:shutdown:&#x2F;sbin:&#x2F;sbin&#x2F;shutdown
-    halt:x:7:0:halt:&#x2F;sbin:&#x2F;sbin&#x2F;halt
-    games:x:12:100:games:&#x2F;usr&#x2F;games:&#x2F;sbin&#x2F;nologin
-    gopher:x:13:30:gopher:&#x2F;var&#x2F;gopher:&#x2F;sbin&#x2F;nologin
-
-    Accounts such as &quot;games&quot; and &quot;gopher&quot; are not authorized accounts as
+    # more /etc/passwd
+    root:x:0:0:root:/root:/bin/bash
+    bin:x:1:1:bin:/bin:/sbin/nologin
+    daemon:x:2:2:daemon:/sbin:/sbin/nologin
+    sync:x:5:0:sync:/sbin:/bin/sync
+    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
+    halt:x:7:0:halt:/sbin:/sbin/halt
+    games:x:12:100:games:/usr/games:/sbin/nologin
+    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
+
+    Accounts such as "games" and "gopher" are not authorized accounts as
 they do not support authorized system functions.
 
     If the accounts on the system do not match the provided documentation, or
 accounts that do not support an authorized system function are present, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system so all accounts on the system are assigned to an
 active system, application, or user account.
 
     Remove accounts that do not support approved system activities or that
 allow for a normal user to perform administrative-level actions.
 
-    Document all authorized accounts on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>74fb4bec-cebd-47fe-8967-cc1f9684baf6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-root is listed in allowed users.
---------------------------------
-passed
-bin is listed in allowed users.
---------------------------------
-passed
-daemon is listed in allowed users.
---------------------------------
-passed
-adm is listed in allowed users.
---------------------------------
-passed
-lp is listed in allowed users.
---------------------------------
-passed
-sync is listed in allowed users.
---------------------------------
-passed
-shutdown is listed in allowed users.
---------------------------------
-passed
-halt is listed in allowed users.
---------------------------------
-passed
-mail is listed in allowed users.
---------------------------------
-passed
-operator is listed in allowed users.
---------------------------------
-passed
-nobody is listed in allowed users.
---------------------------------
-passed
-systemd-network is listed in allowed users.
-expected &#x60;systemd-network&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-dbus is listed in allowed users.
-expected &#x60;dbus&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-polkitd is listed in allowed users.
-expected &#x60;polkitd&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-sshd is listed in allowed users.
-expected &#x60;sshd&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-postfix is listed in allowed users.
-expected &#x60;postfix&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-chrony is listed in allowed users.
-expected &#x60;chrony&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-ec2-user is listed in allowed users.
-expected &#x60;ec2-user&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-tss is listed in allowed users.
-expected &#x60;tss&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-sssd is listed in allowed users.
-expected &#x60;sssd&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-78997</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93703r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Document all authorized accounts on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72001\" do\n  title \"The Red Hat Enterprise Linux operating system must not have\nunnecessary accounts.\"\n  desc  \"Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all accounts on the system are assigned to an active system,\napplication, or user account.\n\n    Obtain the list of authorized system accounts from the Information System\nSecurity Officer (ISSO).\n\n    Check the system accounts on the system with the following command:\n\n    # more /etc/passwd\n    root:x:0:0:root:/root:/bin/bash\n    bin:x:1:1:bin:/bin:/sbin/nologin\n    daemon:x:2:2:daemon:/sbin:/sbin/nologin\n    sync:x:5:0:sync:/sbin:/bin/sync\n    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\n    halt:x:7:0:halt:/sbin:/sbin/halt\n    games:x:12:100:games:/usr/games:/sbin/nologin\n    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin\n\n    Accounts such as \\\"games\\\" and \\\"gopher\\\" are not authorized accounts as\nthey do not support authorized system functions.\n\n    If the accounts on the system do not match the provided documentation, or\naccounts that do not support an authorized system function are present, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system so all accounts on the system are assigned to an\nactive system, application, or user account.\n\n    Remove accounts that do not support approved system activities or that\nallow for a normal user to perform administrative-level actions.\n\n    Document all authorized accounts on the system.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72001\"\n  tag rid: \"SV-86625r2_rule\"\n  tag stig_id: \"RHEL-07-020270\"\n  tag fix_id: \"F-78353r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  known_system_accounts = input('known_system_accounts')\n  user_accounts = input('user_accounts')\n\n  allowed_accounts = (known_system_accounts + user_accounts).uniq\n  passwd.users.each do |user|\n    describe user do\n      it \"is listed in allowed users.\" do\n        expect(subject).to(be_in allowed_accounts)\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST root is listed in allowed users.
+--------------------------------
+passed :: TEST bin is listed in allowed users.
+--------------------------------
+passed :: TEST daemon is listed in allowed users.
+--------------------------------
+passed :: TEST adm is listed in allowed users.
+--------------------------------
+passed :: TEST lp is listed in allowed users.
+--------------------------------
+passed :: TEST sync is listed in allowed users.
+--------------------------------
+passed :: TEST shutdown is listed in allowed users.
+--------------------------------
+passed :: TEST halt is listed in allowed users.
+--------------------------------
+passed :: TEST mail is listed in allowed users.
+--------------------------------
+passed :: TEST operator is listed in allowed users.
+--------------------------------
+passed :: TEST nobody is listed in allowed users.
+--------------------------------
+passed :: TEST systemd-network is listed in allowed users. :: MESSAGE expected `systemd-network` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST dbus is listed in allowed users. :: MESSAGE expected `dbus` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST polkitd is listed in allowed users. :: MESSAGE expected `polkitd` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST sshd is listed in allowed users. :: MESSAGE expected `sshd` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST postfix is listed in allowed users. :: MESSAGE expected `postfix` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST chrony is listed in allowed users. :: MESSAGE expected `chrony` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST ec2-user is listed in allowed users. :: MESSAGE expected `ec2-user` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST tss is listed in allowed users. :: MESSAGE expected `tss` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST sssd is listed in allowed users. :: MESSAGE expected `sssd` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-78997</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93703r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
 overriding the screensaver idle-activation-enabled setting for the graphical
-user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session lock is a temporary action taken when a user stops work and
 moves away from the immediate physical vicinity of the information system but
 does not want to log out because of the temporary nature of the absence.
@@ -32426,17 +30994,17 @@ does not want to log out because of the temporary nature of the absence.
     The session lock is implemented at the point where session activity can be
 determined.
 
-    The ability to enable&#x2F;disable a session lock is given to the user by
-default. Disabling the user&#39;s ability to disengage the graphical user interface
+    The ability to enable/disable a session lock is given to the user by
+default. Disabling the user's ability to disengage the graphical user interface
 session lock provides the assurance that all sessions will lock after the
-specified period of time.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+specified period of time.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding the screensaver
 idle-activation-enabled setting for the graphical user interface.
 
@@ -32446,24 +31014,24 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the idle-activation-enabled setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i idle-activation-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i idle-activation-enabled /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;idle-activation-enabled
+    /org/gnome/desktop/screensaver/idle-activation-enabled
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a
 screensaver lock after a 15-minute period of inactivity for graphical user
 interfaces.
@@ -32471,444 +31039,426 @@ interfaces.
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in "/etc/dconf/profile/user", the
 file should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the screensaver idle-activation-enabled setting:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;idle-activation-enabled</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c6c9c0a6-ac42-48d7-90bc-4a1d5da91f5f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72265</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86889r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040460</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/screensaver/idle-activation-enabled</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-78997\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\noverriding the screensaver idle-activation-enabled setting for the graphical\nuser interface.\"\n  desc  \"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    The ability to enable/disable a session lock is given to the user by\ndefault. Disabling the user's ability to disengage the graphical user interface\nsession lock provides the assurance that all sessions will lock after the\nspecified period of time.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding the screensaver\nidle-activation-enabled setting for the graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    Determine which profile the system database is using with the following\ncommand:\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check for the idle-activation-enabled setting with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nthe path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\nother than \\\"local\\\" is being used.\n\n    # grep -i idle-activation-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/idle-activation-enabled\n\n    If the command does not return a result, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a\nscreensaver lock after a 15-minute period of inactivity for graphical user\ninterfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nif the system is using another database in \\\"/etc/dconf/profile/user\\\", the\nfile should be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/locks/session\n\n    Add the setting to lock the screensaver idle-activation-enabled setting:\n\n    /org/gnome/desktop/screensaver/idle-activation-enabled\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-78997\"\n  tag rid: \"SV-93703r2_rule\"\n  tag stig_id: \"RHEL-07-010101\"\n  tag fix_id: \"F-85747r1_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe command(\"gsettings writable org.gnome.desktop.screensaver idle-activation-enabled\") do\n    its('stdout.strip') { should cmp 'false' }\n  end if package('gnome-desktop3').installed?\n\n  describe \"The GNOME desktop is not installed\" do\n    skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n  end if !package('gnome-desktop3').installed?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72265</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86889r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040460</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon uses privilege separation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon uses privilege separation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>SSH daemon privilege separation causes the SSH process to drop root
 privileges when not needed, which would decrease the impact of software
-vulnerabilities in the unprivileged section.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+vulnerabilities in the unprivileged section.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon performs privilege separation.
 
     Check that the SSH daemon performs privilege separation with the following
 command:
 
-    # grep -i usepriv &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i usepriv /etc/ssh/sshd_config
 
     UsePrivilegeSeparation sandbox
 
-    If the &quot;UsePrivilegeSeparation&quot; keyword is set to &quot;no&quot;, is missing, or
-the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;UsePrivilegeSeparation&quot; keyword in
-&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this file may be named differently or be in a
+    If the "UsePrivilegeSeparation" keyword is set to "no", is missing, or
+the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "UsePrivilegeSeparation" keyword in
+"/etc/ssh/sshd_config" (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
-vendor) and set the value to &quot;sandbox&quot; or &quot;yes&quot;:
+vendor) and set the value to "sandbox" or "yes":
 
     UsePrivilegeSeparation sandbox
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7dafa711-07e3-4cc8-b725-c0876d02d914</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration UsePrivilegeSeparation is expected to cmp &#x3D;&#x3D; &quot;sandbox&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87817r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030871</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72265\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon uses privilege separation.\"\n  desc  \"SSH daemon privilege separation causes the SSH process to drop root\nprivileges when not needed, which would decrease the impact of software\nvulnerabilities in the unprivileged section.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon performs privilege separation.\n\n    Check that the SSH daemon performs privilege separation with the following\ncommand:\n\n    # grep -i usepriv /etc/ssh/sshd_config\n\n    UsePrivilegeSeparation sandbox\n\n    If the \\\"UsePrivilegeSeparation\\\" keyword is set to \\\"no\\\", is missing, or\nthe returned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"UsePrivilegeSeparation\\\" keyword in\n\\\"/etc/ssh/sshd_config\\\" (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor) and set the value to \\\"sandbox\\\" or \\\"yes\\\":\n\n    UsePrivilegeSeparation sandbox\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72265\"\n  tag rid: \"SV-86889r3_rule\"\n  tag stig_id: \"RHEL-07-040460\"\n  tag fix_id: \"F-78619r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe sshd_config do\n      its('UsePrivilegeSeparation') { should cmp 'sandbox' }\n    end\n    describe sshd_config do\n      its('UsePrivilegeSeparation') { should cmp 'yes' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration UsePrivilegeSeparation is expected to cmp == "sandbox"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87817r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030871</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;group&quot;.
+"/etc/group".
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;group &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/group /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;group -p wa -k identity
+    -w /etc/group -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;group&quot;.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;group -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d384a6dd-5c7c-4e7c-b929-62f938b389a0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;group&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;group&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72307</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86931r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040730</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/group".
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/group -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73165\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/group.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/group\\\".\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/group /etc/audit/audit.rules\n\n    -w /etc/group -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/group\\\".\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/group -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73165\"\n  tag rid: \"SV-87817r3_rule\"\n  tag stig_id: \"RHEL-07-030871\"\n  tag fix_id: \"F-79611r3_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/group'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/group" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/group" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72307</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86931r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040730</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have an X
-Windows display manager installed unless approved.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Windows display manager installed unless approved.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Internet services that are not required for system or application
 processes must not be active to decrease the attack surface of the system. X
 Windows has a long history of security vulnerabilities and will not be used
-unless approved and documented.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unless approved and documented.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that if the system has X Windows System installed, it is authorized.
 
     Check for the X11 package with the following command:
@@ -32919,476 +31469,449 @@ unless approved and documented.</ATTRIBUTE_DATA>
 operational requirement.
 
     If the use of X Windows on the system is not documented with the
-Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Document the requirement for an X Windows server with the ISSO or remove
 the related packages with the following commands:
 
-    # rpm -e xorg-x11-server-common</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a7c389a6-445c-4677-b715-582886a80df3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package xorg-x11-server-common is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86757r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030550</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # rpm -e xorg-x11-server-common</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72307\" do\n  title \"The Red Hat Enterprise Linux operating system must not have an X\nWindows display manager installed unless approved.\"\n  desc  \"Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system. X\nWindows has a long history of security vulnerabilities and will not be used\nunless approved and documented.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that if the system has X Windows System installed, it is authorized.\n\n    Check for the X11 package with the following command:\n\n    # rpm -qa | grep xorg | grep server\n\n    Ask the System Administrator if use of the X Windows System is an\noperational requirement.\n\n    If the use of X Windows on the system is not documented with the\nInformation System Security Officer (ISSO), this is a finding.\n  \"\n  desc  \"fix\", \"\n    Document the requirement for an X Windows server with the ISSO or remove\nthe related packages with the following commands:\n\n    # rpm -e xorg-x11-server-common\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72307\"\n  tag rid: \"SV-86931r4_rule\"\n  tag stig_id: \"RHEL-07-040730\"\n  tag fix_id: \"F-78661r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  x11_enabled = input('x11_enabled')\n\n  describe package('xorg-x11-server-common') do\n    it { should_not be_installed }\n  end if !x11_enabled\n\n  describe package('xorg-x11-server-common') do\n    it { should be_installed }\n  end if x11_enabled\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package xorg-x11-server-common is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86757r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030550</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the ftruncate syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the ftruncate syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ftruncate&quot; syscall occur.
+successful/unsuccessful attempts to use the "ftruncate" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw ftruncate &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw ftruncate /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;ftruncate&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"ftruncate" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ftruncate&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6d95d5bb-6b3b-46f5-a855-bb645de75423</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71941</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000118-GPOS-00060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86565r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "ftruncate" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72133\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe ftruncate syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"ftruncate\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw ftruncate /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"ftruncate\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"ftruncate\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72133\"\n  tag rid: \"SV-86757r5_rule\"\n  tag stig_id: \"RHEL-07-030550\"\n  tag fix_id: \"F-78485r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"ftruncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"ftruncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"ftruncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"ftruncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71941</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000118-GPOS-00060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86565r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must disable account
-identifiers (individuals, groups, roles, and devices) if the password expires.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+identifiers (individuals, groups, roles, and devices) if the password expires.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Inactive identifiers pose a risk to systems and applications because
 attackers may exploit an inactive identifier and potentially obtain undetected
 access to the system. Owners of inactive accounts will not notice if
 unauthorized access to their user account has been obtained.
 
     Operating systems need to track periods of inactivity and disable
-application identifiers after zero days of inactivity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+application identifiers after zero days of inactivity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If passwords are not being used for authentication, this is Not Applicable.
 
     Verify the operating system disables account identifiers (individuals,
 groups, roles, and devices) after the password expires with the following
 command:
 
-    # grep -i inactive &#x2F;etc&#x2F;default&#x2F;useradd
-    INACTIVE&#x3D;0
+    # grep -i inactive /etc/default/useradd
+    INACTIVE=0
 
-    If the value is not set to &quot;0&quot;, is commented out, or is not defined, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is not set to "0", is commented out, or is not defined, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable account identifiers (individuals,
 groups, roles, and devices) after the password expires.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;default&#x2F;useradd&quot; (or modify the line to
+    Add the following line to "/etc/default/useradd" (or modify the line to
 have the required value):
 
-    INACTIVE&#x3D;0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4b03757f-af2d-401e-8258-657cd45fdede</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000795</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;default&#x2F;useradd INACTIVE is expected to cmp &gt;&#x3D; 0
---------------------------------
-passed
-Parse Config File &#x2F;etc&#x2F;default&#x2F;useradd INACTIVE is expected to cmp &lt;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86837r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-032000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    INACTIVE=0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71941\" do\n  title \"The Red Hat Enterprise Linux operating system must disable account\nidentifiers (individuals, groups, roles, and devices) if the password expires.\"\n  desc  \"Inactive identifiers pose a risk to systems and applications because\nattackers may exploit an inactive identifier and potentially obtain undetected\naccess to the system. Owners of inactive accounts will not notice if\nunauthorized access to their user account has been obtained.\n\n    Operating systems need to track periods of inactivity and disable\napplication identifiers after zero days of inactivity.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If passwords are not being used for authentication, this is Not Applicable.\n\n    Verify the operating system disables account identifiers (individuals,\ngroups, roles, and devices) after the password expires with the following\ncommand:\n\n    # grep -i inactive /etc/default/useradd\n    INACTIVE=0\n\n    If the value is not set to \\\"0\\\", is commented out, or is not defined, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable account identifiers (individuals,\ngroups, roles, and devices) after the password expires.\n\n    Add the following line to \\\"/etc/default/useradd\\\" (or modify the line to\nhave the required value):\n\n    INACTIVE=0\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000118-GPOS-00060\"\n  tag gid: \"V-71941\"\n  tag rid: \"SV-86565r2_rule\"\n  tag stig_id: \"RHEL-07-010310\"\n  tag fix_id: \"F-78293r1_fix\"\n  tag cci: [\"CCI-000795\"]\n  tag nist: [\"IA-4 e\", \"Rev_4\"]\n\n  days_of_inactivity = input('days_of_inactivity')\n\n  describe parse_config_file(\"/etc/default/useradd\") do\n    its('INACTIVE') { should cmp &gt;= 0 }\n    its('INACTIVE') { should cmp &lt;= days_of_inactivity }\n  end\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000795</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/default/useradd INACTIVE is expected to cmp &gt;= 0
+--------------------------------
+passed :: TEST Parse Config File /etc/default/useradd INACTIVE is expected to cmp &lt;= 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86837r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-032000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a virus scan
-program.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+program.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Virus scanning software can be used to protect a system from
 penetration from computer viruses and to limit their spread through
 intermediate systems.
@@ -33399,749 +31922,712 @@ must be configured to scan, at a minimum, all altered files on the system on a
 daily basis.
 
     If the system processes inbound SMTP mail, the virus scanner must be
-configured to scan all received mail.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+configured to scan all received mail.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify an anti-virus solution is installed on the system. The anti-virus
 solution may be bundled with an approved host-based security solution.
 
     If there is no anti-virus solution installed on the system, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Install an antivirus solution on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d7c371c9-3f60-4507-8131-298763da6306</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001668</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service nails is expected to be running
-expected that &#x60;Service nails&#x60; is running
---------------------------------
-passed
-Service clamav-daemon.socket is expected to be running
-expected that &#x60;Service clamav-daemon.socket&#x60; is running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72283</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86907r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Install an antivirus solution on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72213\" do\n  title \"The Red Hat Enterprise Linux operating system must use a virus scan\nprogram.\"\n  desc  \"Virus scanning software can be used to protect a system from\npenetration from computer viruses and to limit their spread through\nintermediate systems.\n\n    The virus scanning software should be configured to perform scans\ndynamically on accessed files. If this capability is not available, the system\nmust be configured to scan, at a minimum, all altered files on the system on a\ndaily basis.\n\n    If the system processes inbound SMTP mail, the virus scanner must be\nconfigured to scan all received mail.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify an anti-virus solution is installed on the system. The anti-virus\nsolution may be bundled with an approved host-based security solution.\n\n    If there is no anti-virus solution installed on the system, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Install an antivirus solution on the system.\"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72213\"\n  tag rid: \"SV-86837r3_rule\"\n  tag stig_id: \"RHEL-07-032000\"\n  tag fix_id: \"F-78567r2_fix\"\n  tag cci: [\"CCI-001668\"]\n  tag nist: [\"SI-3 a\", \"Rev_4\"]\n\n  custom_antivirus = input('custom_antivirus')\n\n  if ! custom_antivirus\n    describe.one do\n      describe service('nails') do\n      it { should be_running }\n    end\n    describe service('clamav-daemon.socket') do\n      it { should be_running }\n      end\n    end\n  else\n    # Allow user to provide a description of their AV solution\n    # for documentation.\n    custom_antivirus_description = input('custom_antivirus_description')\n    describe \"Antivirus: #{custom_antivirus_description}\" do\n      subject { custom_antivirus_description }\n      it { should_not cmp 'None' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001668</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service nails is expected to be running :: MESSAGE expected that `Service nails` is running
+--------------------------------
+passed :: TEST Service clamav-daemon.socket is expected to be running :: MESSAGE expected that `Service clamav-daemon.socket` is running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72283</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86907r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not forward
-Internet Protocol version 4 (IPv4) source-routed packets.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Internet Protocol version 4 (IPv4) source-routed packets.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Source-routed packets allow the source of the packet to suggest that
 routers forward the packet along a different path than configured on the
 router, which can be used to bypass network security measures. This requirement
 applies only to the forwarding of source-routed traffic, such as when IPv4
-forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not accept IPv4 source-routed packets.
 
-    # grep net.ipv4.conf.all.accept_source_route &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv4.conf.all.accept_source_route /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    net.ipv4.conf.all.accept_source_route &#x3D; 0
+    net.ipv4.conf.all.accept_source_route = 0
 
-    If &quot; net.ipv4.conf.all.accept_source_route &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.all.accept_source_route " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.all.accept_source_route
-    net.ipv4.conf.all.accept_source_route &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv4.conf.all.accept_source_route
+    net.ipv4.conf.all.accept_source_route = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.accept_source_route &#x3D; 0
+    net.ipv4.conf.all.accept_source_route = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl -system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4cd2ca5a-e4d7-499c-a6f0-399acb77a50f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72263</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86887r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl -system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72283\" do\n  title \"The Red Hat Enterprise Linux operating system must not forward\nInternet Protocol version 4 (IPv4) source-routed packets.\"\n  desc  \"Source-routed packets allow the source of the packet to suggest that\nrouters forward the packet along a different path than configured on the\nrouter, which can be used to bypass network security measures. This requirement\napplies only to the forwarding of source-routed traffic, such as when IPv4\nforwarding is enabled and the system is functioning as a router.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not accept IPv4 source-routed packets.\n\n    # grep net.ipv4.conf.all.accept_source_route /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    net.ipv4.conf.all.accept_source_route = 0\n\n    If \\\" net.ipv4.conf.all.accept_source_route \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.all.accept_source_route\n    net.ipv4.conf.all.accept_source_route = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.accept_source_route = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl -system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72283\"\n  tag rid: \"SV-86907r2_rule\"\n  tag stig_id: \"RHEL-07-040610\"\n  tag fix_id: \"F-78637r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.accept_source_route') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72263</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86887r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon performs strict mode checking of home directory
-configuration files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+configuration files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If other users have access to modify user-specific SSH configuration
-files, they may be able to log on to the system as another user.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+files, they may be able to log on to the system as another user.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon performs strict mode checking of home directory
 configuration files.
 
-    The location of the &quot;sshd_config&quot; file may vary if a different daemon is
+    The location of the "sshd_config" file may vary if a different daemon is
 in use.
 
-    Inspect the &quot;sshd_config&quot; file with the following command:
+    Inspect the "sshd_config" file with the following command:
 
-    # grep -i strictmodes &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i strictmodes /etc/ssh/sshd_config
 
     StrictModes yes
 
-    If &quot;StrictModes&quot; is set to &quot;no&quot;, is missing, or the returned line is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;StrictModes&quot; keyword in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this
+    If "StrictModes" is set to "no", is missing, or the returned line is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "StrictModes" keyword in "/etc/ssh/sshd_config" (this
 file may be named differently or be in a different location if using a version
-of SSH that is provided by a third-party vendor) and set the value to &quot;yes&quot;:
+of SSH that is provided by a third-party vendor) and set the value to "yes":
 
     StrictModes yes
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>97cdc125-4d2a-4526-a540-25606f6c5b58</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration StrictModes is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72065</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86689r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72263\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon performs strict mode checking of home directory\nconfiguration files.\"\n  desc  \"If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon performs strict mode checking of home directory\nconfiguration files.\n\n    The location of the \\\"sshd_config\\\" file may vary if a different daemon is\nin use.\n\n    Inspect the \\\"sshd_config\\\" file with the following command:\n\n    # grep -i strictmodes /etc/ssh/sshd_config\n\n    StrictModes yes\n\n    If \\\"StrictModes\\\" is set to \\\"no\\\", is missing, or the returned line is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"StrictModes\\\" keyword in \\\"/etc/ssh/sshd_config\\\" (this\nfile may be named differently or be in a different location if using a version\nof SSH that is provided by a third-party vendor) and set the value to \\\"yes\\\":\n\n    StrictModes yes\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72263\"\n  tag rid: \"SV-86887r3_rule\"\n  tag stig_id: \"RHEL-07-040450\"\n  tag fix_id: \"F-78617r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('StrictModes') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration StrictModes is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72065</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86689r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a separate file
-system for &#x2F;tmp (or equivalent).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system for /tmp (or equivalent).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that a separate file system&#x2F;partition has been created for &quot;&#x2F;tmp&quot;.
-
-    Check that a file system&#x2F;partition has been created for &quot;&#x2F;tmp&quot; with the
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that a separate file system/partition has been created for "/tmp".
+
+    Check that a file system/partition has been created for "/tmp" with the
 following command:
 
     # systemctl is-enabled tmp.mount
     enabled
 
-    If the &quot;tmp.mount&quot; service is not enabled, check to see if &quot;&#x2F;tmp&quot; is
+    If the "tmp.mount" service is not enabled, check to see if "/tmp" is
 defined in the fstab with a device and mount point:
 
-    # grep -i &#x2F;tmp &#x2F;etc&#x2F;fstab
-    UUID&#x3D;a411dc99-f2a1-4c87-9e05-184977be8539 &#x2F;tmp   ext4
-rw,relatime,discard,data&#x3D;ordered,nosuid,noexec, 0 0
+    # grep -i /tmp /etc/fstab
+    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /tmp   ext4
+rw,relatime,discard,data=ordered,nosuid,noexec, 0 0
 
-    If &quot;tmp.mount&quot; service is not enabled and the &quot;&#x2F;tmp&quot; directory is not
-defined in the fstab with a device and mount point, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Start the &quot;tmp.mount&quot; service with the following command:
+    If "tmp.mount" service is not enabled and the "/tmp" directory is not
+defined in the fstab with a device and mount point, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Start the "tmp.mount" service with the following command:
 
     # systemctl enable tmp.mount
 
     OR
 
-    Edit the &quot;&#x2F;etc&#x2F;fstab&quot; file and ensure the &quot;&#x2F;tmp&quot; directory is defined
-in the fstab with a device and mount point.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>03cbe014-6879-428b-b1ac-ebcc068623ef</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service tmp.mount is expected to be enabled
-expected that &#x60;Service tmp.mount&#x60; is enabled
---------------------------------
-passed
-File System Table File (fstab) with mount_point &#x3D;&#x3D; &quot;&#x2F;tmp&quot; Should have a device name specified
-expected nil to respond to &#x60;empty?&#x60;
---------------------------------
-passed
-File System Table File (fstab) with mount_point &#x3D;&#x3D; &quot;&#x2F;tmp&quot; count is expected to cmp &#x3D;&#x3D; 1
-
+    Edit the "/etc/fstab" file and ensure the "/tmp" directory is defined
+in the fstab with a device and mount point.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72065\" do\n  title \"The Red Hat Enterprise Linux operating system must use a separate file\nsystem for /tmp (or equivalent).\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a separate file system/partition has been created for \\\"/tmp\\\".\n\n    Check that a file system/partition has been created for \\\"/tmp\\\" with the\nfollowing command:\n\n    # systemctl is-enabled tmp.mount\n    enabled\n\n    If the \\\"tmp.mount\\\" service is not enabled, check to see if \\\"/tmp\\\" is\ndefined in the fstab with a device and mount point:\n\n    # grep -i /tmp /etc/fstab\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /tmp   ext4\nrw,relatime,discard,data=ordered,nosuid,noexec, 0 0\n\n    If \\\"tmp.mount\\\" service is not enabled and the \\\"/tmp\\\" directory is not\ndefined in the fstab with a device and mount point, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Start the \\\"tmp.mount\\\" service with the following command:\n\n    # systemctl enable tmp.mount\n\n    OR\n\n    Edit the \\\"/etc/fstab\\\" file and ensure the \\\"/tmp\\\" directory is defined\nin the fstab with a device and mount point.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72065\"\n  tag rid: \"SV-86689r3_rule\"\n  tag stig_id: \"RHEL-07-021340\"\n  tag fix_id: \"F-78417r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe systemd_service('tmp.mount') do\n      it { should be_enabled }\n    end\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('count') { should cmp 1 }\n      it 'Should have a device name specified' do\n        expect(subject.device_name[0]).to_not(be_empty)\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service tmp.mount is expected to be enabled :: MESSAGE expected that `Service tmp.mount` is enabled
+--------------------------------
+passed :: TEST File System Table File (fstab) with mount_point == "/tmp" Should have a device name specified :: MESSAGE expected nil to respond to `empty?`
+--------------------------------
+passed :: TEST File System Table File (fstab) with mount_point == "/tmp" count is expected to cmp == 1 :: MESSAGE 
 expected: 1
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72107</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86731r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72107</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86731r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchmod syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchmod syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmod" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following command:
 
-    # grep -iw fchmod &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchmod /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchmod&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchmod" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmod" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>95e61e8d-72d1-48c1-89af-dbb02435f328</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71935</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000078-GPOS-00046</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86559r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010280</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72107\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchmod syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmod\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing command:\n\n    # grep -iw fchmod /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchmod\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmod\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72107\"\n  tag rid: \"SV-86731r5_rule\"\n  tag stig_id: \"RHEL-07-030420\"\n  tag fix_id: \"F-78459r9_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchmod\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchmod\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71935</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000078-GPOS-00046</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86559r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010280</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords are a minimum of 15 characters in length.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords are a minimum of 15 characters in length.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The shorter the password, the lower the number of possible
 combinations that need to be tested before the password is compromised.
 
@@ -34149,303 +32635,291 @@ combinations that need to be tested before the password is compromised.
 password in resisting attempts at guessing and brute-force attacks. Password
 length is one factor of several that helps to determine strength and how long
 it takes to crack a password. Use of more characters in a password helps to
-exponentially increase the time and&#x2F;or resources required to compromise the
-password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+exponentially increase the time and/or resources required to compromise the
+password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enforces a minimum 15-character password
-length. The &quot;minlen&quot; option sets the minimum number of characters in a new
+length. The "minlen" option sets the minimum number of characters in a new
 password.
 
-    Check for the value of the &quot;minlen&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "minlen" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep minlen &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    minlen &#x3D; 15
+    # grep minlen /etc/security/pwquality.conf
+    minlen = 15
 
-    If the command does not return a &quot;minlen&quot; value of 15 or greater, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a "minlen" value of 15 or greater, this is
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure operating system to enforce a minimum 15-character password
 length.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    minlen &#x3D; 15</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5c670225-2c4e-4371-9a4b-be839894230e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf minlen.to_i is expected to cmp &gt;&#x3D; 15</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71947</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86571r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    minlen = 15</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71935\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords are a minimum of 15 characters in length.\"\n  desc  \"The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nexponentially increase the time and/or resources required to compromise the\npassword.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces a minimum 15-character password\nlength. The \\\"minlen\\\" option sets the minimum number of characters in a new\npassword.\n\n    Check for the value of the \\\"minlen\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep minlen /etc/security/pwquality.conf\n    minlen = 15\n\n    If the command does not return a \\\"minlen\\\" value of 15 or greater, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Configure operating system to enforce a minimum 15-character password\nlength.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    minlen = 15\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000078-GPOS-00046\"\n  tag gid: \"V-71935\"\n  tag rid: \"SV-86559r2_rule\"\n  tag stig_id: \"RHEL-07-010280\"\n  tag fix_id: \"F-78287r1_fix\"\n  tag cci: [\"CCI-000205\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  min_len = input('min_len')\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('minlen.to_i') { should cmp &gt;= min_len }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf minlen.to_i is expected to cmp &gt;= 15</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71947</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86571r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that users must provide a password for privilege escalation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that users must provide a password for privilege escalation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without re-authentication, users may access resources or perform tasks
 for which they do not have authorization.
 
     When operating systems provide the capability to escalate a functional
-capability, it is critical the user re-authenticate.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+capability, it is critical the user re-authenticate.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If passwords are not being used for authentication, this is Not Applicable.
 
     Verify the operating system requires users to supply a password for
 privilege escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; and &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;*&quot;
+    Check the configuration of the "/etc/sudoers" and "/etc/sudoers.d/*"
 files with the following command:
 
-    # grep -i nopasswd &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*
+    # grep -i nopasswd /etc/sudoers /etc/sudoers.d/*
 
-    If any uncommented line is found with a &quot;NOPASSWD&quot; tag, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any uncommented line is found with a "NOPASSWD" tag, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require users to supply a password for
 privilege escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; file with the following
+    Check the configuration of the "/etc/sudoers" file with the following
 command:
     # visudo
 
-    Remove any occurrences of &quot;NOPASSWD&quot; tags in the file.
+    Remove any occurrences of "NOPASSWD" tags in the file.
 
-    Check the configuration of the &#x2F;etc&#x2F;sudoers.d&#x2F;* files with the following
+    Check the configuration of the /etc/sudoers.d/* files with the following
 command:
-    # grep -i nopasswd &#x2F;etc&#x2F;sudoers.d&#x2F;*
-
-    Remove any occurrences of &quot;NOPASSWD&quot; tags in the file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0aaf3c2a-2a18-44a8-9dae-1a2b6be8e81d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -i nopasswd &#x2F;etc&#x2F;sudoers.d&#x2F;90-cloud-init-users&#x60; stdout is expected not to match &#x2F;^[^#]*NOPASSWD&#x2F;
-expected &quot;ec2-user ALL&#x3D;(ALL) NOPASSWD:ALL\n&quot; not to match &#x2F;^[^#]*NOPASSWD&#x2F;
+    # grep -i nopasswd /etc/sudoers.d/*
+
+    Remove any occurrences of "NOPASSWD" tags in the file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71947\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat users must provide a password for privilege escalation.\"\n  desc  \"Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user re-authenticate.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If passwords are not being used for authentication, this is Not Applicable.\n\n    Verify the operating system requires users to supply a password for\nprivilege escalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" and \\\"/etc/sudoers.d/*\\\"\nfiles with the following command:\n\n    # grep -i nopasswd /etc/sudoers /etc/sudoers.d/*\n\n    If any uncommented line is found with a \\\"NOPASSWD\\\" tag, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require users to supply a password for\nprivilege escalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" file with the following\ncommand:\n    # visudo\n\n    Remove any occurrences of \\\"NOPASSWD\\\" tags in the file.\n\n    Check the configuration of the /etc/sudoers.d/* files with the following\ncommand:\n    # grep -i nopasswd /etc/sudoers.d/*\n\n    Remove any occurrences of \\\"NOPASSWD\\\" tags in the file.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000373-GPOS-00156\"\n  tag satisfies: [\"SRG-OS-000373-GPOS-00156\", \"SRG-OS-000373-GPOS-00157\",\n\"SRG-OS-000373-GPOS-00158\"]\n  tag gid: \"V-71947\"\n  tag rid: \"SV-86571r3_rule\"\n  tag stig_id: \"RHEL-07-010340\"\n  tag fix_id: \"F-78299r2_fix\"\n  tag cci: [\"CCI-002038\"]\n  tag nist: [\"IA-11\", \"Rev_4\"]\n\n  processed = []\n  to_process = ['/etc/sudoers', '/etc/sudoers.d']\n\n  while !to_process.empty?\n    in_process = to_process.pop\n    next if processed.include? in_process\n    processed.push in_process\n\n    if file(in_process).directory?\n      to_process.concat(\n        command(\"find #{in_process} -maxdepth 1 -mindepth 1\").\n          stdout.strip.split(\"\\n\").\n          select { |f| file(f).file? }\n      )\n    elsif file(in_process).file?\n      to_process.concat(\n        command(\"grep -E '#include\\\\s+' #{in_process} | sed 's/.*#include[[:space:]]*//g'\").\n          stdout.strip.split(\"\\n\").\n          map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n          select { |f| file(f).exist? }\n      )\n      to_process.concat(\n        command(\"grep -E '#includedir\\\\s+' #{in_process} | sed 's/.*#includedir[[:space:]]*//g'\").\n          stdout.strip.split(\"\\n\").\n          map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n          select { |f| file(f).exist? }\n      )\n    end\n  end\n\n  sudoers = processed.select { |f| file(f).file? }\n\n  sudoers.each do |sudoer|\n    describe command(\"grep -i nopasswd #{sudoer}\") do\n      its('stdout') { should_not match %r{^[^#]*NOPASSWD} }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -i nopasswd /etc/sudoers.d/90-cloud-init-users` stdout is expected not to match /^[^#]*NOPASSWD/ :: MESSAGE expected "ec2-user ALL=(ALL) NOPASSWD:ALL\n" not to match /^[^#]*NOPASSWD/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^[^#]*NOPASSWD&#x2F;
-+ec2-user ALL&#x3D;(ALL) NOPASSWD:ALL
-
---------------------------------
-passed
-Command: &#x60;grep -i nopasswd &#x2F;etc&#x2F;sudoers&#x60; stdout is expected not to match &#x2F;^[^#]*NOPASSWD&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71891</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000028-GPOS-00009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86515r6_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+-/^[^#]*NOPASSWD/
++ec2-user ALL=(ALL) NOPASSWD:ALL
+
+--------------------------------
+passed :: TEST Command: `grep -i nopasswd /etc/sudoers` stdout is expected not to match /^[^#]*NOPASSWD/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71891</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000028-GPOS-00009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86515r6_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable a user
 session lock until that user re-establishes access using established
-identification and authentication procedures.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+identification and authentication procedures.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session lock is a temporary action taken when a user stops work and
 moves away from the immediate physical vicinity of the information system but
 does not want to log out because of the temporary nature of the absence.
@@ -34455,15 +32929,15 @@ determined.
 
     Regardless of where the session lock is determined and implemented, once
 invoked, the session lock must remain in place until the user reauthenticates.
-No other activity aside from reauthentication must unlock the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the operating system enables a user&#39;s session lock until that user
+No other activity aside from reauthentication must unlock the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the operating system enables a user's session lock until that user
 re-establishes access using established identification and authentication
 procedures. The screen program must be installed to lock sessions on the
 console.
@@ -34473,176 +32947,171 @@ Applicable.
 
     Check to see if the screen lock is enabled with the following command:
 
-    # grep -i lock-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    lock-enabled&#x3D;true
+    # grep -i lock-enabled /etc/dconf/db/local.d/*
+    lock-enabled=true
 
-    If the &quot;lock-enabled&quot; setting is missing or is not set to &quot;true&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the operating system to enable a user&#39;s session lock until that
+    If the "lock-enabled" setting is missing or is not set to "true", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the operating system to enable a user's session lock until that
 user re-establishes access using established identification and authentication
 procedures.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following example:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
-    Edit the &quot;[org&#x2F;gnome&#x2F;desktop&#x2F;screensaver]&quot; section of the database file
+    Edit the "[org/gnome/desktop/screensaver]" section of the database file
 and add or update the following lines:
 
     # Set this to true to lock the screen when the screensaver activates
-    lock-enabled&#x3D;true
+    lock-enabled=true
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f74f92b7-577c-49a4-8487-f406df647b89</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000056</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86479r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71891\" do\n  title \"The Red Hat Enterprise Linux operating system must enable a user\nsession lock until that user re-establishes access using established\nidentification and authentication procedures.\"\n  desc  \"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enables a user's session lock until that user\nre-establishes access using established identification and authentication\nprocedures. The screen program must be installed to lock sessions on the\nconsole.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check to see if the screen lock is enabled with the following command:\n\n    # grep -i lock-enabled /etc/dconf/db/local.d/*\n    lock-enabled=true\n\n    If the \\\"lock-enabled\\\" setting is missing or is not set to \\\"true\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enable a user's session lock until that\nuser re-establishes access using established identification and authentication\nprocedures.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following example:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit the \\\"[org/gnome/desktop/screensaver]\\\" section of the database file\nand add or update the following lines:\n\n    # Set this to true to lock the screen when the screensaver activates\n    lock-enabled=true\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000028-GPOS-00009\"\n  tag satisfies: [\"SRG-OS-000028-GPOS-00009\", \"SRG-OS-000030-GPOS-00011\"]\n  tag gid: \"V-71891\"\n  tag rid: \"SV-86515r6_rule\"\n  tag stig_id: \"RHEL-07-010060\"\n  tag fix_id: \"F-78243r9_fix\"\n  tag cci: [\"CCI-000056\"]\n  tag nist: [\"AC-11 b\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command('gsettings get org.gnome.desktop.screensaver lock-enabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000056</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86479r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the cryptographic hash of system files and commands matches vendor values.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the cryptographic hash of system files and commands matches vendor values.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, system command and files
 can be altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the cryptographic hash of system files and commands match the vendor
 values.
 
     Check the cryptographic hash of system files and commands with the
 following command:
 
-    Note: System configuration files (indicated by a &quot;c&quot; in the second
+    Note: System configuration files (indicated by a "c" in the second
 column) are expected to change over time. Unusual modifications should be
 investigated through the system audit log.
 
-    # rpm -Va --noconfig | grep &#39;^..5&#39;
+    # rpm -Va --noconfig | grep '^..5'
 
     If there is any output from the command for system files or binaries, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Run the following command to determine which package owns the file:
 
     # rpm -qf &lt;filename&gt;
@@ -34654,281 +33123,269 @@ is a finding.</ATTRIBUTE_DATA>
     Alternatively, the package can be reinstalled from trusted media using the
 command:
 
-    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>95452236-4bb1-493c-923d-4becb938f6b8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This control consistently takes a long to run and has been disabled
-    using the disable_slow_controls attribute.
-This control consistently takes a long to run and has been disabled
+    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71855\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the cryptographic hash of system files and commands matches vendor values.\"\n  desc  \"Without cryptographic integrity protections, system command and files\ncan be altered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the cryptographic hash of system files and commands match the vendor\nvalues.\n\n    Check the cryptographic hash of system files and commands with the\nfollowing command:\n\n    Note: System configuration files (indicated by a \\\"c\\\" in the second\ncolumn) are expected to change over time. Unusual modifications should be\ninvestigated through the system audit log.\n\n    # rpm -Va --noconfig | grep '^..5'\n\n    If there is any output from the command for system files or binaries, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Run the following command to determine which package owns the file:\n\n    # rpm -qf &lt;filename&gt;\n\n    The package can be reinstalled from a yum repository using the command:\n\n    # sudo yum reinstall &lt;packagename&gt;\n\n    Alternatively, the package can be reinstalled from trusted media using the\ncommand:\n\n    # sudo rpm -Uvh &lt;packagename&gt;\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71855\"\n  tag rid: \"SV-86479r4_rule\"\n  tag stig_id: \"RHEL-07-010020\"\n  tag fix_id: \"F-78207r1_fix\"\n  tag cci: [\"CCI-001749\"]\n  tag nist: [\"CM-5 (3)\", \"Rev_4\"]\n\nif input('disable_slow_controls')\n    describe \"This control consistently takes a long to run and has been disabled\n    using the disable_slow_controls attribute.\" do\n      skip \"This control consistently takes a long to run and has been disabled\n      using the disable_slow_controls attribute. You must enable this control for a\n      full accredidation for production.\"\n    end\n  else\n    # grep excludes files that are marked with 'c' attribute (config files)\n    describe command(\"rpm -Va | grep '^..5' | grep -E -v '[a-z]*c[a-z]*\\\\s+\\\\S+$' | awk 'NF&gt;1{print $NF}'\").\n      stdout.strip.split(\"\\n\") do\n        it { should all(be_in rpm_verify_integrity_except) }\n      end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This control consistently takes a long to run and has been disabled
+    using the disable_slow_controls attribute. :: SKIP_MESSAGE This control consistently takes a long to run and has been disabled
       using the disable_slow_controls attribute. You must enable this control for a
-      full accredidation for production.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86833r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-031000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+      full accredidation for production.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86833r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-031000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must send rsyslog output
-to a log aggregation server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+to a log aggregation server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Sending rsyslog output to another system ensures that the logs cannot
 be removed or modified in the event that the system is compromised or has a
-hardware failure.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify &quot;rsyslog&quot; is configured to send all messages to a log aggregation
+hardware failure.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify "rsyslog" is configured to send all messages to a log aggregation
 server.
 
-    Check the configuration of &quot;rsyslog&quot; with the following command:
+    Check the configuration of "rsyslog" with the following command:
 
     Note: If another logging package is used, substitute the utility
-configuration file for &quot;&#x2F;etc&#x2F;rsyslog.conf&quot;.
+configuration file for "/etc/rsyslog.conf".
 
-    # grep @ &#x2F;etc&#x2F;rsyslog.conf &#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf
+    # grep @ /etc/rsyslog.conf /etc/rsyslog.d/*.conf
     *.* @@logagg.site.mil
 
-    If there are no lines in the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or
-&quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; files that contain the &quot;@&quot; or &quot;@@&quot; symbol(s), and
+    If there are no lines in the "/etc/rsyslog.conf" or
+"/etc/rsyslog.d/*.conf" files that contain the "@" or "@@" symbol(s), and
 the lines with the correct symbol(s) to send output to another system do not
-cover all &quot;rsyslog&quot; output, ask the System Administrator to indicate how the
+cover all "rsyslog" output, ask the System Administrator to indicate how the
 audit logs are off-loaded to a different system or media.
 
     If the lines are commented out or there is no evidence that the audit logs
-are being sent to another system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Modify the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or an &quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; file to
-contain a configuration line to send all &quot;rsyslog&quot; output to a log
+are being sent to another system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Modify the "/etc/rsyslog.conf" or an "/etc/rsyslog.d/*.conf" file to
+contain a configuration line to send all "rsyslog" output to a log
 aggregation system:
-    *.* @@&lt;log aggregation system name&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>41cb1049-e696-4708-aadb-a25a7ef6282e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep @ &#x2F;etc&#x2F;rsyslog.conf | grep -v &quot;^#&quot;&#x60; stdout.strip is expected not to be empty
-expected &#x60;&quot;&quot;.empty?&#x60; to return false, got true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71899</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86523r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    *.* @@&lt;log aggregation system name&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72209\" do\n  title \"The Red Hat Enterprise Linux operating system must send rsyslog output\nto a log aggregation server.\"\n  desc  \"Sending rsyslog output to another system ensures that the logs cannot\nbe removed or modified in the event that the system is compromised or has a\nhardware failure.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify \\\"rsyslog\\\" is configured to send all messages to a log aggregation\nserver.\n\n    Check the configuration of \\\"rsyslog\\\" with the following command:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \\\"/etc/rsyslog.conf\\\".\n\n    # grep @ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n    *.* @@logagg.site.mil\n\n    If there are no lines in the \\\"/etc/rsyslog.conf\\\" or\n\\\"/etc/rsyslog.d/*.conf\\\" files that contain the \\\"@\\\" or \\\"@@\\\" symbol(s), and\nthe lines with the correct symbol(s) to send output to another system do not\ncover all \\\"rsyslog\\\" output, ask the System Administrator to indicate how the\naudit logs are off-loaded to a different system or media.\n\n    If the lines are commented out or there is no evidence that the audit logs\nare being sent to another system, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Modify the \\\"/etc/rsyslog.conf\\\" or an \\\"/etc/rsyslog.d/*.conf\\\" file to\ncontain a configuration line to send all \\\"rsyslog\\\" output to a log\naggregation system:\n    *.* @@&lt;log aggregation system name&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72209\"\n  tag rid: \"SV-86833r2_rule\"\n  tag stig_id: \"RHEL-07-031000\"\n  tag fix_id: \"F-78563r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  log_pkg_path = input('log_pkg_path')\n\n  describe command(\"grep @ #{log_pkg_path} | grep -v \\\"^#\\\"\") do\n    its('stdout.strip') { should_not be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep @ /etc/rsyslog.conf | grep -v "^#"` stdout.strip is expected not to be empty :: MESSAGE expected `"".empty?` to return false, got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71899</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86523r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate a session
 lock for the screensaver after a period of inactivity for graphical user
-interfaces.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+interfaces.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates a session lock after a 15-minute
 period of inactivity for graphical user interfaces. The screen program must be
 installed to lock sessions on the console.
@@ -34938,161 +33395,156 @@ this requirement is Not Applicable.
 
     Check for the session lock settings with the following commands:
 
-    # grep -i idle-activation-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
+    # grep -i idle-activation-enabled /etc/dconf/db/local.d/*
 
-    idle-activation-enabled&#x3D;true
+    idle-activation-enabled=true
 
-    If &quot;idle-activation-enabled&quot; is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "idle-activation-enabled" is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate a session lock after a 15-minute
 period of inactivity for graphical user interfaces.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
     Add the setting to enable screensaver locking after 15 minutes of
 inactivity:
 
-    [org&#x2F;gnome&#x2F;desktop&#x2F;screensaver]
+    [org/gnome/desktop/screensaver]
 
-    idle-activation-enabled&#x3D;true
+    idle-activation-enabled=true
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3cdb2271-a7cf-4f82-9acb-3c81e28130e8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71901</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86525r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71899\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate a session\nlock for the screensaver after a period of inactivity for graphical user\ninterfaces.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces. The screen program must be\ninstalled to lock sessions on the console.\n\n    Note: If the system does not have a Graphical User Interface installed,\nthis requirement is Not Applicable.\n\n    Check for the session lock settings with the following commands:\n\n    # grep -i idle-activation-enabled /etc/dconf/db/local.d/*\n\n    idle-activation-enabled=true\n\n    If \\\"idle-activation-enabled\\\" is not set to \\\"true\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Add the setting to enable screensaver locking after 15 minutes of\ninactivity:\n\n    [org/gnome/desktop/screensaver]\n\n    idle-activation-enabled=true\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71899\"\n  tag rid: \"SV-86523r5_rule\"\n  tag stig_id: \"RHEL-07-010100\"\n  tag fix_id: \"F-78251r2_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command('gsettings get org.gnome.desktop.screensaver idle-activation-enabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end \n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71901</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86525r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate a session
-lock for graphical user interfaces when the screensaver is activated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+lock for graphical user interfaces when the screensaver is activated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates a session lock a for graphical user
 interfaces when the screensaver is activated.
 
@@ -35103,155 +33555,150 @@ console.
     If GNOME is installed, check to see a session lock occurs when the
 screensaver is activated with the following command:
 
-    # grep -i lock-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    lock-delay&#x3D;uint32 5
+    # grep -i lock-delay /etc/dconf/db/local.d/*
+    lock-delay=uint32 5
 
-    If the &quot;lock-delay&quot; setting is missing, or is not set to &quot;5&quot; or less,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "lock-delay" setting is missing, or is not set to "5" or less,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate a session lock for graphical
 user interfaces when a screensaver is activated.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
     Add the setting to enable session locking when a screensaver is activated:
 
-    [org&#x2F;gnome&#x2F;desktop&#x2F;screensaver]
-    lock-delay&#x3D;uint32 5
+    [org/gnome/desktop/screensaver]
+    lock-delay=uint32 5
 
-    The &quot;uint32&quot; must be included along with the integer key values as shown.
+    The "uint32" must be included along with the integer key values as shown.
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d50a8475-95a0-4412-b15f-e2b3ae20c2ff</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72069</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86693r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71901\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate a session\nlock for graphical user interfaces when the screensaver is activated.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates a session lock a for graphical user\ninterfaces when the screensaver is activated.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    If GNOME is installed, check to see a session lock occurs when the\nscreensaver is activated with the following command:\n\n    # grep -i lock-delay /etc/dconf/db/local.d/*\n    lock-delay=uint32 5\n\n    If the \\\"lock-delay\\\" setting is missing, or is not set to \\\"5\\\" or less,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate a session lock for graphical\nuser interfaces when a screensaver is activated.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Add the setting to enable session locking when a screensaver is activated:\n\n    [org/gnome/desktop/screensaver]\n    lock-delay=uint32 5\n\n    The \\\"uint32\\\" must be included along with the integer key values as shown.\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71901\"\n  tag rid: \"SV-86525r3_rule\"\n  tag stig_id: \"RHEL-07-010110\"\n  tag fix_id: \"F-78253r2_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command(\"gsettings get org.gnome.desktop.screensaver lock-delay | cut -d ' ' -f2\") do\n      its('stdout.strip') { should cmp &lt;= lock_delay }\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72069</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86693r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the file integrity tool is configured to verify Access Control Lists
-(ACLs).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(ACLs).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ACLs can provide permissions beyond those permitted through the file
-mode and must be verified by file integrity tools.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+mode and must be verified by file integrity tools.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file integrity tool is configured to verify ACLs.
 
     Check to see if Advanced Intrusion Detection Environment (AIDE) is
@@ -35266,598 +33713,575 @@ checks are performed on the system.
 is a finding.
 
     Note: AIDE is highly configurable at install time. These commands assume
-the &quot;aide.conf&quot; file is under the &quot;&#x2F;etc&quot; directory.
+the "aide.conf" file is under the "/etc" directory.
 
     Use the following command to determine if the file is in another location:
 
-    # find &#x2F; -name aide.conf
+    # find / -name aide.conf
 
-    Check the &quot;aide.conf&quot; file to determine if the &quot;acl&quot; rule has been
+    Check the "aide.conf" file to determine if the "acl" rule has been
 added to the rule list being applied to the files and directories selection
 lists.
 
-    An example rule that includes the &quot;acl&quot; rule is below:
+    An example rule that includes the "acl" rule is below:
 
-    All&#x3D; p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
-    &#x2F;bin All # apply the custom rule to the files in bin
-    &#x2F;sbin All # apply the same custom rule to the files in sbin
+    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+    /bin All # apply the custom rule to the files in bin
+    /sbin All # apply the same custom rule to the files in sbin
 
-    If the &quot;acl&quot; rule is not being used on all uncommented selection lines in
-the &quot;&#x2F;etc&#x2F;aide.conf&quot; file, or ACLs are not being checked by another file
-integrity tool, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "acl" rule is not being used on all uncommented selection lines in
+the "/etc/aide.conf" file, or ACLs are not being checked by another file
+integrity tool, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to check file and directory ACLs.
 
-    If AIDE is installed, ensure the &quot;acl&quot; rule is present on all uncommented
-file and directory selection lists.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8a37ac41-ad03-4cb7-9847-49ee4e159641</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-List of monitored files&#x2F;directories without &#39;acl&#39; rule is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72063</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86687r6_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If AIDE is installed, ensure the "acl" rule is present on all uncommented
+file and directory selection lists.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72069\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the file integrity tool is configured to verify Access Control Lists\n(ACLs).\"\n  desc  \"ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file integrity tool is configured to verify ACLs.\n\n    Check to see if Advanced Intrusion Detection Environment (AIDE) is\ninstalled on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    If there is no application installed to perform file integrity checks, this\nis a finding.\n\n    Note: AIDE is highly configurable at install time. These commands assume\nthe \\\"aide.conf\\\" file is under the \\\"/etc\\\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    # find / -name aide.conf\n\n    Check the \\\"aide.conf\\\" file to determine if the \\\"acl\\\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \\\"acl\\\" rule is below:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \\\"acl\\\" rule is not being used on all uncommented selection lines in\nthe \\\"/etc/aide.conf\\\" file, or ACLs are not being checked by another file\nintegrity tool, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to check file and directory ACLs.\n\n    If AIDE is installed, ensure the \\\"acl\\\" rule is present on all uncommented\nfile and directory selection lists.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72069\"\n  tag rid: \"SV-86693r3_rule\"\n  tag stig_id: \"RHEL-07-021600\"\n  tag fix_id: \"F-78421r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe package(\"aide\") do\n    it { should be_installed }\n  end\n\n  findings = []\n  aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n    unless selection.rules.include? 'acl'\n      findings.append(selection.selection_line)\n    end\n  end\n\n  describe \"List of monitored files/directories without 'acl' rule\" do\n    subject { findings }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST List of monitored files/directories without 'acl' rule is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72063</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86687r6_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a separate file
-system for the system audit data path.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system for the system audit data path.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Determine if the operating system is configured to have the
-&quot;&#x2F;var&#x2F;log&#x2F;audit&quot; path is on a separate file system.
+"/var/log/audit" path is on a separate file system.
 
-    # grep &#x2F;var&#x2F;log&#x2F;audit &#x2F;etc&#x2F;fstab
+    # grep /var/log/audit /etc/fstab
 
     If no result is returned, or the operating system is not configured to have
-&quot;&#x2F;var&#x2F;log&#x2F;audit&quot; on a separate file system, this is a finding.
-
-    Verify that &quot;&#x2F;var&#x2F;log&#x2F;audit&quot; is mounted on a separate file system:
-
-    # mount | grep &quot;&#x2F;var&#x2F;log&#x2F;audit&quot;
-
-    If no result is returned, or &quot;&#x2F;var&#x2F;log&#x2F;audit&quot; is not on a separate file
-system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Migrate the system audit data path onto a separate file system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>24e3ce99-f7e9-438b-8df0-dd8617e3a42e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;var&#x2F;log&#x2F;audit is expected to be mounted
-
-Mount &#x2F;var&#x2F;log&#x2F;audit is not mounted
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72031</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86655r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/var/log/audit" on a separate file system, this is a finding.
+
+    Verify that "/var/log/audit" is mounted on a separate file system:
+
+    # mount | grep "/var/log/audit"
+
+    If no result is returned, or "/var/log/audit" is not on a separate file
+system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Migrate the system audit data path onto a separate file system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72063\" do\n  title \"The Red Hat Enterprise Linux operating system must use a separate file\nsystem for the system audit data path.\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Determine if the operating system is configured to have the\n\\\"/var/log/audit\\\" path is on a separate file system.\n\n    # grep /var/log/audit /etc/fstab\n\n    If no result is returned, or the operating system is not configured to have\n\\\"/var/log/audit\\\" on a separate file system, this is a finding.\n\n    Verify that \\\"/var/log/audit\\\" is mounted on a separate file system:\n\n    # mount | grep \\\"/var/log/audit\\\"\n\n    If no result is returned, or \\\"/var/log/audit\\\" is not on a separate file\nsystem, this is a finding.\n  \"\n  desc  \"fix\", \"Migrate the system audit data path onto a separate file system.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72063\"\n  tag rid: \"SV-86687r6_rule\"\n  tag stig_id: \"RHEL-07-021330\"\n  tag fix_id: \"F-78415r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe mount('/var/log/audit') do\n    it {should be_mounted}\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /var/log/audit is expected to be mounted :: MESSAGE 
+Mount /var/log/audit is not mounted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72031</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86655r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local initialization files for local interactive users are be
-group-owned by the users primary group or root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+group-owned by the users primary group or root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Local initialization files for interactive users are used to configure
-the user&#39;s shell environment upon logon. Malicious modification of these files
-could compromise accounts upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+the user's shell environment upon logon. Malicious modification of these files
+could compromise accounts upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the local initialization files of all local interactive users are
-group-owned by that user&#39;s primary Group Identifier (GID).
+group-owned by that user's primary Group Identifier (GID).
 
     Check the home directory assignment for all non-privileged users on the
 system with the following command:
 
     Note: The example will be for the smithj user, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and a primary group of &quot;users&quot;.
+"/home/smithj" and a primary group of "users".
 
-    # cut -d: -f 1,4,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
-    smithj:1000:&#x2F;home&#x2F;smithj
+    # cut -d: -f 1,4,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
+    smithj:1000:/home/smithj
 
-    # grep 1000 &#x2F;etc&#x2F;group
+    # grep 1000 /etc/group
     users:x:1000:smithj,jonesj,jacksons
 
     Note: This may miss interactive users that have been assigned a privileged
 User Identifier (UID). Evidence of interactive use may be obtained from a
 number of log files containing system logon information.
 
-    Check the group owner of all local interactive user&#39;s initialization files
+    Check the group owner of all local interactive user's initialization files
 with the following command:
 
-    # ls -al &#x2F;home&#x2F;smithj&#x2F;.[^.]* | more
+    # ls -al /home/smithj/.[^.]* | more
 
     -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile
     -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login
     -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something
 
-    If all local interactive user&#39;s initialization files are not group-owned by
-that user&#39;s primary GID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the group owner of a local interactive user&#39;s files to the group
-found in &quot;&#x2F;etc&#x2F;passwd&quot; for the user. To change the group owner of a local
-interactive user&#39;s home directory, use the following command:
+    If all local interactive user's initialization files are not group-owned by
+that user's primary GID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the group owner of a local interactive user's files to the group
+found in "/etc/passwd" for the user. To change the group owner of a local
+interactive user's home directory, use the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;, and has a primary group of users.
-
-    # chgrp users &#x2F;home&#x2F;smithj&#x2F;.[^.]*</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>20b304a9-8303-44eb-bc06-efa26e2609dd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-#&lt;Set: {}&gt; length is expected to &#x3D;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71923</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86547r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj", and has a primary group of users.
+
+    # chgrp users /home/smithj/.[^.]*</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72031\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local initialization files for local interactive users are be\ngroup-owned by the users primary group or root.\"\n  desc  \"Local initialization files for interactive users are used to configure\nthe user's shell environment upon logon. Malicious modification of these files\ncould compromise accounts upon logon.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the local initialization files of all local interactive users are\ngroup-owned by that user's primary Group Identifier (GID).\n\n    Check the home directory assignment for all non-privileged users on the\nsystem with the following command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\\\"/home/smithj\\\" and a primary group of \\\"users\\\".\n\n    # cut -d: -f 1,4,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n    smithj:1000:/home/smithj\n\n    # grep 1000 /etc/group\n    users:x:1000:smithj,jonesj,jacksons\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    Check the group owner of all local interactive user's initialization files\nwith the following command:\n\n    # ls -al /home/smithj/.[^.]* | more\n\n    -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile\n    -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login\n    -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something\n\n    If all local interactive user's initialization files are not group-owned by\nthat user's primary GID, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group owner of a local interactive user's files to the group\nfound in \\\"/etc/passwd\\\" for the user. To change the group owner of a local\ninteractive user's home directory, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\", and has a primary group of users.\n\n    # chgrp users /home/smithj/.[^.]*\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72031\"\n  tag rid: \"SV-86655r4_rule\"\n  tag stig_id: \"RHEL-07-020700\"\n  tag fix_id: \"F-78383r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    findings = findings + command(\"find #{user_info.home} -name '.*' -not -gid #{user_info.gid} -not -group root\").stdout.split(\"\\n\")\n  end\n  describe findings do\n    its('length') { should == 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST #&lt;Set: {}&gt; length is expected to == 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71923</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86547r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that user and group account administration utilities are configured to store
-only encrypted representations of passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+only encrypted representations of passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Passwords need to be protected at all times, and encryption is the
 standard method for protecting passwords. If passwords are not encrypted, they
 can be plainly read (i.e., clear text) and easily compromised. Passwords
 encrypted with a weak algorithm are no more protected than if they are kept in
-plain text.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+plain text.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the user and group account administration utilities are configured
 to store only encrypted representations of passwords. The strength of
-encryption that must be used to hash passwords for all accounts is &quot;SHA512&quot;.
+encryption that must be used to hash passwords for all accounts is "SHA512".
 
-    Check that the system is configured to create &quot;SHA512&quot; hashed passwords
+    Check that the system is configured to create "SHA512" hashed passwords
 with the following command:
 
-    # grep -i sha512 &#x2F;etc&#x2F;libuser.conf
+    # grep -i sha512 /etc/libuser.conf
 
-    crypt_style &#x3D; sha512
+    crypt_style = sha512
 
-    If the &quot;crypt_style&quot; variable is not set to &quot;sha512&quot;, is not in the
-defaults section, is commented out, or does not exist, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "crypt_style" variable is not set to "sha512", is not in the
+defaults section, is commented out, or does not exist, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to store only SHA512 encrypted
 representations of passwords.
 
-    Add or update the following line in &quot;&#x2F;etc&#x2F;libuser.conf&quot; in the [defaults]
+    Add or update the following line in "/etc/libuser.conf" in the [defaults]
 section:
 
-    crypt_style &#x3D; sha512</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e37a43de-7ac5-40dc-952b-394daf7e0300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;cat &#x2F;etc&#x2F;libuser.conf | grep -i sha512&#x60; stdout.strip is expected to match &#x2F;^crypt_style &#x3D; sha512$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81007</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95719r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010491</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    crypt_style = sha512</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71923\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat user and group account administration utilities are configured to store\nonly encrypted representations of passwords.\"\n  desc  \"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised. Passwords\nencrypted with a weak algorithm are no more protected than if they are kept in\nplain text.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the user and group account administration utilities are configured\nto store only encrypted representations of passwords. The strength of\nencryption that must be used to hash passwords for all accounts is \\\"SHA512\\\".\n\n    Check that the system is configured to create \\\"SHA512\\\" hashed passwords\nwith the following command:\n\n    # grep -i sha512 /etc/libuser.conf\n\n    crypt_style = sha512\n\n    If the \\\"crypt_style\\\" variable is not set to \\\"sha512\\\", is not in the\ndefaults section, is commented out, or does not exist, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to store only SHA512 encrypted\nrepresentations of passwords.\n\n    Add or update the following line in \\\"/etc/libuser.conf\\\" in the [defaults]\nsection:\n\n    crypt_style = sha512\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000073-GPOS-00041\"\n  tag gid: \"V-71923\"\n  tag rid: \"SV-86547r3_rule\"\n  tag stig_id: \"RHEL-07-010220\"\n  tag fix_id: \"F-78275r1_fix\"\n  tag cci: [\"CCI-000196\"]\n  tag nist: [\"IA-5 (1) (c)\", \"Rev_4\"]\n\n  describe command(\"cat /etc/libuser.conf | grep -i sha512\") do\n    its('stdout.strip') { should match %r(^crypt_style = sha512$) }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `cat /etc/libuser.conf | grep -i sha512` stdout.strip is expected to match /^crypt_style = sha512$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81007</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95719r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010491</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems version 7.2 or newer using
 Unified Extensible Firmware Interface (UEFI) must require authentication upon
-booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use BIOS, this is Not Applicable.
 
     For systems that are running a version of RHEL prior to 7.2, this is Not
@@ -35866,22 +34290,22 @@ Applicable.
     Check to see if an encrypted root password is set. On systems that use
 UEFI, use the following command:
 
-    # grep -iw grub2_password &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;user.cfg
-    GRUB2_PASSWORD&#x3D;grub.pbkdf2.sha512.[password_hash]
+    # grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
 
-    If the root password does not begin with &quot;grub.pbkdf2.sha512&quot;, this is a
+    If the root password does not begin with "grub.pbkdf2.sha512", this is a
 finding.
 
-    Verify that the &quot;root&quot; account is set as the &quot;superusers&quot;:
+    Verify that the "root" account is set as the "superusers":
 
-    # grep -iw &quot;superusers&quot; &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg
-        set superusers&#x3D;&quot;root&quot;
+    # grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+        set superusers="root"
         export superusers
 
-    If &quot;superusers&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "superusers" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -35892,848 +34316,803 @@ finding.
     Enter password:
     Confirm password:
 
-    Edit the &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg file and add or modify the following
-lines in the &quot;### BEGIN &#x2F;etc&#x2F;grub.d&#x2F;01_users ###&quot; section:
-
-    set superusers&#x3D;&quot;root&quot;
-    export superusers</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ccd2b88b-b9c1-42c6-9fbc-993a1afa763a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-System running BIOS
-The System is running BIOS, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72119</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86743r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following
+lines in the "### BEGIN /etc/grub.d/01_users ###" section:
+
+    set superusers="root"
+    export superusers</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-81007\" do\n  title \"Red Hat Enterprise Linux operating systems version 7.2 or newer using\nUnified Extensible Firmware Interface (UEFI) must require authentication upon\nbooting into single-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use BIOS, this is Not Applicable.\n\n    For systems that are running a version of RHEL prior to 7.2, this is Not\nApplicable.\n\n    Check to see if an encrypted root password is set. On systems that use\nUEFI, use the following command:\n\n    # grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the root password does not begin with \\\"grub.pbkdf2.sha512\\\", this is a\nfinding.\n\n    Verify that the \\\"root\\\" account is set as the \\\"superusers\\\":\n\n    # grep -iw \\\"superusers\\\" /boot/efi/EFI/redhat/grub.cfg\n        set superusers=\\\"root\\\"\n        export superusers\n\n    If \\\"superusers\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-setpassword\n    Enter password:\n    Confirm password:\n\n    Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following\nlines in the \\\"### BEGIN /etc/grub.d/01_users ###\\\" section:\n\n    set superusers=\\\"root\\\"\n    export superusers\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-81007\"\n  tag rid: \"SV-95719r1_rule\"\n  tag stig_id: \"RHEL-07-010491\"\n  tag fix_id: \"F-87841r2_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  unless file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe \"System running BIOS\" do\n      skip \"The System is running BIOS, this control is Not Applicable.\"\n    end\n  else\n    unless os[:release] &gt;= \"7.2\"\n      impact 0.0\n      describe \"System running version of RHEL prior to 7.2\" do\n        skip \"The System is running an outdated version of RHEL, this control is Not Applicable.\"\n      end\n    else\n      impact 0.7\n      input('grub_uefi_user_boot_files').each do |grub_user_file|\n        describe parse_config_file(grub_user_file) do\n          its('GRUB2_PASSWORD') { should include \"grub.pbkdf2.sha512\"}\n        end\n      end\n\n      describe parse_config_file(input('grub_uefi_main_cfg')) do\n        its('set superusers') { should cmp '\"root\"' }  \n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST System running BIOS :: SKIP_MESSAGE The System is running BIOS, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72119</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86743r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fremovexattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fremovexattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fremovexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fremovexattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fremovexattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fremovexattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fremovexattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fremovexattr&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    -a always,exit -F arch&#x3D;b64 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>19423c82-12ef-467a-a109-3a8cd70b5b6d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86821r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030870</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72119\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fremovexattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fremovexattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fremovexattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fremovexattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fremovexattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72119\"\n  tag rid: \"SV-86743r5_rule\"\n  tag stig_id: \"RHEL-07-030480\"\n  tag fix_id: \"F-78471r6_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fremovexattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fremovexattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86821r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030870</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;passwd.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/passwd.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;passwd&quot;.
+"/etc/passwd".
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;passwd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/passwd /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;passwd -p wa -k identity
+    -w /etc/passwd -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;passwd&quot;.
-
-    Add or update the following rule &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;passwd -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>424fe694-89dc-46ef-b289-f939bdaf2b23</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;passwd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;passwd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72125</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86749r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030510</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/passwd".
+
+    Add or update the following rule "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/passwd -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72197\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/passwd.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/passwd\\\".\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/passwd /etc/audit/audit.rules\n\n    -w /etc/passwd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/passwd\\\".\n\n    Add or update the following rule \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/passwd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag satisfies: [\"SRG-OS-000004-GPOS-00004\", \"SRG-OS-000239-GPOS-00089\",\n\"SRG-OS-000240-GPOS-00090\", \"SRG-OS-000241-GPOS-00091\",\n\"SRG-OS-000303-GPOS-00120\", \"SRG-OS-000476-GPOS-00221\"]\n  tag gid: \"V-72197\"\n  tag rid: \"SV-86821r5_rule\"\n  tag stig_id: \"RHEL-07-030870\"\n  tag fix_id: \"F-78551r4_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/passwd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/passwd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/passwd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86749r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030510</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the open syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the open syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open&quot; syscall occur.
+successful/unsuccessful attempts to use the "open" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw open &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw open /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;open&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"open" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2dcd5185-e0d2-43d8-9e77-d454f9efeba7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86785r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030690</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "open" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72125\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe open syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"open\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw open /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"open\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"open\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72125\"\n  tag rid: \"SV-86749r5_rule\"\n  tag stig_id: \"RHEL-07-030510\"\n  tag fix_id: \"F-78477r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"open\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"open\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"open\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"open\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "open" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86785r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030690</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the sudo command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the sudo command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;sudo&quot; command occur.
+successful/unsuccessful attempts to use the "sudo" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;bin&#x2F;sudo &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/bin/sudo /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;sudo -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;sudo&quot; command occur.
+successful/unsuccessful attempts to use the "sudo" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;sudo -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1081f55c-cea5-43b5-a97f-f99a71f550da</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;sudo&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;sudo&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86639r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72161\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe sudo command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"sudo\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/bin/sudo /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"sudo\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72161\"\n  tag rid: \"SV-86785r4_rule\"\n  tag stig_id: \"RHEL-07-030690\"\n  tag fix_id: \"F-78513r5_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/sudo'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/sudo" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/sudo" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86639r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all local interactive user home directories are defined in the &#x2F;etc&#x2F;passwd
-file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all local interactive user home directories are defined in the /etc/passwd
+file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a local interactive user has a home directory defined that does not
-exist, the user may be given access to the &#x2F; directory as the current working
+exist, the user may be given access to the / directory as the current working
 directory upon logon. This could create a Denial of Service because the user
 would not be able to access their logon configuration files, and it may give
-them visibility to system files they normally would not be able to access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+them visibility to system files they normally would not be able to access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users on the
 system exists.
 
     Check the home directory assignment for all local interactive
 non-privileged users on the system with the following command:
 
-    # cut -d: -f 1,3,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
+    # cut -d: -f 1,3,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
 
-    smithj:1001:&#x2F;home&#x2F;smithj
+    smithj:1001:/home/smithj
 
     Note: This may miss interactive users that have been assigned a privileged
 UID. Evidence of interactive use may be obtained from a number of log files
@@ -36742,593 +35121,570 @@ containing system logon information.
     Check that all referenced home directories exist with the following command:
 
     # pwck -r
-    user &#39;smithj&#39;: directory &#39;&#x2F;home&#x2F;smithj&#39; does not exist
+    user 'smithj': directory '/home/smithj' does not exist
 
-    If any home directories referenced in &quot;&#x2F;etc&#x2F;passwd&quot; are returned as not
-defined, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any home directories referenced in "/etc/passwd" are returned as not
+defined, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Create home directories to all local interactive users that currently do
 not have a home directory assigned. Use the following commands to create the
-user home directory assigned in &quot;&#x2F;etc&#x2F; passwd&quot;:
+user home directory assigned in "/etc/ passwd":
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;, a UID of &quot;smithj&quot;, and a Group Identifier (GID) of
-&quot;users&quot; assigned in &quot;&#x2F;etc&#x2F;passwd&quot;.
-
-    # mkdir &#x2F;home&#x2F;smithj
-    # chown smithj &#x2F;home&#x2F;smithj
-    # chgrp users &#x2F;home&#x2F;smithj
-    # chmod 0750 &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>05265cae-6236-4462-ab1e-e2ebdff2d04c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Directory &#x2F;root is expected to exist
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user is expected to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72293</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86917r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040660</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj", a UID of "smithj", and a Group Identifier (GID) of
+"users" assigned in "/etc/passwd".
+
+    # mkdir /home/smithj
+    # chown smithj /home/smithj
+    # chgrp users /home/smithj
+    # chmod 0750 /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72015\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories are defined in the /etc/passwd\nfile.\"\n  desc  \"If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the / directory as the current working\ndirectory upon logon. This could create a Denial of Service because the user\nwould not be able to access their logon configuration files, and it may give\nthem visibility to system files they normally would not be able to access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users on the\nsystem exists.\n\n    Check the home directory assignment for all local interactive\nnon-privileged users on the system with the following command:\n\n    # cut -d: -f 1,3,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n\n    smithj:1001:/home/smithj\n\n    Note: This may miss interactive users that have been assigned a privileged\nUID. Evidence of interactive use may be obtained from a number of log files\ncontaining system logon information.\n\n    Check that all referenced home directories exist with the following command:\n\n    # pwck -r\n    user 'smithj': directory '/home/smithj' does not exist\n\n    If any home directories referenced in \\\"/etc/passwd\\\" are returned as not\ndefined, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Create home directories to all local interactive users that currently do\nnot have a home directory assigned. Use the following commands to create the\nuser home directory assigned in \\\"/etc/ passwd\\\":\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\", a UID of \\\"smithj\\\", and a Group Identifier (GID) of\n\\\"users\\\" assigned in \\\"/etc/passwd\\\".\n\n    # mkdir /home/smithj\n    # chown smithj /home/smithj\n    # chgrp users /home/smithj\n    # chmod 0750 /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72015\"\n  tag rid: \"SV-86639r2_rule\"\n  tag stig_id: \"RHEL-07-020620\"\n  tag fix_id: \"F-78367r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    describe directory(user_info.home) do\n      it { should exist }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Directory /root is expected to exist
+--------------------------------
+passed :: TEST Directory /home/ec2-user is expected to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72293</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86917r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040660</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not send Internet
-Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages contain
-information from the system&#39;s route table, possibly revealing portions of the
-network topology.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information from the system's route table, possibly revealing portions of the
+network topology.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not send IPv4 ICMP redirect messages.
 
-    # grep &#39;net.ipv4.conf.all.send_redirects&#39; &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.all.send_redirects' /etc/sysctl.conf /etc/sysctl.d/*
 
-    If &quot;net.ipv4.conf.all.send_redirects&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out or
-does not have a value of &quot;0&quot;, this is a finding.
+    If "net.ipv4.conf.all.send_redirects" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or
+does not have a value of "0", this is a finding.
 
-    Check that the operating system implements the &quot;all send_redirects&quot;
+    Check that the operating system implements the "all send_redirects"
 variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.all.send_redirects&#39;
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.send_redirects'
 
-    net.ipv4.conf.all.send_redirects &#x3D; 0
+    net.ipv4.conf.all.send_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to not allow interfaces to perform IPv4 ICMP
 redirects.
 
     Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.send_redirects &#x3D; 0
+    net.ipv4.conf.all.send_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>61e094ec-7aca-4d62-b684-ff322d21d1b7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.send_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72141</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86765r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030590</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72293\" do\n  title \"The Red Hat Enterprise Linux operating system must not send Internet\nProtocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages contain\ninformation from the system's route table, possibly revealing portions of the\nnetwork topology.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not send IPv4 ICMP redirect messages.\n\n    # grep 'net.ipv4.conf.all.send_redirects' /etc/sysctl.conf /etc/sysctl.d/*\n\n    If \\\"net.ipv4.conf.all.send_redirects\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the \\\"all send_redirects\\\"\nvariables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.send_redirects'\n\n    net.ipv4.conf.all.send_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to not allow interfaces to perform IPv4 ICMP\nredirects.\n\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.send_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72293\"\n  tag rid: \"SV-86917r3_rule\"\n  tag stig_id: \"RHEL-07-040660\"\n  tag fix_id: \"F-78647r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.send_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.send_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72141</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86765r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030590</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the setfiles command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the setfiles command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setfiles&quot; command occur.
+successful/unsuccessful attempts to use the "setfiles" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;setfiles &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/setfiles /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setfiles -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setfiles&quot; command occur.
+successful/unsuccessful attempts to use the "setfiles" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setfiles -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>46e89da5-1f9d-467f-a32a-65ad466dce7a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setfiles&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setfiles&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72053</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86677r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72141\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe setfiles command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"setfiles\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw /usr/sbin/setfiles /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"setfiles\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72141\"\n  tag rid: \"SV-86765r5_rule\"\n  tag stig_id: \"RHEL-07-030590\"\n  tag fix_id: \"F-78493r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/setfiles'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/setfiles" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/setfiles" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72053</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86677r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the cron.allow file, if it exists, is owned by root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the owner of the &quot;cron.allow&quot; file is not set to root, the
+that the cron.allow file, if it exists, is owned by root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the owner of the "cron.allow" file is not set to root, the
 possibility exists for an unauthorized user to view or to edit sensitive
-information.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;cron.allow&quot; file is owned by root.
-
-    Check the owner of the &quot;cron.allow&quot; file with the following command:
-
-    # ls -al &#x2F;etc&#x2F;cron.allow
-    -rw------- 1 root root 6 Mar  5  2011 &#x2F;etc&#x2F;cron.allow
-
-    If the &quot;cron.allow&quot; file exists and has an owner other than root, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Set the owner on the &quot;&#x2F;etc&#x2F;cron.allow&quot; file to root with the following
+information.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "cron.allow" file is owned by root.
+
+    Check the owner of the "cron.allow" file with the following command:
+
+    # ls -al /etc/cron.allow
+    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow
+
+    If the "cron.allow" file exists and has an owner other than root, this is
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Set the owner on the "/etc/cron.allow" file to root with the following
 command:
 
-    # chown root &#x2F;etc&#x2F;cron.allow</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>528fe9f8-e39a-4be1-9e1e-5dab37056160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;cron.allow is expected to be owned by &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71897</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86521r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010090</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chown root /etc/cron.allow</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72053\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the cron.allow file, if it exists, is owned by root.\"\n  desc  \"If the owner of the \\\"cron.allow\\\" file is not set to root, the\npossibility exists for an unauthorized user to view or to edit sensitive\ninformation.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"cron.allow\\\" file is owned by root.\n\n    Check the owner of the \\\"cron.allow\\\" file with the following command:\n\n    # ls -al /etc/cron.allow\n    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow\n\n    If the \\\"cron.allow\\\" file exists and has an owner other than root, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Set the owner on the \\\"/etc/cron.allow\\\" file to root with the following\ncommand:\n\n    # chown root /etc/cron.allow\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72053\"\n  tag rid: \"SV-86677r3_rule\"\n  tag stig_id: \"RHEL-07-021110\"\n  tag fix_id: \"F-78405r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    # case where file doesn't exist\n    describe file('/etc/cron.allow') do\n      it { should_not exist }\n    end\n    # case where file exists\n    describe file('/etc/cron.allow') do\n      it { should be_owned_by 'root' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/cron.allow is expected to be owned by "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71897</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86521r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010090</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have the screen
-package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>:  A session time-out lock is a temporary action taken when a user
 stops work and moves away from the immediate physical vicinity of the
 information system but does not log out because of the temporary nature of the
 absence. Rather than relying on the user to manually lock their operating
 system session prior to vacating the vicinity, operating systems need to be
-able to identify when a user&#39;s session has idled and take action to initiate
+able to identify when a user's session has idled and take action to initiate
 the session lock.
 
     The screen and tmux packages allow for a session lock to be implemented and
-configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system has the screen package installed.
 
     Check to see if the screen package is installed with the following command:
@@ -37343,10 +35699,10 @@ installed with the following command:
     tmux-1.8-4.el7.x86_64.rpm
 
     If either the screen package or the tmux package is not installed, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install the screen package to allow the initiation of a session lock after
 a 15-minute period of inactivity.
 
@@ -37360,141 +35716,136 @@ command:
     Install the tmux program (if it is not on the system) with the following
 command:
 
-    #yum install tmux</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2a0c9623-e8d4-476e-9fa2-e8d53169ce53</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package screen is expected to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72303</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86927r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    #yum install tmux</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71897\" do\n  title \"The Red Hat Enterprise Linux operating system must have the screen\npackage installed.\"\n  desc  \":  A session time-out lock is a temporary action taken when a user\nstops work and moves away from the immediate physical vicinity of the\ninformation system but does not log out because of the temporary nature of the\nabsence. Rather than relying on the user to manually lock their operating\nsystem session prior to vacating the vicinity, operating systems need to be\nable to identify when a user's session has idled and take action to initiate\nthe session lock.\n\n    The screen and tmux packages allow for a session lock to be implemented and\nconfigured.\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system has the screen package installed.\n\n    Check to see if the screen package is installed with the following command:\n\n    # yum list installed screen\n    screen-4.3.1-3-x86_64.rpm\n\n    If the screen package is not installed, check to see if the tmux package is\ninstalled with the following command:\n\n    #yum list installed tmux\n    tmux-1.8-4.el7.x86_64.rpm\n\n    If either the screen package or the tmux package is not installed, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Install the screen package to allow the initiation of a session lock after\na 15-minute period of inactivity.\n\n    Install the screen program (if it is not on the system) with the following\ncommand:\n\n    # yum install screen\n\n    OR\n\n    Install the tmux program (if it is not on the system) with the following\ncommand:\n\n    #yum install tmux\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71897\"\n  tag rid: \"SV-86521r3_rule\"\n  tag stig_id: \"RHEL-07-010090\"\n  tag fix_id: \"F-78249r3_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  multiplexer_packages = input('terminal_mux_pkgs')\n\n  describe.one do\n    multiplexer_packages.each do |pkg|  \n      describe package(pkg) do\n        it { should be_installed }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package screen is expected to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72303</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86927r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that remote X connections for interactive users are encrypted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that remote X connections for interactive users are encrypted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Open X displays allow an attacker to capture keystrokes and execute
-commands remotely.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+commands remotely.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify remote X connections for interactive users are encrypted.
 
     Check that remote X connections are encrypted with the following command:
 
-    # grep -i x11forwarding &#x2F;etc&#x2F;ssh&#x2F;sshd_config | grep -v &quot;^#&quot;
+    # grep -i x11forwarding /etc/ssh/sshd_config | grep -v "^#"
 
     X11Forwarding yes
 
-    If the &quot;X11Forwarding&quot; keyword is set to &quot;no&quot; or is missing, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "X11Forwarding" keyword is set to "no" or is missing, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to encrypt connections for interactive users.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for the
-&quot;X11Forwarding&quot; keyword and set its value to &quot;yes&quot; (this file may be named
+    Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the
+"X11Forwarding" keyword and set its value to "yes" (this file may be named
 differently or be in a different location if using a version of SSH that is
 provided by a third-party vendor):
 
@@ -37502,118 +35853,113 @@ provided by a third-party vendor):
 
     The SSH service must be restarted for changes to take effect:
 
-    # systemctl restart sshd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>36540e58-f190-4e7d-afce-a7e4c0fe9111</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration X11Forwarding is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71979</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86603r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl restart sshd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72303\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat remote X connections for interactive users are encrypted.\"\n  desc  \"Open X displays allow an attacker to capture keystrokes and execute\ncommands remotely.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify remote X connections for interactive users are encrypted.\n\n    Check that remote X connections are encrypted with the following command:\n\n    # grep -i x11forwarding /etc/ssh/sshd_config | grep -v \\\"^#\\\"\n\n    X11Forwarding yes\n\n    If the \\\"X11Forwarding\\\" keyword is set to \\\"no\\\" or is missing, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to encrypt connections for interactive users.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for the\n\\\"X11Forwarding\\\" keyword and set its value to \\\"yes\\\" (this file may be named\ndifferently or be in a different location if using a version of SSH that is\nprovided by a third-party vendor):\n\n    X11Forwarding yes\n\n    The SSH service must be restarted for changes to take effect:\n\n    # systemctl restart sshd\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72303\"\n  tag rid: \"SV-86927r4_rule\"\n  tag stig_id: \"RHEL-07-040710\"\n  tag fix_id: \"F-78657r6_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('X11Forwarding') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration X11Forwarding is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71979</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86603r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent the
 installation of software, patches, service packs, device drivers, or operating
 system components of local packages without verification they have been
 digitally signed using a certificate that is issued by a Certificate Authority
-(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Changes to any software components can have significant effects on the
 overall security of the operating system. This requirement ensures the software
 has not been tampered with and that it has been provided by a trusted vendor.
@@ -37628,14 +35974,14 @@ software has not been tampered with and that it has been provided by a trusted
 vendor. Self-signed certificates are disallowed by this requirement. The
 operating system should not have to verify the software again. This requirement
 does not mandate DoD certificates for this purpose; however, the certificate
-used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents the installation of patches, service
 packs, device drivers, or operating system components of local packages without
 verification that they have been digitally signed using a certificate that is
@@ -37644,131 +35990,126 @@ recognized and approved by the organization.
     Check that yum verifies the signature of local packages prior to install
 with the following command:
 
-    # grep localpkg_gpgcheck &#x2F;etc&#x2F;yum.conf
-    localpkg_gpgcheck&#x3D;1
+    # grep localpkg_gpgcheck /etc/yum.conf
+    localpkg_gpgcheck=1
 
-    If &quot;localpkg_gpgcheck&quot; is not set to &quot;1&quot;, or if options are missing or
+    If "localpkg_gpgcheck" is not set to "1", or if options are missing or
 commented out, ask the System Administrator how the signatures of local
 packages and other operating system components are verified.
 
     If there is no process to validate the signatures of local packages that is
-approved by the organization, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+approved by the organization, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify the signature of local packages
-prior to install by setting the following option in the &quot;&#x2F;etc&#x2F;yum.conf&quot; file:
-
-    localpkg_gpgcheck&#x3D;1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3610f5a4-da92-40dc-9682-7443547bba3e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-INI &#x2F;etc&#x2F;yum.conf main.localpkg_gpgcheck </FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71971</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86595r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+prior to install by setting the following option in the "/etc/yum.conf" file:
+
+    localpkg_gpgcheck=1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71979\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent the\ninstallation of software, patches, service packs, device drivers, or operating\nsystem components of local packages without verification they have been\ndigitally signed using a certificate that is issued by a Certificate Authority\n(CA) that is recognized and approved by the organization.\"\n  desc  \"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components of local packages without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check that yum verifies the signature of local packages prior to install\nwith the following command:\n\n    # grep localpkg_gpgcheck /etc/yum.conf\n    localpkg_gpgcheck=1\n\n    If \\\"localpkg_gpgcheck\\\" is not set to \\\"1\\\", or if options are missing or\ncommented out, ask the System Administrator how the signatures of local\npackages and other operating system components are verified.\n\n    If there is no process to validate the signatures of local packages that is\napproved by the organization, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify the signature of local packages\nprior to install by setting the following option in the \\\"/etc/yum.conf\\\" file:\n\n    localpkg_gpgcheck=1\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000366-GPOS-00153\"\n  tag gid: \"V-71979\"\n  tag rid: \"SV-86603r2_rule\"\n  tag stig_id: \"RHEL-07-020060\"\n  tag fix_id: \"F-78331r1_fix\"\n  tag cci: [\"CCI-001749\"]\n  tag nist: [\"CM-5 (3)\", \"Rev_4\"]\n\n  yum_conf = '/etc/yum.conf'\n\n  if ((f = file(yum_conf)).exist?)\n     describe ini(yum_conf) do\n       its('main.localpkg_gpgcheck') { cmp 1 }\n     end\n   else\n     describe f do\n       it { should exist }\n     end\n   end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST INI /etc/yum.conf main.localpkg_gpgcheck </FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71971</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86595r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent
 non-privileged users from executing privileged functions to include disabling,
-circumventing, or altering implemented security safeguards&#x2F;countermeasures.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+circumventing, or altering implemented security safeguards/countermeasures.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Preventing non-privileged users from executing privileged functions
 mitigates the risk that unauthorized individuals or processes may gain
 unnecessary access to information or privileges.
@@ -37778,19 +36119,19 @@ performing system integrity checks, or administering cryptographic key
 management activities. Non-privileged users are individuals who do not possess
 appropriate authorizations. Circumventing intrusion detection and prevention
 mechanisms or malicious code protection mechanisms are examples of privileged
-functions that require protection from non-privileged users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+functions that require protection from non-privileged users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an HBSS or HIPS is active on the system, this is Not Applicable.
 
     Verify the operating system prevents non-privileged users from executing
 privileged functions to include disabling, circumventing, or altering
-implemented security safeguards&#x2F;countermeasures.
+implemented security safeguards/countermeasures.
 
     Get a list of authorized users (other than System Administrator and guest
 accounts) for the system.
@@ -37798,174 +36139,165 @@ accounts) for the system.
     Check the list against the system by using the following command:
 
     # semanage login -l | more
-    Login Name SELinux User MLS&#x2F;MCS Range Service
+    Login Name SELinux User MLS/MCS Range Service
     __default__ user_u s0-s0:c0.c1023 *
     root unconfined_u s0-s0:c0.c1023 *
     system_u system_u s0-s0:c0.c1023 *
     joe staff_u s0-s0:c0.c1023 *
 
-    All administrators must be mapped to the &quot;sysadm_u&quot; or &quot;staff_u&quot; users
+    All administrators must be mapped to the "sysadm_u" or "staff_u" users
 role.
 
-    All authorized non-administrative users must be mapped to the &quot;user_u&quot;
+    All authorized non-administrative users must be mapped to the "user_u"
 role.
 
-    If they are not mapped in this way, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If they are not mapped in this way, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent non-privileged users from
 executing privileged functions to include disabling, circumventing, or altering
-implemented security safeguards&#x2F;countermeasures.
+implemented security safeguards/countermeasures.
 
-    Use the following command to map a new user to the &quot;sysdam_u&quot; role:
+    Use the following command to map a new user to the "sysdam_u" role:
 
     #semanage login -a -s sysadm_u &lt;username&gt;
 
-    Use the following command to map an existing user to the &quot;sysdam_u&quot; role:
+    Use the following command to map an existing user to the "sysdam_u" role:
 
     #semanage login -m -s sysadm_u &lt;username&gt;
 
-    Use the following command to map a new user to the &quot;staff_u&quot; role:
+    Use the following command to map a new user to the "staff_u" role:
 
     #semanage login -a -s staff_u &lt;username&gt;
 
-    Use the following command to map an existing user to the &quot;staff_u&quot; role:
+    Use the following command to map an existing user to the "staff_u" role:
 
     #semanage login -m -s staff_u &lt;username&gt;
 
-    Use the following command to map a new user to the &quot;user_u&quot; role:
+    Use the following command to map a new user to the "user_u" role:
 
     # semanage login -a -s user_u &lt;username&gt;
 
-    Use the following command to map an existing user to the &quot;user_u&quot; role:
-
-    # semanage login -m -s user_u &lt;username&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c29ee677-8047-4c7f-9509-fb8c3cd3fdbe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;selinuxenabled&#x60; exist? is expected to equal true
---------------------------------
-passed
-Command: &#x60;selinuxenabled&#x60; exit_status is expected to eq 0
---------------------------------
-passed
-seusers is expected not to be empty
---------------------------------
-passed
-SELinux login __default__ is expected to be in &quot;user_u&quot;
-expected &#x60;unconfined_u&#x60; to be in the list: &#x60;[&quot;user_u&quot;]&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71977</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86601r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Use the following command to map an existing user to the "user_u" role:
+
+    # semanage login -m -s user_u &lt;username&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71971\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent\nnon-privileged users from executing privileged functions to include disabling,\ncircumventing, or altering implemented security safeguards/countermeasures.\"\n  desc  \"Preventing non-privileged users from executing privileged functions\nmitigates the risk that unauthorized individuals or processes may gain\nunnecessary access to information or privileges.\n\n    Privileged functions include, for example, establishing accounts,\nperforming system integrity checks, or administering cryptographic key\nmanagement activities. Non-privileged users are individuals who do not possess\nappropriate authorizations. Circumventing intrusion detection and prevention\nmechanisms or malicious code protection mechanisms are examples of privileged\nfunctions that require protection from non-privileged users.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If an HBSS or HIPS is active on the system, this is Not Applicable.\n\n    Verify the operating system prevents non-privileged users from executing\nprivileged functions to include disabling, circumventing, or altering\nimplemented security safeguards/countermeasures.\n\n    Get a list of authorized users (other than System Administrator and guest\naccounts) for the system.\n\n    Check the list against the system by using the following command:\n\n    # semanage login -l | more\n    Login Name SELinux User MLS/MCS Range Service\n    __default__ user_u s0-s0:c0.c1023 *\n    root unconfined_u s0-s0:c0.c1023 *\n    system_u system_u s0-s0:c0.c1023 *\n    joe staff_u s0-s0:c0.c1023 *\n\n    All administrators must be mapped to the \\\"sysadm_u\\\" or \\\"staff_u\\\" users\nrole.\n\n    All authorized non-administrative users must be mapped to the \\\"user_u\\\"\nrole.\n\n    If they are not mapped in this way, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent non-privileged users from\nexecuting privileged functions to include disabling, circumventing, or altering\nimplemented security safeguards/countermeasures.\n\n    Use the following command to map a new user to the \\\"sysdam_u\\\" role:\n\n    #semanage login -a -s sysadm_u &lt;username&gt;\n\n    Use the following command to map an existing user to the \\\"sysdam_u\\\" role:\n\n    #semanage login -m -s sysadm_u &lt;username&gt;\n\n    Use the following command to map a new user to the \\\"staff_u\\\" role:\n\n    #semanage login -a -s staff_u &lt;username&gt;\n\n    Use the following command to map an existing user to the \\\"staff_u\\\" role:\n\n    #semanage login -m -s staff_u &lt;username&gt;\n\n    Use the following command to map a new user to the \\\"user_u\\\" role:\n\n    # semanage login -a -s user_u &lt;username&gt;\n\n    Use the following command to map an existing user to the \\\"user_u\\\" role:\n\n    # semanage login -m -s user_u &lt;username&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000324-GPOS-00125\"\n  tag gid: \"V-71971\"\n  tag rid: \"SV-86595r2_rule\"\n  tag stig_id: \"RHEL-07-020020\"\n  tag fix_id: \"F-78323r1_fix\"\n  tag cci: [\"CCI-002165\", \"CCI-002235\"]\n  tag nist: [\"AC-3 (4)\", \"AC-6 (10)\", \"Rev_4\"]\n\n  admin_logins = input('admin_logins')\n\n  describe command('selinuxenabled') do\n    its('exist?') { should be true }\n    its('exit_status') { should eq 0 }\n  end\n\n  # Get the currently enabled selinux mode\n  selinux_mode = file('/etc/selinux/config').content.lines.\n    grep(/\\A\\s*SELINUXTYPE=/).last.split('=').last.strip\n\n  # Get the current seusers configuration\n  #\n  # Avoid use of semanage in case it has been uninstalled\n  #\n  # Remove all comments and empty lines\n  seusers = file(\"/etc/selinux/#{selinux_mode}/seusers\").content.lines.\n    grep_v(/(#|\\A\\s+\\Z)/).map(&amp;:strip)\n\n  # Create collect the remaining results in user/context pairs\n  seusers = seusers.map{|x| x.split(':')[0..1]}\n\n  describe 'seusers' do\n    it { expect(seusers).to_not be_empty }\n  end\n\n  users_to_ignore = [\n    'root',\n    'system_u' # This is a default user mapping\n  ]\n\n  seusers.each do |user, context|\n    next if users_to_ignore.include?(user)\n\n    describe \"SELinux login #{user}\" do\n      # This is required by the STIG\n      if user == '__default__'\n        let(:valid_users){[ 'user_u' ]}\n      elsif admin_logins.include?(user)\n        let(:valid_users){[\n          'sysadm_u',\n          'staff_u'\n        ]}\n      else\n        let(:valid_users){[\n          'user_u',\n          'guest_u',\n          'xguest_u'\n        ]}\n      end\n\n      it { expect(context).to be_in(valid_users) }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `selinuxenabled` exist? is expected to equal true
+--------------------------------
+passed :: TEST Command: `selinuxenabled` exit_status is expected to eq 0
+--------------------------------
+passed :: TEST seusers is expected not to be empty
+--------------------------------
+passed :: TEST SELinux login __default__ is expected to be in "user_u" :: MESSAGE expected `unconfined_u` to be in the list: `["user_u"]`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71977</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86601r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent the
 installation of software, patches, service packs, device drivers, or operating
 system components from a repository without verification they have been
 digitally signed using a certificate that is issued by a Certificate Authority
-(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Changes to any software components can have significant effects on the
 overall security of the operating system. This requirement ensures the software
 has not been tampered with and that it has been provided by a trusted vendor.
@@ -37980,14 +36312,14 @@ software has not been tampered with and that it has been provided by a trusted
 vendor. Self-signed certificates are disallowed by this requirement. The
 operating system should not have to verify the software again. This requirement
 does not mandate DoD certificates for this purpose; however, the certificate
-used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents the installation of patches, service
 packs, device drivers, or operating system components from a repository without
 verification that they have been digitally signed using a certificate that is
@@ -37996,149 +36328,144 @@ recognized and approved by the organization.
     Check that yum verifies the signature of packages from a repository prior
 to install with the following command:
 
-    # grep gpgcheck &#x2F;etc&#x2F;yum.conf
-    gpgcheck&#x3D;1
+    # grep gpgcheck /etc/yum.conf
+    gpgcheck=1
 
-    If &quot;gpgcheck&quot; is not set to &quot;1&quot;, or if options are missing or commented
+    If "gpgcheck" is not set to "1", or if options are missing or commented
 out, ask the System Administrator how the certificates for patches and other
 operating system components are verified.
 
     If there is no process to validate certificates that is approved by the
-organization, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+organization, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify the signature of packages from a
 repository prior to install by setting the following option in the
-&quot;&#x2F;etc&#x2F;yum.conf&quot; file:
-
-    gpgcheck&#x3D;1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>79582f08-4352-4f03-be21-5246a0b3aa2b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-INI &#x2F;etc&#x2F;yum.conf main.gpgcheck is expected to cmp &#x3D;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72273</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86897r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040520</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/yum.conf" file:
+
+    gpgcheck=1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71977\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent the\ninstallation of software, patches, service packs, device drivers, or operating\nsystem components from a repository without verification they have been\ndigitally signed using a certificate that is issued by a Certificate Authority\n(CA) that is recognized and approved by the organization.\"\n  desc  \"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components from a repository without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check that yum verifies the signature of packages from a repository prior\nto install with the following command:\n\n    # grep gpgcheck /etc/yum.conf\n    gpgcheck=1\n\n    If \\\"gpgcheck\\\" is not set to \\\"1\\\", or if options are missing or commented\nout, ask the System Administrator how the certificates for patches and other\noperating system components are verified.\n\n    If there is no process to validate certificates that is approved by the\norganization, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify the signature of packages from a\nrepository prior to install by setting the following option in the\n\\\"/etc/yum.conf\\\" file:\n\n    gpgcheck=1\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000366-GPOS-00153\"\n  tag gid: \"V-71977\"\n  tag rid: \"SV-86601r2_rule\"\n  tag stig_id: \"RHEL-07-020050\"\n  tag fix_id: \"F-78329r1_fix\"\n  tag cci: [\"CCI-001749\"]\n  tag nist: [\"CM-5 (3)\", \"Rev_4\"]\n\n  yum_conf = '/etc/yum.conf'\n\n  if ((f = file(yum_conf)).exist?)\n    describe ini(yum_conf) do\n      its('main.gpgcheck') { should cmp 1 }\n    end\n  else\n    describe f do\n      it { should exist }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST INI /etc/yum.conf main.gpgcheck is expected to cmp == 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72273</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86897r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040520</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable an
-application firewall, if available.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+application firewall, if available.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Firewalls protect computers from network attacks by blocking or
 limiting access to open network ports. Application firewalls limit which
-applications are allowed to communicate over the network.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+applications are allowed to communicate over the network.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enabled an application firewall.
 
-    Check to see if &quot;firewalld&quot; is installed with the following command:
+    Check to see if "firewalld" is installed with the following command:
 
     # yum list installed firewalld
     firewalld-0.3.9-11.el7.noarch.rpm
 
-    If the &quot;firewalld&quot; package is not installed, ask the System Administrator
+    If the "firewalld" package is not installed, ask the System Administrator
 if another firewall application (such as iptables) is installed.
 
     If an application firewall is not installed, this is a finding.
@@ -38149,10 +36476,10 @@ command:
     # systemctl status firewalld
     firewalld.service - firewalld - dynamic firewall daemon
 
-       Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;firewalld.service; enabled)
+       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
        Active: active (running) since Tue 2014-06-17 11:14:49 CEST; 5 days ago
 
-    If &quot;firewalld&quot; does not show a status of &quot;loaded&quot; and &quot;active&quot;, this
+    If "firewalld" does not show a status of "loaded" and "active", this
 is a finding.
 
     Check the state of the firewall:
@@ -38160,146 +36487,139 @@ is a finding.
     # firewall-cmd --state
     running
 
-    If &quot;firewalld&quot; does not show a state of &quot;running&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure the operating system&#39;s application firewall is enabled.
+    If "firewalld" does not show a state of "running", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure the operating system's application firewall is enabled.
 
-    Install the &quot;firewalld&quot; package, if it is not on the system, with the
+    Install the "firewalld" package, if it is not on the system, with the
 following command:
 
     # yum install firewalld
 
-    Start the firewall via &quot;systemctl&quot; with the following command:
-
-    # systemctl start firewalld</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e6f6a342-b3ee-408d-9a67-47d7f7d6aef3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package firewalld is expected to be installed
---------------------------------
-passed
-System Package iptables is expected to be installed
---------------------------------
-passed
-Service firewalld.service is expected to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72299</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86923r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040690</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Start the firewall via "systemctl" with the following command:
+
+    # systemctl start firewalld</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72273\" do\n  title \"The Red Hat Enterprise Linux operating system must enable an\napplication firewall, if available.\"\n  desc  \"Firewalls protect computers from network attacks by blocking or\nlimiting access to open network ports. Application firewalls limit which\napplications are allowed to communicate over the network.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enabled an application firewall.\n\n    Check to see if \\\"firewalld\\\" is installed with the following command:\n\n    # yum list installed firewalld\n    firewalld-0.3.9-11.el7.noarch.rpm\n\n    If the \\\"firewalld\\\" package is not installed, ask the System Administrator\nif another firewall application (such as iptables) is installed.\n\n    If an application firewall is not installed, this is a finding.\n\n    Check to see if the firewall is loaded and active with the following\ncommand:\n\n    # systemctl status firewalld\n    firewalld.service - firewalld - dynamic firewall daemon\n\n       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)\n       Active: active (running) since Tue 2014-06-17 11:14:49 CEST; 5 days ago\n\n    If \\\"firewalld\\\" does not show a status of \\\"loaded\\\" and \\\"active\\\", this\nis a finding.\n\n    Check the state of the firewall:\n\n    # firewall-cmd --state\n    running\n\n    If \\\"firewalld\\\" does not show a state of \\\"running\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Ensure the operating system's application firewall is enabled.\n\n    Install the \\\"firewalld\\\" package, if it is not on the system, with the\nfollowing command:\n\n    # yum install firewalld\n\n    Start the firewall via \\\"systemctl\\\" with the following command:\n\n    # systemctl start firewalld\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag satisfies: [\"SRG-OS-000480-GPOS-00227\", \"SRG-OS-000480-GPOS-00231\",\n\"SRG-OS-000480-GPOS-00232\"]\n  tag gid: \"V-72273\"\n  tag rid: \"SV-86897r2_rule\"\n  tag stig_id: \"RHEL-07-040520\"\n  tag fix_id: \"F-78627r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe package('firewalld') do\n      it { should be_installed }\n    end\n    describe package('iptables') do\n      it { should be_installed }\n    end\n  end\n  describe.one do\n    describe systemd_service('firewalld.service') do\n      it { should be_running }\n    end\n\tdescribe systemd_service('iptables.service') do\n      it { should be_running }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package firewalld is expected to be installed
+--------------------------------
+passed :: TEST System Package iptables is expected to be installed
+--------------------------------
+passed :: TEST Service firewalld.service is expected to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72299</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86923r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040690</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have a File
-Transfer Protocol (FTP) server package installed unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Transfer Protocol (FTP) server package installed unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The FTP service provides an unencrypted remote access that does not
 provide for the confidentiality and integrity of user passwords or the remote
 session. If a privileged user were to log on using this service, the privileged
 user password could be compromised. SSH or other encrypted file transfer
-methods must be used in place of this service.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+methods must be used in place of this service.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify an FTP server has not been installed on the system.
 
     Check to see if an FTP server has been installed with the following
@@ -38309,338 +36629,326 @@ commands:
 
      vsftpd-3.0.2.el7.x86_64.rpm
 
-    If &quot;vsftpd&quot; is installed and is not documented with the Information
-System Security Officer (ISSO) as an operational requirement, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Document the &quot;vsftpd&quot; package with the ISSO as an operational requirement
+    If "vsftpd" is installed and is not documented with the Information
+System Security Officer (ISSO) as an operational requirement, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Document the "vsftpd" package with the ISSO as an operational requirement
 or remove it from the system with the following command:
 
-    # yum remove vsftpd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b0feee44-726b-40d9-b123-b39ac20b444b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package vsftpd is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72177</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86801r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030770</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # yum remove vsftpd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72299\" do\n  title \"The Red Hat Enterprise Linux operating system must not have a File\nTransfer Protocol (FTP) server package installed unless needed.\"\n  desc  \"The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify an FTP server has not been installed on the system.\n\n    Check to see if an FTP server has been installed with the following\ncommands:\n\n    # yum list installed vsftpd\n\n     vsftpd-3.0.2.el7.x86_64.rpm\n\n    If \\\"vsftpd\\\" is installed and is not documented with the Information\nSystem Security Officer (ISSO) as an operational requirement, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Document the \\\"vsftpd\\\" package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    # yum remove vsftpd\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72299\"\n  tag rid: \"SV-86923r3_rule\"\n  tag stig_id: \"RHEL-07-040690\"\n  tag fix_id: \"F-78653r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe package('vsftpd') do\n      it { should_not be_installed }\n    end\n    describe parse_config_file('/etc/vsftpd/vsftpd.conf') do\n      its('ssl_enable') { should cmp 'YES' }\n      its('force_anon_data_ssl') { should cmp 'YES' }\n      its('force_anon_logins_ssl') { should cmp 'YES' }\n      its('force_local_data_ssl') { should cmp 'YES' }\n      its('force_local_logins_ssl') { should cmp 'YES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package vsftpd is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72177</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86801r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030770</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the postqueue command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the postqueue command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged postfix commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postqueue&quot; command occur.
+successful/unsuccessful attempts to use the "postqueue" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;postqueue &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/postqueue /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postqueue -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-postfix
+    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-postfix
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postqueue&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postqueue -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-postfix
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>888f4484-d54d-445d-807b-8baa5c7d428a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postqueue&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postqueue&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72067</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86691r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "postqueue" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-postfix
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72177\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe postqueue command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged postfix commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"postqueue\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/sbin/postqueue /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-postfix\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"postqueue\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-postfix\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72177\"\n  tag rid: \"SV-86801r3_rule\"\n  tag stig_id: \"RHEL-07-030770\"\n  tag fix_id: \"F-78531r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/postqueue'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/postqueue" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/postqueue" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72067</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86691r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement NIST
 FIPS-validated cryptography for the following: to provision digital signatures,
 to generate cryptographic hashes, and to protect data requiring data-at-rest
 protections in accordance with applicable federal laws, Executive Orders,
-directives, policies, regulations, and standards.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directives, policies, regulations, and standards.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of weak or untested encryption algorithms undermines the purposes
 of using encryption to protect data. The operating system must implement
 cryptographic modules adhering to the higher standards approved by the federal
-government since this provides assurance they have been tested and validated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+government since this provides assurance they have been tested and validated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements DoD-approved encryption to protect
 the confidentiality of remote access sessions.
 
-    Check to see if the &quot;dracut-fips&quot; package is installed with the following
+    Check to see if the "dracut-fips" package is installed with the following
 command:
 
     # yum list installed dracut-fips
 
     dracut-fips-033-360.el7_2.x86_64.rpm
 
-    If a &quot;dracut-fips&quot; package is installed, check to see if the kernel
+    If a "dracut-fips" package is installed, check to see if the kernel
 command line is configured to use FIPS mode with the following command:
 
-    Note: GRUB 2 reads its configuration from the &quot;&#x2F;boot&#x2F;grub2&#x2F;grub.cfg&quot; file
+    Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file
 on traditional BIOS-based machines and from the
-&quot;&#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg&quot; file on UEFI machines.
+"/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 
-    # grep fips &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
-    &#x2F;vmlinuz-3.8.0-0.40.el7.x86_64 root&#x3D;&#x2F;dev&#x2F;mapper&#x2F;rhel-root ro rd.md&#x3D;0
-rd.dm&#x3D;0 rd.lvm.lv&#x3D;rhel&#x2F;swap crashkernel&#x3D;auto rd.luks&#x3D;0 vconsole.keymap&#x3D;us
-rd.lvm.lv&#x3D;rhel&#x2F;root rhgb fips&#x3D;1 quiet
+    # grep fips /boot/grub2/grub.cfg
+    /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0
+rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us
+rd.lvm.lv=rhel/root rhgb fips=1 quiet
 
     If the kernel command line is configured to use FIPS mode, check to see if
 the system is in FIPS mode with the following command:
 
-    # cat &#x2F;proc&#x2F;sys&#x2F;crypto&#x2F;fips_enabled
+    # cat /proc/sys/crypto/fips_enabled
     1
 
-    If a &quot;dracut-fips&quot; package is not installed, the kernel command line does
-not have a fips entry, or the system has a value of &quot;0&quot; for &quot;fips_enabled&quot;
-in &quot;&#x2F;proc&#x2F;sys&#x2F;crypto&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If a "dracut-fips" package is not installed, the kernel command line does
+not have a fips entry, or the system has a value of "0" for "fips_enabled"
+in "/proc/sys/crypto", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement DoD-approved encryption by
 installing the dracut-fips package.
 
-    To enable strict FIPS compliance, the fips&#x3D;1 kernel option needs to be
+    To enable strict FIPS compliance, the fips=1 kernel option needs to be
 added to the kernel command line during system installation so key generation
 is done with FIPS-approved algorithms and continuous monitoring tests in place.
 
     Configure the operating system to implement DoD-approved encryption by
 following the steps below:
 
-    The fips&#x3D;1 kernel option needs to be added to the kernel command line
+    The fips=1 kernel option needs to be added to the kernel command line
 during system installation so that key generation is done with FIPS-approved
 algorithms and continuous monitoring tests in place. Users should also ensure
 that the system has plenty of entropy during the installation process by moving
@@ -38652,644 +36960,614 @@ keystrokes may generate a non-unique key.
 
     # yum install dracut-fips
 
-    Recreate the &quot;initramfs&quot; file with the following command:
+    Recreate the "initramfs" file with the following command:
 
-    Note: This command will overwrite the existing &quot;initramfs&quot; file.
+    Note: This command will overwrite the existing "initramfs" file.
 
     # dracut -f
 
-    Modify the kernel command line of the current kernel in the &quot;grub.cfg&quot;
+    Modify the kernel command line of the current kernel in the "grub.cfg"
 file by adding the following option to the GRUB_CMDLINE_LINUX key in the
-&quot;&#x2F;etc&#x2F;default&#x2F;grub&quot; file and then rebuild the &quot;grub.cfg&quot; file:
+"/etc/default/grub" file and then rebuild the "grub.cfg" file:
 
-    fips&#x3D;1
+    fips=1
 
-    Changes to &quot;&#x2F;etc&#x2F;default&#x2F;grub&quot; require rebuilding the &quot;grub.cfg&quot; file
+    Changes to "/etc/default/grub" require rebuilding the "grub.cfg" file
 as follows:
 
     On BIOS-based machines, use the following command:
 
-    # grub2-mkconfig -o &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # grub2-mkconfig -o /boot/grub2/grub.cfg
 
     On UEFI-based machines, use the following command:
 
-    # grub2-mkconfig -o &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg
+    # grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
 
-    If &#x2F;boot or &#x2F;boot&#x2F;efi reside on separate partitions, the kernel parameter
-boot&#x3D;&lt;partition of &#x2F;boot or &#x2F;boot&#x2F;efi&gt; must be added to the kernel command
-line. You can identify a partition by running the df &#x2F;boot or df &#x2F;boot&#x2F;efi
+    If /boot or /boot/efi reside on separate partitions, the kernel parameter
+boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command
+line. You can identify a partition by running the df /boot or df /boot/efi
 command:
 
-    # df &#x2F;boot
+    # df /boot
     Filesystem 1K-blocks Used Available Use% Mounted on
-    &#x2F;dev&#x2F;sda1 495844 53780 416464 12% &#x2F;boot
+    /dev/sda1 495844 53780 416464 12% /boot
 
-    To ensure the &quot;boot&#x3D;&quot; configuration option will work even if device
+    To ensure the "boot=" configuration option will work even if device
 naming changes occur between boots, identify the universally unique identifier
 (UUID) of the partition with the following command:
 
-    # blkid &#x2F;dev&#x2F;sda1
-    &#x2F;dev&#x2F;sda1: UUID&#x3D;&quot;05c000f1-a213-759e-c7a2-f11b7424c797&quot; TYPE&#x3D;&quot;ext4&quot;
+    # blkid /dev/sda1
+    /dev/sda1: UUID="05c000f1-a213-759e-c7a2-f11b7424c797" TYPE="ext4"
 
     For the example above, append the following string to the kernel command
 line:
 
-    boot&#x3D;UUID&#x3D;05c000f1-a213-759e-c7a2-f11b7424c797
-
-    Reboot the system for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7c8e362f-583f-421d-ba81-5cb52cda12ba</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002476</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package dracut-fips is expected to be installed
---------------------------------
-passed
-ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto  is expected to match &#x2F;\bfips&#x3D;1\b&#x2F;
-expected &quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot; to match &#x2F;\bfips&#x3D;1\b&#x2F;
+    boot=UUID=05c000f1-a213-759e-c7a2-f11b7424c797
+
+    Reboot the system for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72067\" do\n  title \"The Red Hat Enterprise Linux operating system must implement NIST\nFIPS-validated cryptography for the following: to provision digital signatures,\nto generate cryptographic hashes, and to protect data requiring data-at-rest\nprotections in accordance with applicable federal laws, Executive Orders,\ndirectives, policies, regulations, and standards.\"\n  desc  \"Use of weak or untested encryption algorithms undermines the purposes\nof using encryption to protect data. The operating system must implement\ncryptographic modules adhering to the higher standards approved by the federal\ngovernment since this provides assurance they have been tested and validated.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements DoD-approved encryption to protect\nthe confidentiality of remote access sessions.\n\n    Check to see if the \\\"dracut-fips\\\" package is installed with the following\ncommand:\n\n    # yum list installed dracut-fips\n\n    dracut-fips-033-360.el7_2.x86_64.rpm\n\n    If a \\\"dracut-fips\\\" package is installed, check to see if the kernel\ncommand line is configured to use FIPS mode with the following command:\n\n    Note: GRUB 2 reads its configuration from the \\\"/boot/grub2/grub.cfg\\\" file\non traditional BIOS-based machines and from the\n\\\"/boot/efi/EFI/redhat/grub.cfg\\\" file on UEFI machines.\n\n    # grep fips /boot/grub2/grub.cfg\n    /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0\nrd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us\nrd.lvm.lv=rhel/root rhgb fips=1 quiet\n\n    If the kernel command line is configured to use FIPS mode, check to see if\nthe system is in FIPS mode with the following command:\n\n    # cat /proc/sys/crypto/fips_enabled\n    1\n\n    If a \\\"dracut-fips\\\" package is not installed, the kernel command line does\nnot have a fips entry, or the system has a value of \\\"0\\\" for \\\"fips_enabled\\\"\nin \\\"/proc/sys/crypto\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement DoD-approved encryption by\ninstalling the dracut-fips package.\n\n    To enable strict FIPS compliance, the fips=1 kernel option needs to be\nadded to the kernel command line during system installation so key generation\nis done with FIPS-approved algorithms and continuous monitoring tests in place.\n\n    Configure the operating system to implement DoD-approved encryption by\nfollowing the steps below:\n\n    The fips=1 kernel option needs to be added to the kernel command line\nduring system installation so that key generation is done with FIPS-approved\nalgorithms and continuous monitoring tests in place. Users should also ensure\nthat the system has plenty of entropy during the installation process by moving\nthe mouse around, or if no mouse is available, ensuring that many keystrokes\nare typed. The recommended amount of keystrokes is 256 and more. Less than 256\nkeystrokes may generate a non-unique key.\n\n    Install the dracut-fips package with the following command:\n\n    # yum install dracut-fips\n\n    Recreate the \\\"initramfs\\\" file with the following command:\n\n    Note: This command will overwrite the existing \\\"initramfs\\\" file.\n\n    # dracut -f\n\n    Modify the kernel command line of the current kernel in the \\\"grub.cfg\\\"\nfile by adding the following option to the GRUB_CMDLINE_LINUX key in the\n\\\"/etc/default/grub\\\" file and then rebuild the \\\"grub.cfg\\\" file:\n\n    fips=1\n\n    Changes to \\\"/etc/default/grub\\\" require rebuilding the \\\"grub.cfg\\\" file\nas follows:\n\n    On BIOS-based machines, use the following command:\n\n    # grub2-mkconfig -o /boot/grub2/grub.cfg\n\n    On UEFI-based machines, use the following command:\n\n    # grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg\n\n    If /boot or /boot/efi reside on separate partitions, the kernel parameter\nboot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command\nline. You can identify a partition by running the df /boot or df /boot/efi\ncommand:\n\n    # df /boot\n    Filesystem 1K-blocks Used Available Use% Mounted on\n    /dev/sda1 495844 53780 416464 12% /boot\n\n    To ensure the \\\"boot=\\\" configuration option will work even if device\nnaming changes occur between boots, identify the universally unique identifier\n(UUID) of the partition with the following command:\n\n    # blkid /dev/sda1\n    /dev/sda1: UUID=\\\"05c000f1-a213-759e-c7a2-f11b7424c797\\\" TYPE=\\\"ext4\\\"\n\n    For the example above, append the following string to the kernel command\nline:\n\n    boot=UUID=05c000f1-a213-759e-c7a2-f11b7424c797\n\n    Reboot the system for the changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000033-GPOS-00014\"\n  tag satisfies: [\"SRG-OS-000033-GPOS-00014\", \"SRG-OS-000185-GPOS-00079\",\n\"SRG-OS-000396-GPOS-00176\", \"SRG-OS-000405-GPOS-00184\",\n\"SRG-OS-000478-GPOS-00223\"]\n  tag gid: \"V-72067\"\n  tag rid: \"SV-86691r4_rule\"\n  tag stig_id: \"RHEL-07-021350\"\n  tag fix_id: \"F-78419r3_fix\"\n  tag cci: [\"CCI-000068\", \"CCI-001199\", \"CCI-002450\", \"CCI-002476\"]\n  tag nist: [\"AC-17 (2)\", \"SC-28\", \"SC-13\", \"SC-28 (1)\", \"Rev_4\"]\n\n  describe package('dracut-fips') do\n    it { should be_installed }\n  end\n\n  all_args = command('grubby --info=ALL | grep \"^args=\" | sed \"s/^args=//g\"').\n    stdout.strip.split(\"\\n\").\n    map { |s| s.sub(%r{^\"(.*)\"$}, '\\1') } # strip outer quotes if they exist\n\n  all_args.each { |args|\n    describe args do\n      it { should match %r{\\bfips=1\\b} }\n    end\n  }\n\n  describe file('/proc/sys/crypto/fips_enabled') do\n    its('content.strip') { should cmp 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002476</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package dracut-fips is expected to be installed
+--------------------------------
+passed :: TEST ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto  is expected to match /\bfips=1\b/ :: MESSAGE expected "ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto " to match /\bfips=1\b/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;\bfips&#x3D;1\b&#x2F;
-+&quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot;
+-/\bfips=1\b/
++"ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto "
 
 --------------------------------
-passed
-ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto  is expected to match &#x2F;\bfips&#x3D;1\b&#x2F;
-expected &quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot; to match &#x2F;\bfips&#x3D;1\b&#x2F;
+passed :: TEST ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto  is expected to match /\bfips=1\b/ :: MESSAGE expected "ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto " to match /\bfips=1\b/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;\bfips&#x3D;1\b&#x2F;
-+&quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot;
+-/\bfips=1\b/
++"ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto "
 
 --------------------------------
-passed
-File &#x2F;proc&#x2F;sys&#x2F;crypto&#x2F;fips_enabled content.strip is expected to cmp &#x3D;&#x3D; 1
-
+passed :: TEST File /proc/sys/crypto/fips_enabled content.strip is expected to cmp == 1 :: MESSAGE 
 expected: 1
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72139</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86763r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030580</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72139</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86763r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030580</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chcon command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chcon command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chcon&quot; command occur.
+successful/unsuccessful attempts to use the "chcon" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;chcon &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/chcon /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chcon -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chcon&quot; command occur.
+successful/unsuccessful attempts to use the "chcon" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chcon -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8d4753de-4481-4efa-8154-f335f35a97ec</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chcon&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chcon&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72275</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86899r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040530</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72139\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chcon command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chcon\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/chcon /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chcon\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72139\"\n  tag rid: \"SV-86763r4_rule\"\n  tag stig_id: \"RHEL-07-030580\"\n  tag fix_id: \"F-78491r6_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/chcon'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/chcon" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/chcon" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72275</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86899r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040530</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the date
-and time of the last successful account logon upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+and time of the last successful account logon upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Providing users with feedback on when account accesses last occurred
-facilitates user recognition and reporting of unauthorized account use.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+facilitates user recognition and reporting of unauthorized account use.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify users are provided with feedback on when account accesses last
 occurred.
 
-    Check that &quot;pam_lastlog&quot; is used and not silent with the following
+    Check that "pam_lastlog" is used and not silent with the following
 command:
 
-    # grep pam_lastlog &#x2F;etc&#x2F;pam.d&#x2F;postlogin
+    # grep pam_lastlog /etc/pam.d/postlogin
     session required pam_lastlog.so showfailed
 
-    If &quot;pam_lastlog&quot; is missing from &quot;&#x2F;etc&#x2F;pam.d&#x2F;postlogin&quot; file, or the
-silent option is present, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "pam_lastlog" is missing from "/etc/pam.d/postlogin" file, or the
+silent option is present, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to provide users with feedback on when
 account accesses last occurred by setting the required configuration options in
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;postlogin&quot;.
-
-    Add the following line to the top of &quot;&#x2F;etc&#x2F;pam.d&#x2F;postlogin&quot;:
-
-    session required pam_lastlog.so showfailed</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>487a2f55-a41d-43f2-b60c-696d3905eb04</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;postlogin] lines is expected to include session .* pam_lastlog.so showfailed
---------------------------------
-passed
-SSHD Configuration PrintLastLog is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71939</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000106-GPOS-00053</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86563r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/pam.d/postlogin".
+
+    Add the following line to the top of "/etc/pam.d/postlogin":
+
+    session required pam_lastlog.so showfailed</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72275\" do\n  title \"The Red Hat Enterprise Linux operating system must display the date\nand time of the last successful account logon upon logon.\"\n  desc  \"Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify users are provided with feedback on when account accesses last\noccurred.\n\n    Check that \\\"pam_lastlog\\\" is used and not silent with the following\ncommand:\n\n    # grep pam_lastlog /etc/pam.d/postlogin\n    session required pam_lastlog.so showfailed\n\n    If \\\"pam_lastlog\\\" is missing from \\\"/etc/pam.d/postlogin\\\" file, or the\nsilent option is present, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to provide users with feedback on when\naccount accesses last occurred by setting the required configuration options in\n\\\"/etc/pam.d/postlogin\\\".\n\n    Add the following line to the top of \\\"/etc/pam.d/postlogin\\\":\n\n    session required pam_lastlog.so showfailed\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72275\"\n  tag rid: \"SV-86899r4_rule\"\n  tag stig_id: \"RHEL-07-040530\"\n  tag fix_id: \"F-78629r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe pam('/etc/pam.d/postlogin') do\n    its('lines') { should match_pam_rule('session .* pam_lastlog.so showfailed') }\n  end\n\n  describe.one do\n    describe sshd_config do\n      its('PrintLastLog') { should cmp 'yes' }\n    end\n\n    describe pam('/etc/pam.d/postlogin') do\n      its('lines') { should match_pam_rule('session .* pam_lastlog.so showfailed').all_without_args('silent') }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/postlogin] lines is expected to include session .* pam_lastlog.so showfailed
+--------------------------------
+passed :: TEST SSHD Configuration PrintLastLog is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71939</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000106-GPOS-00053</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86563r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon does not allow authentication using an empty password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon does not allow authentication using an empty password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To determine how the SSH daemon&#39;s &quot;PermitEmptyPasswords&quot; option is set,
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To determine how the SSH daemon's "PermitEmptyPasswords" option is set,
 run the following command:
 
-    # grep -i PermitEmptyPasswords &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i PermitEmptyPasswords /etc/ssh/sshd_config
     PermitEmptyPasswords no
 
-    If no line, a commented line, or a line indicating the value &quot;no&quot; is
+    If no line, a commented line, or a line indicating the value "no" is
 returned, the required value is set.
 
-    If the required value is not set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the required value is not set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To explicitly disallow remote logon from accounts with empty passwords, add
-or correct the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
+or correct the following line in "/etc/ssh/sshd_config":
 
     PermitEmptyPasswords no
 
     The SSH service must be restarted for changes to take effect.  Any accounts
 with empty passwords should be disabled immediately, and PAM configuration
-should prevent users from being able to assign themselves empty passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d2155c88-8dc6-4b9f-8cdc-917831d3d866</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PermitEmptyPasswords is expected to eq &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72007</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86631r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+should prevent users from being able to assign themselves empty passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71939\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using an empty password.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    To determine how the SSH daemon's \\\"PermitEmptyPasswords\\\" option is set,\nrun the following command:\n\n    # grep -i PermitEmptyPasswords /etc/ssh/sshd_config\n    PermitEmptyPasswords no\n\n    If no line, a commented line, or a line indicating the value \\\"no\\\" is\nreturned, the required value is set.\n\n    If the required value is not set, this is a finding.\n  \"\n  desc  \"fix\", \"\n    To explicitly disallow remote logon from accounts with empty passwords, add\nor correct the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n\n    The SSH service must be restarted for changes to take effect.  Any accounts\nwith empty passwords should be disabled immediately, and PAM configuration\nshould prevent users from being able to assign themselves empty passwords.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000106-GPOS-00053\"\n  tag gid: \"V-71939\"\n  tag rid: \"SV-86563r3_rule\"\n  tag stig_id: \"RHEL-07-010300\"\n  tag fix_id: \"F-78291r2_fix\"\n  tag cci: [\"CCI-000766\"]\n  tag nist: [\"IA-2 (2)\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('PermitEmptyPasswords') { should eq 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PermitEmptyPasswords is expected to eq "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72007</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86631r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all files and directories have a valid owner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all files and directories have a valid owner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unowned files and directories may be unintentionally inherited if a
-user is assigned the same User Identifier &quot;UID&quot; as the UID of the un-owned
-files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+user is assigned the same User Identifier "UID" as the UID of the un-owned
+files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories on the system have a valid owner.
 
     Check the owner of all files and directories with the following command:
@@ -39297,344 +37575,324 @@ files.</ATTRIBUTE_DATA>
     Note: The value after -fstype must be replaced with the filesystem type.
 XFS is used as an example.
 
-    # find &#x2F; -fstype xfs -nouser
+    # find / -fstype xfs -nouser
 
-    If any files on the system do not have an assigned owner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any files on the system do not have an assigned owner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Either remove all files and directories from the system that do not have a
 valid user, or assign a valid user to all unowned files and directories on the
-system with the &quot;chown&quot; command:
-
-    # chown &lt;user&gt; &lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3d61bc1a-2d65-41d1-b431-6968148cc0fd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -fstype xfs -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext3 -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext2 -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext4 -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype msdos -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype vfat -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype btrfs -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype fuseblk -nouser&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86827r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030900</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+system with the "chown" command:
+
+    # chown &lt;user&gt; &lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72007\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories have a valid owner.\"\n  desc  \"Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \\\"UID\\\" as the UID of the un-owned\nfiles.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories on the system have a valid owner.\n\n    Check the owner of all files and directories with the following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    # find / -fstype xfs -nouser\n\n    If any files on the system do not have an assigned owner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Either remove all files and directories from the system that do not have a\nvalid user, or assign a valid user to all unowned files and directories on the\nsystem with the \\\"chown\\\" command:\n\n    # chown &lt;user&gt; &lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72007\"\n  tag rid: \"SV-86631r3_rule\"\n  tag stig_id: \"RHEL-07-020320\"\n  tag fix_id: \"F-78359r1_fix\"\n  tag cci: [\"CCI-002165\"]\n  tag nist: [\"AC-3 (4)\", \"Rev_4\"]\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'').\n    stdout.strip.split(\"\\n\").each do |fs|\n      describe command(\"find / -xautofs -fstype #{fs} -nouser\") do\n        its('stdout.strip') { should be_empty }\n      end\n    end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -fstype xfs -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext3 -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext2 -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext4 -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype msdos -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype vfat -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype btrfs -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype fuseblk -nouser` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86827r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030900</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the rmdir syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the rmdir syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rmdir&quot; syscall occur.
+successful/unsuccessful attempts to use the "rmdir" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw rmdir &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw rmdir /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;rmdir&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"rmdir" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rmdir&quot; syscall occur.
+successful/unsuccessful attempts to use the "rmdir" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e5d703e0-9ce4-4198-9c00-51fc826c9380</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72039</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86663r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020900</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72203\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe rmdir syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"rmdir\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw rmdir /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"rmdir\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"rmdir\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72203\"\n  tag rid: \"SV-86827r5_rule\"\n  tag stig_id: \"RHEL-07-030900\"\n  tag fix_id: \"F-78557r9_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"rmdir\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"rmdir\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72039</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86663r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020900</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all system device files are correctly labeled to prevent unauthorized
-modification.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+modification.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an unauthorized or modified device is allowed to exist on the
 system, there is the possibility the system may perform unintended or
-unauthorized operations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized operations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that all system device files are correctly labeled to prevent
 unauthorized modification.
 
     List all device files on the system that are incorrectly labeled with the
 following commands:
 
-    Note: Device files are normally found under &quot;&#x2F;dev&quot;, but applications may
+    Note: Device files are normally found under "/dev", but applications may
 place device files in other directories and may necessitate a search of the
 entire system.
 
-    #find &#x2F;dev -context *:device_t:* \( -type c -o -type b \) -printf &quot;%p %Z    &quot;
+    #find /dev -context *:device_t:* \( -type c -o -type b \) -printf "%p %Z    "
 
-    #find &#x2F;dev -context *:unlabeled_t:* \( -type c -o -type b \) -printf &quot;%p
-%Z    &quot;
+    #find /dev -context *:unlabeled_t:* \( -type c -o -type b \) -printf "%p
+%Z    "
 
-    Note: There are device files, such as &quot;&#x2F;dev&#x2F;vmci&quot;, that are used when the
+    Note: There are device files, such as "/dev/vmci", that are used when the
 operating system is a host virtual machine. They will not be owned by a user on
-the system and require the &quot;device_t&quot; label to operate. These device files
+the system and require the "device_t" label to operate. These device files
 are not a finding.
 
     If there is output from either of these commands, other than already noted,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Run the following command to determine which package owns the device file:
 
     # rpm -qf &lt;filename&gt;
@@ -39646,103 +37904,98 @@ this is a finding.</ATTRIBUTE_DATA>
     Alternatively, the package can be reinstalled from trusted media using the
 command:
 
-    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>59cb9b6c-179b-4f97-99d4-a472f609771a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-#&lt;Set: {}&gt; length is expected to cmp &#x3D;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-		</iSTIG>
-	</STIGS>
+    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72039\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all system device files are correctly labeled to prevent unauthorized\nmodification.\"\n  desc  \"If an unauthorized or modified device is allowed to exist on the\nsystem, there is the possibility the system may perform unintended or\nunauthorized operations.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that all system device files are correctly labeled to prevent\nunauthorized modification.\n\n    List all device files on the system that are incorrectly labeled with the\nfollowing commands:\n\n    Note: Device files are normally found under \\\"/dev\\\", but applications may\nplace device files in other directories and may necessitate a search of the\nentire system.\n\n    #find /dev -context *:device_t:* \\\\( -type c -o -type b \\\\) -printf \\\"%p %Z\\\n    \\\"\n\n    #find /dev -context *:unlabeled_t:* \\\\( -type c -o -type b \\\\) -printf \\\"%p\n%Z\\\n    \\\"\n\n    Note: There are device files, such as \\\"/dev/vmci\\\", that are used when the\noperating system is a host virtual machine. They will not be owned by a user on\nthe system and require the \\\"device_t\\\" label to operate. These device files\nare not a finding.\n\n    If there is output from either of these commands, other than already noted,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Run the following command to determine which package owns the device file:\n\n    # rpm -qf &lt;filename&gt;\n\n    The package can be reinstalled from a yum repository using the command:\n\n    # sudo yum reinstall &lt;packagename&gt;\n\n    Alternatively, the package can be reinstalled from trusted media using the\ncommand:\n\n    # sudo rpm -Uvh &lt;packagename&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72039\"\n  tag rid: \"SV-86663r2_rule\"\n  tag stig_id: \"RHEL-07-020900\"\n  tag fix_id: \"F-78391r1_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  virtual_machine = input('virtual_machine')\n\n  findings = Set[]\n  findings = findings + command('find / -context *:device_t:* \\( -type c -o -type b \\) -printf \"%p %Z\\n\"').stdout.split(\"\\n\")\n  findings = findings + command('find / -context *:unlabeled_t:* \\( -type c -o -type b \\) -printf \"%p %Z\\n\"').stdout.split(\"\\n\")\n  findings = findings + command('find / -context *:vmci_device_t:* \\( -type c -o -type b \\) -printf \"%p %Z\\n\"').stdout.split(\"\\n\")\n\n  describe findings do\n    if virtual_machine\n      its ('length') { should cmp 1 }\n      its ('first') { should include '/dev/vmci' }\n    else\n      its ('length') { should cmp 0 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST #&lt;Set: {}&gt; length is expected to cmp == 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+	</STIGS>
 </CHECKLIST>
\ No newline at end of file
diff --git a/test/sample_data/checklist/red_hat_good_metadata.ckl b/test/sample_data/checklist/red_hat_good_metadata.ckl
index 1be67908e..2772f1688 100644
--- a/test/sample_data/checklist/red_hat_good_metadata.ckl
+++ b/test/sample_data/checklist/red_hat_good_metadata.ckl
@@ -1,101 +1,96 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--DISA STIG Viewer :: 2.14-->
-<CHECKLIST>
-	<ASSET>
-		<ROLE>Domain Controller</ROLE>
-		<ASSET_TYPE>Computing</ASSET_TYPE>
-		<HOST_NAME>localhost</HOST_NAME>
-		<HOST_IP></HOST_IP>
-		<HOST_MAC></HOST_MAC>
-		<HOST_FQDN></HOST_FQDN>
-		<TARGET_COMMENT></TARGET_COMMENT>
-		<TECH_AREA>Other Review</TECH_AREA>
-		<TARGET_KEY></TARGET_KEY>
-		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
-		<WEB_DB_SITE></WEB_DB_SITE>
-		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
-	</ASSET>
-	<STIGS>
-		<iSTIG>
-			<STIG_INFO>
-				<SI_DATA>
-					<SID_NAME>version</SID_NAME>
-					<SID_DATA>1.0.0</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>classification</SID_NAME>
-					<SID_DATA>UNCLASSIFIED</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>customname</SID_NAME>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>stigid</SID_NAME>
-					<SID_DATA></SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>description</SID_NAME>
-					<SID_DATA>File Name: red_hat_good.json
-Version: 2.6.0
-SHA256 Hash: 6c28e36e632170e646f6b39f4c728be3ed456e3d0e511ed942afb42ff3670360
-Maintainer: MITRE SAF Team
-Copyright: MITRE, 2020
-Copyright Email: saf@groups.mitre.org
-Control Count: 247</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>filename</SID_NAME>
-					<SID_DATA>red_hat_good.json</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>releaseinfo</SID_NAME>
-					<SID_DATA>This is my release</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>title</SID_NAME>
-					<SID_DATA>My title</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>uuid</SID_NAME>
-					<SID_DATA>63c9f070-b7d3-451e-889e-26f69c4be4f1</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>notice</SID_NAME>
-					<SID_DATA>terms-of-use</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>source</SID_NAME>
-				</SI_DATA>
-			</STIG_INFO>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71973</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86597r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020030</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+<?xml version="1.0" encoding="UTF-8"?>
+<!--Heimdall Version :: 2.10.8-->
+<CHECKLIST>
+	<ASSET>
+		<ROLE>Domain Controller</ROLE>
+		<ASSET_TYPE>Computing</ASSET_TYPE>
+		<MARKING>CUI</MARKING>
+		<HOST_NAME>localhost</HOST_NAME>
+		<HOST_IP>127.0.0.1</HOST_IP>
+		<HOST_MAC></HOST_MAC>
+		<HOST_FQDN></HOST_FQDN>
+		<TARGET_COMMENT></TARGET_COMMENT>
+		<TECH_AREA>Other Review</TECH_AREA>
+		<TARGET_KEY></TARGET_KEY>
+		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
+		<WEB_DB_SITE></WEB_DB_SITE>
+		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
+	</ASSET>
+	<STIGS>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>2</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+					<SID_DATA>{"hdfSpecificData":{"attributes":[{"name":"disable_slow_controls","options":{"value":true}},{"name":"monitor_kernel_log","options":{"value":true}},{"name":"rpm_verify_perms_except","options":{"type":"Array","value":[]}},{"name":"rpm_verify_integrity_except","options":{"type":"Array","value":[]}},{"name":"banner_message_enabled","options":{"type":"String","value":"true"}},{"name":"log_aggregation_server","options":{"value":false}},{"name":"application_groups","options":{"type":"Array","value":[]}},{"name":"x11_enabled","options":{"value":false}},{"name":"user_accounts","options":{"type":"Array","value":[]}},{"name":"known_system_accounts","options":{"type":"Array","value":["root","bin","daemon","adm","lp","sync","shutdown","halt","mail","operator","nobody","systemd-bus-proxy"]}},{"name":"dconf_user","options":{"type":"String","value":"nil"}},{"name":"banner_message_text_gui","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_gui_limited","options":{"type":"String","value":"I've read &amp; consent to terms in IS user agreem't."}},{"name":"banner_message_text_cli","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_cli_limited","options":{"type":"String","value":"I've read &amp; consent to terms in IS user agreem't."}},{"name":"banner_message_text_ral","options":{"type":"String","value":"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."}},{"name":"banner_message_text_ral_limited","options":{"type":"String","value":"I've read &amp; consent to terms in IS user agreem't."}},{"name":"lock_delay","options":{"type":"Numeric","value":5}},{"name":"difok","options":{"type":"Numeric","value":8}},{"name":"min_reuse_generations","options":{"type":"Numeric","value":5}},{"name":"min_len","options":{"type":"Numeric","value":15}},{"name":"days_of_inactivity","options":{"type":"Numeric","value":0}},{"name":"unsuccessful_attempts","options":{"type":"Numeric","value":3}},{"name":"fail_interval","options":{"type":"Numeric","value":900}},{"name":"lockout_time","options":{"value":604800}},{"name":"file_integrity_tool","options":{"type":"String","value":"aide"}},{"name":"file_integrity_interval","options":{"type":"String","value":"weekly"}},{"name":"system_activity_timeout","options":{"type":"Numeric","value":600}},{"name":"client_alive_interval","options":{"type":"Numeric","value":600}},{"name":"smart_card_status","options":{"type":"String","value":"enabled"}},{"name":"log_pkg_path","options":{"type":"String","value":"/etc/rsyslog.conf"}},{"name":"exempt_home_users","options":{"type":"Array","value":[]}},{"name":"grub_main_cfg","options":{"type":"String","value":"/boot/grub2/grub.cfg"}},{"name":"grub_uefi_main_cfg","options":{"type":"String","value":"/boot/efi/EFI/redhat/grub.cfg"}},{"name":"grub_superuser","options":{"type":"String","value":"root"}},{"name":"grub_user_boot_files","options":{"type":"Array","value":["/boot/grub2/user.cfg"]}},{"name":"grub_uefi_user_boot_files","options":{"type":"Array","value":["/boot/efi/EFI/redhat/user.cfg"]}},{"name":"efi_superusers","options":{"type":"Array","value":["root"]}},{"name":"admin_logins","options":{"type":"Array","value":[]}},{"name":"max_rety","options":{"type":"Numeric","value":3}},{"name":"mfa_pkg_list","options":{"type":"Array","value":["nss-tools","nss-pam-ldapd","esc","pam_pkcs11","pam_krb5","opensc","pcsc-lite-ccid","gdm","authconfig","authconfig-gtk","krb5-libs","krb5-workstation","krb5-pkinit","pcsc-lite","pcsc-lite-libs"]}},{"name":"multifactor_enabled","options":{"type":"String","value":"true"}},{"name":"non_interactive_shells","options":{"type":"Array","value":["/sbin/nologin","/sbin/halt","/sbin/shutdown","/bin/false","/bin/sync","/bin/true"]}},{"name":"randomize_va_space","options":{"type":"Numeric","value":2}},{"name":"non_removable_media_fs","options":{"type":"Array","value":["xfs","ext4","swap","tmpfs"]}},{"name":"approved_tunnels","options":{"type":"Array","value":[]}},{"name":"virtual_machine","options":{"value":false}},{"name":"max_retry","options":{"type":"Numeric","value":3}},{"name":"firewalld_services","options":{"type":"Array","value":[]}},{"name":"firewalld_hosts_allow","options":{"type":"Array","value":[]}},{"name":"firewalld_hosts_deny","options":{"type":"Array","value":[]}},{"name":"firewalld_ports_allow","options":{"type":"Array","value":[]}},{"name":"firewalld_ports_deny","options":{"type":"Array","value":[]}},{"name":"tcpwrappers_allow","options":{"type":"Hash","value":{}}},{"name":"tcpwrappers_deny","options":{"type":"Hash","value":{}}},{"name":"iptables_rules","options":{"type":"Array","value":[]}},{"name":"firewalld_services_deny","options":{"type":"Hash","value":{}}},{"name":"firewalld_zones","options":{"type":"Array","value":[]}},{"name":"maxlogins_limit","options":{"type":"Numeric","value":10}},{"name":"custom_antivirus","options":{"type":"Boolean","value":false}},{"name":"custom_antivirus_description","options":{"type":"String","value":"None"}},{"name":"custom_hips","options":{"type":"Boolean","value":false}},{"name":"custom_hips_description","options":{"type":"String","value":"An6yTr21kC"}},{"name":"max_daemon_processes","options":{"type":"Numeric","value":1}},{"name":"aide_exclude_patterns","options":{"type":"Array","value":[]}},{"name":"terminal_mux_pkgs","options":{"type":"Array","value":["tmux","screen"]}},{"name":"disallowed_accounts","options":{"value":["games","gopher","ftp"]}},{"name":"grub_superusers","options":{"value":["root"]}},{"name":"efi_user_boot_files","options":{"value":["/boot/efi/EFI/redhat/user.cfg"]}},{"name":"efi_main_cfg","options":{"value":"/boot/efi/EFI/redhat/grub.cfg"}}],"copyright":"MITRE, 2020","copyright_email":"saf@groups.mitre.org","maintainer":"MITRE SAF Team","version":"2.6.0"}}</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>Red Hat Enterprise Linux 7 STIG</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>The Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems.  Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+					<SID_DATA>Release: 6 Benchmark Date: 2024/06/08</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>Apache-2.0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71973</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86597r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that a file integrity tool verifies the baseline operating system configuration
-at least weekly.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+at least weekly.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unauthorized changes to the baseline configuration could make the
 system vulnerable to various attacks or allow unauthorized access to the
 operating system. Changes to operating system configurations can have
@@ -103,17 +98,17 @@ unintended side effects, some of which may be relevant to security.
 
     Detecting such changes and providing an automated response can help avoid
 unintended, negative consequences that could ultimately affect the security
-state of the operating system. The operating system&#39;s Information Management
-Officer (IMO)&#x2F;Information System Security Officer (ISSO) and System
-Administrators (SAs) must be notified via email and&#x2F;or monitoring system trap
-when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+state of the operating system. The operating system's Information Management
+Officer (IMO)/Information System Security Officer (ISSO) and System
+Administrators (SAs) must be notified via email and/or monitoring system trap
+when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system routinely checks the baseline configuration for
 unauthorized changes.
 
@@ -136,308 +131,296 @@ command used in the example will use a daily occurrence.
 the file integrity application. For example, if AIDE is installed on the
 system, use the following command:
 
-    # ls -al &#x2F;etc&#x2F;cron.* | grep aide
+    # ls -al /etc/cron.* | grep aide
     -rwxr-xr-x 1 root root 29 Nov 22 2015 aide
 
-    # grep aide &#x2F;etc&#x2F;crontab &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root
-    &#x2F;etc&#x2F;crontab: 30 04 * * * &#x2F;root&#x2F;aide
-    &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root: 30 04 * * * &#x2F;root&#x2F;aide
+    # grep aide /etc/crontab /var/spool/cron/root
+    /etc/crontab: 30 04 * * * /root/aide
+    /var/spool/cron/root: 30 04 * * * /root/aide
 
     If the file integrity application does not exist, or a script file
 controlling the execution of the file integrity application does not exist,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to run automatically on the system at
 least weekly. The following example output is generic. It will set cron to run
 AIDE daily, but other file integrity tools may be used:
 
-    # more &#x2F;etc&#x2F;cron.daily&#x2F;aide
-    #!&#x2F;bin&#x2F;bash
-
-    &#x2F;usr&#x2F;sbin&#x2F;aide --check | &#x2F;bin&#x2F;mail -s &quot;$HOSTNAME - Daily aide integrity
-check run&quot; root@sysname.mil</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2a306af6-79d7-45aa-b754-79d1d3a4ebde</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-File &#x2F;etc&#x2F;cron.daily&#x2F;aide is expected to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81017</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95729r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # more /etc/cron.daily/aide
+    #!/bin/bash
+
+    /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity
+check run" root@sysname.mil</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71973\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat a file integrity tool verifies the baseline operating system configuration\nat least weekly.\"\n  desc  \"Unauthorized changes to the baseline configuration could make the\nsystem vulnerable to various attacks or allow unauthorized access to the\noperating system. Changes to operating system configurations can have\nunintended side effects, some of which may be relevant to security.\n\n    Detecting such changes and providing an automated response can help avoid\nunintended, negative consequences that could ultimately affect the security\nstate of the operating system. The operating system's Information Management\nOfficer (IMO)/Information System Security Officer (ISSO) and System\nAdministrators (SAs) must be notified via email and/or monitoring system trap\nwhen there is an unauthorized modification of a configuration item.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system routinely checks the baseline configuration for\nunauthorized changes.\n\n    Note: A file integrity tool other than Advanced Intrusion Detection\nEnvironment (AIDE) may be used, but the tool must be executed at least once per\nweek.\n\n    Check to see if AIDE is installed on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the SA how file integrity checks are\nperformed on the system.\n\n    Check for the presence of a cron job running daily or weekly on the system\nthat executes AIDE daily to scan for changes to the system baseline. The\ncommand used in the example will use a daily occurrence.\n\n    Check the cron directories for a script file controlling the execution of\nthe file integrity application. For example, if AIDE is installed on the\nsystem, use the following command:\n\n    # ls -al /etc/cron.* | grep aide\n    -rwxr-xr-x 1 root root 29 Nov 22 2015 aide\n\n    # grep aide /etc/crontab /var/spool/cron/root\n    /etc/crontab: 30 04 * * * /root/aide\n    /var/spool/cron/root: 30 04 * * * /root/aide\n\n    If the file integrity application does not exist, or a script file\ncontrolling the execution of the file integrity application does not exist,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to run automatically on the system at\nleast weekly. The following example output is generic. It will set cron to run\nAIDE daily, but other file integrity tools may be used:\n\n    # more /etc/cron.daily/aide\n    #!/bin/bash\n\n    /usr/sbin/aide --check | /bin/mail -s \\\"$HOSTNAME - Daily aide integrity\ncheck run\\\" root@sysname.mil\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000363-GPOS-00150\"\n  tag gid: \"V-71973\"\n  tag rid: \"SV-86597r2_rule\"\n  tag stig_id: \"RHEL-07-020030\"\n  tag fix_id: \"F-78325r2_fix\"\n  tag cci: [\"CCI-001744\"]\n  tag nist: [\"CM-3 (5)\", \"Rev_4\"]\n\n  file_integrity_tool = input('file_integrity_tool')\n  file_integrity_interval = input('file_integrity_interval')\n\n  describe package(file_integrity_tool) do\n    it { should be_installed }\n  end\n\n  if file_integrity_interval == 'monthly'\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      describe file(\"/etc/cron.monthly/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('months') { should cmp '*' }\n          its('weekdays') { should cmp '*' }\n        end\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('days') { should cmp '*' }\n          its('months') { should cmp '*' }\n        end\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('months') { should cmp '*' }\n        its('weekdays') { should cmp '*' }\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('days') { should cmp '*' }\n        its('months') { should cmp '*' }\n      end\n    end\n  elsif file_integrity_interval == 'weekly'\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('days') { should cmp '*' }\n          its('months') { should cmp '*' }\n        end\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('days') { should cmp '*' }\n        its('months') { should cmp '*' }\n      end\n    end\n  elsif file_integrity_interval == 'daily'\n    describe.one do\n      describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n        it { should exist }\n      end\n      if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n        describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n          its('days') { should cmp '*' }\n          its('months') { should cmp '*' }\n          its('weekdays') { should cmp '*' }\n        end\n      end\n      describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n        its('days') { should cmp '*' }\n        its('months') { should cmp '*' }\n        its('weekdays') { should cmp '*' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST File /etc/cron.daily/aide is expected to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81017</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95729r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must configure the
-au-remote plugin to off-load audit logs using the audisp-remote daemon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+au-remote plugin to off-load audit logs using the audisp-remote daemon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
 storage capacity.
 
-    Without the configuration of the &quot;au-remote&quot; plugin, the audisp-remote
-daemon will not off load the logs from the system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the &quot;au-remote&quot; plugin is configured to always off-load audit logs
+    Without the configuration of the "au-remote" plugin, the audisp-remote
+daemon will not off load the logs from the system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the "au-remote" plugin is configured to always off-load audit logs
 using the audisp-remote daemon:
 
-    # cat &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf | grep -v &quot;^#&quot;
+    # cat /etc/audisp/plugins.d/au-remote.conf | grep -v "^#"
 
-    active &#x3D; yes
-    direction &#x3D; out
-    path &#x3D; &#x2F;sbin&#x2F;audisp-remote
-    type &#x3D; always
-    format &#x3D; string
+    active = yes
+    direction = out
+    path = /sbin/audisp-remote
+    type = always
+    format = string
 
-    If the &quot;direction&quot; setting is not set to &quot;out&quot;, or the line is
+    If the "direction" setting is not set to "out", or the line is
 commented out, this is a finding.
 
-    If the &quot;path&quot; setting is not set to &quot;&#x2F;sbin&#x2F;audisp-remote&quot;, or the line
+    If the "path" setting is not set to "/sbin/audisp-remote", or the line
 is commented out, this is a finding.
 
-    If the &quot;type&quot; setting is not set to &quot;always&quot;, or the line is commented
-out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf file and add or update the
+    If the "type" setting is not set to "always", or the line is commented
+out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/plugins.d/au-remote.conf file and add or update the
 following values:
 
-    direction &#x3D; out
-    path &#x3D; &#x2F;sbin&#x2F;audisp-remote
-    type &#x3D; always
+    direction = out
+    path = /sbin/audisp-remote
+    type = always
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b40d852c-e15d-4ee7-b7e7-f3de23729808</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This test cannot be checked in a automated fashion and you must check it manually
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This check must be performed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95717r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010482</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81017\" do\n  title \"The Red Hat Enterprise Linux operating system must configure the\nau-remote plugin to off-load audit logs using the audisp-remote daemon.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    Without the configuration of the \\\"au-remote\\\" plugin, the audisp-remote\ndaemon will not off load the logs from the system being audited.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the \\\"au-remote\\\" plugin is configured to always off-load audit logs\nusing the audisp-remote daemon:\n\n    # cat /etc/audisp/plugins.d/au-remote.conf | grep -v \\\"^#\\\"\n\n    active = yes\n    direction = out\n    path = /sbin/audisp-remote\n    type = always\n    format = string\n\n    If the \\\"direction\\\" setting is not set to \\\"out\\\", or the line is\ncommented out, this is a finding.\n\n    If the \\\"path\\\" setting is not set to \\\"/sbin/audisp-remote\\\", or the line\nis commented out, this is a finding.\n\n    If the \\\"type\\\" setting is not set to \\\"always\\\", or the line is commented\nout, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/plugins.d/au-remote.conf file and add or update the\nfollowing values:\n\n    direction = out\n    path = /sbin/audisp-remote\n    type = always\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81017\"\n  tag rid: \"SV-95729r1_rule\"\n  tag stig_id: \"RHEL-07-030201\"\n  tag fix_id: \"F-87851r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  test_file = '/etc/audisp/plugins.d/au-remote.conf'\n\n  if file(test_file).exist?\n    describe parse_config_file(test_file) do\n      its('direction') { should match %r{out$} }\n      its('path') { should match %r{/sbin/audisp-remote$} }\n      its('type') { should match %r{always$} }\n    end\n  else\n    describe \"File '#{test_file}' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '#{test_file}' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually :: SKIP_MESSAGE File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This check must be performed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95717r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010482</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems version 7.2 or newer with a
-Basic Input&#x2F;Output System (BIOS) must require authentication upon booting into
-single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Basic Input/Output System (BIOS) must require authentication upon booting into
+single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use UEFI, this is Not Applicable.
 
     For systems that are running a version of RHEL prior to 7.2, this is Not
@@ -446,22 +429,22 @@ Applicable.
     Check to see if an encrypted root password is set. On systems that use a
 BIOS, use the following command:
 
-    # grep -iw grub2_password &#x2F;boot&#x2F;grub2&#x2F;user.cfg
-    GRUB2_PASSWORD&#x3D;grub.pbkdf2.sha512.[password_hash]
+    # grep -iw grub2_password /boot/grub2/user.cfg
+    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
 
-    If the root password does not begin with &quot;grub.pbkdf2.sha512&quot;, this is a
+    If the root password does not begin with "grub.pbkdf2.sha512", this is a
 finding.
 
-    Verify that the &quot;root&quot; account is set as the &quot;superusers&quot;:
+    Verify that the "root" account is set as the "superusers":
 
-    # grep -iw &quot;superusers&quot; &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
-        set superusers&#x3D;&quot;root&quot;
+    # grep -iw "superusers" /boot/grub2/grub.cfg
+        set superusers="root"
         export superusers
 
-    If &quot;superusers&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "superusers" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -472,703 +455,673 @@ finding.
     Enter password:
     Confirm password:
 
-    Edit the &#x2F;boot&#x2F;grub2&#x2F;grub.cfg file and add or modify the following lines in
-the &quot;### BEGIN &#x2F;etc&#x2F;grub.d&#x2F;01_users ###&quot; section:
-
-    set superusers&#x3D;&quot;root&quot;
-    export superusers</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9226c81d-c070-46bd-a29b-d2817301b3fe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;boot&#x2F;grub2&#x2F;user.cfg
-Can&#39;t find file: &#x2F;boot&#x2F;grub2&#x2F;user.cfg
---------------------------------
-passed
-Parse Config File &#x2F;boot&#x2F;grub2&#x2F;grub.cfg set superusers is expected to cmp &#x3D;&#x3D; &quot;\&quot;root\&quot;&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71957</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86581r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010460</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Edit the /boot/grub2/grub.cfg file and add or modify the following lines in
+the "### BEGIN /etc/grub.d/01_users ###" section:
+
+    set superusers="root"
+    export superusers</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81005\" do\n  title \"Red Hat Enterprise Linux operating systems version 7.2 or newer with a\nBasic Input/Output System (BIOS) must require authentication upon booting into\nsingle-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use UEFI, this is Not Applicable.\n\n    For systems that are running a version of RHEL prior to 7.2, this is Not\nApplicable.\n\n    Check to see if an encrypted root password is set. On systems that use a\nBIOS, use the following command:\n\n    # grep -iw grub2_password /boot/grub2/user.cfg\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the root password does not begin with \\\"grub.pbkdf2.sha512\\\", this is a\nfinding.\n\n    Verify that the \\\"root\\\" account is set as the \\\"superusers\\\":\n\n    # grep -iw \\\"superusers\\\" /boot/grub2/grub.cfg\n        set superusers=\\\"root\\\"\n        export superusers\n\n    If \\\"superusers\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-setpassword\n    Enter password:\n    Confirm password:\n\n    Edit the /boot/grub2/grub.cfg file and add or modify the following lines in\nthe \\\"### BEGIN /etc/grub.d/01_users ###\\\" section:\n\n    set superusers=\\\"root\\\"\n    export superusers\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-81005\"\n  tag rid: \"SV-95717r1_rule\"\n  tag stig_id: \"RHEL-07-010482\"\n  tag fix_id: \"F-87839r2_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  if file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe \"System running UEFI\" do\n      skip \"The System is running UEFI, this control is Not Applicable.\"\n    end\n  else\n    unless os[:release] &gt;= \"7.2\"\n      impact 0.0\n      describe \"System running version of RHEL prior to 7.2\" do\n        skip \"The System is running an outdated version of RHEL, this control is Not Applicable.\"\n      end\n    else\n      impact 0.7\n      input('grub_user_boot_files').each do |grub_user_file|\n        describe parse_config_file(grub_user_file) do\n          its('GRUB2_PASSWORD') { should include \"grub.pbkdf2.sha512\"}\n        end\n      end\n\n      describe parse_config_file(input('grub_main_cfg')) do\n        its('set superusers') { should cmp '\"root\"' }  \n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /boot/grub2/user.cfg :: SKIP_MESSAGE Can't find file: /boot/grub2/user.cfg
+--------------------------------
+passed :: TEST Parse Config File /boot/grub2/grub.cfg set superusers is expected to cmp == "\"root\""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71957</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86581r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010460</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow users to
-override SSH environment variables.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+override SSH environment variables.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow users to override environment
 variables to the SSH daemon.
 
-    Check for the value of the &quot;PermitUserEnvironment&quot; keyword with the
+    Check for the value of the "PermitUserEnvironment" keyword with the
 following command:
 
-    # grep -i permituserenvironment &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i permituserenvironment /etc/ssh/sshd_config
     PermitUserEnvironment no
 
-    If the &quot;PermitUserEnvironment&quot; keyword is not set to &quot;no&quot;, is missing,
-or is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PermitUserEnvironment" keyword is not set to "no", is missing,
+or is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow users to override environment
 variables to the SSH daemon.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for
-&quot;PermitUserEnvironment&quot; keyword and set the value to &quot;no&quot;:
+    Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for
+"PermitUserEnvironment" keyword and set the value to "no":
 
     PermitUserEnvironment no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bc937758-d687-4246-814c-7044342adabd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PermitUserEnvironment is expected to eq &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77823</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92519r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010481</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71957\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow users to\noverride SSH environment variables.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow users to override environment\nvariables to the SSH daemon.\n\n    Check for the value of the \\\"PermitUserEnvironment\\\" keyword with the\nfollowing command:\n\n    # grep -i permituserenvironment /etc/ssh/sshd_config\n    PermitUserEnvironment no\n\n    If the \\\"PermitUserEnvironment\\\" keyword is not set to \\\"no\\\", is missing,\nor is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow users to override environment\nvariables to the SSH daemon.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for\n\\\"PermitUserEnvironment\\\" keyword and set the value to \\\"no\\\":\n\n    PermitUserEnvironment no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71957\"\n  tag rid: \"SV-86581r3_rule\"\n  tag stig_id: \"RHEL-07-010460\"\n  tag fix_id: \"F-78309r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('PermitUserEnvironment') { should eq 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PermitUserEnvironment is expected to eq "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77823</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92519r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010481</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must require
-authentication upon booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+authentication upon booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
-maintenance mode is granted privileged access to all files on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintenance mode is granted privileged access to all files on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must require authentication upon booting into
 single-user and maintenance modes.
 
     Check that the operating system requires authentication upon booting into
 single-user mode with the following command:
 
-    # grep -i execstart &#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;rescue.service | grep -i sulogin
+    # grep -i execstart /usr/lib/systemd/system/rescue.service | grep -i sulogin
 
-    ExecStart&#x3D;-&#x2F;bin&#x2F;sh -c &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin; &#x2F;usr&#x2F;bin&#x2F;systemctl --fail
---no-block default&quot;
+    ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail
+--no-block default"
 
-    If &quot;ExecStart&quot; does not have &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin&quot; as an option, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "ExecStart" does not have "/usr/sbin/sulogin" as an option, this is
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require authentication upon booting into
 single-user and maintenance modes.
 
-    Add or modify the &quot;ExecStart&quot; line in
-&quot;&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;rescue.service&quot; to include &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin&quot;:
-
-    ExecStart&#x3D;-&#x2F;bin&#x2F;sh -c &quot;&#x2F;usr&#x2F;sbin&#x2F;sulogin; &#x2F;usr&#x2F;bin&#x2F;systemctl --fail
---no-block default&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>23620b06-3ec2-416d-8514-3decef4f1a65</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -i execstart &#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;rescue.service&#x60; stdout.strip is expected to match &#x2F;\&#x2F;usr\&#x2F;sbin\&#x2F;sulogin&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72243</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86867r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the "ExecStart" line in
+"/usr/lib/systemd/system/rescue.service" to include "/usr/sbin/sulogin":
+
+    ExecStart=-/bin/sh -c "/usr/sbin/sulogin; /usr/bin/systemctl --fail
+--no-block default"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-77823\" do\n  title \"The Red Hat Enterprise Linux operating system must require\nauthentication upon booting into single-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must require authentication upon booting into\nsingle-user and maintenance modes.\n\n    Check that the operating system requires authentication upon booting into\nsingle-user mode with the following command:\n\n    # grep -i execstart /usr/lib/systemd/system/rescue.service | grep -i sulogin\n\n    ExecStart=-/bin/sh -c \\\"/usr/sbin/sulogin; /usr/bin/systemctl --fail\n--no-block default\\\"\n\n    If \\\"ExecStart\\\" does not have \\\"/usr/sbin/sulogin\\\" as an option, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require authentication upon booting into\nsingle-user and maintenance modes.\n\n    Add or modify the \\\"ExecStart\\\" line in\n\\\"/usr/lib/systemd/system/rescue.service\\\" to include \\\"/usr/sbin/sulogin\\\":\n\n    ExecStart=-/bin/sh -c \\\"/usr/sbin/sulogin; /usr/bin/systemctl --fail\n--no-block default\\\"\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-77823\"\n  tag rid: \"SV-92519r2_rule\"\n  tag stig_id: \"RHEL-07-010481\"\n  tag fix_id: \"F-84523r2_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  describe command(\"grep -i execstart /usr/lib/systemd/system/rescue.service\") do\n    its('stdout.strip') { should match %r{/usr/sbin/sulogin} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -i execstart /usr/lib/systemd/system/rescue.service` stdout.strip is expected to match /\/usr\/sbin\/sulogin/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72243</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86867r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon does not allow authentication using rhosts authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon does not allow authentication using rhosts authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not allow authentication using known hosts
 authentication.
 
-    To determine how the SSH daemon&#39;s &quot;IgnoreRhosts&quot; option is set, run the
+    To determine how the SSH daemon's "IgnoreRhosts" option is set, run the
 following command:
 
-    # grep -i IgnoreRhosts &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i IgnoreRhosts /etc/ssh/sshd_config
 
     IgnoreRhosts yes
 
-    If the value is returned as &quot;no&quot;, the returned line is commented out, or
-no output is returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is returned as "no", the returned line is commented out, or
+no output is returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH daemon to not allow authentication using known hosts
 authentication.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;, or uncomment the line
-and set the value to &quot;yes&quot;:
-
-    IgnoreRhosts yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>73eab482-8719-47e8-9861-a6d9b429f4b8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration IgnoreRhosts is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-79001</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93707r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030821</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add the following line in "/etc/ssh/sshd_config", or uncomment the line
+and set the value to "yes":
+
+    IgnoreRhosts yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72243\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using rhosts authentication.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not allow authentication using known hosts\nauthentication.\n\n    To determine how the SSH daemon's \\\"IgnoreRhosts\\\" option is set, run the\nfollowing command:\n\n    # grep -i IgnoreRhosts /etc/ssh/sshd_config\n\n    IgnoreRhosts yes\n\n    If the value is returned as \\\"no\\\", the returned line is commented out, or\nno output is returned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH daemon to not allow authentication using known hosts\nauthentication.\n\n    Add the following line in \\\"/etc/ssh/sshd_config\\\", or uncomment the line\nand set the value to \\\"yes\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72243\"\n  tag rid: \"SV-86867r3_rule\"\n  tag stig_id: \"RHEL-07-040350\"\n  tag fix_id: \"F-78597r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('IgnoreRhosts') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration IgnoreRhosts is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-79001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93707r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030821</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the finit_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the finit_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;finit_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "finit_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw finit_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw finit_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S finit_module -k module-change
+    -a always,exit -F arch=b32 -S finit_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S finit_module -k module-change
+    -a always,exit -F arch=b64 -S finit_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;finit_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"finit_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;finit_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S finit_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S finit_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b63b81c9-87dc-4057-85a1-9a9429dbc51a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;finit_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71967</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86591r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "finit_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S finit_module -k module-change
+
+    -a always,exit -F arch=b64 -S finit_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-79001\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe finit_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"finit_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw finit_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S finit_module -k module-change\n\n    -a always,exit -F arch=b64 -S finit_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"finit_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"finit_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S finit_module -k module-change\n\n    -a always,exit -F arch=b64 -S finit_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-79001\"\n  tag rid: \"SV-93707r3_rule\"\n  tag stig_id: \"RHEL-07-030821\"\n  tag fix_id: \"F-85751r3_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"finit_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"finit_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "finit_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71967</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86591r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the
-rsh-server package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+rsh-server package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>It is detrimental for operating systems to provide, or install by
 default, functionality exceeding requirements or mission objectives. These
 unnecessary capabilities or services are often overlooked and therefore may
@@ -1185,147 +1138,142 @@ does not provide for the confidentiality and integrity of user passwords or the
 remote session and has very weak authentication.
 
     If a privileged user were to log on using this service, the privileged user
-password could be compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+password could be compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check to see if the rsh-server package is installed with the following
 command:
 
     # yum list installed rsh-server
 
-    If the rsh-server package is installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the rsh-server package is installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable non-essential capabilities by
 removing the rsh-server package from the system with the following command:
 
-    # yum remove rsh-server</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d5377b23-782a-4f4b-85fc-2be2447054d9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package rsh-server is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72301</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86925r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # yum remove rsh-server</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71967\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the\nrsh-server package installed.\"\n  desc  \"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    The rsh-server service provides an unencrypted remote access service that\ndoes not provide for the confidentiality and integrity of user passwords or the\nremote session and has very weak authentication.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check to see if the rsh-server package is installed with the following\ncommand:\n\n    # yum list installed rsh-server\n\n    If the rsh-server package is installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable non-essential capabilities by\nremoving the rsh-server package from the system with the following command:\n\n    # yum remove rsh-server\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000095-GPOS-00049\"\n  tag gid: \"V-71967\"\n  tag rid: \"SV-86591r2_rule\"\n  tag stig_id: \"RHEL-07-020000\"\n  tag fix_id: \"F-78319r1_fix\"\n  tag cci: [\"CCI-000381\"]\n  tag nist: [\"CM-7 a\", \"Rev_4\"]\n\n  describe package(\"rsh-server\") do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package rsh-server is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72301</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86925r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the
 Trivial File Transfer Protocol (TFTP) server package installed if not required
-for operational support.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+for operational support.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If TFTP is required for operational support (such as the transmission
 of router configurations) its use must be documented with the Information
 System Security Officer (ISSO), restricted to only authorized personnel, and
-have access control rules established.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+have access control rules established.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify a TFTP server has not been installed on the system.
 
     Check to see if a TFTP server has been installed with the following command:
@@ -1334,793 +1282,759 @@ have access control rules established.</ATTRIBUTE_DATA>
     tftp-server-0.49-9.el7.x86_64.rpm
 
     If TFTP is installed and the requirement for TFTP is not documented with
-the ISSO, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+the ISSO, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remove the TFTP package from the system with the following command:
 
-# yum remove tftp-server</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>600cd667-1218-4458-af5a-30d059c59f59</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package tftp-server is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72147</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86771r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+# yum remove tftp-server</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72301\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the\nTrivial File Transfer Protocol (TFTP) server package installed if not required\nfor operational support.\"\n  desc  \"If TFTP is required for operational support (such as the transmission\nof router configurations) its use must be documented with the Information\nSystem Security Officer (ISSO), restricted to only authorized personnel, and\nhave access control rules established.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify a TFTP server has not been installed on the system.\n\n    Check to see if a TFTP server has been installed with the following command:\n\n    # yum list installed tftp-server\n    tftp-server-0.49-9.el7.x86_64.rpm\n\n    If TFTP is installed and the requirement for TFTP is not documented with\nthe ISSO, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Remove the TFTP package from the system with the following command:\n\n    # yum remove tftp-server\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72301\"\n  tag rid: \"SV-86925r2_rule\"\n  tag stig_id: \"RHEL-07-040700\"\n  tag fix_id: \"F-78655r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  describe package('tftp-server') do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package tftp-server is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72147</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86771r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
-records for all successful account access events.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+records for all successful account access events.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when successful account
 access events occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -i &#x2F;var&#x2F;log&#x2F;lastlog &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /var/log/lastlog /etc/audit/audit.rules
 
-    -w &#x2F;var&#x2F;log&#x2F;lastlog -p wa -k logins
+    -w /var/log/lastlog -p wa -k logins
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when successful
 account access events occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;var&#x2F;log&#x2F;lastlog -p wa -k logins
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>04600346-d688-4247-ae25-a1bd4a3d170c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;log&#x2F;lastlog&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;log&#x2F;lastlog&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71921</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86545r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /var/log/lastlog -p wa -k logins
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72147\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all successful account access events.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when successful account\naccess events occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -i /var/log/lastlog /etc/audit/audit.rules\n\n    -w /var/log/lastlog -p wa -k logins\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when successful\naccount access events occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /var/log/lastlog -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000470-GPOS-00214\",\n\"SRG-OS-000473-GPOS-00218\"]\n  tag gid: \"V-72147\"\n  tag rid: \"SV-86771r3_rule\"\n  tag stig_id: \"RHEL-07-030620\"\n  tag fix_id: \"F-78499r3_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/var/log/lastlog'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/var/log/lastlog" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/var/log/lastlog" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71921</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86545r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-use the shadow file to store only encrypted representations of passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+use the shadow file to store only encrypted representations of passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Passwords need to be protected at all times, and encryption is the
 standard method for protecting passwords. If passwords are not encrypted, they
 can be plainly read (i.e., clear text) and easily compromised. Passwords
 encrypted with a weak algorithm are no more protected than if they are kept in
-plain text.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the system&#39;s shadow file is configured to store only encrypted
+plain text.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the system's shadow file is configured to store only encrypted
 representations of passwords. The strength of encryption that must be used to
 hash passwords for all accounts is SHA512.
 
     Check that the system is configured to create SHA512 hashed passwords with
 the following command:
 
-    # grep -i encrypt &#x2F;etc&#x2F;login.defs
+    # grep -i encrypt /etc/login.defs
     ENCRYPT_METHOD SHA512
 
-    If the &quot;&#x2F;etc&#x2F;login.defs&quot; configuration file does not exist or allows for
-password hashes other than SHA512 to be used, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "/etc/login.defs" configuration file does not exist or allows for
+password hashes other than SHA512 to be used, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to store only SHA512 encrypted
 representations of passwords.
 
-    Add or update the following line in &quot;&#x2F;etc&#x2F;login.defs&quot;:
-
-    ENCRYPT_METHOD SHA512</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0ce1464a-a0b2-4fe0-8504-3a14e91b08c9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs ENCRYPT_METHOD is expected to cmp &#x3D;&#x3D; &quot;SHA512&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86829r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030910</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following line in "/etc/login.defs":
+
+    ENCRYPT_METHOD SHA512</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71921\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nuse the shadow file to store only encrypted representations of passwords.\"\n  desc  \"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised. Passwords\nencrypted with a weak algorithm are no more protected than if they are kept in\nplain text.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system's shadow file is configured to store only encrypted\nrepresentations of passwords. The strength of encryption that must be used to\nhash passwords for all accounts is SHA512.\n\n    Check that the system is configured to create SHA512 hashed passwords with\nthe following command:\n\n    # grep -i encrypt /etc/login.defs\n    ENCRYPT_METHOD SHA512\n\n    If the \\\"/etc/login.defs\\\" configuration file does not exist or allows for\npassword hashes other than SHA512 to be used, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to store only SHA512 encrypted\nrepresentations of passwords.\n\n    Add or update the following line in \\\"/etc/login.defs\\\":\n\n    ENCRYPT_METHOD SHA512\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000073-GPOS-00041\"\n  tag gid: \"V-71921\"\n  tag rid: \"SV-86545r2_rule\"\n  tag stig_id: \"RHEL-07-010210\"\n  tag fix_id: \"F-78273r1_fix\"\n  tag cci: [\"CCI-000196\"]\n  tag nist: [\"IA-5 (1) (c)\", \"Rev_4\"]\n\n  describe login_defs do\n    its('ENCRYPT_METHOD') { should cmp \"SHA512\" }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs ENCRYPT_METHOD is expected to cmp == "SHA512"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86829r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030910</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the unlink syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the unlink syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlink&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlink" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw unlink &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw unlink /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;unlink&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"unlink" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlink&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlink" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlink -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c1d9265d-6b87-41ad-a195-7968977b1eb3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlink&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72111</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86735r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72205\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe unlink syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlink\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw unlink /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"unlink\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlink\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlink -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72205\"\n  tag rid: \"SV-86829r5_rule\"\n  tag stig_id: \"RHEL-07-030910\"\n  tag fix_id: \"F-78559r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"unlink\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"unlink\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "unlink" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlink" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlink" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlink" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72111</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86735r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the setxattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the setxattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "setxattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw setxattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw setxattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;setxattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"setxattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "setxattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S setxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6edb39c5-2ed4-4a9b-8644-625ad9726a84</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;setxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71961</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86585r6_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72111\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe setxattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"setxattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw setxattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"setxattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"setxattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S setxattr -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72111\"\n  tag rid: \"SV-86735r5_rule\"\n  tag stig_id: \"RHEL-07-030440\"\n  tag fix_id: \"F-78463r8_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"setxattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"setxattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "setxattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71961</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86585r6_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems prior to version 7.2 with a
-Basic Input&#x2F;Output System (BIOS) must require authentication upon booting into
-single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Basic Input/Output System (BIOS) must require authentication upon booting into
+single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use UEFI, this is Not Applicable.
     For systems that are running RHEL 7.2 or newer, this is Not Applicable.
 
     Check to see if an encrypted root password is set. On systems that use a
 BIOS, use the following command:
 
-    # grep -i password_pbkdf2 &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # grep -i password_pbkdf2 /boot/grub2/grub.cfg
 
     password_pbkdf2 [superusers-account] [password-hash]
 
-    If the root password entry does not begin with &quot;password_pbkdf2&quot;, this is
+    If the root password entry does not begin with "password_pbkdf2", this is
 a finding.
 
-    If the &quot;superusers-account&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "superusers-account" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -2134,140 +2048,131 @@ a finding.
     PBKDF2 hash of your password is
 grub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45
 
-    Edit &quot;&#x2F;etc&#x2F;grub.d&#x2F;40_custom&quot; and add the following lines below the
+    Edit "/etc/grub.d/40_custom" and add the following lines below the
 comments:
 
-    # vi &#x2F;etc&#x2F;grub.d&#x2F;40_custom
+    # vi /etc/grub.d/40_custom
 
-    set superusers&#x3D;&quot;root&quot;
+    set superusers="root"
 
     password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}
 
-    Generate a new &quot;grub.conf&quot; file with the new password with the following
+    Generate a new "grub.conf" file with the new password with the following
 commands:
 
-    # grub2-mkconfig --output&#x3D;&#x2F;tmp&#x2F;grub2.cfg
-    # mv &#x2F;tmp&#x2F;grub2.cfg &#x2F;boot&#x2F;grub2&#x2F;grub.cfg</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>30c7f6f4-408a-4744-9bed-9632ec442f4c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-There must be only one grub2 superuser, and it must have the value root length is expected to cmp &#x3D;&#x3D; 1
---------------------------------
-passed
-There must be only one grub2 superuser, and it must have the value root first is expected to cmp &#x3D;&#x3D; &quot;root&quot;
---------------------------------
-passed
-The grub2 superuser password entry must begin with &#39;password_pbkdf2&#39; is expected to include &quot;password_pbkdf2&quot;
---------------------------------
-passed
-The grub2 superuser password entry must begin with &#39;password_pbkdf2&#39; length is expected to be &gt;&#x3D; 1
---------------------------------
-passed
-The grub2 superuser account password should be encrypted with pbkdf2. is expected to match &#x2F;password_pbkdf2\sroot\sgrub\.pbkdf2&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72295</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86919r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040670</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grub2-mkconfig --output=/tmp/grub2.cfg
+    # mv /tmp/grub2.cfg /boot/grub2/grub.cfg</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71961\" do\n  title \"Red Hat Enterprise Linux operating systems prior to version 7.2 with a\nBasic Input/Output System (BIOS) must require authentication upon booting into\nsingle-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use UEFI, this is Not Applicable.\n    For systems that are running RHEL 7.2 or newer, this is Not Applicable.\n\n    Check to see if an encrypted root password is set. On systems that use a\nBIOS, use the following command:\n\n    # grep -i password_pbkdf2 /boot/grub2/grub.cfg\n\n    password_pbkdf2 [superusers-account] [password-hash]\n\n    If the root password entry does not begin with \\\"password_pbkdf2\\\", this is\na finding.\n\n    If the \\\"superusers-account\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-mkpasswd-pbkdf2\n\n    Enter Password:\n    Reenter Password:\n    PBKDF2 hash of your password is\ngrub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45\n\n    Edit \\\"/etc/grub.d/40_custom\\\" and add the following lines below the\ncomments:\n\n    # vi /etc/grub.d/40_custom\n\n    set superusers=\\\"root\\\"\n\n    password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}\n\n    Generate a new \\\"grub.conf\\\" file with the new password with the following\ncommands:\n\n    # grub2-mkconfig --output=/tmp/grub2.cfg\n    # mv /tmp/grub2.cfg /boot/grub2/grub.cfg\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-71961\"\n  tag rid: \"SV-86585r6_rule\"\n  tag stig_id: \"RHEL-07-010480\"\n  tag fix_id: \"F-78313r3_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  grub_superuser = input('grub_superuser')\n  grub_user_boot_files = input('grub_user_boot_files')\n  grub_main_cfg = input('grub_main_cfg')\n\n  grub_main_content = file(grub_main_cfg).content\n\n  # Check if any additional superusers are set\n  pattern = %r{\\s*set superusers=\\\"(\\w+)\\\"}i\n  matches = grub_main_content.match(pattern)\n  superusers = matches.nil? ? [] : matches.captures\n  describe \"There must be only one grub2 superuser, and it must have the value #{grub_superuser}\" do\n    subject { superusers }\n    its('length') { should cmp 1 }\n    its('first') { should cmp grub_superuser }\n  end\n\n  # Need each password entry that has the superuser\n  pattern = %r{(.*)\\s#{grub_superuser}\\s}i\n  matches = grub_main_content.match(pattern)\n  password_entries = matches.nil? ? [] : matches.captures\n  # Each of the entries should start with password_pbkdf2\n  describe 'The grub2 superuser password entry must begin with \\'password_pbkdf2\\'' do\n    subject { password_entries }\n    its('length') { is_expected.to be &gt;= 1}\n    password_entries.each do |entry|\n      subject { entry }\n      it { should include 'password_pbkdf2'}\n    end\n  end\n\n  # Get lines such as 'password_pbkdf2 root ${ENV}'\n  pattern = %r{password_pbkdf2\\s#{grub_superuser}\\s(\\${\\w+})}i\n  matches = grub_main_content.match(pattern)\n  env_vars = matches.nil? ? [] : matches.captures\n  if env_vars.length &gt; 0\n    # If there is an environment variable in the configuration file check that it is set with correct values by looking\n    # in user.cfg files.\n    env_vars = env_vars.map { |env_var| env_var.gsub(/[${}]/, '') }\n    present_user_boot_files = grub_user_boot_files.select { |user_boot_file| file(user_boot_file).exist? }\n    describe 'grub2 user configuration files for the superuser should be present if they set an environment variable' do\n      subject { present_user_boot_files }\n      its('length') { is_expected.to be &gt;= 1 }\n      present_user_boot_files.each do |user_boot_file|\n        env_vars.each do |env_var|\n          describe \"#{user_boot_file} should set #{env_var} to a pbkdf2 value\" do\n              subject { file(user_boot_file) }\n              its('content') { should match %r{^#{env_var}=grub.pbkdf2}i }\n          end\n        end\n      end\n    end\n  else\n    # If there are no environment variable set, look for pbkdf2 after the superuser name\n    pattern = %r{password_pbkdf2\\s#{grub_superuser}\\sgrub\\.pbkdf2}i\n    describe 'The grub2 superuser account password should be encrypted with pbkdf2.' do\n      subject { grub_main_content }\n      it { should match pattern }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST There must be only one grub2 superuser, and it must have the value root length is expected to cmp == 1
+--------------------------------
+passed :: TEST There must be only one grub2 superuser, and it must have the value root first is expected to cmp == "root"
+--------------------------------
+passed :: TEST The grub2 superuser password entry must begin with 'password_pbkdf2' is expected to include "password_pbkdf2"
+--------------------------------
+passed :: TEST The grub2 superuser password entry must begin with 'password_pbkdf2' length is expected to be &gt;= 1
+--------------------------------
+passed :: TEST The grub2 superuser account password should be encrypted with pbkdf2. is expected to match /password_pbkdf2\sroot\sgrub\.pbkdf2/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72295</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86919r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040670</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Network interfaces configured on the Red Hat Enterprise Linux
-operating system must not be in promiscuous mode.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+operating system must not be in promiscuous mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Network interfaces in promiscuous mode allow for the capture of all
 network traffic visible to the system. If unauthorized individuals can access
 these applications, it may allow then to collect information such as logon IDs,
@@ -2275,14 +2180,14 @@ passwords, and key exchanges between systems.
 
     If the system is being used to perform a network troubleshooting function,
 the use of these tools must be documented with the Information System Security
-Officer (ISSO) and restricted to only authorized personnel.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Officer (ISSO) and restricted to only authorized personnel.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify network interfaces are not in promiscuous mode unless approved by
 the ISSO and documented.
 
@@ -2291,312 +2196,302 @@ the ISSO and documented.
     # ip link | grep -i promisc
 
     If network interfaces are found on the system in promiscuous mode and their
-use has not been approved by the ISSO and documented, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+use has not been approved by the ISSO and documented, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure network interfaces to turn off promiscuous mode unless approved
 by the ISSO and documented.
 
     Set the promiscuous mode of an interface to off with the following command:
 
-    #ip link set dev &lt;devicename&gt; multicast off promisc off</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>94668cc6-6f87-49b0-841c-78dec91a1923</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;ip link | grep -i promisc&#x60; stdout.strip is expected to match &#x2F;^$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86667r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    #ip link set dev &lt;devicename&gt; multicast off promisc off</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72295\" do\n  title \"Network interfaces configured on the Red Hat Enterprise Linux\noperating system must not be in promiscuous mode.\"\n  desc  \"Network interfaces in promiscuous mode allow for the capture of all\nnetwork traffic visible to the system. If unauthorized individuals can access\nthese applications, it may allow then to collect information such as logon IDs,\npasswords, and key exchanges between systems.\n\n    If the system is being used to perform a network troubleshooting function,\nthe use of these tools must be documented with the Information System Security\nOfficer (ISSO) and restricted to only authorized personnel.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify network interfaces are not in promiscuous mode unless approved by\nthe ISSO and documented.\n\n    Check for the status with the following command:\n\n    # ip link | grep -i promisc\n\n    If network interfaces are found on the system in promiscuous mode and their\nuse has not been approved by the ISSO and documented, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure network interfaces to turn off promiscuous mode unless approved\nby the ISSO and documented.\n\n    Set the promiscuous mode of an interface to off with the following command:\n\n    #ip link set dev &lt;devicename&gt; multicast off promisc off\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72295\"\n  tag rid: \"SV-86919r2_rule\"\n  tag stig_id: \"RHEL-07-040670\"\n  tag fix_id: \"F-78649r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe command(\"ip link | grep -i promisc\") do\n    its('stdout.strip') { should match %r{^$} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `ip link | grep -i promisc` stdout.strip is expected to match /^$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86667r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent files with
 the setuid and setgid bit set from being executed on file systems that are used
-with removable media.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute
-&quot;setuid&quot; and &quot;setgid&quot; files with owner privileges. This option must be used
-for mounting any file system not containing approved &quot;setuid&quot; and &quot;setguid&quot;
+with removable media.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute
+"setuid" and "setgid" files with owner privileges. This option must be used
+for mounting any file system not containing approved "setuid" and "setguid"
 files. Executing files from untrusted file systems increases the opportunity
-for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that are used for removable media are mounted with the
-&quot;nosuid&quot; option.
+"nosuid" option.
 
     Check the file systems that are mounted at boot time with the following
 command:
 
-    # more &#x2F;etc&#x2F;fstab
+    # more /etc/fstab
 
-    UUID&#x3D;2bc871e4-e2a3-4f29-9ece-3be60c835222 &#x2F;mnt&#x2F;usbflash vfat
+    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat
 noauto,owner,ro,nosuid 0 0
 
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to removable media and it
-does not have the &quot;nosuid&quot; option set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;nosuid&quot; option on
-file systems that are associated with removable media.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b1b9cdb2-5c4a-433b-aa25-ddae27f02bb1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File system &quot;xfs&quot; does not correspond to removable media. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72081</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000046-GPOS-00022</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86705r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If a file system found in "/etc/fstab" refers to removable media and it
+does not have the "nosuid" option set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "nosuid" option on
+file systems that are associated with removable media.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72043\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent files with\nthe setuid and setgid bit set from being executed on file systems that are used\nwith removable media.\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute\n\\\"setuid\\\" and \\\"setgid\\\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \\\"setuid\\\" and \\\"setguid\\\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that are used for removable media are mounted with the\n\\\"nosuid\\\" option.\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    # more /etc/fstab\n\n    UUID=2bc871e4-e2a3-4f29-9ece-3be60c835222 /mnt/usbflash vfat\nnoauto,owner,ro,nosuid 0 0\n\n    If a file system found in \\\"/etc/fstab\\\" refers to removable media and it\ndoes not have the \\\"nosuid\\\" option set, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"nosuid\\\" option on\nfile systems that are associated with removable media.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72043\"\n  tag rid: \"SV-86667r2_rule\"\n  tag stig_id: \"RHEL-07-021010\"\n  tag fix_id: \"F-78395r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  non_removable_media_fs = input('non_removable_media_fs')\n\n  file_systems = etc_fstab.params\n  if !file_systems.nil? and !file_systems.empty?\n    file_systems.each do |file_sys_line|\n      if !\"#{non_removable_media_fs}\".include?(file_sys_line['file_system_type']) then\n        describe file_sys_line['mount_options'] do\n          it { should include 'nosuid' }\n        end\n      else\n        describe \"File system \\\"#{file_sys_line['file_system_type']}\\\" does not correspond to removable media.\" do\n          subject { \"#{non_removable_media_fs}\".include?(file_sys_line['file_system_type']) }\n          it { should eq true }\n        end\n      end\n    end\n  else\n    describe \"No file systems were found.\" do\n      subject { file_systems.nil? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File system "xfs" does not correspond to removable media. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72081</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000046-GPOS-00022</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86705r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must shut down upon
 audit processing failure, unless availability is an overriding concern. If
 availability is a concern, the system must alert the designated staff (System
 Administrator [SA] and Information System Security Officer [ISSO] at a minimum)
-in the event of an audit processing failure.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+in the event of an audit processing failure.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>It is critical for the appropriate personnel to be aware if a system
 is at risk of failing to process audit logs as required. Without this
 notification, the security personnel may be unaware of an impending failure of
 the audit capability, and system operation may be adversely affected.
 
-    Audit processing failures include software&#x2F;hardware errors, failures in the
+    Audit processing failures include software/hardware errors, failures in the
 audit capturing mechanisms, and audit storage capacity being reached or
 exceeded.
 
     This requirement applies to each audit data storage repository (i.e.,
 distinct information system component where audit records are stored), the
 centralized audit storage capacity of organizations (i.e., all audit data
-storage repositories combined), or both.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage repositories combined), or both.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Confirm the audit configuration regarding how auditing processing failures
 are handled.
 
-    Check to see what level &quot;auditctl&quot; is set to with following command:
+    Check to see what level "auditctl" is set to with following command:
 
-    # auditctl -s | grep -i &quot;fail&quot;
+    # auditctl -s | grep -i "fail"
 
     failure 2
 
-    If the value of &quot;failure&quot; is set to &quot;2&quot;, the system is configured to
+    If the value of "failure" is set to "2", the system is configured to
 panic (shut down) in the event of an auditing failure.
 
-    If the value of &quot;failure&quot; is set to &quot;1&quot;, the system is configured to
+    If the value of "failure" is set to "1", the system is configured to
 only send information to the kernel log regarding the failure.
 
-    If the &quot;failure&quot; setting is not set, this is a CAT I finding.
+    If the "failure" setting is not set, this is a CAT I finding.
 
-    If the &quot;failure&quot; setting is set to any value other than &quot;1&quot; or &quot;2&quot;,
+    If the "failure" setting is set to any value other than "1" or "2",
 this is a CAT II finding.
 
-    If the &quot;failure&quot; setting is set to &quot;1&quot; but the availability concern is
+    If the "failure" setting is set to "1" but the availability concern is
 not documented or there is no monitoring of the kernel log, this is a CAT III
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to shut down in the event of an audit
 processing failure.
 
@@ -2605,7 +2500,7 @@ following command:
 
     # auditctl -f 2
 
-    Edit the &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot; file and add the following line:
+    Edit the "/etc/audit/rules.d/audit.rules" file and add the following line:
 
     -f 2
 
@@ -2616,556 +2511,534 @@ with the following command:
 
     # auditctl -f 1
 
-    Edit the &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot; file and add the following line:
+    Edit the "/etc/audit/rules.d/audit.rules" file and add the following line:
 
     -f 1
 
     Kernel log monitoring must also be configured to properly alert designated
 staff.
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>06a2b6aa-5f78-4821-8987-b63ede050af4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000139</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-2 is expected to match &#x2F;^(1|2)$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72277</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86901r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040540</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72081\" do\n  title \"The Red Hat Enterprise Linux operating system must shut down upon\naudit processing failure, unless availability is an overriding concern. If\navailability is a concern, the system must alert the designated staff (System\nAdministrator [SA] and Information System Security Officer [ISSO] at a minimum)\nin the event of an audit processing failure.\"\n  desc  \"It is critical for the appropriate personnel to be aware if a system\nis at risk of failing to process audit logs as required. Without this\nnotification, the security personnel may be unaware of an impending failure of\nthe audit capability, and system operation may be adversely affected.\n\n    Audit processing failures include software/hardware errors, failures in the\naudit capturing mechanisms, and audit storage capacity being reached or\nexceeded.\n\n    This requirement applies to each audit data storage repository (i.e.,\ndistinct information system component where audit records are stored), the\ncentralized audit storage capacity of organizations (i.e., all audit data\nstorage repositories combined), or both.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Confirm the audit configuration regarding how auditing processing failures\nare handled.\n\n    Check to see what level \\\"auditctl\\\" is set to with following command:\n\n    # auditctl -s | grep -i \\\"fail\\\"\n\n    failure 2\n\n    If the value of \\\"failure\\\" is set to \\\"2\\\", the system is configured to\npanic (shut down) in the event of an auditing failure.\n\n    If the value of \\\"failure\\\" is set to \\\"1\\\", the system is configured to\nonly send information to the kernel log regarding the failure.\n\n    If the \\\"failure\\\" setting is not set, this is a CAT I finding.\n\n    If the \\\"failure\\\" setting is set to any value other than \\\"1\\\" or \\\"2\\\",\nthis is a CAT II finding.\n\n    If the \\\"failure\\\" setting is set to \\\"1\\\" but the availability concern is\nnot documented or there is no monitoring of the kernel log, this is a CAT III\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to shut down in the event of an audit\nprocessing failure.\n\n    Add or correct the option to shut down the operating system with the\nfollowing command:\n\n    # auditctl -f 2\n\n    Edit the \\\"/etc/audit/rules.d/audit.rules\\\" file and add the following line:\n\n    -f 2\n\n    If availability has been determined to be more important, and this decision\nis documented with the ISSO, configure the operating system to notify system\nadministration staff and ISSO staff in the event of an audit processing failure\nwith the following command:\n\n    # auditctl -f 1\n\n    Edit the \\\"/etc/audit/rules.d/audit.rules\\\" file and add the following line:\n\n    -f 1\n\n    Kernel log monitoring must also be configured to properly alert designated\nstaff.\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000046-GPOS-00022\"\n  tag satisfies: [\"SRG-OS-000046-GPOS-00022\", \"SRG-OS-000047-GPOS-00023\"]\n  tag gid: \"V-72081\"\n  tag rid: \"SV-86705r4_rule\"\n  tag stig_id: \"RHEL-07-030010\"\n  tag fix_id: \"F-78433r2_fix\"\n  tag cci: [\"CCI-000139\"]\n  tag nist: [\"AU-5 a\", \"Rev_4\"]\n\n  monitor_kernel_log = input('monitor_kernel_log')\n\n  if auditd.status['failure'].nil?\n    impact 0.7\n  elsif auditd.status['failure'].match?(%r{^1$}) &amp;&amp; !monitor_kernel_log\n    impact 0.3\n  else\n    impact 0.5\n  end\n\n  if !monitor_kernel_log\n    describe auditd.status['failure'] do\n      it { should match %r{^2$} }\n    end\n  else\n    describe auditd.status['failure'] do\n      it { should match %r{^(1|2)$} }\n    end\n  end\nend"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000139</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST 2 is expected to match /^(1|2)$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72277</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86901r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040540</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not contain .shosts
-files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The .shosts files are used to configure host-based authentication for
 individual users or the system via SSH. Host-based authentication is not
 sufficient for preventing unauthorized access to the system, as it does not
 require interactive identification and authentication of a connection request,
-or for the use of two-factor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify there are no &quot;.shosts&quot; files on the system.
+or for the use of two-factor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify there are no ".shosts" files on the system.
 
     Check the system for the existence of these files with the following
 command:
 
-    # find &#x2F; -name &#39;*.shosts&#39;
-
-    If any &quot;.shosts&quot; files are found on the system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove any found &quot;.shosts&quot; files from the system.
-
-# rm &#x2F;[path]&#x2F;[to]&#x2F;[file]&#x2F;.shosts</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b9e08104-14f1-41dd-b240-62bd68e0c2ef</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -name &#39;*.shosts&#39;&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72185</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00215</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86809r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030810</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # find / -name '*.shosts'
+
+    If any ".shosts" files are found on the system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove any found ".shosts" files from the system.
+
+# rm /[path]/[to]/[file]/.shosts</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72277\" do\n  title \"The Red Hat Enterprise Linux operating system must not contain .shosts\nfiles.\"\n  desc  \"The .shosts files are used to configure host-based authentication for\nindividual users or the system via SSH. Host-based authentication is not\nsufficient for preventing unauthorized access to the system, as it does not\nrequire interactive identification and authentication of a connection request,\nor for the use of two-factor authentication.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify there are no \\\".shosts\\\" files on the system.\n\n    Check the system for the existence of these files with the following\ncommand:\n\n    # find / -name '*.shosts'\n\n    If any \\\".shosts\\\" files are found on the system, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Remove any found \\\".shosts\\\" files from the system.\n\n    # rm /[path]/[to]/[file]/.shosts\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72277\"\n  tag rid: \"SV-86901r2_rule\"\n  tag stig_id: \"RHEL-07-040540\"\n  tag fix_id: \"F-78631r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe command(\"find / -xautofs -name '*.shosts'\") do\n    its('stdout.strip') { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -name '*.shosts'` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72185</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00215</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86809r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030810</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the pam_timestamp_check command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the pam_timestamp_check command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
-responsible for one.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+responsible for one.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;pam_timestamp_check&quot; command
+successful/unsuccessful attempts to use the "pam_timestamp_check" command
 occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw &quot;&#x2F;usr&#x2F;sbin&#x2F;pam_timestamp_check&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw "/usr/sbin/pam_timestamp_check" /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;pam_timestamp_check -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-pam
+    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-pam
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;pam_timestamp_check&quot; command
+successful/unsuccessful attempts to use the "pam_timestamp_check" command
 occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;pam_timestamp_check -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-pam
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fa38d2f4-e9b4-4ea2-b760-e5da0b5c3000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;sbin&#x2F;pam_timestamp_check&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;sbin&#x2F;pam_timestamp_check&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72055</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86679r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021120</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-pam
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72185\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe pam_timestamp_check command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"pam_timestamp_check\\\" command\noccur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw \\\"/usr/sbin/pam_timestamp_check\\\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-pam\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"pam_timestamp_check\\\" command\noccur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-pam\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00215\"\n  tag gid: \"V-72185\"\n  tag rid: \"SV-86809r4_rule\"\n  tag stig_id: \"RHEL-07-030810\"\n  tag fix_id: \"F-78539r4_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  audit_file = '/sbin/pam_timestamp_check'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/sbin/pam_timestamp_check" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/sbin/pam_timestamp_check" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72055</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86679r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021120</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the cron.allow file, if it exists, is group-owned by root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the group owner of the &quot;cron.allow&quot; file is not set to root,
-sensitive information could be viewed or edited by unauthorized users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;cron.allow&quot; file is group-owned by root.
-
-    Check the group owner of the &quot;cron.allow&quot; file with the following command:
-
-    # ls -al &#x2F;etc&#x2F;cron.allow
-    -rw------- 1 root root 6 Mar  5  2011 &#x2F;etc&#x2F;cron.allow
-
-    If the &quot;cron.allow&quot; file exists and has a group owner other than root,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Set the group owner on the &quot;&#x2F;etc&#x2F;cron.allow&quot; file to root with the
+that the cron.allow file, if it exists, is group-owned by root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the group owner of the "cron.allow" file is not set to root,
+sensitive information could be viewed or edited by unauthorized users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "cron.allow" file is group-owned by root.
+
+    Check the group owner of the "cron.allow" file with the following command:
+
+    # ls -al /etc/cron.allow
+    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow
+
+    If the "cron.allow" file exists and has a group owner other than root,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Set the group owner on the "/etc/cron.allow" file to root with the
 following command:
 
-    # chgrp root &#x2F;etc&#x2F;cron.allow</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d56b8d50-0abe-45dc-a5c8-143a22d8df13</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;cron.allow group is expected to eq &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71997</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86621r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020250</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chgrp root /etc/cron.allow</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72055\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the cron.allow file, if it exists, is group-owned by root.\"\n  desc  \"If the group owner of the \\\"cron.allow\\\" file is not set to root,\nsensitive information could be viewed or edited by unauthorized users.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"cron.allow\\\" file is group-owned by root.\n\n    Check the group owner of the \\\"cron.allow\\\" file with the following command:\n\n    # ls -al /etc/cron.allow\n    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow\n\n    If the \\\"cron.allow\\\" file exists and has a group owner other than root,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the group owner on the \\\"/etc/cron.allow\\\" file to root with the\nfollowing command:\n\n    # chgrp root /etc/cron.allow\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72055\"\n  tag rid: \"SV-86679r2_rule\"\n  tag stig_id: \"RHEL-07-021120\"\n  tag fix_id: \"F-78407r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    # case where file doesn't exist\n    describe file('/etc/cron.allow') do\n      it { should_not exist }\n    end\n    # case where file exists\n    describe file('/etc/cron.allow') do\n      its('group') { should eq 'root' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/cron.allow group is expected to eq "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71997</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86621r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020250</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be a vendor
-supported release.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>An operating system release is considered &quot;supported&quot; if the vendor
+supported release.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>An operating system release is considered "supported" if the vendor
 continues to provide security patches for the product. With an unsupported
 release, it will not be possible to resolve security issues discovered in the
-system software.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+system software.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the version of the operating system is vendor supported.
 
 Check the version of the operating system with the following command:
 
-# cat &#x2F;etc&#x2F;redhat-release
+# cat /etc/redhat-release
 
 Red Hat Enterprise Linux Server release 7.4 (Maipo)
 
@@ -3183,120 +3056,115 @@ Current End of Life for RHEL 7.6 is 31 October 2020.
 
 Current End of Life for RHEL 7.7 is 30 August 2021.
 
-If the release is not supported by the vendor, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Upgrade to a supported version of the operating system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>01ebcbfe-c8e0-428b-8735-a3fc80af1fd3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;redhat-release content is expected to match &#x2F;Release (6.7*|7.[2-9].*)&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71907</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000071-GPOS-00039</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86531r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010140</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+If the release is not supported by the vendor, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Upgrade to a supported version of the operating system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71997\" do\n  title \"The Red Hat Enterprise Linux operating system must be a vendor\nsupported release.\"\n  desc  \"An operating system release is considered \\\"supported\\\" if the vendor\ncontinues to provide security patches for the product. With an unsupported\nrelease, it will not be possible to resolve security issues discovered in the\nsystem software.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the version of the operating system is vendor supported.\n\n    Check the version of the operating system with the following command:\n\n    # cat /etc/redhat-release\n\n    Red Hat Enterprise Linux Server release 7.4 (Maipo)\n\n    Current End of Life for RHEL 7.1 is 31 March 2017.\n\n    Current End of Life for RHEL 7.2 is 30 November 2017.\n\n    Current End of Life for RHEL 7.3 is 30 November 2018.\n\n    Current End of Life for RHEL 7.4 is 31 August 2019.\n\n    Current End of Life for RHEL 7.5 is 30 April 2020.\n\n    Current End of Life for RHEL 7.6 is 31 October 2020.\n\n    Current End of Life for RHEL 7.7 is 30 August 2021.\n\n    If the release is not supported by the vendor, this is a finding.\n  \"\n  desc  \"fix\", \"Upgrade to a supported version of the operating system.\"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71997\"\n  tag rid: \"SV-86621r5_rule\"\n  tag stig_id: \"RHEL-07-020250\"\n  tag fix_id: \"F-78349r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe file('/etc/redhat-release') do\n    its('content') { should match %r{Release (6.7*|7.[2-9].*)}i }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/redhat-release content is expected to match /Release (6.7*|7.[2-9].*)/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71907</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000071-GPOS-00039</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86531r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010140</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are assigned, the new password
-must contain at least one numeric character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+must contain at least one numeric character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -3305,146 +3173,141 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: The value to require a number of numeric characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;dcredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "dcredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep dcredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    dcredit &#x3D; -1
+    # grep dcredit /etc/security/pwquality.conf
+    dcredit = -1
 
-    If the value of &quot;dcredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "dcredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce password complexity by requiring
-that at least one numeric character be used by setting the &quot;dcredit&quot; option.
+that at least one numeric character be used by setting the "dcredit" option.
 
-    Add the following line to &#x2F;etc&#x2F;security&#x2F;pwquality.conf (or modify the line
+    Add the following line to /etc/security/pwquality.conf (or modify the line
 to have the required value):
 
-    dcredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8cbb49e7-a356-4c66-8776-e32a792a6df3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf dcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71991</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86615r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    dcredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71907\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are assigned, the new password\nmust contain at least one numeric character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Note: The value to require a number of numeric characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"dcredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep dcredit /etc/security/pwquality.conf\n    dcredit = -1\n\n    If the value of \\\"dcredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce password complexity by requiring\nthat at least one numeric character be used by setting the \\\"dcredit\\\" option.\n\n    Add the following line to /etc/security/pwquality.conf (or modify the line\nto have the required value):\n\n    dcredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000071-GPOS-00039\"\n  tag gid: \"V-71907\"\n  tag rid: \"SV-86531r3_rule\"\n  tag stig_id: \"RHEL-07-010140\"\n  tag fix_id: \"F-78259r1_fix\"\n  tag cci: [\"CCI-000194\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('dcredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf dcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71991</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86615r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable the SELinux
-targeted policy.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+targeted policy.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without verification of the security functions, security functions may
 not operate correctly and the failure may go unnoticed. Security function is
-defined as the hardware, software, and&#x2F;or firmware of the information system
+defined as the hardware, software, and/or firmware of the information system
 responsible for enforcing the system security policy and supporting the
 isolation of code and data on which the protection is based. Security
 functionality includes, but is not limited to, establishing system accounts,
@@ -3452,30 +3315,30 @@ configuring access authorizations (i.e., permissions, privileges), setting
 events to be audited, and setting intrusion detection parameters.
 
     This requirement applies to operating systems performing security function
-verification&#x2F;testing and&#x2F;or systems and environments that require this
-functionality.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+verification/testing and/or systems and environments that require this
+functionality.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an HBSS or HIPS is active on the system, this is Not Applicable.
 
     Verify the operating system verifies correct operation of all security
 functions.
 
-    Check if &quot;SELinux&quot; is active and is enforcing the targeted policy with
+    Check if "SELinux" is active and is enforcing the targeted policy with
 the following command:
 
     # sestatus
 
     SELinux status: enabled
 
-    SELinuxfs mount: &#x2F;selinux
+    SELinuxfs mount: /selinux
 
-    SELinux root directory: &#x2F;etc&#x2F;selinux
+    SELinux root directory: /etc/selinux
 
     Loaded policy name: targeted
 
@@ -3489,297 +3352,287 @@ the following command:
 
     Max kernel policy version: 28
 
-    If the &quot;Loaded policy name&quot; is not set to &quot;targeted&quot;, this is a finding.
+    If the "Loaded policy name" is not set to "targeted", this is a finding.
 
-    Verify that the &#x2F;etc&#x2F;selinux&#x2F;config file is configured to the
-&quot;SELINUXTYPE&quot; to &quot;targeted&quot;:
+    Verify that the /etc/selinux/config file is configured to the
+"SELINUXTYPE" to "targeted":
 
-    # grep -i &quot;selinuxtype&quot; &#x2F;etc&#x2F;selinux&#x2F;config | grep -v &#39;^#&#39;
+    # grep -i "selinuxtype" /etc/selinux/config | grep -v '^#'
 
-    SELINUXTYPE &#x3D; targeted
+    SELINUXTYPE = targeted
 
-    If no results are returned or &quot;SELINUXTYPE&quot; is not set to &quot;targeted&quot;,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If no results are returned or "SELINUXTYPE" is not set to "targeted",
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify correct operation of all security
 functions.
 
-    Set the &quot;SELinuxtype&quot; to the &quot;targeted&quot; policy by modifying the
-&quot;&#x2F;etc&#x2F;selinux&#x2F;config&quot; file to have the following line:
-
-    SELINUXTYPE&#x3D;targeted
-
-    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1cc88e4b-3d61-43c8-818c-da72250e1318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;sestatus&#x60; stdout is expected to match &#x2F;^Loaded\spolicy\sname:\s+targeted\n?$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72045</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86669r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the "SELinuxtype" to the "targeted" policy by modifying the
+"/etc/selinux/config" file to have the following line:
+
+    SELINUXTYPE=targeted
+
+    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71991\" do\n  title \"The Red Hat Enterprise Linux operating system must enable the SELinux\ntargeted policy.\"\n  desc  \"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If an HBSS or HIPS is active on the system, this is Not Applicable.\n\n    Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \\\"SELinux\\\" is active and is enforcing the targeted policy with\nthe following command:\n\n    # sestatus\n\n    SELinux status: enabled\n\n    SELinuxfs mount: /selinux\n\n    SELinux root directory: /etc/selinux\n\n    Loaded policy name: targeted\n\n    Current mode: enforcing\n\n    Mode from config file: enforcing\n\n    Policy MLS status: enabled\n\n    Policy deny_unknown status: allowed\n\n    Max kernel policy version: 28\n\n    If the \\\"Loaded policy name\\\" is not set to \\\"targeted\\\", this is a finding.\n\n    Verify that the /etc/selinux/config file is configured to the\n\\\"SELINUXTYPE\\\" to \\\"targeted\\\":\n\n    # grep -i \\\"selinuxtype\\\" /etc/selinux/config | grep -v '^#'\n\n    SELINUXTYPE = targeted\n\n    If no results are returned or \\\"SELINUXTYPE\\\" is not set to \\\"targeted\\\",\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \\\"SELinuxtype\\\" to the \\\"targeted\\\" policy by modifying the\n\\\"/etc/selinux/config\\\" file to have the following line:\n\n    SELINUXTYPE=targeted\n\n    A reboot is required for the changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000445-GPOS-00199\"\n  tag gid: \"V-71991\"\n  tag rid: \"SV-86615r5_rule\"\n  tag stig_id: \"RHEL-07-020220\"\n  tag fix_id: \"F-78343r2_fix\"\n  tag cci: [\"CCI-002165\", \"CCI-002696\"]\n  tag nist: [\"AC-3 (4)\", \"SI-6 a\", \"Rev_4\"]\n\n  describe.one do\n    describe command('sestatus') do\n      its('stdout') { should match %r{^Policy\\sfrom\\sconfigs\\sfile:\\s+targeted\\n?$} }\n    end\n    describe command('sestatus') do\n      its('stdout') { should match %r{^Loaded\\spolicy\\sname:\\s+targeted\\n?$} }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `sestatus` stdout is expected to match /^Loaded\spolicy\sname:\s+targeted\n?$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72045</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86669r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent files with
 the setuid and setgid bit set from being executed on file systems that are
-being imported via Network File System (NFS).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute
-&quot;setuid&quot; and &quot;setgid&quot; files with owner privileges. This option must be used
-for mounting any file system not containing approved &quot;setuid&quot; and &quot;setguid&quot;
+being imported via Network File System (NFS).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute
+"setuid" and "setgid" files with owner privileges. This option must be used
+for mounting any file system not containing approved "setuid" and "setguid"
 files. Executing files from untrusted file systems increases the opportunity
-for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that are being NFS imported are configured with the
-&quot;nosuid&quot; option.
+"nosuid" option.
 
     Find the file system(s) that contain the directories being exported with
 the following command:
 
-    # more &#x2F;etc&#x2F;fstab | grep nfs
+    # more /etc/fstab | grep nfs
 
-    UUID&#x3D;e06097bb-cfcd-437b-9e4d-a691f5662a7d &#x2F;store nfs rw,nosuid 0 0
+    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid 0 0
 
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to NFS and it does not have
-the &quot;nosuid&quot; option set, this is a finding.
+    If a file system found in "/etc/fstab" refers to NFS and it does not have
+the "nosuid" option set, this is a finding.
 
-    Verify the NFS is mounted with the &quot;nosuid&quot; option:
+    Verify the NFS is mounted with the "nosuid" option:
 
     # mount | grep nfs | grep nosuid
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;nosuid&quot; option on
-file systems that are being imported via NFS.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4a222768-61a9-4515-83b7-adbd0f9413e7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72251</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000074-GPOS-00042</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86875r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040390</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "nosuid" option on
+file systems that are being imported via NFS.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72045\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent files with\nthe setuid and setgid bit set from being executed on file systems that are\nbeing imported via Network File System (NFS).\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute\n\\\"setuid\\\" and \\\"setgid\\\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \\\"setuid\\\" and \\\"setguid\\\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that are being NFS imported are configured with the\n\\\"nosuid\\\" option.\n\n    Find the file system(s) that contain the directories being exported with\nthe following command:\n\n    # more /etc/fstab | grep nfs\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,nosuid 0 0\n\n    If a file system found in \\\"/etc/fstab\\\" refers to NFS and it does not have\nthe \\\"nosuid\\\" option set, this is a finding.\n\n    Verify the NFS is mounted with the \\\"nosuid\\\" option:\n\n    # mount | grep nfs | grep nosuid\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"nosuid\\\" option on\nfile systems that are being imported via NFS.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72045\"\n  tag rid: \"SV-86669r2_rule\"\n  tag stig_id: \"RHEL-07-021020\"\n  tag fix_id: \"F-78397r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n  if !nfs_systems.nil? and !nfs_systems.empty?\n    nfs_systems.each do |partition|\n      describe partition do\n        its('mount_options') { should include 'nosuid' }\n      end\n    end\n  else\n    describe \"No NFS file systems were found.\" do\n      subject { nfs_systems.nil? or nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72251</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000074-GPOS-00042</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86875r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040390</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon is configured to only use the SSHv2 protocol.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon is configured to only use the SSHv2 protocol.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>SSHv1 is an insecure implementation of the SSH protocol and has many
 well-known vulnerability exploits. Exploits of the SSH daemon could provide
-immediate root access to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+immediate root access to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check the version of the operating system with the following command:
 
-    # cat &#x2F;etc&#x2F;redhat-release
+    # cat /etc/redhat-release
 
     If the release is 7.4 or newer this requirement is Not Applicable.
 
@@ -3788,393 +3641,375 @@ immediate root access to the system.</ATTRIBUTE_DATA>
     Check that the SSH daemon is configured to only use the SSHv2 protocol with
 the following command:
 
-    # grep -i protocol &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i protocol /etc/ssh/sshd_config
     Protocol 2
     #Protocol 1,2
 
-    If any protocol line other than &quot;Protocol 2&quot; is uncommented, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove all Protocol lines that reference version &quot;1&quot; in
-&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this file may be named differently or be in a
+    If any protocol line other than "Protocol 2" is uncommented, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove all Protocol lines that reference version "1" in
+"/etc/ssh/sshd_config" (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
-vendor). The &quot;Protocol&quot; line must be as follows:
+vendor). The "Protocol" line must be as follows:
 
     Protocol 2
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f401a386-5bd2-4b12-b048-f410946a058a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The release is 7.8
-The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71945</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86569r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72251\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon is configured to only use the SSHv2 protocol.\"\n  desc  \"SSHv1 is an insecure implementation of the SSH protocol and has many\nwell-known vulnerability exploits. Exploits of the SSH daemon could provide\nimmediate root access to the system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check the version of the operating system with the following command:\n\n    # cat /etc/redhat-release\n\n    If the release is 7.4 or newer this requirement is Not Applicable.\n\n    Verify the SSH daemon is configured to only use the SSHv2 protocol.\n\n    Check that the SSH daemon is configured to only use the SSHv2 protocol with\nthe following command:\n\n    # grep -i protocol /etc/ssh/sshd_config\n    Protocol 2\n    #Protocol 1,2\n\n    If any protocol line other than \\\"Protocol 2\\\" is uncommented, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Remove all Protocol lines that reference version \\\"1\\\" in\n\\\"/etc/ssh/sshd_config\\\" (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor). The \\\"Protocol\\\" line must be as follows:\n\n    Protocol 2\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000074-GPOS-00042\"\n  tag satisfies: [\"SRG-OS-000074-GPOS-00042\", \"SRG-OS-000480-GPOS-00227\"]\n  tag gid: \"V-72251\"\n  tag rid: \"SV-86875r4_rule\"\n  tag stig_id: \"RHEL-07-040390\"\n  tag fix_id: \"F-78605r2_fix\"\n  tag cci: [\"CCI-000197\", \"CCI-000366\"]\n  tag nist: [\"IA-5 (1) (c)\", \"CM-6 b\", \"Rev_4\"]\n\n  if os.release.to_f &gt;= 7.4\n    impact 0.0\n    describe \"The release is #{os.release}\" do\n      skip \"The release is newer than 7.4; this control is Not Applicable.\"\n    end\n  else\n    describe sshd_config do\n      its('Protocol') { should cmp '2' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The release is 7.8 :: SKIP_MESSAGE The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71945</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86569r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must lock the associated
 account after three unsuccessful root logon attempts are made within a
-15-minute period.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+15-minute period.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>By limiting the number of failed logon attempts, the risk of
 unauthorized system access via user password guessing, otherwise known as brute
-forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system automatically locks the root account until it
 is released by an administrator when three unsuccessful logon attempts in 15
 minutes are made.
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;password-auth
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    # grep pam_faillock.so /etc/pam.d/password-auth
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;even_deny_root&quot; setting is not defined on both lines with the
-&quot;pam_faillock.so&quot; module, is commented out, or is missing from a line, this
+    If the "even_deny_root" setting is not defined on both lines with the
+"pam_faillock.so" module, is commented out, or is missing from a line, this
 is a finding.
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;system-auth
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    # grep pam_faillock.so /etc/pam.d/system-auth
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;even_deny_root&quot; setting is not defined on both lines with the
-&quot;pam_faillock.so&quot; module, is commented out, or is missing from a line, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "even_deny_root" setting is not defined on both lines with the
+"pam_faillock.so" module, is commented out, or is missing from a line, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to lock automatically the root account until
 the locked account is released by an administrator when three unsuccessful
 logon attempts in 15 minutes are made.
 
     Modify the first three lines of the auth section and the first line of the
-account section of the &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; files to match the following lines:
+account section of the "/etc/pam.d/system-auth" and
+"/etc/pam.d/password-auth" files to match the following lines:
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     auth sufficient pam_unix.so try_first_pass
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>56f5082f-e188-48cc-9f14-ceb8003ec4bd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
-expected &quot;account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so&quot; to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71945\" do\n  title \"The Red Hat Enterprise Linux operating system must lock the associated\naccount after three unsuccessful root logon attempts are made within a\n15-minute period.\"\n  desc  \"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as brute\nforcing, is reduced. Limits are imposed by locking the account.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system automatically locks the root account until it\nis released by an administrator when three unsuccessful logon attempts in 15\nminutes are made.\n\n    # grep pam_faillock.so /etc/pam.d/password-auth\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"even_deny_root\\\" setting is not defined on both lines with the\n\\\"pam_faillock.so\\\" module, is commented out, or is missing from a line, this\nis a finding.\n\n    # grep pam_faillock.so /etc/pam.d/system-auth\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"even_deny_root\\\" setting is not defined on both lines with the\n\\\"pam_faillock.so\\\" module, is commented out, or is missing from a line, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to lock automatically the root account until\nthe locked account is released by an administrator when three unsuccessful\nlogon attempts in 15 minutes are made.\n\n    Modify the first three lines of the auth section and the first line of the\naccount section of the \\\"/etc/pam.d/system-auth\\\" and\n\\\"/etc/pam.d/password-auth\\\" files to match the following lines:\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth sufficient pam_unix.so try_first_pass\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000329-GPOS-00128\"\n  tag satisfies: [\"SRG-OS-000329-GPOS-00128\", \"SRG-OS-000021-GPOS-00005\"]\n  tag gid: \"V-71945\"\n  tag rid: \"SV-86569r4_rule\"\n  tag stig_id: \"RHEL-07-010330\"\n  tag fix_id: \"F-78297r3_fix\"\n  tag cci: [\"CCI-002238\"]\n  tag nist: [\"AC-7 b\", \"Rev_4\"]\n\n  required_lines = [\n    'auth required pam_faillock.so even_deny_root',\n    'auth sufficient pam_unix.so try_first_pass',\n    'auth [default=die] pam_faillock.so even_deny_root'\n  ]\n\n  describe pam('/etc/pam.d/password-auth') do\n    its('lines') { should match_pam_rules(required_lines) }\n    its('lines') { should match_pam_rule('auth .* pam_faillock.so (preauth|authfail)').all_with_args('even_deny_root') }\n  end\n\n  describe pam('/etc/pam.d/system-auth') do\n    its('lines') { should match_pam_rules(required_lines) }\n    its('lines') { should match_pam_rule('auth .* pam_faillock.so (preauth|authfail)').all_with_args('even_deny_root') }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"] :: MESSAGE expected "account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so" to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"]
 Diff:
 @@ -1,4 +1,28 @@
 -auth required pam_faillock.so even_deny_root
 -auth sufficient pam_unix.so try_first_pass
--auth [default&#x3D;die] pam_faillock.so even_deny_root
+-auth [default=die] pam_faillock.so even_deny_root
 +account required pam_unix.so
 +account sufficient pam_localuser.so
 +account sufficient pam_succeed_if.so uid &lt; 1000 quiet
-+account [default&#x3D;bad success&#x3D;ok user_unknown&#x3D;ignore] pam_sss.so
++account [default=bad success=ok user_unknown=ignore] pam_sss.so
 +account required pam_permit.so
 +auth required pam_env.so
-+auth [default&#x3D;1 ignore&#x3D;ignore success&#x3D;ok] pam_succeed_if.so uid &gt;&#x3D; 1000 quiet
-+auth [default&#x3D;4 ignore&#x3D;ignore success&#x3D;ok] pam_localuser.so
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [success&#x3D;1 default&#x3D;bad] pam_unix.so try_first_pass
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth sufficient pam_faillock.so authsucc deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth requisite pam_succeed_if.so uid &gt;&#x3D; 1000 quiet_success
++auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid &gt;= 1000 quiet
++auth [default=4 ignore=ignore success=ok] pam_localuser.so
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [success=1 default=bad] pam_unix.so try_first_pass
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
++auth sufficient pam_faillock.so authsucc deny=3 unlock_time=604800 fail_interval=900
++auth requisite pam_succeed_if.so uid &gt;= 1000 quiet_success
 +auth sufficient pam_sss.so forward_pass
 +auth required pam_deny.so
-+password requisite pam_pwquality.so try_first_pass local_users_only retry&#x3D;3 authtok_type&#x3D;
-+password requisite pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
++password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
++password requisite pam_pwhistory.so use_authtok remember=5 retry=3
 +password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok
 +password sufficient pam_sss.so use_authtok
 +password required pam_deny.so
 +session optional pam_keyinit.so revoke
 +session required pam_limits.so
 +-session optional pam_systemd.so
-+session optional pam_oddjob_mkhomedir.so umask&#x3D;0077
-+session [success&#x3D;1 default&#x3D;ignore] pam_succeed_if.so service in crond quiet use_uid
++session optional pam_oddjob_mkhomedir.so umask=0077
++session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
 +session required pam_unix.so
 +session optional pam_sss.so
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
-expected &quot;auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900\nauth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900&quot; to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root :: MESSAGE expected "auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900\nauth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900" to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
 Diff:
 @@ -1,2 +1,3 @@
 -auth .* pam_faillock.so (preauth|authfail)
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
-expected &quot;account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so&quot; to include [&quot;auth required pam_faillock.so even_deny_root&quot;, &quot;auth sufficient pam_unix.so try_first_pass&quot;, &quot;auth [default&#x3D;die] pam_faillock.so even_deny_root&quot;]
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"] :: MESSAGE expected "account required pam_unix.so\naccount sufficient pam_localuser.so\naccount sufficient pam_succeed_if...eed_if.so service in crond quiet use_uid\nsession required pam_unix.so\nsession optional pam_sss.so" to include ["auth required pam_faillock.so even_deny_root", "auth sufficient pam_unix.so try_first_pass", "auth [default=die] pam_faillock.so even_deny_root"]
 Diff:
 @@ -1,4 +1,28 @@
 -auth required pam_faillock.so even_deny_root
 -auth sufficient pam_unix.so try_first_pass
--auth [default&#x3D;die] pam_faillock.so even_deny_root
+-auth [default=die] pam_faillock.so even_deny_root
 +account required pam_unix.so
 +account sufficient pam_localuser.so
 +account sufficient pam_succeed_if.so uid &lt; 1000 quiet
-+account [default&#x3D;bad success&#x3D;ok user_unknown&#x3D;ignore] pam_sss.so
++account [default=bad success=ok user_unknown=ignore] pam_sss.so
 +account required pam_permit.so
 +auth required pam_env.so
-+auth [default&#x3D;1 ignore&#x3D;ignore success&#x3D;ok] pam_succeed_if.so uid &gt;&#x3D; 1000 quiet
-+auth [default&#x3D;4 ignore&#x3D;ignore success&#x3D;ok] pam_localuser.so
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [success&#x3D;1 default&#x3D;bad] pam_unix.so try_first_pass
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth sufficient pam_faillock.so authsucc deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth requisite pam_succeed_if.so uid &gt;&#x3D; 1000 quiet_success
++auth [default=1 ignore=ignore success=ok] pam_succeed_if.so uid &gt;= 1000 quiet
++auth [default=4 ignore=ignore success=ok] pam_localuser.so
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [success=1 default=bad] pam_unix.so try_first_pass
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900
++auth sufficient pam_faillock.so authsucc deny=3 unlock_time=604800 fail_interval=900
++auth requisite pam_succeed_if.so uid &gt;= 1000 quiet_success
 +auth sufficient pam_sss.so forward_pass
 +auth required pam_deny.so
-+password requisite pam_pwquality.so try_first_pass local_users_only retry&#x3D;3 authtok_type&#x3D;
-+password requisite pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
++password requisite pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
++password requisite pam_pwhistory.so use_authtok remember=5 retry=3
 +password sufficient pam_unix.so sha512 shadow try_first_pass use_authtok
 +password sufficient pam_sss.so use_authtok
 +password required pam_deny.so
 +session optional pam_keyinit.so revoke
 +session required pam_limits.so
 +-session optional pam_systemd.so
-+session optional pam_oddjob_mkhomedir.so umask&#x3D;0077
-+session [success&#x3D;1 default&#x3D;ignore] pam_succeed_if.so service in crond quiet use_uid
++session optional pam_oddjob_mkhomedir.so umask=0077
++session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
 +session required pam_unix.so
 +session optional pam_sss.so
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
-expected &quot;auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900\nauth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900&quot; to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root :: MESSAGE expected "auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900\nauth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900" to include auth .* pam_faillock.so (preauth|authfail), all with args even_deny_root
 Diff:
 @@ -1,2 +1,3 @@
 -auth .* pam_faillock.so (preauth|authfail)
-+auth requisite pam_faillock.so preauth deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-+auth [default&#x3D;die] pam_faillock.so authfail deny&#x3D;3 unlock_time&#x3D;604800 fail_interval&#x3D;900
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71861</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86485r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
++auth requisite pam_faillock.so preauth deny=3 unlock_time=604800 fail_interval=900
++auth [default=die] pam_faillock.so authfail deny=3 unlock_time=604800 fail_interval=900</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71861</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86485r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 approved Standard Mandatory DoD Notice and Consent Banner before granting local
-or remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+or remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the operating system ensures privacy and security
 notification verbiage used is consistent with applicable federal laws,
@@ -4187,7 +4022,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -4212,14 +4047,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system displays the approved Standard Mandatory DoD
 Notice and Consent Banner before granting access to the operating system via a
 graphical user logon.
@@ -4230,9 +4065,9 @@ Applicable.
     Check that the operating system displays the exact approved Standard
 Mandatory DoD Notice and Consent Banner text with the command:
 
-    # grep banner-message-text &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    banner-message-text&#x3D;
-    &#39;You are accessing a U.S. Government (USG) Information System (IS) that is
+    # grep banner-message-text /etc/dconf/db/local.d/*
+    banner-message-text=
+    'You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.    By using this IS (which includes any device attached to this IS), you
 consent to the following conditions:    -The USG routinely intercepts and monitors communications on this IS for
 purposes including, but not limited to, penetration testing, COMSEC monitoring,
@@ -4245,16 +4080,16 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details. &#39;
+Agreement for details. '
 
-    Note: The &quot;     &quot; characters are for formatting only. They will not be displayed on the
+    Note: The "     " characters are for formatting only. They will not be displayed on the
 GUI.
 
     If the banner does not match the approved Standard Mandatory DoD Notice and
-Consent Banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Consent Banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the approved Standard Mandatory
 DoD Notice and Consent Banner before granting access to the system.
 
@@ -4264,16 +4099,16 @@ Applicable.
     Create a database to contain the system-wide graphical user logon settings
 (if it does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message
+    # touch /etc/dconf/db/local.d/01-banner-message
 
-    Add the following line to the [org&#x2F;gnome&#x2F;login-screen] section of the
-&quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message&quot;:
+    Add the following line to the [org/gnome/login-screen] section of the
+"/etc/dconf/db/local.d/01-banner-message":
 
-    [org&#x2F;gnome&#x2F;login-screen]
+    [org/gnome/login-screen]
 
-    banner-message-enable&#x3D;true
+    banner-message-enable=true
 
-    banner-message-text&#x3D;&#39;You are accessing a U.S. Government (USG) Information
+    banner-message-text='You are accessing a U.S. Government (USG) Information
 System (IS) that is provided for USG-authorized use only.    By using this IS (which includes any device attached to this IS), you
 consent to the following conditions:    -The USG routinely intercepts and monitors communications on this IS for
 purposes including, but not limited to, penetration testing, COMSEC monitoring,
@@ -4286,123 +4121,118 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details. &#39;
+Agreement for details. '
 
-    Note: The &quot;     &quot; characters are for formatting only. They will not be displayed on the
+    Note: The "     " characters are for formatting only. They will not be displayed on the
 GUI.
 
     Run the following command to update the database:
-    # dconf update</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>58889a4c-16a7-4a2f-b06d-9ce9b39d0c54</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-        Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72217</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000027-GPOS-00008</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86841r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # dconf update</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71861\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\napproved Standard Mandatory DoD Notice and Consent Banner before granting local\nor remote access to the system via a graphical user logon.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system displays the approved Standard Mandatory DoD\nNotice and Consent Banner before granting access to the operating system via a\ngraphical user logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check that the operating system displays the exact approved Standard\nMandatory DoD Notice and Consent Banner text with the command:\n\n    # grep banner-message-text /etc/dconf/db/local.d/*\n    banner-message-text=\n    'You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\\\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\\\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\\\n    -At any time, the USG may inspect and seize data stored on this IS.\\\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\\\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\\\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details. '\n\n    Note: The \\\"\\\n     \\\" characters are for formatting only. They will not be displayed on the\nGUI.\n\n    If the banner does not match the approved Standard Mandatory DoD Notice and\nConsent Banner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the approved Standard Mandatory\nDoD Notice and Consent Banner before granting access to the system.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following line to the [org/gnome/login-screen] section of the\n\\\"/etc/dconf/db/local.d/01-banner-message\\\":\n\n    [org/gnome/login-screen]\n\n    banner-message-enable=true\n\n    banner-message-text='You are accessing a U.S. Government (USG) Information\nSystem (IS) that is provided for USG-authorized use only.\\\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\\\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\\\n    -At any time, the USG may inspect and seize data stored on this IS.\\\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\\\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\\\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details. '\n\n    Note: The \\\"\\\n     \\\" characters are for formatting only. They will not be displayed on the\nGUI.\n\n    Run the following command to update the database:\n    # dconf update\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\",\n\"SRG-OS-000228-GPOS-00088\"]\n  tag gid: \"V-71861\"\n  tag rid: \"SV-86485r4_rule\"\n  tag stig_id: \"RHEL-07-010040\"\n  tag fix_id: \"F-78213r5_fix\"\n  tag cci: [\"CCI-000048\"]\n  tag nist: [\"AC-8 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    #Get all files that have the banner-message-text specified.\n    banner_files =\n      command(\"grep -l banner-message-text /etc/dconf/db/local.d/*\").stdout.split(\"\\n\")\n\n    #If there are no banner files then this is a finding.\n    banner_missing = banner_files.empty?\n    describe \"If no files specify the banner text then this is a finding\" do\n      subject { banner_missing }\n      it{should be false}\n    end if banner_missing\n\n    #If there are banner files then check them to make sure they have the correct text.\n    banner_files.each do |banner_file|\n      banner_message =\n        parse_config_file(banner_file).params(\"banner-message-text\").gsub(%r{[\\r\\n\\s]}, '')\n      #dconf expects the banner-message-text to be quoted so remove leading and trailing quote.\n      #See https://developer.gnome.org/dconf/unstable/dconf-tool.html which states:\n      #  VALUE arguments must be in GVariant format, so e.g. a string must include\n      #  explicit quotes: \"'foo'\". This format is also used when printing out values.\n      if banner_message.start_with?('\"') || banner_message.start_with?('\\'')\n        banner_message = banner_message[1,banner_message.length]\n      end\n      if banner_message.end_with?('\"') || banner_message.end_with?('\\'')\n        banner_message = banner_message.chop\n      end\n      describe.one do\n        describe banner_message do\n          it{should cmp banner_message_text_gui.gsub(%r{[\\r\\n\\s]}, '')}\n        end\n        describe banner_message do\n          it{should cmp banner_message_text_gui_limited.gsub(%r{[\\r\\n\\s]}, '')}\n        end\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n        Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+        Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72217</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000027-GPOS-00008</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86841r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must limit the number of
-concurrent sessions to 10 for all accounts and&#x2F;or account types.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+concurrent sessions to 10 for all accounts and/or account types.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Operating system management includes the ability to control the number
 of users and user sessions that utilize an operating system. Limiting the
 number of allowed users and sessions per user is helpful in reducing the risks
@@ -4411,149 +4241,143 @@ related to DoS attacks.
     This requirement addresses concurrent sessions for information system
 accounts and does not address concurrent sessions by single users via multiple
 system accounts. The maximum number of concurrent sessions should be defined
-based on mission needs and the operational environment for each system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+based on mission needs and the operational environment for each system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system limits the number of concurrent sessions to
-&quot;10&quot; for all accounts and&#x2F;or account types by issuing the following command:
+"10" for all accounts and/or account types by issuing the following command:
 
-    # grep &quot;maxlogins&quot; &#x2F;etc&#x2F;security&#x2F;limits.conf &#x2F;etc&#x2F;security&#x2F;limits.d&#x2F;*.conf
+    # grep "maxlogins" /etc/security/limits.conf /etc/security/limits.d/*.conf
 
     * hard maxlogins 10
 
     This can be set as a global domain (with the * wildcard) but may be set
 differently for multiple domains.
 
-    If the &quot;maxlogins&quot; item is missing, commented out, or the value is not
-set to &quot;10&quot; or less for all domains that have the &quot;maxlogins&quot; item
-assigned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "maxlogins" item is missing, commented out, or the value is not
+set to "10" or less for all domains that have the "maxlogins" item
+assigned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to limit the number of concurrent sessions
-to &quot;10&quot; for all accounts and&#x2F;or account types.
-
-    Add the following line to the top of the &#x2F;etc&#x2F;security&#x2F;limits.conf or in a
-&quot;.conf&quot; file defined in &#x2F;etc&#x2F;security&#x2F;limits.d&#x2F; :
-
-    * hard maxlogins 10</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fb84b91b-6261-4aea-a9c1-164af3cede9e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Files configuring maxlogins less than or equal to 10 is expected to be positive
---------------------------------
-passed
-Files configuring maxlogins greater than 10 is expected to cmp &#x3D;&#x3D; []</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72047</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86671r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021030</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+to "10" for all accounts and/or account types.
+
+    Add the following line to the top of the /etc/security/limits.conf or in a
+".conf" file defined in /etc/security/limits.d/ :
+
+    * hard maxlogins 10</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72217\" do\n  title \"The Red Hat Enterprise Linux operating system must limit the number of\nconcurrent sessions to 10 for all accounts and/or account types.\"\n  desc  \"Operating system management includes the ability to control the number\nof users and user sessions that utilize an operating system. Limiting the\nnumber of allowed users and sessions per user is helpful in reducing the risks\nrelated to DoS attacks.\n\n    This requirement addresses concurrent sessions for information system\naccounts and does not address concurrent sessions by single users via multiple\nsystem accounts. The maximum number of concurrent sessions should be defined\nbased on mission needs and the operational environment for each system.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system limits the number of concurrent sessions to\n\\\"10\\\" for all accounts and/or account types by issuing the following command:\n\n    # grep \\\"maxlogins\\\" /etc/security/limits.conf /etc/security/limits.d/*.conf\n\n    * hard maxlogins 10\n\n    This can be set as a global domain (with the * wildcard) but may be set\ndifferently for multiple domains.\n\n    If the \\\"maxlogins\\\" item is missing, commented out, or the value is not\nset to \\\"10\\\" or less for all domains that have the \\\"maxlogins\\\" item\nassigned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to limit the number of concurrent sessions\nto \\\"10\\\" for all accounts and/or account types.\n\n    Add the following line to the top of the /etc/security/limits.conf or in a\n\\\".conf\\\" file defined in /etc/security/limits.d/ :\n\n    * hard maxlogins 10\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000027-GPOS-00008\"\n  tag gid: \"V-72217\"\n  tag rid: \"SV-86841r3_rule\"\n  tag stig_id: \"RHEL-07-040000\"\n  tag fix_id: \"F-78571r2_fix\"\n  tag cci: [\"CCI-000054\"]\n  tag nist: [\"AC-10\", \"Rev_4\"]\n\n  maxlogins_limit = input('maxlogins_limit')\n\n  # Collect any files under limits.d if they exist\n  limits_files = directory('/etc/security/limits.d').exist? ? command('ls /etc/security/limits.d/*.conf').stdout.strip.lines : []\n  # Add limits.conf to the list\n  limits_files.push('/etc/security/limits.conf')\n  compliant_files = []\n  noncompliant_files = []\n\n  limits_files.each do |limits_file|\n    # Get any universal limits from each file\n    local_limits = limits_conf(limits_file).*\n    # If we got an array (results) check further\n    if local_limits.is_a?(Array)\n      local_limits.each do |temp_limit|\n        # For each result check if it is a 'hard' limit for 'maxlogins'\n        if temp_limit.include?('hard') &amp;&amp; temp_limit.include?('maxlogins')\n          # If the limit is in range, push to compliant files\n          if temp_limit[-1].to_i &lt;= maxlogins_limit\n            compliant_files.push(limits_file)\n          # Otherwise add to noncompliant files\n          else\n            noncompliant_files.push(limits_file)\n          end\n        end\n      end\n    end\n  end\n\n  # It is required that at least 1 file contain compliant configuration\n  describe \"Files configuring maxlogins less than or equal to #{maxlogins_limit}\" do\n    subject { compliant_files.length }\n    it { should be_positive }\n  end\n\n  # No files should set 'hard' 'maxlogins' to any noncompliant value\n  describe \"Files configuring maxlogins greater than #{maxlogins_limit}\" do\n    subject { noncompliant_files }\n    it { should cmp [] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Files configuring maxlogins less than or equal to 10 is expected to be positive
+--------------------------------
+passed :: TEST Files configuring maxlogins greater than 10 is expected to cmp == []</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72047</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86671r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all world-writable directories are group-owned by root, sys, bin, or an
-application group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+application group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a world-writable directory has the sticky bit set and is not
 group-owned by a privileged Group Identifier (GID), unauthorized users may be
 able to modify files created by others.
@@ -4561,15 +4385,15 @@ able to modify files created by others.
     The only authorized public directories are those temporary directories
 supplied with the system or those designed to be temporary file repositories.
 The setting is normally reserved for directories used by the system and by
-users for temporary file storage, (e.g., &#x2F;tmp), and for directories requiring
-global read&#x2F;write access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+users for temporary file storage, (e.g., /tmp), and for directories requiring
+global read/write access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all world-writable directories are group-owned by root, sys, bin, or
 an application group.
 
@@ -4578,1919 +4402,1827 @@ an application group.
     Note: The value after -fstype must be replaced with the filesystem type.
 XFS is used as an example.
 
-    # find &#x2F; -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \;
-    drwxrwxrwt 2 root root 40 Aug 26 13:07 &#x2F;dev&#x2F;mqueue
-    drwxrwxrwt 2 root root 220 Aug 26 13:23 &#x2F;dev&#x2F;shm
-    drwxrwxrwt 14 root root 4096 Aug 26 13:29 &#x2F;tmp
+    # find / -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \;
+    drwxrwxrwt 2 root root 40 Aug 26 13:07 /dev/mqueue
+    drwxrwxrwt 2 root root 220 Aug 26 13:23 /dev/shm
+    drwxrwxrwt 14 root root 4096 Aug 26 13:29 /tmp
 
     If any world-writable directories are not owned by root, sys, bin, or an
-application group associated with the directory, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+application group associated with the directory, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Change the group of the world-writable directories to root with the
 following command:
 
-    # chgrp root &lt;directory&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>afde21f0-1fec-4bfa-9446-237725f52d26</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;var&#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;var&#x2F;tmp&#x2F;cloud-init group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;var&#x2F;tmp&#x2F;systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-U8pkhb&#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.XIM-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.Test-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.ICE-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.font-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;.X11-unix group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;
---------------------------------
-passed
-File &#x2F;tmp&#x2F;systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-Te8mBP&#x2F;tmp group is expected to be in &quot;root&quot;, &quot;sys&quot;, and &quot;bin&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72173</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86797r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030750</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chgrp root &lt;directory&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72047\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all world-writable directories are group-owned by root, sys, bin, or an\napplication group.\"\n  desc  \"If a world-writable directory has the sticky bit set and is not\ngroup-owned by a privileged Group Identifier (GID), unauthorized users may be\nable to modify files created by others.\n\n    The only authorized public directories are those temporary directories\nsupplied with the system or those designed to be temporary file repositories.\nThe setting is normally reserved for directories used by the system and by\nusers for temporary file storage, (e.g., /tmp), and for directories requiring\nglobal read/write access.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all world-writable directories are group-owned by root, sys, bin, or\nan application group.\n\n    Check the system for world-writable directories with the following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    # find / -xdev -perm -002 -type d -fstype xfs -exec ls -lLd {} \\\\;\n    drwxrwxrwt 2 root root 40 Aug 26 13:07 /dev/mqueue\n    drwxrwxrwt 2 root root 220 Aug 26 13:23 /dev/shm\n    drwxrwxrwt 14 root root 4096 Aug 26 13:29 /tmp\n\n    If any world-writable directories are not owned by root, sys, bin, or an\napplication group associated with the directory, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group of the world-writable directories to root with the\nfollowing command:\n\n    # chgrp root &lt;directory&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72047\"\n  tag rid: \"SV-86671r4_rule\"\n  tag stig_id: \"RHEL-07-021030\"\n  tag fix_id: \"F-78399r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  application_groups = input('application_groups')\n\n  ww_dirs = Set[]\n  partitions = etc_fstab.params.map{|partition| partition['file_system_type']}.uniq\n  partitions.each do |part|\n    cmd = \"find / -perm -002 -xdev -type d -fstype #{part} -exec ls -lLd {} \\\\;\"\n    ww_dirs = ww_dirs + command(cmd).stdout.split(\"\\n\")\n  end\n\n  ww_dirs.to_a.each do |curr_dir|\n    dir_arr = curr_dir.split(' ')\n    describe file(dir_arr.last) do\n      its('group') { should be_in [\"root\",\"sys\",\"bin\"] + application_groups }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /var/tmp group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /var/tmp/cloud-init group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /var/tmp/systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-U8pkhb/tmp group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.XIM-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.Test-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.ICE-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.font-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/.X11-unix group is expected to be in "root", "sys", and "bin"
+--------------------------------
+passed :: TEST File /tmp/systemd-private-d24354a1797e4846b9e800d6f612ef8f-chronyd.service-Te8mBP/tmp group is expected to be in "root", "sys", and "bin"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72173</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86797r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030750</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the umount command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the umount command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged mount commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;umount&quot; command occur.
+successful/unsuccessful attempts to use the "umount" command occur.
 
     Check that the following system call is being audited by performing the
 following series of commands to check the file system rules in
-&quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+"/etc/audit/audit.rules":
 
-    # grep -iw &quot;&#x2F;usr&#x2F;bin&#x2F;umount&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw "/usr/bin/umount" /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;umount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;umount&quot; command occur.
+successful/unsuccessful attempts to use the "umount" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;umount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f145be16-909e-41f1-831e-26b814d64c7b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;bin&#x2F;umount&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;bin&#x2F;umount&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72149</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86773r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030630</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72173\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe umount command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged mount commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"umount\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing series of commands to check the file system rules in\n\\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw \\\"/usr/bin/umount\\\" /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"umount\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/umount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72173\"\n  tag rid: \"SV-86797r5_rule\"\n  tag stig_id: \"RHEL-07-030750\"\n  tag fix_id: \"F-78527r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/bin/umount'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/bin/umount" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/bin/umount" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72149</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86773r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030630</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the passwd command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the passwd command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;passwd&quot; command occur.
+successful/unsuccessful attempts to use the "passwd" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;passwd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/passwd /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;passwd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;passwd&quot; command occur.
+successful/unsuccessful attempts to use the "passwd" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;passwd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2c45561e-2b96-4ca7-ae9b-5ef4c6ce355d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;passwd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;passwd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71927</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86551r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72149\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe passwd command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"passwd\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/passwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"passwd\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/passwd -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72149\"\n  tag rid: \"SV-86773r5_rule\"\n  tag stig_id: \"RHEL-07-030630\"\n  tag fix_id: \"F-78501r6_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n  \n  audit_file = '/usr/bin/passwd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/passwd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/passwd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71927</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86551r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords are restricted to a 24 hours&#x2F;1 day minimum lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords are restricted to a 24 hours/1 day minimum lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enforcing a minimum password lifetime helps to prevent repeated
 password changes to defeat the password reuse or history enforcement
 requirement. If users are allowed to immediately and continually change their
 password, the password could be repeatedly changed in a short period of time to
-defeat the organization&#39;s policy regarding password reuse.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+defeat the organization's policy regarding password reuse.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check whether the minimum time period between password changes for each
 user account is one day or greater.
 
-    # awk -F: &#39;$4 &lt; 1 {print $1 &quot; &quot; $4}&#39; &#x2F;etc&#x2F;shadow
+    # awk -F: '$4 &lt; 1 {print $1 " " $4}' /etc/shadow
 
     If any results are returned that are not associated with a system account,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure non-compliant accounts to enforce a 24 hours&#x2F;1 day minimum
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure non-compliant accounts to enforce a 24 hours/1 day minimum
 password lifetime:
 
-    # chage -m 1 [user]</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5b366cc1-a99f-4a53-aed0-182eee5be7e3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;shadow with user &#x3D;&#x3D; &quot;ec2-user&quot; min_days.first.to_i is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72105</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86729r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030410</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chage -m 1 [user]</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71927\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords are restricted to a 24 hours/1 day minimum lifetime.\"\n  desc  \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check whether the minimum time period between password changes for each\nuser account is one day or greater.\n\n    # awk -F: '$4 &lt; 1 {print $1 \\\" \\\" $4}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure non-compliant accounts to enforce a 24 hours/1 day minimum\npassword lifetime:\n\n    # chage -m 1 [user]\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000075-GPOS-00043\"\n  tag gid: \"V-71927\"\n  tag rid: \"SV-86551r2_rule\"\n  tag stig_id: \"RHEL-07-010240\"\n  tag fix_id: \"F-78279r1_fix\"\n  tag cci: [\"CCI-000198\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  shadow.users.each do |user|\n    # filtering on non-system accounts (uid &gt;= 1000)\n    next unless user(user).uid &gt;= 1000\n    describe shadow.users(user) do\n      its('min_days.first.to_i') { should cmp &gt;= 1 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/shadow with user == "ec2-user" min_days.first.to_i is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72105</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86729r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030410</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chmod syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chmod syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "chmod" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following command:
 
-    # grep -iw chmod &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw chmod /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;chmod&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"chmod" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "chmod" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4b9de4e3-5f24-40c5-a0d1-1f6f90d6c04d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72255</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86879r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040410</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72105\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chmod syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chmod\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing command:\n\n    # grep -iw chmod /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"chmod\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chmod\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72105\"\n  tag rid: \"SV-86729r5_rule\"\n  tag stig_id: \"RHEL-07-030410\"\n  tag fix_id: \"F-78457r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"chmod\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"chmod\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "chmod" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chmod" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chmod" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chmod" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72255</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86879r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040410</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH public host key files have mode 0644 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH public host key files have mode 0644 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a public host key file is modified by an unauthorized user, the SSH
-service may be compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the SSH public host key files have mode &quot;0644&quot; or less permissive.
+service may be compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the SSH public host key files have mode "0644" or less permissive.
 
     Note: SSH public key files may be found in other directories on the system
 depending on the installation.
 
     The following command will find all SSH public key files on the system:
 
-    # find &#x2F;etc&#x2F;ssh -name &#39;*.pub&#39; -exec ls -lL {} \;
+    # find /etc/ssh -name '*.pub' -exec ls -lL {} \;
 
     -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub
     -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub
     -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub
 
-    If any file has a mode more permissive than &quot;0644&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any file has a mode more permissive than "0644", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: SSH public key files may be found in other directories on the system
 depending on the installation.
 
-    Change the mode of public host key files under &quot;&#x2F;etc&#x2F;ssh&quot; to &quot;0644&quot;
+    Change the mode of public host key files under "/etc/ssh" to "0644"
 with the following command:
 
-    # chmod 0644 &#x2F;etc&#x2F;ssh&#x2F;*.key.pub</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>132205c3-d7e1-4912-8e7b-e9ac36dbe07b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72087</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86711r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chmod 0644 /etc/ssh/*.key.pub</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72255\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH public host key files have mode 0644 or less permissive.\"\n  desc  \"If a public host key file is modified by an unauthorized user, the SSH\nservice may be compromised.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH public host key files have mode \\\"0644\\\" or less permissive.\n\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation.\n\n    The following command will find all SSH public key files on the system:\n\n    # find /etc/ssh -name '*.pub' -exec ls -lL {} \\\\;\n\n    -rw-r--r-- 1 root root 618 Nov 28 06:43 ssh_host_dsa_key.pub\n    -rw-r--r-- 1 root root 347 Nov 28 06:43 ssh_host_key.pub\n    -rw-r--r-- 1 root root 238 Nov 28 06:43 ssh_host_rsa_key.pub\n\n    If any file has a mode more permissive than \\\"0644\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Note: SSH public key files may be found in other directories on the system\ndepending on the installation.\n\n    Change the mode of public host key files under \\\"/etc/ssh\\\" to \\\"0644\\\"\nwith the following command:\n\n    # chmod 0644 /etc/ssh/*.key.pub\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72255\"\n  tag rid: \"SV-86879r2_rule\"\n  tag stig_id: \"RHEL-07-040410\"\n  tag fix_id: \"F-78609r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  pub_files = command(\"find /etc/ssh -xdev -name '*.pub' -perm /133\").stdout.split(\"\\n\")\n  if !pub_files.nil? and !pub_files.empty?\n    pub_files.each do |pubfile|\n      describe file(pubfile) do\n        it { should_not be_executable.by('owner') }\n        it { should_not be_executable.by('group') }\n        it { should_not be_writable.by('group') }\n        it { should_not be_executable.by('others') }\n        it { should_not be_writable.by('others') }\n      end\n    end\n  else\n     describe \"No files have a more permissive mode.\" do\n      subject { pub_files.nil? or pub_files.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72087</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86711r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the audit system takes appropriate action when the audit storage volume is
-full.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+full.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Taking appropriate action in case of a filled audit storage volume
-will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the action the operating system takes if the disk the audit records
 are written to becomes full.
 
     To determine the action that takes place if the disk is full on the remote
 server, use the following command:
 
-    # grep -i disk_full_action &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    disk_full_action &#x3D; single
+    # grep -i disk_full_action /etc/audisp/audisp-remote.conf
+    disk_full_action = single
 
-    If the value of the &quot;disk_full_action&quot; option is not &quot;syslog&quot;,
-&quot;single&quot;, or &quot;halt&quot;, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "disk_full_action" option is not "syslog",
+"single", or "halt", or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the action the operating system takes if the disk the audit
 records are written to becomes full.
 
-    Uncomment or edit the &quot;disk_full_action&quot; option in
-&quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot; and set it to &quot;syslog&quot;, &quot;single&quot;, or
-&quot;halt&quot;, such as the following line:
-
-    disk_full_action &#x3D; single</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>34e4f89e-b510-4973-9f4d-c6bf021c34c0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
---------------------------------
-skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72259</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86883r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Uncomment or edit the "disk_full_action" option in
+"/etc/audisp/audisp-remote.conf" and set it to "syslog", "single", or
+"halt", such as the following line:
+
+    disk_full_action = single</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72087\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the audit system takes appropriate action when the audit storage volume is\nfull.\"\n  desc  \"Taking appropriate action in case of a filled audit storage volume\nwill minimize the possibility of losing audit records.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the action the operating system takes if the disk the audit records\nare written to becomes full.\n\n    To determine the action that takes place if the disk is full on the remote\nserver, use the following command:\n\n    # grep -i disk_full_action /etc/audisp/audisp-remote.conf\n    disk_full_action = single\n\n    If the value of the \\\"disk_full_action\\\" option is not \\\"syslog\\\",\n\\\"single\\\", or \\\"halt\\\", or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the action the operating system takes if the disk the audit\nrecords are written to becomes full.\n\n    Uncomment or edit the \\\"disk_full_action\\\" option in\n\\\"/etc/audisp/audisp-remote.conf\\\" and set it to \\\"syslog\\\", \\\"single\\\", or\n\\\"halt\\\", such as the following line:\n\n    disk_full_action = single\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag gid: \"V-72087\"\n  tag rid: \"SV-86711r3_rule\"\n  tag stig_id: \"RHEL-07-030320\"\n  tag fix_id: \"F-78439r4_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('disk_full_action'.to_s) { should be_in ['syslog', 'single', 'halt'] }\n  end\n\n# Test matches ./inspec-profiles/controls/V-73163.rb\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('network_failure_action'.to_s) { should be_in ['syslog', 'single', 'halt'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf
+--------------------------------
+skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72259</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86883r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not permit Generic Security Service Application
-Program Interface (GSSAPI) authentication unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Program Interface (GSSAPI) authentication unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>GSSAPI authentication is used to provide additional authentication
 mechanisms to applications. Allowing GSSAPI authentication through SSH exposes
-the system&#39;s GSSAPI to remote hosts, increasing the attack surface of the
-system. GSSAPI authentication must be disabled unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+the system's GSSAPI to remote hosts, increasing the attack surface of the
+system. GSSAPI authentication must be disabled unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not permit GSSAPI authentication unless approved.
 
     Check that the SSH daemon does not permit GSSAPI authentication with the
 following command:
 
-    # grep -i gssapiauth &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i gssapiauth /etc/ssh/sshd_config
     GSSAPIAuthentication no
 
-    If the &quot;GSSAPIAuthentication&quot; keyword is missing, is set to &quot;yes&quot; and
+    If the "GSSAPIAuthentication" keyword is missing, is set to "yes" and
 is not documented with the Information System Security Officer (ISSO), or the
-returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;GSSAPIAuthentication&quot; keyword in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;
+returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "GSSAPIAuthentication" keyword in "/etc/ssh/sshd_config"
 (this file may be named differently or be in a different location if using a
 version of SSH that is provided by a third-party vendor) and set the value to
-&quot;no&quot;:
+"no":
 
     GSSAPIAuthentication no
 
     The SSH service must be restarted for changes to take effect.
 
     If GSSAPI authentication is required, it must be documented, to include the
-location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1667a1f9-1377-415a-9625-976716d68e86</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration GSSAPIAuthentication is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73163</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87815r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030321</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72259\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not permit Generic Security Service Application\nProgram Interface (GSSAPI) authentication unless needed.\"\n  desc  \"GSSAPI authentication is used to provide additional authentication\nmechanisms to applications. Allowing GSSAPI authentication through SSH exposes\nthe system's GSSAPI to remote hosts, increasing the attack surface of the\nsystem. GSSAPI authentication must be disabled unless needed.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not permit GSSAPI authentication unless approved.\n\n    Check that the SSH daemon does not permit GSSAPI authentication with the\nfollowing command:\n\n    # grep -i gssapiauth /etc/ssh/sshd_config\n    GSSAPIAuthentication no\n\n    If the \\\"GSSAPIAuthentication\\\" keyword is missing, is set to \\\"yes\\\" and\nis not documented with the Information System Security Officer (ISSO), or the\nreturned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"GSSAPIAuthentication\\\" keyword in \\\"/etc/ssh/sshd_config\\\"\n(this file may be named differently or be in a different location if using a\nversion of SSH that is provided by a third-party vendor) and set the value to\n\\\"no\\\":\n\n    GSSAPIAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n\n    If GSSAPI authentication is required, it must be documented, to include the\nlocation of the configuration file, with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000364-GPOS-00151\"\n  tag gid: \"V-72259\"\n  tag rid: \"SV-86883r3_rule\"\n  tag stig_id: \"RHEL-07-040430\"\n  tag fix_id: \"F-78613r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('GSSAPIAuthentication') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration GSSAPIAuthentication is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73163</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87815r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030321</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the audit system takes appropriate action when there is an error sending
-audit records to a remote system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+audit records to a remote system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Taking appropriate action when there is an error sending audit records
-to a remote system will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to a remote system will minimize the possibility of losing audit records.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the action the operating system takes if there is an error sending
 audit records to a remote system.
 
     Check the action that takes place if there is an error sending audit
 records to a remote system with the following command:
 
-    # grep -i network_failure_action &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    network_failure_action &#x3D; syslog
+    # grep -i network_failure_action /etc/audisp/audisp-remote.conf
+    network_failure_action = syslog
 
-    If the value of the &quot;network_failure_action&quot; option is not &quot;syslog&quot;,
-&quot;single&quot;, or &quot;halt&quot;, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "network_failure_action" option is not "syslog",
+"single", or "halt", or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the action the operating system takes if there is an error
 sending audit records to a remote system.
 
-    Uncomment the &quot;network_failure_action&quot; option in
-&quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot; and set it to &quot;syslog&quot;, &quot;single&quot;, or
-&quot;halt&quot;.
-
-    network_failure_action &#x3D; syslog</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d0c3e45f-5217-4269-811d-2b5b0a1514e5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72289</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86913r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040640</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Uncomment the "network_failure_action" option in
+"/etc/audisp/audisp-remote.conf" and set it to "syslog", "single", or
+"halt".
+
+    network_failure_action = syslog</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73163\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the audit system takes appropriate action when there is an error sending\naudit records to a remote system.\"\n  desc  \"Taking appropriate action when there is an error sending audit records\nto a remote system will minimize the possibility of losing audit records.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the action the operating system takes if there is an error sending\naudit records to a remote system.\n\n    Check the action that takes place if there is an error sending audit\nrecords to a remote system with the following command:\n\n    # grep -i network_failure_action /etc/audisp/audisp-remote.conf\n    network_failure_action = syslog\n\n    If the value of the \\\"network_failure_action\\\" option is not \\\"syslog\\\",\n\\\"single\\\", or \\\"halt\\\", or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the action the operating system takes if there is an error\nsending audit records to a remote system.\n\n    Uncomment the \\\"network_failure_action\\\" option in\n\\\"/etc/audisp/audisp-remote.conf\\\" and set it to \\\"syslog\\\", \\\"single\\\", or\n\\\"halt\\\".\n\n    network_failure_action = syslog\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag gid: \"V-73163\"\n  tag rid: \"SV-87815r3_rule\"\n  tag stig_id: \"RHEL-07-030321\"\n  tag fix_id: \"F-79609r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('network_failure_action'.to_s) { should be_in ['syslog', 'single', 'halt'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72289</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86913r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040640</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent Internet
 Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect
-messages from being accepted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+messages from being accepted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages modify the
-host&#39;s route table and are unauthenticated. An illicit ICMP redirect message
-could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+host's route table and are unauthenticated. An illicit ICMP redirect message
+could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system will not accept IPv4 ICMP redirect messages.
 
-    # grep &#39;net.ipv4.conf.default.accept_redirects&#39; &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.default.accept_redirects' /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    If &quot; net.ipv4.conf.default.accept_redirects &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.default.accept_redirects " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the value of the
-&quot;accept_redirects&quot; variables with the following command:
+"accept_redirects" variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.default.accept_redirects&#39;
-    net.ipv4.conf.default.accept_redirects &#x3D; 0
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.accept_redirects'
+    net.ipv4.conf.default.accept_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to not accept IPv4 ICMP redirect messages by adding the
-following line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the
-&#x2F;etc&#x2F;sysctl.d&#x2F; directory (or modify the line to have the required value):
+following line to "/etc/sysctl.conf" or a configuration file in the
+/etc/sysctl.d/ directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.accept_redirects &#x3D; 0
+    net.ipv4.conf.default.accept_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3457950b-f49c-4827-adbf-2f7116b3d4e2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.accept_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72099</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86723r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030380</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72289\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent Internet\nProtocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect\nmessages from being accepted.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages modify the\nhost's route table and are unauthenticated. An illicit ICMP redirect message\ncould result in a man-in-the-middle attack.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system will not accept IPv4 ICMP redirect messages.\n\n    # grep 'net.ipv4.conf.default.accept_redirects' /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    If \\\" net.ipv4.conf.default.accept_redirects \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the value of the\n\\\"accept_redirects\\\" variables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.accept_redirects'\n    net.ipv4.conf.default.accept_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to not accept IPv4 ICMP redirect messages by adding the\nfollowing line to \\\"/etc/sysctl.conf\\\" or a configuration file in the\n/etc/sysctl.d/ directory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.accept_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72289\"\n  tag rid: \"SV-86913r3_rule\"\n  tag stig_id: \"RHEL-07-040640\"\n  tag fix_id: \"F-78643r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.accept_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.accept_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72099</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86723r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030380</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchown syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchown syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchown&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchown" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fchown &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchown /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchown&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchown" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>84f377bd-2fb3-470a-a5b9-9de61d19253a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71943</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86567r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72099\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchown syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchown\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fchown /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchown\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72099\"\n  tag rid: \"SV-86723r5_rule\"\n  tag stig_id: \"RHEL-07-030380\"\n  tag fix_id: \"F-78451r8_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchown\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchown\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchown" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchown" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchown" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchown" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71943</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000329-GPOS-00128</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86567r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
 lock accounts for a minimum of 15 minutes after three unsuccessful logon
-attempts within a 15-minute timeframe.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+attempts within a 15-minute timeframe.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>By limiting the number of failed logon attempts, the risk of
 unauthorized system access via user password guessing, otherwise known as
-brute-forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+brute-forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check that the system locks an account for a minimum of 15 minutes after
 three unsuccessful logon attempts within a period of 15 minutes with the
 following command:
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep pam_faillock.so /etc/pam.d/password-auth
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;deny&quot; parameter is set to &quot;0&quot; or a value less than &quot;3&quot; on
-both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module, or is missing from
+    If the "deny" parameter is set to "0" or a value less than "3" on
+both "auth" lines with the "pam_faillock.so" module, or is missing from
 these lines, this is a finding.
 
-    If the &quot;even_deny_root&quot; parameter is not set on both &quot;auth&quot; lines with
-the &quot;pam_faillock.so&quot; module, or is missing from these lines, this is a
+    If the "even_deny_root" parameter is not set on both "auth" lines with
+the "pam_faillock.so" module, or is missing from these lines, this is a
 finding.
 
-    If the &quot;fail_interval&quot; parameter is set to &quot;0&quot; or is set to a value
-less than &quot;900&quot; on both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module,
+    If the "fail_interval" parameter is set to "0" or is set to a value
+less than "900" on both "auth" lines with the "pam_faillock.so" module,
 or is missing from these lines, this is a finding.
 
-    If the &quot;unlock_time&quot; parameter is not set to &quot;0&quot;, &quot;never&quot;, or is set
-to a value less than &quot;900&quot; on both &quot;auth&quot; lines with the
-&quot;pam_faillock.so&quot; module, or is missing from these lines, this is a finding.
+    If the "unlock_time" parameter is not set to "0", "never", or is set
+to a value less than "900" on both "auth" lines with the
+"pam_faillock.so" module, or is missing from these lines, this is a finding.
 
-    Note: The maximum configurable value for &quot;unlock_time&quot; is &quot;604800&quot;.
+    Note: The maximum configurable value for "unlock_time" is "604800".
 
-    If any line referencing the &quot;pam_faillock.so&quot; module is commented out,
+    If any line referencing the "pam_faillock.so" module is commented out,
 this is a finding.
 
-    # grep pam_faillock.so &#x2F;etc&#x2F;pam.d&#x2F;system-auth
+    # grep pam_faillock.so /etc/pam.d/system-auth
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
-    If the &quot;deny&quot; parameter is set to &quot;0&quot; or a value less than &quot;3&quot; on
-both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module, or is missing from
+    If the "deny" parameter is set to "0" or a value less than "3" on
+both "auth" lines with the "pam_faillock.so" module, or is missing from
 these lines, this is a finding.
 
-    If the &quot;even_deny_root&quot; parameter is not set on both &quot;auth&quot; lines with
-the &quot;pam_faillock.so&quot; module, or is missing from these lines, this is a
+    If the "even_deny_root" parameter is not set on both "auth" lines with
+the "pam_faillock.so" module, or is missing from these lines, this is a
 finding.
 
-    If the &quot;fail_interval&quot; parameter is set to &quot;0&quot; or is set to a value
-less than &quot;900&quot; on both &quot;auth&quot; lines with the &quot;pam_faillock.so&quot; module,
+    If the "fail_interval" parameter is set to "0" or is set to a value
+less than "900" on both "auth" lines with the "pam_faillock.so" module,
 or is missing from these lines, this is a finding.
 
-    If the &quot;unlock_time&quot; parameter is not set to &quot;0&quot;, &quot;never&quot;, or is set
-to a value less than &quot;900&quot; on both &quot;auth&quot; lines with the
-&quot;pam_faillock.so&quot; module or is missing from these lines, this is a finding.
+    If the "unlock_time" parameter is not set to "0", "never", or is set
+to a value less than "900" on both "auth" lines with the
+"pam_faillock.so" module or is missing from these lines, this is a finding.
 
-    Note: The maximum configurable value for &quot;unlock_time&quot; is &quot;604800&quot;.
-    If any line referencing the &quot;pam_faillock.so&quot; module is commented out,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    Note: The maximum configurable value for "unlock_time" is "604800".
+    If any line referencing the "pam_faillock.so" module is commented out,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to lock an account for the maximum period
 when three unsuccessful logon attempts in 15 minutes are made.
 
     Modify the first three lines of the auth section and the first line of the
-account section of the &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; files to match the following lines:
+account section of the "/etc/pam.d/system-auth" and
+"/etc/pam.d/password-auth" files to match the following lines:
 
-    auth required pam_faillock.so preauth silent audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     auth sufficient pam_unix.so try_first_pass
-    auth [default&#x3D;die] pam_faillock.so authfail audit deny&#x3D;3 even_deny_root
-fail_interval&#x3D;900 unlock_time&#x3D;900
+    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root
+fail_interval=900 unlock_time=900
     account required pam_faillock.so
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>44b6acee-f343-44b4-bc8a-9333ec4c0412</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002236</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>error
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines 
-undefined local variable or method &#x60;required_rules&#39; for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDPasswordAuth_2::Lines:0x00007fb47b50fc08&gt;
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71943\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nlock accounts for a minimum of 15 minutes after three unsuccessful logon\nattempts within a 15-minute timeframe.\"\n  desc  \"By limiting the number of failed logon attempts, the risk of\nunauthorized system access via user password guessing, otherwise known as\nbrute-forcing, is reduced. Limits are imposed by locking the account.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check that the system locks an account for a minimum of 15 minutes after\nthree unsuccessful logon attempts within a period of 15 minutes with the\nfollowing command:\n\n    # grep pam_faillock.so /etc/pam.d/password-auth\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"deny\\\" parameter is set to \\\"0\\\" or a value less than \\\"3\\\" on\nboth \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module, or is missing from\nthese lines, this is a finding.\n\n    If the \\\"even_deny_root\\\" parameter is not set on both \\\"auth\\\" lines with\nthe \\\"pam_faillock.so\\\" module, or is missing from these lines, this is a\nfinding.\n\n    If the \\\"fail_interval\\\" parameter is set to \\\"0\\\" or is set to a value\nless than \\\"900\\\" on both \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module,\nor is missing from these lines, this is a finding.\n\n    If the \\\"unlock_time\\\" parameter is not set to \\\"0\\\", \\\"never\\\", or is set\nto a value less than \\\"900\\\" on both \\\"auth\\\" lines with the\n\\\"pam_faillock.so\\\" module, or is missing from these lines, this is a finding.\n\n    Note: The maximum configurable value for \\\"unlock_time\\\" is \\\"604800\\\".\n\n    If any line referencing the \\\"pam_faillock.so\\\" module is commented out,\nthis is a finding.\n\n    # grep pam_faillock.so /etc/pam.d/system-auth\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    If the \\\"deny\\\" parameter is set to \\\"0\\\" or a value less than \\\"3\\\" on\nboth \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module, or is missing from\nthese lines, this is a finding.\n\n    If the \\\"even_deny_root\\\" parameter is not set on both \\\"auth\\\" lines with\nthe \\\"pam_faillock.so\\\" module, or is missing from these lines, this is a\nfinding.\n\n    If the \\\"fail_interval\\\" parameter is set to \\\"0\\\" or is set to a value\nless than \\\"900\\\" on both \\\"auth\\\" lines with the \\\"pam_faillock.so\\\" module,\nor is missing from these lines, this is a finding.\n\n    If the \\\"unlock_time\\\" parameter is not set to \\\"0\\\", \\\"never\\\", or is set\nto a value less than \\\"900\\\" on both \\\"auth\\\" lines with the\n\\\"pam_faillock.so\\\" module or is missing from these lines, this is a finding.\n\n    Note: The maximum configurable value for \\\"unlock_time\\\" is \\\"604800\\\".\n    If any line referencing the \\\"pam_faillock.so\\\" module is commented out,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to lock an account for the maximum period\nwhen three unsuccessful logon attempts in 15 minutes are made.\n\n    Modify the first three lines of the auth section and the first line of the\naccount section of the \\\"/etc/pam.d/system-auth\\\" and\n\\\"/etc/pam.d/password-auth\\\" files to match the following lines:\n\n    auth required pam_faillock.so preauth silent audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    auth sufficient pam_unix.so try_first_pass\n    auth [default=die] pam_faillock.so authfail audit deny=3 even_deny_root\nfail_interval=900 unlock_time=900\n    account required pam_faillock.so\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000329-GPOS-00128\"\n  tag satisfies: [\"SRG-OS-000329-GPOS-00128\", \"SRG-OS-000021-GPOS-00005\"]\n  tag gid: \"V-71943\"\n  tag rid: \"SV-86567r5_rule\"\n  tag stig_id: \"RHEL-07-010320\"\n  tag fix_id: \"F-78295r5_fix\"\n  tag cci: [\"CCI-000044\", \"CCI-002236\", \"CCI-002237\", \"CCI-002238\"]\n  tag nist: [\"AC-7 a\", \"AC-7 b\", \"AC-7 b\", \"AC-7 b\", \"Rev_4\"]\n\n  unsuccessful_attempts = input('unsuccessful_attempts')\n  fail_interval = input('fail_interval')\n  lockout_time = input('lockout_time')\n\n  describe pam('/etc/pam.d/password-auth') do\n    its('lines') {\n      should match_pam_rules(required_rules).exactly.or \\\n             match_pam_rules(alternate_rules).exactly\n    }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('deny', '&lt;=', unsuccessful_attempts) }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('fail_interval', '&lt;=', fail_interval) }\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n            (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&lt;=', 604800).and \\\n             match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&gt;=', lockout_time))\n    }\n  end\n\n  describe pam('/etc/pam.d/system-auth') do\n    its('lines') {\n      should match_pam_rules(required_rules).exactly.or \\\n             match_pam_rules(alternate_rules).exactly\n    }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('deny', '&lt;=', unsuccessful_attempts) }\n    its('lines') { should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('fail_interval', '&lt;=', fail_interval) }\n    its('lines') {\n      should match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_args('unlock_time=(0|never)').or \\\n            (match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&lt;=', 604800).and \\\n             match_pam_rule('auth [default=die]|required pam_faillock.so').all_with_integer_arg('unlock_time', '&gt;=', lockout_time))\n    }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002236</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/password-auth] lines  :: MESSAGE undefined local variable or method `required_rules' for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDPasswordAuth_2::Lines:0x00007fb47b50fc08&gt;
 Did you mean?  require_relative
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg deny &lt;&#x3D; 3
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg deny &lt;= 3
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg fail_interval &lt;&#x3D; 900
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg fail_interval &lt;= 900
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with args unlock_time&#x3D;(0|never) or include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &lt;&#x3D; 604800 and include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &gt;&#x3D; 604800
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with arg unlock_time &lt;= 604800 and include auth [default=die]|required pam_faillock.so, all with arg unlock_time &gt;= 604800
 --------------------------------
-error
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines 
-undefined local variable or method &#x60;required_rules&#39; for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDSystemAuth_2::Lines:0x00007fb47b5e4250&gt;
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines  :: MESSAGE undefined local variable or method `required_rules' for #&lt;RSpec::ExampleGroups::PAMConfigEtcPamDSystemAuth_2::Lines:0x00007fb47b5e4250&gt;
 Did you mean?  require_relative
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg deny &lt;&#x3D; 3
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with arg fail_interval &lt;&#x3D; 900
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include auth [default&#x3D;die]|required pam_faillock.so, all with args unlock_time&#x3D;(0|never) or include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &lt;&#x3D; 604800 and include auth [default&#x3D;die]|required pam_faillock.so, all with arg unlock_time &gt;&#x3D; 604800</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73155</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87807r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010081</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg deny &lt;= 3
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with arg fail_interval &lt;= 900
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include auth [default=die]|required pam_faillock.so, all with args unlock_time=(0|never) or include auth [default=die]|required pam_faillock.so, all with arg unlock_time &lt;= 604800 and include auth [default=die]|required pam_faillock.so, all with arg unlock_time &gt;= 604800</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73155</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87807r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010081</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
-  overriding the screensaver lock-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+  overriding the screensaver lock-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
   work and moves away from the immediate physical vicinity of the information
   system but does not log out because of the temporary nature of the absence.
   Rather than relying on the user to manually lock their operating system session
   prior to vacating the vicinity, operating systems need to be able to identify
-  when a user&#39;s session has idled and take action to initiate the session lock.
+  when a user's session has idled and take action to initiate the session lock.
 
       The session lock is implemented at the point where session activity can be
-  determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+  determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding a screensaver
 lock after a 15-minute period of inactivity for graphical user interfaces.
 
@@ -6500,24 +6232,24 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the lock delay setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i lock-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i lock-delay /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-delay
+    /org/gnome/desktop/screensaver/lock-delay
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a
 screensaver lock after a 15-minute period of inactivity for graphical user
 interfaces.
@@ -6525,139 +6257,134 @@ interfaces.
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in "/etc/dconf/profile/user", the
 file should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the screensaver lock delay:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-delay</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>64f01525-04bb-48c5-b664-708e5531ce59</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86851r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040180</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/screensaver/lock-delay</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-73155\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\n  overriding the screensaver lock-delay setting for the graphical user interface.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\n  work and moves away from the immediate physical vicinity of the information\n  system but does not log out because of the temporary nature of the absence.\n  Rather than relying on the user to manually lock their operating system session\n  prior to vacating the vicinity, operating systems need to be able to identify\n  when a user's session has idled and take action to initiate the session lock.\n\n      The session lock is implemented at the point where session activity can be\n  determined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding a screensaver\n  lock after a 15-minute period of inactivity for graphical user interfaces.\n\n      Note: If the system does not have GNOME installed, this requirement is Not\n  Applicable. The screen program must be installed to lock sessions on the\n  console.\n\n      Determine which profile the system database is using with the following\n  command:\n      # grep system-db /etc/dconf/profile/user\n\n      system-db:local\n\n      Check for the lock delay setting with the following command:\n\n      Note: The example below is using the database \\\"local\\\" for the system, so\n  the path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\n  other than \\\"local\\\" is being used.\n\n      # grep -i lock-delay /etc/dconf/db/local.d/locks/*\n\n      /org/gnome/desktop/screensaver/lock-delay\n\n      If the command does not return a result, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a\n    screensaver lock after a 15-minute period of inactivity for graphical user\n    interfaces.\n\n        Create a database to contain the system-wide screensaver settings (if it\n    does not already exist) with the following command:\n\n        Note: The example below is using the database \\\"local\\\" for the system, so\n    if the system is using another database in \\\"/etc/dconf/profile/user\\\", the\n    file should be created under the appropriate subdirectory.\n\n        # touch /etc/dconf/db/local.d/locks/session\n\n        Add the setting to lock the screensaver lock delay:\n\n        /org/gnome/desktop/screensaver/lock-delay\n  \"\n\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-73155\"\n  tag rid: \"SV-87807r4_rule\"\n  tag stig_id: \"RHEL-07-010081\"\n  tag fix_id: \"F-79601r2_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n    unless package('gnome-desktop3').installed?\n      impact 0.0\n      describe \"The GNOME desktop is not installed\" do\n        skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n      end\n    else\n      describe command(\"gsettings writable org.gnome.desktop.screensaver lock-delay\") do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86851r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040180</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
 cryptography to protect the integrity of Lightweight Directory Access Protocol
-(LDAP) authentication communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(LDAP) authentication communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, information can be
 altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If LDAP is not being utilized, this requirement is Not Applicable.
 
     Verify the operating system implements cryptography to protect the
@@ -6668,534 +6395,487 @@ command:
 
     # systemctl status sssd.service
     sssd.service - System Security Services Daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sssd.service; enabled; vendor
+    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
 preset: disabled)
     Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago
 
-    If the &quot;sssd.service&quot; is &quot;active&quot;, then LDAP is being used.
+    If the "sssd.service" is "active", then LDAP is being used.
 
-    Determine the &quot;id_provider&quot; the LDAP is currently using:
+    Determine the "id_provider" the LDAP is currently using:
 
-    # grep -i &quot;id_provider&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i "id_provider" /etc/sssd/sssd.conf
 
-    id_provider &#x3D; ad
+    id_provider = ad
 
-    If &quot;id_provider&quot; is set to &quot;ad&quot;, this is Not Applicable.
+    If "id_provider" is set to "ad", this is Not Applicable.
 
     Ensure that LDAP is configured to use TLS by using the following command:
 
-    # grep -i &quot;start_tls&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
-    ldap_id_use_start_tls &#x3D; true
+    # grep -i "start_tls" /etc/sssd/sssd.conf
+    ldap_id_use_start_tls = true
 
-    If the &quot;ldap_id_use_start_tls&quot; option is not &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "ldap_id_use_start_tls" option is not "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement cryptography to protect the
 integrity of LDAP authentication sessions.
 
-    Add or modify the following line in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot;:
-
-    ldap_id_use_start_tls &#x3D; true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6631302e-c560-4bf0-a4b2-64d3695141ad</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-LDAP not enabled
-LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72317</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86941r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040820</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the following line in "/etc/sssd/sssd.conf":
+
+    ldap_id_use_start_tls = true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72227\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncryptography to protect the integrity of Lightweight Directory Access Protocol\n(LDAP) authentication communications.\"\n  desc  \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If LDAP is not being utilized, this requirement is Not Applicable.\n\n    Verify the operating system implements cryptography to protect the\nintegrity of remote LDAP authentication sessions.\n\n    To determine if LDAP is being used for authentication, use the following\ncommand:\n\n    # systemctl status sssd.service\n    sssd.service - System Security Services Daemon\n    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor\npreset: disabled)\n    Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago\n\n    If the \\\"sssd.service\\\" is \\\"active\\\", then LDAP is being used.\n\n    Determine the \\\"id_provider\\\" the LDAP is currently using:\n\n    # grep -i \\\"id_provider\\\" /etc/sssd/sssd.conf\n\n    id_provider = ad\n\n    If \\\"id_provider\\\" is set to \\\"ad\\\", this is Not Applicable.\n\n    Ensure that LDAP is configured to use TLS by using the following command:\n\n    # grep -i \\\"start_tls\\\" /etc/sssd/sssd.conf\n    ldap_id_use_start_tls = true\n\n    If the \\\"ldap_id_use_start_tls\\\" option is not \\\"true\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement cryptography to protect the\nintegrity of LDAP authentication sessions.\n\n    Add or modify the following line in \\\"/etc/sssd/sssd.conf\\\":\n\n    ldap_id_use_start_tls = true\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72227\"\n  tag rid: \"SV-86851r4_rule\"\n  tag stig_id: \"RHEL-07-040180\"\n  tag fix_id: \"F-78581r2_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  sssd_id_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*id_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  pam_ldap_enabled = (!command('grep \"^[^#]*pam_ldap\\.so\" /etc/pam.d/*').stdout.strip.empty?)\n\n  if !(sssd_id_ldap_enabled or pam_ldap_enabled)\n    impact 0.0\n    describe \"LDAP not enabled\" do\n      skip \"LDAP not enabled using any known mechanisms, this control is Not Applicable.\"\n    end\n  end\n\n  if sssd_id_ldap_enabled\n    ldap_id_use_start_tls = command('grep ldap_id_use_start_tls /etc/sssd/sssd.conf')\n    describe ldap_id_use_start_tls do\n      its('stdout.strip') { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n    end\n\n    ldap_id_use_start_tls.stdout.strip.each_line do |line|\n      describe line do\n        it { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n      end\n    end\n  end\n\n  if pam_ldap_enabled\n    describe command('grep -i ssl /etc/pam_ldap.conf') do\n      its('stdout.strip') { should match %r{^ssl start_tls$}}\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST LDAP not enabled :: SKIP_MESSAGE LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72317</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86941r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040820</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have
-unauthorized IP tunnels configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unauthorized IP tunnels configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>IP tunneling mechanisms can be used to bypass network filtering. If
 tunneling is required, it must be documented with the Information System
-Security Officer (ISSO).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Security Officer (ISSO).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not have unauthorized IP tunnels configured.
 
-    Check to see if &quot;libreswan&quot; is installed with the following command:
+    Check to see if "libreswan" is installed with the following command:
 
     # yum list installed libreswan
     libreswan.x86-64 3.20-5.el7_4
 
-    If &quot;libreswan&quot; is installed, check to see if the &quot;IPsec&quot; service is
+    If "libreswan" is installed, check to see if the "IPsec" service is
 active with the following command:
 
     # systemctl status ipsec
     ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;ipsec.service; disabled)
+    Loaded: loaded (/usr/lib/systemd/system/ipsec.service; disabled)
     Active: inactive (dead)
 
-    If the &quot;IPsec&quot; service is active, check to see if any tunnels are
-configured in &quot;&#x2F;etc&#x2F;ipsec.conf&quot; and &quot;&#x2F;etc&#x2F;ipsec.d&#x2F;&quot; with the following
+    If the "IPsec" service is active, check to see if any tunnels are
+configured in "/etc/ipsec.conf" and "/etc/ipsec.d/" with the following
 commands:
 
-    # grep -iw conn &#x2F;etc&#x2F;ipsec.conf &#x2F;etc&#x2F;ipsec.d&#x2F;*.conf
+    # grep -iw conn /etc/ipsec.conf /etc/ipsec.d/*.conf
 
-    If there are indications that a &quot;conn&quot; parameter is configured for a
+    If there are indications that a "conn" parameter is configured for a
 tunnel, ask the System Administrator if the tunnel is documented with the ISSO.
 
-    If &quot;libreswan&quot; is installed, &quot;IPsec&quot; is active, and an undocumented
-tunnel is active, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "libreswan" is installed, "IPsec" is active, and an undocumented
+tunnel is active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remove all unapproved tunnels from the system, or document them
-with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>70fdb0a5-cafa-4c71-a290-e33fe2a8f146</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have libreswan installed or the ipsec.service isn&#39;t running
-The system does not have libreswan installed or the ipsec.service isn&#39;t running, this requirement is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71937</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86561r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010290</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72317\" do\n  title \"The Red Hat Enterprise Linux operating system must not have\nunauthorized IP tunnels configured.\"\n  desc  \"IP tunneling mechanisms can be used to bypass network filtering. If\ntunneling is required, it must be documented with the Information System\nSecurity Officer (ISSO).\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not have unauthorized IP tunnels configured.\n\n    Check to see if \\\"libreswan\\\" is installed with the following command:\n\n    # yum list installed libreswan\n    libreswan.x86-64 3.20-5.el7_4\n\n    If \\\"libreswan\\\" is installed, check to see if the \\\"IPsec\\\" service is\nactive with the following command:\n\n    # systemctl status ipsec\n    ipsec.service - Internet Key Exchange (IKE) Protocol Daemon for IPsec\n    Loaded: loaded (/usr/lib/systemd/system/ipsec.service; disabled)\n    Active: inactive (dead)\n\n    If the \\\"IPsec\\\" service is active, check to see if any tunnels are\nconfigured in \\\"/etc/ipsec.conf\\\" and \\\"/etc/ipsec.d/\\\" with the following\ncommands:\n\n    # grep -iw conn /etc/ipsec.conf /etc/ipsec.d/*.conf\n\n    If there are indications that a \\\"conn\\\" parameter is configured for a\ntunnel, ask the System Administrator if the tunnel is documented with the ISSO.\n\n    If \\\"libreswan\\\" is installed, \\\"IPsec\\\" is active, and an undocumented\ntunnel is active, this is a finding.\n  \"\n  desc  \"fix\", \"Remove all unapproved tunnels from the system, or document them\nwith the ISSO.\"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72317\"\n  tag rid: \"SV-86941r2_rule\"\n  tag stig_id: \"RHEL-07-040820\"\n  tag fix_id: \"F-78671r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  approved_tunnels = input('approved_tunnels')\n\n  if package('libreswan').installed? &amp;&amp; service('ipsec.service').running?\n    impact 0.5\n    processed = []\n    to_process = ['/etc/ipsec.conf']\n\n    while !to_process.empty?\n      in_process = to_process.pop\n      next if processed.include? in_process\n      processed.push in_process\n\n      to_process.concat(\n        command(\"grep -E '^\\\\s*include\\\\s+' #{in_process} | sed 's/^[[:space:]]*include[[:space:]]*//g'\").\n          stdout.strip.split(%r{\\s*\\n+\\s*}).\n          map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n          map { |f|\n            dir = f.sub(%r{[^/]*[\\*\\?\\[].*$}, '') # gets the longest ancestor path which doesn't contain wildcards\n            command(\"find #{dir} -wholename '#{f}'\").stdout.strip.split(\"\\n\")\n          }.\n          flatten.\n          select { |f| file(f).file? }\n      )\n    end\n\n    conn_grep = processed.map do |conf|\n      command(\"grep -E '^\\\\s*conn\\\\s+' #{conf}\").\n        stdout.strip.split(%r{\\s*\\n\\s*})\n    end.flatten\n\n    describe conn_grep do\n      it { should all(be_in approved_tunnels) }\n    end\n  else\n    impact 0.0\n    describe \"The system does not have libreswan installed or the ipsec.service isn't running\" do\n      skip \"The system does not have libreswan installed or the ipsec.service isn't running, this requirement is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have libreswan installed or the ipsec.service isn't running :: SKIP_MESSAGE The system does not have libreswan installed or the ipsec.service isn't running, this requirement is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71937</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86561r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010290</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have accounts
-configured with blank or null passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+configured with blank or null passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an account has an empty password, anyone could log on and run
 commands with the privileges of that account. Accounts with empty passwords
-should never be used in operational environments.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+should never be used in operational environments.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To verify that null passwords cannot be used, run the following command:
 
-    # grep nullok &#x2F;etc&#x2F;pam.d&#x2F;system-auth &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep nullok /etc/pam.d/system-auth /etc/pam.d/password-auth
 
     If this produces any output, it may be possible to log on with accounts
 with empty passwords.
 
-    If null passwords can be used, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If null passwords can be used, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an account is configured for password authentication but does not have
 an assigned password, it may be possible to log on to the account without
 authenticating.
 
-    Remove any instances of the &quot;nullok&quot; option in &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot;
-and &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; to prevent logons with empty passwords.
+    Remove any instances of the "nullok" option in "/etc/pam.d/system-auth"
+and "/etc/pam.d/password-auth" to prevent logons with empty passwords.
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bf2f7c8c-7298-404a-b53e-5f90aa596ac9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;config-util] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;other] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;chfn] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;chsh] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;login] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;remote] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;runuser] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;runuser-l] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;su] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;su-l] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;systemd-user] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;polkit-1] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;crond] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;rhn_register] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;subscription-manager] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sshd] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;smtp.postfix] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;smtp] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;vlock] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sudo] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sudo-i] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;fingerprint-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;smartcard-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;atd] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;sssd-shadowutils] lines is expected to include .* .* pam_unix.so, all without args nullok
-expected &quot;auth [success&#x3D;done ignore&#x3D;ignore default&#x3D;die] pam_unix.so nullok try_first_pass\naccount required pam_unix.so&quot; to include .* .* pam_unix.so, all without args nullok
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71937\" do\n  title \"The Red Hat Enterprise Linux operating system must not have accounts\nconfigured with blank or null passwords.\"\n  desc  \"If an account has an empty password, anyone could log on and run\ncommands with the privileges of that account. Accounts with empty passwords\nshould never be used in operational environments.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    To verify that null passwords cannot be used, run the following command:\n\n    # grep nullok /etc/pam.d/system-auth /etc/pam.d/password-auth\n\n    If this produces any output, it may be possible to log on with accounts\nwith empty passwords.\n\n    If null passwords can be used, this is a finding.\n  \"\n  desc  \"fix\", \"\n    If an account is configured for password authentication but does not have\nan assigned password, it may be possible to log on to the account without\nauthenticating.\n\n    Remove any instances of the \\\"nullok\\\" option in \\\"/etc/pam.d/system-auth\\\"\nand \\\"/etc/pam.d/password-auth\\\" to prevent logons with empty passwords.\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71937\"\n  tag rid: \"SV-86561r3_rule\"\n  tag stig_id: \"RHEL-07-010290\"\n  tag fix_id: \"F-78289r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  # Fetch all files under /etc/pam.d excluding '*-ac' files\n  # but including symlinks\n  pam_file_list = command('find /etc/pam.d ! -name \\'*-ac\\' -a \\( -type f -o -type l \\)').stdout.strip.split\n\n  pam_file_list.each do |pam_file|\n    describe pam(pam_file) do\n      its('lines') { should match_pam_rule('.* .* pam_unix.so').all_without_args('nullok') }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/config-util] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/other] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/chfn] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/chsh] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/login] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/remote] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/runuser] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/runuser-l] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/su] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/su-l] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/systemd-user] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/polkit-1] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/crond] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/rhn_register] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/subscription-manager] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sshd] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/smtp.postfix] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/smtp] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/vlock] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sudo] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sudo-i] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/fingerprint-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/smartcard-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/atd] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/sssd-shadowutils] lines is expected to include .* .* pam_unix.so, all without args nullok :: MESSAGE expected "auth [success=done ignore=ignore default=die] pam_unix.so nullok try_first_pass\naccount required pam_unix.so" to include .* .* pam_unix.so, all without args nullok
 Diff:
 @@ -1,2 +1,3 @@
 -.* .* pam_unix.so
-+auth [success&#x3D;done ignore&#x3D;ignore default&#x3D;die] pam_unix.so nullok try_first_pass
++auth [success=done ignore=ignore default=die] pam_unix.so nullok try_first_pass
 +account required pam_unix.so
 
 --------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;screen] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;password-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;postlogin] lines is expected to include .* .* pam_unix.so, all without args nullok</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-78995</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93701r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010062</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+passed :: TEST PAM Config[/etc/pam.d/screen] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/password-auth-local] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/password-auth] lines is expected to include .* .* pam_unix.so, all without args nullok
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/postlogin] lines is expected to include .* .* pam_unix.so, all without args nullok</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-78995</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93701r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010062</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
 overriding the screensaver lock-enabled setting for the graphical user
-interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session lock is a temporary action taken when a user stops work and
 moves away from the immediate physical vicinity of the information system but
 does not want to log out because of the temporary nature of the absence.
@@ -7203,17 +6883,17 @@ does not want to log out because of the temporary nature of the absence.
     The session lock is implemented at the point where session activity can be
 determined.
 
-    The ability to enable&#x2F;disable a session lock is given to the user by
-default. Disabling the users ability to disengage the graphical user interface
+    The ability to enable/disable a session lock is given to the user by
+default. Disabling the user’s ability to disengage the graphical user interface
 session lock provides the assurance that all sessions will lock after the
-specified period of time.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+specified period of time.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding the screensaver
 lock-enabled setting for the graphical user interface.
 
@@ -7223,24 +6903,24 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the lock-enabled setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i lock-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i lock-enabled /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-enabled
+    /org/gnome/desktop/screensaver/lock-enabled
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a
 screensaver lock after a 15-minute period of inactivity for graphical user
 interfaces.
@@ -7248,290 +6928,278 @@ interfaces.
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in "/etc/dconf/profile/user", the
 file should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the screensaver lock-enabled setting:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;lock-enabled</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5035b12e-6db8-4045-8ef2-65ffe5658773</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72137</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86761r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030570</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/screensaver/lock-enabled</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-78995\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\noverriding the screensaver lock-enabled setting for the graphical user\ninterface.\"\n  desc  \"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    The ability to enable/disable a session lock is given to the user by\ndefault. Disabling the user’s ability to disengage the graphical user interface\nsession lock provides the assurance that all sessions will lock after the\nspecified period of time.\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding the screensaver\nlock-enabled setting for the graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    Determine which profile the system database is using with the following\ncommand:\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check for the lock-enabled setting with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nthe path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\nother than \\\"local\\\" is being used.\n\n    # grep -i lock-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n    If the command does not return a result, this is a finding.\n\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a\nscreensaver lock after a 15-minute period of inactivity for graphical user\ninterfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nif the system is using another database in \\\"/etc/dconf/profile/user\\\", the\nfile should be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/locks/session\n\n    Add the setting to lock the screensaver lock-enabled setting:\n\n    /org/gnome/desktop/screensaver/lock-enabled\n\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-78995\"\n  tag rid: \"SV-93701r3_rule\"\n  tag stig_id: \"RHEL-07-010062\"\n  tag fix_id: \"F-85745r1_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command(\"gsettings writable org.gnome.desktop.screensaver lock-enabled\") do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    impact 0.0\n    describe \"The GNOME desktop is not installed\" do\n      skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n    end\n  end  \nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72137</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86761r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030570</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the setsebool command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the setsebool command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setsebool&quot; command occur.
+successful/unsuccessful attempts to use the "setsebool" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;sbin&#x2F;setsebool &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/sbin/setsebool /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setsebool -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-priv_change
+    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setsebool&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setsebool -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-priv_change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>927c4d9c-b076-434c-9229-2b409b7e9a3d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setsebool&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setsebool&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86633r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "setsebool" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-priv_change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72137\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe setsebool command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"setsebool\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/sbin/setsebool /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"setsebool\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/setsebool -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72137\"\n  tag rid: \"SV-86761r4_rule\"\n  tag stig_id: \"RHEL-07-030570\"\n  tag fix_id: \"F-78489r6_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n  \n  audit_file = '/usr/sbin/setsebool'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/setsebool" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/setsebool" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86633r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all files and directories have a valid group owner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all files and directories have a valid group owner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Files without a valid group owner may be unintentionally inherited if
 a group is assigned the same Group Identifier (GID) as the GID of the files
-without a valid group owner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+without a valid group owner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories on the system have a valid group.
 
     Check the owner of all files and directories with the following command:
@@ -7539,162 +7207,150 @@ without a valid group owner.</ATTRIBUTE_DATA>
     Note: The value after -fstype must be replaced with the filesystem type.
 XFS is used as an example.
 
-    # find &#x2F; -fstype xfs -nogroup
+    # find / -fstype xfs -nogroup
 
-    If any files on the system do not have an assigned group, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any files on the system do not have an assigned group, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Either remove all files and directories from the system that do not have a
 valid group, or assign a valid group to all files and directories on the system
-with the &quot;chgrp&quot; command:
-
-    # chgrp &lt;group&gt; &lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>becd8ef5-39d2-4ea4-a50e-5ea58d608bf6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -fstype xfs -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext3 -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext2 -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext4 -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype msdos -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype vfat -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype btrfs -nogroup&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype fuseblk -nogroup&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73157</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87809r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010082</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+with the "chgrp" command:
+
+    # chgrp &lt;group&gt; &lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72009\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories have a valid group owner.\"\n  desc  \"Files without a valid group owner may be unintentionally inherited if\na group is assigned the same Group Identifier (GID) as the GID of the files\nwithout a valid group owner.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories on the system have a valid group.\n\n    Check the owner of all files and directories with the following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    # find / -fstype xfs -nogroup\n\n    If any files on the system do not have an assigned group, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Either remove all files and directories from the system that do not have a\nvalid group, or assign a valid group to all files and directories on the system\nwith the \\\"chgrp\\\" command:\n\n    # chgrp &lt;group&gt; &lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72009\"\n  tag rid: \"SV-86633r3_rule\"\n  tag stig_id: \"RHEL-07-020330\"\n  tag fix_id: \"F-78361r1_fix\"\n  tag cci: [\"CCI-002165\"]\n  tag nist: [\"AC-3 (4)\", \"Rev_4\"]\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'').\n    stdout.strip.split(\"\\n\").each do |fs|\n      describe command(\"find / -xautofs -fstype #{fs} -nogroup\") do\n        its('stdout.strip') { should be_empty }\n      end\n    end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -fstype xfs -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext3 -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext2 -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext4 -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype msdos -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype vfat -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype btrfs -nogroup` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype fuseblk -nogroup` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73157</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87809r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010082</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
-overriding the session idle-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+overriding the session idle-delay setting for the graphical user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding session idle
 delay after a 15-minute period of inactivity for graphical user interfaces.
 
@@ -7704,675 +7360,641 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the session idle delay setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i idle-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i idle-delay /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;session&#x2F;idle-delay
+    /org/gnome/desktop/session/idle-delay
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a session
 lock after a 15-minute period of inactivity for graphical user interfaces.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user, the file
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in /etc/dconf/profile/user, the file
 should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the session idle delay:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;session&#x2F;idle-delay</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>505034d8-953d-47c6-b00c-8b1023cea436</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72097</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86721r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030370</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/session/idle-delay</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-73157\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\noverriding the session idle-delay setting for the graphical user interface.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding session idle\ndelay after a 15-minute period of inactivity for graphical user interfaces.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    Determine which profile the system database is using with the following\ncommand:\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check for the session idle delay setting with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nthe path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\nother than \\\"local\\\" is being used.\n\n    # grep -i idle-delay /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/session/idle-delay\n\n    If the command does not return a result, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a session\nlock after a 15-minute period of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nif the system is using another database in /etc/dconf/profile/user, the file\nshould be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/locks/session\n\n    Add the setting to lock the session idle delay:\n\n    /org/gnome/desktop/session/idle-delay\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-73157\"\n  tag rid: \"SV-87809r4_rule\"\n  tag stig_id: \"RHEL-07-010082\"\n  tag fix_id: \"F-79603r1_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  unless package('gnome-desktop3').installed?\n    impact 0.0\n    describe \"The GNOME desktop is not installed\" do\n      skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n    end\n  else\n    describe command(\"gsettings writable org.gnome.desktop.session idle-delay\") do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72097</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86721r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030370</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chown syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chown syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chown&quot; syscall occur.
+successful/unsuccessful attempts to use the "chown" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw chown &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw chown /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;chown&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"chown" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S chown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>caea43bd-2e54-4efd-8b1b-8b420f7245df</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;chown&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72075</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86699r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72097\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chown syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chown\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw chown /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"chown\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S chown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72097\"\n  tag rid: \"SV-86721r5_rule\"\n  tag stig_id: \"RHEL-07-030370\"\n  tag fix_id: \"F-78449r8_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"chown\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"chown\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "chown" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chown" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chown" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "chown" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72075</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86699r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow removable
-media to be used as the boot loader unless approved.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+media to be used as the boot loader unless approved.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Malicious users with removable boot media can gain access to a system
 configured to use removable media as the boot loader. If removable media is
 designed to be used as the boot loader, the requirement must be documented with
-the Information System Security Officer (ISSO).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+the Information System Security Officer (ISSO).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system is not configured to use a boot loader on removable media.
 
-    Note: GRUB 2 reads its configuration from the &quot;&#x2F;boot&#x2F;grub2&#x2F;grub.cfg&quot; file
+    Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file
 on traditional BIOS-based machines and from the
-&quot;&#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg&quot; file on UEFI machines.
+"/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 
     Check for the existence of alternate boot loader configuration files with
 the following command:
 
-    # find &#x2F; -name grub.cfg
-    &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # find / -name grub.cfg
+    /boot/grub2/grub.cfg
 
-    If a &quot;grub.cfg&quot; is found in any subdirectories other than &quot;&#x2F;boot&#x2F;grub2&quot;
-and &quot;&#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&quot;, ask the System Administrator if there is
+    If a "grub.cfg" is found in any subdirectories other than "/boot/grub2"
+and "/boot/efi/EFI/redhat", ask the System Administrator if there is
 documentation signed by the ISSO to approve the use of removable media as a
 boot loader.
 
     Check that the grub configuration file has the set root command in each
 menu entry with the following commands:
 
-    # grep -c menuentry &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # grep -c menuentry /boot/grub2/grub.cfg
     1
-    # grep &#39;set root&#39; &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
-    set root&#x3D;(hd0,1)
+    # grep 'set root' /boot/grub2/grub.cfg
+    set root=(hd0,1)
 
     If the system is using an alternate boot loader on removable media, and
 documentation does not exist approving the alternate configuration, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remove alternate methods of booting the system from removable
-media or document the configuration to boot from removable media with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>614d334f-1acf-4812-877a-6ea9437d486b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist
-expected File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
---------------------------------
-passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-expected &quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot; to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
+media or document the configuration to boot from removable media with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72075\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow removable\nmedia to be used as the boot loader unless approved.\"\n  desc  \"Malicious users with removable boot media can gain access to a system\nconfigured to use removable media as the boot loader. If removable media is\ndesigned to be used as the boot loader, the requirement must be documented with\nthe Information System Security Officer (ISSO).\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system is not configured to use a boot loader on removable media.\n\n    Note: GRUB 2 reads its configuration from the \\\"/boot/grub2/grub.cfg\\\" file\non traditional BIOS-based machines and from the\n\\\"/boot/efi/EFI/redhat/grub.cfg\\\" file on UEFI machines.\n\n    Check for the existence of alternate boot loader configuration files with\nthe following command:\n\n    # find / -name grub.cfg\n    /boot/grub2/grub.cfg\n\n    If a \\\"grub.cfg\\\" is found in any subdirectories other than \\\"/boot/grub2\\\"\nand \\\"/boot/efi/EFI/redhat\\\", ask the System Administrator if there is\ndocumentation signed by the ISSO to approve the use of removable media as a\nboot loader.\n\n    Check that the grub configuration file has the set root command in each\nmenu entry with the following commands:\n\n    # grep -c menuentry /boot/grub2/grub.cfg\n    1\n    # grep 'set root' /boot/grub2/grub.cfg\n    set root=(hd0,1)\n\n    If the system is using an alternate boot loader on removable media, and\ndocumentation does not exist approving the alternate configuration, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Remove alternate methods of booting the system from removable\nmedia or document the configuration to boot from removable media with the ISSO.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000364-GPOS-00151\"\n  tag gid: \"V-72075\"\n  tag rid: \"SV-86699r2_rule\"\n  tag stig_id: \"RHEL-07-021700\"\n  tag fix_id: \"F-78427r1_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  roots = command('grubby --info=ALL | grep \"^root=\" | sed \"s/^root=//g\"').\n    stdout.strip.split(\"\\n\")\n\n  blocks = roots.map { |root|\n    root_file = file(root)\n    root_file.symlink? ? root_file.link_path : root_file.path\n  }\n\n  blocks.each { |block|\n    block_file = file(block)\n    describe block_file do\n      it { should exist }\n      its('path') { should match %r{^/dev/} }\n    end\n\n    if block_file.exist? and block_file.path.match? %r{^/dev/}\n      removable = ['/sys/block', block.sub(%r{^/dev/}, ''), 'removable'].join('/')\n      describe file(removable) do\n        it { should exist }\n        its('content.strip') { should eq '0' }\n      end\n    end\n  }\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist :: MESSAGE expected File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
+--------------------------------
+passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match /^\/dev\// :: MESSAGE expected "UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033" to match /^\/dev\//
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-+&quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot;
+-/^\/dev\//
++"UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033"
 
 --------------------------------
-passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist
-expected File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
+passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 is expected to exist :: MESSAGE expected File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 to exist
 --------------------------------
-passed
-File UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-expected &quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot; to match &#x2F;^\&#x2F;dev\&#x2F;&#x2F;
+passed :: TEST File UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033 path is expected to match /^\/dev\// :: MESSAGE expected "UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033" to match /^\/dev\//
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^\&#x2F;dev\&#x2F;&#x2F;
-+&quot;UUID&#x3D;5a000634-a1fc-467d-8ef4-5fcf5dbc6033&quot;
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72179</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86803r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030780</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+-/^\/dev\//
++"UUID=5a000634-a1fc-467d-8ef4-5fcf5dbc6033"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72179</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86803r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030780</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the ssh-keysign command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the ssh-keysign command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged ssh commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ssh-keysign&quot; command occur.
+successful/unsuccessful attempts to use the "ssh-keysign" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/libexec/openssh/ssh-keysign /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-ssh
+    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-ssh
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ssh-keysign&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-ssh
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4a8c3d95-1ab0-46aa-83ea-eff2ea14b22d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;libexec&#x2F;openssh&#x2F;ssh-keysign&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72305</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86929r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040720</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "ssh-keysign" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-ssh
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72179\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe ssh-keysign command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged ssh commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"ssh-keysign\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/libexec/openssh/ssh-keysign /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-ssh\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"ssh-keysign\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-ssh\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72179\"\n  tag rid: \"SV-86803r3_rule\"\n  tag stig_id: \"RHEL-07-030780\"\n  tag fix_id: \"F-78533r4_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/libexec/openssh/ssh-keysign'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/libexec/openssh/ssh-keysign" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/libexec/openssh/ssh-keysign" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72305</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86929r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040720</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that if the Trivial File Transfer Protocol (TFTP) server is required, the TFTP
-daemon is configured to operate in secure mode.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+daemon is configured to operate in secure mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Restricting TFTP to a specific directory prevents remote users from
-copying, transferring, or overwriting system files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+copying, transferring, or overwriting system files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the TFTP daemon is configured to operate in secure mode.
 
     Check to see if a TFTP server has been installed with the following
@@ -8386,128 +8008,123 @@ commands:
     If a TFTP server is installed, check for the server arguments with the
 following command:
 
-    # grep server_args &#x2F;etc&#x2F;xinetd.d&#x2F;tftp
-    server_args &#x3D; -s &#x2F;var&#x2F;lib&#x2F;tftpboot
+    # grep server_args /etc/xinetd.d/tftp
+    server_args = -s /var/lib/tftpboot
 
-    If the &quot;server_args&quot; line does not have a &quot;-s&quot; option and a
-subdirectory is not assigned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "server_args" line does not have a "-s" option and a
+subdirectory is not assigned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the TFTP daemon to operate in secure mode by adding the following
-line to &quot;&#x2F;etc&#x2F;xinetd.d&#x2F;tftp&quot; (or modify the line to have the required value):
-
-    server_args &#x3D; -s &#x2F;var&#x2F;lib&#x2F;tftpboot</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>db07af21-c802-416d-8d80-feab14547d44</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The TFTP package is not installed
-If a TFTP server is not installed, this is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71913</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86537r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010170</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+line to "/etc/xinetd.d/tftp" (or modify the line to have the required value):
+
+    server_args = -s /var/lib/tftpboot</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72305\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat if the Trivial File Transfer Protocol (TFTP) server is required, the TFTP\ndaemon is configured to operate in secure mode.\"\n  desc  \"Restricting TFTP to a specific directory prevents remote users from\ncopying, transferring, or overwriting system files.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the TFTP daemon is configured to operate in secure mode.\n\n    Check to see if a TFTP server has been installed with the following\ncommands:\n\n    # yum list installed tftp-server\n    tftp-server.x86_64 x.x-x.el7 rhel-7-server-rpms\n\n    If a TFTP server is not installed, this is Not Applicable.\n\n    If a TFTP server is installed, check for the server arguments with the\nfollowing command:\n\n    # grep server_args /etc/xinetd.d/tftp\n    server_args = -s /var/lib/tftpboot\n\n    If the \\\"server_args\\\" line does not have a \\\"-s\\\" option and a\nsubdirectory is not assigned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the TFTP daemon to operate in secure mode by adding the following\nline to \\\"/etc/xinetd.d/tftp\\\" (or modify the line to have the required value):\n\n    server_args = -s /var/lib/tftpboot\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72305\"\n  tag rid: \"SV-86929r3_rule\"\n  tag stig_id: \"RHEL-07-040720\"\n  tag fix_id: \"F-78659r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  if package('tftp-server').installed?\n    impact 0.5\n    describe command('grep server_args /etc/xinetd.d/tftp') do\n      its('stdout.strip') { should match %r{^\\s*server_args\\s+=\\s+(-s|--secure)\\s(\\/\\S+)$} }\n    end\n  else\n    impact 0.0\n    describe \"The TFTP package is not installed\" do\n      skip \"If a TFTP server is not installed, this is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The TFTP package is not installed :: SKIP_MESSAGE If a TFTP server is not installed, this is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71913</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86537r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010170</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed a minimum of four character classes must be
-changed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+changed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -8516,289 +8133,279 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;minclass&quot; option sets the minimum number of required classes of
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "minclass" option sets the minimum number of required classes of
 characters for the new password (digits, upper-case, lower-case, others).
 
-    Check for the value of the &quot;minclass&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "minclass" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep minclass &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    minclass &#x3D; 4
+    # grep minclass /etc/security/pwquality.conf
+    minclass = 4
 
-    If the value of &quot;minclass&quot; is set to less than &quot;4&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "minclass" is set to less than "4", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of at least four
-character classes when passwords are changed by setting the &quot;minclass&quot; option.
+character classes when passwords are changed by setting the "minclass" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf conf&quot; (or modify
+    Add the following line to "/etc/security/pwquality.conf conf" (or modify
 the line to have the required value):
 
-    minclass &#x3D; 4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e74608cc-c124-4278-b617-1650990dcfd5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf minclass.to_i is expected to cmp &gt;&#x3D; 4</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87813r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021021</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    minclass = 4</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71913\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed a minimum of four character classes must be\nchanged.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"minclass\\\" option sets the minimum number of required classes of\ncharacters for the new password (digits, upper-case, lower-case, others).\n\n    Check for the value of the \\\"minclass\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep minclass /etc/security/pwquality.conf\n    minclass = 4\n\n    If the value of \\\"minclass\\\" is set to less than \\\"4\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of at least four\ncharacter classes when passwords are changed by setting the \\\"minclass\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf conf\\\" (or modify\nthe line to have the required value):\n\n    minclass = 4\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71913\"\n  tag rid: \"SV-86537r2_rule\"\n  tag stig_id: \"RHEL-07-010170\"\n  tag fix_id: \"F-78265r1_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('minclass.to_i') { should cmp &gt;= 4 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf minclass.to_i is expected to cmp &gt;= 4</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87813r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021021</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent binary
 files from being executed on file systems that are being imported via Network
-File System (NFS).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;noexec&quot; mount option causes the system to not execute binary
+File System (NFS).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "noexec" mount option causes the system to not execute binary
 files. This option must be used for mounting any file system not containing
 approved binary files as they may be incompatible. Executing files from
 untrusted file systems increases the opportunity for unprivileged users to
-attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that are being NFS imported are configured with the
-&quot;noexec&quot; option.
+"noexec" option.
 
     Find the file system(s) that contain the directories being imported with
 the following command:
 
-    # more &#x2F;etc&#x2F;fstab | grep nfs
+    # more /etc/fstab | grep nfs
 
-    UUID&#x3D;e06097bb-cfcd-437b-9e4d-a691f5662a7d &#x2F;store nfs rw,noexec 0 0
+    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,noexec 0 0
 
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to NFS and it does not have
-the &quot;noexec&quot; option set, and use of NFS imported binaries is not documented
+    If a file system found in "/etc/fstab" refers to NFS and it does not have
+the "noexec" option set, and use of NFS imported binaries is not documented
 with the Information System Security Officer (ISSO) as an operational
 requirement, this is a finding.
 
-    Verify the NFS is mounted with the &quot;noexec&quot;option:
+    Verify the NFS is mounted with the "noexec"option:
 
     # mount | grep nfs | grep noexec
     If no results are returned and use of NFS imported binaries is not
 documented with the Information System Security Officer (ISSO) as an
-operational requirement, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;noexec&quot; option on
-file systems that are being imported via NFS.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0c212884-7050-4191-94b1-75437af096a0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72433</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87057r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041003</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+operational requirement, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "noexec" option on
+file systems that are being imported via NFS.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73161\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent binary\nfiles from being executed on file systems that are being imported via Network\nFile System (NFS).\"\n  desc  \"The \\\"noexec\\\" mount option causes the system to not execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that are being NFS imported are configured with the\n\\\"noexec\\\" option.\n\n    Find the file system(s) that contain the directories being imported with\nthe following command:\n\n    # more /etc/fstab | grep nfs\n\n    UUID=e06097bb-cfcd-437b-9e4d-a691f5662a7d /store nfs rw,noexec 0 0\n\n    If a file system found in \\\"/etc/fstab\\\" refers to NFS and it does not have\nthe \\\"noexec\\\" option set, and use of NFS imported binaries is not documented\nwith the Information System Security Officer (ISSO) as an operational\nrequirement, this is a finding.\n\n    Verify the NFS is mounted with the \\\"noexec\\\"option:\n\n    # mount | grep nfs | grep noexec\n    If no results are returned and use of NFS imported binaries is not\ndocumented with the Information System Security Officer (ISSO) as an\noperational requirement, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"noexec\\\" option on\nfile systems that are being imported via NFS.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-73161\"\n  tag rid: \"SV-87813r2_rule\"\n  tag stig_id: \"RHEL-07-021021\"\n  tag fix_id: \"F-79607r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n  if !nfs_systems.nil? and !nfs_systems.empty?\n    nfs_systems.each do |file_system|\n      describe file_system do\n        its ('mount_options') { should include 'noexec' }\n      end\n    end\n  else\n    describe \"No NFS file systems were found.\" do\n      subject { nfs_systems.nil? or nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72433</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87057r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
-certificate status checking for PKI authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+certificate status checking for PKI authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Using an authentication device, such as a CAC or token that is
 separate from the information system, ensures that even if the information
 system is compromised, that compromise will not affect credentials stored on
@@ -8821,534 +8428,505 @@ example, dial-up, broadband, and wireless.
     This requirement only applies to components where this is specific to the
 function of the device or has the concept of an organizational user (e.g., VPN,
 proxy capability). This does not apply to authentication for the purpose of
-configuring the device itself (management).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+configuring the device itself (management).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements certificate status checking for PKI
 authentication.
 
     Check to see if Online Certificate Status Protocol (OCSP) is enabled on the
 system with the following command:
 
-    # grep cert_policy &#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf | grep -v &quot;^#&quot;
+    # grep cert_policy /etc/pam_pkcs11/pam_pkcs11.conf | grep -v "^#"
 
-    cert_policy &#x3D; ca, ocsp_on, signature;
-    cert_policy &#x3D; ca, ocsp_on, signature;
-    cert_policy &#x3D; ca, ocsp_on, signature;
+    cert_policy = ca, ocsp_on, signature;
+    cert_policy = ca, ocsp_on, signature;
+    cert_policy = ca, ocsp_on, signature;
 
     There should be at least three lines returned.
 
-    If &quot;ocsp_on&quot; is not present in all uncommented &quot;cert_policy&quot; lines in
-&quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "ocsp_on" is not present in all uncommented "cert_policy" lines in
+"/etc/pam_pkcs11/pam_pkcs11.conf", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to do certificate status checking for PKI
 authentication.
 
-    Modify all of the &quot;cert_policy&quot; lines in
-&quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf&quot; to include &quot;ocsp_on&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9f3eaa77-f199-4436-9935-8bf4a922d417</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf is expected to exist
-expected File &#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72175</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86799r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030760</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Modify all of the "cert_policy" lines in
+"/etc/pam_pkcs11/pam_pkcs11.conf" to include "ocsp_on".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72433\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncertificate status checking for PKI authentication.\"\n  desc  \"Using an authentication device, such as a CAC or token that is\nseparate from the information system, ensures that even if the information\nsystem is compromised, that compromise will not affect credentials stored on\nthe authentication device.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD Common Access\nCard.\n\n    A privileged account is defined as an information system account with\nauthorizations of a privileged user.\n\n    Remote access is access to DoD nonpublic information systems by an\nauthorized user (or an information system) communicating through an external,\nnon-organization-controlled network. Remote access methods include, for\nexample, dial-up, broadband, and wireless.\n\n    This requirement only applies to components where this is specific to the\nfunction of the device or has the concept of an organizational user (e.g., VPN,\nproxy capability). This does not apply to authentication for the purpose of\nconfiguring the device itself (management).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements certificate status checking for PKI\nauthentication.\n\n    Check to see if Online Certificate Status Protocol (OCSP) is enabled on the\nsystem with the following command:\n\n    # grep cert_policy /etc/pam_pkcs11/pam_pkcs11.conf | grep -v \\\"^#\\\"\n\n    cert_policy = ca, ocsp_on, signature;\n    cert_policy = ca, ocsp_on, signature;\n    cert_policy = ca, ocsp_on, signature;\n\n    There should be at least three lines returned.\n\n    If \\\"ocsp_on\\\" is not present in all uncommented \\\"cert_policy\\\" lines in\n\\\"/etc/pam_pkcs11/pam_pkcs11.conf\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to do certificate status checking for PKI\nauthentication.\n\n    Modify all of the \\\"cert_policy\\\" lines in\n\\\"/etc/pam_pkcs11/pam_pkcs11.conf\\\" to include \\\"ocsp_on\\\".\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00160\", \"SRG-OS-000375-GPOS-00161\",\n\"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-72433\"\n  tag rid: \"SV-87057r5_rule\"\n  tag stig_id: \"RHEL-07-041003\"\n  tag fix_id: \"F-78785r3_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\", \"Rev_4\"]\n\n  smart_card_status = input('smart_card_status')\n\n  if smart_card_status.eql?('enabled')\n    impact 0.5\n    if ((pam_file = file('/etc/pam_pkcs11/pam_pkcs11.conf')).exist?)\n      cert_policy_lines = (pam_file.content.nil?)?[]:\n        pam_file.content.lines.grep(%r{^(?!.+#).*cert_policy}i)\n      if (cert_policy_lines.length &lt; 3)\n        describe \"should contain at least 3 cert policy lines\" do\n          subject { cert_policy_lines.length }\n          it { should &gt;= 3 }\n        end\n      else\n        describe \"each cert policy line should include oscp_on\" do\n          cert_policy_lines.each do |line|\n           subject { line }\n           it { should match %r{=[^;]*ocsp_on}i }\n\t  end\n        end\n      end\n    else\n      describe pam_file do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system is not smartcard enabled\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/pam_pkcs11/pam_pkcs11.conf is expected to exist :: MESSAGE expected File /etc/pam_pkcs11/pam_pkcs11.conf to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72175</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86799r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030760</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the postdrop command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the postdrop command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged postfix commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postdrop&quot; command occur.
+successful/unsuccessful attempts to use the "postdrop" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;postdrop &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/postdrop /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postdrop -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-postfix
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postdrop&quot; command occur.
+successful/unsuccessful attempts to use the "postdrop" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postdrop -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-postfix
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b36e260a-a75b-44ad-b29d-4570553c5465</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postdrop&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postdrop&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72129</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86753r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030530</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72175\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe postdrop command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged postfix commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"postdrop\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/sbin/postdrop /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-postfix\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"postdrop\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/postdrop -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-postfix\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72175\"\n  tag rid: \"SV-86799r4_rule\"\n  tag stig_id: \"RHEL-07-030760\"\n  tag fix_id: \"F-78529r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/postdrop'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/postdrop" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/postdrop" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72129</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86753r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030530</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the open_by_handle_at syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the open_by_handle_at syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open_by_handle_at&quot; syscall occur.
+successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw open_by_handle_at &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw open_by_handle_at /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;open_by_handle_at&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"open_by_handle_at" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open_by_handle_at&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EPERM -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open_by_handle_at -F exit&#x3D;-EACCES -F
-auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f1bc18de-ef7c-4cae-933d-99587df8ef0b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open_by_handle_at&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86855r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "open_by_handle_at" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F
+auid&gt;=1000 -F auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72129\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe open_by_handle_at syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"open_by_handle_at\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw open_by_handle_at /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"open_by_handle_at\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"open_by_handle_at\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EPERM -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open_by_handle_at -F exit=-EACCES -F\nauid&gt;=1000 -F auid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72129\"\n  tag rid: \"SV-86753r5_rule\"\n  tag stig_id: \"RHEL-07-030530\"\n  tag fix_id: \"F-78481r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"open_by_handle_at\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open_by_handle_at" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86855r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
 cryptography to protect the integrity of Lightweight Directory Access Protocol
-(LDAP) communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(LDAP) communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, information can be
 altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If LDAP is not being utilized, this requirement is Not Applicable.
 
     Verify the operating system implements cryptography to protect the
@@ -9359,626 +8937,601 @@ command:
 
     # systemctl status sssd.service
     sssd.service - System Security Services Daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sssd.service; enabled; vendor
+    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
 preset: disabled)
     Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago
 
-    If the &quot;sssd.service&quot; is &quot;active&quot;, then LDAP is being used.
+    If the "sssd.service" is "active", then LDAP is being used.
 
-    Determine the &quot;id_provider&quot; that the LDAP is currently using:
+    Determine the "id_provider" that the LDAP is currently using:
 
-    # grep -i &quot;id_provider&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i "id_provider" /etc/sssd/sssd.conf
 
-    id_provider &#x3D; ad
+    id_provider = ad
 
-    If &quot;id_provider&quot; is set to &quot;ad&quot;, this is Not Applicable.
+    If "id_provider" is set to "ad", this is Not Applicable.
 
     Check the path to the X.509 certificate for peer authentication with the
 following command:
 
-    # grep -i tls_cacert &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i tls_cacert /etc/sssd/sssd.conf
 
-    ldap_tls_cacert &#x3D; &#x2F;etc&#x2F;pki&#x2F;tls&#x2F;certs&#x2F;ca-bundle.crt
+    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt
 
-    Verify the &quot;ldap_tls_cacert&quot; option points to a file that contains the
+    Verify the "ldap_tls_cacert" option points to a file that contains the
 trusted CA certificate.
 
     If this file does not exist, or the option is commented out or missing,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement cryptography to protect the
 integrity of LDAP remote access sessions.
 
-    Add or modify the following line in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot;:
-
-    ldap_tls_cacert &#x3D; &#x2F;etc&#x2F;pki&#x2F;tls&#x2F;certs&#x2F;ca-bundle.crt</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a06d2b52-485b-449c-963c-b5cc4d6fa2c2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-LDAP not enabled
-LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72159</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86783r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030680</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the following line in "/etc/sssd/sssd.conf":
+
+    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72231\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncryptography to protect the integrity of Lightweight Directory Access Protocol\n(LDAP) communications.\"\n  desc  \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If LDAP is not being utilized, this requirement is Not Applicable.\n\n    Verify the operating system implements cryptography to protect the\nintegrity of remote LDAP access sessions.\n\n    To determine if LDAP is being used for authentication, use the following\ncommand:\n\n    # systemctl status sssd.service\n    sssd.service - System Security Services Daemon\n    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor\npreset: disabled)\n    Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago\n\n    If the \\\"sssd.service\\\" is \\\"active\\\", then LDAP is being used.\n\n    Determine the \\\"id_provider\\\" that the LDAP is currently using:\n\n    # grep -i \\\"id_provider\\\" /etc/sssd/sssd.conf\n\n    id_provider = ad\n\n    If \\\"id_provider\\\" is set to \\\"ad\\\", this is Not Applicable.\n\n    Check the path to the X.509 certificate for peer authentication with the\nfollowing command:\n\n    # grep -i tls_cacert /etc/sssd/sssd.conf\n\n    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt\n\n    Verify the \\\"ldap_tls_cacert\\\" option points to a file that contains the\ntrusted CA certificate.\n\n    If this file does not exist, or the option is commented out or missing,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement cryptography to protect the\nintegrity of LDAP remote access sessions.\n\n    Add or modify the following line in \\\"/etc/sssd/sssd.conf\\\":\n\n    ldap_tls_cacert = /etc/pki/tls/certs/ca-bundle.crt\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72231\"\n  tag rid: \"SV-86855r4_rule\"\n  tag stig_id: \"RHEL-07-040200\"\n  tag fix_id: \"F-78585r3_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  sssd_id_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*id_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  sssd_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*[a-z]*_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  pam_ldap_enabled = (!command('grep \"^[^#]*pam_ldap\\.so\" /etc/pam.d/*').stdout.strip.empty?)\n\n  if !(sssd_id_ldap_enabled or sssd_ldap_enabled or pam_ldap_enabled)\n    impact 0.0\n    describe \"LDAP not enabled\" do\n      skip \"LDAP not enabled using any known mechanisms, this control is Not Applicable.\"\n    end\n  end\n\n  if sssd_id_ldap_enabled\n    ldap_id_use_start_tls = command('grep ldap_id_use_start_tls /etc/sssd/sssd.conf')\n    describe ldap_id_use_start_tls do\n      its('stdout.strip') { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n    end\n\n    ldap_id_use_start_tls.stdout.strip.each_line do |line|\n      describe line do\n        it { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n      end\n    end\n  end\n\n  if sssd_ldap_enabled\n    ldap_tls_cacert = command('grep -i ldap_tls_cacert /etc/sssd/sssd.conf').\n      stdout.strip.scan(%r{^ldap_tls_cacert\\s*=\\s*(.*)}).last\n\n    describe \"ldap_tls_cacert\" do\n      subject { ldap_tls_cacert }\n      it { should_not eq nil }\n    end\n\n    describe file(ldap_tls_cacert.last) do\n      it { should exist }\n      it { should be_file }\n    end if !ldap_tls_cacert.nil?\n  end\n\n  if pam_ldap_enabled\n    tls_cacertfile = command('grep -i tls_cacertfile /etc/pam_ldap.conf').\n      stdout.strip.scan(%r{^tls_cacertfile\\s+(.*)}).last\n\n    describe \"tls_cacertfile\" do\n      subject { tls_cacertfile }\n      it { should_not eq nil }\n    end\n\n    describe file(tls_cacertfile.last) do\n      it { should exist }\n      it { should be_file }\n    end if !tls_cacertfile.nil?\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST LDAP not enabled :: SKIP_MESSAGE LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72159</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86783r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030680</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the su command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the su command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;su&quot; command occur.
+successful/unsuccessful attempts to use the "su" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;bin&#x2F;su &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/bin/su /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;su -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;su&quot; command occur.
+successful/unsuccessful attempts to use the "su" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;su -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e8963157-3fe3-495f-8178-89affbc47a9d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;su&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;su&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72115</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86739r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030460</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72159\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe su command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"su\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/bin/su /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"su\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/su -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72159\"\n  tag rid: \"SV-86783r5_rule\"\n  tag stig_id: \"RHEL-07-030680\"\n  tag fix_id: \"F-78511r6_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/su'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/su" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/su" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72115</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86739r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030460</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the lsetxattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the lsetxattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw lsetxattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw lsetxattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;lsetxattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"lsetxattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "lsetxattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ba25523b-f437-42e2-9cb0-9717223e9db8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-92253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-102355r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040612</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72115\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe lsetxattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"lsetxattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw lsetxattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"lsetxattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"lsetxattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S lsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72115\"\n  tag rid: \"SV-86739r5_rule\"\n  tag stig_id: \"RHEL-07-030460\"\n  tag fix_id: \"F-78467r10_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"lsetxattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"lsetxattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lsetxattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-92253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-102355r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040612</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a reverse-path
-filter for IPv4 network traffic when possible by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+filter for IPv4 network traffic when possible by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enabling reverse path filtering drops packets with source addresses
 that should not have been able to be received on the interface they were
 received on. It should not be used on systems which are routers for complicated
-networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system uses a reverse-path filter for IPv4:
 
-    # grep net.ipv4.conf.default.rp_filter &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
-    net.ipv4.conf.default.rp_filter &#x3D; 1
+    # grep net.ipv4.conf.default.rp_filter /etc/sysctl.conf /etc/sysctl.d/*
+    net.ipv4.conf.default.rp_filter = 1
 
-    If &quot;net.ipv4.conf.default.rp_filter&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;1&quot;, this is a finding.
+    If "net.ipv4.conf.default.rp_filter" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "1", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.default.rp_filter
-    net.ipv4.conf.default.rp_filter &#x3D; 1
+    # /sbin/sysctl -a | grep net.ipv4.conf.default.rp_filter
+    net.ipv4.conf.default.rp_filter = 1
 
-    If the returned line does not have a value of &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.rp_filter &#x3D; 1
+    net.ipv4.conf.default.rp_filter = 1
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3bcf9320-5998-455c-a858-2ade4c0938dd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.rp_filter value is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72223</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86847r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-92253\" do\n  title \"The Red Hat Enterprise Linux operating system must use a reverse-path\nfilter for IPv4 network traffic when possible by default.\"\n  desc  \"Enabling reverse path filtering drops packets with source addresses\nthat should not have been able to be received on the interface they were\nreceived on. It should not be used on systems which are routers for complicated\nnetworks, but is helpful for end hosts and routers serving small networks.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system uses a reverse-path filter for IPv4:\n\n    # grep net.ipv4.conf.default.rp_filter /etc/sysctl.conf /etc/sysctl.d/*\n    net.ipv4.conf.default.rp_filter = 1\n\n    If \\\"net.ipv4.conf.default.rp_filter\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"1\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.default.rp_filter\n    net.ipv4.conf.default.rp_filter = 1\n\n    If the returned line does not have a value of \\\"1\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.rp_filter = 1\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-92253\"\n  tag rid: \"SV-102355r1_rule\"\n  tag stig_id: \"RHEL-07-040612\"\n  tag fix_id: \"F-98475r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.rp_filter') do\n    its('value') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.rp_filter value is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72223</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86847r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all network connections associated with a communication session are
 terminated at the end of the session or after 10 minutes of inactivity from the
 user at a command prompt, except to fulfill documented and validated mission
-requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Terminating an idle session within a short time period reduces the
 window of opportunity for unauthorized personnel to take control of a
 management session enabled on the console or console port that has been left
@@ -9986,318 +9539,307 @@ unattended. In addition, quickly terminating an idle session will also free up
 resources committed by the managed network element.
 
     Terminating network connections associated with communications sessions
-includes, for example, de-allocating associated TCP&#x2F;IP address&#x2F;port pairs at
+includes, for example, de-allocating associated TCP/IP address/port pairs at
 the operating system level and de-allocating networking assignments at the
 application level if multiple application sessions are using a single operating
 system-level network connection. This does not mean that the operating system
 terminates all sessions or network access; it only ends the inactive session
-and releases the resources associated with that session.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and releases the resources associated with that session.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system terminates all network connections associated
 with a communications session at the end of the session or based on inactivity.
 
     Check the value of the system inactivity timeout with the following command:
 
-    # grep -i tmout &#x2F;etc&#x2F;profile.d&#x2F;*
+    # grep -i tmout /etc/profile.d/*
 
-    etc&#x2F;profile.d&#x2F;tmout.sh:TMOUT&#x3D;600
+    etc/profile.d/tmout.sh:TMOUT=600
 
-    &#x2F;etc&#x2F;profile.d&#x2F;tmout.sh:readonly TMOUT
+    /etc/profile.d/tmout.sh:readonly TMOUT
 
-    &#x2F;etc&#x2F;profile.d&#x2F;tmout.sh:export TMOUT
+    /etc/profile.d/tmout.sh:export TMOUT
 
-    If &quot;TMOUT&quot; is not set to &quot;600&quot; or less in a script located in the
-&#x2F;etc&#x2F;profile.d&#x2F; directory to enforce session termination after inactivity, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "TMOUT" is not set to "600" or less in a script located in the
+/etc/profile.d/ directory to enforce session termination after inactivity, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to terminate all network connections
 associated with a communications session at the end of the session or after a
 period of inactivity.
 
     Create a script to enforce the inactivity timeout (for example
-&#x2F;etc&#x2F;profile.d&#x2F;tmout.sh) such as:
+/etc/profile.d/tmout.sh) such as:
 
-    #!&#x2F;bin&#x2F;bash
+    #!/bin/bash
 
-    TMOUT&#x3D;600
+    TMOUT=600
     readonly TMOUT
-    export TMOUT</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>812fa482-9734-4360-b62d-9e5782d8f94a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Environment variable TMOUT is expected to be &lt;&#x3D; 600
---------------------------------
-passed
-The TMOUT setting is configured properly is expected to be &lt;&#x3D; 600</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71995</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00228</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86619r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    export TMOUT</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72223\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all network connections associated with a communication session are\nterminated at the end of the session or after 10 minutes of inactivity from the\nuser at a command prompt, except to fulfill documented and validated mission\nrequirements.\"\n  desc  \"Terminating an idle session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle session will also free up\nresources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean that the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system terminates all network connections associated\nwith a communications session at the end of the session or based on inactivity.\n\n    Check the value of the system inactivity timeout with the following command:\n\n    # grep -i tmout /etc/profile.d/*\n\n    etc/profile.d/tmout.sh:TMOUT=600\n\n    /etc/profile.d/tmout.sh:readonly TMOUT\n\n    /etc/profile.d/tmout.sh:export TMOUT\n\n    If \\\"TMOUT\\\" is not set to \\\"600\\\" or less in a script located in the\n/etc/profile.d/ directory to enforce session termination after inactivity, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to terminate all network connections\nassociated with a communications session at the end of the session or after a\nperiod of inactivity.\n\n    Create a script to enforce the inactivity timeout (for example\n/etc/profile.d/tmout.sh) such as:\n\n    #!/bin/bash\n\n    TMOUT=600\n    readonly TMOUT\n    export TMOUT\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000163-GPOS-00072\"\n  tag gid: \"V-72223\"\n  tag rid: \"SV-86847r4_rule\"\n  tag stig_id: \"RHEL-07-040160\"\n  tag fix_id: \"F-78577r5_fix\"\n  tag cci: [\"CCI-001133\", \"CCI-002361\"]\n  tag nist: [\"SC-10\", \"AC-12\", \"Rev_4\"]\n\n  system_activity_timeout = input('system_activity_timeout')\n\n  # Get current TMOUT environment variable (active test)\n  describe 'Environment variable TMOUT' do\n    subject { os_env('TMOUT').content.to_i }\n    it { should be &lt;= system_activity_timeout }\n  end\n\n  # Check if TMOUT is set in files (passive test)\n  files = ['/etc/bashrc'] + ['/etc/profile'] + command(\"find /etc/profile.d/*\").stdout.split(\"\\n\")\n  latest_val = nil\n\n  files.each do |file|\n    readonly = false\n\n    # Skip to next file if TMOUT isn't present. Otherwise, get the last occurrence of TMOUT\n    next if (values = command(\"grep -Po '.*TMOUT.*' #{file}\").stdout.split(\"\\n\")).empty?\n\n    # Loop through each TMOUT match and see if set TMOUT's value or makes it readonly\n    values.each_with_index { |value, index|\n\n      # Skip if starts with '#' - it represents a comment\n      next if !value.match(/^#/).nil?\n      # If readonly and value is inline - use that value\n      if !value.match(/^readonly[\\s]+TMOUT[\\s]*=[\\s]*[\\d]+$/).nil?\n        latest_val = value.match(/[\\d]+/)[0].to_i\n        readonly = true\n        break\n      # If readonly, but, value is not inline - use the most recent value\n      elsif !value.match(/^readonly[\\s]+([\\w]+[\\s]+)?TMOUT[\\s]*([\\s]+[\\w]+[\\s]*)*$/).nil?\n        # If the index is greater than 0, the configuraiton setting value.\n        # Otherwise, the configuration setting value is in the previous file\n        # and is already set in latest_val.\n        if index &gt;= 1\n          latest_val = values[index - 1].match(/[\\d]+/)[0].to_i\n        end\n        readonly = true\n        break\n      # Readonly is not set use the lastest value\n      else\n        latest_val = value.match(/[\\d]+/)[0].to_i\n      end\n    }\n   # Readonly is set - stop processing files\n    break if readonly === true\n  end\n\n  if latest_val.nil?\n    describe \"The TMOUT setting is configured\" do\n      subject { !latest_val.nil? }\n      it { should be true }\n    end\n  else\n    describe\"The TMOUT setting is configured properly\" do\n      subject { latest_val }\n      it { should be &lt;= system_activity_timeout }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Environment variable TMOUT is expected to be &lt;= 600
+--------------------------------
+passed :: TEST The TMOUT setting is configured properly is expected to be &lt;= 600</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71995</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00228</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86619r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must define default
 permissions for all authenticated users in such a way that the user can only
-read and modify their own files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+read and modify their own files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Setting the most restrictive default permissions ensures that when new
-accounts are created, they do not have unnecessary access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+accounts are created, they do not have unnecessary access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system defines default permissions for all
 authenticated users in such a way that the user can only read and modify their
 own files.
 
-    Check for the value of the &quot;UMASK&quot; parameter in &quot;&#x2F;etc&#x2F;login.defs&quot; file
+    Check for the value of the "UMASK" parameter in "/etc/login.defs" file
 with the following command:
 
-    Note: If the value of the &quot;UMASK&quot; parameter is set to &quot;000&quot; in
-&quot;&#x2F;etc&#x2F;login.defs&quot; file, the Severity is raised to a CAT I.
+    Note: If the value of the "UMASK" parameter is set to "000" in
+"/etc/login.defs" file, the Severity is raised to a CAT I.
 
-    # grep -i umask &#x2F;etc&#x2F;login.defs
+    # grep -i umask /etc/login.defs
     UMASK  077
 
-    If the value for the &quot;UMASK&quot; parameter is not &quot;077&quot;, or the &quot;UMASK&quot;
-parameter is missing or is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value for the "UMASK" parameter is not "077", or the "UMASK"
+parameter is missing or is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to define default permissions for all
 authenticated users in such a way that the user can only read and modify their
 own files.
 
-    Add or edit the line for the &quot;UMASK&quot; parameter in &quot;&#x2F;etc&#x2F;login.defs&quot;
-file to &quot;077&quot;:
-
-    UMASK  077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>76b439fe-c613-4218-8627-38eaef6ceb2b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs UMASK is expected to eq &quot;077&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72071</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86695r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or edit the line for the "UMASK" parameter in "/etc/login.defs"
+file to "077":
+
+    UMASK  077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71995\" do\n  title \"The Red Hat Enterprise Linux operating system must define default\npermissions for all authenticated users in such a way that the user can only\nread and modify their own files.\"\n  desc  \"Setting the most restrictive default permissions ensures that when new\naccounts are created, they do not have unnecessary access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system defines default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Check for the value of the \\\"UMASK\\\" parameter in \\\"/etc/login.defs\\\" file\nwith the following command:\n\n    Note: If the value of the \\\"UMASK\\\" parameter is set to \\\"000\\\" in\n\\\"/etc/login.defs\\\" file, the Severity is raised to a CAT I.\n\n    # grep -i umask /etc/login.defs\n    UMASK  077\n\n    If the value for the \\\"UMASK\\\" parameter is not \\\"077\\\", or the \\\"UMASK\\\"\nparameter is missing or is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to define default permissions for all\nauthenticated users in such a way that the user can only read and modify their\nown files.\n\n    Add or edit the line for the \\\"UMASK\\\" parameter in \\\"/etc/login.defs\\\"\nfile to \\\"077\\\":\n\n    UMASK  077\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00228\"\n  tag gid: \"V-71995\"\n  tag rid: \"SV-86619r2_rule\"\n  tag stig_id: \"RHEL-07-020240\"\n  tag fix_id: \"F-78347r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n\n  if login_defs.read_params[\"UMASK\"].eql?('000')\n    impact 0.7\n  else\n    impact 0.5\n  end\n  describe login_defs do\n    its('UMASK') { should eq '077' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs UMASK is expected to eq "077"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72071</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86695r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the file integrity tool is configured to verify extended attributes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the file integrity tool is configured to verify extended attributes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Extended attributes in file systems are used to contain arbitrary data
-and file metadata with security implications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and file metadata with security implications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file integrity tool is configured to verify extended attributes.
 
     Check to see if Advanced Intrusion Detection Environment (AIDE) is
@@ -10312,311 +9854,300 @@ checks are performed on the system.
 is a finding.
 
     Note: AIDE is highly configurable at install time. These commands assume
-the &quot;aide.conf&quot; file is under the &quot;&#x2F;etc&quot; directory.
+the "aide.conf" file is under the "/etc" directory.
 
     Use the following command to determine if the file is in another location:
 
-    # find &#x2F; -name aide.conf
+    # find / -name aide.conf
 
-    Check the &quot;aide.conf&quot; file to determine if the &quot;xattrs&quot; rule has been
+    Check the "aide.conf" file to determine if the "xattrs" rule has been
 added to the rule list being applied to the files and directories selection
 lists.
 
-    An example rule that includes the &quot;xattrs&quot; rule follows:
+    An example rule that includes the "xattrs" rule follows:
 
-    All&#x3D; p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
-    &#x2F;bin All # apply the custom rule to the files in bin
-    &#x2F;sbin All # apply the same custom rule to the files in sbin
+    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+    /bin All # apply the custom rule to the files in bin
+    /sbin All # apply the same custom rule to the files in sbin
 
-    If the &quot;xattrs&quot; rule is not being used on all uncommented selection lines
-in the &quot;&#x2F;etc&#x2F;aide.conf&quot; file, or extended attributes are not being checked by
-another file integrity tool, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "xattrs" rule is not being used on all uncommented selection lines
+in the "/etc/aide.conf" file, or extended attributes are not being checked by
+another file integrity tool, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to check file and directory extended
 attributes.
 
-    If AIDE is installed, ensure the &quot;xattrs&quot; rule is present on all
-uncommented file and directory selection lists.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ecd569e2-a7b1-43b9-b1af-82dc41ea2fec</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-List of monitored files&#x2F;directories without &#39;xattrs&#39; rule is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71929</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86553r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010250</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If AIDE is installed, ensure the "xattrs" rule is present on all
+uncommented file and directory selection lists.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72071\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the file integrity tool is configured to verify extended attributes.\"\n  desc  \"Extended attributes in file systems are used to contain arbitrary data\nand file metadata with security implications.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file integrity tool is configured to verify extended attributes.\n\n    Check to see if Advanced Intrusion Detection Environment (AIDE) is\ninstalled on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    If there is no application installed to perform file integrity checks, this\nis a finding.\n\n    Note: AIDE is highly configurable at install time. These commands assume\nthe \\\"aide.conf\\\" file is under the \\\"/etc\\\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    # find / -name aide.conf\n\n    Check the \\\"aide.conf\\\" file to determine if the \\\"xattrs\\\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \\\"xattrs\\\" rule follows:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \\\"xattrs\\\" rule is not being used on all uncommented selection lines\nin the \\\"/etc/aide.conf\\\" file, or extended attributes are not being checked by\nanother file integrity tool, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to check file and directory extended\nattributes.\n\n    If AIDE is installed, ensure the \\\"xattrs\\\" rule is present on all\nuncommented file and directory selection lists.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72071\"\n  tag rid: \"SV-86695r3_rule\"\n  tag stig_id: \"RHEL-07-021610\"\n  tag fix_id: \"F-78423r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe package(\"aide\") do\n    it { should be_installed }\n  end\n\n  findings = []\n  aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n    unless selection.rules.include? 'xattrs'\n      findings.append(selection.selection_line)\n    end\n  end\n\n  describe \"List of monitored files/directories without 'xattrs' rule\" do\n    subject { findings }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST List of monitored files/directories without 'xattrs' rule is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71929</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86553r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010250</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords for new users are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords for new users are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Any password, no matter how complex, can eventually be cracked.
 Therefore, passwords need to be changed periodically. If the operating system
 does not limit the lifetime of passwords and force users to change their
 passwords, there is the risk that the operating system passwords could be
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If passwords are not being used for authentication, this is Not Applicable.
 
     Verify the operating system enforces a 60-day maximum password lifetime
 restriction for new user accounts.
 
-    Check for the value of &quot;PASS_MAX_DAYS&quot; in &quot;&#x2F;etc&#x2F;login.defs&quot; with the
+    Check for the value of "PASS_MAX_DAYS" in "/etc/login.defs" with the
 following command:
 
-    # grep -i pass_max_days &#x2F;etc&#x2F;login.defs
+    # grep -i pass_max_days /etc/login.defs
     PASS_MAX_DAYS 60
 
-    If the &quot;PASS_MAX_DAYS&quot; parameter value is not 60 or less, or is commented
-out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PASS_MAX_DAYS" parameter value is not 60 or less, or is commented
+out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce a 60-day maximum password
 lifetime restriction.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;login.defs&quot; (or modify the line to have
+    Add the following line in "/etc/login.defs" (or modify the line to have
 the required value):
 
-    PASS_MAX_DAYS     60</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f789f6f0-6179-4b4c-8342-3a54d06dc675</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs PASS_MAX_DAYS.to_i is expected to cmp &lt;&#x3D; 60</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71985</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86609r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    PASS_MAX_DAYS     60</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71929\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords for new users are restricted to a 60-day maximum lifetime.\"\n  desc  \"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If the operating system\ndoes not limit the lifetime of passwords and force users to change their\npasswords, there is the risk that the operating system passwords could be\ncompromised.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If passwords are not being used for authentication, this is Not Applicable.\n\n    Verify the operating system enforces a 60-day maximum password lifetime\nrestriction for new user accounts.\n\n    Check for the value of \\\"PASS_MAX_DAYS\\\" in \\\"/etc/login.defs\\\" with the\nfollowing command:\n\n    # grep -i pass_max_days /etc/login.defs\n    PASS_MAX_DAYS 60\n\n    If the \\\"PASS_MAX_DAYS\\\" parameter value is not 60 or less, or is commented\nout, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce a 60-day maximum password\nlifetime restriction.\n\n    Add the following line in \\\"/etc/login.defs\\\" (or modify the line to have\nthe required value):\n\n    PASS_MAX_DAYS     60\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000076-GPOS-00044\"\n  tag gid: \"V-71929\"\n  tag rid: \"SV-86553r2_rule\"\n  tag stig_id: \"RHEL-07-010250\"\n  tag fix_id: \"F-78281r1_fix\"\n  tag cci: [\"CCI-000199\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  describe login_defs do\n    its('PASS_MAX_DAYS.to_i') { should cmp &lt;= 60 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs PASS_MAX_DAYS.to_i is expected to cmp &lt;= 60</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71985</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86609r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must disable the file
-system automounter unless required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system automounter unless required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Automatically mounting file systems permits easy introduction of
-unknown devices, thereby facilitating malicious activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unknown devices, thereby facilitating malicious activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system disables the ability to automount devices.
 
     Check to see if automounter service is active with the following command:
 
     # systemctl status autofs
     autofs.service - Automounts filesystems on demand
-       Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;autofs.service; disabled)
+       Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)
        Active: inactive (dead)
 
-    If the &quot;autofs&quot; status is set to &quot;active&quot; and is not documented with
+    If the "autofs" status is set to "active" and is not documented with
 the Information System Security Officer (ISSO) as an operational requirement,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable the ability to automount devices.
 
     Turn off the automount service with the following commands:
@@ -10624,143 +10155,136 @@ this is a finding.</ATTRIBUTE_DATA>
     # systemctl stop autofs
     # systemctl disable autofs
 
-    If &quot;autofs&quot; is required for Network File System (NFS), it must be
-documented with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>50302953-1bfa-4e2a-a791-8db4ce85a5e2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service autofs.service is expected not to be running
---------------------------------
-passed
-Service autofs.service is expected not to be enabled
---------------------------------
-passed
-Service autofs.service is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71993</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86617r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If "autofs" is required for Network File System (NFS), it must be
+documented with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71985\" do\n  title \"The Red Hat Enterprise Linux operating system must disable the file\nsystem automounter unless required.\"\n  desc  \"Automatically mounting file systems permits easy introduction of\nunknown devices, thereby facilitating malicious activity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system disables the ability to automount devices.\n\n    Check to see if automounter service is active with the following command:\n\n    # systemctl status autofs\n    autofs.service - Automounts filesystems on demand\n       Loaded: loaded (/usr/lib/systemd/system/autofs.service; disabled)\n       Active: inactive (dead)\n\n    If the \\\"autofs\\\" status is set to \\\"active\\\" and is not documented with\nthe Information System Security Officer (ISSO) as an operational requirement,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable the ability to automount devices.\n\n    Turn off the automount service with the following commands:\n\n    # systemctl stop autofs\n    # systemctl disable autofs\n\n    If \\\"autofs\\\" is required for Network File System (NFS), it must be\ndocumented with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000114-GPOS-00059\"\n  tag satisfies: [\"SRG-OS-000114-GPOS-00059\", \"SRG-OS-000378-GPOS-00163\",\n\"SRG-OS-000480-GPOS-00227\"]\n  tag gid: \"V-71985\"\n  tag rid: \"SV-86609r2_rule\"\n  tag stig_id: \"RHEL-07-020110\"\n  tag fix_id: \"F-78337r2_fix\"\n  tag cci: [\"CCI-000366\", \"CCI-000778\", \"CCI-001958\"]\n  tag nist: [\"CM-6 b\", \"IA-3\", \"IA-3\", \"Rev_4\"]\n\n  describe systemd_service('autofs.service') do\n    it { should_not be_running }\n    it { should_not be_enabled }\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service autofs.service is expected not to be running
+--------------------------------
+passed :: TEST Service autofs.service is expected not to be enabled
+--------------------------------
+passed :: TEST Service autofs.service is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71993</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86617r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A locally logged-on user who presses Ctrl-Alt-Delete, when at the
 console, can reboot the system. If accidentally pressed, as could happen in the
 case of a mixed OS environment, this can create the risk of short-term loss of
 availability of systems due to unintentional reboot. In the GNOME graphical
 environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is
-reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system is not configured to reboot the system when
 Ctrl-Alt-Delete is pressed.
 
@@ -10770,870 +10294,816 @@ following command:
     # systemctl status ctrl-alt-del.target
 
     ctrl-alt-del.target
-    Loaded: masked (&#x2F;dev&#x2F;null; bad)
+    Loaded: masked (/dev/null; bad)
     Active: inactive (dead)
 
     If the ctrl-alt-del.target is not masked, this is a finding.
 
-    If the ctrl-alt-del.target is active, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the ctrl-alt-del.target is active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to disable the Ctrl-Alt-Delete sequence for the
 command line with the following command:
 
-    # systemctl mask ctrl-alt-del.target</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3e95e825-0566-4622-b022-a21128a2df25</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service ctrl-alt-del.target is expected not to be running
---------------------------------
-passed
-Service ctrl-alt-del.target is expected not to be enabled</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000327-GPOS-00127</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86719r7_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030360</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl mask ctrl-alt-del.target</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71993\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the x86 Ctrl-Alt-Delete key sequence is disabled on the command line.\"\n  desc  \"A locally logged-on user who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In the GNOME graphical\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system is not configured to reboot the system when\nCtrl-Alt-Delete is pressed.\n\n    Check that the ctrl-alt-del.target is masked and not active with the\nfollowing command:\n\n    # systemctl status ctrl-alt-del.target\n\n    ctrl-alt-del.target\n    Loaded: masked (/dev/null; bad)\n    Active: inactive (dead)\n\n    If the ctrl-alt-del.target is not masked, this is a finding.\n\n    If the ctrl-alt-del.target is active, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to disable the Ctrl-Alt-Delete sequence for the\ncommand line with the following command:\n\n    # systemctl mask ctrl-alt-del.target\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71993\"\n  tag rid: \"SV-86617r5_rule\"\n  tag stig_id: \"RHEL-07-020230\"\n  tag fix_id: \"F-78345r6_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe systemd_service('ctrl-alt-del.target') do\n    it { should_not be_running }\n    it { should_not be_enabled }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service ctrl-alt-del.target is expected not to be running
+--------------------------------
+passed :: TEST Service ctrl-alt-del.target is expected not to be enabled</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000327-GPOS-00127</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86719r7_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030360</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all
-executions of privileged functions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+executions of privileged functions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Misuse of privileged functions, either intentionally or
 unintentionally by authorized users, or by unauthorized external entities that
 have compromised information system accounts, is a serious and ongoing concern
 and can have significant adverse impacts on organizations. Auditing the use of
 privileged functions is one way to detect such misuse and identify the risk
-from insider threats and the advanced persistent threat.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+from insider threats and the advanced persistent threat.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system audits the execution of privileged functions
 using the following command:
 
-    # grep -iw execve &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw execve /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b64 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b32 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
-    -a always,exit -F arch&#x3D;b64 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
+    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid
+    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid
 
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules for &quot;SUID&quot; files are not
+    If both the "b32" and "b64" audit rules for "SUID" files are not
 defined, this is a finding.
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules for &quot;SGID&quot; files are not
-defined, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules for "SGID" files are not
+defined, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to audit the execution of privileged
 functions.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b64 -S execve -C uid!&#x3D;euid -F euid&#x3D;0 -k setuid
-    -a always,exit -F arch&#x3D;b32 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
-    -a always,exit -F arch&#x3D;b64 -S execve -C gid!&#x3D;egid -F egid&#x3D;0 -k setgid
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>40f4f393-94bc-4968-bfe9-f5a026aded1f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002234</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; action.uniq is expected to eq [&quot;always&quot;]
-
-expected: [&quot;always&quot;]
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid
+    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid
+    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72095\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all\nexecutions of privileged functions.\"\n  desc  \"Misuse of privileged functions, either intentionally or\nunintentionally by authorized users, or by unauthorized external entities that\nhave compromised information system accounts, is a serious and ongoing concern\nand can have significant adverse impacts on organizations. Auditing the use of\nprivileged functions is one way to detect such misuse and identify the risk\nfrom insider threats and the advanced persistent threat.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system audits the execution of privileged functions\nusing the following command:\n\n    # grep -iw execve /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid\n\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules for \\\"SUID\\\" files are not\ndefined, this is a finding.\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules for \\\"SGID\\\" files are not\ndefined, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to audit the execution of privileged\nfunctions.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid\n    -a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid\n    -a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000327-GPOS-00127\"\n  tag gid: \"V-72095\"\n  tag rid: \"SV-86719r7_rule\"\n  tag stig_id: \"RHEL-07-030360\"\n  tag fix_id: \"F-78447r9_fix\"\n  tag cci: [\"CCI-002234\"]\n  tag nist: [\"AC-6 (9)\", \"Rev_4\"]\n\n  # All execve calls should use 'always,exit'\n  describe auditd.syscall('execve') do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n\n  # Work with the SUID rules\n  describe auditd.syscall('execve').where { fields.include?('euid=0') } do\n    its ('arch.uniq') { should include 'b32' }\n    its ('arch.uniq') { should include 'b64' }\n  end\n\n  # Work with the SGID rules\n  describe auditd.syscall('execve').where { fields.include?('egid=0') } do\n    its ('arch.uniq') { should include 'b32' }\n    its ('arch.uniq') { should include 'b64' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002234</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "execve" action.uniq is expected to eq ["always"] :: MESSAGE 
+expected: ["always"]
      got: []
 
-(compared using &#x3D;&#x3D;)
+(compared using ==)
 
 --------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; list.uniq is expected to eq [&quot;exit&quot;]
-
-expected: [&quot;exit&quot;]
+passed :: TEST Auditd Rules with syscall == "execve" list.uniq is expected to eq ["exit"] :: MESSAGE 
+expected: ["exit"]
      got: []
 
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;euid&#x3D;0&quot; arch.uniq is expected to include &quot;b32&quot;
-expected [] to include &quot;b32&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;euid&#x3D;0&quot; arch.uniq is expected to include &quot;b64&quot;
-expected [] to include &quot;b64&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;egid&#x3D;0&quot; arch.uniq is expected to include &quot;b32&quot;
-expected [] to include &quot;b32&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;execve&quot; fields include? &quot;egid&#x3D;0&quot; arch.uniq is expected to include &quot;b64&quot;
-expected [] to include &quot;b64&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72127</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86751r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030520</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using ==)
+
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "euid=0" arch.uniq is expected to include "b32" :: MESSAGE expected [] to include "b32"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "euid=0" arch.uniq is expected to include "b64" :: MESSAGE expected [] to include "b64"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "egid=0" arch.uniq is expected to include "b32" :: MESSAGE expected [] to include "b32"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "execve" fields include? "egid=0" arch.uniq is expected to include "b64" :: MESSAGE expected [] to include "b64"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72127</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86751r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030520</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the openat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the openat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;openat&quot; syscall occur.
+successful/unsuccessful attempts to use the "openat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw openat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw openat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;openat&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"openat" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;openat&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S openat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5ae9c1d1-b011-4eaa-a869-685ae6be7c50</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;openat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72167</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86791r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030720</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "openat" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72127\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe openat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"openat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw openat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"openat\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"openat\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S openat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72127\"\n  tag rid: \"SV-86751r5_rule\"\n  tag stig_id: \"RHEL-07-030520\"\n  tag fix_id: \"F-78479r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"openat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"openat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"openat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"openat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "openat" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72167</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86791r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030720</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chsh command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chsh command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chsh&quot; command occur.
+successful/unsuccessful attempts to use the "chsh" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;chsh &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/chsh /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chsh -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chsh&quot; command occur.
+successful/unsuccessful attempts to use the "chsh" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chsh -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>dabca97b-7f42-42d5-8223-67ec7bc169f2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chsh&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chsh&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73171</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87823r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030873</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72167\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chsh command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chsh\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -i /usr/bin/chsh /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chsh\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/chsh -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72167\"\n  tag rid: \"SV-86791r4_rule\"\n  tag stig_id: \"RHEL-07-030720\"\n  tag fix_id: \"F-78521r5_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/chsh'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/chsh" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/chsh" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73171</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87823r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030873</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;shadow.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/shadow.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;shadow.
+/etc/shadow.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;shadow &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/shadow /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;shadow -p wa -k identity
+    -w /etc/shadow -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;shadow.
+/etc/shadow.
 
     Add or update the following file system rule in
-&quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;shadow -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ccd0b9b4-8330-47ab-8787-d108357abd85</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;shadow&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;shadow&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72297</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86921r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040680</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/audit/rules.d/audit.rules":
+
+    -w /etc/shadow -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73171\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/shadow.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/shadow.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/shadow /etc/audit/audit.rules\n\n    -w /etc/shadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/shadow.\n\n    Add or update the following file system rule in\n\\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/shadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73171\"\n  tag rid: \"SV-87823r4_rule\"\n  tag stig_id: \"RHEL-07-030873\"\n  tag fix_id: \"F-79617r4_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/shadow'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/shadow" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/shadow" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72297</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86921r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040680</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-prevent unrestricted mail relaying.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+prevent unrestricted mail relaying.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If unrestricted mail relaying is permitted, unauthorized senders could
 use this host as a mail relay for the purpose of sending spam or other
-unauthorized activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system is configured to prevent unrestricted mail relaying.
 
-    Determine if &quot;postfix&quot; is installed with the following commands:
+    Determine if "postfix" is installed with the following commands:
 
     # yum list installed postfix
     postfix-2.6.6-6.el7.x86_64.rpm
@@ -11644,474 +11114,449 @@ unauthorized activity.</ATTRIBUTE_DATA>
 connections from unknown or untrusted networks with the following command:
 
     # postconf -n smtpd_client_restrictions
-    smtpd_client_restrictions &#x3D; permit_mynetworks, reject
-
-    If the &quot;smtpd_client_restrictions&quot; parameter contains any entries other
-than &quot;permit_mynetworks&quot; and &quot;reject&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If &quot;postfix&quot; is installed, modify the &quot;&#x2F;etc&#x2F;postfix&#x2F;main.cf&quot; file to
+    smtpd_client_restrictions = permit_mynetworks, reject
+
+    If the "smtpd_client_restrictions" parameter contains any entries other
+than "permit_mynetworks" and "reject", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If "postfix" is installed, modify the "/etc/postfix/main.cf" file to
 restrict client connections to the local network with the following command:
 
-    # postconf -e &#39;smtpd_client_restrictions &#x3D; permit_mynetworks,reject&#39;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>85815a08-d1d5-46cc-9caa-9844e229cf79</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;postconf -n smtpd_client_restrictions&#x60; stdout.strip is expected to match &#x2F;^smtpd_client_restrictions\s+&#x3D;\s+permit_mynetworks,\s*reject\s*$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72163</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86787r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72297\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nprevent unrestricted mail relaying.\"\n  desc  \"If unrestricted mail relaying is permitted, unauthorized senders could\nuse this host as a mail relay for the purpose of sending spam or other\nunauthorized activity.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system is configured to prevent unrestricted mail relaying.\n\n    Determine if \\\"postfix\\\" is installed with the following commands:\n\n    # yum list installed postfix\n    postfix-2.6.6-6.el7.x86_64.rpm\n\n    If postfix is not installed, this is Not Applicable.\n\n    If postfix is installed, determine if it is configured to reject\nconnections from unknown or untrusted networks with the following command:\n\n    # postconf -n smtpd_client_restrictions\n    smtpd_client_restrictions = permit_mynetworks, reject\n\n    If the \\\"smtpd_client_restrictions\\\" parameter contains any entries other\nthan \\\"permit_mynetworks\\\" and \\\"reject\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    If \\\"postfix\\\" is installed, modify the \\\"/etc/postfix/main.cf\\\" file to\nrestrict client connections to the local network with the following command:\n\n    # postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72297\"\n  tag rid: \"SV-86921r3_rule\"\n  tag stig_id: \"RHEL-07-040680\"\n  tag fix_id: \"F-78651r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  # Only permit_mynetworks and reject should be allowed\n  describe.one do\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+permit_mynetworks,\\s*reject\\s*$} }\n    end\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+permit_mynetworks\\s*$} }\n    end\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+reject\\s*$} }\n    end\n    describe command('postconf -n smtpd_client_restrictions') do\n      its('stdout.strip') { should match %r{^smtpd_client_restrictions\\s+=\\s+reject,\\s*permit_mynetworks\\s*$} }\n    end\n  end if package('postfix').installed?\n\n  describe \"The `postfix` package is not installed\" do\n    skip \"The `postfix` package is not installed, this control is Not Applicable\"\n  end if !package('postfix').installed?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `postconf -n smtpd_client_restrictions` stdout.strip is expected to match /^smtpd_client_restrictions\s+=\s+permit_mynetworks,\s*reject\s*$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72163</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86787r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the sudoers file and all files in the &#x2F;etc&#x2F;sudoers.d&#x2F; directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the sudoers file and all files in the /etc/sudoers.d/ directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to access the &quot;&#x2F;etc&#x2F;sudoers&quot; file and files
-in the &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;&quot; directory.
+successful/unsuccessful attempts to access the "/etc/sudoers" file and files
+in the "/etc/sudoers.d/" directory.
 
     Check for modification of the following files being audited by performing
 the following commands to check the file system rules in
-&quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+"/etc/audit/audit.rules":
 
-    # grep -i &quot;&#x2F;etc&#x2F;sudoers&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i "/etc/sudoers" /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;sudoers -p wa -k privileged-actions
+    -w /etc/sudoers -p wa -k privileged-actions
 
-    # grep -i &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i "/etc/sudoers.d/" /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;sudoers.d&#x2F; -p wa -k privileged-actions
+    -w /etc/sudoers.d/ -p wa -k privileged-actions
 
     If the commands do not return output that match the examples, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to access the &quot;&#x2F;etc&#x2F;sudoers&quot; file and files
-in the &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;&quot; directory.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;sudoers -p wa -k privileged-actions
-
-    -w &#x2F;etc&#x2F;sudoers.d&#x2F; -p wa -k privileged-actions
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>853d4487-f4b7-4f18-bb4e-424bbd68e1f5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers.d&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;sudoers.d&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72109</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86733r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to access the "/etc/sudoers" file and files
+in the "/etc/sudoers.d/" directory.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/sudoers -p wa -k privileged-actions
+
+    -w /etc/sudoers.d/ -p wa -k privileged-actions
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72163\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe sudoers file and all files in the /etc/sudoers.d/ directory.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to access the \\\"/etc/sudoers\\\" file and files\nin the \\\"/etc/sudoers.d/\\\" directory.\n\n    Check for modification of the following files being audited by performing\nthe following commands to check the file system rules in\n\\\"/etc/audit/audit.rules\\\":\n\n    # grep -i \\\"/etc/sudoers\\\" /etc/audit/audit.rules\n\n    -w /etc/sudoers -p wa -k privileged-actions\n\n    # grep -i \\\"/etc/sudoers.d/\\\" /etc/audit/audit.rules\n\n    -w /etc/sudoers.d/ -p wa -k privileged-actions\n\n    If the commands do not return output that match the examples, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to access the \\\"/etc/sudoers\\\" file and files\nin the \\\"/etc/sudoers.d/\\\" directory.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/sudoers -p wa -k privileged-actions\n\n    -w /etc/sudoers.d/ -p wa -k privileged-actions\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72163\"\n  tag rid: \"SV-86787r5_rule\"\n  tag stig_id: \"RHEL-07-030700\"\n  tag fix_id: \"F-78517r6_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_files = ['/etc/sudoers', '/etc/sudoers.d']\n\n  if audit_files.any? { |audit_file| file(audit_file).exist? }\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  audit_files.each do |audit_file|\n    describe auditd.file(audit_file) do\n      its('permissions') { should_not cmp [] }\n      its('action') { should_not include 'never' }\n    end if file(audit_file).exist?\n\n    # Resource creates data structure including all usages of file\n    perms = auditd.file(audit_file).permissions\n\n    perms.each do |perm|\n      describe perm do\n        it { should include 'w' }\n        it { should include 'a' }\n      end\n    end if file(audit_file).exist?\n  end\n\n  describe \"The #{audit_files} files do not exist\" do\n    skip \"The #{audit_files} files do not exist, this requirement is Not Applicable.\"\n  end if !audit_files.any? { |audit_file| file(audit_file).exist? }\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/sudoers" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/sudoers" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/sudoers.d" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/sudoers.d" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72109</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86733r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchmodat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchmodat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmodat&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmodat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following command:
 
-    # grep -iw fchmodat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchmodat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchmodat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchmodat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmodat&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmodat" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmodat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>97a743cb-2a10-4eb4-88c9-b4b75fa43235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmodat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71999</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86623r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020260</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72109\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchmodat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmodat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing command:\n\n    # grep -iw fchmodat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchmodat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmodat\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmodat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72109\"\n  tag rid: \"SV-86733r5_rule\"\n  tag stig_id: \"RHEL-07-030430\"\n  tag fix_id: \"F-78461r8_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchmodat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchmodat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmodat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71999</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86623r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020260</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system security patches and
-updates must be installed and up to date.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+updates must be installed and up to date.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Timely patching is critical for maintaining the operational
 availability, confidentiality, and integrity of information technology (IT)
 systems. However, failure to keep operating system and application software
@@ -12121,20 +11566,20 @@ keep abreast of all the new patches. When new weaknesses in an operating system
 exist, patches are usually made available by the vendor to resolve the
 problems. If the most recent security patches and updates are not installed,
 unauthorized users may take advantage of weaknesses in the unpatched software.
-The lack of prompt attention to patching could result in a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The lack of prompt attention to patching could result in a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system security patches and updates are installed and
 up to date. Updates are required to be applied with a frequency determined by
 the site or Program Management Office (PMO).
 
     Obtain the list of available package security updates from Red Hat. The URL
-for updates is https:&#x2F;&#x2F;rhn.redhat.com&#x2F;errata&#x2F;. It is important to note that
+for updates is https://rhn.redhat.com/errata/. It is important to note that
 updates provided by Red Hat may not be present on the system if the underlying
 packages are not installed.
 
@@ -12157,228 +11602,201 @@ Altered
 84 EE
 
     If package updates have not been performed on the system within the
-timeframe that the site&#x2F;program documentation requires, this is a finding.
+timeframe that the site/program documentation requires, this is a finding.
 
     Typical update frequency may be overridden by Information Assurance
 Vulnerability Alert (IAVA) notifications from CYBERCOM.
 
     If the operating system is in non-compliance with the Information Assurance
-Vulnerability Management (IAVM) process, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Vulnerability Management (IAVM) process, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install the operating system patches or updated packages
-available from Red Hat within 30 days or sooner as local policy dictates.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fd82c02b-91fe-4e6f-ae0f-7ef1ddea9279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-List of out-of-date packages is expected to be empty
-expected &#x60;[&quot;bind-export-libs&quot;, &quot;device-mapper&quot;, &quot;device-mapper-libs&quot;, &quot;python-requests&quot;, &quot;systemd&quot;, &quot;puppet5-release&quot;, &quot;systemd-sysv&quot;, &quot;systemd-libs&quot;, &quot;libgudev1&quot;, &quot;rh-amazon-rhui-client&quot;].empty?&#x60; to return true, got false
---------------------------------
-passed
-System Package bind-export-libs version is expected to eq &quot;9.11.4-16.P2.el7_8.2&quot;
-
-expected: &quot;9.11.4-16.P2.el7_8.2&quot;
-     got: &quot;9.11.4-16.P2.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package device-mapper version is expected to eq &quot;1.02.164-7.el7_8.1&quot;
-
-expected: &quot;1.02.164-7.el7_8.1&quot;
-     got: &quot;1.02.164-7.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package device-mapper-libs version is expected to eq &quot;1.02.164-7.el7_8.1&quot;
-
-expected: &quot;1.02.164-7.el7_8.1&quot;
-     got: &quot;1.02.164-7.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package python-requests version is expected to eq &quot;2.6.0-9.el7_8&quot;
-
-expected: &quot;2.6.0-9.el7_8&quot;
-     got: &quot;2.6.0-8.el7_7&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package systemd version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package puppet5-release version is expected to eq &quot;5.0.0-11.el6&quot;
-
-expected: &quot;5.0.0-11.el6&quot;
-     got: &quot;5.0.0-4.el6&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package systemd-sysv version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package systemd-libs version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package libgudev1 version is expected to eq &quot;219-73.el7_8.5&quot;
-
-expected: &quot;219-73.el7_8.5&quot;
-     got: &quot;219-73.el7.1&quot;
-
-(compared using &#x3D;&#x3D;)
-
---------------------------------
-passed
-System Package rh-amazon-rhui-client version is expected to eq &quot;3.0.26-1.el7&quot;
-
-expected: &quot;3.0.26-1.el7&quot;
-     got: &quot;3.0.18-1.el7&quot;
-
-(compared using &#x3D;&#x3D;)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72073</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86697r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+available from Red Hat within 30 days or sooner as local policy dictates.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71999\" do\n  title \"The Red Hat Enterprise Linux operating system security patches and\nupdates must be installed and up to date.\"\n  desc  \"Timely patching is critical for maintaining the operational\navailability, confidentiality, and integrity of information technology (IT)\nsystems. However, failure to keep operating system and application software\npatched is a common mistake made by IT professionals. New patches are released\ndaily, and it is often difficult for even experienced System Administrators to\nkeep abreast of all the new patches. When new weaknesses in an operating system\nexist, patches are usually made available by the vendor to resolve the\nproblems. If the most recent security patches and updates are not installed,\nunauthorized users may take advantage of weaknesses in the unpatched software.\nThe lack of prompt attention to patching could result in a system compromise.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system security patches and updates are installed and\nup to date. Updates are required to be applied with a frequency determined by\nthe site or Program Management Office (PMO).\n\n    Obtain the list of available package security updates from Red Hat. The URL\nfor updates is https://rhn.redhat.com/errata/. It is important to note that\nupdates provided by Red Hat may not be present on the system if the underlying\npackages are not installed.\n\n    Check that the available package security updates have been installed on\nthe system with the following command:\n\n    # yum history list | more\n    Loaded plugins: langpacks, product-id, subscription-manager\n    ID     | Command line             | Date and time    | Action(s)      |\nAltered\n\n-------------------------------------------------------------------------------\n        70 | install aide             | 2016-05-05 10:58 | Install       |\n1\n        69 | update -y                | 2016-05-04 14:34 | Update     |   18 EE\n        68 | install vlc                | 2016-04-21 17:12 | Install        |\n21\n        67 | update -y                | 2016-04-21 17:04 | Update     |     7 EE\n        66 | update -y                | 2016-04-15 16:47 | E, I, U         |\n84 EE\n\n    If package updates have not been performed on the system within the\ntimeframe that the site/program documentation requires, this is a finding.\n\n    Typical update frequency may be overridden by Information Assurance\nVulnerability Alert (IAVA) notifications from CYBERCOM.\n\n    If the operating system is in non-compliance with the Information Assurance\nVulnerability Management (IAVM) process, this is a finding.\n  \"\n  desc  \"fix\", \"Install the operating system patches or updated packages\navailable from Red Hat within 30 days or sooner as local policy dictates.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71999\"\n  tag rid: \"SV-86623r4_rule\"\n  tag stig_id: \"RHEL-07-020260\"\n  tag fix_id: \"F-78351r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  updates = linux_update.updates\n  package_names = updates.map { |h| h['name'] }\n\n  describe.one do\n    describe 'List of out-of-date packages' do\n      subject { package_names }\n      it { should be_empty }\n    end\n\n    updates.each do |update|\n      describe package(update['name']) do\n        its('version') { should eq update['version'] }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST List of out-of-date packages is expected to be empty :: MESSAGE expected `["bind-export-libs", "device-mapper", "device-mapper-libs", "python-requests", "systemd", "puppet5-release", "systemd-sysv", "systemd-libs", "libgudev1", "rh-amazon-rhui-client"].empty?` to return true, got false
+--------------------------------
+passed :: TEST System Package bind-export-libs version is expected to eq "9.11.4-16.P2.el7_8.2" :: MESSAGE 
+expected: "9.11.4-16.P2.el7_8.2"
+     got: "9.11.4-16.P2.el7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package device-mapper version is expected to eq "1.02.164-7.el7_8.1" :: MESSAGE 
+expected: "1.02.164-7.el7_8.1"
+     got: "1.02.164-7.el7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package device-mapper-libs version is expected to eq "1.02.164-7.el7_8.1" :: MESSAGE 
+expected: "1.02.164-7.el7_8.1"
+     got: "1.02.164-7.el7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package python-requests version is expected to eq "2.6.0-9.el7_8" :: MESSAGE 
+expected: "2.6.0-9.el7_8"
+     got: "2.6.0-8.el7_7"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package systemd version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package puppet5-release version is expected to eq "5.0.0-11.el6" :: MESSAGE 
+expected: "5.0.0-11.el6"
+     got: "5.0.0-4.el6"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package systemd-sysv version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package systemd-libs version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package libgudev1 version is expected to eq "219-73.el7_8.5" :: MESSAGE 
+expected: "219-73.el7_8.5"
+     got: "219-73.el7.1"
+
+(compared using ==)
+
+--------------------------------
+passed :: TEST System Package rh-amazon-rhui-client version is expected to eq "3.0.26-1.el7" :: MESSAGE 
+expected: "3.0.26-1.el7"
+     got: "3.0.18-1.el7"
+
+(compared using ==)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72073</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86697r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a file
 integrity tool that is configured to use FIPS 140-2 approved cryptographic
-hashes for validating file contents and directories.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+hashes for validating file contents and directories.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>File integrity tools use cryptographic hashes for verifying file
 contents and directories have not been altered. These hashes must be FIPS 140-2
-approved cryptographic hashes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+approved cryptographic hashes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file integrity tool is configured to use FIPS 140-2 approved
 cryptographic hashes for validating file contents and directories.
 
@@ -12398,147 +11816,140 @@ checks are performed on the system.
 is a finding.
 
     Note: AIDE is highly configurable at install time. These commands assume
-the &quot;aide.conf&quot; file is under the &quot;&#x2F;etc&quot; directory.
+the "aide.conf" file is under the "/etc" directory.
 
     Use the following command to determine if the file is in another location:
 
-    # find &#x2F; -name aide.conf
+    # find / -name aide.conf
 
-    Check the &quot;aide.conf&quot; file to determine if the &quot;sha512&quot; rule has been
+    Check the "aide.conf" file to determine if the "sha512" rule has been
 added to the rule list being applied to the files and directories selection
 lists.
 
-    An example rule that includes the &quot;sha512&quot; rule follows:
+    An example rule that includes the "sha512" rule follows:
 
-    All&#x3D;p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
-    &#x2F;bin All # apply the custom rule to the files in bin
-    &#x2F;sbin All # apply the same custom rule to the files in sbin
+    All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+    /bin All # apply the custom rule to the files in bin
+    /sbin All # apply the same custom rule to the files in sbin
 
-    If the &quot;sha512&quot; rule is not being used on all uncommented selection lines
-in the &quot;&#x2F;etc&#x2F;aide.conf&quot; file, or another file integrity tool is not using
+    If the "sha512" rule is not being used on all uncommented selection lines
+in the "/etc/aide.conf" file, or another file integrity tool is not using
 FIPS 140-2 approved cryptographic hashes for validating file contents and
-directories, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+directories, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to use FIPS 140-2 cryptographic hashes
 for validating file and directory contents.
 
-    If AIDE is installed, ensure the &quot;sha512&quot; rule is present on all
-uncommented file and directory selection lists.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9e89384e-bc04-45ee-b6e7-ba3a5d65266f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-List of monitored files&#x2F;directories without &#39;sha512&#39; rule is expected to be empty
-expected &#x60;[&quot;&#x2F;root&#x2F;\\..*&quot;, &quot;&#x2F;var&#x2F;log&#x2F;faillog$&quot;, &quot;&#x2F;var&#x2F;log&#x2F;lastlog$&quot;, &quot;&#x2F;var&#x2F;run&#x2F;faillock&quot;, &quot;&#x2F;var&#x2F;log&quot;, &quot;&#x2F;var&#x2F;run&#x2F;utmp$&quot;, &quot;&#x2F;etc&quot;].empty?&#x60; to return true, got false</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71863</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86487r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If AIDE is installed, ensure the "sha512" rule is present on all
+uncommented file and directory selection lists.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72073\" do\n  title \"The Red Hat Enterprise Linux operating system must use a file\nintegrity tool that is configured to use FIPS 140-2 approved cryptographic\nhashes for validating file contents and directories.\"\n  desc  \"File integrity tools use cryptographic hashes for verifying file\ncontents and directories have not been altered. These hashes must be FIPS 140-2\napproved cryptographic hashes.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file integrity tool is configured to use FIPS 140-2 approved\ncryptographic hashes for validating file contents and directories.\n\n    Note: If RHEL-07-021350 is a finding, this is automatically a finding too\nas the system cannot implement FIPS 140-2 approved cryptographic algorithms and\nhashes.\n\n    Check to see if Advanced Intrusion Detection Environment (AIDE) is\ninstalled on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    If there is no application installed to perform file integrity checks, this\nis a finding.\n\n    Note: AIDE is highly configurable at install time. These commands assume\nthe \\\"aide.conf\\\" file is under the \\\"/etc\\\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    # find / -name aide.conf\n\n    Check the \\\"aide.conf\\\" file to determine if the \\\"sha512\\\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \\\"sha512\\\" rule follows:\n\n    All=p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \\\"sha512\\\" rule is not being used on all uncommented selection lines\nin the \\\"/etc/aide.conf\\\" file, or another file integrity tool is not using\nFIPS 140-2 approved cryptographic hashes for validating file contents and\ndirectories, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to use FIPS 140-2 cryptographic hashes\nfor validating file and directory contents.\n\n    If AIDE is installed, ensure the \\\"sha512\\\" rule is present on all\nuncommented file and directory selection lists.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72073\"\n  tag rid: \"SV-86697r3_rule\"\n  tag stig_id: \"RHEL-07-021620\"\n  tag fix_id: \"F-78425r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe package(\"aide\") do\n    it { should be_installed }\n  end\n\n  exclude_patterns = input('aide_exclude_patterns')\n\n  findings = aide_conf.where { !selection_line.start_with?('!') &amp;&amp; !exclude_patterns.include?(selection_line) &amp;&amp; !rules.include?('sha512')}\n\n  describe \"List of monitored files/directories without 'sha512' rule\" do\n    subject { findings.selection_lines }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST List of monitored files/directories without 'sha512' rule is expected to be empty :: MESSAGE expected `["/root/\\..*", "/var/log/faillog$", "/var/log/lastlog$", "/var/run/faillock", "/var/log", "/var/run/utmp$", "/etc"].empty?` to return true, got false</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71863</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86487r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 Standard Mandatory DoD Notice and Consent Banner before granting local or
-remote access to the system via a command line user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+remote access to the system via a command line user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the operating system ensures privacy and security
 notification verbiage used is consistent with applicable federal laws,
@@ -12551,7 +11962,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -12576,14 +11987,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system displays the Standard Mandatory DoD Notice and
 Consent Banner before granting access to the operating system via a command
 line user logon.
@@ -12591,10 +12002,10 @@ line user logon.
     Check to see if the operating system displays a banner at the command line
 logon screen with the following command:
 
-    # more &#x2F;etc&#x2F;issue
+    # more /etc/issue
 
     The command should return the following text:
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -12619,24 +12030,24 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;
+Agreement for details."
 
     If the operating system does not display a graphical logon banner or the
 banner does not match the Standard Mandatory DoD Notice and Consent Banner,
 this is a finding.
 
-    If the text in the &quot;&#x2F;etc&#x2F;issue&quot; file does not match the Standard
-Mandatory DoD Notice and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the text in the "/etc/issue" file does not match the Standard
+Mandatory DoD Notice and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the Standard Mandatory DoD Notice
 and Consent Banner before granting access to the system via the command line by
-editing the &quot;&#x2F;etc&#x2F;issue&quot; file.
+editing the "/etc/issue" file.
 
     Replace the default text with the Standard Mandatory DoD Notice and Consent
 Banner. The DoD required text is:
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -12661,297 +12072,283 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants.  Such
 communications and work product are private and confidential.  See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b06079e2-1edc-4e72-9c86-8e3d32d3ec00</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The banner text should match the standard banner is expected to cmp &#x3D;&#x3D; &quot;YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.&quot;
-
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71863\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\nStandard Mandatory DoD Notice and Consent Banner before granting local or\nremote access to the system via a command line user logon.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system displays the Standard Mandatory DoD Notice and\nConsent Banner before granting access to the operating system via a command\nline user logon.\n\n    Check to see if the operating system displays a banner at the command line\nlogon screen with the following command:\n\n    # more /etc/issue\n\n    The command should return the following text:\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n    If the operating system does not display a graphical logon banner or the\nbanner does not match the Standard Mandatory DoD Notice and Consent Banner,\nthis is a finding.\n\n    If the text in the \\\"/etc/issue\\\" file does not match the Standard\nMandatory DoD Notice and Consent Banner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the command line by\nediting the \\\"/etc/issue\\\" file.\n\n    Replace the default text with the Standard Mandatory DoD Notice and Consent\nBanner. The DoD required text is:\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants.  Such\ncommunications and work product are private and confidential.  See User\nAgreement for details.\\\"\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\"]\n  tag gid: \"V-71863\"\n  tag rid: \"SV-86487r3_rule\"\n  tag stig_id: \"RHEL-07-010050\"\n  tag fix_id: \"F-78217r2_fix\"\n  tag cci: [\"CCI-000048\"]\n  tag nist: [\"AC-8 a\", \"Rev_4\"]\n\n  banner_message_text_cli = input('banner_message_text_cli')\n  banner_message_text_cli_limited = input('banner_message_text_cli_limited')\n\n  clean_banner = banner_message_text_cli.gsub(%r{[\\r\\n\\s]}, '')\n  clean_banner_limited = banner_message_text_cli_limited.gsub(%r{[\\r\\n\\s]}, '')\n  banner_file = file(\"/etc/issue\")\n  banner_missing = !banner_file.exist?\n\n  describe \"The banner text is not set because /etc/issue does not exist\" do\n    subject { banner_missing }\n    it { should be false }\n  end if banner_missing\n\n  banner_message = banner_file.content.gsub(%r{[\\r\\n\\s]}, '')\n  describe.one do\n    describe \"The banner text should match the standard banner\" do\n      subject { banner_message }\n      it { should cmp clean_banner }\n    end\n    describe \"The banner text should match the limited banner\" do\n      subject { banner_message }\n      it{should cmp clean_banner_limited }\n    end\n  end if !banner_missing\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The banner text should match the standard banner is expected to cmp == "YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails." :: MESSAGE 
 expected: YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-passed
-The banner text should match the limited banner is expected to cmp &#x3D;&#x3D; &quot;I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.&quot;
-
-expected: I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.
+passed :: TEST The banner text should match the limited banner is expected to cmp == "I'veread&amp;consenttotermsinISuseragreem't." :: MESSAGE 
+expected: I'veread&amp;consenttotermsinISuseragreem't.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72319</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86943r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040830</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72319</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86943r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040830</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not forward IPv6
-source-routed packets.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+source-routed packets.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Source-routed packets allow the source of the packet to suggest that
 routers forward the packet along a different path than configured on the
 router, which can be used to bypass network security measures. This requirement
 applies only to the forwarding of source-routed traffic, such as when IPv6
-forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If IPv6 is not enabled, the key will not exist, and this is Not Applicable.
 
     Verify the system does not accept IPv6 source-routed packets.
 
-    # grep net.ipv6.conf.all.accept_source_route &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv6.conf.all.accept_source_route /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    net.ipv6.conf.all.accept_source_route &#x3D; 0
+    net.ipv6.conf.all.accept_source_route = 0
 
-    If &quot;net.ipv6.conf.all.accept_source_route&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out or
-does not have a value of &quot;0&quot;, this is a finding.
+    If "net.ipv6.conf.all.accept_source_route" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv6.conf.all.accept_source_route
-    net.ipv6.conf.all.accept_source_route &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv6.conf.all.accept_source_route
+    net.ipv6.conf.all.accept_source_route = 0
 
-    If the returned lines do not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned lines do not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter, if IPv6 is enabled, by
-adding the following line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in
-the &#x2F;etc&#x2F;sysctl.d&#x2F; directory (or modify the line to have the required value):
+adding the following line to "/etc/sysctl.conf" or a configuration file in
+the /etc/sysctl.d/ directory (or modify the line to have the required value):
 
-    net.ipv6.conf.all.accept_source_route &#x3D; 0
+    net.ipv6.conf.all.accept_source_route = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>11056a7a-debd-423c-9fe1-82561c89e141</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv6.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86853r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040190</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72319\" do\n  title \"The Red Hat Enterprise Linux operating system must not forward IPv6\nsource-routed packets.\"\n  desc  \"Source-routed packets allow the source of the packet to suggest that\nrouters forward the packet along a different path than configured on the\nrouter, which can be used to bypass network security measures. This requirement\napplies only to the forwarding of source-routed traffic, such as when IPv6\nforwarding is enabled and the system is functioning as a router.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If IPv6 is not enabled, the key will not exist, and this is Not Applicable.\n\n    Verify the system does not accept IPv6 source-routed packets.\n\n    # grep net.ipv6.conf.all.accept_source_route /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    net.ipv6.conf.all.accept_source_route = 0\n\n    If \\\"net.ipv6.conf.all.accept_source_route\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv6.conf.all.accept_source_route\n    net.ipv6.conf.all.accept_source_route = 0\n\n    If the returned lines do not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter, if IPv6 is enabled, by\nadding the following line to \\\"/etc/sysctl.conf\\\" or a configuration file in\nthe /etc/sysctl.d/ directory (or modify the line to have the required value):\n\n    net.ipv6.conf.all.accept_source_route = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72319\"\n  tag rid: \"SV-86943r2_rule\"\n  tag stig_id: \"RHEL-07-040830\"\n  tag fix_id: \"F-78673r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe kernel_parameter('net.ipv6.conf.all.accept_source_route') do\n      its('value') { should eq 0 }\n    end\n\t# If IPv6 is disabled in the kernel it will return NIL\n    describe kernel_parameter('net.ipv6.conf.all.accept_source_route') do\n      its('value') { should eq nil }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv6.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86853r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040190</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
 cryptography to protect the integrity of Lightweight Directory Access Protocol
-(LDAP) communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(LDAP) communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, information can be
 altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If LDAP is not being utilized, this requirement is Not Applicable.
 
     Verify the operating system implements cryptography to protect the
@@ -12962,311 +12359,298 @@ command:
 
     # systemctl status sssd.service
     sssd.service - System Security Services Daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sssd.service; enabled; vendor
+    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor
 preset: disabled)
     Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago
 
-    If the &quot;sssd.service&quot; is &quot;active&quot;, then LDAP is being used.
+    If the "sssd.service" is "active", then LDAP is being used.
 
-    Determine the &quot;id_provider&quot; the LDAP is currently using:
+    Determine the "id_provider" the LDAP is currently using:
 
-    # grep -i &quot;id_provider&quot; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
+    # grep -i "id_provider" /etc/sssd/sssd.conf
 
-    id_provider &#x3D; ad
+    id_provider = ad
 
-    If &quot;id_provider&quot; is set to &quot;ad&quot;, this is Not Applicable.
+    If "id_provider" is set to "ad", this is Not Applicable.
 
     Verify the sssd service is configured to require the use of certificates:
 
-    # grep -i tls_reqcert &#x2F;etc&#x2F;sssd&#x2F;sssd.conf
-    ldap_tls_reqcert &#x3D; demand
+    # grep -i tls_reqcert /etc/sssd/sssd.conf
+    ldap_tls_reqcert = demand
 
-    If the &quot;ldap_tls_reqcert&quot; setting is missing, commented out, or does not
+    If the "ldap_tls_reqcert" setting is missing, commented out, or does not
 exist, this is a finding.
 
-    If the &quot;ldap_tls_reqcert&quot; setting is not set to &quot;demand&quot; or &quot;hard&quot;,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "ldap_tls_reqcert" setting is not set to "demand" or "hard",
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement cryptography to protect the
 integrity of LDAP remote access sessions.
 
-    Add or modify the following line in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot;:
-
-    ldap_tls_reqcert &#x3D; demand</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9e75e88e-c772-46bc-ab50-c71361b4e3f9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-LDAP not enabled
-LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72103</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86727r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030400</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or modify the following line in "/etc/sssd/sssd.conf":
+
+    ldap_tls_reqcert = demand</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72229\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\ncryptography to protect the integrity of Lightweight Directory Access Protocol\n(LDAP) communications.\"\n  desc  \"Without cryptographic integrity protections, information can be\naltered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If LDAP is not being utilized, this requirement is Not Applicable.\n\n    Verify the operating system implements cryptography to protect the\nintegrity of remote LDAP access sessions.\n\n    To determine if LDAP is being used for authentication, use the following\ncommand:\n\n    # systemctl status sssd.service\n    sssd.service - System Security Services Daemon\n    Loaded: loaded (/usr/lib/systemd/system/sssd.service; enabled; vendor\npreset: disabled)\n    Active: active (running) since Wed 2018-06-27 10:58:11 EST; 1h 50min ago\n\n    If the \\\"sssd.service\\\" is \\\"active\\\", then LDAP is being used.\n\n    Determine the \\\"id_provider\\\" the LDAP is currently using:\n\n    # grep -i \\\"id_provider\\\" /etc/sssd/sssd.conf\n\n    id_provider = ad\n\n    If \\\"id_provider\\\" is set to \\\"ad\\\", this is Not Applicable.\n\n    Verify the sssd service is configured to require the use of certificates:\n\n    # grep -i tls_reqcert /etc/sssd/sssd.conf\n    ldap_tls_reqcert = demand\n\n    If the \\\"ldap_tls_reqcert\\\" setting is missing, commented out, or does not\nexist, this is a finding.\n\n    If the \\\"ldap_tls_reqcert\\\" setting is not set to \\\"demand\\\" or \\\"hard\\\",\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement cryptography to protect the\nintegrity of LDAP remote access sessions.\n\n    Add or modify the following line in \\\"/etc/sssd/sssd.conf\\\":\n\n    ldap_tls_reqcert = demand\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72229\"\n  tag rid: \"SV-86853r4_rule\"\n  tag stig_id: \"RHEL-07-040190\"\n  tag fix_id: \"F-78583r4_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  sssd_id_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*id_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  sssd_ldap_enabled = (package('sssd').installed? and\n    !command('grep \"^\\s*[a-z]*_provider\\s*=\\s*ldap\" /etc/sssd/sssd.conf').stdout.strip.empty?)\n\n  pam_ldap_enabled = (!command('grep \"^[^#]*pam_ldap\\.so\" /etc/pam.d/*').stdout.strip.empty?)\n\n  if !(sssd_id_ldap_enabled or sssd_ldap_enabled or pam_ldap_enabled)\n    impact 0.0\n    describe \"LDAP not enabled\" do\n      skip \"LDAP not enabled using any known mechanisms, this control is Not Applicable.\"\n    end\n  end\n\n  if sssd_id_ldap_enabled\n    ldap_id_use_start_tls = command('grep ldap_id_use_start_tls /etc/sssd/sssd.conf')\n    describe ldap_id_use_start_tls do\n      its('stdout.strip') { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n    end\n\n    ldap_id_use_start_tls.stdout.strip.each_line do |line|\n      describe line do\n        it { should match %r{^ldap_id_use_start_tls\\s*=\\s*true$}}\n      end\n    end\n  end\n\n  if sssd_ldap_enabled\n    ldap_tls_cacertdir = command('grep -i ldap_tls_cacertdir /etc/sssd/sssd.conf').\n      stdout.strip.scan(%r{^ldap_tls_cacertdir\\s*=\\s*(.*)}).last\n\n    describe \"ldap_tls_cacertdir\" do\n      subject { ldap_tls_cacertdir }\n      it { should_not eq nil }\n    end\n\n    describe file(ldap_tls_cacertdir.last) do\n      it { should exist }\n      it { should be_directory }\n    end if !ldap_tls_cacertdir.nil?\n  end\n\n  if pam_ldap_enabled\n    tls_cacertdir = command('grep -i tls_cacertdir /etc/pam_ldap.conf').\n      stdout.strip.scan(%r{^tls_cacertdir\\s+(.*)}).last\n\n    describe \"tls_cacertdir\" do\n      subject { tls_cacertdir }\n      it { should_not eq nil }\n    end\n\n    describe file(tls_cacertdir.last) do\n      it { should exist }\n      it { should be_directory }\n    end if !tls_cacertdir.nil?\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST LDAP not enabled :: SKIP_MESSAGE LDAP not enabled using any known mechanisms, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72103</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86727r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030400</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchownat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchownat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchownat&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchownat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fchownat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchownat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchownat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchownat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchownat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f9d55aa6-eae0-44c4-9655-8fe089ec0c2a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchownat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86701r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72103\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchownat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchownat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fchownat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchownat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchownat -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72103\"\n  tag rid: \"SV-86727r5_rule\"\n  tag stig_id: \"RHEL-07-030400\"\n  tag fix_id: \"F-78455r7_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchownat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchownat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchownat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86701r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the
-telnet-server package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+telnet-server package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>It is detrimental for operating systems to provide, or install by
 default, functionality exceeding requirements or mission objectives. These
 unnecessary capabilities or services are often overlooked and therefore may
@@ -13281,14 +12665,14 @@ functions).
     Examples of non-essential capabilities include, but are not limited to,
 games, software packages, tools, and demonstration software not related to
 requirements or providing a wide array of functionality not required for every
-mission, but which cannot be disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+mission, but which cannot be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system is configured to disable non-essential
 capabilities. The most secure way of ensuring a non-essential capability is
 disabled is to not have the capability installed.
@@ -13305,415 +12689,399 @@ command:
 
     # yum list installed telnet-server
 
-    If the telnet-server package is installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the telnet-server package is installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable non-essential capabilities by
 removing the telnet-server package from the system with the following command:
 
-    # yum remove telnet-server</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>237294ad-5aa9-485b-adee-b7e33aa268e9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package telnet-server is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71949</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86573r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # yum remove telnet-server</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72077\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the\ntelnet-server package installed.\"\n  desc  \"It is detrimental for operating systems to provide, or install by\ndefault, functionality exceeding requirements or mission objectives. These\nunnecessary capabilities or services are often overlooked and therefore may\nremain unsecured. They increase the risk to the platform by providing\nadditional attack vectors.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services, provided by default, may not be\nnecessary to support essential organizational operations (e.g., key missions,\nfunctions).\n\n    Examples of non-essential capabilities include, but are not limited to,\ngames, software packages, tools, and demonstration software not related to\nrequirements or providing a wide array of functionality not required for every\nmission, but which cannot be disabled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system is configured to disable non-essential\ncapabilities. The most secure way of ensuring a non-essential capability is\ndisabled is to not have the capability installed.\n\n    The telnet service provides an unencrypted remote access service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    If a privileged user were to log on using this service, the privileged user\npassword could be compromised.\n\n    Check to see if the telnet-server package is installed with the following\ncommand:\n\n    # yum list installed telnet-server\n\n    If the telnet-server package is installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable non-essential capabilities by\nremoving the telnet-server package from the system with the following command:\n\n    # yum remove telnet-server\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000095-GPOS-00049\"\n  tag gid: \"V-72077\"\n  tag rid: \"SV-86701r2_rule\"\n  tag stig_id: \"RHEL-07-021710\"\n  tag fix_id: \"F-78429r1_fix\"\n  tag cci: [\"CCI-000381\"]\n  tag nist: [\"CM-7 a\", \"Rev_4\"]\n\n  describe package('telnet-server') do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package telnet-server is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71949</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86573r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that users must re-authenticate for privilege escalation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that users must re-authenticate for privilege escalation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without re-authentication, users may access resources or perform tasks
 for which they do not have authorization.
 
     When operating systems provide the capability to escalate a functional
-capability, it is critical the user reauthenticate.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+capability, it is critical the user reauthenticate.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system requires users to reauthenticate for privilege
 escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; and &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;*&quot;
+    Check the configuration of the "/etc/sudoers" and "/etc/sudoers.d/*"
 files with the following command:
 
-    # grep -i authenticate &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*
+    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*
 
-    If any uncommented line is found with a &quot;!authenticate&quot; tag, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any uncommented line is found with a "!authenticate" tag, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require users to reauthenticate for
 privilege escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; file with the following
+    Check the configuration of the "/etc/sudoers" file with the following
 command:
 
     # visudo
-    Remove any occurrences of &quot;!authenticate&quot; tags in the file.
+    Remove any occurrences of "!authenticate" tags in the file.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;*&quot; files with the
+    Check the configuration of the "/etc/sudoers.d/*" files with the
 following command:
 
-    # grep -i authenticate &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*
-    Remove any occurrences of &quot;!authenticate&quot; tags in the file(s).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7410cce2-356d-41c5-8ff7-20ee47f28d92</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -ir authenticate &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*&#x60; stdout is expected not to match &#x2F;!authenticate&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86657r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*
+    Remove any occurrences of "!authenticate" tags in the file(s).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71949\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat users must re-authenticate for privilege escalation.\"\n  desc  \"Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user reauthenticate.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system requires users to reauthenticate for privilege\nescalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" and \\\"/etc/sudoers.d/*\\\"\nfiles with the following command:\n\n    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*\n\n    If any uncommented line is found with a \\\"!authenticate\\\" tag, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require users to reauthenticate for\nprivilege escalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" file with the following\ncommand:\n\n    # visudo\n    Remove any occurrences of \\\"!authenticate\\\" tags in the file.\n\n    Check the configuration of the \\\"/etc/sudoers.d/*\\\" files with the\nfollowing command:\n\n    # grep -i authenticate /etc/sudoers /etc/sudoers.d/*\n    Remove any occurrences of \\\"!authenticate\\\" tags in the file(s).\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000373-GPOS-00156\"\n  tag satisfies: [\"SRG-OS-000373-GPOS-00156\", \"SRG-OS-000373-GPOS-00157\",\n\"SRG-OS-000373-GPOS-00158\"]\n  tag gid: \"V-71949\"\n  tag rid: \"SV-86573r3_rule\"\n  tag stig_id: \"RHEL-07-010350\"\n  tag fix_id: \"F-78301r3_fix\"\n  tag cci: [\"CCI-002038\"]\n  tag nist: [\"IA-11\", \"Rev_4\"]\n\n  describe command(\"grep -ir authenticate /etc/sudoers /etc/sudoers.d/*\") do\n    its('stdout') { should_not match %r{!authenticate} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -ir authenticate /etc/sudoers /etc/sudoers.d/*` stdout is expected not to match /!authenticate/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86657r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all local initialization files have mode 0740 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Local initialization files are used to configure the user&#39;s shell
+that all local initialization files have mode 0740 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Local initialization files are used to configure the user's shell
 environment upon logon. Malicious modification of these files could compromise
-accounts upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that all local initialization files have a mode of &quot;0740&quot; or less
+accounts upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that all local initialization files have a mode of "0740" or less
 permissive.
 
     Check the mode on all local initialization files with the following command:
 
-    Note: The example will be for the &quot;smithj&quot; user, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the "smithj" user, who has a home directory
+of "/home/smithj".
 
-    # ls -al &#x2F;home&#x2F;smithj&#x2F;.[^.]* | more
+    # ls -al /home/smithj/.[^.]* | more
 
     -rwxr----- 1 smithj users 896 Mar 10 2011 .profile
     -rwxr----- 1 smithj users 497 Jan 6 2007 .login
     -rwxr----- 1 smithj users 886 Jan 6 2007 .something
 
     If any local initialization files have a mode more permissive than
-&quot;0740&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Set the mode of the local initialization files to &quot;0740&quot; with the
+"0740", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Set the mode of the local initialization files to "0740" with the
 following command:
 
-    Note: The example will be for the &quot;smithj&quot; user, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chmod 0740 &#x2F;home&#x2F;smithj&#x2F;.[^.]*</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>84c0eada-68a7-45df-a4e0-3cb28a85441d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-#&lt;Set: {&quot;&#x2F;root&#x2F;.bash_logout&quot;, &quot;&#x2F;root&#x2F;.bash_profile&quot;, &quot;&#x2F;root&#x2F;.bashrc&quot;, &quot;&#x2F;root&#x2F;.cshrc&quot;, &quot;&#x2F;root&#x2F;.tcshrc&quot;}&gt; is expected to be empty
-expected &#x60;#&lt;Set: {&quot;&#x2F;root&#x2F;.bash_logout&quot;, &quot;&#x2F;root&#x2F;.bash_profile&quot;, &quot;&#x2F;root&#x2F;.bashrc&quot;, &quot;&#x2F;root&#x2F;.cshrc&quot;, &quot;&#x2F;root&#x2F;.tcshrc&quot;}&gt;.empty?&#x60; to return true, got false</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71911</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86535r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Note: The example will be for the "smithj" user, who has a home directory
+of "/home/smithj".
+
+    # chmod 0740 /home/smithj/.[^.]*</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72033\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local initialization files have mode 0740 or less permissive.\"\n  desc  \"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that all local initialization files have a mode of \\\"0740\\\" or less\npermissive.\n\n    Check the mode on all local initialization files with the following command:\n\n    Note: The example will be for the \\\"smithj\\\" user, who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -al /home/smithj/.[^.]* | more\n\n    -rwxr----- 1 smithj users 896 Mar 10 2011 .profile\n    -rwxr----- 1 smithj users 497 Jan 6 2007 .login\n    -rwxr----- 1 smithj users 886 Jan 6 2007 .something\n\n    If any local initialization files have a mode more permissive than\n\\\"0740\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the mode of the local initialization files to \\\"0740\\\" with the\nfollowing command:\n\n    Note: The example will be for the \\\"smithj\\\" user, who has a home directory\nof \\\"/home/smithj\\\".\n\n    # chmod 0740 /home/smithj/.[^.]*\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72033\"\n  tag rid: \"SV-86657r3_rule\"\n  tag stig_id: \"RHEL-07-020710\"\n  tag fix_id: \"F-78385r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    findings = findings + command(\"find #{user_info.home} -xdev -maxdepth 1 -name '.*' -type f -perm /037\").stdout.split(\"\\n\")\n  end\n  describe findings do\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST #&lt;Set: {"/root/.bash_logout", "/root/.bash_profile", "/root/.bashrc", "/root/.cshrc", "/root/.tcshrc"}&gt; is expected to be empty :: MESSAGE expected `#&lt;Set: {"/root/.bash_logout", "/root/.bash_profile", "/root/.bashrc", "/root/.cshrc", "/root/.tcshrc"}&gt;.empty?` to return true, got false</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71911</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86535r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed a minimum of eight of the total number of
-characters must be changed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+characters must be changed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -13722,146 +13090,141 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;difok&quot; option sets the number of characters in a password that must
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "difok" option sets the number of characters in a password that must
 not be present in the old password.
 
-    Check for the value of the &quot;difok&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "difok" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep difok &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    difok &#x3D; 8
+    # grep difok /etc/security/pwquality.conf
+    difok = 8
 
-    If the value of &quot;difok&quot; is set to less than &quot;8&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "difok" is set to less than "8", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of at least eight of
 the total number of characters when passwords are changed by setting the
-&quot;difok&quot; option.
+"difok" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    difok &#x3D; 8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>46f9bded-fc3f-492a-b4f3-168ae7fc0a59</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf difok.to_i is expected to cmp &gt;&#x3D; 8</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72269</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000355-GPOS-00143</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86893r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    difok = 8</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71911\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed a minimum of eight of the total number of\ncharacters must be changed.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"difok\\\" option sets the number of characters in a password that must\nnot be present in the old password.\n\n    Check for the value of the \\\"difok\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep difok /etc/security/pwquality.conf\n    difok = 8\n\n    If the value of \\\"difok\\\" is set to less than \\\"8\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of at least eight of\nthe total number of characters when passwords are changed by setting the\n\\\"difok\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    difok = 8\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71911\"\n  tag rid: \"SV-86535r2_rule\"\n  tag stig_id: \"RHEL-07-010160\"\n  tag fix_id: \"F-78263r1_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  difok = input('difok')\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('difok.to_i') { should cmp &gt;= difok }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf difok.to_i is expected to cmp &gt;= 8</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72269</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000355-GPOS-00143</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86893r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must, for networked
 systems, synchronize clocks with a server that is synchronized to one of the
 redundant United States Naval Observatory (USNO) time servers, a time server
-designated for the appropriate DoD network (NIPRNet&#x2F;SIPRNet), and&#x2F;or the Global
-Positioning System (GPS).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global
+Positioning System (GPS).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Inaccurate time stamps make it more difficult to correlate events and
 can lead to an inaccurate analysis. Determining the correct time a particular
 event occurred on a system is critical when conducting forensic analysis and
@@ -13874,62 +13237,62 @@ connected over a network.
 
     Organizations should consider endpoints that may not have regular access to
 the authoritative time server (e.g., mobile, teleworking, and tactical
-endpoints).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+endpoints).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check to see if NTP is running in continuous mode:
 
     # ps -ef | grep ntp
 
-    If NTP is not running, check to see if &quot;chronyd&quot; is running in continuous
+    If NTP is not running, check to see if "chronyd" is running in continuous
 mode:
 
     # ps -ef | grep chronyd
 
-    If NTP or &quot;chronyd&quot; is not running, this is a finding.
+    If NTP or "chronyd" is not running, this is a finding.
 
-    If the NTP process is found, then check the &quot;ntp.conf&quot; file for the
-&quot;maxpoll&quot; option setting:
+    If the NTP process is found, then check the "ntp.conf" file for the
+"maxpoll" option setting:
 
-    # grep maxpoll &#x2F;etc&#x2F;ntp.conf
+    # grep maxpoll /etc/ntp.conf
 
     server 0.rhel.pool.ntp.org iburst maxpoll 10
 
-    If the option is set to &quot;17&quot; or is not set, this is a finding.
+    If the option is set to "17" or is not set, this is a finding.
 
-    If the file does not exist, check the &quot;&#x2F;etc&#x2F;cron.daily&quot; subdirectory for
-a crontab file controlling the execution of the &quot;ntpd -q&quot; command.
+    If the file does not exist, check the "/etc/cron.daily" subdirectory for
+a crontab file controlling the execution of the "ntpd -q" command.
 
-    # grep -i &quot;ntpd -q&quot; &#x2F;etc&#x2F;cron.daily&#x2F;*
-    # ls -al &#x2F;etc&#x2F;cron.* | grep ntp
+    # grep -i "ntpd -q" /etc/cron.daily/*
+    # ls -al /etc/cron.* | grep ntp
 
     ntp
 
-    If a crontab file does not exist in the &quot;&#x2F;etc&#x2F;cron.daily&quot; that executes
-the &quot;ntpd -q&quot; command, this is a finding.
+    If a crontab file does not exist in the "/etc/cron.daily" that executes
+the "ntpd -q" command, this is a finding.
 
-    If the &quot;chronyd&quot; process is found, then check the &quot;chrony.conf&quot; file
-for the &quot;maxpoll&quot; option setting:
+    If the "chronyd" process is found, then check the "chrony.conf" file
+for the "maxpoll" option setting:
 
-    # grep maxpoll &#x2F;etc&#x2F;chrony.conf
+    # grep maxpoll /etc/chrony.conf
 
     server 0.rhel.pool.ntp.org iburst maxpoll 10
 
-    If the option is not set or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &quot;&#x2F;etc&#x2F;ntp.conf&quot; or &quot;&#x2F;etc&#x2F;chrony.conf&quot; file and add or update
-an entry to define &quot;maxpoll&quot; to &quot;10&quot; as follows:
+    If the option is not set or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the "/etc/ntp.conf" or "/etc/chrony.conf" file and add or update
+an entry to define "maxpoll" to "10" as follows:
 
     server 0.rhel.pool.ntp.org iburst maxpoll 10
 
-    If NTP was running and &quot;maxpoll&quot; was updated, the NTP service must be
+    If NTP was running and "maxpoll" was updated, the NTP service must be
 restarted:
 
     # systemctl restart ntpd
@@ -13938,419 +13301,398 @@ restarted:
 
     # systemctl start ntpd
 
-    If &quot;chronyd&quot; was running and &quot;maxpoll&quot; was updated, the service must be
+    If "chronyd" was running and "maxpoll" was updated, the service must be
 restarted:
 
     # systemctl restart chronyd.service
 
-    If &quot;chronyd&quot; was not running, it must be started:
-
-    # systemctl start chronyd.service</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e7ee7d7d-f6aa-4649-90fb-63a7cdc73253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002046</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service chronyd is expected to be running
---------------------------------
-passed
-Service chronyd is expected to be enabled
---------------------------------
-passed
-Service chronyd is expected to be installed
---------------------------------
-passed
-chronyd time sources list is expected not to be empty
---------------------------------
-passed
-chronyd maxpoll values (99&#x3D;maxpoll absent) is expected to all be &lt; 17</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71931</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86555r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010260</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If "chronyd" was not running, it must be started:
+
+    # systemctl start chronyd.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72269\" do\n  title \"The Red Hat Enterprise Linux operating system must, for networked\nsystems, synchronize clocks with a server that is synchronized to one of the\nredundant United States Naval Observatory (USNO) time servers, a time server\ndesignated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global\nPositioning System (GPS).\"\n  desc  \"Inaccurate time stamps make it more difficult to correlate events and\ncan lead to an inaccurate analysis. Determining the correct time a particular\nevent occurred on a system is critical when conducting forensic analysis and\ninvestigating system events. Sources outside the configured acceptable\nallowance (drift) may be inaccurate.\n\n    Synchronizing internal information system clocks provides uniformity of\ntime stamps for information systems with multiple system clocks and systems\nconnected over a network.\n\n    Organizations should consider endpoints that may not have regular access to\nthe authoritative time server (e.g., mobile, teleworking, and tactical\nendpoints).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check to see if NTP is running in continuous mode:\n\n    # ps -ef | grep ntp\n\n    If NTP is not running, check to see if \\\"chronyd\\\" is running in continuous\nmode:\n\n    # ps -ef | grep chronyd\n\n    If NTP or \\\"chronyd\\\" is not running, this is a finding.\n\n    If the NTP process is found, then check the \\\"ntp.conf\\\" file for the\n\\\"maxpoll\\\" option setting:\n\n    # grep maxpoll /etc/ntp.conf\n\n    server 0.rhel.pool.ntp.org iburst maxpoll 10\n\n    If the option is set to \\\"17\\\" or is not set, this is a finding.\n\n    If the file does not exist, check the \\\"/etc/cron.daily\\\" subdirectory for\na crontab file controlling the execution of the \\\"ntpd -q\\\" command.\n\n    # grep -i \\\"ntpd -q\\\" /etc/cron.daily/*\n    # ls -al /etc/cron.* | grep ntp\n\n    ntp\n\n    If a crontab file does not exist in the \\\"/etc/cron.daily\\\" that executes\nthe \\\"ntpd -q\\\" command, this is a finding.\n\n    If the \\\"chronyd\\\" process is found, then check the \\\"chrony.conf\\\" file\nfor the \\\"maxpoll\\\" option setting:\n\n    # grep maxpoll /etc/chrony.conf\n\n    server 0.rhel.pool.ntp.org iburst maxpoll 10\n\n    If the option is not set or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the \\\"/etc/ntp.conf\\\" or \\\"/etc/chrony.conf\\\" file and add or update\nan entry to define \\\"maxpoll\\\" to \\\"10\\\" as follows:\n\n    server 0.rhel.pool.ntp.org iburst maxpoll 10\n\n    If NTP was running and \\\"maxpoll\\\" was updated, the NTP service must be\nrestarted:\n\n    # systemctl restart ntpd\n\n    If NTP was not running, it must be started:\n\n    # systemctl start ntpd\n\n    If \\\"chronyd\\\" was running and \\\"maxpoll\\\" was updated, the service must be\nrestarted:\n\n    # systemctl restart chronyd.service\n\n    If \\\"chronyd\\\" was not running, it must be started:\n\n    # systemctl start chronyd.service\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000355-GPOS-00143\"\n  tag satisfies: [\"SRG-OS-000355-GPOS-00143\", \"SRG-OS-000356-GPOS-00144\"]\n  tag gid: \"V-72269\"\n  tag rid: \"SV-86893r5_rule\"\n  tag stig_id: \"RHEL-07-040500\"\n  tag fix_id: \"F-78623r5_fix\"\n  tag cci: [\"CCI-001891\", \"CCI-002046\"]\n  tag nist: [\"AU-8 (1) (a)\", \"AU-8 (1) (b)\", \"Rev_4\"]\n\n  # Either ntpd or chronyd should be running\n  describe.one do\n    [service('ntpd'), service('chronyd')].each do |time_service|\n      describe time_service do\n        it { should be_running }\n        it { should be_enabled }\n        it { should be_installed }\n      end\n    end\n  end\n\n  if service('ntpd').installed?\n    time_service = service('ntpd')\n    time_sources = ntp_conf('/etc/ntp.conf').server\n    max_poll_values = time_sources.map { |val| val.match?(/.*maxpoll.*/) ? val.gsub(/.*maxpoll\\s+(\\d+)(\\s+.*|$)/,'\\1').to_i : 99 }\n    ntpdate_crons = command('grep -l \"ntpd -q\" /etc/cron.daily/*').stdout.strip.lines\n\n    describe \"ntpd time sources list\" do\n      subject { time_sources }\n      it { should_not be_empty }\n    end\n\n    describe.one do\n      # Case where maxpoll empty\n      describe \"Daily cron jobs for 'ntpd -q'\" do\n        subject { ntpdate_crons }\n        it { should_not be_empty }\n      end\n      # All time sources must contain valid maxpoll entries\n      describe \"ntpd maxpoll values (99=maxpoll absent)\" do\n        subject { max_poll_values }\n        it { should all be &lt; 17 }\n      end\n    end\n  end\n\n  if service('chronyd').installed?\n    time_service = service('chronyd')\n    time_sources = ntp_conf('/etc/chrony.conf').server\n    max_poll_values = time_sources.map { |val| val.match?(/.*maxpoll.*/) ? val.gsub(/.*maxpoll\\s+(\\d+)(\\s+.*|$)/,'\\1').to_i : 99 }\n\n    describe \"chronyd time sources list\" do\n      subject { time_sources }\n      it { should_not be_empty }\n    end\n      \n    # All time sources must contain valid maxpoll entries\n    describe \"chronyd maxpoll values (99=maxpoll absent)\" do\n      subject { max_poll_values }\n      it { should all be &lt; 17 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002046</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service chronyd is expected to be running
+--------------------------------
+passed :: TEST Service chronyd is expected to be enabled
+--------------------------------
+passed :: TEST Service chronyd is expected to be installed
+--------------------------------
+passed :: TEST chronyd time sources list is expected not to be empty
+--------------------------------
+passed :: TEST chronyd maxpoll values (99=maxpoll absent) is expected to all be &lt; 17</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71931</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000076-GPOS-00044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86555r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010260</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that existing passwords are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that existing passwords are restricted to a 60-day maximum lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Any password, no matter how complex, can eventually be cracked.
 Therefore, passwords need to be changed periodically. If the operating system
 does not limit the lifetime of passwords and force users to change their
 passwords, there is the risk that the operating system passwords could be
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check whether the maximum time period for existing passwords is restricted
 to 60 days.
 
-    # awk -F: &#39;$5 &gt; 60 {print $1 &quot; &quot; $5}&#39; &#x2F;etc&#x2F;shadow
+    # awk -F: '$5 &gt; 60 {print $1 " " $5}' /etc/shadow
 
     If any results are returned that are not associated with a system account,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure non-compliant accounts to enforce a 60-day maximum password
 lifetime restriction.
 
-    # chage -M 60 [user]</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>158ab59d-a49c-4621-8d52-dc5fa834248e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;shadow with user &#x3D;&#x3D; &quot;ec2-user&quot; max_days.first.to_i is expected to cmp &lt;&#x3D; 60</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72061</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86685r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chage -M 60 [user]</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71931\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat existing passwords are restricted to a 60-day maximum lifetime.\"\n  desc  \"Any password, no matter how complex, can eventually be cracked.\nTherefore, passwords need to be changed periodically. If the operating system\ndoes not limit the lifetime of passwords and force users to change their\npasswords, there is the risk that the operating system passwords could be\ncompromised.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check whether the maximum time period for existing passwords is restricted\nto 60 days.\n\n    # awk -F: '$5 &gt; 60 {print $1 \\\" \\\" $5}' /etc/shadow\n\n    If any results are returned that are not associated with a system account,\nthis is a finding.\n\n  \"\n  desc  \"fix\", \"\n    Configure non-compliant accounts to enforce a 60-day maximum password\nlifetime restriction.\n\n    # chage -M 60 [user]\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000076-GPOS-00044\"\n  tag gid: \"V-71931\"\n  tag rid: \"SV-86555r3_rule\"\n  tag stig_id: \"RHEL-07-010260\"\n  tag fix_id: \"F-78283r1_fix\"\n  tag cci: [\"CCI-000199\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  shadow.users.each do |user|\n    # filtering on non-system accounts (uid &gt;= 1000)\n    next unless user(user).uid &gt;= 1000\n    describe shadow.users(user) do\n      its('max_days.first.to_i') { should cmp &lt;= 60 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/shadow with user == "ec2-user" max_days.first.to_i is expected to cmp &lt;= 60</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72061</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86685r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a separate file
-system for &#x2F;var.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system for /var.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that a separate file system&#x2F;partition has been created for &quot;&#x2F;var&quot;.
-
-    Check that a file system&#x2F;partition has been created for &quot;&#x2F;var&quot; with the
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that a separate file system/partition has been created for "/var".
+
+    Check that a file system/partition has been created for "/var" with the
 following command:
 
-    # grep &#x2F;var &#x2F;etc&#x2F;fstab
-    UUID&#x3D;c274f65f    &#x2F;var                    ext4    noatime,nobarrier        1
+    # grep /var /etc/fstab
+    UUID=c274f65f    /var                    ext4    noatime,nobarrier        1
 2
 
-    If a separate entry for &quot;&#x2F;var&quot; is not in use, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Migrate the &quot;&#x2F;var&quot; path onto a separate file system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f6f4aa2b-bd74-4fcf-ac7e-1577b3984d21</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;var is expected to be mounted
-
-Mount &#x2F;var is not mounted
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-92255</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-102357r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If a separate entry for "/var" is not in use, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Migrate the "/var" path onto a separate file system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72061\" do\n  title \"The Red Hat Enterprise Linux operating system must use a separate file\nsystem for /var.\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a separate file system/partition has been created for \\\"/var\\\".\n\n    Check that a file system/partition has been created for \\\"/var\\\" with the\nfollowing command:\n\n    # grep /var /etc/fstab\n    UUID=c274f65f    /var                    ext4    noatime,nobarrier        1\n2\n\n    If a separate entry for \\\"/var\\\" is not in use, this is a finding.\n  \"\n  desc  \"fix\", \"Migrate the \\\"/var\\\" path onto a separate file system.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72061\"\n  tag rid: \"SV-86685r2_rule\"\n  tag stig_id: \"RHEL-07-021320\"\n  tag fix_id: \"F-78413r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe mount('/var') do\n    it { should be_mounted }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /var is expected to be mounted :: MESSAGE 
+Mount /var is not mounted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-92255</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-102357r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020019</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have a host-based
-intrusion detection tool installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+intrusion detection tool installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Adding host-based intrusion detection tools can provide the capability
 to automatically take actions in response to malicious behavior, which can
 provide additional agility in reacting to network threats. These tools also
 often include a reporting capability to provide network awareness of the
-system, which may not otherwise exist in an organization&#39;s systems management
-regime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+system, which may not otherwise exist in an organization's systems management
+regime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Ask the SA or ISSO if a host-based intrusion detection application is
 loaded on the system. Per OPORD 16-0080, the preferred intrusion detection
 system is McAfee HBSS available through the U.S. Cyber Command (USCYBERCOM).
@@ -14366,12 +13708,12 @@ SELinux, this must be documented and approved by the local Authorizing Official.
 
     Verify that the McAfee HIPS module is active on the system:
 
-    # ps -ef | grep -i hipclient
+    # ps -ef | grep -i “hipclient”
 
     If the MFEhiplsm package is not installed, check for another intrusion
 detection system:
 
-    # find &#x2F; -name &lt;daemon name&gt;
+    # find / -name &lt;daemon name&gt;
 
     Where &lt;daemon name&gt; is the name of the primary application daemon to
 determine if the application is loaded on the system.
@@ -14385,146 +13727,138 @@ intrusion detection application has not been documented for use, this is a
 finding.
 
     If no host-based intrusion detection system is installed and running on the
-system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install and enable the latest McAfee HIPS package, available from
 USCYBERCOM.
 
     Note: If the system does not support the McAfee HIPS package, install and
 enable a supported intrusion detection system application and document its use
-with the Authorizing Official.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f65aa6a4-84a7-4320-86cf-16a502cff348</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001263</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package MFEhiplsm is expected to be installed
-expected that &#x60;System Package MFEhiplsm&#x60; is installed
---------------------------------
-passed
-Processes &#x2F;hipclient&#x2F; is expected to exist
-expected Processes &#x2F;hipclient&#x2F; to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71893</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86517r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010070</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+with the Authorizing Official.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-92255\" do\n  title \"The Red Hat Enterprise Linux operating system must have a host-based\nintrusion detection tool installed.\"\n  desc  \"Adding host-based intrusion detection tools can provide the capability\nto automatically take actions in response to malicious behavior, which can\nprovide additional agility in reacting to network threats. These tools also\noften include a reporting capability to provide network awareness of the\nsystem, which may not otherwise exist in an organization's systems management\nregime.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Ask the SA or ISSO if a host-based intrusion detection application is\nloaded on the system. Per OPORD 16-0080, the preferred intrusion detection\nsystem is McAfee HBSS available through the U.S. Cyber Command (USCYBERCOM).\n\n    If another host-based intrusion detection application is in use, such as\nSELinux, this must be documented and approved by the local Authorizing Official.\n\n    Procedure:\n    Examine the system to determine if the Host Intrusion Prevention System\n(HIPS) is installed:\n\n    # rpm -qa | grep MFEhiplsm\n\n    Verify that the McAfee HIPS module is active on the system:\n\n    # ps -ef | grep -i “hipclient”\n\n    If the MFEhiplsm package is not installed, check for another intrusion\ndetection system:\n\n    # find / -name &lt;daemon name&gt;\n\n    Where &lt;daemon name&gt; is the name of the primary application daemon to\ndetermine if the application is loaded on the system.\n\n    Determine if the application is active on the system:\n\n    # ps -ef | grep -i &lt;daemon name&gt;\n\n    If the MFEhiplsm package is not installed and an alternate host-based\nintrusion detection application has not been documented for use, this is a\nfinding.\n\n    If no host-based intrusion detection system is installed and running on the\nsystem, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Install and enable the latest McAfee HIPS package, available from\nUSCYBERCOM.\n\n    Note: If the system does not support the McAfee HIPS package, install and\nenable a supported intrusion detection system application and document its use\nwith the Authorizing Official.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000196\"\n  tag gid: \"V-92255\"\n  tag rid: \"SV-102357r1_rule\"\n  tag stig_id: \"RHEL-07-020019\"\n  tag fix_id: \"F-98477r1_fix\"\n  tag cci: [\"CCI-001263\"]\n  tag nist: [\"SI-4 (5)\", \"Rev_4\"]\n\n  custom_hips = input('custom_hips')\n\n  if ! custom_hips\n    describe package('MFEhiplsm') do\n      it { should be_installed }\n    end\n    describe processes(/hipclient/) do\n      it { should exist }\n    end\n  else\n    # Special case for SELinux\n    sel_mode = command('getenforce').stdout.strip\n    custom_hips_daemon = input('custom_hips_daemon')\n    max_daemon_processes = input('max_daemon_processes')\n\n    describe.one do\n      describe \"SELinux mode\" do\n        subject { sel_mode }\n        it { should cmp 'Enforcing' }\n      end\n      describe processes(/#{custom_hips_daemon}/) do\n        it { should exist }\n        its('count') { should be &lt; max_daemon_processes }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001263</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package MFEhiplsm is expected to be installed :: MESSAGE expected that `System Package MFEhiplsm` is installed
+--------------------------------
+passed :: TEST Processes /hipclient/ is expected to exist :: MESSAGE expected Processes /hipclient/ to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71893</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86517r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010070</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate a
 screensaver after a 15-minute period of inactivity for graphical user
-interfaces.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+interfaces.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates a screensaver after a 15-minute
 period of inactivity for graphical user interfaces. The screen program must be
 installed to lock sessions on the console.
@@ -14535,148 +13869,143 @@ Applicable.
     Check to see if GNOME is configured to display a screensaver after a 15
 minute delay with the following command:
 
-    # grep -i idle-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    idle-delay&#x3D;uint32 900
+    # grep -i idle-delay /etc/dconf/db/local.d/*
+    idle-delay=uint32 900
 
-    If the &quot;idle-delay&quot; setting is missing or is not set to &quot;900&quot; or less,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "idle-delay" setting is missing or is not set to "900" or less,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate a screensaver after a 15-minute
 period of inactivity for graphical user interfaces.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
-    Edit &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver and add or update the following
+    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following
 lines:
 
-    [org&#x2F;gnome&#x2F;desktop&#x2F;session]
+    [org/gnome/desktop/session]
     # Set the lock time out to 900 seconds before the session is considered idle
-    idle-delay&#x3D;uint32 900
+    idle-delay=uint32 900
 
-    You must include the &quot;uint32&quot; along with the integer key values as shown.
+    You must include the "uint32" along with the integer key values as shown.
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f19de067-04bf-42bd-89e6-10a5fffdd49b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71915</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86539r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010180</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71893\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate a\nscreensaver after a 15-minute period of inactivity for graphical user\ninterfaces.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces. The screen program must be\ninstalled to lock sessions on the console.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check to see if GNOME is configured to display a screensaver after a 15\nminute delay with the following command:\n\n    # grep -i idle-delay /etc/dconf/db/local.d/*\n    idle-delay=uint32 900\n\n    If the \\\"idle-delay\\\" setting is missing or is not set to \\\"900\\\" or less,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate a screensaver after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit /etc/dconf/db/local.d/00-screensaver and add or update the following\nlines:\n\n    [org/gnome/desktop/session]\n    # Set the lock time out to 900 seconds before the session is considered idle\n    idle-delay=uint32 900\n\n    You must include the \\\"uint32\\\" along with the integer key values as shown.\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71893\"\n  tag rid: \"SV-86517r5_rule\"\n  tag stig_id: \"RHEL-07-010070\"\n  tag fix_id: \"F-78245r5_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  unless package('gnome-desktop3').installed?\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  else \n    describe command(\"gsettings get org.gnome.desktop.session idle-delay | cut -d ' ' -f2\") do\n      its('stdout.strip') { should cmp &lt;= 900 }\n    end \n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71915</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86539r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010180</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed the number of repeating consecutive characters
-must not be more than three characters.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+must not be more than three characters.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -14685,617 +14014,590 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;maxrepeat&quot; option sets the maximum number of allowed same
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "maxrepeat" option sets the maximum number of allowed same
 consecutive characters in a new password.
 
-    Check for the value of the &quot;maxrepeat&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "maxrepeat" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep maxrepeat &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    maxrepeat &#x3D; 3
+    # grep maxrepeat /etc/security/pwquality.conf
+    maxrepeat = 3
 
-    If the value of &quot;maxrepeat&quot; is set to more than &quot;3&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "maxrepeat" is set to more than "3", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of the number of
 repeating consecutive characters when passwords are changed by setting the
-&quot;maxrepeat&quot; option.
+"maxrepeat" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf conf&quot; (or modify
+    Add the following line to "/etc/security/pwquality.conf conf" (or modify
 the line to have the required value):
 
-    maxrepeat &#x3D; 3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0e8f012e-d65e-4683-abb0-f03c42971e34</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf maxrepeat.to_i is expected to cmp &lt;&#x3D; 3</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81013</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95725r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021024</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount &#x2F;dev&#x2F;shm with
-the noexec option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;noexec&quot; mount option causes the system to not execute binary
+    maxrepeat = 3</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71915\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed the number of repeating consecutive characters\nmust not be more than three characters.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"maxrepeat\\\" option sets the maximum number of allowed same\nconsecutive characters in a new password.\n\n    Check for the value of the \\\"maxrepeat\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep maxrepeat /etc/security/pwquality.conf\n    maxrepeat = 3\n\n    If the value of \\\"maxrepeat\\\" is set to more than \\\"3\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of the number of\nrepeating consecutive characters when passwords are changed by setting the\n\\\"maxrepeat\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf conf\\\" (or modify\nthe line to have the required value):\n\n    maxrepeat = 3\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71915\"\n  tag rid: \"SV-86539r3_rule\"\n  tag stig_id: \"RHEL-07-010180\"\n  tag fix_id: \"F-78267r2_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('maxrepeat.to_i') { should cmp &lt;= 3 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf maxrepeat.to_i is expected to cmp &lt;= 3</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81013</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95725r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount /dev/shm with
+the noexec option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "noexec" mount option causes the system to not execute binary
 files. This option must be used for mounting any file system not containing
 approved binary files as they may be incompatible. Executing files from
 untrusted file systems increases the opportunity for unprivileged users to
-attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;noexec&quot; option is configured for &#x2F;dev&#x2F;shm:
+attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "noexec" option is configured for /dev/shm:
 
-    # cat &#x2F;etc&#x2F;fstab | grep &#x2F;dev&#x2F;shm
+    # cat /etc/fstab | grep /dev/shm
 
-    tmpfs &#x2F;dev&#x2F;shm tmpfs defaults,nodev,nosuid,noexec 0 0
+    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
 
-    If any results are returned and the &quot;noexec&quot; option is not listed, this
+    If any results are returned and the "noexec" option is not listed, this
 is a finding.
 
-    Verify &quot;&#x2F;dev&#x2F;shm&quot; is mounted with the &quot;noexec&quot; option:
-
-    # mount | grep &quot;&#x2F;dev&#x2F;shm&quot; | grep noexec
-
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the system so that &#x2F;dev&#x2F;shm is mounted with the
-&quot;noexec&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4858a590-cc55-4496-9ad1-67aa4579a41f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;dev&#x2F;shm options is expected to include &quot;noexec&quot;
-expected [&quot;rw&quot;, &quot;nosuid&quot;, &quot;nodev&quot;, &quot;seclabel&quot;] to include &quot;noexec&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73173</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87825r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030874</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Verify "/dev/shm" is mounted with the "noexec" option:
+
+    # mount | grep "/dev/shm" | grep noexec
+
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system so that /dev/shm is mounted with the
+"noexec" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81013\" do\n  title \"The Red Hat Enterprise Linux operating system must mount /dev/shm with\nthe noexec option.\"\n  desc  \"The \\\"noexec\\\" mount option causes the system to not execute binary\nfiles. This option must be used for mounting any file system not containing\napproved binary files as they may be incompatible. Executing files from\nuntrusted file systems increases the opportunity for unprivileged users to\nattain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"noexec\\\" option is configured for /dev/shm:\n\n    # cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If any results are returned and the \\\"noexec\\\" option is not listed, this\nis a finding.\n\n    Verify \\\"/dev/shm\\\" is mounted with the \\\"noexec\\\" option:\n\n    # mount | grep \\\"/dev/shm\\\" | grep noexec\n\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system so that /dev/shm is mounted with the\n\\\"noexec\\\" option.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000368-GPOS-00154\"\n  tag gid: \"V-81013\"\n  tag rid: \"SV-95725r2_rule\"\n  tag stig_id: \"RHEL-07-021024\"\n  tag fix_id: \"F-87847r2_fix\"\n  tag cci: [\"CCI-001764\"]\n  tag nist: [\"CM-7 (2)\", \"Rev_4\"]\n\n  describe mount('/dev/shm') do\n    its('options') { should include 'noexec' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /dev/shm options is expected to include "noexec" :: MESSAGE expected ["rw", "nosuid", "nodev", "seclabel"] to include "noexec"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73173</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87825r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030874</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;opasswd.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/opasswd.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;opasswd.
+/etc/opasswd.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;security&#x2F;opasswd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/security/opasswd /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;security&#x2F;opasswd -p wa -k identity
+    -w /etc/security/opasswd -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&#x2F;etc&#x2F;opasswd.
+/etc/opasswd.
 
     Add or update the following file system rule in
-&quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+"/etc/audit/rules.d/audit.rules":
 
-    -w &#x2F;etc&#x2F;security&#x2F;opasswd -p wa -k identity
+    -w /etc/security/opasswd -p wa -k identity
 
     The audit daemon must be restarted for the changes to take effect:
-    # systemctl restart auditd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>23528817-5e02-462d-9cd2-5cc200952224</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;security&#x2F;opasswd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;security&#x2F;opasswd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72117</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86741r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl restart auditd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73173\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/opasswd.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/opasswd.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/security/opasswd /etc/audit/audit.rules\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n/etc/opasswd.\n\n    Add or update the following file system rule in\n\\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/security/opasswd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect:\n    # systemctl restart auditd\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73173\"\n  tag rid: \"SV-87825r5_rule\"\n  tag stig_id: \"RHEL-07-030874\"\n  tag fix_id: \"F-79619r6_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/security/opasswd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/security/opasswd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/security/opasswd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72117</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86741r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the removexattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the removexattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;removexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "removexattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw removexattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw removexattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;removexattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"removexattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;removexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "removexattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S removexattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0f337780-2ebb-4839-9320-1a3c63f6a987</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;removexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71951</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00226</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86575r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72117\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe removexattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"removexattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw removexattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"removexattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"removexattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S removexattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72117\"\n  tag rid: \"SV-86741r5_rule\"\n  tag stig_id: \"RHEL-07-030470\"\n  tag fix_id: \"F-78469r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"removexattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"removexattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "removexattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71951</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00226</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86575r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the delay between logon prompts following a failed console logon attempt
-is at least four seconds.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+is at least four seconds.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring the operating system to implement organization-wide
 security implementation guides and security checklists verifies compliance with
 federal standards and establishes a common security baseline across DoD that
@@ -15304,605 +14606,580 @@ requirements.
 
     Configuration settings are the set of parameters that can be changed in
 hardware, software, or firmware components of the system that affect the
-security posture and&#x2F;or functionality of the system. Security-related
+security posture and/or functionality of the system. Security-related
 parameters are those parameters impacting the security state of the system,
 including the parameters required to satisfy other security control
 requirements. Security-related parameters include, for example, registry
 settings; account, file, and directory permission settings; and settings for
-functions, ports, protocols, services, and remote connections.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+functions, ports, protocols, services, and remote connections.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enforces a delay of at least four seconds
 between console logon prompts following a failed logon attempt.
 
-    Check the value of the &quot;fail_delay&quot; parameter in the &quot;&#x2F;etc&#x2F;login.defs&quot;
+    Check the value of the "fail_delay" parameter in the "/etc/login.defs"
 file with the following command:
 
-    # grep -i fail_delay &#x2F;etc&#x2F;login.defs
+    # grep -i fail_delay /etc/login.defs
     FAIL_DELAY 4
 
-    If the value of &quot;FAIL_DELAY&quot; is not set to &quot;4&quot; or greater, or the line
-is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "FAIL_DELAY" is not set to "4" or greater, or the line
+is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce a delay of at least four seconds
 between logon prompts following a failed console logon attempt.
 
-    Modify the &quot;&#x2F;etc&#x2F;login.defs&quot; file to set the &quot;FAIL_DELAY&quot; parameter to
-&quot;4&quot; or greater:
-
-    FAIL_DELAY 4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>60c4b2a5-14f9-401c-b782-69172192cfb4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs FAIL_DELAY.to_i is expected to cmp &gt;&#x3D; 4</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86661r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020730</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Modify the "/etc/login.defs" file to set the "FAIL_DELAY" parameter to
+"4" or greater:
+
+    FAIL_DELAY 4</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71951\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the delay between logon prompts following a failed console logon attempt\nis at least four seconds.\"\n  desc  \"Configuring the operating system to implement organization-wide\nsecurity implementation guides and security checklists verifies compliance with\nfederal standards and establishes a common security baseline across DoD that\nreflects the most restrictive security posture consistent with operational\nrequirements.\n\n    Configuration settings are the set of parameters that can be changed in\nhardware, software, or firmware components of the system that affect the\nsecurity posture and/or functionality of the system. Security-related\nparameters are those parameters impacting the security state of the system,\nincluding the parameters required to satisfy other security control\nrequirements. Security-related parameters include, for example, registry\nsettings; account, file, and directory permission settings; and settings for\nfunctions, ports, protocols, services, and remote connections.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces a delay of at least four seconds\nbetween console logon prompts following a failed logon attempt.\n\n    Check the value of the \\\"fail_delay\\\" parameter in the \\\"/etc/login.defs\\\"\nfile with the following command:\n\n    # grep -i fail_delay /etc/login.defs\n    FAIL_DELAY 4\n\n    If the value of \\\"FAIL_DELAY\\\" is not set to \\\"4\\\" or greater, or the line\nis commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce a delay of at least four seconds\nbetween logon prompts following a failed console logon attempt.\n\n    Modify the \\\"/etc/login.defs\\\" file to set the \\\"FAIL_DELAY\\\" parameter to\n\\\"4\\\" or greater:\n\n    FAIL_DELAY 4\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00226\"\n  tag gid: \"V-71951\"\n  tag rid: \"SV-86575r2_rule\"\n  tag stig_id: \"RHEL-07-010430\"\n  tag fix_id: \"F-78303r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe login_defs do\n    its('FAIL_DELAY.to_i') { should cmp &gt;= 4 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs FAIL_DELAY.to_i is expected to cmp &gt;= 4</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86661r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020730</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that local initialization files do not execute world-writable programs.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that local initialization files do not execute world-writable programs.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>This control consistently takes a long to run and has been disabled
-          using the disable_slow_controls attribute.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+          using the disable_slow_controls attribute.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that local initialization files do not execute world-writable
 programs.
 
     Check the system for world-writable files with the following command:
 
-    # find &#x2F; -xdev -perm -002 -type f -exec ls -ld {} \; | more
+    # find / -xdev -perm -002 -type f -exec ls -ld {} \; | more
 
     For all files listed, check for their presence in the local initialization
 files with the following commands:
 
-    Note: The example will be for a system that is configured to create users&#39;
-home directories in the &quot;&#x2F;home&quot; directory.
+    Note: The example will be for a system that is configured to create users'
+home directories in the "/home" directory.
 
-    # grep &lt;file&gt; &#x2F;home&#x2F;*&#x2F;.*
+    # grep &lt;file&gt; /home/*/.*
 
     If any local initialization files are found to reference world-writable
-files, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+files, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the mode on files being executed by the local initialization files with
 the following command:
 
-    # chmod 0755 &lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ecad2dca-a414-4b37-9857-69d78b7278dc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This control consistently takes a long to run and has been disabled
-  using the disable_slow_controls attribute.
-This control consistently takes a long to run and has been disabled
+    # chmod 0755 &lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72037\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat local initialization files do not execute world-writable programs.\"\n  if input('disable_slow_controls')\n    desc \"This control consistently takes a long to run and has been disabled\n          using the disable_slow_controls attribute.\"\n  else\n  desc  \"If user start-up files execute world-writable programs, especially in\nunprotected directories, they could be maliciously modified to destroy user\nfiles or otherwise compromise the system at the user level. If the system is\ncompromised at the user level, it is easier to elevate privileges to eventually\ncompromise the system at the root and network level.\"\n  end\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that local initialization files do not execute world-writable\nprograms.\n\n    Check the system for world-writable files with the following command:\n\n    # find / -xdev -perm -002 -type f -exec ls -ld {} \\\\; | more\n\n    For all files listed, check for their presence in the local initialization\nfiles with the following commands:\n\n    Note: The example will be for a system that is configured to create users'\nhome directories in the \\\"/home\\\" directory.\n\n    # grep &lt;file&gt; /home/*/.*\n\n    If any local initialization files are found to reference world-writable\nfiles, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the mode on files being executed by the local initialization files with\nthe following command:\n\n    # chmod 0755 &lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72037\"\n  tag rid: \"SV-86661r2_rule\"\n  tag stig_id: \"RHEL-07-020730\"\n  tag fix_id: \"F-78389r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  if input('disable_slow_controls')\n    describe \"This control consistently takes a long to run and has been disabled\n  using the disable_slow_controls attribute.\" do\n      skip \"This control consistently takes a long to run and has been disabled\n  using the disable_slow_controls attribute. You must enable this control for a\n  full accredidation for production.\"\n  end\n  else\n    ignore_shells = non_interactive_shells.join('|')\n\n    #Get home directory for users with UID &gt;= 1000 or UID == 0 and support interactive logins.\n    dotfiles = Set[]\n    u = users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries\n    #For each user, build and execute a find command that identifies initialization files\n    #in a user's home directory.\n    u.each do |user|\n      dotfiles = dotfiles + command(\"find #{user.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n    end\n    ww_files = Set[]\n    ww_files = command('find / -xdev -perm -002 -type f -exec ls {} \\;').stdout.lines\n\n    #To reduce the number of commands ran, we use a pattern file in the grep command below\n    #So we don't have too long of a grep command, we chunk the list of ww_files\n    #into strings not longer than PATTERN_FILE_MAX_LENGTH\n    #Based on MAX_ARG_STRLEN, /usr/include/linux/binfmts.h\n    #We cut off 100 to leave room for the rest of the arguments\n    PATTERN_FILE_MAX_LENGTH=command(\"getconf PAGE_SIZE\").stdout.to_i * 32 - 100\n    ww_chunked=[\"\"]\n    ww_files.each do |item|\n      item = item.strip\n      if item.length + \"\\n\".length &gt; PATTERN_FILE_MAX_LENGTH\n        raise \"Single pattern is longer than PATTERN_FILE_MAX_LENGTH\"\n      end\n      if ww_chunked[-1].length + \"\\n\".length + item.length &gt; PATTERN_FILE_MAX_LENGTH\n        ww_chunked.append(\"\")\n      end\n      ww_chunked[-1] += \"\\n\" + item  # This will leave an extra newline at the beginning of chunks\n    end\n    ww_chunked = ww_chunked.map(&amp;:strip)  # This gets rid of the beginning newlines\n    if ww_chunked[0] == \"\"\n      ww_chunked = []  # If we didn't have any ww_files, this will prevent an empty grep pattern\n    end\n\n    #Check each dotfile for existence of each world-writeable file\n    findings = Set[]\n    dotfiles.each do |dotfile|\n      dotfile = dotfile.strip\n      ww_chunked.each do |ww_pattern_file|\n        count = command(\"grep -c -f &lt;(echo \\\"#{ww_pattern_file}\\\") \\\"#{dotfile}\\\"\").stdout.strip.to_i\n        findings &lt;&lt; dotfile if count &gt; 0\n      end\n    end\n    describe \"Local initialization files that are found to reference world-writable files\" do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This control consistently takes a long to run and has been disabled
+  using the disable_slow_controls attribute. :: SKIP_MESSAGE This control consistently takes a long to run and has been disabled
   using the disable_slow_controls attribute. You must enable this control for a
-  full accredidation for production.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72121</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86745r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030490</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+  full accredidation for production.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72121</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86745r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030490</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the lremovexattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the lremovexattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lremovexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw lremovexattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw lremovexattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;lremovexattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"lremovexattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lremovexattr&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    -a always,exit -F arch&#x3D;b64 -S lremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6696fa52-8797-413e-b81d-7b38437fda1a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86629r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "lremovexattr" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72121\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe lremovexattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"lremovexattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw lremovexattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"lremovexattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"lremovexattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S lremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72121\"\n  tag rid: \"SV-86745r5_rule\"\n  tag stig_id: \"RHEL-07-030490\"\n  tag fix_id: \"F-78473r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"lremovexattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"lremovexattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lremovexattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86629r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the root account must be the only account having unrestricted access to
-the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an account other than root also has a User Identifier (UID) of
-&quot;0&quot;, it has root authority, giving that account unrestricted access to the
-entire operating system. Multiple accounts with a UID of &quot;0&quot; afford an
+"0", it has root authority, giving that account unrestricted access to the
+entire operating system. Multiple accounts with a UID of "0" afford an
 opportunity for potential intruders to guess a password for a privileged
-account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Check the system for duplicate UID &quot;0&quot; assignments with the following
+account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Check the system for duplicate UID "0" assignments with the following
 command:
 
-    # awk -F: &#39;$3 &#x3D;&#x3D; 0 {print $1}&#39; &#x2F;etc&#x2F;passwd
+    # awk -F: '$3 == 0 {print $1}' /etc/passwd
 
-    If any accounts other than root have a UID of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any accounts other than root have a UID of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Change the UID of any account on the system, other than root, that has a
-UID of &quot;0&quot;.
+UID of "0".
 
     If the account is associated with system commands or applications, the UID
-should be changed to one greater than &quot;0&quot; but less than &quot;1000&quot;. Otherwise,
-assign a UID of greater than &quot;1000&quot; that has not already been assigned.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3fa7fa28-9460-4cb7-bfe4-d2eafebb8db1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;passwd with uid &#x3D;&#x3D; 0 users is expected to cmp &#x3D;&#x3D; &quot;root&quot;
---------------------------------
-passed
-&#x2F;etc&#x2F;passwd with uid &#x3D;&#x3D; 0 entries.length is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86877r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040400</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+should be changed to one greater than "0" but less than "1000". Otherwise,
+assign a UID of greater than "1000" that has not already been assigned.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72005\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the root account must be the only account having unrestricted access to\nthe system.\"\n  desc  \"If an account other than root also has a User Identifier (UID) of\n\\\"0\\\", it has root authority, giving that account unrestricted access to the\nentire operating system. Multiple accounts with a UID of \\\"0\\\" afford an\nopportunity for potential intruders to guess a password for a privileged\naccount.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check the system for duplicate UID \\\"0\\\" assignments with the following\ncommand:\n\n    # awk -F: '$3 == 0 {print $1}' /etc/passwd\n\n    If any accounts other than root have a UID of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the UID of any account on the system, other than root, that has a\nUID of \\\"0\\\".\n\n    If the account is associated with system commands or applications, the UID\nshould be changed to one greater than \\\"0\\\" but less than \\\"1000\\\". Otherwise,\nassign a UID of greater than \\\"1000\\\" that has not already been assigned.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72005\"\n  tag rid: \"SV-86629r2_rule\"\n  tag stig_id: \"RHEL-07-020310\"\n  tag fix_id: \"F-78357r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe passwd.uids(0) do\n    its('users') { should cmp 'root' }\n    its('entries.length') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/passwd with uid == 0 users is expected to cmp == "root"
+--------------------------------
+passed :: TEST /etc/passwd with uid == 0 entries.length is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000250-GPOS-00093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86877r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040400</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon is configured to only use Message Authentication Codes
-(MACs) employing FIPS 140-2 approved cryptographic hash algorithms.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(MACs) employing FIPS 140-2 approved cryptographic hash algorithms.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>DoD information systems are required to use FIPS 140-2 approved
 cryptographic hash functions. The only SSHv2 hash algorithm meeting this
-requirement is SHA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+requirement is SHA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon is configured to only use MACs employing FIPS
 140-2-approved ciphers.
 
@@ -15913,1495 +15190,1440 @@ hashes.
     Check that the SSH daemon is configured to only use MACs employing FIPS
 140-2-approved ciphers with the following command:
 
-    # grep -i macs &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i macs /etc/ssh/sshd_config
     MACs hmac-sha2-256,hmac-sha2-512
 
-    If any ciphers other than &quot;hmac-sha2-256&quot; or &quot;hmac-sha2-512&quot; are listed
-or the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for the
-&quot;MACs&quot; keyword and set its value to &quot;hmac-sha2-256&quot; and&#x2F;or
-&quot;hmac-sha2-512&quot; (this file may be named differently or be in a different
+    If any ciphers other than "hmac-sha2-256" or "hmac-sha2-512" are listed
+or the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the
+"MACs" keyword and set its value to "hmac-sha2-256" and/or
+"hmac-sha2-512" (this file may be named differently or be in a different
 location if using a version of SSH that is provided by a third-party vendor):
 
     MACs hmac-sha2-256,hmac-sha2-512
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>227c0d5c-2706-430b-ad76-6afba96fcbdd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-hmac-sha2-256 is expected to be in &quot;hmac-sha2-256&quot; and &quot;hmac-sha2-512&quot;
---------------------------------
-passed
-hmac-sha2-512 is expected to be in &quot;hmac-sha2-256&quot; and &quot;hmac-sha2-512&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86673r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72253\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon is configured to only use Message Authentication Codes\n(MACs) employing FIPS 140-2 approved cryptographic hash algorithms.\"\n  desc  \"DoD information systems are required to use FIPS 140-2 approved\ncryptographic hash functions. The only SSHv2 hash algorithm meeting this\nrequirement is SHA.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon is configured to only use MACs employing FIPS\n140-2-approved ciphers.\n\n    Note: If RHEL-07-021350 is a finding, this is automatically a finding as\nthe system cannot implement FIPS 140-2-approved cryptographic algorithms and\nhashes.\n\n    Check that the SSH daemon is configured to only use MACs employing FIPS\n140-2-approved ciphers with the following command:\n\n    # grep -i macs /etc/ssh/sshd_config\n    MACs hmac-sha2-256,hmac-sha2-512\n\n    If any ciphers other than \\\"hmac-sha2-256\\\" or \\\"hmac-sha2-512\\\" are listed\nor the returned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for the\n\\\"MACs\\\" keyword and set its value to \\\"hmac-sha2-256\\\" and/or\n\\\"hmac-sha2-512\\\" (this file may be named differently or be in a different\nlocation if using a version of SSH that is provided by a third-party vendor):\n\n    MACs hmac-sha2-256,hmac-sha2-512\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000250-GPOS-00093\"\n  tag gid: \"V-72253\"\n  tag rid: \"SV-86877r3_rule\"\n  tag stig_id: \"RHEL-07-040400\"\n  tag fix_id: \"F-78607r2_fix\"\n  tag cci: [\"CCI-001453\"]\n  tag nist: [\"AC-17 (2)\", \"Rev_4\"]\n\n  @macs = inspec.sshd_config.params(\"macs\")\n  if @macs.nil?\n    # fail fast\n    describe 'The `sshd_config` setting for `MACs`' do\n    subject { @macs }\n      it 'should be explicitly set and not commented out' do\n        expect(subject).not_to be_nil\n      end\n    end\n  else\n    @macs.first.split(\",\").each do |mac|\n      describe mac do\n        it { should be_in ['hmac-sha2-256', 'hmac-sha2-512'] }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST hmac-sha2-256 is expected to be in "hmac-sha2-256" and "hmac-sha2-512"
+--------------------------------
+passed :: TEST hmac-sha2-512 is expected to be in "hmac-sha2-256" and "hmac-sha2-512"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86673r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must set the umask value
-to 077 for all local interactive user accounts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+to 077 for all local interactive user accounts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The umask controls the default access mode assigned to newly created
 files. A umask of 077 limits new files to mode 700 or less permissive. Although
 umask can be represented as a four-digit number, the first digit representing
-special access modes is typically ignored or required to be &quot;0&quot;. This
+special access modes is typically ignored or required to be "0". This
 requirement applies to the globally configured system defaults and the local
-interactive user defaults for each account on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the default umask for all local interactive users is &quot;077&quot;.
+interactive user defaults for each account on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the default umask for all local interactive users is "077".
 
     Identify the locations of all local interactive user home directories by
-looking at the &quot;&#x2F;etc&#x2F;passwd&quot; file.
+looking at the "/etc/passwd" file.
 
     Check all local interactive user initialization files for interactive users
 with the following command:
 
     Note: The example is for a system that is configured to create users home
-directories in the &quot;&#x2F;home&quot; directory.
+directories in the "/home" directory.
 
-    # grep -i umask &#x2F;home&#x2F;*&#x2F;.*
+    # grep -i umask /home/*/.*
 
     If any local interactive user initialization files are found to have a
-umask statement that has a value less restrictive than &quot;077&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove the umask statement from all local interactive user&#39;s initialization
+umask statement that has a value less restrictive than "077", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove the umask statement from all local interactive user's initialization
 files.
 
     If the account is for an application, the requirement for a umask less
-restrictive than &quot;077&quot; can be documented with the Information System Security
+restrictive than "077" can be documented with the Information System Security
 Officer, but the user agreement for access to the account must specify that the
 local interactive user must log on to their account first and then switch the
-user to the application account with the correct option to gain the account&#39;s
-environment variables.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>170e3386-05d5-4e4e-897a-363e477031b8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No interactive user initialization files with a less restrictive umask were found. is expected to eq true
---------------------------------
-passed
-No users were found with a less restrictive umask were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72309</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86933r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040740</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+user to the application account with the correct option to gain the account's
+environment variables.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72049\" do\n  title \"The Red Hat Enterprise Linux operating system must set the umask value\nto 077 for all local interactive user accounts.\"\n  desc  \"The umask controls the default access mode assigned to newly created\nfiles. A umask of 077 limits new files to mode 700 or less permissive. Although\numask can be represented as a four-digit number, the first digit representing\nspecial access modes is typically ignored or required to be \\\"0\\\". This\nrequirement applies to the globally configured system defaults and the local\ninteractive user defaults for each account on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the default umask for all local interactive users is \\\"077\\\".\n\n    Identify the locations of all local interactive user home directories by\nlooking at the \\\"/etc/passwd\\\" file.\n\n    Check all local interactive user initialization files for interactive users\nwith the following command:\n\n    Note: The example is for a system that is configured to create users home\ndirectories in the \\\"/home\\\" directory.\n\n    # grep -i umask /home/*/.*\n\n    If any local interactive user initialization files are found to have a\numask statement that has a value less restrictive than \\\"077\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Remove the umask statement from all local interactive user's initialization\nfiles.\n\n    If the account is for an application, the requirement for a umask less\nrestrictive than \\\"077\\\" can be documented with the Information System Security\nOfficer, but the user agreement for access to the account must specify that the\nlocal interactive user must log on to their account first and then switch the\nuser to the application account with the correct option to gain the account's\nenvironment variables.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72049\"\n  tag rid: \"SV-86673r2_rule\"\n  tag stig_id: \"RHEL-07-021040\"\n  tag fix_id: \"F-78401r3_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  non_interactive_shells = input('non_interactive_shells')\n\n  # Get all interactive users\n  ignore_shells = non_interactive_shells.join('|')\n\n  # Get home directory for users with UID &gt;= 1000 or UID == 0 and support interactive logins.\n  findings = Set[]\n  dotfiles = Set[]\n  umasks = {}\n  umask_findings = Set[]\n\n  # Get UID_MIN from login.defs\n  uid_min = 1000\n  if file(\"/etc/login.defs\").exist?\n    uid_min_val = command(\"grep '^UID_MIN' /etc/login.defs | grep -Po '[0-9]+'\").stdout.split(\"\\n\")\n    if !uid_min_val.empty?\n      uid_min = uid_min_val[0].to_i\n    end\n  end\n\n  interactive_users = users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries\n\n  # For each user, build and execute a find command that identifies initialization files\n  # in a user's home directory.\n  interactive_users.each do |u|\n\n    # Only check if the home directory is local\n    is_local = command(\"df -l #{u.home}\").exit_status\n\n    if is_local == 0\n      # Get user's initialization files\n      dotfiles = dotfiles + command(\"find #{u.home} -xdev -maxdepth 2 ( -name '.*' ! -name '.bash_history' ) -type f\").stdout.split(\"\\n\")\n\n      # Get user's umask\n      umasks.store(u.username,command(\"su -c 'umask' -l #{u.username}\").stdout.chomp(\"\\n\"))\n\n      # Check all local initialization files to see whether or not they are less restrictive than 077.\n      dotfiles.each do |df|\n        if file(df).more_permissive_than?(\"0077\")\n          findings = findings + df\n        end\n      end\n\n      # Check umask for all interactive users\n      umasks.each do |key,value|\n        max_mode = (\"0077\").to_i(8)\n        inv_mode = 0777 ^ max_mode\n        if inv_mode &amp; (value).to_i(8) != 0\n          umask_findings = umask_findings + key\n        end\n      end\n    else\n      describe \"This control skips non-local filesystems\" do\n       skip \"This control has skipped the #{u.home} home directory for #{u.username} because it is not a local filesystem.\"\n     end\n    end\n  end\n\n  # Report on any interactive files that are less restrictive than 077.\n  describe \"No interactive user initialization files with a less restrictive umask were found.\" do\n    subject { findings.empty? }\n    it { should eq true }\n  end\n\n  # Report on any interactive users that have a umask less restrictive than 077.\n  describe \"No users were found with a less restrictive umask were found.\" do\n    subject { umask_findings.empty? }\n    it { should eq true }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No interactive user initialization files with a less restrictive umask were found. is expected to eq true
+--------------------------------
+passed :: TEST No users were found with a less restrictive umask were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72309</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86933r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040740</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not be performing
-packet forwarding unless the system is a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+packet forwarding unless the system is a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Routing protocol daemons are typically used on routers to exchange
 network topology information with other routers. If this software is used when
 not required, system network information may be unnecessarily transmitted
-across the network.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+across the network.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system is not performing packet forwarding, unless the system is
 a router.
 
-    # grep net.ipv4.ip_forward &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv4.ip_forward /etc/sysctl.conf /etc/sysctl.d/*
 
-    net.ipv4.ip_forward &#x3D; 0
+    net.ipv4.ip_forward = 0
 
-    If &quot;net.ipv4.ip_forward&quot; is not configured in the &#x2F;etc&#x2F;sysctl.conf file
-or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or does not have a value
-of &quot;0&quot;, this is a finding.
+    If "net.ipv4.ip_forward" is not configured in the /etc/sysctl.conf file
+or in the /etc/sysctl.d/ directory, is commented out, or does not have a value
+of "0", this is a finding.
 
     Check that the operating system does not implement IP forwarding using the
 following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.ip_forward
-    net.ipv4.ip_forward &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv4.ip_forward
+    net.ipv4.ip_forward = 0
 
-    If IP forwarding value is &quot;1&quot; and the system is hosting any application,
-database, or web servers, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If IP forwarding value is "1" and the system is hosting any application,
+database, or web servers, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.ip_forward &#x3D; 0
+    net.ipv4.ip_forward = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a35bec45-e046-468e-95c5-59173d2272eb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.ip_forward value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81003</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95715r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010118</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72309\" do\n  title \"The Red Hat Enterprise Linux operating system must not be performing\npacket forwarding unless the system is a router.\"\n  desc  \"Routing protocol daemons are typically used on routers to exchange\nnetwork topology information with other routers. If this software is used when\nnot required, system network information may be unnecessarily transmitted\nacross the network.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system is not performing packet forwarding, unless the system is\na router.\n\n    # grep net.ipv4.ip_forward /etc/sysctl.conf /etc/sysctl.d/*\n\n    net.ipv4.ip_forward = 0\n\n    If \\\"net.ipv4.ip_forward\\\" is not configured in the /etc/sysctl.conf file\nor in the /etc/sysctl.d/ directory, is commented out, or does not have a value\nof \\\"0\\\", this is a finding.\n\n    Check that the operating system does not implement IP forwarding using the\nfollowing command:\n\n    # /sbin/sysctl -a | grep net.ipv4.ip_forward\n    net.ipv4.ip_forward = 0\n\n    If IP forwarding value is \\\"1\\\" and the system is hosting any application,\ndatabase, or web servers, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.ip_forward = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72309\"\n  tag rid: \"SV-86933r2_rule\"\n  tag stig_id: \"RHEL-07-040740\"\n  tag fix_id: \"F-78663r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.ip_forward') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.ip_forward value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95715r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010118</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that &#x2F;etc&#x2F;pam.d&#x2F;passwd implements &#x2F;etc&#x2F;pam.d&#x2F;system-auth when changing
-passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing
+passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Pluggable authentication modules (PAM) allow for a modular approach to
 integrating authentication methods. PAM operates in a top-down processing model
 and if the modules are not listed in the correct order, an important security
-function could be bypassed if stack entries are not centralized.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that &#x2F;etc&#x2F;pam.d&#x2F;passwd is configured to use &#x2F;etc&#x2F;pam.d&#x2F;system-auth
+function could be bypassed if stack entries are not centralized.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that /etc/pam.d/passwd is configured to use /etc/pam.d/system-auth
 when changing passwords:
 
-    # cat &#x2F;etc&#x2F;pam.d&#x2F;passwd | grep -i substack | grep -i system-auth
+    # cat /etc/pam.d/passwd | grep -i substack | grep -i system-auth
     password     substack     system-auth
 
-    If no results are returned, the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure PAM to utilize &#x2F;etc&#x2F;pam.d&#x2F;system-auth when changing passwords.
+    If no results are returned, the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure PAM to utilize /etc/pam.d/system-auth when changing passwords.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;pam.d&#x2F;passwd&quot; (or modify the line to have
+    Add the following line to "/etc/pam.d/passwd" (or modify the line to have
 the required value):
 
-    password     substack    system-auth</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d9cfd64e-bcfb-47d4-9a28-aeaef9805a41</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;pam.d&#x2F;passwd substacks system-auth</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72021</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86645r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020650</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    password     substack    system-auth</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81003\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing\npasswords.\"\n  desc  \"Pluggable authentication modules (PAM) allow for a modular approach to\nintegrating authentication methods. PAM operates in a top-down processing model\nand if the modules are not listed in the correct order, an important security\nfunction could be bypassed if stack entries are not centralized.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that /etc/pam.d/passwd is configured to use /etc/pam.d/system-auth\nwhen changing passwords:\n\n    # cat /etc/pam.d/passwd | grep -i substack | grep -i system-auth\n    password     substack     system-auth\n\n    If no results are returned, the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure PAM to utilize /etc/pam.d/system-auth when changing passwords.\n\n    Add the following line to \\\"/etc/pam.d/passwd\\\" (or modify the line to have\nthe required value):\n\n    password     substack    system-auth\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000069-GPOS-00037\"\n  tag gid: \"V-81003\"\n  tag rid: \"SV-95715r1_rule\"\n  tag stig_id: \"RHEL-07-010118\"\n  tag fix_id: \"F-87837r1_fix\"\n  tag cci: [\"CCI-000192\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  # Get the content of /etc/pam.d/passwd as an array\n  pam_passwd_content = file('/etc/pam.d/passwd').content.strip.split(\"\\n\")\n  # Make a new array of any line matching the target pattern:\n  # /password\\s+substack\\s+system-auth\n  matching_lines = pam_passwd_content.select { |i| i.match(/password\\s+substack\\s+system-auth/) }\n\n  describe '/etc/pam.d/passwd' do\n    subject { matching_lines }\n    it 'substacks system-auth' do\n      expect(subject.length).to(eql 1)\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/pam.d/passwd substacks system-auth</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72021</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86645r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020650</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user home directories are group-owned by the home
-directory owners primary group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the Group Identifier (GID) of a local interactive user&#39;s home
+directory owners primary group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the Group Identifier (GID) of a local interactive user's home
 directory is not the same as the primary GID of the user, this would allow
-unauthorized access to the user&#39;s files, and users that share the same group
-may not be able to access files that they legitimately should.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized access to the user's files, and users that share the same group
+may not be able to access files that they legitimately should.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users is
-group-owned by that user&#39;s primary GID.
+group-owned by that user's primary GID.
 
     Check the home directory assignment for all local interactive users on the
 system with the following command:
 
-    # ls -ld $(egrep &#39;:[0-9]{4}&#39; &#x2F;etc&#x2F;passwd | cut -d: -f6)
+    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)
 
-    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 &#x2F;home&#x2F;smithj
+    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
 
-    Check the user&#39;s primary group with the following command:
+    Check the user's primary group with the following command:
 
-    # grep users &#x2F;etc&#x2F;group
+    # grep users /etc/group
 
     users:x:250:smithj,jonesj,jacksons
 
-    If the user home directory referenced in &quot;&#x2F;etc&#x2F;passwd&quot; is not group-owned
-by that user&#39;s primary GID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the group owner of a local interactive user&#39;s home directory to the
-group found in &quot;&#x2F;etc&#x2F;passwd&quot;. To change the group owner of a local
-interactive user&#39;s home directory, use the following command:
-
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;, and has a primary group of users.
-
-    # chgrp users &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b65447db-d23c-4a8a-b6a3-ad513e5abab3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directories that are not group-owned by the user&#39;s primary GID is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72183</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86807r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030800</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If the user home directory referenced in "/etc/passwd" is not group-owned
+by that user's primary GID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the group owner of a local interactive user's home directory to the
+group found in "/etc/passwd". To change the group owner of a local
+interactive user's home directory, use the following command:
+
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj", and has a primary group of users.
+
+    # chgrp users /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72021\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories are group-owned by the home\ndirectory owners primary group.\"\n  desc  \"If the Group Identifier (GID) of a local interactive user's home\ndirectory is not the same as the primary GID of the user, this would allow\nunauthorized access to the user's files, and users that share the same group\nmay not be able to access files that they legitimately should.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users is\ngroup-owned by that user's primary GID.\n\n    Check the home directory assignment for all local interactive users on the\nsystem with the following command:\n\n    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)\n\n    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj\n\n    Check the user's primary group with the following command:\n\n    # grep users /etc/group\n\n    users:x:250:smithj,jonesj,jacksons\n\n    If the user home directory referenced in \\\"/etc/passwd\\\" is not group-owned\nby that user's primary GID, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group owner of a local interactive user's home directory to the\ngroup found in \\\"/etc/passwd\\\". To change the group owner of a local\ninteractive user's home directory, use the following command:\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\", and has a primary group of users.\n\n    # chgrp users /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72021\"\n  tag rid: \"SV-86645r5_rule\"\n  tag stig_id: \"RHEL-07-020650\"\n  tag fix_id: \"F-78373r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -maxdepth 0 -not -gid #{user_info.gid}\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories that are not group-owned by the user's primary GID\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directories that are not group-owned by the user's primary GID is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72183</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86807r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030800</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the crontab command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the crontab command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged commands. The organization must maintain audit trails in sufficient
-detail to reconstruct events to determine the cause and impact of compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+detail to reconstruct events to determine the cause and impact of compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;crontab&quot; command occur.
+successful/unsuccessful attempts to use the "crontab" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;bin&#x2F;crontab &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/bin/crontab /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;crontab -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-cron
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;crontab&quot; command occur.
+successful/unsuccessful attempts to use the "crontab" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;crontab -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-cron
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f9bba4b1-fbb6-4f78-afed-4b3e5ed3f840</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;crontab&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;crontab&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72083</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86707r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72183\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe crontab command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged commands. The organization must maintain audit trails in sufficient\ndetail to reconstruct events to determine the cause and impact of compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"crontab\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/bin/crontab /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-cron\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"crontab\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/crontab -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-cron\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72183\"\n  tag rid: \"SV-86807r3_rule\"\n  tag stig_id: \"RHEL-07-030800\"\n  tag fix_id: \"F-78537r4_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/crontab'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/crontab" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/crontab" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72083</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86707r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must off-load audit
-records onto a different system or media from the system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+records onto a different system or media from the system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
-storage capacity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage capacity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system off-loads audit records onto a different system
 or media from the system being audited.
 
     To determine the remote server that the records are being sent to, use the
 following command:
 
-    # grep -i remote_server &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    remote_server &#x3D; 10.0.21.1
+    # grep -i remote_server /etc/audisp/audisp-remote.conf
+    remote_server = 10.0.21.1
 
     If a remote server is not configured, or the line is commented out, ask the
 System Administrator to indicate how the audit logs are off-loaded to a
 different system or media.
 
     If there is no evidence that the audit logs are being off-loaded to another
-system or media, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+system or media, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to off-load audit records onto a different
 system or media from the system being audited.
 
-    Set the remote server option in &quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot; with the
-IP address of the log aggregation server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b99232e5-0e6e-4ab8-a6b5-8a99890cc628</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&#39; cannot be found. This test cannot be checked in a automated fashion and you must check it manually
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&#39; cannot be found. This check must be performed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72245</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86869r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040360</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the remote server option in "/etc/audisp/audisp-remote.conf" with the
+IP address of the log aggregation server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72083\" do\n  title \"The Red Hat Enterprise Linux operating system must off-load audit\nrecords onto a different system or media from the system being audited.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system off-loads audit records onto a different system\nor media from the system being audited.\n\n    To determine the remote server that the records are being sent to, use the\nfollowing command:\n\n    # grep -i remote_server /etc/audisp/audisp-remote.conf\n    remote_server = 10.0.21.1\n\n    If a remote server is not configured, or the line is commented out, ask the\nSystem Administrator to indicate how the audit logs are off-loaded to a\ndifferent system or media.\n\n    If there is no evidence that the audit logs are being off-loaded to another\nsystem or media, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to off-load audit records onto a different\nsystem or media from the system being audited.\n\n    Set the remote server option in \\\"/etc/audisp/audisp-remote.conf\\\" with the\nIP address of the log aggregation server.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-72083\"\n  tag rid: \"SV-86707r2_rule\"\n  tag stig_id: \"RHEL-07-030300\"\n  tag fix_id: \"F-78435r1_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  if file('/etc/audisp/audisp-remote.conf').exist?\n    describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n      its('remote_server'.to_s) { should match %r{^\\S+$} }\n      its('remote_server'.to_s) { should_not be_in ['localhost', '127.0.0.1'] }\n    end\n  else\n    describe \"File '/etc/audisp/audisp-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audisp/audisp-remote.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST File '/etc/audisp/audisp-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually :: SKIP_MESSAGE File '/etc/audisp/audisp-remote.conf' cannot be found. This check must be performed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72245</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86869r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040360</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the date
-and time of the last successful account logon upon an SSH logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+and time of the last successful account logon upon an SSH logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Providing users with feedback on when account accesses via SSH last
 occurred facilitates user recognition and reporting of unauthorized account
-use.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+use.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify SSH provides users with feedback on when account accesses last
 occurred.
 
-    Check that &quot;PrintLastLog&quot; keyword in the sshd daemon configuration file
-is used and set to &quot;yes&quot; with the following command:
+    Check that "PrintLastLog" keyword in the sshd daemon configuration file
+is used and set to "yes" with the following command:
 
-    # grep -i printlastlog &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i printlastlog /etc/ssh/sshd_config
     PrintLastLog yes
 
-    If the &quot;PrintLastLog&quot; keyword is set to &quot;no&quot;, is missing, or is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PrintLastLog" keyword is set to "no", is missing, or is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to provide users with feedback on when account accesses last
-occurred by setting the required configuration options in &quot;&#x2F;etc&#x2F;pam.d&#x2F;sshd&quot;
-or in the &quot;sshd_config&quot; file used by the system (&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;
+occurred by setting the required configuration options in "/etc/pam.d/sshd"
+or in the "sshd_config" file used by the system ("/etc/ssh/sshd_config"
 will be used in the example) (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
 vendor).
 
-    Modify the &quot;PrintLastLog&quot; line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; to match the
+    Modify the "PrintLastLog" line in "/etc/ssh/sshd_config" to match the
 following:
 
     PrintLastLog yes
 
-    The SSH service must be restarted for changes to &quot;sshd_config&quot; to take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>62288073-c97f-4e21-874a-6667f8f97e00</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PrintLastLog is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71959</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86583r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to "sshd_config" to take
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72245\" do\n  title \"The Red Hat Enterprise Linux operating system must display the date\nand time of the last successful account logon upon an SSH logon.\"\n  desc  \"Providing users with feedback on when account accesses via SSH last\noccurred facilitates user recognition and reporting of unauthorized account\nuse.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify SSH provides users with feedback on when account accesses last\noccurred.\n\n    Check that \\\"PrintLastLog\\\" keyword in the sshd daemon configuration file\nis used and set to \\\"yes\\\" with the following command:\n\n    # grep -i printlastlog /etc/ssh/sshd_config\n    PrintLastLog yes\n\n    If the \\\"PrintLastLog\\\" keyword is set to \\\"no\\\", is missing, or is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to provide users with feedback on when account accesses last\noccurred by setting the required configuration options in \\\"/etc/pam.d/sshd\\\"\nor in the \\\"sshd_config\\\" file used by the system (\\\"/etc/ssh/sshd_config\\\"\nwill be used in the example) (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor).\n\n    Modify the \\\"PrintLastLog\\\" line in \\\"/etc/ssh/sshd_config\\\" to match the\nfollowing:\n\n    PrintLastLog yes\n\n    The SSH service must be restarted for changes to \\\"sshd_config\\\" to take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72245\"\n  tag rid: \"SV-86869r3_rule\"\n  tag stig_id: \"RHEL-07-040360\"\n  tag fix_id: \"F-78599r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  if sshd_config.params['printlastlog'] == ['yes']\n    describe sshd_config do\n      its('PrintLastLog') { should cmp 'yes' }\n    end\n  else\n    describe pam('/etc/pam.d/sshd') do\n      its('lines') { should match_pam_rule('session required pam_lastlog.so showfailed') }\n      its('lines') { should match_pam_rule('session required pam_lastlog.so showfailed').all_without_args('silent') }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PrintLastLog is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71959</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86583r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow a
-non-certificate trusted host SSH logon to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+non-certificate trusted host SSH logon to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow a non-certificate trusted host
 SSH logon to the system.
 
-    Check for the value of the &quot;HostbasedAuthentication&quot; keyword with the
+    Check for the value of the "HostbasedAuthentication" keyword with the
 following command:
 
-    # grep -i hostbasedauthentication &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i hostbasedauthentication /etc/ssh/sshd_config
     HostbasedAuthentication no
 
-    If the &quot;HostbasedAuthentication&quot; keyword is not set to &quot;no&quot;, is
-missing, or is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "HostbasedAuthentication" keyword is not set to "no", is
+missing, or is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow a non-certificate trusted host
 SSH logon to the system.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for
-&quot;HostbasedAuthentication&quot; keyword and set the value to &quot;no&quot;:
+    Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for
+"HostbasedAuthentication" keyword and set the value to "no":
 
     HostbasedAuthentication no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6c3f660b-53c8-46ed-a193-d726137d2be3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration HostbasedAuthentication is expected to eq &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72285</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86909r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71959\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow a\nnon-certificate trusted host SSH logon to the system.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow a non-certificate trusted host\nSSH logon to the system.\n\n    Check for the value of the \\\"HostbasedAuthentication\\\" keyword with the\nfollowing command:\n\n    # grep -i hostbasedauthentication /etc/ssh/sshd_config\n    HostbasedAuthentication no\n\n    If the \\\"HostbasedAuthentication\\\" keyword is not set to \\\"no\\\", is\nmissing, or is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow a non-certificate trusted host\nSSH logon to the system.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for\n\\\"HostbasedAuthentication\\\" keyword and set the value to \\\"no\\\":\n\n    HostbasedAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71959\"\n  tag rid: \"SV-86583r3_rule\"\n  tag stig_id: \"RHEL-07-010470\"\n  tag fix_id: \"F-78311r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('HostbasedAuthentication') { should eq 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration HostbasedAuthentication is expected to eq "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72285</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86909r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not forward
-Internet Protocol version 4 (IPv4) source-routed packets by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Internet Protocol version 4 (IPv4) source-routed packets by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Source-routed packets allow the source of the packet to suggest that
 routers forward the packet along a different path than configured on the
 router, which can be used to bypass network security measures. This requirement
 applies only to the forwarding of source-routed traffic, such as when IPv4
-forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not accept IPv4 source-routed packets by default.
 
-    # grep net.ipv4.conf.default.accept_source_route &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
-    net.ipv4.conf.default.accept_source_route &#x3D; 0
+    # grep net.ipv4.conf.default.accept_source_route /etc/sysctl.conf
+/etc/sysctl.d/*
+    net.ipv4.conf.default.accept_source_route = 0
 
-    If &quot; net.ipv4.conf.default.accept_source_route &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.default.accept_source_route " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.default.accept_source_route
-    net.ipv4.conf.default.accept_source_route &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv4.conf.default.accept_source_route
+    net.ipv4.conf.default.accept_source_route = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.accept_source_route &#x3D; 0
+    net.ipv4.conf.default.accept_source_route = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>47e0f28e-8599-44fd-864f-677f0633ab86</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.accept_source_route value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72025</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86649r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020670</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72285\" do\n  title \"The Red Hat Enterprise Linux operating system must not forward\nInternet Protocol version 4 (IPv4) source-routed packets by default.\"\n  desc  \"Source-routed packets allow the source of the packet to suggest that\nrouters forward the packet along a different path than configured on the\nrouter, which can be used to bypass network security measures. This requirement\napplies only to the forwarding of source-routed traffic, such as when IPv4\nforwarding is enabled and the system is functioning as a router.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not accept IPv4 source-routed packets by default.\n\n    # grep net.ipv4.conf.default.accept_source_route /etc/sysctl.conf\n/etc/sysctl.d/*\n    net.ipv4.conf.default.accept_source_route = 0\n\n    If \\\" net.ipv4.conf.default.accept_source_route \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.default.accept_source_route\n    net.ipv4.conf.default.accept_source_route = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.accept_source_route = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72285\"\n  tag rid: \"SV-86909r2_rule\"\n  tag stig_id: \"RHEL-07-040620\"\n  tag fix_id: \"F-78639r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.accept_source_route') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.accept_source_route value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72025</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86649r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020670</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all files and directories contained in local interactive user home
 directories are group-owned by a group of which the home directory owner is a
-member.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a local interactive user&#39;s files are group-owned by a group of
-which the user is not a member, unintended users may be able to access them.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+member.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a local interactive user's files are group-owned by a group of
+which the user is not a member, unintended users may be able to access them.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories in a local interactive user home directory
 are group-owned by a group the user is a member of.
 
     Check the group owner of all files and directories in a local interactive
-user&#39;s home directory with the following command:
+user's home directory with the following command:
 
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj".
 
-    # ls -lLR &#x2F;&lt;home directory&gt;&#x2F;&lt;users home directory&gt;&#x2F;
+    # ls -lLR /&lt;home directory&gt;/&lt;users home directory&gt;/
     -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1
     -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2
     -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3
@@ -17410,301 +16632,288 @@ of &quot;&#x2F;home&#x2F;smithj&quot;.
 directory user, check to see if the user is a member of that group with the
 following command:
 
-    # grep smithj &#x2F;etc&#x2F;group
+    # grep smithj /etc/group
     sa:x:100:juan,shelley,bob,smithj
     smithj:x:521:smithj
 
     If the user is not a member of a group that group owns file(s) in a local
-interactive user&#39;s home directory, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the group of a local interactive user&#39;s files and directories to a
+interactive user's home directory, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the group of a local interactive user's files and directories to a
 group that the interactive user is a member of. To change the group owner of a
-local interactive user&#39;s files and directories, use the following command:
+local interactive user's files and directories, use the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and is a member of the users group.
-
-    # chgrp users &#x2F;home&#x2F;smithj&#x2F;&lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1d8cc404-c540-4c16-adea-9ba2f3aef08f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directory files with incorrect group ownership or not &#39;root&#39; owned is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86811r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030820</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj" and is a member of the users group.
+
+    # chgrp users /home/smithj/&lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72025\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories contained in local interactive user home\ndirectories are group-owned by a group of which the home directory owner is a\nmember.\"\n  desc  \"If a local interactive user's files are group-owned by a group of\nwhich the user is not a member, unintended users may be able to access them.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories in a local interactive user home directory\nare group-owned by a group the user is a member of.\n\n    Check the group owner of all files and directories in a local interactive\nuser's home directory with the following command:\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -lLR /&lt;home directory&gt;/&lt;users home directory&gt;/\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj sa        231 Mar  5 17:06 file3\n\n    If any files are found with an owner different than the group home\ndirectory user, check to see if the user is a member of that group with the\nfollowing command:\n\n    # grep smithj /etc/group\n    sa:x:100:juan,shelley,bob,smithj\n    smithj:x:521:smithj\n\n    If the user is not a member of a group that group owns file(s) in a local\ninteractive user's home directory, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group of a local interactive user's files and directories to a\ngroup that the interactive user is a member of. To change the group owner of a\nlocal interactive user's files and directories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\" and is a member of the users group.\n\n    # chgrp users /home/smithj/&lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72025\"\n  tag rid: \"SV-86649r2_rule\"\n  tag stig_id: \"RHEL-07-020670\"\n  tag fix_id: \"F-78377r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    find_args = \"\"\n    user_info.groups.each { |curr_group|\n      # some key files and secure dirs (like .ssh) are group owned 'root'\n      find_args = find_args + \"-not -group #{curr_group} -o root\"\n    }\n    findings = findings + command(\"find #{user_info.home} -xdev -xautofs #{find_args}\").stdout.split(\"\\n\")\n  end\n  describe \"Home directory files with incorrect group ownership or not 'root' owned\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directory files with incorrect group ownership or not 'root' owned is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86811r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030820</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the init_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the init_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;init_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "init_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw init_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw init_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S init_module -k module-change
+    -a always,exit -F arch=b32 -S init_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S init_module -k module-change
+    -a always,exit -F arch=b64 -S init_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;init_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"init_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;init_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S init_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S init_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>58fdc365-550a-4ea8-ba14-56c774bf8138</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;init_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72093</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86717r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "init_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S init_module -k module-change
+
+    -a always,exit -F arch=b64 -S init_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72187\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe init_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"init_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw init_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S init_module -k module-change\n\n    -a always,exit -F arch=b64 -S init_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"init_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"init_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S init_module -k module-change\n\n    -a always,exit -F arch=b64 -S init_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-72187\"\n  tag rid: \"SV-86811r5_rule\"\n  tag stig_id: \"RHEL-07-030820\"\n  tag fix_id: \"F-78541r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"init_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"init_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "init_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "init_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "init_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "init_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72093</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86717r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must immediately notify
 the System Administrator (SA) and Information System Security Officer (ISSO)
 (at a minimum) when the threshold for the repository maximum audit record
-storage capacity is reached.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+storage capacity is reached.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If security personnel are not notified immediately when the threshold
 for the repository maximum audit record storage capacity is reached, they are
-unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system immediately notifies the SA and ISSO (at a
 minimum) via email when the threshold for the repository maximum audit record
 storage capacity is reached.
@@ -17713,445 +16922,427 @@ storage capacity is reached.
 repository maximum audit record storage capacity is reached with the following
 command:
 
-    # grep -i action_mail_acct  &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    action_mail_acct &#x3D; root
+    # grep -i action_mail_acct  /etc/audit/auditd.conf
+    action_mail_acct = root
 
-    If the value of the &quot;action_mail_acct&quot; keyword is not set to &quot;root&quot; and
-other accounts for security personnel, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "action_mail_acct" keyword is not set to "root" and
+other accounts for security personnel, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to immediately notify the SA and ISSO (at a
 minimum) when the threshold for the repository maximum audit record storage
 capacity is reached.
 
-    Uncomment or edit the &quot;action_mail_acct&quot; keyword in
-&quot;&#x2F;etc&#x2F;audit&#x2F;auditd.conf&quot; and set it to root and any other accounts associated
+    Uncomment or edit the "action_mail_acct" keyword in
+"/etc/audit/auditd.conf" and set it to root and any other accounts associated
 with security personnel.
 
-    action_mail_acct &#x3D; root</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>85fee7ec-9802-49b8-8ad3-14e7a35cb4ee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Audit Daemon Config action_mail_acct is expected to cmp &#x3D;&#x3D; &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86825r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030890</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    action_mail_acct = root</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72093\" do\n  title \"The Red Hat Enterprise Linux operating system must immediately notify\nthe System Administrator (SA) and Information System Security Officer (ISSO)\n(at a minimum) when the threshold for the repository maximum audit record\nstorage capacity is reached.\"\n  desc  \"If security personnel are not notified immediately when the threshold\nfor the repository maximum audit record storage capacity is reached, they are\nunable to expand the audit record storage capacity before records are lost.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system immediately notifies the SA and ISSO (at a\nminimum) via email when the threshold for the repository maximum audit record\nstorage capacity is reached.\n\n    Check what account the operating system emails when the threshold for the\nrepository maximum audit record storage capacity is reached with the following\ncommand:\n\n    # grep -i action_mail_acct  /etc/audit/auditd.conf\n    action_mail_acct = root\n\n    If the value of the \\\"action_mail_acct\\\" keyword is not set to \\\"root\\\" and\nother accounts for security personnel, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to immediately notify the SA and ISSO (at a\nminimum) when the threshold for the repository maximum audit record storage\ncapacity is reached.\n\n    Uncomment or edit the \\\"action_mail_acct\\\" keyword in\n\\\"/etc/audit/auditd.conf\\\" and set it to root and any other accounts associated\nwith security personnel.\n\n    action_mail_acct = root\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000343-GPOS-00134\"\n  tag gid: \"V-72093\"\n  tag rid: \"SV-86717r3_rule\"\n  tag stig_id: \"RHEL-07-030350\"\n  tag fix_id: \"F-78445r3_fix\"\n  tag cci: [\"CCI-001855\"]\n  tag nist: [\"AU-5 (1)\", \"Rev_4\"]\n\n  describe auditd_conf  do\n    its('action_mail_acct') { should cmp 'root' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Audit Daemon Config action_mail_acct is expected to cmp == "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86825r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030890</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the renameat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the renameat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;renameat&quot; syscall occur.
+successful/unsuccessful attempts to use the "renameat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw renameat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw renameat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;renameat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"renameat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;renameat&quot; syscall occur.
+successful/unsuccessful attempts to use the "renameat" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S renameat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ac5735e9-fdb0-4927-9360-a95a3e7511d0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;renameat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86659r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020720</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72201\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe renameat syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"renameat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw renameat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"renameat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"renameat\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S renameat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72201\"\n  tag rid: \"SV-86825r5_rule\"\n  tag stig_id: \"RHEL-07-030890\"\n  tag fix_id: \"F-78555r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"renameat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"renameat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "renameat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "renameat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "renameat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "renameat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72035</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86659r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020720</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user initialization files executable search paths
-contain only paths that resolve to the users home directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+contain only paths that resolve to the users home directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The executable search path (typically the PATH environment variable)
 contains a list of directories for the shell to search to find executables. If
-this path includes the current working directory (other than the user&#39;s home
+this path includes the current working directory (other than the user's home
 directory), executables in these directories may be executed instead of system
 commands. This variable is formatted as a colon-separated list of directories.
 If there is an empty entry, such as a leading or trailing colon or two
 consecutive colons, this is interpreted as the current working directory. If
 deviations from the default system search path for the local interactive user
 are required, they must be documented with the Information System Security
-Officer (ISSO).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that all local interactive user initialization files&#39; executable
+Officer (ISSO).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that all local interactive user initialization files' executable
 search path statements do not contain statements that will reference a working
-directory other than the users&#39; home directory.
+directory other than the users' home directory.
 
     Check the executable search path statement for all local interactive user
-initialization files in the users&#39; home directory with the following commands:
+initialization files in the users' home directory with the following commands:
 
     Note: The example will be for the smithj user, which has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+of "/home/smithj".
 
-    # grep -i path &#x2F;home&#x2F;smithj&#x2F;.*
-    &#x2F;home&#x2F;smithj&#x2F;.bash_profile:PATH&#x3D;$PATH:$HOME&#x2F;.local&#x2F;bin:$HOME&#x2F;bin
-    &#x2F;home&#x2F;smithj&#x2F;.bash_profile:export PATH
+    # grep -i path /home/smithj/.*
+    /home/smithj/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin
+    /home/smithj/.bash_profile:export PATH
 
     If any local interactive user initialization files have executable search
 path statements that include directories outside of their home directory, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Edit the local interactive user initialization files to change any PATH
 variable statements that reference directories other than their home directory.
 
     If a local interactive user requires path variables to reference a
-directory owned by the application, it must be documented with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a5ada76a-ebd4-477c-b024-088bf39ef9ee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Initialization files that include executable search paths that include directories outside their home directories is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71917</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86541r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010190</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+directory owned by the application, it must be documented with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72035\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user initialization files executable search paths\ncontain only paths that resolve to the users home directory.\"\n  desc  \"The executable search path (typically the PATH environment variable)\ncontains a list of directories for the shell to search to find executables. If\nthis path includes the current working directory (other than the user's home\ndirectory), executables in these directories may be executed instead of system\ncommands. This variable is formatted as a colon-separated list of directories.\nIf there is an empty entry, such as a leading or trailing colon or two\nconsecutive colons, this is interpreted as the current working directory. If\ndeviations from the default system search path for the local interactive user\nare required, they must be documented with the Information System Security\nOfficer (ISSO).\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that all local interactive user initialization files' executable\nsearch path statements do not contain statements that will reference a working\ndirectory other than the users' home directory.\n\n    Check the executable search path statement for all local interactive user\ninitialization files in the users' home directory with the following commands:\n\n    Note: The example will be for the smithj user, which has a home directory\nof \\\"/home/smithj\\\".\n\n    # grep -i path /home/smithj/.*\n    /home/smithj/.bash_profile:PATH=$PATH:$HOME/.local/bin:$HOME/bin\n    /home/smithj/.bash_profile:export PATH\n\n    If any local interactive user initialization files have executable search\npath statements that include directories outside of their home directory, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the local interactive user initialization files to change any PATH\nvariable statements that reference directories other than their home directory.\n\n    If a local interactive user requires path variables to reference a\ndirectory owned by the application, it must be documented with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72035\"\n  tag rid: \"SV-86659r4_rule\"\n  tag stig_id: \"RHEL-07-020720\"\n  tag fix_id: \"F-78387r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    grep_results =  command(\"grep -i path --exclude=\\\".bash_history\\\" #{user_info.home}/.*\").stdout.split(\"\\\\n\")\n    grep_results.each do |result|\n      result.slice! \"PATH=\"\n      # Case when last value in exec search path is :\n      if result[-1] == \":\" then\n        result = result + \" \"\n      end\n      result.slice! \"$PATH:\"\n      result.gsub! '$HOME', \"#{user_info.home}\"\n      result.gsub! '~', \"#{user_info.home}\"\n      line_arr = result.split(\":\")\n      line_arr.delete_at(0)\n      line_arr.each do |line|\n        # Don't run test on line that exports PATH and is not commented out\n        if !line.start_with?('export') &amp;&amp; !line.start_with?('#') then\n          # Case when :: found in exec search path or : found at beginning\n          if line.strip.empty? then\n            curr_work_dir = command(\"pwd\").stdout.gsub(\"\\n\", \"\")\n            if curr_work_dir.start_with?(\"#{user_info.home}\") then\n              line = curr_work_dir\n            end\n          end\n          # This will fail if non-home directory found in path\n          if !line.start_with?(user_info.home)\n            findings.add(line)\n          end\n        end\n      end\n    end\n  end\n  describe.one do\n    describe etc_fstab do\n      its('home_mount_options') { should include 'nosuid' }\n    end\n    describe \"Initialization files that include executable search paths that include directories outside their home directories\" do\n      subject { findings.to_a }\n      it { should be_empty }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Initialization files that include executable search paths that include directories outside their home directories is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71917</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000072-GPOS-00040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86541r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010190</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed the number of repeating characters of the same
-character class must not be more than four characters.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+character class must not be more than four characters.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -18160,145 +17351,140 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;maxclassrepeat&quot; option sets the maximum number of allowed same
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "maxclassrepeat" option sets the maximum number of allowed same
 consecutive characters in the same class in the new password.
 
-    Check for the value of the &quot;maxclassrepeat&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "maxclassrepeat" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep maxclassrepeat &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    maxclassrepeat &#x3D; 4
+    # grep maxclassrepeat /etc/security/pwquality.conf
+    maxclassrepeat = 4
 
-    If the value of &quot;maxclassrepeat&quot; is set to more than &quot;4&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "maxclassrepeat" is set to more than "4", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require the change of the number of
 repeating characters of the same character class when passwords are changed by
-setting the &quot;maxclassrepeat&quot; option.
+setting the "maxclassrepeat" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; conf (or modify
+    Add the following line to "/etc/security/pwquality.conf" conf (or modify
 the line to have the required value):
 
-    maxclassrepeat &#x3D; 4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>506b8012-d201-4906-817e-bf1b5c7f3f63</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf maxclassrepeat.to_i is expected to cmp &lt;&#x3D; 4</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72225</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86849r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040170</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    maxclassrepeat = 4</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71917\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed the number of repeating characters of the same\ncharacter class must not be more than four characters.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The \\\"maxclassrepeat\\\" option sets the maximum number of allowed same\nconsecutive characters in the same class in the new password.\n\n    Check for the value of the \\\"maxclassrepeat\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep maxclassrepeat /etc/security/pwquality.conf\n    maxclassrepeat = 4\n\n    If the value of \\\"maxclassrepeat\\\" is set to more than \\\"4\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require the change of the number of\nrepeating characters of the same character class when passwords are changed by\nsetting the \\\"maxclassrepeat\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" conf (or modify\nthe line to have the required value):\n\n    maxclassrepeat = 4\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000072-GPOS-00040\"\n  tag gid: \"V-71917\"\n  tag rid: \"SV-86541r2_rule\"\n  tag stig_id: \"RHEL-07-010190\"\n  tag fix_id: \"F-78269r1_fix\"\n  tag cci: [\"CCI-000195\"]\n  tag nist: [\"IA-5 (1) (b)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('maxclassrepeat.to_i') { should cmp &lt;= 4 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf maxclassrepeat.to_i is expected to cmp &lt;= 4</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72225</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86849r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040170</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 Standard Mandatory DoD Notice and Consent Banner immediately prior to, or as
-part of, remote access logon prompts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+part of, remote access logon prompts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the publicly accessible operating system ensures privacy and
 security notification verbiage used is consistent with applicable federal laws,
@@ -18311,7 +17497,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -18336,14 +17522,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify any publicly accessible connection to the operating system displays
 the Standard Mandatory DoD Notice and Consent Banner before granting access to
 the system.
@@ -18351,19 +17537,19 @@ the system.
     Check for the location of the banner file being used with the following
 command:
 
-    # grep -i banner &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i banner /etc/ssh/sshd_config
 
-    banner &#x2F;etc&#x2F;issue
+    banner /etc/issue
 
     This command will return the banner keyword and the name of the file that
-contains the ssh banner (in this case &quot;&#x2F;etc&#x2F;issue&quot;).
+contains the ssh banner (in this case "/etc/issue").
 
     If the line is commented out, this is a finding.
 
     View the file specified by the banner keyword to check that it matches the
 text of the Standard Mandatory DoD Notice and Consent Banner:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only. By using this IS (which includes any
 device attached to this IS), you consent to the following conditions:
 
@@ -18386,32 +17572,32 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;
+Agreement for details."
 
     If the system does not display a graphical logon banner or the banner does
 not match the Standard Mandatory DoD Notice and Consent Banner, this is a
 finding.
 
     If the text in the file does not match the Standard Mandatory DoD Notice
-and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+and Consent Banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the Standard Mandatory DoD Notice
 and Consent Banner before granting access to the system via the ssh.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment the banner keyword and
+    Edit the "/etc/ssh/sshd_config" file to uncomment the banner keyword and
 configure it to point to a file that will contain the logon banner (this file
 may be named differently or be in a different location if using a version of
 SSH that is provided by a third-party vendor). An example configuration line is:
 
-    banner &#x2F;etc&#x2F;issue
+    banner /etc/issue
 
     Either create the file containing the banner or replace the text in the
 file with the Standard Mandatory DoD Notice and Consent Banner. The DoD
 required text is:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only. By using this IS (which includes any
 device attached to this IS), you consent to the following conditions:
 
@@ -18434,1508 +17620,1443 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;
-
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ab2538f6-81eb-4233-b116-95913c3eb109</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001385</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001386</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001387</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001388</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The SSHD Banner is set to the standard banner and has the correct text is expected to cmp &#x3D;&#x3D; &quot;YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.&quot;
-
+Agreement for details."
+
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72225\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\nStandard Mandatory DoD Notice and Consent Banner immediately prior to, or as\npart of, remote access logon prompts.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the publicly accessible operating system ensures privacy and\nsecurity notification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify any publicly accessible connection to the operating system displays\nthe Standard Mandatory DoD Notice and Consent Banner before granting access to\nthe system.\n\n    Check for the location of the banner file being used with the following\ncommand:\n\n    # grep -i banner /etc/ssh/sshd_config\n\n    banner /etc/issue\n\n    This command will return the banner keyword and the name of the file that\ncontains the ssh banner (in this case \\\"/etc/issue\\\").\n\n    If the line is commented out, this is a finding.\n\n    View the file specified by the banner keyword to check that it matches the\ntext of the Standard Mandatory DoD Notice and Consent Banner:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n    If the system does not display a graphical logon banner or the banner does\nnot match the Standard Mandatory DoD Notice and Consent Banner, this is a\nfinding.\n\n    If the text in the file does not match the Standard Mandatory DoD Notice\nand Consent Banner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system via the ssh.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment the banner keyword and\nconfigure it to point to a file that will contain the logon banner (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor). An example configuration line is:\n\n    banner /etc/issue\n\n    Either create the file containing the banner or replace the text in the\nfile with the Standard Mandatory DoD Notice and Consent Banner. The DoD\nrequired text is:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only. By using this IS (which includes any\ndevice attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\",\n\"SRG-OS-000228-GPOS-00088\"]\n  tag gid: \"V-72225\"\n  tag rid: \"SV-86849r4_rule\"\n  tag stig_id: \"RHEL-07-040170\"\n  tag fix_id: \"F-78579r4_fix\"\n  tag cci: [\"CCI-000048\", \"CCI-000050\", \"CCI-001384\", \"CCI-001385\",\n\"CCI-001386\", \"CCI-001387\", \"CCI-001388\"]\n  tag nist: [\"AC-8 a\", \"AC-8 b\", \"AC-8 c 1\", \"AC-8 c 2\", \"AC-8 c 2\", \"AC-8 c\n2\", \"AC-8 c 3\", \"Rev_4\"]\n\n  banner_message_text_ral = input('banner_message_text_ral')\n  banner_message_text_ral_limited = input('banner_message_text_ral_limited')\n\n  #When Banner is commented, not found, disabled, or the specified file does not exist, this is a finding.\n  banner_files = [sshd_config.banner].flatten\n\n  banner_files.each do |banner_file|\n\n    #Banner property is commented out.\n    describe \"The SSHD Banner is not set\" do\n      subject { banner_file.nil? }\n      it { should be false }\n    end if banner_file.nil?\n\n    #Banner property is set to \"none\"\n    describe \"The SSHD Banner is disabled\" do\n      subject { banner_file.match(/none/i).nil? }\n      it { should be true }\n    end if !banner_file.nil? &amp;&amp; !banner_file.match(/none/i).nil?\n\n    #Banner property provides a path to a file, however, it does not exist.\n    describe \"The SSHD Banner is set, but, the file does not exist\" do\n      subject { file(banner_file).exist? }\n      it { should be true }\n    end if !banner_file.nil? &amp;&amp; banner_file.match(/none/i).nil? &amp;&amp; !file(banner_file).exist?\n\n    #Banner property provides a path to a file and it exists.\n    describe.one do\n      banner = file(banner_file).content.gsub(%r{[\\r\\n\\s]}, '')\n      clean_banner = banner_message_text_ral.gsub(%r{[\\r\\n\\s]}, '')\n      clean_banner_limited = banner_message_text_ral_limited.gsub(%r{[\\r\\n\\s]}, '')\n\n      describe \"The SSHD Banner is set to the standard banner and has the correct text\" do\n        subject { banner }\n        it { should cmp clean_banner }\n      end\n\n      describe \"The SSHD Banner is set to the standard limited banner and has the correct text\" do\n        subject { banner }\n        it { should cmp clean_banner_limited }\n      end\n    end if !banner_file.nil? &amp;&amp; banner_file.match(/none/i).nil? &amp;&amp; file(banner_file).exist?\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001385</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001386</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001387</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001388</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The SSHD Banner is set to the standard banner and has the correct text is expected to cmp == "YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails." :: MESSAGE 
 expected: YouareaccessingaU.S.Government(USG)InformationSystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS),youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-passed
-The SSHD Banner is set to the standard limited banner and has the correct text is expected to cmp &#x3D;&#x3D; &quot;I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.&quot;
-
-expected: I&#39;veread&amp;consenttotermsinISuseragreem&#39;t.
+passed :: TEST The SSHD Banner is set to the standard limited banner and has the correct text is expected to cmp == "I'veread&amp;consenttotermsinISuseragreem't." :: MESSAGE 
+expected: I'veread&amp;consenttotermsinISuseragreem't.
      got: YouareaccessingaU.S.Government(USG)informationsystem(IS)thatisprovidedforUSG-authorizeduseonly.ByusingthisIS(whichincludesanydeviceattachedtothisIS)youconsenttothefollowingconditions:-TheUSGroutinelyinterceptsandmonitorscommunicationsonthisISforpurposesincluding,butnotlimitedto,penetrationtesting,COMSECmonitoring,networkoperationsanddefense,personnelmisconduct(PM),lawenforcement(LE),andcounterintelligence(CI)investigations.-Atanytime,theUSGmayinspectandseizedatastoredonthisIS.-Communicationsusing,ordatastoredon,thisISarenotprivate,aresubjecttoroutinemonitoring,interception,andsearch,andmaybedisclosedorusedforanyUSG-authorizedpurpose.-ThisISincludessecuritymeasures(e.g.,authenticationandaccesscontrols)toprotectUSGinterests--notforyourpersonalbenefitorprivacy.-Notwithstandingtheabove,usingthisISdoesnotconstituteconsenttoPM,LEorCIinvestigativesearchingormonitoringofthecontentofprivilegedcommunications,orworkproduct,relatedtopersonalrepresentationorservicesbyattorneys,psychotherapists,orclergy,andtheirassistants.Suchcommunicationsandworkproductareprivateandconfidential.SeeUserAgreementfordetails.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72257</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86881r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72257</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86881r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH private host key files have mode 0640 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH private host key files have mode 0640 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an unauthorized user obtains the private SSH host key file, the
-host could be impersonated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the SSH private host key files have mode &quot;0640&quot; or less permissive.
+host could be impersonated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the SSH private host key files have mode "0640" or less permissive.
 
     The following command will find all SSH private key files on the system and
 list their modes:
 
-    # find &#x2F; -name &#39;*ssh_host*key&#39; | xargs ls -lL
+    # find / -name '*ssh_host*key' | xargs ls -lL
 
     -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key
     -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key
     -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key
 
-    If any file has a mode more permissive than &quot;0640&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the mode of SSH private host key files under &quot;&#x2F;etc&#x2F;ssh&quot; to
-&quot;0640&quot; with the following command:
-
-    # chmod 0640 &#x2F;path&#x2F;to&#x2F;file&#x2F;ssh_host*key</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8bcc860c-4459-47f6-a038-d034ed0d12c0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86831r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030920</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If any file has a mode more permissive than "0640", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the mode of SSH private host key files under "/etc/ssh" to
+"0640" with the following command:
+
+    # chmod 0640 /path/to/file/ssh_host*key</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72257\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH private host key files have mode 0640 or less permissive.\"\n  desc  \"If an unauthorized user obtains the private SSH host key file, the\nhost could be impersonated.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH private host key files have mode \\\"0640\\\" or less permissive.\n\n    The following command will find all SSH private key files on the system and\nlist their modes:\n\n    # find / -name '*ssh_host*key' | xargs ls -lL\n\n    -rw-r----- 1 root ssh_keys 668 Nov 28 06:43 ssh_host_dsa_key\n    -rw-r----- 1 root ssh_keys 582 Nov 28 06:43 ssh_host_key\n    -rw-r----- 1 root ssh_keys 887 Nov 28 06:43 ssh_host_rsa_key\n\n    If any file has a mode more permissive than \\\"0640\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the mode of SSH private host key files under \\\"/etc/ssh\\\" to\n\\\"0640\\\" with the following command:\n\n    # chmod 0640 /path/to/file/ssh_host*key\n\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72257\"\n  tag rid: \"SV-86881r3_rule\"\n  tag stig_id: \"RHEL-07-040420\"\n  tag fix_id: \"F-78611r5_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  key_files = command(\"find /etc/ssh -xdev -name '*ssh_host*key' -perm /177\").stdout.split(\"\\n\")\n  if !key_files.nil? and !key_files.empty?\n    key_files.each do |keyfile|\n      describe file(keyfile) do\n        it { should_not be_executable.by('owner') }\n        it { should_not be_readable.by('group') }\n        it { should_not be_writable.by('group') }\n        it { should_not be_executable.by('group') }\n        it { should_not be_readable.by('others') }\n        it { should_not be_writable.by('others') }\n        it { should_not be_executable.by('others') }\n      end\n    end\n  else\n    describe \"No files have a more permissive mode.\" do\n      subject { key_files.nil? or key_files.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No files have a more permissive mode. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86831r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030920</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the unlinkat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the unlinkat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlinkat&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlinkat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw unlinkat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw unlinkat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;unlinkat&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"unlinkat" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unlinkat&quot; syscall occur.
+successful/unsuccessful attempts to use the "unlinkat" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S unlinkat -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b31185c3-c737-4202-bf17-8180324ccb97</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;unlinkat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86683r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72207\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe unlinkat syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlinkat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw unlinkat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"unlinkat\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"unlinkat\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S unlinkat -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72207\"\n  tag rid: \"SV-86831r5_rule\"\n  tag stig_id: \"RHEL-07-030920\"\n  tag fix_id: \"F-78561r10_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"unlinkat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"unlinkat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "unlinkat" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86683r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that a separate file system is used for user home directories (such as &#x2F;home or
-an equivalent).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that a separate file system is used for user home directories (such as /home or
+an equivalent).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that a separate file system&#x2F;partition has been created for
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that a separate file system/partition has been created for
 non-privileged local interactive user home directories.
 
     Check the home directory assignment for all non-privileged users (those
 with a UID greater than 1000) on the system with the following command:
 
-    #cut -d: -f 1,3,6,7 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot; | tr &quot;:&quot;
-&quot;\t&quot;
+    #cut -d: -f 1,3,6,7 /etc/passwd | egrep ":[1-4][0-9]{3}" | tr ":"
+"\t"
 
-    adamsj &#x2F;home&#x2F;adamsj &#x2F;bin&#x2F;bash
-    jacksonm &#x2F;home&#x2F;jacksonm &#x2F;bin&#x2F;bash
-    smithj &#x2F;home&#x2F;smithj &#x2F;bin&#x2F;bash
+    adamsj /home/adamsj /bin/bash
+    jacksonm /home/jacksonm /bin/bash
+    smithj /home/smithj /bin/bash
 
-    The output of the command will give the directory&#x2F;partition that contains
+    The output of the command will give the directory/partition that contains
 the home directories for the non-privileged users on the system (in this
-example, &#x2F;home) and users&#39; shell. All accounts with a valid shell (such as
-&#x2F;bin&#x2F;bash) are considered interactive users.
+example, /home) and users' shell. All accounts with a valid shell (such as
+/bin/bash) are considered interactive users.
 
-    Check that a file system&#x2F;partition has been created for the non-privileged
+    Check that a file system/partition has been created for the non-privileged
 interactive users with the following command:
 
-    Note: The partition of &#x2F;home is used in the example.
+    Note: The partition of /home is used in the example.
 
-    # grep &#x2F;home &#x2F;etc&#x2F;fstab
-    UUID&#x3D;333ada18    &#x2F;home                   ext4    noatime,nobarrier,nodev  1
+    # grep /home /etc/fstab
+    UUID=333ada18    /home                   ext4    noatime,nobarrier,nodev  1
 2
 
-    If a separate entry for the file system&#x2F;partition that contains the
-non-privileged interactive users&#39; home directories does not exist, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Migrate the &quot;&#x2F;home&quot; directory onto a separate file
-system&#x2F;partition.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>542b1d57-39b2-4510-b2c7-e04ab965f02c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-ec2-user with mountpoint &#x2F; is expected not to be empty
---------------------------------
-passed
-ec2-user with mountpoint &#x2F; is expected not to match &#x2F;^\&#x2F;$&#x2F;
-expected &quot;&#x2F;&quot; not to match &#x2F;^\&#x2F;$&#x2F;
+    If a separate entry for the file system/partition that contains the
+non-privileged interactive users' home directories does not exist, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Migrate the "/home" directory onto a separate file
+system/partition.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72059\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat a separate file system is used for user home directories (such as /home or\nan equivalent).\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a separate file system/partition has been created for\nnon-privileged local interactive user home directories.\n\n    Check the home directory assignment for all non-privileged users (those\nwith a UID greater than 1000) on the system with the following command:\n\n    #cut -d: -f 1,3,6,7 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\" | tr \\\":\\\"\n\\\"\\\\t\\\"\n\n    adamsj /home/adamsj /bin/bash\n    jacksonm /home/jacksonm /bin/bash\n    smithj /home/smithj /bin/bash\n\n    The output of the command will give the directory/partition that contains\nthe home directories for the non-privileged users on the system (in this\nexample, /home) and users' shell. All accounts with a valid shell (such as\n/bin/bash) are considered interactive users.\n\n    Check that a file system/partition has been created for the non-privileged\ninteractive users with the following command:\n\n    Note: The partition of /home is used in the example.\n\n    # grep /home /etc/fstab\n    UUID=333ada18    /home                   ext4    noatime,nobarrier,nodev  1\n2\n\n    If a separate entry for the file system/partition that contains the\nnon-privileged interactive users' home directories does not exist, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Migrate the \\\"/home\\\" directory onto a separate file\nsystem/partition.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72059\"\n  tag rid: \"SV-86683r2_rule\"\n  tag stig_id: \"RHEL-07-021310\"\n  tag fix_id: \"F-78411r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  # excluding root because its home directory is usually \"/root\" (mountpoint \"/\")\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n\n    home_mount = command(%(df #{user_info.home} --output=target | tail -1)).stdout.strip\n    describe user_info.username do\n      context 'with mountpoint' do\n        context home_mount do\n          it { should_not be_empty }\n          it { should_not match(%r(^/$)) }\n        end\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST ec2-user with mountpoint / is expected not to be empty
+--------------------------------
+passed :: TEST ec2-user with mountpoint / is expected not to match /^\/$/ :: MESSAGE expected "/" not to match /^\/$/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^\&#x2F;$&#x2F;
-+&quot;&#x2F;&quot;
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72113</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86737r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+-/^\/$/
++"/"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72113</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86737r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fsetxattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fsetxattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fsetxattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fsetxattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fsetxattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fsetxattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fsetxattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "fsetxattr" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fsetxattr -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295
 -k perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>16ef68a8-4855-4b7a-a5bf-91b4256e9ef3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fsetxattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72287</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86911r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040630</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72113\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fsetxattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fsetxattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fsetxattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fsetxattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fsetxattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    -a always,exit -F arch=b64 -S fsetxattr -F auid&gt;=1000 -F auid!=4294967295\n-k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72113\"\n  tag rid: \"SV-86737r5_rule\"\n  tag stig_id: \"RHEL-07-030450\"\n  tag fix_id: \"F-78465r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fsetxattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fsetxattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fsetxattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72287</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86911r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040630</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not respond to
 Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP)
-echoes sent to a broadcast address.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+echoes sent to a broadcast address.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Responding to broadcast (ICMP) echoes facilitates network mapping and
-provides a vector for amplification attacks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+provides a vector for amplification attacks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not respond to IPv4 ICMP echoes sent to a broadcast
 address.
 
-    # grep net.ipv4.icmp_echo_ignore_broadcasts &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv4.icmp_echo_ignore_broadcasts /etc/sysctl.conf /etc/sysctl.d/*
 
-    If &quot; net.ipv4.icmp_echo_ignore_broadcasts&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;1&quot;, this is a finding.
+    If " net.ipv4.icmp_echo_ignore_broadcasts" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "1", this is a finding.
 
     Check that the operating system implements the
-&quot;icmp_echo_ignore_broadcasts&quot; variable with the following command:
+"icmp_echo_ignore_broadcasts" variable with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.icmp_echo_ignore_broadcasts
-    net.ipv4.icmp_echo_ignore_broadcasts &#x3D; 1
+    # /sbin/sysctl -a | grep net.ipv4.icmp_echo_ignore_broadcasts
+    net.ipv4.icmp_echo_ignore_broadcasts = 1
 
-    If the returned line does not have a value of &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.icmp_echo_ignore_broadcasts &#x3D; 1
+    net.ipv4.icmp_echo_ignore_broadcasts = 1
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>69546c7a-7e48-4c42-9a28-cfae40fc3f5c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.icmp_echo_ignore_broadcasts value is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72013</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86637r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72287\" do\n  title \"The Red Hat Enterprise Linux operating system must not respond to\nInternet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP)\nechoes sent to a broadcast address.\"\n  desc  \"Responding to broadcast (ICMP) echoes facilitates network mapping and\nprovides a vector for amplification attacks.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not respond to IPv4 ICMP echoes sent to a broadcast\naddress.\n\n    # grep net.ipv4.icmp_echo_ignore_broadcasts /etc/sysctl.conf /etc/sysctl.d/*\n\n    If \\\" net.ipv4.icmp_echo_ignore_broadcasts\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"1\\\", this is a finding.\n\n    Check that the operating system implements the\n\\\"icmp_echo_ignore_broadcasts\\\" variable with the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.icmp_echo_ignore_broadcasts\n    net.ipv4.icmp_echo_ignore_broadcasts = 1\n\n    If the returned line does not have a value of \\\"1\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.icmp_echo_ignore_broadcasts = 1\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72287\"\n  tag rid: \"SV-86911r2_rule\"\n  tag stig_id: \"RHEL-07-040630\"\n  tag fix_id: \"F-78641r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.icmp_echo_ignore_broadcasts') do\n    its('value') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.icmp_echo_ignore_broadcasts value is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72013</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86637r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user accounts, upon creation, are assigned a home
-directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If local interactive users are not assigned a valid home directory,
-there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all local interactive users on the system are assigned a home
 directory upon creation.
 
     Check to see if the system is configured to create home directories for
 local interactive users with the following command:
 
-    # grep -i create_home &#x2F;etc&#x2F;login.defs
+    # grep -i create_home /etc/login.defs
     CREATE_HOME yes
 
-    If the value for &quot;CREATE_HOME&quot; parameter is not set to &quot;yes&quot;, the line
-is missing, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value for "CREATE_HOME" parameter is not set to "yes", the line
+is missing, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to assign home directories to all new local
-interactive users by setting the &quot;CREATE_HOME&quot; parameter in
-&quot;&#x2F;etc&#x2F;login.defs&quot; to &quot;yes&quot; as follows.
-
-    CREATE_HOME yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>209e1220-120f-46b3-9acf-27c82a1b15e7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs CREATE_HOME is expected to eq &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72153</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86777r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030650</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+interactive users by setting the "CREATE_HOME" parameter in
+"/etc/login.defs" to "yes" as follows.
+
+    CREATE_HOME yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72013\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user accounts, upon creation, are assigned a home\ndirectory.\"\n  desc  \"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all local interactive users on the system are assigned a home\ndirectory upon creation.\n\n    Check to see if the system is configured to create home directories for\nlocal interactive users with the following command:\n\n    # grep -i create_home /etc/login.defs\n    CREATE_HOME yes\n\n    If the value for \\\"CREATE_HOME\\\" parameter is not set to \\\"yes\\\", the line\nis missing, or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to assign home directories to all new local\ninteractive users by setting the \\\"CREATE_HOME\\\" parameter in\n\\\"/etc/login.defs\\\" to \\\"yes\\\" as follows.\n\n    CREATE_HOME yes\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72013\"\n  tag rid: \"SV-86637r2_rule\"\n  tag stig_id: \"RHEL-07-020610\"\n  tag fix_id: \"F-78365r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe login_defs do\n    its('CREATE_HOME') { should eq 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs CREATE_HOME is expected to eq "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72153</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86777r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030650</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the gpasswd command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the gpasswd command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;gpasswd&quot; command occur.
+successful/unsuccessful attempts to use the "gpasswd" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;gpasswd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/gpasswd /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;gpasswd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;gpasswd&quot; command occur.
+successful/unsuccessful attempts to use the "gpasswd" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;gpasswd -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-passwd
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ef10c283-dd34-42c2-b239-9a01c2d77e22</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;gpasswd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;gpasswd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71933</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000077-GPOS-00045</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86557r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72153\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe gpasswd command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"gpasswd\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/gpasswd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"gpasswd\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/gpasswd -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72153\"\n  tag rid: \"SV-86777r5_rule\"\n  tag stig_id: \"RHEL-07-030650\"\n  tag fix_id: \"F-78505r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/gpasswd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/gpasswd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/gpasswd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71933</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000077-GPOS-00045</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86557r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords are prohibited from reuse for a minimum of five generations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords are prohibited from reuse for a minimum of five generations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Password complexity, or strength, is a measure of the effectiveness of
 a password in resisting attempts at guessing and brute-force attacks. If the
 information system or application allows the user to consecutively reuse their
 password when that password has exceeded its defined lifetime, the end result
-is a password that is not changed per policy requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+is a password that is not changed per policy requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prohibits password reuse for a minimum of five
 generations.
 
-    Check for the value of the &quot;remember&quot; argument in
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; with the following
+    Check for the value of the "remember" argument in
+"/etc/pam.d/system-auth" and "/etc/pam.d/password-auth" with the following
 command:
 
-    # grep -i remember &#x2F;etc&#x2F;pam.d&#x2F;system-auth &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep -i remember /etc/pam.d/system-auth /etc/pam.d/password-auth
 
-    password    requisite     pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
+    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3
 
-    If the line containing the &quot;pam_pwhistory.so&quot; line does not have the
-&quot;remember&quot; module argument set, is commented out, or the value of the
-&quot;remember&quot; module argument is set to less than &quot;5&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the line containing the "pam_pwhistory.so" line does not have the
+"remember" module argument set, is commented out, or the value of the
+"remember" module argument is set to less than "5", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prohibit password reuse for a minimum of
 five generations.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot; (or modify the line to have the required value):
+    Add the following line in "/etc/pam.d/system-auth" and
+"/etc/pam.d/password-auth" (or modify the line to have the required value):
 
-    password    requisite     pam_pwhistory.so use_authtok remember&#x3D;5 retry&#x3D;3
+    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ef80e519-1bc4-466f-b11c-781284c3fefc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include password (required|requisite|sufficient) pam_(unix|pwhistory).so, any with arg remember &gt;&#x3D; 5</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95721r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021022</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount &#x2F;dev&#x2F;shm with
-the nodev option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nodev&quot; mount option causes the system to not interpret
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71933\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords are prohibited from reuse for a minimum of five generations.\"\n  desc  \"Password complexity, or strength, is a measure of the effectiveness of\na password in resisting attempts at guessing and brute-force attacks. If the\ninformation system or application allows the user to consecutively reuse their\npassword when that password has exceeded its defined lifetime, the end result\nis a password that is not changed per policy requirements.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prohibits password reuse for a minimum of five\ngenerations.\n\n    Check for the value of the \\\"remember\\\" argument in\n\\\"/etc/pam.d/system-auth\\\" and \\\"/etc/pam.d/password-auth\\\" with the following\ncommand:\n\n    # grep -i remember /etc/pam.d/system-auth /etc/pam.d/password-auth\n\n    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3\n\n    If the line containing the \\\"pam_pwhistory.so\\\" line does not have the\n\\\"remember\\\" module argument set, is commented out, or the value of the\n\\\"remember\\\" module argument is set to less than \\\"5\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prohibit password reuse for a minimum of\nfive generations.\n\n    Add the following line in \\\"/etc/pam.d/system-auth\\\" and\n\\\"/etc/pam.d/password-auth\\\" (or modify the line to have the required value):\n\n    password    requisite     pam_pwhistory.so use_authtok remember=5 retry=3\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000077-GPOS-00045\"\n  tag gid: \"V-71933\"\n  tag rid: \"SV-86557r3_rule\"\n  tag stig_id: \"RHEL-07-010270\"\n  tag fix_id: \"F-78285r3_fix\"\n  tag cci: [\"CCI-000200\"]\n  tag nist: [\"IA-5 (1) (e)\", \"Rev_4\"]\n\n  min_reuse_generations = input('min_reuse_generations')\n\n  describe pam(\"/etc/pam.d/system-auth\") do\n    its('lines') { should match_pam_rule('password (required|requisite|sufficient) pam_(unix|pwhistory).so').any_with_integer_arg('remember', '&gt;=', min_reuse_generations) }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include password (required|requisite|sufficient) pam_(unix|pwhistory).so, any with arg remember &gt;= 5</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95721r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021022</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount /dev/shm with
+the nodev option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nodev" mount option causes the system to not interpret
 character or block special devices. Executing character or block special
 devices from untrusted file systems increases the opportunity for unprivileged
-users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;nodev&quot; option is configured for &#x2F;dev&#x2F;shm:
+users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "nodev" option is configured for /dev/shm:
 
 
-    # cat &#x2F;etc&#x2F;fstab | grep &#x2F;dev&#x2F;shm
-    tmpfs &#x2F;dev&#x2F;shm tmpfs defaults,nodev,nosuid,noexec 0 0
+    # cat /etc/fstab | grep /dev/shm
+    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
 
-    If any results are returned and the &quot;nodev&quot; option is not listed, this is
+    If any results are returned and the "nodev" option is not listed, this is
 a finding.
 
-    Verify &quot;&#x2F;dev&#x2F;shm&quot; is mounted with the &quot;nodev&quot; option:
-
-    # mount | grep &quot;&#x2F;dev&#x2F;shm&quot; | grep nodev
-
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the system so that &#x2F;dev&#x2F;shm is mounted with the
-&quot;nodev&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>06e826b9-8f98-4f25-a08d-125111dcd047</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;dev&#x2F;shm options is expected to include &quot;nodev&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71965</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86589r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Verify "/dev/shm" is mounted with the "nodev" option:
+
+    # mount | grep "/dev/shm" | grep nodev
+
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system so that /dev/shm is mounted with the
+"nodev" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81009\" do\n  title \"The Red Hat Enterprise Linux operating system must mount /dev/shm with\nthe nodev option.\"\n  desc  \"The \\\"nodev\\\" mount option causes the system to not interpret\ncharacter or block special devices. Executing character or block special\ndevices from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"nodev\\\" option is configured for /dev/shm:\n\n\n    # cat /etc/fstab | grep /dev/shm\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If any results are returned and the \\\"nodev\\\" option is not listed, this is\na finding.\n\n    Verify \\\"/dev/shm\\\" is mounted with the \\\"nodev\\\" option:\n\n    # mount | grep \\\"/dev/shm\\\" | grep nodev\n\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system so that /dev/shm is mounted with the\n\\\"nodev\\\" option.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000368-GPOS-00154\"\n  tag gid: \"V-81009\"\n  tag rid: \"SV-95721r2_rule\"\n  tag stig_id: \"RHEL-07-021022\"\n  tag fix_id: \"F-87843r2_fix\"\n  tag cci: [\"CCI-001764\"]\n  tag nist: [\"CM-7 (2)\", \"Rev_4\"]\n\n  describe mount('/dev/shm') do\n    its('options') { should include 'nodev' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /dev/shm options is expected to include "nodev"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71965</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86589r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must uniquely identify
 and must authenticate organizational users (or processes acting on behalf of
-organizational users) using multifactor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+organizational users) using multifactor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To assure accountability and prevent unauthenticated access,
 organizational users must be identified and authenticated to prevent potential
 misuse and compromise of the system.
@@ -19954,209 +19075,198 @@ information system without identification or authentication;
     2) Accesses that occur through authorized use of group authenticators
 without individual authentication. Organizations may require unique
 identification of individuals in group accounts (e.g., shared privilege
-accounts) or for detailed accountability of individual activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+accounts) or for detailed accountability of individual activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system requires multifactor authentication to uniquely
 identify organizational users using multifactor authentication.
 
     Check to see if smartcard authentication is enforced on the system:
 
-    # authconfig --test | grep &quot;pam_pkcs11 is enabled&quot;
+    # authconfig --test | grep "pam_pkcs11 is enabled"
 
     If no results are returned, this is a finding.
 
-    # authconfig --test | grep &quot;smartcard removal action&quot;
+    # authconfig --test | grep "smartcard removal action"
 
-    If &quot;smartcard removal action&quot; is blank, this is a finding.
+    If "smartcard removal action" is blank, this is a finding.
 
-    # authconfig --test | grep &quot;smartcard module&quot;
+    # authconfig --test | grep "smartcard module"
 
-    If &quot;smartcard module&quot; is blank, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "smartcard module" is blank, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require individuals to be authenticated
 with a multifactor authenticator.
 
     Enable smartcard logons with the following commands:
 
-    # authconfig --enablesmartcard --smartcardaction&#x3D;0 --update
+    # authconfig --enablesmartcard --smartcardaction=0 --update
     # authconfig --enablerequiresmartcard -update
 
-    Modify the &quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pkcs11_eventmgr.conf&quot; file to uncomment the
+    Modify the "/etc/pam_pkcs11/pkcs11_eventmgr.conf" file to uncomment the
 following line:
 
-    #&#x2F;usr&#x2F;X11R6&#x2F;bin&#x2F;xscreensaver-command -lock
-
-    Modify the &quot;&#x2F;etc&#x2F;pam_pkcs11&#x2F;pam_pkcs11.conf&quot; file to use the cackey
-module if required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>296e4345-4f90-4d47-b6e2-8a88b0e30e45</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;authconfig --test | grep -i smartcard&#x60; stdout is expected to match &#x2F;use\sonly\ssmartcard\sfor\slogin\sis\senabled&#x2F;
-expected &quot;SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module &#x3D; \&quot;\&quot;\n smartcard removal action &#x3D; \&quot;\&quot;\n&quot; to match &#x2F;use\sonly\ssmartcard\sfor\slogin\sis\senabled&#x2F;
+    #/usr/X11R6/bin/xscreensaver-command -lock
+
+    Modify the "/etc/pam_pkcs11/pam_pkcs11.conf" file to use the cackey
+module if required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71965\" do\n  title \"The Red Hat Enterprise Linux operating system must uniquely identify\nand must authenticate organizational users (or processes acting on behalf of\norganizational users) using multifactor authentication.\"\n  desc  \"To assure accountability and prevent unauthenticated access,\norganizational users must be identified and authenticated to prevent potential\nmisuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the\norganization deems to have equivalent status of employees (e.g., contractors).\nOrganizational users (and processes acting on behalf of users) must be uniquely\nidentified and authenticated to all accesses, except for the following:\n\n    1) Accesses explicitly identified and documented by the organization.\nOrganizations document specific user actions that can be performed on the\ninformation system without identification or authentication;\n\n    and\n\n    2) Accesses that occur through authorized use of group authenticators\nwithout individual authentication. Organizations may require unique\nidentification of individuals in group accounts (e.g., shared privilege\naccounts) or for detailed accountability of individual activity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system requires multifactor authentication to uniquely\nidentify organizational users using multifactor authentication.\n\n    Check to see if smartcard authentication is enforced on the system:\n\n    # authconfig --test | grep \\\"pam_pkcs11 is enabled\\\"\n\n    If no results are returned, this is a finding.\n\n    # authconfig --test | grep \\\"smartcard removal action\\\"\n\n    If \\\"smartcard removal action\\\" is blank, this is a finding.\n\n    # authconfig --test | grep \\\"smartcard module\\\"\n\n    If \\\"smartcard module\\\" is blank, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require individuals to be authenticated\nwith a multifactor authenticator.\n\n    Enable smartcard logons with the following commands:\n\n    # authconfig --enablesmartcard --smartcardaction=0 --update\n    # authconfig --enablerequiresmartcard -update\n\n    Modify the \\\"/etc/pam_pkcs11/pkcs11_eventmgr.conf\\\" file to uncomment the\nfollowing line:\n\n    #/usr/X11R6/bin/xscreensaver-command -lock\n\n    Modify the \\\"/etc/pam_pkcs11/pam_pkcs11.conf\\\" file to use the cackey\nmodule if required.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000104-GPOS-00051\"\n  tag satisfies: [\"SRG-OS-000104-GPOS-00051\", \"SRG-OS-000106-GPOS-00053\",\n\"SRG-OS-000107-GPOS-00054\", \"SRG-OS-000109-GPOS-00056\",\n\"SRG-OS-000108-GPOS-00055\", \"SRG-OS-000108-GPOS-00057\",\n\"SRG-OS-000108-GPOS-00058\"]\n  tag gid: \"V-71965\"\n  tag rid: \"SV-86589r2_rule\"\n  tag stig_id: \"RHEL-07-010500\"\n  tag fix_id: \"F-78317r3_fix\"\n  tag cci: [\"CCI-000766\"]\n  tag nist: [\"IA-2 (2)\", \"Rev_4\"]\n\n  smart_card_status = input('smart_card_status')\n  if smart_card_status.eql?('enabled')\n    impact 0.5\n    describe command(\"authconfig --test | grep -i smartcard\") do\n      its('stdout') { should match %r{use\\sonly\\ssmartcard\\sfor\\slogin\\sis\\s#{smart_card_status}} }\n      its('stdout') { should match %r{smartcard\\smodule\\s=\\s\".+\"} }\n      its('stdout') { should match %r{smartcard\\sremoval\\saction\\s=\\s\".+\"} }\n    end\n  else\n    impact 0.0\n    describe \"The system is not smartcard enabled\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `authconfig --test | grep -i smartcard` stdout is expected to match /use\sonly\ssmartcard\sfor\slogin\sis\senabled/ :: MESSAGE expected "SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module = \"\"\n smartcard removal action = \"\"\n" to match /use\sonly\ssmartcard\sfor\slogin\sis\senabled/
 Diff:
 @@ -1,2 +1,5 @@
--&#x2F;use\sonly\ssmartcard\sfor\slogin\sis\senabled&#x2F;
+-/use\sonly\ssmartcard\sfor\slogin\sis\senabled/
 +SSSD smartcard support is disabled
 + use only smartcard for login is disabled
-+ smartcard module &#x3D; &quot;&quot;
-+ smartcard removal action &#x3D; &quot;&quot;
++ smartcard module = ""
++ smartcard removal action = ""
 
 --------------------------------
-passed
-Command: &#x60;authconfig --test | grep -i smartcard&#x60; stdout is expected to match &#x2F;smartcard\smodule\s&#x3D;\s&quot;.+&quot;&#x2F;
-expected &quot;SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module &#x3D; \&quot;\&quot;\n smartcard removal action &#x3D; \&quot;\&quot;\n&quot; to match &#x2F;smartcard\smodule\s&#x3D;\s&quot;.+&quot;&#x2F;
+passed :: TEST Command: `authconfig --test | grep -i smartcard` stdout is expected to match /smartcard\smodule\s=\s".+"/ :: MESSAGE expected "SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module = \"\"\n smartcard removal action = \"\"\n" to match /smartcard\smodule\s=\s".+"/
 Diff:
 @@ -1,2 +1,5 @@
--&#x2F;smartcard\smodule\s&#x3D;\s&quot;.+&quot;&#x2F;
+-/smartcard\smodule\s=\s".+"/
 +SSSD smartcard support is disabled
 + use only smartcard for login is disabled
-+ smartcard module &#x3D; &quot;&quot;
-+ smartcard removal action &#x3D; &quot;&quot;
++ smartcard module = ""
++ smartcard removal action = ""
 
 --------------------------------
-passed
-Command: &#x60;authconfig --test | grep -i smartcard&#x60; stdout is expected to match &#x2F;smartcard\sremoval\saction\s&#x3D;\s&quot;.+&quot;&#x2F;
-expected &quot;SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module &#x3D; \&quot;\&quot;\n smartcard removal action &#x3D; \&quot;\&quot;\n&quot; to match &#x2F;smartcard\sremoval\saction\s&#x3D;\s&quot;.+&quot;&#x2F;
+passed :: TEST Command: `authconfig --test | grep -i smartcard` stdout is expected to match /smartcard\sremoval\saction\s=\s".+"/ :: MESSAGE expected "SSSD smartcard support is disabled\n use only smartcard for login is disabled\n smartcard module = \"\"\n smartcard removal action = \"\"\n" to match /smartcard\sremoval\saction\s=\s".+"/
 Diff:
 @@ -1,2 +1,5 @@
--&#x2F;smartcard\sremoval\saction\s&#x3D;\s&quot;.+&quot;&#x2F;
+-/smartcard\sremoval\saction\s=\s".+"/
 +SSSD smartcard support is disabled
 + use only smartcard for login is disabled
-+ smartcard module &#x3D; &quot;&quot;
-+ smartcard removal action &#x3D; &quot;&quot;
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72313</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86937r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040800</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
++ smartcard module = ""
++ smartcard removal action = ""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72313</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86937r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040800</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>SNMP community strings on the Red Hat Enterprise Linux operating
-system must be changed from the default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system must be changed from the default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Whether active or not, default Simple Network Management Protocol
 (SNMP) community strings must be changed to maintain security. If the service
 is running with the default authenticators, anyone can gather data about the
 system and the network and use the information to potentially compromise the
 integrity of the system or network(s). It is highly recommended that SNMP
 version 3 user authentication and message encryption be used in place of the
-version 2 community strings.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+version 2 community strings.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that a system using SNMP is not using default community strings.
 
-    Check to see if the &quot;&#x2F;etc&#x2F;snmp&#x2F;snmpd.conf&quot; file exists with the following
+    Check to see if the "/etc/snmp/snmpd.conf" file exists with the following
 command:
 
-    # ls -al &#x2F;etc&#x2F;snmp&#x2F;snmpd.conf
+    # ls -al /etc/snmp/snmpd.conf
      -rw-------   1 root root      52640 Mar 12 11:08 snmpd.conf
 
     If the file does not exist, this is Not Applicable.
@@ -20164,284 +19274,274 @@ command:
     If the file does exist, check for the default community strings with the
 following commands:
 
-    # grep public &#x2F;etc&#x2F;snmp&#x2F;snmpd.conf
-    # grep private &#x2F;etc&#x2F;snmp&#x2F;snmpd.conf
-
-    If either of these commands returns any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the &quot;&#x2F;etc&#x2F;snmp&#x2F;snmpd.conf&quot; file exists, modify any lines
-that contain a community string value of &quot;public&quot; or &quot;private&quot; to another
-string value.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>92ff85d8-83ec-4ba6-8366-87ee5bdaacf2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The &#x60;snmpd.conf&#x60; does not exist
-The snmpd.conf file does not exist, this control is Not Applicable</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72029</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86653r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020690</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grep public /etc/snmp/snmpd.conf
+    # grep private /etc/snmp/snmpd.conf
+
+    If either of these commands returns any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the "/etc/snmp/snmpd.conf" file exists, modify any lines
+that contain a community string value of "public" or "private" to another
+string value.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72313\" do\n  title \"SNMP community strings on the Red Hat Enterprise Linux operating\nsystem must be changed from the default.\"\n  desc  \"Whether active or not, default Simple Network Management Protocol\n(SNMP) community strings must be changed to maintain security. If the service\nis running with the default authenticators, anyone can gather data about the\nsystem and the network and use the information to potentially compromise the\nintegrity of the system or network(s). It is highly recommended that SNMP\nversion 3 user authentication and message encryption be used in place of the\nversion 2 community strings.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a system using SNMP is not using default community strings.\n\n    Check to see if the \\\"/etc/snmp/snmpd.conf\\\" file exists with the following\ncommand:\n\n    # ls -al /etc/snmp/snmpd.conf\n     -rw-------   1 root root      52640 Mar 12 11:08 snmpd.conf\n\n    If the file does not exist, this is Not Applicable.\n\n    If the file does exist, check for the default community strings with the\nfollowing commands:\n\n    # grep public /etc/snmp/snmpd.conf\n    # grep private /etc/snmp/snmpd.conf\n\n    If either of these commands returns any output, this is a finding.\n  \"\n  desc  \"fix\", \"If the \\\"/etc/snmp/snmpd.conf\\\" file exists, modify any lines\nthat contain a community string value of \\\"public\\\" or \\\"private\\\" to another\nstring value.\"\n\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72313\"\n  tag rid: \"SV-86937r2_rule\"\n  tag stig_id: \"RHEL-07-040800\"\n  tag fix_id: \"F-78667r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  if file('/etc/snmp/snmpd.conf').exist?\n    impact 0.7\n    processed = []\n    to_process = ['/etc/snmp/snmpd.conf']\n\n    while !to_process.empty?\n      in_process = to_process.pop\n      next if processed.include? in_process\n      processed.push in_process\n\n      if file(in_process).directory?\n        to_process.concat(\n          command(\"find #{in_process} -maxdepth 1 -mindepth 1 -name '*.conf'\").\n            stdout.strip.split(\"\\n\").\n            select { |f| file(f).file? }\n        )\n      elsif file(in_process).file?\n        to_process.concat(\n          command(\"grep -E '^\\\\s*includeFile\\\\s+' #{in_process} | sed 's/^[[:space:]]*includeFile[[:space:]]*//g'\").\n            stdout.strip.split(%r{\\n+}).\n            map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n            select { |f| file(f).file? }\n        )\n        to_process.concat(\n          command(\"grep -E '^\\\\s*includeDir\\\\s+' #{in_process} | sed 's/^[[:space:]]*includeDir[[:space:]]*//g'\").\n            stdout.strip.split(%r{\\n+}).\n            map { |f| f.start_with?('/') ? f : File.join('/', f) }. # relative dirs are treated as absolute\n            select { |f| file(f).directory? }\n        )\n      end\n    end\n\n    config_files = processed.select { |f| file(f).file? }\n\n    config_files.each do |config|\n      describe file(config) do\n        its('content') { should_not match %r{^[^#]*(public|private)} }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The `snmpd.conf` does not exist\" do\n      skip \"The snmpd.conf file does not exist, this control is Not Applicable\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The `snmpd.conf` does not exist :: SKIP_MESSAGE The snmpd.conf file does not exist, this control is Not Applicable</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72029</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86653r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020690</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local initialization files for interactive users are owned by the home
-directory user or root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Local initialization files are used to configure the user&#39;s shell
+directory user or root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Local initialization files are used to configure the user's shell
 environment upon logon. Malicious modification of these files could compromise
-accounts upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+accounts upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the local initialization files of all local interactive users are
-group-owned by that user&#39;s primary Group Identifier (GID).
+group-owned by that user's primary Group Identifier (GID).
 
     Check the home directory assignment for all non-privileged users on the
 system with the following command:
 
     Note: The example will be for the smithj user, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and a primary group of &quot;users&quot;.
+"/home/smithj" and a primary group of "users".
 
-    # cut -d: -f 1,4,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
-    smithj:1000:&#x2F;home&#x2F;smithj
+    # cut -d: -f 1,4,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
+    smithj:1000:/home/smithj
 
-    # grep 1000 &#x2F;etc&#x2F;group
+    # grep 1000 /etc/group
     users:x:1000:smithj,jonesj,jacksons
 
     Note: This may miss interactive users that have been assigned a privileged
 User Identifier (UID). Evidence of interactive use may be obtained from a
 number of log files containing system logon information.
 
-    Check the group owner of all local interactive user&#39;s initialization files
+    Check the group owner of all local interactive user's initialization files
 with the following command:
 
-    # ls -al &#x2F;home&#x2F;smithj&#x2F;.[^.]* | more
+    # ls -al /home/smithj/.[^.]* | more
 
     -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile
     -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login
     -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something
 
-    If all local interactive user&#39;s initialization files are not group-owned by
-that user&#39;s primary GID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If all local interactive user's initialization files are not group-owned by
+that user's primary GID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the owner of the local initialization files for interactive users to
 either the directory owner or root with the following command:
 
     Note: The example will be for the smithj user, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chown smithj &#x2F;home&#x2F;smithj&#x2F;.[^.]*</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7e13cd13-31d8-44c7-814e-687bda11012f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Files and Directories not owned by the user or root of the parent home directory is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72417</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87041r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041001</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj".
+
+    # chown smithj /home/smithj/.[^.]*</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72029\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local initialization files for interactive users are owned by the home\ndirectory user or root.\"\n  desc  \"Local initialization files are used to configure the user's shell\nenvironment upon logon. Malicious modification of these files could compromise\naccounts upon logon.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the local initialization files of all local interactive users are\ngroup-owned by that user's primary Group Identifier (GID).\n\n    Check the home directory assignment for all non-privileged users on the\nsystem with the following command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\\\"/home/smithj\\\" and a primary group of \\\"users\\\".\n\n    # cut -d: -f 1,4,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n    smithj:1000:/home/smithj\n\n    # grep 1000 /etc/group\n    users:x:1000:smithj,jonesj,jacksons\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    Check the group owner of all local interactive user's initialization files\nwith the following command:\n\n    # ls -al /home/smithj/.[^.]* | more\n\n    -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile\n    -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login\n    -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something\n\n    If all local interactive user's initialization files are not group-owned by\nthat user's primary GID, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the owner of the local initialization files for interactive users to\neither the directory owner or root with the following command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\\\"/home/smithj\\\".\n\n    # chown smithj /home/smithj/.[^.]*\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72029\"\n  tag rid: \"SV-86653r3_rule\"\n  tag stig_id: \"RHEL-07-020690\"\n  tag fix_id: \"F-78381r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -name '.*' -not -user #{user_info.username} -a -not -user root\").stdout.split(\"\\n\")\n  end\n  describe \"Files and Directories not owned by the user or root of the parent home directory\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Files and Directories not owned by the user or root of the parent home directory is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72417</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87041r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have the required
-        packages for multifactor authentication installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+        packages for multifactor authentication installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Using an authentication device, such as a CAC or token that is
         separate from the information system, ensures that even if the information
         system is compromised, that compromise will not affect credentials stored on
@@ -20464,14 +19564,14 @@ Files and Directories not owned by the user or root of the parent home directory
         This requirement only applies to components where this is specific to the
         function of the device or has the concept of an organizational user (e.g., VPN,
         proxy capability). This does not apply to authentication for the purpose of
-        configuring the device itself (management).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+        configuring the device itself (management).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system has the packages required for multifactor
 authentication installed.
 
@@ -20484,205 +19584,174 @@ esc-1.1.0-26.el7.noarch.rpm
 # yum list installed pam_pkcs11
 pam_pkcs11-0.6.2-14.el7.noarch.rpm
 
-If the &quot;esc&quot; and &quot;pam_pkcs11&quot; packages are not installed, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "esc" and "pam_pkcs11" packages are not installed, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement multifactor authentication by
 installing the required packages.
 
-Install the &quot;esc&quot; and &quot;pam_pkcs11&quot; packages on the system with the
+Install the "esc" and "pam_pkcs11" packages on the system with the
 following command:
 
-# yum install esc pam_pkcs11</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ce77f883-365e-4027-8834-662b72110747</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The package is expected to be installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package nss-pam-ldapd&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package esc&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pam_pkcs11&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pam_krb5&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package opensc&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pcsc-lite-ccid&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package gdm&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package authconfig-gtk&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package krb5-workstation&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package krb5-pkinit&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pcsc-lite&#x60; is installed
---------------------------------
-passed
-The package is expected to be installed
-expected that &#x60;System Package pcsc-lite-libs&#x60; is installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73177</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000424-GPOS-00188</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87829r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+# yum install esc pam_pkcs11</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72417\" do\n  title \"The Red Hat Enterprise Linux operating system must have the required\n        packages for multifactor authentication installed.\"\n\n  desc  \"Using an authentication device, such as a CAC or token that is\n        separate from the information system, ensures that even if the information\n        system is compromised, that compromise will not affect credentials stored on\n        the authentication device.\n\n        Multifactor solutions that require devices separate from information\n        systems gaining access include, for example, hardware tokens providing\n        time-based or challenge-response authenticators and smart cards such as the\n        U.S. Government Personal Identity Verification card and the DoD Common Access\n        Card.\n\n        A privileged account is defined as an information system account with\n        authorizations of a privileged user.\n\n        Remote access is access to DoD nonpublic information systems by an\n        authorized user (or an information system) communicating through an external,\n        non-organization-controlled network. Remote access methods include, for\n        example, dial-up, broadband, and wireless.\n\n        This requirement only applies to components where this is specific to the\n        function of the device or has the concept of an organizational user (e.g., VPN,\n        proxy capability). This does not apply to authentication for the purpose of\n        configuring the device itself (management).\"\n\n  desc  \"check\", \"\n        Verify the operating system has the packages required for multifactor\n        authentication installed.\n\n        Check for the presence of the packages required to support multifactor\n        authentication with the following commands:\n\n        # yum list installed esc\n        esc-1.1.0-26.el7.noarch.rpm\n\n        # yum list installed pam_pkcs11\n        pam_pkcs11-0.6.2-14.el7.noarch.rpm\n\n        If the \\\"esc\\\" and \\\"pam_pkcs11\\\" packages are not installed, this is a\n        finding.\"\n\n  desc  \"fix\", \"\n        Configure the operating system to implement multifactor authentication by\n        installing the required packages.\n\n        Install the \\\"esc\\\" and \\\"pam_pkcs11\\\" packages on the system with the\n        following command:\n\n        # yum install esc pam_pkcs11\"\n\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00160\", \"SRG-OS-000375-GPOS-00161\", \"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-72417\"\n  tag rid: \"SV-87041r4_rule\"\n  tag stig_id: \"RHEL-07-041001\"\n  tag fix_id: \"F-78769r4_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\", \"Rev_4\"]\n\n  mfa_pkg_list = input('mfa_pkg_list')\n  smart_card_status = input('smart_card_status')\n\n  if smart_card_status.eql?('disabled')\n    impact 0.0\n    describe \"The system is not smartcard enabled thus this control is Not Applicable\" do\n      skip \"The system is not using Smartcards / PIVs to fulfil the MFA requirement, this control is Not Applicable.\"\n    end \n  elsif mfa_pkg_list.empty?\n    describe \"The required Smartcard packages have not beed defined, plese define them in your `inputs`.\" do\n      subjec { mfa_pkg_list }\n      it { should_not be_empty }\n    end\n  else\n    mfa_pkg_list.each do |pkg|\n      describe \"The package\" do\n        subject { package(\"#{pkg}\") }\n        it { should be_installed }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The package is expected to be installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package nss-pam-ldapd` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package esc` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pam_pkcs11` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pam_krb5` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package opensc` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pcsc-lite-ccid` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package gdm` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package authconfig-gtk` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package krb5-workstation` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package krb5-pkinit` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pcsc-lite` is installed
+--------------------------------
+passed :: TEST The package is expected to be installed :: MESSAGE expected that `System Package pcsc-lite-libs` is installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73177</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000424-GPOS-00188</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87829r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all wireless network adapters are disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all wireless network adapters are disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of wireless networking can introduce many different attack
-vectors into the organization&#39;s network. Common attack vectors such as
+vectors into the organization's network. Common attack vectors such as
 malicious association and ad hoc networks will allow an attacker to spoof a
 wireless access point (AP), allowing validated systems to connect to the
 malicious AP and enabling the attacker to monitor and record network traffic.
 These malicious APs can also serve to create a man-in-the-middle attack or be
-used to create a denial of service to valid network resources.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+used to create a denial of service to valid network resources.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that there are no wireless interfaces configured on the system.
 
-    This is N&#x2F;A for systems that do not have wireless network adapters.
+    This is N/A for systems that do not have wireless network adapters.
 
     Check for the presence of active wireless interfaces with the following
 command:
@@ -20695,437 +19764,420 @@ command:
 
     If a wireless interface is configured and its use on the system is not
 documented with the Information System Security Officer (ISSO), this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to disable all wireless network interfaces with the
 following command:
 
-    #nmcli radio wifi off</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c6f914d9-6752-4403-9827-ec2dad83ae80</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001443</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001444</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;nmcli device&#x60; stdout.strip is expected not to match &#x2F;wifi connected&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72027</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86651r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020680</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    #nmcli radio wifi off</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73177\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all wireless network adapters are disabled.\"\n  desc  \"The use of wireless networking can introduce many different attack\nvectors into the organization's network. Common attack vectors such as\nmalicious association and ad hoc networks will allow an attacker to spoof a\nwireless access point (AP), allowing validated systems to connect to the\nmalicious AP and enabling the attacker to monitor and record network traffic.\nThese malicious APs can also serve to create a man-in-the-middle attack or be\nused to create a denial of service to valid network resources.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that there are no wireless interfaces configured on the system.\n\n    This is N/A for systems that do not have wireless network adapters.\n\n    Check for the presence of active wireless interfaces with the following\ncommand:\n\n    # nmcli device\n    DEVICE TYPE STATE\n    eth0 ethernet connected\n    wlp3s0 wifi disconnected\n    lo loopback unmanaged\n\n    If a wireless interface is configured and its use on the system is not\ndocumented with the Information System Security Officer (ISSO), this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to disable all wireless network interfaces with the\nfollowing command:\n\n    #nmcli radio wifi off\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000424-GPOS-00188\"\n  tag gid: \"V-73177\"\n  tag rid: \"SV-87829r2_rule\"\n  tag stig_id: \"RHEL-07-041010\"\n  tag fix_id: \"F-79623r1_fix\"\n  tag cci: [\"CCI-001443\", \"CCI-001444\", \"CCI-002418\"]\n  tag nist: [\"AC-18 (1)\", \"AC-18 (1)\", \"SC-8\", \"Rev_4\"]\n\n  describe command('nmcli device') do\n    its('stdout.strip') { should_not match %r{wifi connected} }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001443</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001444</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `nmcli device` stdout.strip is expected not to match /wifi connected/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72027</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86651r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020680</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all files and directories contained in local interactive user home
-directories have a mode of 0750 or less permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directories have a mode of 0750 or less permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a local interactive user files have excessive permissions,
-unintended users may be able to access or modify them.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unintended users may be able to access or modify them.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories contained in a local interactive user home
-directory, excluding local initialization files, have a mode of &quot;0750&quot;.
+directory, excluding local initialization files, have a mode of "0750".
 
     Check the mode of all non-initialization files in a local interactive user
 home directory with the following command:
 
-    Files that begin with a &quot;.&quot; are excluded from this requirement.
+    Files that begin with a "." are excluded from this requirement.
 
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj".
 
-    # ls -lLR &#x2F;home&#x2F;smithj
+    # ls -lLR /home/smithj
     -rwxr-x--- 1 smithj smithj  18 Mar  5 17:06 file1
     -rwxr----- 1 smithj smithj 193 Mar  5 17:06 file2
     -rw-r-x--- 1 smithj smithj 231 Mar  5 17:06 file3
 
-    If any files are found with a mode more permissive than &quot;0750&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any files are found with a mode more permissive than "0750", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the mode on files and directories in the local interactive user home
 directory with the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and is a member of the users group.
-
-    # chmod 0750 &#x2F;home&#x2F;smithj&#x2F;&lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4daf0636-1517-4ce4-b01c-345d79c30d31</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72155</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86779r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030660</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj" and is a member of the users group.
+
+    # chmod 0750 /home/smithj/&lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72027\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories contained in local interactive user home\ndirectories have a mode of 0750 or less permissive.\"\n  desc  \"If a local interactive user files have excessive permissions,\nunintended users may be able to access or modify them.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories contained in a local interactive user home\ndirectory, excluding local initialization files, have a mode of \\\"0750\\\".\n\n    Check the mode of all non-initialization files in a local interactive user\nhome directory with the following command:\n\n    Files that begin with a \\\".\\\" are excluded from this requirement.\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -lLR /home/smithj\n    -rwxr-x--- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rwxr----- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r-x--- 1 smithj smithj 231 Mar  5 17:06 file3\n\n    If any files are found with a mode more permissive than \\\"0750\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Set the mode on files and directories in the local interactive user home\ndirectory with the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\" and is a member of the users group.\n\n    # chmod 0750 /home/smithj/&lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72027\"\n  tag rid: \"SV-86651r2_rule\"\n  tag stig_id: \"RHEL-07-020680\"\n  tag fix_id: \"F-78379r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -xdev ! -name '.*' -perm /027 ! -type l\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories with excessive permissions\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72155</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86779r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030660</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chage command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chage command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chage&quot; command occur.
+successful/unsuccessful attempts to use the "chage" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;chage &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/chage /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chage&quot; command occur.
+successful/unsuccessful attempts to use the "chage" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-passwd
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8ed2ad1b-e659-4c1c-bcfc-a210afa018de</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chage&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chage&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71905</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000070-GPOS-00038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86529r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72155\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chage command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chage\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/chage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chage\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/chage -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72155\"\n  tag rid: \"SV-86779r5_rule\"\n  tag stig_id: \"RHEL-07-030660\"\n  tag fix_id: \"F-78507r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/chage'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/chage" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/chage" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71905</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000070-GPOS-00038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86529r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, the new
-password must contain at least one lower-case character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+password must contain at least one lower-case character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -21134,492 +20186,474 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: The value to require a number of lower-case characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;lcredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "lcredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep lcredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    lcredit &#x3D; -1
+    # grep lcredit /etc/security/pwquality.conf
+    lcredit = -1
 
-    If the value of &quot;lcredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "lcredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to require at least one lower-case character when
 creating or changing a password.
 
     Add or modify the following line
-    in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;:
-
-    lcredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2eb7a38b-25c1-42ce-bcd4-52d819e92592</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf lcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72281</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86905r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    in "/etc/security/pwquality.conf":
+
+    lcredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71905\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, the new\npassword must contain at least one lower-case character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Note: The value to require a number of lower-case characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"lcredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep lcredit /etc/security/pwquality.conf\n    lcredit = -1\n\n    If the value of \\\"lcredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to require at least one lower-case character when\ncreating or changing a password.\n\n    Add or modify the following line\n    in \\\"/etc/security/pwquality.conf\\\":\n\n    lcredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000070-GPOS-00038\"\n  tag gid: \"V-71905\"\n  tag rid: \"SV-86529r5_rule\"\n  tag stig_id: \"RHEL-07-010130\"\n  tag fix_id: \"F-78257r6_fix\"\n  tag cci: [\"CCI-000193\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('lcredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf lcredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72281</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86905r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For Red Hat Enterprise Linux operating systems using DNS resolution,
-at least two name servers must be configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+at least two name servers must be configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To provide availability for name resolution services, multiple
 redundant name servers are mandated. A failure in name resolution could lead to
 the failure of security functions requiring name resolution, which may include
-time synchronization, centralized authentication, and remote system logging.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+time synchronization, centralized authentication, and remote system logging.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Determine whether the system is using local or DNS name resolution with the
 following command:
 
-    # grep hosts &#x2F;etc&#x2F;nsswitch.conf
+    # grep hosts /etc/nsswitch.conf
     hosts:   files dns
 
-    If the DNS entry is missing from the host&#39;s line in the
-&quot;&#x2F;etc&#x2F;nsswitch.conf&quot; file, the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file must be empty.
+    If the DNS entry is missing from the host's line in the
+"/etc/nsswitch.conf" file, the "/etc/resolv.conf" file must be empty.
 
-    Verify the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file is empty with the following command:
+    Verify the "/etc/resolv.conf" file is empty with the following command:
 
-    # ls -al &#x2F;etc&#x2F;resolv.conf
+    # ls -al /etc/resolv.conf
     -rw-r--r--  1 root root        0 Aug 19 08:31 resolv.conf
 
-    If local host authentication is being used and the &quot;&#x2F;etc&#x2F;resolv.conf&quot;
+    If local host authentication is being used and the "/etc/resolv.conf"
 file is not empty, this is a finding.
 
-    If the DNS entry is found on the host&#39;s line of the &quot;&#x2F;etc&#x2F;nsswitch.conf&quot;
+    If the DNS entry is found on the host's line of the "/etc/nsswitch.conf"
 file, verify the operating system is configured to use two or more name servers
 for DNS resolution.
 
     Determine the name servers used by the system with the following command:
 
-    # grep nameserver &#x2F;etc&#x2F;resolv.conf
+    # grep nameserver /etc/resolv.conf
     nameserver 192.168.1.2
     nameserver 192.168.1.3
 
     If less than two lines are returned that are not commented out, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to use two or more name servers for DNS
 resolution.
 
-    Edit the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file to uncomment or add the two or more
-&quot;nameserver&quot; option lines with the IP address of local authoritative name
-servers. If local host resolution is being performed, the &quot;&#x2F;etc&#x2F;resolv.conf&quot;
-file must be empty. An empty &quot;&#x2F;etc&#x2F;resolv.conf&quot; file can be created as
+    Edit the "/etc/resolv.conf" file to uncomment or add the two or more
+"nameserver" option lines with the IP address of local authoritative name
+servers. If local host resolution is being performed, the "/etc/resolv.conf"
+file must be empty. An empty "/etc/resolv.conf" file can be created as
 follows:
 
-    # echo -n &gt; &#x2F;etc&#x2F;resolv.conf
+    # echo -n &gt; /etc/resolv.conf
 
     And then make the file immutable with the following command:
 
-    # chattr +i &#x2F;etc&#x2F;resolv.conf
+    # chattr +i /etc/resolv.conf
 
-    If the &quot;&#x2F;etc&#x2F;resolv.conf&quot; file must be mutable, the required
+    If the "/etc/resolv.conf" file must be mutable, the required
 configuration must be documented with the Information System Security Officer
-(ISSO) and the file must be verified by the system file integrity tool.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>13f019cc-f2d2-4de5-a14e-0e3b36d8fa49</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-The system&#39;s nameservers: [&quot;nameserver 172.31.0.2&quot;] is expected not to equal nil
---------------------------------
-passed
-The number of nameservers is expected to cmp &gt;&#x3D; 2
-
-expected it to be &gt;&#x3D; 2
+(ISSO) and the file must be verified by the system file integrity tool.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72281\" do\n  title \"For Red Hat Enterprise Linux operating systems using DNS resolution,\nat least two name servers must be configured.\"\n  desc  \"To provide availability for name resolution services, multiple\nredundant name servers are mandated. A failure in name resolution could lead to\nthe failure of security functions requiring name resolution, which may include\ntime synchronization, centralized authentication, and remote system logging.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Determine whether the system is using local or DNS name resolution with the\nfollowing command:\n\n    # grep hosts /etc/nsswitch.conf\n    hosts:   files dns\n\n    If the DNS entry is missing from the host's line in the\n\\\"/etc/nsswitch.conf\\\" file, the \\\"/etc/resolv.conf\\\" file must be empty.\n\n    Verify the \\\"/etc/resolv.conf\\\" file is empty with the following command:\n\n    # ls -al /etc/resolv.conf\n    -rw-r--r--  1 root root        0 Aug 19 08:31 resolv.conf\n\n    If local host authentication is being used and the \\\"/etc/resolv.conf\\\"\nfile is not empty, this is a finding.\n\n    If the DNS entry is found on the host's line of the \\\"/etc/nsswitch.conf\\\"\nfile, verify the operating system is configured to use two or more name servers\nfor DNS resolution.\n\n    Determine the name servers used by the system with the following command:\n\n    # grep nameserver /etc/resolv.conf\n    nameserver 192.168.1.2\n    nameserver 192.168.1.3\n\n    If less than two lines are returned that are not commented out, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to use two or more name servers for DNS\nresolution.\n\n    Edit the \\\"/etc/resolv.conf\\\" file to uncomment or add the two or more\n\\\"nameserver\\\" option lines with the IP address of local authoritative name\nservers. If local host resolution is being performed, the \\\"/etc/resolv.conf\\\"\nfile must be empty. An empty \\\"/etc/resolv.conf\\\" file can be created as\nfollows:\n\n    # echo -n &gt; /etc/resolv.conf\n\n    And then make the file immutable with the following command:\n\n    # chattr +i /etc/resolv.conf\n\n    If the \\\"/etc/resolv.conf\\\" file must be mutable, the required\nconfiguration must be documented with the Information System Security Officer\n(ISSO) and the file must be verified by the system file integrity tool.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72281\"\n  tag rid: \"SV-86905r2_rule\"\n  tag stig_id: \"RHEL-07-040600\"\n  tag fix_id: \"F-78635r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  dns_in_host_line = parse_config_file(\"/etc/nsswitch.conf\",\n    {\n      comment_char: '#',\n      assignment_regex: /^\\s*([^:]*?)\\s*:\\s*(.*?)\\s*$/,\n    }\n  ).params['hosts'].include?('dns')\n\n  describe \"If `local` resolution is being used, a `hosts` entry in /etc/nsswitch.conf having `dns`\" do\n    subject { dns_in_host_line }\n    it { should be false }\n  end if !dns_in_host_line\n\n  describe \"If `local` resoultion is being used, the /etc/resolv.conf file should\" do\n    subject { parse_config_file(\"/etc/resolv.conf\", { comment_char: '#'}).params }\n    it { should be_empty }\n  end if !dns_in_host_line\n\n  nameservers = parse_config_file(\"/etc/resolv.conf\",\n    { comment_char: '#'}\n  ).params.keys.grep(/nameserver/)\n\n  describe \"The system's nameservers: #{nameservers}\" do\n  subject { nameservers }\n    it { should_not be nil }\n  end if dns_in_host_line\n\n  describe \"The number of nameservers\" do\n  subject { nameservers.count }\n    it { should cmp &gt;= 2 }\n  end if dns_in_host_line\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST The system's nameservers: ["nameserver 172.31.0.2"] is expected not to equal nil
+--------------------------------
+passed :: TEST The number of nameservers is expected to cmp &gt;= 2 :: MESSAGE 
+expected it to be &gt;= 2
      got: 1
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77825</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92521r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77825</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92521r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement virtual
-address space randomization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+address space randomization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Address space layout randomization (ASLR) makes it more difficult for
 an attacker to predict the location of attack code he or she has introduced
-into a process&#39;s address space during an attempt at exploitation. Additionally,
+into a process's address space during an attempt at exploitation. Additionally,
 ASLR also makes it more difficult for an attacker to know the location of
 existing code in order to repurpose it using return-oriented programming (ROP)
-techniques.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+techniques.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements virtual address space randomization.
 
-    # grep kernel.randomize_va_space &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep kernel.randomize_va_space /etc/sysctl.conf /etc/sysctl.d/*
 
-    kernel.randomize_va_space &#x3D; 2
+    kernel.randomize_va_space = 2
 
-    If &quot;kernel.randomize_va_space&quot; is not configured in the &#x2F;etc&#x2F;sysctl.conf
-file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out or does not have a
-value of &quot;2&quot;, this is a finding.
+    If "kernel.randomize_va_space" is not configured in the /etc/sysctl.conf
+file or in the /etc/sysctl.d/ directory, is commented out or does not have a
+value of "2", this is a finding.
 
     Check that the operating system implements virtual address space
 randomization with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep kernel.randomize_va_space
+    # /sbin/sysctl -a | grep kernel.randomize_va_space
 
-    kernel.randomize_va_space &#x3D; 2
+    kernel.randomize_va_space = 2
 
-    If &quot;kernel.randomize_va_space&quot; does not have a value of &quot;2&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "kernel.randomize_va_space" does not have a value of "2", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system implement virtual address space
 randomization.
 
     Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a config file in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory
+line to "/etc/sysctl.conf" or a config file in the /etc/sysctl.d/ directory
 (or modify the line to have the required value):
 
-    kernel.randomize_va_space &#x3D; 2
+    kernel.randomize_va_space = 2
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0ed2ba3d-e302-4de8-b71b-58a15c660775</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter kernel.randomize_va_space value is expected to eq 2</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77821</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000378-GPOS-00163</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92517r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-77825\" do\n  title \"The Red Hat Enterprise Linux operating system must implement virtual\naddress space randomization.\"\n  desc  \"Address space layout randomization (ASLR) makes it more difficult for\nan attacker to predict the location of attack code he or she has introduced\ninto a process's address space during an attempt at exploitation. Additionally,\nASLR also makes it more difficult for an attacker to know the location of\nexisting code in order to repurpose it using return-oriented programming (ROP)\ntechniques.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements virtual address space randomization.\n\n    # grep kernel.randomize_va_space /etc/sysctl.conf /etc/sysctl.d/*\n\n    kernel.randomize_va_space = 2\n\n    If \\\"kernel.randomize_va_space\\\" is not configured in the /etc/sysctl.conf\nfile or in the /etc/sysctl.d/ directory, is commented out or does not have a\nvalue of \\\"2\\\", this is a finding.\n\n    Check that the operating system implements virtual address space\nrandomization with the following command:\n\n    # /sbin/sysctl -a | grep kernel.randomize_va_space\n\n    kernel.randomize_va_space = 2\n\n    If \\\"kernel.randomize_va_space\\\" does not have a value of \\\"2\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system implement virtual address space\nrandomization.\n\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a config file in the /etc/sysctl.d/ directory\n(or modify the line to have the required value):\n\n    kernel.randomize_va_space = 2\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-77825\"\n  tag rid: \"SV-92521r2_rule\"\n  tag stig_id: \"RHEL-07-040201\"\n  tag fix_id: \"F-84531r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  randomize_va_space = input('randomize_va_space')\n\n  describe kernel_parameter('kernel.randomize_va_space') do\n    its('value') { should eq randomize_va_space }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter kernel.randomize_va_space value is expected to eq 2</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77821</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000378-GPOS-00163</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92517r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the Datagram Congestion Control Protocol (DCCP) kernel module is disabled
-unless required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unless required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Disabling DCCP protects the system against exploitation of any flaws
-in the protocol implementation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+in the protocol implementation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system disables the ability to load the DCCP kernel
 module.
 
-    # grep -r dccp &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;&#x2F;bin&#x2F;true&quot; | grep -v &quot;^#&quot;
+    # grep -r dccp /etc/modprobe.d/* | grep -i "/bin/true" | grep -v "^#"
 
-    install dccp &#x2F;bin&#x2F;true
+    install dccp /bin/true
 
     If the command does not return any output, or the line is commented out,
 and use of DCCP is not documented with the Information System Security Officer
@@ -21631,594 +20665,570 @@ module.
     Check to see if the DCCP kernel module is disabled with the following
 command:
 
-    # grep -i dccp &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;blacklist&quot; | grep -v &quot;^#&quot;
+    # grep -i dccp /etc/modprobe.d/* | grep -i "blacklist" | grep -v "^#"
 
     blacklist dccp
 
-    If the command does not return any output or the output is not &quot;blacklist
-dccp&quot;, and use of the dccp kernel module is not documented with the
+    If the command does not return any output or the output is not "blacklist
+dccp", and use of the dccp kernel module is not documented with the
 Information System Security Officer (ISSO) as an operational requirement, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable the ability to use the DCCP
 kernel module.
 
-    Create a file under &quot;&#x2F;etc&#x2F;modprobe.d&quot; with the following command:
+    Create a file under "/etc/modprobe.d" with the following command:
 
-    # touch &#x2F;etc&#x2F;modprobe.d&#x2F;dccp.conf
+    # touch /etc/modprobe.d/dccp.conf
 
     Add the following line to the created file:
 
-    install dccp &#x2F;bin&#x2F;true
+    install dccp /bin/true
 
     Ensure that the DCCP module is blacklisted:
 
-    # vi &#x2F;etc&#x2F;modprobe.d&#x2F;blacklist.conf
+    # vi /etc/modprobe.d/blacklist.conf
 
     Add or update the line:
 
-    blacklist dccp</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c7909635-28cc-4697-a716-e68afab0234a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Module dccp is expected not to be loaded
---------------------------------
-passed
-Kernel Module dccp is expected to be blacklisted</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86643r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020640</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    blacklist dccp</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-77821\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the Datagram Congestion Control Protocol (DCCP) kernel module is disabled\nunless required.\"\n  desc  \"Disabling DCCP protects the system against exploitation of any flaws\nin the protocol implementation.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system disables the ability to load the DCCP kernel\nmodule.\n\n    # grep -r dccp /etc/modprobe.d/* | grep -i \\\"/bin/true\\\" | grep -v \\\"^#\\\"\n\n    install dccp /bin/true\n\n    If the command does not return any output, or the line is commented out,\nand use of DCCP is not documented with the Information System Security Officer\n(ISSO) as an operational requirement, this is a finding.\n\n    Verify the operating system disables the ability to use the DCCP kernel\nmodule.\n\n    Check to see if the DCCP kernel module is disabled with the following\ncommand:\n\n    # grep -i dccp /etc/modprobe.d/* | grep -i \\\"blacklist\\\" | grep -v \\\"^#\\\"\n\n    blacklist dccp\n\n    If the command does not return any output or the output is not \\\"blacklist\ndccp\\\", and use of the dccp kernel module is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable the ability to use the DCCP\nkernel module.\n\n    Create a file under \\\"/etc/modprobe.d\\\" with the following command:\n\n    # touch /etc/modprobe.d/dccp.conf\n\n    Add the following line to the created file:\n\n    install dccp /bin/true\n\n    Ensure that the DCCP module is blacklisted:\n\n    # vi /etc/modprobe.d/blacklist.conf\n\n    Add or update the line:\n\n    blacklist dccp\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000378-GPOS-00163\"\n  tag gid: \"V-77821\"\n  tag rid: \"SV-92517r3_rule\"\n  tag stig_id: \"RHEL-07-020101\"\n  tag fix_id: \"F-84521r3_fix\"\n  tag cci: [\"CCI-001958\"]\n  tag nist: [\"IA-3\", \"Rev_4\"]\n\n  describe kernel_module('dccp') do\n    it { should_not be_loaded }\n    it { should be_blacklisted }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Module dccp is expected not to be loaded
+--------------------------------
+passed :: TEST Kernel Module dccp is expected to be blacklisted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72019</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86643r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020640</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user home directories are owned by their respective
-users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a local interactive user does not own their home directory,
-unauthorized users could access or modify the user&#39;s files, and the users may
-not be able to access their own files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized users could access or modify the user's files, and the users may
+not be able to access their own files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users on the
 system exists.
 
     Check the home directory assignment for all local interactive users on the
 system with the following command:
 
-    # ls -ld $(egrep &#39;:[0-9]{4}&#39; &#x2F;etc&#x2F;passwd | cut -d: -f6)
+    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)
 
-    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 &#x2F;home&#x2F;smithj
+    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj
 
-    If any home directories referenced in &quot;&#x2F;etc&#x2F;passwd&quot; are not owned by the
-interactive user, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the owner of a local interactive user&#39;s home directories to that
-owner. To change the owner of a local interactive user&#39;s home directory, use
+    If any home directories referenced in "/etc/passwd" are not owned by the
+interactive user, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the owner of a local interactive user's home directories to that
+owner. To change the owner of a local interactive user's home directory, use
 the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chown smithj &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5cf0f58a-b651-4427-8aa2-53d480fdf294</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Directory &#x2F;root is expected to exist
---------------------------------
-passed
-Directory &#x2F;root owner is expected to eq &quot;root&quot;
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user is expected to exist
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user owner is expected to eq &quot;ec2-user&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71925</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86549r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj".
+
+    # chown smithj /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72019\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories are owned by their respective\nusers.\"\n  desc  \"If a local interactive user does not own their home directory,\nunauthorized users could access or modify the user's files, and the users may\nnot be able to access their own files.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users on the\nsystem exists.\n\n    Check the home directory assignment for all local interactive users on the\nsystem with the following command:\n\n    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)\n\n    -rwxr-x--- 1 smithj users 18 Mar 5 17:06 /home/smithj\n\n    If any home directories referenced in \\\"/etc/passwd\\\" are not owned by the\ninteractive user, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the owner of a local interactive user's home directories to that\nowner. To change the owner of a local interactive user's home directory, use\nthe following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\".\n\n    # chown smithj /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72019\"\n  tag rid: \"SV-86643r5_rule\"\n  tag stig_id: \"RHEL-07-020640\"\n  tag fix_id: \"F-78371r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    describe directory(user_info.home) do\n      it { should exist }\n      its('owner') { should eq user_info.username }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Directory /root is expected to exist
+--------------------------------
+passed :: TEST Directory /root owner is expected to eq "root"
+--------------------------------
+passed :: TEST Directory /home/ec2-user is expected to exist
+--------------------------------
+passed :: TEST Directory /home/ec2-user owner is expected to eq "ec2-user"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71925</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000075-GPOS-00043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86549r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords for new users are restricted to a 24 hours&#x2F;1 day minimum
-lifetime.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords for new users are restricted to a 24 hours/1 day minimum
+lifetime.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enforcing a minimum password lifetime helps to prevent repeated
 password changes to defeat the password reuse or history enforcement
 requirement. If users are allowed to immediately and continually change their
 password, the password could be repeatedly changed in a short period of time to
-defeat the organization&#39;s policy regarding password reuse.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the operating system enforces 24 hours&#x2F;1 day as the minimum password
+defeat the organization's policy regarding password reuse.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the operating system enforces 24 hours/1 day as the minimum password
 lifetime for new user accounts.
 
-    Check for the value of &quot;PASS_MIN_DAYS&quot; in &quot;&#x2F;etc&#x2F;login.defs&quot; with the
+    Check for the value of "PASS_MIN_DAYS" in "/etc/login.defs" with the
 following command:
 
-    # grep -i pass_min_days &#x2F;etc&#x2F;login.defs
+    # grep -i pass_min_days /etc/login.defs
     PASS_MIN_DAYS     1
 
-    If the &quot;PASS_MIN_DAYS&quot; parameter value is not &quot;1&quot; or greater, or is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the operating system to enforce 24 hours&#x2F;1 day as the minimum
+    If the "PASS_MIN_DAYS" parameter value is not "1" or greater, or is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the operating system to enforce 24 hours/1 day as the minimum
 password lifetime.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;login.defs&quot; (or modify the line to have
+    Add the following line in "/etc/login.defs" (or modify the line to have
 the required value):
 
-    PASS_MIN_DAYS     1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f8374299-d09f-49f4-9933-79ef92a48e44</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-login.defs PASS_MIN_DAYS.to_i is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72247</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86871r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040370</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    PASS_MIN_DAYS     1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71925\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords for new users are restricted to a 24 hours/1 day minimum\nlifetime.\"\n  desc  \"Enforcing a minimum password lifetime helps to prevent repeated\npassword changes to defeat the password reuse or history enforcement\nrequirement. If users are allowed to immediately and continually change their\npassword, the password could be repeatedly changed in a short period of time to\ndefeat the organization's policy regarding password reuse.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces 24 hours/1 day as the minimum password\nlifetime for new user accounts.\n\n    Check for the value of \\\"PASS_MIN_DAYS\\\" in \\\"/etc/login.defs\\\" with the\nfollowing command:\n\n    # grep -i pass_min_days /etc/login.defs\n    PASS_MIN_DAYS     1\n\n    If the \\\"PASS_MIN_DAYS\\\" parameter value is not \\\"1\\\" or greater, or is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce 24 hours/1 day as the minimum\npassword lifetime.\n\n    Add the following line in \\\"/etc/login.defs\\\" (or modify the line to have\nthe required value):\n\n    PASS_MIN_DAYS     1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000075-GPOS-00043\"\n  tag gid: \"V-71925\"\n  tag rid: \"SV-86549r2_rule\"\n  tag stig_id: \"RHEL-07-010230\"\n  tag fix_id: \"F-78277r1_fix\"\n  tag cci: [\"CCI-000198\"]\n  tag nist: [\"IA-5 (1) (d)\", \"Rev_4\"]\n\n  describe login_defs do\n    its('PASS_MIN_DAYS.to_i') { should cmp &gt;= 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST login.defs PASS_MIN_DAYS.to_i is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72247</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86871r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040370</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not permit direct
-logons to the root account using remote access via SSH.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+logons to the root account using remote access via SSH.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Even though the communications channel may be encrypted, an additional
 layer of security is gained by extending the policy of not logging on directly
 as root. In addition, logging on with a user-specific account provides
-individual accountability of actions performed on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+individual accountability of actions performed on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify remote access using SSH prevents users from logging on directly as
 root.
 
     Check that SSH prevents users from logging on directly as root with the
 following command:
 
-    # grep -i permitrootlogin &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i permitrootlogin /etc/ssh/sshd_config
     PermitRootLogin no
 
-    If the &quot;PermitRootLogin&quot; keyword is set to &quot;yes&quot;, is missing, or is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "PermitRootLogin" keyword is set to "yes", is missing, or is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to stop users from logging on remotely as the root user.
 
-    Edit the appropriate  &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the
-line for the &quot;PermitRootLogin&quot; keyword and set its value to &quot;no&quot; (this file
+    Edit the appropriate  "/etc/ssh/sshd_config" file to uncomment or add the
+line for the "PermitRootLogin" keyword and set its value to "no" (this file
 may be named differently or be in a different location if using a version of
 SSH that is provided by a third-party vendor):
 
     PermitRootLogin no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d67b9348-7082-4926-b067-691d49dd7256</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PermitRootLogin is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72091</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86715r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72247\" do\n  title \"The Red Hat Enterprise Linux operating system must not permit direct\nlogons to the root account using remote access via SSH.\"\n  desc  \"Even though the communications channel may be encrypted, an additional\nlayer of security is gained by extending the policy of not logging on directly\nas root. In addition, logging on with a user-specific account provides\nindividual accountability of actions performed on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify remote access using SSH prevents users from logging on directly as\nroot.\n\n    Check that SSH prevents users from logging on directly as root with the\nfollowing command:\n\n    # grep -i permitrootlogin /etc/ssh/sshd_config\n    PermitRootLogin no\n\n    If the \\\"PermitRootLogin\\\" keyword is set to \\\"yes\\\", is missing, or is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to stop users from logging on remotely as the root user.\n\n    Edit the appropriate  \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the\nline for the \\\"PermitRootLogin\\\" keyword and set its value to \\\"no\\\" (this file\nmay be named differently or be in a different location if using a version of\nSSH that is provided by a third-party vendor):\n\n    PermitRootLogin no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72247\"\n  tag rid: \"SV-86871r3_rule\"\n  tag stig_id: \"RHEL-07-040370\"\n  tag fix_id: \"F-78601r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('PermitRootLogin') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PermitRootLogin is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72091</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86715r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must immediately notify
 the System Administrator (SA) and Information System Security Officer (ISSO)
 (at a minimum) via email when the threshold for the repository maximum audit
-record storage capacity is reached.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+record storage capacity is reached.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If security personnel are not notified immediately when the threshold
 for the repository maximum audit record storage capacity is reached, they are
-unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unable to expand the audit record storage capacity before records are lost.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system immediately notifies the SA and ISSO (at a
 minimum) via email when the allocated audit record storage volume reaches 75
 percent of the repository maximum audit record storage capacity.
@@ -22227,160 +21237,155 @@ percent of the repository maximum audit record storage capacity.
 repository maximum audit record storage capacity is reached with the following
 command:
 
-    # grep -i space_left_action  &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    space_left_action &#x3D; email
+    # grep -i space_left_action  /etc/audit/auditd.conf
+    space_left_action = email
 
-    If the value of the &quot;space_left_action&quot; keyword is not set to &quot;email&quot;,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "space_left_action" keyword is not set to "email",
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to immediately notify the SA and ISSO (at a
 minimum) when the threshold for the repository maximum audit record storage
 capacity is reached.
 
-    Uncomment or edit the &quot;space_left_action&quot; keyword in
-&quot;&#x2F;etc&#x2F;audit&#x2F;auditd.conf&quot; and set it to &quot;email&quot;.
-
-    space_left_action &#x3D; email</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2ca291b5-1c0a-40db-a586-4f0bff35ca7f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Audit Daemon Config space_left_action.downcase is expected to cmp &#x3D;&#x3D; &quot;email&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71963</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86587r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010490</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Uncomment or edit the "space_left_action" keyword in
+"/etc/audit/auditd.conf" and set it to "email".
+
+    space_left_action = email</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72091\" do\n  title \"The Red Hat Enterprise Linux operating system must immediately notify\nthe System Administrator (SA) and Information System Security Officer (ISSO)\n(at a minimum) via email when the threshold for the repository maximum audit\nrecord storage capacity is reached.\"\n  desc  \"If security personnel are not notified immediately when the threshold\nfor the repository maximum audit record storage capacity is reached, they are\nunable to expand the audit record storage capacity before records are lost.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system immediately notifies the SA and ISSO (at a\nminimum) via email when the allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity.\n\n    Check what action the operating system takes when the threshold for the\nrepository maximum audit record storage capacity is reached with the following\ncommand:\n\n    # grep -i space_left_action  /etc/audit/auditd.conf\n    space_left_action = email\n\n    If the value of the \\\"space_left_action\\\" keyword is not set to \\\"email\\\",\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to immediately notify the SA and ISSO (at a\nminimum) when the threshold for the repository maximum audit record storage\ncapacity is reached.\n\n    Uncomment or edit the \\\"space_left_action\\\" keyword in\n\\\"/etc/audit/auditd.conf\\\" and set it to \\\"email\\\".\n\n    space_left_action = email\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000343-GPOS-00134\"\n  tag gid: \"V-72091\"\n  tag rid: \"SV-86715r2_rule\"\n  tag stig_id: \"RHEL-07-030340\"\n  tag fix_id: \"F-78443r1_fix\"\n  tag cci: [\"CCI-001855\"]\n  tag nist: [\"AU-5 (1)\", \"Rev_4\"]\n\n  describe auditd_conf do\n    its('space_left_action.downcase') { should cmp 'email' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Audit Daemon Config space_left_action.downcase is expected to cmp == "email"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71963</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86587r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010490</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems prior to version 7.2 using
 Unified Extensible Firmware Interface (UEFI) must require authentication upon
-booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use BIOS, this is Not Applicable.
     For systems that are running RHEL 7.2 or newer, this is Not Applicable.
 
     Check to see if an encrypted root password is set. On systems that use
 UEFI, use the following command:
 
-    # grep -i password &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg
+    # grep -i password /boot/efi/EFI/redhat/grub.cfg
 
     password_pbkdf2 [superusers-account] [password-hash]
 
-    If the root password entry does not begin with &quot;password_pbkdf2&quot;, this is
+    If the root password entry does not begin with "password_pbkdf2", this is
 a finding.
 
-    If the &quot;superusers-account&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "superusers-account" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -22394,130 +21399,125 @@ a finding.
     PBKDF2 hash of your password is
 grub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45
 
-    Edit &quot;&#x2F;etc&#x2F;grub.d&#x2F;40_custom&quot; and add the following lines below the
+    Edit "/etc/grub.d/40_custom" and add the following lines below the
 comments:
 
-    # vi &#x2F;etc&#x2F;grub.d&#x2F;40_custom
+    # vi /etc/grub.d/40_custom
 
-    set superusers&#x3D;&quot;root&quot;
+    set superusers="root"
 
     password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}
 
-    Generate a new &quot;grub.conf&quot; file with the new password with the following
+    Generate a new "grub.conf" file with the new password with the following
 commands:
 
-    # grub2-mkconfig --output&#x3D;&#x2F;tmp&#x2F;grub2.cfg
-    # mv &#x2F;tmp&#x2F;grub2.cfg &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ae95c515-01dc-4fbd-a9d4-e2046d866652</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-EFI is not in use
-EFI is not in use so this control is NA</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72427</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87051r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-041002</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # grub2-mkconfig --output=/tmp/grub2.cfg
+    # mv /tmp/grub2.cfg /boot/efi/EFI/redhat/grub.cfg</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71963\" do\n  title \"Red Hat Enterprise Linux operating systems prior to version 7.2 using\nUnified Extensible Firmware Interface (UEFI) must require authentication upon\nbooting into single-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use BIOS, this is Not Applicable.\n    For systems that are running RHEL 7.2 or newer, this is Not Applicable.\n\n    Check to see if an encrypted root password is set. On systems that use\nUEFI, use the following command:\n\n    # grep -i password /boot/efi/EFI/redhat/grub.cfg\n\n    password_pbkdf2 [superusers-account] [password-hash]\n\n    If the root password entry does not begin with \\\"password_pbkdf2\\\", this is\na finding.\n\n    If the \\\"superusers-account\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-mkpasswd-pbkdf2\n\n    Enter Password:\n    Reenter Password:\n    PBKDF2 hash of your password is\ngrub.pbkdf2.sha512.10000.F3A7CFAA5A51EED123BE8238C23B25B2A6909AFC9812F0D45\n\n    Edit \\\"/etc/grub.d/40_custom\\\" and add the following lines below the\ncomments:\n\n    # vi /etc/grub.d/40_custom\n\n    set superusers=\\\"root\\\"\n\n    password_pbkdf2 root {hash from grub2-mkpasswd-pbkdf2 command}\n\n    Generate a new \\\"grub.conf\\\" file with the new password with the following\ncommands:\n\n    # grub2-mkconfig --output=/tmp/grub2.cfg\n    # mv /tmp/grub2.cfg /boot/efi/EFI/redhat/grub.cfg\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-71963\"\n  tag rid: \"SV-86587r4_rule\"\n  tag stig_id: \"RHEL-07-010490\"\n  tag fix_id: \"F-78315r3_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  os_minor_version = os().release.split('.')[1].to_i\n\n  # If OS version is 7.2 or later ONLY root is allowed\n  efi_superusers = os_minor_version &lt; 2 ? input('efi_superusers') : ['root']\n  # Also ensure that 'root' is in the list always\n  efi_superusers.push('root') if !efi_superusers.include?('root')\n  # Define the main cfg with the os name in the path to allow\n  # for this to work with RHEL variants (e.g. CentOS)\n  efi_main_cfg = \"/boot/efi/EFI/#{os().name}/grub.cfg\"\n\n  # If the main EFI config file does not exist this system is\n  # not using EFI and the control is NA\n  if !file(efi_main_cfg).exist?\n    impact 0.0\n    describe 'EFI is not in use' do\n      skip 'EFI is not in use so this control is NA'\n    end\n  # Ensure any superusers are configured with PBDKF2 passwords\n  else\n    efi_superusers.each do |user|\n      describe file(efi_main_cfg) do\n          its('content') { should match %r{^\\s*password_pbkdf2\\s+#{user} } }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST EFI is not in use :: SKIP_MESSAGE EFI is not in use so this control is NA</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72427</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87051r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-041002</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement
   multifactor authentication for access to privileged accounts via pluggable
-  authentication modules (PAM).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+  authentication modules (PAM).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Using an authentication device, such as a CAC or token that is
   separate from the information system, ensures that even if the information
   system is compromised, that compromise will not affect credentials stored on
@@ -22540,150 +21540,145 @@ EFI is not in use so this control is NA</FINDING_DETAILS>
       This requirement only applies to components where this is specific to the
   function of the device or has the concept of an organizational user (e.g., VPN,
   proxy capability). This does not apply to authentication for the purpose of
-  configuring the device itself (management).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+  configuring the device itself (management).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements multifactor authentication for
 remote access to privileged accounts via pluggable authentication modules (PAM).
 
-    Check the &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot; file for the authentication services that
+    Check the "/etc/sssd/sssd.conf" file for the authentication services that
 are being used with the following command:
 
-    # grep services &#x2F;etc&#x2F;sssd&#x2F;sssd.conf &#x2F;etc&#x2F;sssd&#x2F;conf.d&#x2F;*.conf
+    # grep services /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf
 
-    services &#x3D; nss, pam
+    services = nss, pam
 
-    If the &quot;pam&quot; service is not present on all &quot;services&quot; lines, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "pam" service is not present on all "services" lines, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement multifactor authentication for
 remote access to privileged accounts via pluggable authentication modules (PAM).
 
-    Modify all of the services lines in &quot;&#x2F;etc&#x2F;sssd&#x2F;sssd.conf&quot; or in
-configuration files found under &quot;&#x2F;etc&#x2F;sssd&#x2F;conf.d&quot; to include pam.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>07299d31-c8fa-40b3-ad4d-32f4b518032c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -i -E &#39;services( )*&#x3D;( )*(.+*)pam&#39; &#x2F;etc&#x2F;sssd&#x2F;sssd.conf&#x60; stdout.strip is expected to include &quot;pam&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72221</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86845r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Modify all of the services lines in "/etc/sssd/sssd.conf" or in
+configuration files found under "/etc/sssd/conf.d" to include pam.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72427\" do\n  title \"The Red Hat Enterprise Linux operating system must implement\n  multifactor authentication for access to privileged accounts via pluggable\n  authentication modules (PAM).\"\n  desc  \"Using an authentication device, such as a CAC or token that is\n  separate from the information system, ensures that even if the information\n  system is compromised, that compromise will not affect credentials stored on\n  the authentication device.\n\n      Multifactor solutions that require devices separate from information\n  systems gaining access include, for example, hardware tokens providing\n  time-based or challenge-response authenticators and smart cards such as the\n  U.S. Government Personal Identity Verification card and the DoD Common Access\n  Card.\n\n      A privileged account is defined as an information system account with\n  authorizations of a privileged user.\n\n      Remote access is access to DoD nonpublic information systems by an\n  authorized user (or an information system) communicating through an external,\n  non-organization-controlled network. Remote access methods include, for\n  example, dial-up, broadband, and wireless.\n\n      This requirement only applies to components where this is specific to the\n  function of the device or has the concept of an organizational user (e.g., VPN,\n  proxy capability). This does not apply to authentication for the purpose of\n  configuring the device itself (management).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements multifactor authentication for\n    remote access to privileged accounts via pluggable authentication modules (PAM).\n\n        Check the \\\"/etc/sssd/sssd.conf\\\" file for the authentication services that\n    are being used with the following command:\n\n        # grep services /etc/sssd/sssd.conf /etc/sssd/conf.d/*.conf\n\n        services = nss, pam\n\n        If the \\\"pam\\\" service is not present on all \\\"services\\\" lines, this is a\n    finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement multifactor authentication for\n    remote access to privileged accounts via pluggable authentication modules (PAM).\n\n        Modify all of the services lines in \\\"/etc/sssd/sssd.conf\\\" or in\n    configuration files found under \\\"/etc/sssd/conf.d\\\" to include pam.\"\n\n  impact 0.5  \n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00160\", \"SRG-OS-000375-GPOS-00161\",\n\"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-72427\"\n  tag rid: \"SV-87051r4_rule\"\n  tag stig_id: \"RHEL-07-041002\"\n  tag fix_id: \"F-78779r3_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\", \"Rev_4\"]\n\n  unless package('sssd').installed?\n    impact 0.0\n    describe \"The SSSD Package is not installed on the system\" do\n      skip \"This control is Not Appliciable without the SSSD Package installed.\"\n    end\n  else\n    if (!(sssd_files = command(\"find /etc/sssd -name *.conf\").stdout.split(\"\\n\")).empty?)\n      sssd_files.each do |file|\n        describe.one do\n          describe parse_config_file(file) do\n            its('services') { should include 'pam' }\n          end if package('sssd').installed?\n          describe command(\"grep -i -E 'services(\\s)*=(\\s)*(.+*)pam' #{file}\") do\n            its('stdout.strip') { should include 'pam' }\n          end if package('sssd').installed?\n        end if package('sssd').installed?\n      end\n    else\n      describe \"The set of SSSD configuration files\" do\n          subject { sssd_files.to_a }\n          it { should_not be_empty }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -i -E 'services( )*=( )*(.+*)pam' /etc/sssd/sssd.conf` stdout.strip is expected to include "pam"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72221</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86845r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a FIPS 140-2
-approved cryptographic algorithm for SSH communications.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+approved cryptographic algorithm for SSH communications.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unapproved mechanisms that are used for authentication to the
 cryptographic module are not verified and therefore cannot be relied upon to
 provide confidentiality or integrity, and DoD data may be compromised.
@@ -22694,14 +21689,14 @@ mechanisms for authenticating to cryptographic modules.
     FIPS 140-2 is the current standard for validating that mechanisms used to
 access cryptographic modules utilize authentication that meets DoD
 requirements. This allows for Security Levels 1, 2, 3, or 4 for use on a
-general purpose computing system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+general purpose computing system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system uses mechanisms meeting the requirements of
 applicable federal laws, Executive orders, directives, policies, regulations,
 standards, and guidance for authentication to a cryptographic module.
@@ -22710,516 +21705,487 @@ standards, and guidance for authentication to a cryptographic module.
 the system cannot implement FIPS 140-2-approved cryptographic algorithms and
 hashes.
 
-    The location of the &quot;sshd_config&quot; file may vary if a different daemon is
+    The location of the "sshd_config" file may vary if a different daemon is
 in use.
 
-    Inspect the &quot;Ciphers&quot; configuration with the following command:
+    Inspect the "Ciphers" configuration with the following command:
 
-    # grep -i ciphers &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i ciphers /etc/ssh/sshd_config
     Ciphers aes128-ctr,aes192-ctr,aes256-ctr
 
-    If any ciphers other than &quot;aes128-ctr&quot;, &quot;aes192-ctr&quot;, or &quot;aes256-ctr&quot;
-are listed, the &quot;Ciphers&quot; keyword is missing, or the returned line is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any ciphers other than "aes128-ctr", "aes192-ctr", or "aes256-ctr"
+are listed, the "Ciphers" keyword is missing, or the returned line is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to use FIPS 140-2 approved cryptographic algorithms.
 
     Add the following line (or modify the line to have the required value) to
-the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file (this file may be named differently or be in
+the "/etc/ssh/sshd_config" file (this file may be named differently or be in
 a different location if using a version of SSH that is provided by a
 third-party vendor).
 
     Ciphers aes128-ctr,aes192-ctr,aes256-ctr
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d5cb828c-d9b3-4ac1-8ead-515224f2ab5c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000803</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-[&quot;aes128-ctr&quot;, &quot;aes192-ctr&quot;, &quot;aes256-ctr&quot;] is expected to be in &quot;aes128-ctr&quot;, &quot;aes192-ctr&quot;, and &quot;aes256-ctr&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72131</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86755r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030540</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72221\" do\n  title \"The Red Hat Enterprise Linux operating system must use a FIPS 140-2\napproved cryptographic algorithm for SSH communications.\"\n  desc  \"Unapproved mechanisms that are used for authentication to the\ncryptographic module are not verified and therefore cannot be relied upon to\nprovide confidentiality or integrity, and DoD data may be compromised.\n\n    Operating systems utilizing encryption are required to use FIPS-compliant\nmechanisms for authenticating to cryptographic modules.\n\n    FIPS 140-2 is the current standard for validating that mechanisms used to\naccess cryptographic modules utilize authentication that meets DoD\nrequirements. This allows for Security Levels 1, 2, 3, or 4 for use on a\ngeneral purpose computing system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system uses mechanisms meeting the requirements of\napplicable federal laws, Executive orders, directives, policies, regulations,\nstandards, and guidance for authentication to a cryptographic module.\n\n    Note: If RHEL-07-021350 is a finding, this is automatically a finding as\nthe system cannot implement FIPS 140-2-approved cryptographic algorithms and\nhashes.\n\n    The location of the \\\"sshd_config\\\" file may vary if a different daemon is\nin use.\n\n    Inspect the \\\"Ciphers\\\" configuration with the following command:\n\n    # grep -i ciphers /etc/ssh/sshd_config\n    Ciphers aes128-ctr,aes192-ctr,aes256-ctr\n\n    If any ciphers other than \\\"aes128-ctr\\\", \\\"aes192-ctr\\\", or \\\"aes256-ctr\\\"\nare listed, the \\\"Ciphers\\\" keyword is missing, or the returned line is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to use FIPS 140-2 approved cryptographic algorithms.\n\n    Add the following line (or modify the line to have the required value) to\nthe \\\"/etc/ssh/sshd_config\\\" file (this file may be named differently or be in\na different location if using a version of SSH that is provided by a\nthird-party vendor).\n\n    Ciphers aes128-ctr,aes192-ctr,aes256-ctr\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000033-GPOS-00014\"\n  tag satisfies: [\"SRG-OS-000033-GPOS-00014\", \"SRG-OS-000120-GPOS-00061\",\n\"SRG-OS-000125-GPOS-00065\", \"SRG-OS-000250-GPOS-00093\",\n\"SRG-OS-000393-GPOS-00173\"]\n  tag gid: \"V-72221\"\n  tag rid: \"SV-86845r3_rule\"\n  tag stig_id: \"RHEL-07-040110\"\n  tag fix_id: \"F-78575r3_fix\"\n  tag cci: [\"CCI-000068\", \"CCI-000366\", \"CCI-000803\"]\n  tag nist: [\"AC-17 (2)\", \"CM-6 b\", \"IA-7\", \"Rev_4\"]\n\n  @ciphers_array = inspec.sshd_config.params['ciphers']\n\n  unless @ciphers_array.nil?\n    @ciphers_array = @ciphers_array.first.split(\",\")\n  end\n\n  describe @ciphers_array do\n    it { should be_in ['aes128-ctr', 'aes192-ctr', 'aes256-ctr'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000803</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST ["aes128-ctr", "aes192-ctr", "aes256-ctr"] is expected to be in "aes128-ctr", "aes192-ctr", and "aes256-ctr"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72131</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86755r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030540</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the truncate syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the truncate syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;truncate&quot; syscall occur.
+successful/unsuccessful attempts to use the "truncate" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw truncate &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw truncate /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;truncate&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"truncate" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;truncate&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S truncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0e015337-50cb-4153-9756-ad6a05dae087</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;truncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86823r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030880</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "truncate" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72131\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe truncate syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"truncate\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw truncate /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"truncate\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"truncate\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S truncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72131\"\n  tag rid: \"SV-86755r5_rule\"\n  tag stig_id: \"RHEL-07-030540\"\n  tag fix_id: \"F-78483r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"truncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"truncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"truncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"truncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "truncate" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86823r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030880</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the rename syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the rename syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rename&quot; syscall occur.
+successful/unsuccessful attempts to use the "rename" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw rename &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw rename /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;rename&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"rename" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rename&quot; syscall occur.
+successful/unsuccessful attempts to use the "rename" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rename -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>63351b06-7ddd-4894-a9b6-0845de033161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rename&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72233</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86857r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72199\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe rename syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"rename\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw rename /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"rename\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"rename\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rename -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72199\"\n  tag rid: \"SV-86823r5_rule\"\n  tag stig_id: \"RHEL-07-030880\"\n  tag fix_id: \"F-78553r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"rename\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"rename\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "rename" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rename" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rename" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rename" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72233</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86857r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all networked systems have SSH installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all networked systems have SSH installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without protection of the transmitted information, confidentiality and
 integrity may be compromised because unprotected communications can be
 intercepted and either read or altered.
@@ -23235,310 +22201,298 @@ interception and modification.
 can be accomplished by physical means (e.g., employing physical distribution
 systems) or by logical means (e.g., employing cryptographic techniques). If
 physical means of protection are employed, logical means (cryptography) do not
-have to be employed, and vice versa.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+have to be employed, and vice versa.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check to see if sshd is installed with the following command:
 
 # yum list installed \*ssh\*
-libssh2.x86_64 1.4.3-8.el7 @anaconda&#x2F;7.1
-openssh.x86_64 6.6.1p1-11.el7 @anaconda&#x2F;7.1
-openssh-server.x86_64 6.6.1p1-11.el7 @anaconda&#x2F;7.1
-
-If the &quot;SSH server&quot; package is not installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+libssh2.x86_64 1.4.3-8.el7 @anaconda/7.1
+openssh.x86_64 6.6.1p1-11.el7 @anaconda/7.1
+openssh-server.x86_64 6.6.1p1-11.el7 @anaconda/7.1
+
+If the "SSH server" package is not installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install SSH packages onto the host with the following commands:
 
-# yum install openssh-server.x86_64</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1791f9d7-337b-481b-86c3-fd572fb138bc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package openssh-server is expected to be installed
---------------------------------
-passed
-System Package openssh-clients is expected to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72011</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86635r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+# yum install openssh-server.x86_64</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72233\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all networked systems have SSH installed.\"\n  desc  \"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, logical means (cryptography) do not\nhave to be employed, and vice versa.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check to see if sshd is installed with the following command:\n\n    # yum list installed \\\\*ssh\\\\*\n    libssh2.x86_64 1.4.3-8.el7 @anaconda/7.1\n    openssh.x86_64 6.6.1p1-11.el7 @anaconda/7.1\n    openssh-server.x86_64 6.6.1p1-11.el7 @anaconda/7.1\n\n    If the \\\"SSH server\\\" package is not installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Install SSH packages onto the host with the following commands:\n\n    # yum install openssh-server.x86_64\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000423-GPOS-00187\"\n  tag satisfies: [\"SRG-OS-000423-GPOS-00187\", \"SRG-OS-000424-GPOS-00188\",\n\"SRG-OS-000425-GPOS-00189\", \"SRG-OS-000426-GPOS-00190\"]\n  tag gid: \"V-72233\"\n  tag rid: \"SV-86857r3_rule\"\n  tag stig_id: \"RHEL-07-040300\"\n  tag fix_id: \"F-78587r3_fix\"\n  tag cci: [\"CCI-002418\", \"CCI-002420\", \"CCI-002421\", \"CCI-002422\"]\n  tag nist: [\"SC-8\", \"SC-8 (2)\", \"SC-8 (1)\", \"SC-8 (2)\", \"Rev_4\"]\n\n  describe package('openssh-server') do\n    it { should be_installed }\n  end\n  describe package('openssh-clients') do\n    it { should be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package openssh-server is expected to be installed
+--------------------------------
+passed :: TEST System Package openssh-clients is expected to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72011</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86635r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive users have a home directory assigned in the
-&#x2F;etc&#x2F;passwd file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+/etc/passwd file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If local interactive users are not assigned a valid home directory,
-there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+there is no place for the storage and control of files they should own.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify local interactive users on the system have a home directory assigned.
 
     Check for missing local interactive user home directories with the
 following command:
 
     # pwck -r
-    user &#39;lp&#39;: directory &#39;&#x2F;var&#x2F;spool&#x2F;lpd&#39; does not exist
-    user &#39;news&#39;: directory &#39;&#x2F;var&#x2F;spool&#x2F;news&#39; does not exist
-    user &#39;uucp&#39;: directory &#39;&#x2F;var&#x2F;spool&#x2F;uucp&#39; does not exist
-    user &#39;smithj&#39;: directory &#39;&#x2F;home&#x2F;smithj&#39; does not exist
+    user 'lp': directory '/var/spool/lpd' does not exist
+    user 'news': directory '/var/spool/news' does not exist
+    user 'uucp': directory '/var/spool/uucp' does not exist
+    user 'smithj': directory '/home/smithj' does not exist
 
     Ask the System Administrator (SA) if any users found without home
 directories are local interactive users. If the SA is unable to provide a
 response, check for users with a User Identifier (UID) of 1000 or greater with
 the following command:
 
-    # cut -d: -f 1,3 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{2}$|:[0-9]{1,2}$&quot;
+    # cut -d: -f 1,3 /etc/passwd | egrep ":[1-4][0-9]{2}$|:[0-9]{1,2}$"
 
     If any interactive users do not have a home directory assigned, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Assign home directories to all local interactive users that
-currently do not have a home directory assigned.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>286869c1-b9a8-4071-aac5-8eaa5f480b51</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Directory &#x2F;root is expected to exist
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user is expected to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71919</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86543r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+currently do not have a home directory assigned.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72011\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive users have a home directory assigned in the\n/etc/passwd file.\"\n  desc  \"If local interactive users are not assigned a valid home directory,\nthere is no place for the storage and control of files they should own.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify local interactive users on the system have a home directory assigned.\n\n    Check for missing local interactive user home directories with the\nfollowing command:\n\n    # pwck -r\n    user 'lp': directory '/var/spool/lpd' does not exist\n    user 'news': directory '/var/spool/news' does not exist\n    user 'uucp': directory '/var/spool/uucp' does not exist\n    user 'smithj': directory '/home/smithj' does not exist\n\n    Ask the System Administrator (SA) if any users found without home\ndirectories are local interactive users. If the SA is unable to provide a\nresponse, check for users with a User Identifier (UID) of 1000 or greater with\nthe following command:\n\n    # cut -d: -f 1,3 /etc/passwd | egrep \\\":[1-4][0-9]{2}$|:[0-9]{1,2}$\\\"\n\n    If any interactive users do not have a home directory assigned, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Assign home directories to all local interactive users that\ncurrently do not have a home directory assigned.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72011\"\n  tag rid: \"SV-86635r2_rule\"\n  tag stig_id: \"RHEL-07-020600\"\n  tag fix_id: \"F-78363r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    describe directory(user_info.home) do\n      it { should exist }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Directory /root is expected to exist
+--------------------------------
+passed :: TEST Directory /home/ec2-user is expected to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71919</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86543r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the PAM system service is configured to store only encrypted
-representations of passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+representations of passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Passwords need to be protected at all times, and encryption is the
 standard method for protecting passwords. If passwords are not encrypted, they
 can be plainly read (i.e., clear text) and easily compromised. Passwords
 encrypted with a weak algorithm are no more protected than if they are kept in
-plain text.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+plain text.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the PAM system service is configured to store only encrypted
 representations of passwords. The strength of encryption that must be used to
 hash passwords for all accounts is SHA512.
@@ -23546,1083 +22500,1038 @@ hash passwords for all accounts is SHA512.
     Check that the system is configured to create SHA512 hashed passwords with
 the following command:
 
-    # grep password &#x2F;etc&#x2F;pam.d&#x2F;system-auth &#x2F;etc&#x2F;pam.d&#x2F;password-auth
+    # grep password /etc/pam.d/system-auth /etc/pam.d/password-auth
 
     Outcome should look like following:
-    &#x2F;etc&#x2F;pam.d&#x2F;system-auth-ac:password    sufficient    pam_unix.so sha512
+    /etc/pam.d/system-auth-ac:password    sufficient    pam_unix.so sha512
 shadow try_first_pass use_authtok
-    &#x2F;etc&#x2F;pam.d&#x2F;password-auth:password    sufficient    pam_unix.so sha512
+    /etc/pam.d/password-auth:password    sufficient    pam_unix.so sha512
 shadow try_first_pass use_authtok
 
-    If the &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; and &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot;
+    If the "/etc/pam.d/system-auth" and "/etc/pam.d/password-auth"
 configuration files allow for password hashes other than SHA512 to be used,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to store only SHA512 encrypted
 representations of passwords.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot;:
+    Add the following line in "/etc/pam.d/system-auth":
     pam_unix.so sha512 shadow try_first_pass use_authtok
 
-    Add the following line in &quot;&#x2F;etc&#x2F;pam.d&#x2F;password-auth&quot;:
+    Add the following line in "/etc/pam.d/password-auth":
     pam_unix.so sha512 shadow try_first_pass use_authtok
 
     Note: Manual changes to the listed files may be overwritten by the
-&quot;authconfig&quot; program. The &quot;authconfig&quot; program should not be used to update
-the configurations listed in this requirement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>653871fd-86a2-4085-b0aa-8e3659a578fe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include password sufficient pam_unix.so sha512
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;system-auth] lines is expected to include password .* pam_unix.so, all without args ^(md5|bigcrypt|sha256|blowfish)$</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86789r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"authconfig" program. The "authconfig" program should not be used to update
+the configurations listed in this requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71919\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the PAM system service is configured to store only encrypted\nrepresentations of passwords.\"\n  desc  \"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised. Passwords\nencrypted with a weak algorithm are no more protected than if they are kept in\nplain text.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the PAM system service is configured to store only encrypted\nrepresentations of passwords. The strength of encryption that must be used to\nhash passwords for all accounts is SHA512.\n\n    Check that the system is configured to create SHA512 hashed passwords with\nthe following command:\n\n    # grep password /etc/pam.d/system-auth /etc/pam.d/password-auth\n\n    Outcome should look like following:\n    /etc/pam.d/system-auth-ac:password    sufficient    pam_unix.so sha512\nshadow try_first_pass use_authtok\n    /etc/pam.d/password-auth:password    sufficient    pam_unix.so sha512\nshadow try_first_pass use_authtok\n\n    If the \\\"/etc/pam.d/system-auth\\\" and \\\"/etc/pam.d/password-auth\\\"\nconfiguration files allow for password hashes other than SHA512 to be used,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to store only SHA512 encrypted\nrepresentations of passwords.\n\n    Add the following line in \\\"/etc/pam.d/system-auth\\\":\n    pam_unix.so sha512 shadow try_first_pass use_authtok\n\n    Add the following line in \\\"/etc/pam.d/password-auth\\\":\n    pam_unix.so sha512 shadow try_first_pass use_authtok\n\n    Note: Manual changes to the listed files may be overwritten by the\n\\\"authconfig\\\" program. The \\\"authconfig\\\" program should not be used to update\nthe configurations listed in this requirement.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000073-GPOS-00041\"\n  tag gid: \"V-71919\"\n  tag rid: \"SV-86543r3_rule\"\n  tag stig_id: \"RHEL-07-010200\"\n  tag fix_id: \"F-78271r4_fix\"\n  tag cci: [\"CCI-000196\"]\n  tag nist: [\"IA-5 (1) (c)\", \"Rev_4\"]\n\n  describe pam(\"/etc/pam.d/system-auth\") do\n    its('lines') { should match_pam_rule('password sufficient pam_unix.so sha512') }\n    its('lines') { should match_pam_rule('password .* pam_unix.so').all_without_args('^(md5|bigcrypt|sha256|blowfish)$') }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include password sufficient pam_unix.so sha512
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/system-auth] lines is expected to include password .* pam_unix.so, all without args ^(md5|bigcrypt|sha256|blowfish)$</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86789r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the newgrp command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the newgrp command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;newgrp&quot; command occur.
+successful/unsuccessful attempts to use the "newgrp" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;newgrp &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/newgrp /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;newgrp -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;newgrp&quot; command occur.
+successful/unsuccessful attempts to use the "newgrp" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;newgrp -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6619d5d7-83dd-44f0-94a9-fa9ffc6bdb7b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;newgrp&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;newgrp&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72157</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86781r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030670</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72165\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe newgrp command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"newgrp\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -i /usr/bin/newgrp /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"newgrp\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/newgrp -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72165\"\n  tag rid: \"SV-86789r4_rule\"\n  tag stig_id: \"RHEL-07-030710\"\n  tag fix_id: \"F-78519r5_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/newgrp'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/newgrp" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/newgrp" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72157</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86781r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030670</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the userhelper command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the userhelper command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;userhelper&quot; command occur.
+successful/unsuccessful attempts to use the "userhelper" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;sbin&#x2F;userhelper &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/sbin/userhelper /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;userhelper -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
+    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;userhelper&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;userhelper -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>39c73214-e106-44ae-861e-3bbc53d3c453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;userhelper&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;userhelper&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73167</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87819r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030872</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "userhelper" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72157\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe userhelper command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"userhelper\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/sbin/userhelper /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"userhelper\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/userhelper -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72157\"\n  tag rid: \"SV-86781r5_rule\"\n  tag stig_id: \"RHEL-07-030670\"\n  tag fix_id: \"F-78509r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/userhelper'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/userhelper" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/userhelper" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73167</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87819r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030872</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;gshadow.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/gshadow.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;gshadow&quot;.
+"/etc/gshadow".
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;gshadow &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/gshadow /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;gshadow -p wa -k identity
+    -w /etc/gshadow -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;gshadow&quot;.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;gshadow -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>21200a49-bbab-4823-9153-7ee7b14f1161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;gshadow&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;gshadow&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71955</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86579r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/gshadow".
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/gshadow -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73167\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/gshadow.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/gshadow\\\".\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/gshadow /etc/audit/audit.rules\n\n    -w /etc/gshadow -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/gshadow\\\".\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/gshadow -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73167\"\n  tag rid: \"SV-87819r4_rule\"\n  tag stig_id: \"RHEL-07-030872\"\n  tag fix_id: \"F-79613r3_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/gshadow'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/gshadow" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/gshadow" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71955</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86579r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow an
-unrestricted logon to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unrestricted logon to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow an unrestricted logon to the
 system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Check for the value of the &quot;TimedLoginEnable&quot; parameter in
-&quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file with the following command:
+    Check for the value of the "TimedLoginEnable" parameter in
+"/etc/gdm/custom.conf" file with the following command:
 
-    # grep -i timedloginenable &#x2F;etc&#x2F;gdm&#x2F;custom.conf
-    TimedLoginEnable&#x3D;false
+    # grep -i timedloginenable /etc/gdm/custom.conf
+    TimedLoginEnable=false
 
-    If the value of &quot;TimedLoginEnable&quot; is not set to &quot;false&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "TimedLoginEnable" is not set to "false", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow an unrestricted account to log
 on to the system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Add or edit the line for the &quot;TimedLoginEnable&quot; parameter in the [daemon]
-section of the &quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file to &quot;false&quot;:
+    Add or edit the line for the "TimedLoginEnable" parameter in the [daemon]
+section of the "/etc/gdm/custom.conf" file to "false":
 
     [daemon]
-    TimedLoginEnable&#x3D;false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>60e98e57-4bbb-420f-bb58-8c3625a5cfe7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GDM installed
-The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86775r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030640</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    TimedLoginEnable=false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71955\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow an\nunrestricted logon to the system.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow an unrestricted logon to the\nsystem via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check for the value of the \\\"TimedLoginEnable\\\" parameter in\n\\\"/etc/gdm/custom.conf\\\" file with the following command:\n\n    # grep -i timedloginenable /etc/gdm/custom.conf\n    TimedLoginEnable=false\n\n    If the value of \\\"TimedLoginEnable\\\" is not set to \\\"false\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow an unrestricted account to log\non to the system via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Add or edit the line for the \\\"TimedLoginEnable\\\" parameter in the [daemon]\nsection of the \\\"/etc/gdm/custom.conf\\\" file to \\\"false\\\":\n\n    [daemon]\n    TimedLoginEnable=false\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71955\"\n  tag rid: \"SV-86579r3_rule\"\n  tag stig_id: \"RHEL-07-010450\"\n  tag fix_id: \"F-78307r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  custom_conf = '/etc/gdm/custom.conf'\n\n  if package('gdm').installed?\n    impact 0.7\n    if ((f = file(custom_conf)).exist?)\n      describe ini(custom_conf) do\n        its('daemon.TimedLoginEnable') { cmp false }\n      end\n    else\n      describe f do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GDM installed\" do\n      skip \"The system does not have GDM installed, this requirement is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GDM installed :: SKIP_MESSAGE The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86775r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030640</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the unix_chkpwd command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the unix_chkpwd command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged password commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unix_chkpwd&quot; command occur.
+successful/unsuccessful attempts to use the "unix_chkpwd" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/unix_chkpwd /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
+    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;unix_chkpwd&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-passwd
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ca6a9ed2-59dd-4d73-8835-227d5351be45</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;unix_chkpwd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71987</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000437-GPOS-00194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86611r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "unix_chkpwd" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-passwd
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72151\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe unix_chkpwd command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged password commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"unix_chkpwd\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw /usr/sbin/unix_chkpwd /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"unix_chkpwd\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/unix_chkpwd -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-passwd\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72151\"\n  tag rid: \"SV-86775r5_rule\"\n  tag stig_id: \"RHEL-07-030640\"\n  tag fix_id: \"F-78503r8_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/unix_chkpwd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/unix_chkpwd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/unix_chkpwd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71987</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000437-GPOS-00194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86611r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must remove all software
-components after updated versions have been installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+components after updated versions have been installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Previous versions of software components that are not removed from the
 information system after updates have been installed may be exploited by
 adversaries. Some information technology products may remove older versions of
-software automatically from the information system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+software automatically from the information system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system removes all software components after updated
 versions have been installed.
 
     Check if yum is configured to remove unneeded packages with the following
 command:
 
-    # grep -i clean_requirements_on_remove &#x2F;etc&#x2F;yum.conf
-    clean_requirements_on_remove&#x3D;1
+    # grep -i clean_requirements_on_remove /etc/yum.conf
+    clean_requirements_on_remove=1
 
-    If &quot;clean_requirements_on_remove&quot; is not set to &quot;1&quot;, &quot;True&quot;, or
-&quot;yes&quot;, or is not set in &quot;&#x2F;etc&#x2F;yum.conf&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "clean_requirements_on_remove" is not set to "1", "True", or
+"yes", or is not set in "/etc/yum.conf", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to remove all software components after
 updated versions have been installed.
 
-    Set the &quot;clean_requirements_on_remove&quot; option to &quot;1&quot; in the
-&quot;&#x2F;etc&#x2F;yum.conf&quot; file:
-
-    clean_requirements_on_remove&#x3D;1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>32b5973c-f3dd-400c-a670-cfd292226a77</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002617</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;yum.conf main.clean_requirements_on_remove is expected to match &#x2F;1|True|yes&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71909</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000266-GPOS-00101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86533r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the "clean_requirements_on_remove" option to "1" in the
+"/etc/yum.conf" file:
+
+    clean_requirements_on_remove=1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71987\" do\n  title \"The Red Hat Enterprise Linux operating system must remove all software\ncomponents after updated versions have been installed.\"\n  desc  \"Previous versions of software components that are not removed from the\ninformation system after updates have been installed may be exploited by\nadversaries. Some information technology products may remove older versions of\nsoftware automatically from the information system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system removes all software components after updated\nversions have been installed.\n\n    Check if yum is configured to remove unneeded packages with the following\ncommand:\n\n    # grep -i clean_requirements_on_remove /etc/yum.conf\n    clean_requirements_on_remove=1\n\n    If \\\"clean_requirements_on_remove\\\" is not set to \\\"1\\\", \\\"True\\\", or\n\\\"yes\\\", or is not set in \\\"/etc/yum.conf\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to remove all software components after\nupdated versions have been installed.\n\n    Set the \\\"clean_requirements_on_remove\\\" option to \\\"1\\\" in the\n\\\"/etc/yum.conf\\\" file:\n\n    clean_requirements_on_remove=1\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000437-GPOS-00194\"\n  tag gid: \"V-71987\"\n  tag rid: \"SV-86611r2_rule\"\n  tag stig_id: \"RHEL-07-020200\"\n  tag fix_id: \"F-78339r1_fix\"\n  tag cci: [\"CCI-002617\"]\n  tag nist: [\"SI-2 (6)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/yum.conf\") do\n    its('main.clean_requirements_on_remove') { should match %r{1|True|yes}i }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002617</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/yum.conf main.clean_requirements_on_remove is expected to match /1|True|yes/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71909</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000266-GPOS-00101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86533r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, the new
-password must contain at least one special character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+password must contain at least one special character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -24631,293 +23540,282 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enforces password complexity by requiring that
 at least one special character be used.
 
     Note: The value to require a number of special characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;ocredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "ocredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep ocredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    ocredit&#x3D;-1
+    # grep ocredit /etc/security/pwquality.conf
+    ocredit=-1
 
-    If the value of &quot;ocredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "ocredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce password complexity by requiring
-that at least one special character be used by setting the &quot;ocredit&quot; option.
+that at least one special character be used by setting the "ocredit" option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    ocredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0d9f4c9f-7987-4716-be9c-1d61a861986e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf ocredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72085</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86709r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    ocredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71909\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, the new\npassword must contain at least one special character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces password complexity by requiring that\nat least one special character be used.\n\n    Note: The value to require a number of special characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"ocredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep ocredit /etc/security/pwquality.conf\n    ocredit=-1\n\n    If the value of \\\"ocredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce password complexity by requiring\nthat at least one special character be used by setting the \\\"ocredit\\\" option.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    ocredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000266-GPOS-00101\"\n  tag gid: \"V-71909\"\n  tag rid: \"SV-86533r2_rule\"\n  tag stig_id: \"RHEL-07-010150\"\n  tag fix_id: \"F-78261r2_fix\"\n  tag cci: [\"CCI-001619\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('ocredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf ocredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72085</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86709r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must encrypt the
 transfer of audit records off-loaded onto a different system or media from the
-system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
-storage capacity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage capacity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system encrypts audit records off-loaded onto a
 different system or media from the system being audited.
 
     To determine if the transfer is encrypted, use the following command:
 
-    # grep -i enable_krb5 &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-    enable_krb5 &#x3D; yes
+    # grep -i enable_krb5 /etc/audisp/audisp-remote.conf
+    enable_krb5 = yes
 
-    If the value of the &quot;enable_krb5&quot; option is not set to &quot;yes&quot; or the
+    If the value of the "enable_krb5" option is not set to "yes" or the
 line is commented out, ask the System Administrator to indicate how the audit
 logs are off-loaded to a different system or media.
 
     If there is no evidence that the transfer of the audit logs being
-off-loaded to another system or media is encrypted, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+off-loaded to another system or media is encrypted, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to encrypt the transfer of off-loaded audit
 records onto a different system or media from the system being audited.
 
-    Uncomment the &quot;enable_krb5&quot; option in &quot;&#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf&quot;
+    Uncomment the "enable_krb5" option in "/etc/audisp/audisp-remote.conf"
 and set it with the following line:
 
-    enable_krb5 &#x3D; yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3a6e50e6-4114-4d8b-bcb3-2b53a49f9cda</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
-Can&#39;t find file: &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71859</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86483r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010030</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    enable_krb5 = yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72085\" do\n  title \"The Red Hat Enterprise Linux operating system must encrypt the\ntransfer of audit records off-loaded onto a different system or media from the\nsystem being audited.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system encrypts audit records off-loaded onto a\ndifferent system or media from the system being audited.\n\n    To determine if the transfer is encrypted, use the following command:\n\n    # grep -i enable_krb5 /etc/audisp/audisp-remote.conf\n    enable_krb5 = yes\n\n    If the value of the \\\"enable_krb5\\\" option is not set to \\\"yes\\\" or the\nline is commented out, ask the System Administrator to indicate how the audit\nlogs are off-loaded to a different system or media.\n\n    If there is no evidence that the transfer of the audit logs being\noff-loaded to another system or media is encrypted, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to encrypt the transfer of off-loaded audit\nrecords onto a different system or media from the system being audited.\n\n    Uncomment the \\\"enable_krb5\\\" option in \\\"/etc/audisp/audisp-remote.conf\\\"\nand set it with the following line:\n\n    enable_krb5 = yes\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-72085\"\n  tag rid: \"SV-86709r2_rule\"\n  tag stig_id: \"RHEL-07-030310\"\n  tag fix_id: \"F-78437r1_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  describe parse_config_file('/etc/audisp/audisp-remote.conf') do\n    its('enable_krb5'.to_s) { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST Parse Config File /etc/audisp/audisp-remote.conf :: SKIP_MESSAGE Can't find file: /etc/audisp/audisp-remote.conf</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71859</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86483r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the
 Standard Mandatory DoD Notice and Consent Banner before granting local or
-remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+remote access to the system via a graphical user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before
 granting access to the operating system ensures privacy and security
 notification verbiage used is consistent with applicable federal laws,
@@ -24930,7 +23828,7 @@ with human users and are not required when such human interfaces do not exist.
 the following verbiage for operating systems that can accommodate banners of
 1300 characters:
 
-    &quot;You are accessing a U.S. Government (USG) Information System (IS) that is
+    "You are accessing a U.S. Government (USG) Information System (IS) that is
 provided for USG-authorized use only.
 
     By using this IS (which includes any device attached to this IS), you
@@ -24955,14 +23853,14 @@ PM, LE or CI investigative searching or monitoring of the content of privileged
 communications, or work product, related to personal representation or services
 by attorneys, psychotherapists, or clergy, and their assistants. Such
 communications and work product are private and confidential. See User
-Agreement for details.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system displays the Standard Mandatory DoD Notice and
 Consent Banner before granting access to the operating system via a graphical
 user logon.
@@ -24973,14 +23871,14 @@ Applicable.
     Check to see if the operating system displays a banner at the logon screen
 with the following command:
 
-    # grep banner-message-enable &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    banner-message-enable&#x3D;true
+    # grep banner-message-enable /etc/dconf/db/local.d/*
+    banner-message-enable=true
 
-    If &quot;banner-message-enable&quot; is set to &quot;false&quot; or is missing, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "banner-message-enable" is set to "false" or is missing, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to display the Standard Mandatory DoD Notice
 and Consent Banner before granting access to the system.
 
@@ -24990,129 +23888,124 @@ Applicable.
     Create a database to contain the system-wide graphical user logon settings
 (if it does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message
+    # touch /etc/dconf/db/local.d/01-banner-message
 
-    Add the following line to the [org&#x2F;gnome&#x2F;login-screen] section of the
-&quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;01-banner-message&quot;:
+    Add the following line to the [org/gnome/login-screen] section of the
+"/etc/dconf/db/local.d/01-banner-message":
 
-    [org&#x2F;gnome&#x2F;login-screen]
-    banner-message-enable&#x3D;true
+    [org/gnome/login-screen]
+    banner-message-enable=true
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>93f1e1aa-a900-4a96-9093-aeca40101b56</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95731r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71859\" do\n  title \"The Red Hat Enterprise Linux operating system must display the\nStandard Mandatory DoD Notice and Consent Banner before granting local or\nremote access to the system via a graphical user logon.\"\n  desc  \"Display of a standardized and approved use notification before\ngranting access to the operating system ensures privacy and security\nnotification verbiage used is consistent with applicable federal laws,\nExecutive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces\nwith human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DoD policy. Use\nthe following verbiage for operating systems that can accommodate banners of\n1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is\nprovided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you\nconsent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for\npurposes including, but not limited to, penetration testing, COMSEC monitoring,\nnetwork operations and defense, personnel misconduct (PM), law enforcement\n(LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are\nsubject to routine monitoring, interception, and search, and may be disclosed\nor used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access\ncontrols) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to\nPM, LE or CI investigative searching or monitoring of the content of privileged\ncommunications, or work product, related to personal representation or services\nby attorneys, psychotherapists, or clergy, and their assistants. Such\ncommunications and work product are private and confidential. See User\nAgreement for details.\\\"\n\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system displays the Standard Mandatory DoD Notice and\nConsent Banner before granting access to the operating system via a graphical\nuser logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check to see if the operating system displays a banner at the logon screen\nwith the following command:\n\n    # grep banner-message-enable /etc/dconf/db/local.d/*\n    banner-message-enable=true\n\n    If \\\"banner-message-enable\\\" is set to \\\"false\\\" or is missing, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to display the Standard Mandatory DoD Notice\nand Consent Banner before granting access to the system.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Create a database to contain the system-wide graphical user logon settings\n(if it does not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/01-banner-message\n\n    Add the following line to the [org/gnome/login-screen] section of the\n\\\"/etc/dconf/db/local.d/01-banner-message\\\":\n\n    [org/gnome/login-screen]\n    banner-message-enable=true\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000023-GPOS-00006\"\n  tag satisfies: [\"SRG-OS-000023-GPOS-00006\", \"SRG-OS-000024-GPOS-00007\",\n\"SRG-OS-000228-GPOS-00088\"]\n  tag gid: \"V-71859\"\n  tag rid: \"SV-86483r4_rule\"\n  tag stig_id: \"RHEL-07-010030\"\n  tag fix_id: \"F-78211r4_fix\"\n  tag cci: [\"CCI-000048\"]\n  tag nist: [\"AC-8 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    if !dconf_user.nil? and command('whoami').stdout.strip == 'root'\n      describe command(\"sudo -u #{dconf_user} dconf read /org/gnome/login-screen/banner-message-enable\") do\n        its('stdout.strip') { should cmp banner_message_enabled.to_s }\n      end\n    else\n      describe command(\"dconf read /org/gnome/login-screen/banner-message-enable\") do\n        its('stdout.strip') { should cmp banner_message_enabled.to_s }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The GNOME desktop is not installed\" do      \n      skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81019</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95731r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must take appropriate
-action when the audisp-remote buffer is full.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+action when the audisp-remote buffer is full.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
@@ -25120,301 +24013,288 @@ incidental deletion or alteration.
 storage capacity.
 
     When the remote buffer is full, audit logs will not be collected and sent
-to the central log server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to the central log server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the audisp daemon is configured to take an appropriate action when
 the internal queue is full:
 
-    # grep &quot;overflow_action&quot; &#x2F;etc&#x2F;audisp&#x2F;audispd.conf
+    # grep "overflow_action" /etc/audisp/audispd.conf
 
-    overflow_action &#x3D; syslog
+    overflow_action = syslog
 
-    If the &quot;overflow_action&quot; option is not &quot;syslog&quot;, &quot;single&quot;, or
-&quot;halt&quot;, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;audispd.conf file and add or update the
-&quot;overflow_action&quot; option:
+    If the "overflow_action" option is not "syslog", "single", or
+"halt", or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/audispd.conf file and add or update the
+"overflow_action" option:
 
-    overflow_action &#x3D; syslog
+    overflow_action = syslog
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1fa781d0-99d7-4208-b41a-956b6cbe4dd0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audispd.conf overflow_action is expected to match &#x2F;syslog$|single$|halt$&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-78999</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93705r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030819</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81019\" do\n  title \"The Red Hat Enterprise Linux operating system must take appropriate\naction when the audisp-remote buffer is full.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    When the remote buffer is full, audit logs will not be collected and sent\nto the central log server.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the audisp daemon is configured to take an appropriate action when\nthe internal queue is full:\n\n    # grep \\\"overflow_action\\\" /etc/audisp/audispd.conf\n\n    overflow_action = syslog\n\n    If the \\\"overflow_action\\\" option is not \\\"syslog\\\", \\\"single\\\", or\n\\\"halt\\\", or the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/audispd.conf file and add or update the\n\\\"overflow_action\\\" option:\n\n    overflow_action = syslog\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81019\"\n  tag rid: \"SV-95731r1_rule\"\n  tag stig_id: \"RHEL-07-030210\"\n  tag fix_id: \"F-87853r3_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  if file('/etc/audisp/audispd.conf').exist?\n    describe parse_config_file('/etc/audisp/audispd.conf') do\n      its('overflow_action') { should match %r{syslog$|single$|halt$}i }\n    end\n  else\n    describe \"File '/etc/audisp/audispd.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audisp/audispd.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/audisp/audispd.conf overflow_action is expected to match /syslog$|single$|halt$/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-78999</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93705r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030819</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the create_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the create_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;create_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "create_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw create_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw create_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S create_module -k module-change
+    -a always,exit -F arch=b32 -S create_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S create_module -k module-change
+    -a always,exit -F arch=b64 -S create_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;create_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"create_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;create_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S create_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S create_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6585a9ce-7ad2-45b4-a248-175b2b36dbb8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;create_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72241</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86865r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "create_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S create_module -k module-change
+
+    -a always,exit -F arch=b64 -S create_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-78999\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe create_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"create_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw create_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S create_module -k module-change\n\n    -a always,exit -F arch=b64 -S create_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"create_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"create_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S create_module -k module-change\n\n    -a always,exit -F arch=b64 -S create_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-78999\"\n  tag rid: \"SV-93705r3_rule\"\n  tag stig_id: \"RHEL-07-030819\"\n  tag fix_id: \"F-85749r4_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"create_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"create_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "create_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "create_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "create_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "create_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72241</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86865r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all network connections associated with SSH traffic terminate after a
-period of inactivity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+period of inactivity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Terminating an idle SSH session within a short time period reduces the
 window of opportunity for unauthorized personnel to take control of a
 management session enabled on the console or console port that has been left
@@ -25422,185 +24302,180 @@ unattended. In addition, quickly terminating an idle SSH session will also free
 up resources committed by the managed network element.
 
     Terminating network connections associated with communications sessions
-includes, for example, de-allocating associated TCP&#x2F;IP address&#x2F;port pairs at
+includes, for example, de-allocating associated TCP/IP address/port pairs at
 the operating system level and de-allocating networking assignments at the
 application level if multiple application sessions are using a single operating
 system-level network connection. This does not mean that the operating system
 terminates all sessions or network access; it only ends the inactive session
-and releases the resources associated with that session.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and releases the resources associated with that session.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system automatically terminates a user session after
 inactivity time-outs have expired.
 
-    Check for the value of the &quot;ClientAliveCountMax&quot; keyword with the
+    Check for the value of the "ClientAliveCountMax" keyword with the
 following command:
 
-    # grep -i clientalivecount &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i clientalivecount /etc/ssh/sshd_config
     ClientAliveCountMax 0
 
-    If &quot;ClientAliveCountMax&quot; is not set to &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "ClientAliveCountMax" is not set to "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to terminate automatically a user session
 after inactivity time-outs have expired or at shutdown.
 
     Add the following line (or modify the line to have the required value) to
-the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file (this file may be named differently or be in
+the "/etc/ssh/sshd_config" file (this file may be named differently or be in
 a different location if using a version of SSH that is provided by a
 third-party vendor):
 
     ClientAliveCountMax 0
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9c1c590e-b562-4fae-a427-96057be87257</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The release is 7.8
-The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71849</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000257-GPOS-00098</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86473r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-72241\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all network connections associated with SSH traffic terminate after a\nperiod of inactivity.\"\n  desc  \"Terminating an idle SSH session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle SSH session will also free\nup resources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean that the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system automatically terminates a user session after\ninactivity time-outs have expired.\n\n    Check for the value of the \\\"ClientAliveCountMax\\\" keyword with the\nfollowing command:\n\n    # grep -i clientalivecount /etc/ssh/sshd_config\n    ClientAliveCountMax 0\n\n    If \\\"ClientAliveCountMax\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to terminate automatically a user session\nafter inactivity time-outs have expired or at shutdown.\n\n    Add the following line (or modify the line to have the required value) to\nthe \\\"/etc/ssh/sshd_config\\\" file (this file may be named differently or be in\na different location if using a version of SSH that is provided by a\nthird-party vendor):\n\n    ClientAliveCountMax 0\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000163-GPOS-00072\"\n  tag satisfies: [\"SRG-OS-000163-GPOS-00072\", \"SRG-OS-000279-GPOS-00109\"]\n  tag gid: \"V-72241\"\n  tag rid: \"SV-86865r4_rule\"\n  tag stig_id: \"RHEL-07-040340\"\n  tag fix_id: \"F-78595r4_fix\"\n  tag cci: [\"CCI-001133\", \"CCI-002361\"]\n  tag nist: [\"SC-10\", \"AC-12\", \"Rev_4\"]\n\n  if os.release.to_f &gt;= 7.4\n    impact 0.0\n    describe \"The release is #{os.release}\" do\n      skip \"The release is newer than 7.4; this control is Not Applicable.\"\n    end\n  else\n    describe sshd_config do\n      its('ClientAliveCountMax') { should cmp '0' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The release is 7.8 :: SKIP_MESSAGE The release is newer than 7.4; this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71849</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000257-GPOS-00098</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86473r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the file permissions, ownership, and group membership of system files and
-commands match the vendor values.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+commands match the vendor values.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Discretionary access control is weakened if a user or group has access
-permissions to system files and directories greater than the default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+permissions to system files and directories greater than the default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file permissions, ownership, and group membership of system
 files and commands match the vendor values.
 
     Check the default file permissions, ownership, and group membership of
 system files and commands with the following command:
 
-    # for i in &#x60;rpm -Va | egrep -i &#39;^\.[M|U|G|.]{8}&#39; | cut -d &quot; &quot; -f4,5&#x60;;do
-for j in &#x60;rpm -qf $i&#x60;;do rpm -ql $j --dump | cut -d &quot; &quot; -f1,5,6,7 | grep
+    # for i in `rpm -Va | egrep -i '^\.[M|U|G|.]{8}' | cut -d " " -f4,5`;do
+for j in `rpm -qf $i`;do rpm -ql $j --dump | cut -d " " -f1,5,6,7 | grep
 $i;done;done
 
-    &#x2F;var&#x2F;log&#x2F;gdm 040755 root root
-    &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf 0100640 root root
-    &#x2F;usr&#x2F;bin&#x2F;passwd 0104755 root root
+    /var/log/gdm 040755 root root
+    /etc/audisp/audisp-remote.conf 0100640 root root
+    /usr/bin/passwd 0104755 root root
 
     For each file returned, verify the current permissions, ownership, and
 group membership:
     # ls -la &lt;filename&gt;
 
-    -rw-------. 1 root root 133 Jan 11 13:25 &#x2F;etc&#x2F;audisp&#x2F;audisp-remote.conf
+    -rw-------. 1 root root 133 Jan 11 13:25 /etc/audisp/audisp-remote.conf
 
     If the file is more permissive than the default permissions, this is a
 finding.
@@ -25609,10 +24484,10 @@ finding.
 the Information System Security Officer (ISSO), this is a finding.
 
     If the file is not a member of the default group and is not documented with
-the Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+the Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Run the following command to determine which package owns the file:
 
     # rpm -qf &lt;filename&gt;
@@ -25625,589 +24500,567 @@ following command:
 
     Reset the permissions of files within a package with the following command:
 
-    #rpm --setperms &lt;packagename&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0b588496-09c3-41ac-a6a4-4815ccbedb7d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This control consistently takes a long time to run and has been disabled
-    using the disable_slow_controls attribute.
-This control consistently takes a long time to run and has been disabled
+    #rpm --setperms &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71849\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the file permissions, ownership, and group membership of system files and\ncommands match the vendor values.\"\n  desc  \"Discretionary access control is weakened if a user or group has access\npermissions to system files and directories greater than the default.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file permissions, ownership, and group membership of system\nfiles and commands match the vendor values.\n\n    Check the default file permissions, ownership, and group membership of\nsystem files and commands with the following command:\n\n    # for i in `rpm -Va | egrep -i '^\\\\.[M|U|G|.]{8}' | cut -d \\\" \\\" -f4,5`;do\nfor j in `rpm -qf $i`;do rpm -ql $j --dump | cut -d \\\" \\\" -f1,5,6,7 | grep\n$i;done;done\n\n    /var/log/gdm 040755 root root\n    /etc/audisp/audisp-remote.conf 0100640 root root\n    /usr/bin/passwd 0104755 root root\n\n    For each file returned, verify the current permissions, ownership, and\ngroup membership:\n    # ls -la &lt;filename&gt;\n\n    -rw-------. 1 root root 133 Jan 11 13:25 /etc/audisp/audisp-remote.conf\n\n    If the file is more permissive than the default permissions, this is a\nfinding.\n\n    If the file is not owned by the default owner and is not documented with\nthe Information System Security Officer (ISSO), this is a finding.\n\n    If the file is not a member of the default group and is not documented with\nthe Information System Security Officer (ISSO), this is a finding.\n  \"\n  desc  \"fix\", \"\n    Run the following command to determine which package owns the file:\n\n    # rpm -qf &lt;filename&gt;\n\n    Reset the user and group ownership of files within a package with the\nfollowing command:\n\n    #rpm --setugids &lt;packagename&gt;\n\n\n    Reset the permissions of files within a package with the following command:\n\n    #rpm --setperms &lt;packagename&gt;\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000257-GPOS-00098\"\n  tag satisfies: [\"SRG-OS-000257-GPOS-00098\", \"SRG-OS-000278-GPOS-00108\"]\n  tag gid: \"V-71849\"\n  tag rid: \"SV-86473r4_rule\"\n  tag stig_id: \"RHEL-07-010010\"\n  tag fix_id: \"F-78201r4_fix\"\n  tag cci: [\"CCI-001494\", \"CCI-001496\", \"CCI-002165\", \"CCI-002235\"]\n  tag nist: [\"AU-9\", \"AU-9 (3)\", \"AC-3 (4)\", \"AC-6 (10)\", \"Rev_4\"]\n\n  if input('disable_slow_controls')\n    describe \"This control consistently takes a long time to run and has been disabled\n    using the disable_slow_controls attribute.\" do\n      skip \"This control consistently takes a long time to run and has been disabled\n            using the disable_slow_controls attribute. You must enable this control for a\n            full accredidation for production.\"\n    end\n  else\n    describe command(\"rpm -Va | grep '^.M' | awk 'NF&gt;1{print $NF}'\").stdout.strip.split(\"\\n\") do\n      it { should all(be_in rpm_verify_perms_except) }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This control consistently takes a long time to run and has been disabled
+    using the disable_slow_controls attribute. :: SKIP_MESSAGE This control consistently takes a long time to run and has been disabled
             using the disable_slow_controls attribute. You must enable this control for a
-            full accredidation for production.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72267</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86891r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+            full accredidation for production.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72267</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86891r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not allow compression or only allows compression after
-successful authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+successful authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If compression is allowed in an SSH connection prior to
 authentication, vulnerabilities in the compression software could result in
 compromise of the system from an unauthenticated connection, potentially with
-root privileges.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+root privileges.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon performs compression after a user successfully
 authenticates.
 
     Check that the SSH daemon performs compression after a user successfully
 authenticates with the following command:
 
-    # grep -i compression &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i compression /etc/ssh/sshd_config
     Compression delayed
 
-    If the &quot;Compression&quot; keyword is set to &quot;yes&quot;, is missing, or the
-returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;Compression&quot; keyword in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this
+    If the "Compression" keyword is set to "yes", is missing, or the
+returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "Compression" keyword in "/etc/ssh/sshd_config" (this
 file may be named differently or be in a different location if using a version
 of SSH that is provided by a third-party vendor) on the system and set the
-value to &quot;delayed&quot; or &quot;no&quot;:
+value to "delayed" or "no":
 
     Compression no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6c14e759-e927-4a3d-a5e4-aab98729bcdb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration Compression is expected to cmp &#x3D;&#x3D; &quot;delayed&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86835r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-031010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72267\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow compression or only allows compression after\nsuccessful authentication.\"\n  desc  \"If compression is allowed in an SSH connection prior to\nauthentication, vulnerabilities in the compression software could result in\ncompromise of the system from an unauthenticated connection, potentially with\nroot privileges.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon performs compression after a user successfully\nauthenticates.\n\n    Check that the SSH daemon performs compression after a user successfully\nauthenticates with the following command:\n\n    # grep -i compression /etc/ssh/sshd_config\n    Compression delayed\n\n    If the \\\"Compression\\\" keyword is set to \\\"yes\\\", is missing, or the\nreturned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"Compression\\\" keyword in \\\"/etc/ssh/sshd_config\\\" (this\nfile may be named differently or be in a different location if using a version\nof SSH that is provided by a third-party vendor) on the system and set the\nvalue to \\\"delayed\\\" or \\\"no\\\":\n\n    Compression no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72267\"\n  tag rid: \"SV-86891r3_rule\"\n  tag stig_id: \"RHEL-07-040470\"\n  tag fix_id: \"F-78621r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe sshd_config do\n      its('Compression') { should cmp 'delayed' }\n    end\n    describe sshd_config do\n      its('Compression') { should cmp 'no' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration Compression is expected to cmp == "delayed"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86835r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-031010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the rsyslog daemon does not accept log messages from other servers unless
-the server is being used for log aggregation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the server is being used for log aggregation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unintentionally running a rsyslog server accepting remote messages
 puts the system at increased risk. Malicious rsyslog messages sent to the
 server could exploit vulnerabilities in the server software itself, could
-introduce misleading information in to the system&#39;s logs, or could fill the
-system&#39;s storage leading to a Denial of Service.
+introduce misleading information in to the system's logs, or could fill the
+system's storage leading to a Denial of Service.
 
     If the system is intended to be a log aggregation server its use must be
-documented with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the system is not accepting &quot;rsyslog&quot; messages from other
+documented with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the system is not accepting "rsyslog" messages from other
 systems unless it is documented as a log aggregation server.
 
-    Check the configuration of &quot;rsyslog&quot; with the following command:
+    Check the configuration of "rsyslog" with the following command:
 
-    # grep imtcp &#x2F;etc&#x2F;rsyslog.conf
+    # grep imtcp /etc/rsyslog.conf
     $ModLoad imtcp
-    # grep imudp &#x2F;etc&#x2F;rsyslog.conf
+    # grep imudp /etc/rsyslog.conf
     $ModLoad imudp
-    # grep imrelp &#x2F;etc&#x2F;rsyslog.conf
+    # grep imrelp /etc/rsyslog.conf
     $ModLoad imrelp
 
-    If any of the above modules are being loaded in the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot;
+    If any of the above modules are being loaded in the "/etc/rsyslog.conf"
 file, ask to see the documentation for the system being used for log
 aggregation.
 
     If the documentation does not exist, or does not specify the server as a
-log aggregation system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Modify the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; file to remove the &quot;ModLoad
-imtcp&quot;, &quot;ModLoad imudp&quot;, and &quot;ModLoad imrelp&quot; configuration lines, or
-document the system as being used for log aggregation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>50190009-09d9-41fd-8703-70323fd727f9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;rsyslog.conf content is expected to match &#x2F;\$ModLoad\s+imtcp.*\n?$&#x2F;
---------------------------------
-passed
-File &#x2F;etc&#x2F;rsyslog.conf content is expected not to match &#x2F;^\$ModLoad\s+imtcp.*\n?$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72239</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86863r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+log aggregation system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Modify the "/etc/rsyslog.conf" file to remove the "ModLoad
+imtcp", "ModLoad imudp", and "ModLoad imrelp" configuration lines, or
+document the system as being used for log aggregation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72211\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the rsyslog daemon does not accept log messages from other servers unless\nthe server is being used for log aggregation.\"\n  desc  \"Unintentionally running a rsyslog server accepting remote messages\nputs the system at increased risk. Malicious rsyslog messages sent to the\nserver could exploit vulnerabilities in the server software itself, could\nintroduce misleading information in to the system's logs, or could fill the\nsystem's storage leading to a Denial of Service.\n\n    If the system is intended to be a log aggregation server its use must be\ndocumented with the ISSO.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the system is not accepting \\\"rsyslog\\\" messages from other\nsystems unless it is documented as a log aggregation server.\n\n    Check the configuration of \\\"rsyslog\\\" with the following command:\n\n    # grep imtcp /etc/rsyslog.conf\n    $ModLoad imtcp\n    # grep imudp /etc/rsyslog.conf\n    $ModLoad imudp\n    # grep imrelp /etc/rsyslog.conf\n    $ModLoad imrelp\n\n    If any of the above modules are being loaded in the \\\"/etc/rsyslog.conf\\\"\nfile, ask to see the documentation for the system being used for log\naggregation.\n\n    If the documentation does not exist, or does not specify the server as a\nlog aggregation system, this is a finding.\n  \"\n  desc  \"fix\", \"Modify the \\\"/etc/rsyslog.conf\\\" file to remove the \\\"ModLoad\nimtcp\\\", \\\"ModLoad imudp\\\", and \\\"ModLoad imrelp\\\" configuration lines, or\ndocument the system as being used for log aggregation.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72211\"\n  tag rid: \"SV-86835r2_rule\"\n  tag stig_id: \"RHEL-07-031010\"\n  tag fix_id: \"F-78565r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  log_aggregation_server = input('log_aggregation_server')\n\n  if log_aggregation_server\n    describe file('/etc/rsyslog.conf') do\n      its('content') { should match %r{^\\$ModLoad\\s+imtcp.*\\n?$} }\n    end\n  else\n    describe.one do\n      describe file('/etc/rsyslog.conf') do\n        its('content') { should match %r{\\$ModLoad\\s+imtcp.*\\n?$} }\n      end\n      describe file('/etc/rsyslog.conf') do\n        its('content') { should_not match %r{^\\$ModLoad\\s+imtcp.*\\n?$} }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/rsyslog.conf content is expected to match /\$ModLoad\s+imtcp.*\n?$/
+--------------------------------
+passed :: TEST File /etc/rsyslog.conf content is expected not to match /^\$ModLoad\s+imtcp.*\n?$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72239</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86863r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not allow authentication using RSA rhosts
-authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Check the version of the operating system with the following command:
 
-    # cat &#x2F;etc&#x2F;redhat-release
+    # cat /etc/redhat-release
 
     If the release is 7.4 or newer this requirement is Not Applicable.
 
     Verify the SSH daemon does not allow authentication using RSA rhosts
 authentication.
 
-    To determine how the SSH daemon&#39;s &quot;RhostsRSAAuthentication&quot; option is
+    To determine how the SSH daemon's "RhostsRSAAuthentication" option is
 set, run the following command:
 
-    # grep RhostsRSAAuthentication &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep RhostsRSAAuthentication /etc/ssh/sshd_config
     RhostsRSAAuthentication no
 
-    If the value is returned as &quot;yes&quot;, the returned line is commented out, or
-no output is returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is returned as "yes", the returned line is commented out, or
+no output is returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH daemon to not allow authentication using RSA rhosts
 authentication.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;, or uncomment the line
-and set the value to &quot;no&quot;:
+    Add the following line in "/etc/ssh/sshd_config", or uncomment the line
+and set the value to "no":
 
     RhostsRSAAuthentication no
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>68bac1f7-7c4b-4544-8b51-f9a6fb2d83c6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration RhostsRSAAuthentication is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-77819</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-92515r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010061</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72239\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using RSA rhosts\nauthentication.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Check the version of the operating system with the following command:\n\n    # cat /etc/redhat-release\n\n    If the release is 7.4 or newer this requirement is Not Applicable.\n\n    Verify the SSH daemon does not allow authentication using RSA rhosts\nauthentication.\n\n    To determine how the SSH daemon's \\\"RhostsRSAAuthentication\\\" option is\nset, run the following command:\n\n    # grep RhostsRSAAuthentication /etc/ssh/sshd_config\n    RhostsRSAAuthentication no\n\n    If the value is returned as \\\"yes\\\", the returned line is commented out, or\nno output is returned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH daemon to not allow authentication using RSA rhosts\nauthentication.\n\n    Add the following line in \\\"/etc/ssh/sshd_config\\\", or uncomment the line\nand set the value to \\\"no\\\":\n\n    RhostsRSAAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72239\"\n  tag rid: \"SV-86863r4_rule\"\n  tag stig_id: \"RHEL-07-040330\"\n  tag fix_id: \"F-78593r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('RhostsRSAAuthentication') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration RhostsRSAAuthentication is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-77819</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000375-GPOS-00160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-92515r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010061</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must uniquely identify
 and must authenticate users using multifactor authentication via a graphical
-user logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To assure accountability and prevent unauthenticated access, users
 must be identified and authenticated to prevent potential misuse and compromise
 of the system.
@@ -26216,14 +25069,14 @@ of the system.
 systems gaining access include, for example, hardware tokens providing
 time-based or challenge-response authenticators and smart cards such as the
 U.S. Government Personal Identity Verification card and the DoD Common Access
-Card.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Card.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system uniquely identifies and authenticates users
 using multifactor authentication via a graphical user logon.
 
@@ -26233,23 +25086,23 @@ Applicable.
     Determine which profile the system database is using with the following
 command:
 
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Note: The example is using the database local for the system, so the path
-is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database other
+is "/etc/dconf/db/local.d". This path must be modified if a database other
 than local is being used.
 
-    # grep enable-smartcard-authentication &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
+    # grep enable-smartcard-authentication /etc/dconf/db/local.d/*
 
-    enable-smartcard-authentication&#x3D;true
+    enable-smartcard-authentication=true
 
-    If &quot;enable-smartcard-authentication&quot; is set to &quot;false&quot; or the keyword
-is missing, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "enable-smartcard-authentication" is set to "false" or the keyword
+is missing, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to uniquely identify and authenticate users
 using multifactor authentication via a graphical user logon.
 
@@ -26260,955 +25113,906 @@ Applicable.
 does not already exist) with the following command:
 
     Note: The example is using the database local for the system, so if the
-system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the file
+system is using another database in "/etc/dconf/profile/user", the file
 should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-defaults
+    # touch /etc/dconf/db/local.d/00-defaults
 
-    Edit &quot;[org&#x2F;gnome&#x2F;login-screen]&quot; and add or update the following line:
-    enable-smartcard-authentication&#x3D;true
+    Edit "[org/gnome/login-screen]" and add or update the following line:
+    enable-smartcard-authentication=true
 
     Update the system databases:
-    # dconf update</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c4fec7e9-d4c8-46b8-ae7a-b64f9286e21e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.
---------------------------------
-skipped
-The pcsc-lite package is not installed
-The pcsc-lite package is not installed, this control is Not Applicable.
---------------------------------
-skipped
-The esc package is not installed
-The esc package is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86725r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030390</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # dconf update</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-77819\" do\n  title \"The Red Hat Enterprise Linux operating system must uniquely identify\nand must authenticate users using multifactor authentication via a graphical\nuser logon.\"\n  desc  \"To assure accountability and prevent unauthenticated access, users\nmust be identified and authenticated to prevent potential misuse and compromise\nof the system.\n\n    Multifactor solutions that require devices separate from information\nsystems gaining access include, for example, hardware tokens providing\ntime-based or challenge-response authenticators and smart cards such as the\nU.S. Government Personal Identity Verification card and the DoD Common Access\nCard.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system uniquely identifies and authenticates users\nusing multifactor authentication via a graphical user logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Determine which profile the system database is using with the following\ncommand:\n\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Note: The example is using the database local for the system, so the path\nis \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database other\nthan local is being used.\n\n    # grep enable-smartcard-authentication /etc/dconf/db/local.d/*\n\n    enable-smartcard-authentication=true\n\n    If \\\"enable-smartcard-authentication\\\" is set to \\\"false\\\" or the keyword\nis missing, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to uniquely identify and authenticate users\nusing multifactor authentication via a graphical user logon.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example is using the database local for the system, so if the\nsystem is using another database in \\\"/etc/dconf/profile/user\\\", the file\nshould be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/00-defaults\n\n    Edit \\\"[org/gnome/login-screen]\\\" and add or update the following line:\n    enable-smartcard-authentication=true\n\n    Update the system databases:\n    # dconf update\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000375-GPOS-00160\"\n  tag satisfies: [\"SRG-OS-000375-GPOS-00161\", \"SRG-OS-000375-GPOS-00162\"]\n  tag gid: \"V-77819\"\n  tag rid: \"SV-92515r2_rule\"\n  tag stig_id: \"RHEL-07-010061\"\n  tag fix_id: \"F-84519r4_fix\"\n  tag cci: [\"CCI-001948\", \"CCI-001953\", \"CCI-001954\"]\n  tag nist: [\"IA-2 (11)\", \"IA-2 (12)\", \"IA-2 (12)\"]\n\n  multifactor_enabled = input('multifactor_enabled')\n  dconf_user = input('dconf_user')\n\n  if package('gnome-desktop3').installed? &amp;&amp; package('pcsc-lite').installed? || package('esc').installed?\n    impact 0.5\n    if !dconf_user.nil? &amp;&amp; command('whoami').stdout.strip == 'root'\n      describe command(\"sudo -u #{dconf_user} dconf read /org/gnome/login-screen/enable-smartcard-authentication\") do\n        its('stdout.strip') { should eq multifactor_enabled.to_s }\n      end\n    else\n      describe command(\"dconf read /org/gnome/login-screen/enable-smartcard-authentication\") do\n        its('stdout.strip') { should eq multifactor_enabled.to_s }\n      end\n    end\n  else\n    impact 0.0\n    if !package('gnome-desktop3').installed?\n      describe \"The GNOME desktop is not installed\" do\n        skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n      end\n    end\n\n    if !package('pcsc-lite').installed?\n      describe \"The pcsc-lite package is not installed\" do\n        skip \"The pcsc-lite package is not installed, this control is Not Applicable.\"\n      end\n    end\n    if !package('esc').installed?\n      describe \"The esc package is not installed\" do\n        skip \"The esc package is not installed, this control is Not Applicable.\"\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001948</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.
+--------------------------------
+skipped :: TEST The pcsc-lite package is not installed :: SKIP_MESSAGE The pcsc-lite package is not installed, this control is Not Applicable.
+--------------------------------
+skipped :: TEST The esc package is not installed :: SKIP_MESSAGE The esc package is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86725r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030390</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the lchown syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the lchown syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;lchown&quot; syscall occur.
+successful/unsuccessful attempts to use the "lchown" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw lchown &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw lchown /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;lchown&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    If both the "b32" and "b64" audit rules are not defined for the
+"lchown" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S lchown -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a1e2eeb2-2293-4b49-a683-4f050cf7d3d0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;lchown&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72123</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86747r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72101\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe lchown syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"lchown\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw lchown /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"lchown\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S lchown -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000474-GPOS-00219\"]\n  tag gid: \"V-72101\"\n  tag rid: \"SV-86725r5_rule\"\n  tag stig_id: \"RHEL-07-030390\"\n  tag fix_id: \"F-78453r8_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"lchown\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"lchown\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "lchown" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lchown" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lchown" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "lchown" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72123</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86747r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the creat syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the creat syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;creat&quot; syscall occur.
+successful/unsuccessful attempts to use the "creat" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw creat &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw creat /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S creat F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S creat F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;creat&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"creat" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;creat&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules:
-
-    -a always,exit -F arch&#x3D;b32 -S creat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S creat -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a79c8e29-aa4b-41ad-a6b6-97d9c85b1117</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;creat&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86665r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "creat" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules:
+
+    -a always,exit -F arch=b32 -S creat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72123\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe creat syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"creat\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw creat /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S creat F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"creat\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"creat\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules:\n\n    -a always,exit -F arch=b32 -S creat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S creat -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72123\"\n  tag rid: \"SV-86747r5_rule\"\n  tag stig_id: \"RHEL-07-030500\"\n  tag fix_id: \"F-78475r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"creat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"creat\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n\n  if os.arch == 'x86_64'\n     describe auditd.syscall(\"creat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"creat\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "creat" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86665r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that file systems containing user home directories are mounted to prevent files
-with the setuid and setgid bit set from being executed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute setuid
+with the setuid and setgid bit set from being executed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute setuid
 and setgid files with owner privileges. This option must be used for mounting
 any file system not containing approved setuid and setguid files. Executing
 files from untrusted file systems increases the opportunity for unprivileged
-users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify file systems that contain user home directories are mounted with the
-&quot;nosuid&quot; option.
+"nosuid" option.
 
     Find the file system(s) that contain the user home directories with the
 following command:
 
     Note: If a separate file system has not been created for the user home
-directories (user home directories are mounted under &quot;&#x2F;&quot;), this is not a
-finding as the &quot;nosuid&quot; option cannot be used on the &quot;&#x2F;&quot; system.
+directories (user home directories are mounted under "/"), this is not a
+finding as the "nosuid" option cannot be used on the "/" system.
 
-    # cut -d: -f 1,3,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
-    smithj:1001:&#x2F;home&#x2F;smithj
-    thomasr:1002:&#x2F;home&#x2F;thomasr
+    # cut -d: -f 1,3,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
+    smithj:1001:/home/smithj
+    thomasr:1002:/home/thomasr
 
     Check the file systems that are mounted at boot time with the following
 command:
 
-    # more &#x2F;etc&#x2F;fstab
-
-    UUID&#x3D;a411dc99-f2a1-4c87-9e05-184977be8539 &#x2F;home   ext4
-rw,relatime,discard,data&#x3D;ordered,nosuid 0 2
-
-    If a file system found in &quot;&#x2F;etc&#x2F;fstab&quot; refers to the user home directory
-file system and it does not have the &quot;nosuid&quot; option set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the &quot;&#x2F;etc&#x2F;fstab&quot; to use the &quot;nosuid&quot; option on
-file systems that contain user home directories.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6c7fecee-94fe-4fbd-9bf0-3780de59a264</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;home options is expected to include &quot;nosuid&quot;
-expected nil to include &quot;nosuid&quot;, but it does not respond to &#x60;include?&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86577r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # more /etc/fstab
+
+    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home   ext4
+rw,relatime,discard,data=ordered,nosuid 0 2
+
+    If a file system found in "/etc/fstab" refers to the user home directory
+file system and it does not have the "nosuid" option set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the "/etc/fstab" to use the "nosuid" option on
+file systems that contain user home directories.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72041\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat file systems containing user home directories are mounted to prevent files\nwith the setuid and setgid bit set from being executed.\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute setuid\nand setgid files with owner privileges. This option must be used for mounting\nany file system not containing approved setuid and setguid files. Executing\nfiles from untrusted file systems increases the opportunity for unprivileged\nusers to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify file systems that contain user home directories are mounted with the\n\\\"nosuid\\\" option.\n\n    Find the file system(s) that contain the user home directories with the\nfollowing command:\n\n    Note: If a separate file system has not been created for the user home\ndirectories (user home directories are mounted under \\\"/\\\"), this is not a\nfinding as the \\\"nosuid\\\" option cannot be used on the \\\"/\\\" system.\n\n    # cut -d: -f 1,3,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n    smithj:1001:/home/smithj\n    thomasr:1002:/home/thomasr\n\n    Check the file systems that are mounted at boot time with the following\ncommand:\n\n    # more /etc/fstab\n\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /home   ext4\nrw,relatime,discard,data=ordered,nosuid 0 2\n\n    If a file system found in \\\"/etc/fstab\\\" refers to the user home directory\nfile system and it does not have the \\\"nosuid\\\" option set, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the \\\"/etc/fstab\\\" to use the \\\"nosuid\\\" option on\nfile systems that contain user home directories.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72041\"\n  tag rid: \"SV-86665r4_rule\"\n  tag stig_id: \"RHEL-07-021000\"\n  tag fix_id: \"F-78393r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe mount('/home') do\n    its('options') { should include 'nosuid' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /home options is expected to include "nosuid" :: MESSAGE expected nil to include "nosuid", but it does not respond to `include?`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86577r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow an
-unattended or automatic logon to the system via a graphical user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unattended or automatic logon to the system via a graphical user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Failure to restrict system access to authenticated users negatively
-impacts operating system security.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+impacts operating system security.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system does not allow an unattended or automatic logon
 to the system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Check for the value of the &quot;AutomaticLoginEnable&quot; in the
-&quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file with the following command:
+    Check for the value of the "AutomaticLoginEnable" in the
+"/etc/gdm/custom.conf" file with the following command:
 
-    # grep -i automaticloginenable &#x2F;etc&#x2F;gdm&#x2F;custom.conf
-    AutomaticLoginEnable&#x3D;false
+    # grep -i automaticloginenable /etc/gdm/custom.conf
+    AutomaticLoginEnable=false
 
-    If the value of &quot;AutomaticLoginEnable&quot; is not set to &quot;false&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "AutomaticLoginEnable" is not set to "false", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to not allow an unattended or automatic
 logon to the system via a graphical user interface.
 
     Note: If the system does not have GNOME installed, this requirement is Not
 Applicable.
 
-    Add or edit the line for the &quot;AutomaticLoginEnable&quot; parameter in the
-[daemon] section of the &quot;&#x2F;etc&#x2F;gdm&#x2F;custom.conf&quot; file to &quot;false&quot;:
+    Add or edit the line for the "AutomaticLoginEnable" parameter in the
+[daemon] section of the "/etc/gdm/custom.conf" file to "false":
 
     [daemon]
-    AutomaticLoginEnable&#x3D;false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d9791a0c-2703-4526-9ef4-d93f55c00674</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GDM installed
-The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71969</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86593r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    AutomaticLoginEnable=false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71953\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow an\nunattended or automatic logon to the system via a graphical user interface.\"\n  desc  \"Failure to restrict system access to authenticated users negatively\nimpacts operating system security.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system does not allow an unattended or automatic logon\nto the system via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check for the value of the \\\"AutomaticLoginEnable\\\" in the\n\\\"/etc/gdm/custom.conf\\\" file with the following command:\n\n    # grep -i automaticloginenable /etc/gdm/custom.conf\n    AutomaticLoginEnable=false\n\n    If the value of \\\"AutomaticLoginEnable\\\" is not set to \\\"false\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to not allow an unattended or automatic\nlogon to the system via a graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Add or edit the line for the \\\"AutomaticLoginEnable\\\" parameter in the\n[daemon] section of the \\\"/etc/gdm/custom.conf\\\" file to \\\"false\\\":\n\n    [daemon]\n    AutomaticLoginEnable=false\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00229\"\n  tag gid: \"V-71953\"\n  tag rid: \"SV-86577r2_rule\"\n  tag stig_id: \"RHEL-07-010440\"\n  tag fix_id: \"F-78305r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  custom_conf = '/etc/gdm/custom.conf'\n\n  if package('gdm').installed?\n    if ((f = file(custom_conf)).exist?)\n      describe ini(custom_conf) do\n        its('daemon.AutomaticLoginEnable') { cmp false }\n      end\n    else\n      describe f do\n        it { should exist }\n      end\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GDM installed\" do\n      skip \"The system does not have GDM installed, this requirement is Not Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GDM installed :: SKIP_MESSAGE The system does not have GDM installed, this requirement is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71969</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-GPOS-00049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86593r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have the ypserv
-package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Removing the &quot;ypserv&quot; package decreases the risk of the accidental
-(or intentional) activation of NIS or NIS+ services.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Removing the "ypserv" package decreases the risk of the accidental
+(or intentional) activation of NIS or NIS+ services.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The NIS service provides an unencrypted authentication service that does
 not provide for the confidentiality and integrity of user passwords or the
 remote session.
 
-    Check to see if the &quot;ypserve&quot; package is installed with the following
+    Check to see if the "ypserve" package is installed with the following
 command:
 
     # yum list installed ypserv
 
-    If the &quot;ypserv&quot; package is installed, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "ypserv" package is installed, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable non-essential capabilities by
-removing the &quot;ypserv&quot; package from the system with the following command:
-
-    # yum remove ypserv</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b354a5ea-9814-4888-ac81-6f21aa3b2679</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package ypserv is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72017</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86641r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020630</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+removing the "ypserv" package from the system with the following command:
+
+    # yum remove ypserv</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71969\" do\n  title \"The Red Hat Enterprise Linux operating system must not have the ypserv\npackage installed.\"\n  desc  \"Removing the \\\"ypserv\\\" package decreases the risk of the accidental\n(or intentional) activation of NIS or NIS+ services.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    The NIS service provides an unencrypted authentication service that does\nnot provide for the confidentiality and integrity of user passwords or the\nremote session.\n\n    Check to see if the \\\"ypserve\\\" package is installed with the following\ncommand:\n\n    # yum list installed ypserv\n\n    If the \\\"ypserv\\\" package is installed, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable non-essential capabilities by\nremoving the \\\"ypserv\\\" package from the system with the following command:\n\n    # yum remove ypserv\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000095-GPOS-00049\"\n  tag gid: \"V-71969\"\n  tag rid: \"SV-86593r2_rule\"\n  tag stig_id: \"RHEL-07-020010\"\n  tag fix_id: \"F-78321r1_fix\"\n  tag cci: [\"CCI-000381\"]\n  tag nist: [\"CM-7 a\", \"Rev_4\"]\n\n  describe package(\"ypserv\") do\n    it { should_not be_installed }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package ypserv is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72017</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86641r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020630</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local interactive user home directories have mode 0750 or less
-permissive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+permissive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Excessive permissions on local interactive user home directories may
-allow unauthorized access to user files by other users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+allow unauthorized access to user files by other users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users has a
-mode of &quot;0750&quot; or less permissive.
+mode of "0750" or less permissive.
 
     Check the home directory assignment for all non-privileged users on the
 system with the following command:
@@ -27217,280 +26021,268 @@ system with the following command:
 User Identifier (UID). Evidence of interactive use may be obtained from a
 number of log files containing system logon information.
 
-    # ls -ld $(egrep &#39;:[0-9]{4}&#39; &#x2F;etc&#x2F;passwd | cut -d: -f6)
-    -rwxr-x--- 1 smithj users  18 Mar  5 17:06 &#x2F;home&#x2F;smithj
+    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)
+    -rwxr-x--- 1 smithj users  18 Mar  5 17:06 /home/smithj
 
-    If home directories referenced in &quot;&#x2F;etc&#x2F;passwd&quot; do not have a mode of
-&quot;0750&quot; or less permissive, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the mode of interactive user&#39;s home directories to &quot;0750&quot;. To
-change the mode of a local interactive user&#39;s home directory, use the following
+    If home directories referenced in "/etc/passwd" do not have a mode of
+"0750" or less permissive, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the mode of interactive user's home directories to "0750". To
+change the mode of a local interactive user's home directory, use the following
 command:
 
-    Note: The example will be for the user &quot;smithj&quot;.
-
-    # chmod 0750 &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fa96f99a-4bbc-415f-ab09-3fbc25104f86</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86815r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030840</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Note: The example will be for the user "smithj".
+
+    # chmod 0750 /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72017\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories have mode 0750 or less\npermissive.\"\n  desc  \"Excessive permissions on local interactive user home directories may\nallow unauthorized access to user files by other users.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users has a\nmode of \\\"0750\\\" or less permissive.\n\n    Check the home directory assignment for all non-privileged users on the\nsystem with the following command:\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    # ls -ld $(egrep ':[0-9]{4}' /etc/passwd | cut -d: -f6)\n    -rwxr-x--- 1 smithj users  18 Mar  5 17:06 /home/smithj\n\n    If home directories referenced in \\\"/etc/passwd\\\" do not have a mode of\n\\\"0750\\\" or less permissive, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the mode of interactive user's home directories to \\\"0750\\\". To\nchange the mode of a local interactive user's home directory, use the following\ncommand:\n\n    Note: The example will be for the user \\\"smithj\\\".\n\n    # chmod 0750 /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72017\"\n  tag rid: \"SV-86641r3_rule\"\n  tag stig_id: \"RHEL-07-020630\"\n  tag fix_id: \"F-78369r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -maxdepth 0 -perm /027\").stdout.split(\"\\n\")\n  end\n  describe \"Home directories with excessive permissions\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Home directories with excessive permissions is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86815r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030840</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the kmod command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the kmod command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;kmod&quot; command occur.
+successful/unsuccessful attempts to use the "kmod" command occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw kmod &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw kmod /etc/audit/audit.rules
 
-    -w &#x2F;usr&#x2F;bin&#x2F;kmod -p x -F auid!&#x3D;4294967295 -k module-change
+    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;kmod&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;usr&#x2F;bin&#x2F;kmod -p x -F auid!&#x3D;4294967295 -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>66c39a20-d412-4aa2-8181-d9dbdb9bb59f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;kmod&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;kmod&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71903</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86527r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010120</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "kmod" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72191\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe kmod command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"kmod\\\" command occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw kmod /etc/audit/audit.rules\n\n    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"kmod\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /usr/bin/kmod -p x -F auid!=4294967295 -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-72191\"\n  tag rid: \"SV-86815r5_rule\"\n  tag stig_id: \"RHEL-07-030840\"\n  tag fix_id: \"F-78545r10_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/kmod'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/kmod" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/kmod" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71903</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86527r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010120</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, the new
-password must contain at least one upper-case character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+password must contain at least one upper-case character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
@@ -27499,144 +26291,139 @@ and brute-force attacks.
     Password complexity is one factor of several that determines how long it
 takes to crack a password. The more complex the password, the greater the
 number of possible combinations that need to be tested before the password is
-compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: The value to require a number of upper-case characters to be set is
-expressed as a negative number in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot;.
+expressed as a negative number in "/etc/security/pwquality.conf".
 
-    Check the value for &quot;ucredit&quot; in &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with
+    Check the value for "ucredit" in "/etc/security/pwquality.conf" with
 the following command:
 
-    # grep ucredit &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    ucredit &#x3D; -1
+    # grep ucredit /etc/security/pwquality.conf
+    ucredit = -1
 
-    If the value of &quot;ucredit&quot; is not set to a negative value, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of "ucredit" is not set to a negative value, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to enforce password complexity by requiring
-that at least one upper-case character be used by setting the &quot;ucredit&quot;
+that at least one upper-case character be used by setting the "ucredit"
 option.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    ucredit &#x3D; -1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>01b1bcd1-b99b-4392-8b13-81e77108b058</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf ucredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81021</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95733r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    ucredit = -1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71903\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, the new\npassword must contain at least one upper-case character.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks.\n\n    Password complexity is one factor of several that determines how long it\ntakes to crack a password. The more complex the password, the greater the\nnumber of possible combinations that need to be tested before the password is\ncompromised.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Note: The value to require a number of upper-case characters to be set is\nexpressed as a negative number in \\\"/etc/security/pwquality.conf\\\".\n\n    Check the value for \\\"ucredit\\\" in \\\"/etc/security/pwquality.conf\\\" with\nthe following command:\n\n    # grep ucredit /etc/security/pwquality.conf\n    ucredit = -1\n\n    If the value of \\\"ucredit\\\" is not set to a negative value, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enforce password complexity by requiring\nthat at least one upper-case character be used by setting the \\\"ucredit\\\"\noption.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    ucredit = -1\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000069-GPOS-00037\"\n  tag gid: \"V-71903\"\n  tag rid: \"SV-86527r3_rule\"\n  tag stig_id: \"RHEL-07-010120\"\n  tag fix_id: \"F-78255r1_fix\"\n  tag cci: [\"CCI-000192\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('ucredit.to_i') { should cmp &lt; 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf ucredit.to_i is expected to cmp &lt; 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81021</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95733r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must label all
-off-loaded audit logs before sending them to the central log server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+off-loaded audit logs before sending them to the central log server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
@@ -27645,312 +26432,302 @@ storage capacity.
 
     When audit logs are not labeled before they are sent to a central log
 server, the audit data will not be able to be analyzed and tied back to the
-correct system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+correct system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the audisp daemon is configured to label all off-loaded audit logs:
 
-    # grep &quot;name_format&quot; &#x2F;etc&#x2F;audisp&#x2F;audispd.conf
+    # grep "name_format" /etc/audisp/audispd.conf
 
-    name_format &#x3D; hostname
+    name_format = hostname
 
-    If the &quot;name_format&quot; option is not &quot;hostname&quot;, &quot;fqd&quot;, or &quot;numeric&quot;,
-or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;audispd.conf file and add or update the
-&quot;name_format&quot; option:
+    If the "name_format" option is not "hostname", "fqd", or "numeric",
+or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/audispd.conf file and add or update the
+"name_format" option:
 
-    name_format &#x3D; hostname
+    name_format = hostname
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>077e854e-8399-49c5-b15b-4a675d0fa485</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;audisp&#x2F;audispd.conf name_format is expected to match &#x2F;^hostname$|^fqd$|^numeric$&#x2F;i</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72051</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86675r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81021\" do\n  title \"The Red Hat Enterprise Linux operating system must label all\noff-loaded audit logs before sending them to the central log server.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    When audit logs are not labeled before they are sent to a central log\nserver, the audit data will not be able to be analyzed and tied back to the\ncorrect system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the audisp daemon is configured to label all off-loaded audit logs:\n\n    # grep \\\"name_format\\\" /etc/audisp/audispd.conf\n\n    name_format = hostname\n\n    If the \\\"name_format\\\" option is not \\\"hostname\\\", \\\"fqd\\\", or \\\"numeric\\\",\nor the line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/audispd.conf file and add or update the\n\\\"name_format\\\" option:\n\n    name_format = hostname\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81021\"\n  tag rid: \"SV-95733r1_rule\"\n  tag stig_id: \"RHEL-07-030211\"\n  tag fix_id: \"F-87855r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  if file('/etc/audisp/audispd.conf').exist?\n    describe parse_config_file('/etc/audisp/audispd.conf') do\n      its('name_format') { should match %r{^hostname$|^fqd$|^numeric$}i }\n    end\n  else\n    describe \"File '/etc/audisp/audispd.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '/etc/audisp/audispd.conf' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/audisp/audispd.conf name_format is expected to match /^hostname$|^fqd$|^numeric$/i</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72051</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86675r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have cron logging
-implemented.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+implemented.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Cron logging can be used to trace the successful or unsuccessful
 execution of cron jobs. It can also be used to spot intrusions into the use of
-the cron facility by unauthorized and malicious users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that &quot;rsyslog&quot; is configured to log cron events.
-
-    Check the configuration of &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or
-&quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; files for the cron facility with the following
+the cron facility by unauthorized and malicious users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that "rsyslog" is configured to log cron events.
+
+    Check the configuration of "/etc/rsyslog.conf" or
+"/etc/rsyslog.d/*.conf" files for the cron facility with the following
 command:
 
     Note: If another logging package is used, substitute the utility
-configuration file for &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or &quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; files.
+configuration file for "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf" files.
 
-    # grep cron &#x2F;etc&#x2F;rsyslog.conf  &#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf
-    cron.* &#x2F;var&#x2F;log&#x2F;cron.log
+    # grep cron /etc/rsyslog.conf  /etc/rsyslog.d/*.conf
+    cron.* /var/log/cron.log
 
     If the command does not return a response, check for cron logging all
-facilities by inspecting the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or &quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot;
+facilities by inspecting the "/etc/rsyslog.conf" or "/etc/rsyslog.d/*.conf"
 files.
 
     Look for the following entry:
 
-    *.* &#x2F;var&#x2F;log&#x2F;messages
-
-    If &quot;rsyslog&quot; is not logging messages for the cron facility or all
-facilities, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure &quot;rsyslog&quot; to log all cron messages by adding or updating the
-following line to &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or a configuration file in the
-&#x2F;etc&#x2F;rsyslog.d&#x2F; directory:
-
-    cron.* &#x2F;var&#x2F;log&#x2F;cron.log</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a3ab2063-92ae-4d2d-9d66-c419e662a825</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep cron &#x2F;etc&#x2F;rsyslog.conf&#x60; stdout.strip is expected to match &#x2F;^cron&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72079</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000038-GPOS-00016</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86703r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    *.* /var/log/messages
+
+    If "rsyslog" is not logging messages for the cron facility or all
+facilities, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure "rsyslog" to log all cron messages by adding or updating the
+following line to "/etc/rsyslog.conf" or a configuration file in the
+/etc/rsyslog.d/ directory:
+
+    cron.* /var/log/cron.log</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72051\" do\n  title \"The Red Hat Enterprise Linux operating system must have cron logging\nimplemented.\"\n  desc  \"Cron logging can be used to trace the successful or unsuccessful\nexecution of cron jobs. It can also be used to spot intrusions into the use of\nthe cron facility by unauthorized and malicious users.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that \\\"rsyslog\\\" is configured to log cron events.\n\n    Check the configuration of \\\"/etc/rsyslog.conf\\\" or\n\\\"/etc/rsyslog.d/*.conf\\\" files for the cron facility with the following\ncommand:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \\\"/etc/rsyslog.conf\\\" or \\\"/etc/rsyslog.d/*.conf\\\" files.\n\n    # grep cron /etc/rsyslog.conf  /etc/rsyslog.d/*.conf\n    cron.* /var/log/cron.log\n\n    If the command does not return a response, check for cron logging all\nfacilities by inspecting the \\\"/etc/rsyslog.conf\\\" or \\\"/etc/rsyslog.d/*.conf\\\"\nfiles.\n\n    Look for the following entry:\n\n    *.* /var/log/messages\n\n    If \\\"rsyslog\\\" is not logging messages for the cron facility or all\nfacilities, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure \\\"rsyslog\\\" to log all cron messages by adding or updating the\nfollowing line to \\\"/etc/rsyslog.conf\\\" or a configuration file in the\n/etc/rsyslog.d/ directory:\n\n    cron.* /var/log/cron.log\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72051\"\n  tag rid: \"SV-86675r2_rule\"\n  tag stig_id: \"RHEL-07-021100\"\n  tag fix_id: \"F-78403r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  log_pkg_path = input('log_pkg_path')\n\n  describe.one do\n    describe command(\"grep cron #{log_pkg_path}\") do\n      its('stdout.strip') { should match %r{^cron} }\n    end\n    describe file(\"#{log_pkg_path}\") do\n      its('content') { should match %r{^\\*\\.\\* \\/var\\/log\\/messages\\n?$} }\n      its('content') { should_not match %r{^*.*\\s+~$.*^*\\.\\* \\/var\\/log\\/messages\\n?$}m }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep cron /etc/rsyslog.conf` stdout.strip is expected to match /^cron/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72079</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000038-GPOS-00016</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86703r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that auditing is configured to produce records containing information to
 establish what type of events occurred, where the events occurred, the source
 of the events, and the outcome of the events. These audit records must also
-identify individual identities of group account users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+identify individual identities of group account users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without establishing what type of events occurred, it would be
 difficult to establish, correlate, and investigate the events leading up to an
 outage or attack.
 
     Audit record content that may be necessary to satisfy this requirement
 includes, for example, time stamps, source and destination addresses,
-user&#x2F;process identifiers, event descriptions, success&#x2F;fail indications,
+user/process identifiers, event descriptions, success/fail indications,
 filenames involved, and access control or flow control rules invoked.
 
     Associating event types with detected events in the operating system audit
 logs provides a means of investigating an attack; recognizing resource
 utilization or capacity thresholds; or identifying an improperly configured
-operating system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+operating system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system produces audit records containing information
 to establish when (date and time) the events occurred.
 
@@ -27959,134 +26736,129 @@ to establish when (date and time) the events occurred.
     # systemctl is-active auditd.service
     active
 
-    If the &quot;auditd&quot; status is not active, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "auditd" status is not active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to produce audit records containing
 information to establish when (date and time) the events occurred.
 
     Enable the auditd service with the following command:
 
-    # systemctl start auditd.service</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ad387e6f-58a7-4510-9b41-047c84ea035b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000131</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service auditd is expected to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72219</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000096-GPOS-00050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86843r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl start auditd.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72079\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat auditing is configured to produce records containing information to\nestablish what type of events occurred, where the events occurred, the source\nof the events, and the outcome of the events. These audit records must also\nidentify individual identities of group account users.\"\n  desc  \"Without establishing what type of events occurred, it would be\ndifficult to establish, correlate, and investigate the events leading up to an\noutage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement\nincludes, for example, time stamps, source and destination addresses,\nuser/process identifiers, event descriptions, success/fail indications,\nfilenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the operating system audit\nlogs provides a means of investigating an attack; recognizing resource\nutilization or capacity thresholds; or identifying an improperly configured\noperating system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system produces audit records containing information\nto establish when (date and time) the events occurred.\n\n    Check to see if auditing is active by issuing the following command:\n\n    # systemctl is-active auditd.service\n    active\n\n    If the \\\"auditd\\\" status is not active, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to produce audit records containing\ninformation to establish when (date and time) the events occurred.\n\n    Enable the auditd service with the following command:\n\n    # systemctl start auditd.service\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000038-GPOS-00016\"\n  tag satisfies: [\"SRG-OS-000038-GPOS-00016\", \"SRG-OS-000039-GPOS-00017\",\n\"SRG-OS-000042-GPOS-00021\", \"SRG-OS-000254-GPOS-00095\",\n\"SRG-OS-000255-GPOS-00096\"]\n  tag gid: \"V-72079\"\n  tag rid: \"SV-86703r3_rule\"\n  tag stig_id: \"RHEL-07-030000\"\n  tag fix_id: \"F-78431r2_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000131\"]\n  tag nist: [\"AU-2 d\", \"AU-3\", \"Rev_4\"]\n\n  describe service('auditd') do\n    it { should be_running }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000131</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service auditd is expected to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72219</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000096-GPOS-00050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86843r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-prohibit or restrict the use of functions, ports, protocols, and&#x2F;or services,
+prohibit or restrict the use of functions, ports, protocols, and/or services,
 as defined in the Ports, Protocols, and Services Management Component Local
-Service Assessment (PPSM CLSA) and vulnerability assessments.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Service Assessment (PPSM CLSA) and vulnerability assessments.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>In order to prevent unauthorized connection of devices, unauthorized
 transfer of information, or unauthorized tunneling (i.e., embedding of data
 types within data types), organizations must disable or restrict unused or
-unnecessary physical and logical ports&#x2F;protocols on information systems.
+unnecessary physical and logical ports/protocols on information systems.
 
     Operating systems are capable of providing a wide variety of functions and
 services. Some of the functions and services provided by default may not be
@@ -28097,19 +26869,19 @@ services provided by any one component.
 
     To support the requirements and principles of least functionality, the
 operating system must support the organizational requirements, providing only
-essential capabilities and limiting the use of ports, protocols, and&#x2F;or
+essential capabilities and limiting the use of ports, protocols, and/or
 services to only those required, authorized, and approved to conduct official
-business or to address authorized quality of life issues.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+business or to address authorized quality of life issues.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Inspect the firewall configuration and running services to verify that it
 is configured to prohibit or restrict the use of functions, ports, protocols,
-and&#x2F;or services that are unnecessary or prohibited.
+and/or services that are unnecessary or prohibited.
 
     Check which services are currently active with the following command:
 
@@ -28129,130 +26901,123 @@ services allowed by the firewall match the PPSM CLSA.
 
     If there are additional ports, protocols, or services that are not in the
 PPSM CLSA, or there are ports, protocols, or services that are prohibited by
-the PPSM Category Assurance List (CAL), this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Update the host&#39;s firewall settings and&#x2F;or running services to
-comply with the PPSM CLSA for the site or program and the PPSM CAL.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f26e4312-56f0-44c0-8d70-b27f3942700b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000382</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002314</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Firewalld zones are not specified. Check &#39;firewalld_zones&#39; input. is expected to equal false
-
+the PPSM Category Assurance List (CAL), this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Update the host's firewall settings and/or running services to
+comply with the PPSM CLSA for the site or program and the PPSM CAL.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72219\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nprohibit or restrict the use of functions, ports, protocols, and/or services,\nas defined in the Ports, Protocols, and Services Management Component Local\nService Assessment (PPSM CLSA) and vulnerability assessments.\"\n  desc  \"In order to prevent unauthorized connection of devices, unauthorized\ntransfer of information, or unauthorized tunneling (i.e., embedding of data\ntypes within data types), organizations must disable or restrict unused or\nunnecessary physical and logical ports/protocols on information systems.\n\n    Operating systems are capable of providing a wide variety of functions and\nservices. Some of the functions and services provided by default may not be\nnecessary to support essential organizational operations. Additionally, it is\nsometimes convenient to provide multiple services from a single component\n(e.g., VPN and IPS); however, doing so increases risk over limiting the\nservices provided by any one component.\n\n    To support the requirements and principles of least functionality, the\noperating system must support the organizational requirements, providing only\nessential capabilities and limiting the use of ports, protocols, and/or\nservices to only those required, authorized, and approved to conduct official\nbusiness or to address authorized quality of life issues.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Inspect the firewall configuration and running services to verify that it\nis configured to prohibit or restrict the use of functions, ports, protocols,\nand/or services that are unnecessary or prohibited.\n\n    Check which services are currently active with the following command:\n\n    # firewall-cmd --list-all\n    public (default, active)\n      interfaces: enp0s3\n      sources:\n      services: dhcpv6-client dns http https ldaps rpc-bind ssh\n      ports:\n      masquerade: no\n      forward-ports:\n      icmp-blocks:\n      rich rules:\n\n    Ask the System Administrator for the site or program PPSM CLSA. Verify the\nservices allowed by the firewall match the PPSM CLSA.\n\n    If there are additional ports, protocols, or services that are not in the\nPPSM CLSA, or there are ports, protocols, or services that are prohibited by\nthe PPSM Category Assurance List (CAL), this is a finding.\n  \"\n  desc  \"fix\", \"Update the host's firewall settings and/or running services to\ncomply with the PPSM CLSA for the site or program and the PPSM CAL.\"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000096-GPOS-00050\"\n  tag satisfies: [\"SRG-OS-000096-GPOS-00050\", \"SRG-OS-000297-GPOS-00115\"]\n  tag gid: \"V-72219\"\n  tag rid: \"SV-86843r2_rule\"\n  tag stig_id: \"RHEL-07-040100\"\n  tag fix_id: \"F-78573r1_fix\"\n  tag cci: [\"CCI-000382\", \"CCI-002314\"]\n  tag nist: [\"CM-7 b\", \"AC-17 (1)\", \"Rev_4\"]\n\n  firewalld_services_deny = input('firewalld_services_deny')\n  firewalld_hosts_deny = input('firewalld_hosts_deny')\n  firewalld_ports_deny = input('firewalld_ports_deny')\n  firewalld_zones = input('firewalld_zones')\n  iptables_rules = input('iptables_rules')\n\n  if service('firewalld').running?\n\n    # Check that the rules specified in 'firewalld_host_deny' are not enabled\n    describe firewalld do\n      firewalld_hosts_deny.each do |rule|\n        it { should_not have_rule_enabled(rule) }\n      end\n    end\n\n    # Check to make sure zones are specified\n    if firewalld_zones.empty?\n      describe \"Firewalld zones are not specified. Check 'firewalld_zones' input.\" do\n        subject { firewalld_zones.empty? }\n        it { should be false }\n      end\n    end\n\n    # Check that the services specified in 'firewalld_services_deny' and\n    # ports specified in 'firewalld_ports_deny' are not enabled\n    firewalld_zones.each do |zone|\n      if firewalld.has_zone?(zone)\n        zone_services = firewalld_services_deny[\"public\"]\n        zone_ports = firewalld_ports_deny[zone]\n\n        if !zone_services.nil?\n          describe firewalld do\n            zone_services.each do |serv|\n              it { should_not have_service_enabled_in_zone(serv,zone) }\n            end\n          end\n        else\n          describe \"Services for zone '#{zone}' are not specified. Check 'firewalld_services_deny' input.\" do\n            subject { zone_services.nil? }\n            it { should be false }\n          end\n        end\n\n        if !zone_ports.nil?\n          describe firewalld do\n            zone_ports.each do |port|\n              it { should_not have_port_enabled_in_zone(port,zone) }\n            end\n          end\n        else\n          describe \"Ports for zone '#{zone}' are not specified. Check 'firewalld_ports_deny' input.\" do\n            subject { zone_ports.nil? }\n            it { should be false }\n          end\n        end\n      else\n        describe \"Firewalld zone '#{zone}' exists\" do\n          subject { firewalld.has_zone?(zone) }\n          it { should be true }\n        end\n      end\n    end\n  elsif service('iptables').running?\n    describe iptables do\n      iptables_rules.each do |rule|\n        it { should have_rule(rule) }\n      end\n    end\n  else\n    describe \"No application firewall is installed\" do\n      subject { service('firewalld').running? || service('iptables').running? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000382</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002314</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Firewalld zones are not specified. Check 'firewalld_zones' input. is expected to equal false :: MESSAGE 
 expected false
-     got true
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86859r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+     got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-GPOS-00187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86859r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all networked systems use SSH for confidentiality and integrity of
 transmitted and received information as well as information during preparation
-for transmission.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+for transmission.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without protection of the transmitted information, confidentiality and
 integrity may be compromised because unprotected communications can be
 intercepted and either read or altered.
@@ -28268,1048 +27033,1008 @@ interception and modification.
 can be accomplished by physical means (e.g., employing physical distribution
 systems) or by logical means (e.g., employing cryptographic techniques). If
 physical means of protection are employed, then logical means (cryptography) do
-not have to be employed, and vice versa.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+not have to be employed, and vice versa.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify SSH is loaded and active with the following command:
 
     # systemctl status sshd
     sshd.service - OpenSSH server daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;sshd.service; enabled)
+    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
     Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days
 ago
     Main PID: 1348 (sshd)
-    CGroup: &#x2F;system.slice&#x2F;sshd.service
-    1053 &#x2F;usr&#x2F;sbin&#x2F;sshd -D
-
-    If &quot;sshd&quot; does not show a status of &quot;active&quot; and &quot;running&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    CGroup: /system.slice/sshd.service
+    1053 /usr/sbin/sshd -D
+
+    If "sshd" does not show a status of "active" and "running", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH service to automatically start after reboot with the
 following command:
 
-    # systemctl enable sshd.service</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>45416e2d-8daa-41ac-92c9-8625c1f40e9e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service sshd.service is expected to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86903r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040550</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl enable sshd.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72235\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all networked systems use SSH for confidentiality and integrity of\ntransmitted and received information as well as information during preparation\nfor transmission.\"\n  desc  \"Without protection of the transmitted information, confidentiality and\nintegrity may be compromised because unprotected communications can be\nintercepted and either read or altered.\n\n    This requirement applies to both internal and external networks and all\ntypes of information system components from which information can be\ntransmitted (e.g., servers, mobile devices, notebook computers, printers,\ncopiers, scanners, and facsimile machines). Communication paths outside the\nphysical protection of a controlled boundary are exposed to the possibility of\ninterception and modification.\n\n    Protecting the confidentiality and integrity of organizational information\ncan be accomplished by physical means (e.g., employing physical distribution\nsystems) or by logical means (e.g., employing cryptographic techniques). If\nphysical means of protection are employed, then logical means (cryptography) do\nnot have to be employed, and vice versa.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify SSH is loaded and active with the following command:\n\n    # systemctl status sshd\n    sshd.service - OpenSSH server daemon\n    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)\n    Active: active (running) since Tue 2015-11-17 15:17:22 EST; 4 weeks 0 days\nago\n    Main PID: 1348 (sshd)\n    CGroup: /system.slice/sshd.service\n    1053 /usr/sbin/sshd -D\n\n    If \\\"sshd\\\" does not show a status of \\\"active\\\" and \\\"running\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH service to automatically start after reboot with the\nfollowing command:\n\n    # systemctl enable sshd.service\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000423-GPOS-00187\"\n  tag satisfies: [\"SRG-OS-000423-GPOS-00187\", \"SRG-OS-000423-GPOS-00188\",\n\"SRG-OS-000423-GPOS-00189\", \"SRG-OS-000423-GPOS-00190\"]\n  tag gid: \"V-72235\"\n  tag rid: \"SV-86859r3_rule\"\n  tag stig_id: \"RHEL-07-040310\"\n  tag fix_id: \"F-78589r2_fix\"\n  tag cci: [\"CCI-002418\", \"CCI-002420\", \"CCI-002421\", \"CCI-002422\"]\n  tag nist: [\"SC-8\", \"SC-8 (2)\", \"SC-8 (1)\", \"SC-8 (2)\", \"Rev_4\"]\n\n  describe systemd_service('sshd.service') do\n    it { should be_running }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service sshd.service is expected to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72279</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86903r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040550</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not contain
-shosts.equiv files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+shosts.equiv files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The shosts.equiv files are used to configure host-based authentication
 for the system via SSH. Host-based authentication is not sufficient for
 preventing unauthorized access to the system, as it does not require
 interactive identification and authentication of a connection request, or for
-the use of two-factor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify there are no &quot;shosts.equiv&quot; files on the system.
+the use of two-factor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify there are no "shosts.equiv" files on the system.
 
     Check the system for the existence of these files with the following
 command:
 
-    # find &#x2F; -name shosts.equiv
-
-    If any &quot;shosts.equiv&quot; files are found on the system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Remove any found &quot;shosts.equiv&quot; files from the system.
-
-# rm &#x2F;[path]&#x2F;[to]&#x2F;[file]&#x2F;shosts.equiv</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b0346ce3-5877-4be3-a0e3-37d5eeeb99c9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -name shosts.equiv&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86769r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # find / -name shosts.equiv
+
+    If any "shosts.equiv" files are found on the system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove any found "shosts.equiv" files from the system.
+
+# rm /[path]/[to]/[file]/shosts.equiv</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72279\" do\n  title \"The Red Hat Enterprise Linux operating system must not contain\nshosts.equiv files.\"\n  desc  \"The shosts.equiv files are used to configure host-based authentication\nfor the system via SSH. Host-based authentication is not sufficient for\npreventing unauthorized access to the system, as it does not require\ninteractive identification and authentication of a connection request, or for\nthe use of two-factor authentication.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify there are no \\\"shosts.equiv\\\" files on the system.\n\n    Check the system for the existence of these files with the following\ncommand:\n\n    # find / -name shosts.equiv\n\n    If any \\\"shosts.equiv\\\" files are found on the system, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Remove any found \\\"shosts.equiv\\\" files from the system.\n\n    # rm /[path]/[to]/[file]/shosts.equiv\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72279\"\n  tag rid: \"SV-86903r2_rule\"\n  tag stig_id: \"RHEL-07-040550\"\n  tag fix_id: \"F-78633r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe command('find / -xautofs -name shosts.equiv') do\n    its('stdout.strip') { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -name shosts.equiv` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86769r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
-records for all unsuccessful account access events.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+records for all unsuccessful account access events.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when unsuccessful
 account access events occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 commands:
 
-    # grep -i &#x2F;var&#x2F;run&#x2F;faillock &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /var/run/faillock /etc/audit/audit.rules
 
-    -w &#x2F;var&#x2F;run&#x2F;faillock -p wa -k logins
+    -w /var/run/faillock -p wa -k logins
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when unsuccessful
 account access events occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;var&#x2F;run&#x2F;faillock -p wa -k logins
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>28c43946-af01-4586-a3eb-71631dc7c8e2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;run&#x2F;faillock&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;var&#x2F;run&#x2F;faillock&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-94843</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-104673r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /var/run/faillock -p wa -k logins
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72145\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all unsuccessful account access events.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when unsuccessful\naccount access events occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommands:\n\n    # grep -i /var/run/faillock /etc/audit/audit.rules\n\n    -w /var/run/faillock -p wa -k logins\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when unsuccessful\naccount access events occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /var/run/faillock -p wa -k logins\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000470-GPOS-00214\",\n\"SRG-OS-000473-GPOS-00218\"]\n  tag gid: \"V-72145\"\n  tag rid: \"SV-86769r4_rule\"\n  tag stig_id: \"RHEL-07-030610\"\n  tag fix_id: \"F-78497r4_fix\"\n  tag cci: [\"CCI-000126\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-2 d\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/var/run/faillock'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000126</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/var/run/faillock" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/var/run/faillock" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-94843</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-104673r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the x86 Ctrl-Alt-Delete key sequence is disabled in the GUI.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the x86 Ctrl-Alt-Delete key sequence is disabled in the GUI.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A locally logged-on user who presses Ctrl-Alt-Delete, when at the
 console, can reboot the system. If accidentally pressed, as could happen in the
 case of a mixed OS environment, this can create the risk of short-term loss of
 availability of systems due to unintentional reboot. In the GNOME graphical
 environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is
-reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+reduced because the user will be prompted before any action is taken.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system is not configured to reboot the system when
 Ctrl-Alt-Delete is pressed.
 
     Check that the ctrl-alt-del.target is masked and not active in the GUI with
 the following command:
 
-    # grep logout &#x2F;etc&#x2F;dconf&#x2F;local.d&#x2F;*
+    # grep logout /etc/dconf/local.d/*
 
-    logout&#x3D;&#39;&#39;
+    logout=''
 
-    If &quot;logout&quot; is not set to use two single quotations, or is missing, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "logout" is not set to use two single quotations, or is missing, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to disable the Ctrl-Alt-Delete sequence for the GUI
 with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-disable-CAD
+    # touch /etc/dconf/db/local.d/00-disable-CAD
 
     Add the setting to disable the Ctrl-Alt-Delete sequence for GNOME:
 
-    [org&#x2F;gnome&#x2F;settings-daemon&#x2F;plugins&#x2F;media-keys]
-    logout&#x3D;&#39;&#39;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>17f6c8a5-979f-46e9-8652-e5f1bae27d67</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72249</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86873r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040380</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    [org/gnome/settings-daemon/plugins/media-keys]
+    logout=''</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-94843\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the x86 Ctrl-Alt-Delete key sequence is disabled in the GUI.\"\n  desc  \"A locally logged-on user who presses Ctrl-Alt-Delete, when at the\nconsole, can reboot the system. If accidentally pressed, as could happen in the\ncase of a mixed OS environment, this can create the risk of short-term loss of\navailability of systems due to unintentional reboot. In the GNOME graphical\nenvironment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is\nreduced because the user will be prompted before any action is taken.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system is not configured to reboot the system when\nCtrl-Alt-Delete is pressed.\n\n    Check that the ctrl-alt-del.target is masked and not active in the GUI with\nthe following command:\n\n    # grep logout /etc/dconf/local.d/*\n\n    logout=''\n\n    If \\\"logout\\\" is not set to use two single quotations, or is missing, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to disable the Ctrl-Alt-Delete sequence for the GUI\nwith the following command:\n\n    # touch /etc/dconf/db/local.d/00-disable-CAD\n\n    Add the setting to disable the Ctrl-Alt-Delete sequence for GNOME:\n\n    [org/gnome/settings-daemon/plugins/media-keys]\n    logout=''\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-94843\"\n  tag rid: \"SV-104673r1_rule\"\n  tag stig_id: \"RHEL-07-020231\"\n  tag fix_id: \"F-100967r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  unless package('gnome-settings-daemon').installed?\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  else \n    describe command(\"gsettings get org.gnome.settings-daemon.media-keys logout\") do\n      its('stdout.strip') { should cmp \"''\" }\n    end \n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72249</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86873r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040380</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon does not allow authentication using known hosts
-authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not allow authentication using known hosts
 authentication.
 
-    To determine how the SSH daemon&#39;s &quot;IgnoreUserKnownHosts&quot; option is set,
+    To determine how the SSH daemon's "IgnoreUserKnownHosts" option is set,
 run the following command:
 
-    # grep -i IgnoreUserKnownHosts &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i IgnoreUserKnownHosts /etc/ssh/sshd_config
 
     IgnoreUserKnownHosts yes
 
-    If the value is returned as &quot;no&quot;, the returned line is commented out, or
-no output is returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is returned as "no", the returned line is commented out, or
+no output is returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the SSH daemon to not allow authentication using known hosts
 authentication.
 
-    Add the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;, or uncomment the line
-and set the value to &quot;yes&quot;:
+    Add the following line in "/etc/ssh/sshd_config", or uncomment the line
+and set the value to "yes":
 
     IgnoreUserKnownHosts yes
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>315ea05a-1f0d-4e8e-9701-40aef490c8ed</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration IgnoreUserKnownHosts is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73159</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87811r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010119</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72249\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using known hosts\nauthentication.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not allow authentication using known hosts\nauthentication.\n\n    To determine how the SSH daemon's \\\"IgnoreUserKnownHosts\\\" option is set,\nrun the following command:\n\n    # grep -i IgnoreUserKnownHosts /etc/ssh/sshd_config\n\n    IgnoreUserKnownHosts yes\n\n    If the value is returned as \\\"no\\\", the returned line is commented out, or\nno output is returned, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the SSH daemon to not allow authentication using known hosts\nauthentication.\n\n    Add the following line in \\\"/etc/ssh/sshd_config\\\", or uncomment the line\nand set the value to \\\"yes\\\":\n\n    IgnoreUserKnownHosts yes\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72249\"\n  tag rid: \"SV-86873r3_rule\"\n  tag stig_id: \"RHEL-07-040380\"\n  tag fix_id: \"F-78603r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('IgnoreUserKnownHosts') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration IgnoreUserKnownHosts is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73159</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-GPOS-00037</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87811r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010119</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that when passwords are changed or new passwords are established, pwquality
-must be used.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+must be used.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources
 required to compromise the password. Password complexity, or strength, is a
 measure of the effectiveness of a password in resisting attempts at guessing
-and brute-force attacks. &quot;pwquality&quot; enforces complex password construction
-configuration and has the ability to limit brute-force attacks on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the operating system uses &quot;pwquality&quot; to enforce the password
+and brute-force attacks. "pwquality" enforces complex password construction
+configuration and has the ability to limit brute-force attacks on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the operating system uses "pwquality" to enforce the password
 complexity rules.
 
-    Check for the use of &quot;pwquality&quot; with the following command:
+    Check for the use of "pwquality" with the following command:
 
-    # cat &#x2F;etc&#x2F;pam.d&#x2F;system-auth | grep pam_pwquality
+    # cat /etc/pam.d/system-auth | grep pam_pwquality
 
-    password required pam_pwquality.so retry&#x3D;3
+    password required pam_pwquality.so retry=3
 
     If the command does not return an uncommented line containing the value
-&quot;pam_pwquality.so&quot;, this is a finding.
-
-    If the value of &quot;retry&quot; is set to &quot;0&quot; or greater than &quot;3&quot;, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the operating system to use &quot;pwquality&quot; to enforce password
+"pam_pwquality.so", this is a finding.
+
+    If the value of "retry" is set to "0" or greater than "3", this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the operating system to use "pwquality" to enforce password
 complexity rules.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;pam.d&#x2F;system-auth&quot; (or modify the line to
+    Add the following line to "/etc/pam.d/system-auth" (or modify the line to
 have the required value):
 
-    password required pam_pwquality.so retry&#x3D;3
-
-    Note: The value of &quot;retry&quot; should be between &quot;1&quot; and &quot;3&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>de6b6d0e-c5c3-4337-8119-7a3d2baf67e5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include password (required|requisite) pam_pwquality.so
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &gt;&#x3D; 1
---------------------------------
-passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &lt;&#x3D; 3</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86681r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    password required pam_pwquality.so retry=3
+
+    Note: The value of "retry" should be between "1" and "3".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73159\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat when passwords are changed or new passwords are established, pwquality\nmust be used.\"\n  desc  \"Use of a complex password helps to increase the time and resources\nrequired to compromise the password. Password complexity, or strength, is a\nmeasure of the effectiveness of a password in resisting attempts at guessing\nand brute-force attacks. \\\"pwquality\\\" enforces complex password construction\nconfiguration and has the ability to limit brute-force attacks on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system uses \\\"pwquality\\\" to enforce the password\ncomplexity rules.\n\n    Check for the use of \\\"pwquality\\\" with the following command:\n\n    # cat /etc/pam.d/system-auth | grep pam_pwquality\n\n    password required pam_pwquality.so retry=3\n\n    If the command does not return an uncommented line containing the value\n\\\"pam_pwquality.so\\\", this is a finding.\n\n    If the value of \\\"retry\\\" is set to \\\"0\\\" or greater than \\\"3\\\", this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to use \\\"pwquality\\\" to enforce password\ncomplexity rules.\n\n    Add the following line to \\\"/etc/pam.d/system-auth\\\" (or modify the line to\nhave the required value):\n\n    password required pam_pwquality.so retry=3\n\n    Note: The value of \\\"retry\\\" should be between \\\"1\\\" and \\\"3\\\".\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000069-GPOS-00037\"\n  tag gid: \"V-73159\"\n  tag rid: \"SV-87811r4_rule\"\n  tag stig_id: \"RHEL-07-010119\"\n  tag fix_id: \"F-79605r5_fix\"\n  tag cci: [\"CCI-000192\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  max_retry = input('max_retry')\n\n  describe pam('/etc/pam.d/passwd') do\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so') }\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '&gt;=', 1) }\n    its('lines') { should match_pam_rule('password (required|requisite) pam_pwquality.so').all_with_integer_arg('retry', '&lt;=', max_retry) }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include password (required|requisite) pam_pwquality.so
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &gt;= 1
+--------------------------------
+passed :: TEST PAM Config[/etc/pam.d/passwd] lines is expected to include password (required|requisite) pam_pwquality.so, all with arg retry &lt;= 3</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86681r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must disable Kernel core
-dumps unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+dumps unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Kernel core dumps may contain the full contents of system memory at
 the time of the crash. Kernel core dumps may consume a considerable amount of
 disk space and may result in denial of service by exhausting the available
-space on the target file system partition.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+space on the target file system partition.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that kernel core dumps are disabled unless needed.
 
-    Check the status of the &quot;kdump&quot; service with the following command:
+    Check the status of the "kdump" service with the following command:
 
     # systemctl status kdump.service
     kdump.service - Crash recovery kernel arming
-       Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;kdump.service; enabled)
+       Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled)
        Active: active (exited) since Wed 2015-08-26 13:08:09 EDT; 43min ago
-     Main PID: 1130 (code&#x3D;exited, status&#x3D;0&#x2F;SUCCESS)
+     Main PID: 1130 (code=exited, status=0/SUCCESS)
     kernel arming.
 
-    If the &quot;kdump&quot; service is active, ask the System Administrator if the use
+    If the "kdump" service is active, ask the System Administrator if the use
 of the service is required and documented with the Information System Security
 Officer (ISSO).
 
-    If the service is active and is not documented, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If kernel core dumps are not required, disable the &quot;kdump&quot; service with
+    If the service is active and is not documented, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If kernel core dumps are not required, disable the "kdump" service with
 the following command:
 
     # systemctl disable kdump.service
 
-    If kernel core dumps are required, document the need with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b07e2ec8-8ced-438f-8d7f-14a2b64e438c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service kdump.service is expected not to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72089</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86713r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If kernel core dumps are required, document the need with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72057\" do\n  title \"The Red Hat Enterprise Linux operating system must disable Kernel core\ndumps unless needed.\"\n  desc  \"Kernel core dumps may contain the full contents of system memory at\nthe time of the crash. Kernel core dumps may consume a considerable amount of\ndisk space and may result in denial of service by exhausting the available\nspace on the target file system partition.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that kernel core dumps are disabled unless needed.\n\n    Check the status of the \\\"kdump\\\" service with the following command:\n\n    # systemctl status kdump.service\n    kdump.service - Crash recovery kernel arming\n       Loaded: loaded (/usr/lib/systemd/system/kdump.service; enabled)\n       Active: active (exited) since Wed 2015-08-26 13:08:09 EDT; 43min ago\n     Main PID: 1130 (code=exited, status=0/SUCCESS)\n    kernel arming.\n\n    If the \\\"kdump\\\" service is active, ask the System Administrator if the use\nof the service is required and documented with the Information System Security\nOfficer (ISSO).\n\n    If the service is active and is not documented, this is a finding.\n  \"\n  desc  \"fix\", \"\n    If kernel core dumps are not required, disable the \\\"kdump\\\" service with\nthe following command:\n\n    # systemctl disable kdump.service\n\n    If kernel core dumps are required, document the need with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72057\"\n  tag rid: \"SV-86681r2_rule\"\n  tag stig_id: \"RHEL-07-021300\"\n  tag fix_id: \"F-78409r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe systemd_service('kdump.service') do\n    it { should_not be_running }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service kdump.service is expected not to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72089</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000343-GPOS-00134</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86713r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate an action
 to notify the System Administrator (SA) and Information System Security Officer
 ISSO, at a minimum, when allocated audit record storage volume reaches 75% of
-the repository maximum audit record storage capacity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the repository maximum audit record storage capacity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If security personnel are not notified immediately when storage volume
 reaches 75 percent utilization, they are unable to plan for audit record
-storage capacity expansion.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+storage capacity expansion.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates an action to notify the SA and ISSO
 (at a minimum) when allocated audit record storage volume reaches 75 percent of
 the repository maximum audit record storage capacity.
@@ -29317,34 +28042,34 @@ the repository maximum audit record storage capacity.
     Check the system configuration to determine the partition the audit records
 are being written to with the following command:
 
-    # grep -iw log_file &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    log_file &#x3D; &#x2F;var&#x2F;log&#x2F;audit&#x2F;audit.log
+    # grep -iw log_file /etc/audit/auditd.conf
+    log_file = /var/log/audit/audit.log
 
     Check the size of the partition that audit records are written to (with the
-example being &quot;&#x2F;var&#x2F;log&#x2F;audit&#x2F;&quot;):
+example being "/var/log/audit/"):
 
-    # df -h &#x2F;var&#x2F;log&#x2F;audit&#x2F;
-    0.9G &#x2F;var&#x2F;log&#x2F;audit
+    # df -h /var/log/audit/
+    0.9G /var/log/audit
 
     If the audit records are not being written to a partition specifically
-created for audit records (in this example &quot;&#x2F;var&#x2F;log&#x2F;audit&quot; is a separate
+created for audit records (in this example "/var/log/audit" is a separate
 partition), determine the amount of space other files in the partition are
 currently occupying with the following command:
 
     # du -sh &lt;partition&gt;
-    1.8G &#x2F;var
+    1.8G /var
 
     Determine what the threshold is for the system to take action when 75
 percent of the repository maximum audit record storage capacity is reached:
 
-    # grep -iw space_left &#x2F;etc&#x2F;audit&#x2F;auditd.conf
-    space_left &#x3D; 225
+    # grep -iw space_left /etc/audit/auditd.conf
+    space_left = 225
 
-    If the value of the &quot;space_left&quot; keyword is not set to 25 percent of the
-total partition size, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value of the "space_left" keyword is not set to 25 percent of the
+total partition size, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate an action to notify the SA and
 ISSO (at a minimum) when allocated audit record storage volume reaches 75
 percent of the repository maximum audit record storage capacity.
@@ -29352,155 +28077,150 @@ percent of the repository maximum audit record storage capacity.
     Check the system configuration to determine the partition the audit records
 are being written to:
 
-    # grep -iw log_file &#x2F;etc&#x2F;audit&#x2F;auditd.conf
+    # grep -iw log_file /etc/audit/auditd.conf
 
     Determine the size of the partition that audit records are written to (with
-the example being &quot;&#x2F;var&#x2F;log&#x2F;audit&#x2F;&quot;):
-
-    # df -h &#x2F;var&#x2F;log&#x2F;audit&#x2F;
-
-    Set the value of the &quot;space_left&quot; keyword in &quot;&#x2F;etc&#x2F;audit&#x2F;auditd.conf&quot;
-to 25 percent of the partition size.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3c0d2a99-4a27-46a0-9c2b-40a149f6b6a7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Audit Daemon Config space_left.to_i is expected to be &gt;&#x3D; 7676</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72315</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86939r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040810</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+the example being "/var/log/audit/"):
+
+    # df -h /var/log/audit/
+
+    Set the value of the "space_left" keyword in "/etc/audit/auditd.conf"
+to 25 percent of the partition size.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72089\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate an action\nto notify the System Administrator (SA) and Information System Security Officer\nISSO, at a minimum, when allocated audit record storage volume reaches 75% of\nthe repository maximum audit record storage capacity.\"\n  desc  \"If security personnel are not notified immediately when storage volume\nreaches 75 percent utilization, they are unable to plan for audit record\nstorage capacity expansion.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates an action to notify the SA and ISSO\n(at a minimum) when allocated audit record storage volume reaches 75 percent of\nthe repository maximum audit record storage capacity.\n\n    Check the system configuration to determine the partition the audit records\nare being written to with the following command:\n\n    # grep -iw log_file /etc/audit/auditd.conf\n    log_file = /var/log/audit/audit.log\n\n    Check the size of the partition that audit records are written to (with the\nexample being \\\"/var/log/audit/\\\"):\n\n    # df -h /var/log/audit/\n    0.9G /var/log/audit\n\n    If the audit records are not being written to a partition specifically\ncreated for audit records (in this example \\\"/var/log/audit\\\" is a separate\npartition), determine the amount of space other files in the partition are\ncurrently occupying with the following command:\n\n    # du -sh &lt;partition&gt;\n    1.8G /var\n\n    Determine what the threshold is for the system to take action when 75\npercent of the repository maximum audit record storage capacity is reached:\n\n    # grep -iw space_left /etc/audit/auditd.conf\n    space_left = 225\n\n    If the value of the \\\"space_left\\\" keyword is not set to 25 percent of the\ntotal partition size, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate an action to notify the SA and\nISSO (at a minimum) when allocated audit record storage volume reaches 75\npercent of the repository maximum audit record storage capacity.\n\n    Check the system configuration to determine the partition the audit records\nare being written to:\n\n    # grep -iw log_file /etc/audit/auditd.conf\n\n    Determine the size of the partition that audit records are written to (with\nthe example being \\\"/var/log/audit/\\\"):\n\n    # df -h /var/log/audit/\n\n    Set the value of the \\\"space_left\\\" keyword in \\\"/etc/audit/auditd.conf\\\"\nto 25 percent of the partition size.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000343-GPOS-00134\"\n  tag gid: \"V-72089\"\n  tag rid: \"SV-86713r4_rule\"\n  tag stig_id: \"RHEL-07-030330\"\n  tag fix_id: \"F-78441r3_fix\"\n  tag cci: [\"CCI-001855\"]\n  tag nist: [\"AU-5 (1)\", \"Rev_4\"]\n\n  if((f = file(audit_log_dir = command(\"dirname #{auditd_conf.log_file}\").stdout.strip)).directory?)\n    # Fetch partition sizes in 1K blocks for consistency\n    partition_info = command(\"df -B 1K #{audit_log_dir}\").stdout.split(\"\\n\")\n    partition_sz_arr = partition_info.last.gsub(/\\s+/m, ' ').strip.split(\" \")\n\n    # Get partition size\n    partition_sz = partition_sz_arr[1]\n\n    # Convert to MB and get 25%\n    exp_space_left = partition_sz.to_i / 1024 / 4\n\n    describe auditd_conf do\n      its('space_left.to_i') { should be &gt;= exp_space_left }\n    end\n  else\n    describe f.directory? do\n     it { should be true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Audit Daemon Config space_left.to_i is expected to be &gt;= 7676</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72315</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86939r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040810</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system access control program
 must be configured to grant or deny system access to specific hosts and
-services.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+services.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the systems access control program is not configured with
 appropriate rules for allowing and denying access to system network resources,
-services may be accessible to unauthorized hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the &quot;firewalld&quot; package is not installed, ask the System Administrator
+services may be accessible to unauthorized hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the "firewalld" package is not installed, ask the System Administrator
 (SA) if another firewall application (such as iptables) is installed. If an
 application firewall is not installed, this is a finding.
 
-    Verify the system&#39;s access control program is configured to grant or deny
+    Verify the system's access control program is configured to grant or deny
 system access to specific hosts.
 
-    Check to see if &quot;firewalld&quot; is active with the following command:
+    Check to see if "firewalld" is active with the following command:
 
     # systemctl status firewalld
     firewalld.service - firewalld - dynamic firewall daemon
-    Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;firewalld.service; enabled)
+    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
     Active: active (running) since Sun 2014-04-20 14:06:46 BST; 30s ago
 
-    If &quot;firewalld&quot; is active, check to see if it is configured to grant or
+    If "firewalld" is active, check to see if it is configured to grant or
 deny access to specific hosts or services with the following commands:
 
     # firewall-cmd --get-default-zone
     public
 
-    # firewall-cmd --list-all --zone&#x3D;public
+    # firewall-cmd --list-all --zone=public
     public (active)
     target: default
     icmp-block-inversion: no
@@ -29513,282 +28233,272 @@ deny access to specific hosts or services with the following commands:
     forward-ports:
     icmp-blocks:
 
-    If &quot;firewalld&quot; is not active, determine whether &quot;tcpwrappers&quot; is being
-used by checking whether the &quot;hosts.allow&quot; and &quot;hosts.deny&quot; files are empty
+    If "firewalld" is not active, determine whether "tcpwrappers" is being
+used by checking whether the "hosts.allow" and "hosts.deny" files are empty
 with the following commands:
 
-    # ls -al &#x2F;etc&#x2F;hosts.allow
-    rw-r----- 1 root root 9 Aug 2 23:13 &#x2F;etc&#x2F;hosts.allow
+    # ls -al /etc/hosts.allow
+    rw-r----- 1 root root 9 Aug 2 23:13 /etc/hosts.allow
 
-    # ls -al &#x2F;etc&#x2F;hosts.deny
-    -rw-r----- 1 root root 9 Apr 9 2007 &#x2F;etc&#x2F;hosts.deny
+    # ls -al /etc/hosts.deny
+    -rw-r----- 1 root root 9 Apr 9 2007 /etc/hosts.deny
 
-    If &quot;firewalld&quot; and &quot;tcpwrappers&quot; are not installed, configured, and
+    If "firewalld" and "tcpwrappers" are not installed, configured, and
 active, ask the SA if another access control program (such as iptables) is
 installed and active. Ask the SA to show that the running configuration grants
 or denies access to specific hosts or services.
 
-    If &quot;firewalld&quot; is active and is not configured to grant access to
-specific hosts or &quot;tcpwrappers&quot; is not configured to grant or deny access to
-specific hosts, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If &quot;firewalld&quot; is installed and active on the system, configure rules for
+    If "firewalld" is active and is not configured to grant access to
+specific hosts or "tcpwrappers" is not configured to grant or deny access to
+specific hosts, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If "firewalld" is installed and active on the system, configure rules for
 allowing specific services and hosts.
 
-    If &quot;firewalld&quot; is not &quot;active&quot;, enable &quot;tcpwrappers&quot; by configuring
-&quot;&#x2F;etc&#x2F;hosts.allow&quot; and &quot;&#x2F;etc&#x2F;hosts.deny&quot; to allow or deny access to
-specific hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b6037e44-ca74-48b6-a3cd-84422935e4bb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Firewall Rules with services is expected to be in</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72311</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86935r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040750</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If "firewalld" is not "active", enable "tcpwrappers" by configuring
+"/etc/hosts.allow" and "/etc/hosts.deny" to allow or deny access to
+specific hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72315\" do\n  title \"The Red Hat Enterprise Linux operating system access control program\nmust be configured to grant or deny system access to specific hosts and\nservices.\"\n  desc  \"If the systems access control program is not configured with\nappropriate rules for allowing and denying access to system network resources,\nservices may be accessible to unauthorized hosts.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If the \\\"firewalld\\\" package is not installed, ask the System Administrator\n(SA) if another firewall application (such as iptables) is installed. If an\napplication firewall is not installed, this is a finding.\n\n    Verify the system's access control program is configured to grant or deny\nsystem access to specific hosts.\n\n    Check to see if \\\"firewalld\\\" is active with the following command:\n\n    # systemctl status firewalld\n    firewalld.service - firewalld - dynamic firewall daemon\n    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)\n    Active: active (running) since Sun 2014-04-20 14:06:46 BST; 30s ago\n\n    If \\\"firewalld\\\" is active, check to see if it is configured to grant or\ndeny access to specific hosts or services with the following commands:\n\n    # firewall-cmd --get-default-zone\n    public\n\n    # firewall-cmd --list-all --zone=public\n    public (active)\n    target: default\n    icmp-block-inversion: no\n    interfaces: eth0\n    sources:\n    services: mdns ssh\n    ports:\n    protocols:\n    masquerade: no\n    forward-ports:\n    icmp-blocks:\n\n    If \\\"firewalld\\\" is not active, determine whether \\\"tcpwrappers\\\" is being\nused by checking whether the \\\"hosts.allow\\\" and \\\"hosts.deny\\\" files are empty\nwith the following commands:\n\n    # ls -al /etc/hosts.allow\n    rw-r----- 1 root root 9 Aug 2 23:13 /etc/hosts.allow\n\n    # ls -al /etc/hosts.deny\n    -rw-r----- 1 root root 9 Apr 9 2007 /etc/hosts.deny\n\n    If \\\"firewalld\\\" and \\\"tcpwrappers\\\" are not installed, configured, and\nactive, ask the SA if another access control program (such as iptables) is\ninstalled and active. Ask the SA to show that the running configuration grants\nor denies access to specific hosts or services.\n\n    If \\\"firewalld\\\" is active and is not configured to grant access to\nspecific hosts or \\\"tcpwrappers\\\" is not configured to grant or deny access to\nspecific hosts, this is a finding.\n  \"\n  desc  \"fix\", \"\n    If \\\"firewalld\\\" is installed and active on the system, configure rules for\nallowing specific services and hosts.\n\n    If \\\"firewalld\\\" is not \\\"active\\\", enable \\\"tcpwrappers\\\" by configuring\n\\\"/etc/hosts.allow\\\" and \\\"/etc/hosts.deny\\\" to allow or deny access to\nspecific hosts.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72315\"\n  tag rid: \"SV-86939r3_rule\"\n  tag stig_id: \"RHEL-07-040810\"\n  tag fix_id: \"F-78669r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  firewalld_services = input('firewalld_services')\n  firewalld_hosts_allow = input('firewalld_hosts_allow')\n  firewalld_hosts_deny = input('firewalld_hosts_deny')\n  firewalld_ports_allow = input('firewalld_ports_allow')\n  firewalld_ports_deny = input('firewalld_ports_deny')\n  tcpwrappers_allow = input('tcpwrappers_allow')\n  tcpwrappers_deny = input('tcpwrappers_deny')\n  iptable_rules = input('iptables_rules')\n\n  if service('firewalld').running?\n    @default_zone = firewalld.default_zone\n\n    describe firewalld.where{ zone = @default_zone } do\n      its('services') { should be_in firewalld_services }\n    end\n\n    describe firewalld do\n      firewalld_hosts_allow.each do |rule|\n        it { should have_rule_enabled(rule) }\n      end\n      firewalld_hosts_deny.each do |rule|\n        it { should_not have_rule_enabled(rule) }\n      end\n      firewalld_ports_allow.each do |port|\n        it { should have_port_enabled_in_zone(port) }\n      end\n      firewalld_ports_deny.each do |port|\n        it { should_not have_port_enabled_in_zone(port) }\n      end\n    end\n  elsif service('iptables').running?\n    describe iptables do\n      iptable_rules.each do |rule|\n        it { should have_rule(rule) }\n      end\n    end\n  else\n    describe package('tcp_wrappers') do\n      it { should be_installed }\n    end\n    tcpwrappers_allow.each do |rule|\n      describe etc_hosts_allow.where { daemon == rule['daemon'] } do\n        its('client_list') { should be rule['client_list'] }\n        its('options') { should be rule['options'] }\n      end\n    end\n    tcpwrappers_deny.each do |rule|\n      describe etc_hosts_deny.where { daemon == rule['daemon'] } do\n        its('client_list') { should be rule['client_list'] }\n        its('options') { should be rule['options'] }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Firewall Rules with services is expected to be in</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72311</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86935r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040750</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the Network File System (NFS) is configured to use RPCSEC_GSS.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the Network File System (NFS) is configured to use RPCSEC_GSS.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>When an NFS server is configured to use RPCSEC_SYS, a selected userid
 and groupid are used to handle requests from the remote user. The userid and
 groupid could mistakenly or maliciously be set incorrectly. The RPCSEC_GSS
 method of authentication uses certificates on the server and client systems to
-more securely authenticate the remote mount request.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify &quot;AUTH_GSS&quot; is being used to authenticate NFS mounts.
+more securely authenticate the remote mount request.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify "AUTH_GSS" is being used to authenticate NFS mounts.
 
     To check if the system is importing an NFS file system, look for any
-entries in the &quot;&#x2F;etc&#x2F;fstab&quot; file that have a file system type of &quot;nfs&quot; with
+entries in the "/etc/fstab" file that have a file system type of "nfs" with
 the following command:
 
-    # cat &#x2F;etc&#x2F;fstab | grep nfs
-    192.168.21.5:&#x2F;mnt&#x2F;export &#x2F;data1 nfs4 rw,sync ,soft,sec&#x3D;krb5:krb5i:krb5p
+    # cat /etc/fstab | grep nfs
+    192.168.21.5:/mnt/export /data1 nfs4 rw,sync ,soft,sec=krb5:krb5i:krb5p
 
     If the system is mounting file systems via NFS and has the sec option
-without the &quot;krb5:krb5i:krb5p&quot; settings, the &quot;sec&quot; option has the &quot;sys&quot;
-setting, or the &quot;sec&quot; option is missing, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Update the &quot;&#x2F;etc&#x2F;fstab&quot; file so the option &quot;sec&quot; is defined for each
-NFS mounted file system and the &quot;sec&quot; option does not have the &quot;sys&quot;
+without the "krb5:krb5i:krb5p" settings, the "sec" option has the "sys"
+setting, or the "sec" option is missing, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Update the "/etc/fstab" file so the option "sec" is defined for each
+NFS mounted file system and the "sec" option does not have the "sys"
 setting.
 
-    Ensure the &quot;sec&quot; option is defined as &quot;krb5:krb5i:krb5p&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fbe6a409-abcc-4adc-9318-436c25654b32</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71975</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86599r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020040</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Ensure the "sec" option is defined as "krb5:krb5i:krb5p".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72311\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the Network File System (NFS) is configured to use RPCSEC_GSS.\"\n  desc  \"When an NFS server is configured to use RPCSEC_SYS, a selected userid\nand groupid are used to handle requests from the remote user. The userid and\ngroupid could mistakenly or maliciously be set incorrectly. The RPCSEC_GSS\nmethod of authentication uses certificates on the server and client systems to\nmore securely authenticate the remote mount request.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify \\\"AUTH_GSS\\\" is being used to authenticate NFS mounts.\n\n    To check if the system is importing an NFS file system, look for any\nentries in the \\\"/etc/fstab\\\" file that have a file system type of \\\"nfs\\\" with\nthe following command:\n\n    # cat /etc/fstab | grep nfs\n    192.168.21.5:/mnt/export /data1 nfs4 rw,sync ,soft,sec=krb5:krb5i:krb5p\n\n    If the system is mounting file systems via NFS and has the sec option\nwithout the \\\"krb5:krb5i:krb5p\\\" settings, the \\\"sec\\\" option has the \\\"sys\\\"\nsetting, or the \\\"sec\\\" option is missing, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Update the \\\"/etc/fstab\\\" file so the option \\\"sec\\\" is defined for each\nNFS mounted file system and the \\\"sec\\\" option does not have the \\\"sys\\\"\nsetting.\n\n    Ensure the \\\"sec\\\" option is defined as \\\"krb5:krb5i:krb5p\\\".\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72311\"\n  tag rid: \"SV-86935r4_rule\"\n  tag stig_id: \"RHEL-07-040750\"\n  tag fix_id: \"F-78665r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  nfs_systems = etc_fstab.nfs_file_systems.entries\n  if !nfs_systems.nil? and !nfs_systems.empty?\n    nfs_systems.each do |file_system|\n      describe file_system do\n        its ('mount_options') { should include 'sec=krb5:krb5i:krb5p' }\n      end\n    end\n  else\n    describe \"No NFS file systems were found.\" do\n      subject { nfs_systems.nil? or nfs_systems.empty? }\n      it { should eq true }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST No NFS file systems were found. is expected to eq true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71975</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000363-GPOS-00150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86599r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that designated personnel are notified if baseline configurations are changed
-in an unauthorized manner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+in an unauthorized manner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unauthorized changes to the baseline configuration could make the
 system vulnerable to various attacks or allow unauthorized access to the
 operating system. Changes to operating system configurations can have
@@ -29796,17 +28506,17 @@ unintended side effects, some of which may be relevant to security.
 
     Detecting such changes and providing an automated response can help avoid
 unintended, negative consequences that could ultimately affect the security
-state of the operating system. The operating system&#39;s Information Management
-Officer (IMO)&#x2F;Information System Security Officer (ISSO) and System
-Administrators (SAs) must be notified via email and&#x2F;or monitoring system trap
-when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+state of the operating system. The operating system's Information Management
+Officer (IMO)/Information System Security Officer (ISSO) and System
+Administrators (SAs) must be notified via email and/or monitoring system trap
+when there is an unauthorized modification of a configuration item.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system notifies designated personnel if baseline
 configurations are changed in an unauthorized manner.
 
@@ -29825,32 +28535,32 @@ performed on the system.
 executes AIDE to scan for changes to the system baseline. The commands used in
 the example will use a daily occurrence.
 
-    Check the cron directories for a &quot;crontab&quot; script file controlling the
+    Check the cron directories for a "crontab" script file controlling the
 execution of the file integrity application. For example, if AIDE is installed
 on the system, use the following command:
 
-    # ls -al &#x2F;etc&#x2F;cron.* | grep aide
+    # ls -al /etc/cron.* | grep aide
     -rwxr-xr-x 1 root root 32 Jul 1 2011 aide
 
-    # grep aide &#x2F;etc&#x2F;crontab &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root
-    &#x2F;etc&#x2F;crontab: 30 04 * * * &#x2F;root&#x2F;aide
-    &#x2F;var&#x2F;spool&#x2F;cron&#x2F;root: 30 04 * * * &#x2F;root&#x2F;aide
+    # grep aide /etc/crontab /var/spool/cron/root
+    /etc/crontab: 30 04 * * * /root/aide
+    /var/spool/cron/root: 30 04 * * * /root/aide
 
     AIDE does not have a configuration that will send a notification, so the
 cron job uses the mail application on the system to email the results of the
 file integrity run as in the following example:
 
-    # more &#x2F;etc&#x2F;cron.daily&#x2F;aide
-    #!&#x2F;bin&#x2F;bash
+    # more /etc/cron.daily/aide
+    #!/bin/bash
 
-    &#x2F;usr&#x2F;sbin&#x2F;aide --check | &#x2F;bin&#x2F;mail -s &quot;$HOSTNAME - Daily aide integrity
-check run&quot; root@sysname.mil
+    /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity
+check run" root@sysname.mil
 
     If the file integrity application does not notify designated personnel of
-changes, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+changes, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to notify designated personnel if baseline
 configurations are changed in an unauthorized manner. The AIDE tool can be
 configured to email designated personnel with the use of the cron system.
@@ -29858,140 +28568,134 @@ configured to email designated personnel with the use of the cron system.
     The following example output is generic. It will set cron to run AIDE daily
 and to send email at the completion of the analysis.
 
-    # more &#x2F;etc&#x2F;cron.daily&#x2F;aide
-
-    &#x2F;usr&#x2F;sbin&#x2F;aide --check | &#x2F;bin&#x2F;mail -s &quot;$HOSTNAME - Daily aide integrity
-check run&quot; root@sysname.mil</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4ae0ed42-8f8e-4fa2-a811-c074e5da57b3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-File &#x2F;etc&#x2F;cron.daily&#x2F;aide content is expected to match &#x2F;\&#x2F;bin\&#x2F;mail&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71983</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86607r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # more /etc/cron.daily/aide
+
+    /usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity
+check run" root@sysname.mil</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71975\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat designated personnel are notified if baseline configurations are changed\nin an unauthorized manner.\"\n  desc  \"Unauthorized changes to the baseline configuration could make the\nsystem vulnerable to various attacks or allow unauthorized access to the\noperating system. Changes to operating system configurations can have\nunintended side effects, some of which may be relevant to security.\n\n    Detecting such changes and providing an automated response can help avoid\nunintended, negative consequences that could ultimately affect the security\nstate of the operating system. The operating system's Information Management\nOfficer (IMO)/Information System Security Officer (ISSO) and System\nAdministrators (SAs) must be notified via email and/or monitoring system trap\nwhen there is an unauthorized modification of a configuration item.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system notifies designated personnel if baseline\nconfigurations are changed in an unauthorized manner.\n\n    Note: A file integrity tool other than Advanced Intrusion Detection\nEnvironment (AIDE) may be used, but the tool must be executed and notify\nspecified individuals via email or an alert.\n\n    Check to see if AIDE is installed on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the SA how file integrity checks are\nperformed on the system.\n\n    Check for the presence of a cron job running routinely on the system that\nexecutes AIDE to scan for changes to the system baseline. The commands used in\nthe example will use a daily occurrence.\n\n    Check the cron directories for a \\\"crontab\\\" script file controlling the\nexecution of the file integrity application. For example, if AIDE is installed\non the system, use the following command:\n\n    # ls -al /etc/cron.* | grep aide\n    -rwxr-xr-x 1 root root 32 Jul 1 2011 aide\n\n    # grep aide /etc/crontab /var/spool/cron/root\n    /etc/crontab: 30 04 * * * /root/aide\n    /var/spool/cron/root: 30 04 * * * /root/aide\n\n    AIDE does not have a configuration that will send a notification, so the\ncron job uses the mail application on the system to email the results of the\nfile integrity run as in the following example:\n\n    # more /etc/cron.daily/aide\n    #!/bin/bash\n\n    /usr/sbin/aide --check | /bin/mail -s \\\"$HOSTNAME - Daily aide integrity\ncheck run\\\" root@sysname.mil\n\n    If the file integrity application does not notify designated personnel of\nchanges, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to notify designated personnel if baseline\nconfigurations are changed in an unauthorized manner. The AIDE tool can be\nconfigured to email designated personnel with the use of the cron system.\n\n    The following example output is generic. It will set cron to run AIDE daily\nand to send email at the completion of the analysis.\n\n    # more /etc/cron.daily/aide\n\n    /usr/sbin/aide --check | /bin/mail -s \\\"$HOSTNAME - Daily aide integrity\ncheck run\\\" root@sysname.mil\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000363-GPOS-00150\"\n  tag gid: \"V-71975\"\n  tag rid: \"SV-86599r2_rule\"\n  tag stig_id: \"RHEL-07-020040\"\n  tag fix_id: \"F-78327r3_fix\"\n  tag cci: [\"CCI-001744\"]\n  tag nist: [\"CM-3 (5)\", \"Rev_4\"]\n\n  file_integrity_tool = input('file_integrity_tool')\n\n  describe package(file_integrity_tool) do\n    it { should be_installed }\n  end\n  describe.one do\n    describe file(\"/etc/cron.daily/#{file_integrity_tool}\") do\n      its('content') { should match %r{/bin/mail} }\n    end\n    describe file(\"/etc/cron.weekly/#{file_integrity_tool}\") do\n      its('content') { should match %r{/bin/mail} }\n    end\n    describe crontab('root').where { command =~ %r{#{file_integrity_tool}} } do\n      its('commands.flatten') { should include(match %r{/bin/mail}) }\n    end\n    if file(\"/etc/cron.d/#{file_integrity_tool}\").exist?\n      describe crontab(path: \"/etc/cron.d/#{file_integrity_tool}\") do\n        its('commands') { should include(match %r{/bin/mail}) }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST File /etc/cron.daily/aide content is expected to match /\/bin\/mail/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71983</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000114-GPOS-00059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86607r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-disable USB mass storage.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+disable USB mass storage.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>USB mass storage permits easy introduction of unknown devices, thereby
-facilitating malicious activity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+facilitating malicious activity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If there is an HBSS with a Device Control Module and a Data Loss Prevention
 mechanism, this requirement is not applicable.
 
     Verify the operating system disables the ability to load the USB Storage
 kernel module.
 
-    # grep -r usb-storage &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;&#x2F;bin&#x2F;true&quot; | grep -v
-&quot;^#&quot;
+    # grep -r usb-storage /etc/modprobe.d/* | grep -i "/bin/true" | grep -v
+"^#"
 
-    install usb-storage &#x2F;bin&#x2F;true
+    install usb-storage /bin/true
 
     If the command does not return any output, or the line is commented out,
 and use of USB Storage is not documented with the Information System Security
@@ -30002,612 +28706,589 @@ devices.
 
     Check to see if USB mass storage is disabled with the following command:
 
-    # grep usb-storage &#x2F;etc&#x2F;modprobe.d&#x2F;* | grep -i &quot;blacklist&quot; | grep -v
-&quot;^#&quot;
+    # grep usb-storage /etc/modprobe.d/* | grep -i "blacklist" | grep -v
+"^#"
     blacklist usb-storage
 
-    If the command does not return any output or the output is not &quot;blacklist
-usb-storage&quot;, and use of USB storage devices is not documented with the
+    If the command does not return any output or the output is not "blacklist
+usb-storage", and use of USB storage devices is not documented with the
 Information System Security Officer (ISSO) as an operational requirement, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable the ability to use the USB
 Storage kernel module.
 
-    Create a file under &quot;&#x2F;etc&#x2F;modprobe.d&quot; with the following command:
+    Create a file under "/etc/modprobe.d" with the following command:
 
-    # touch &#x2F;etc&#x2F;modprobe.d&#x2F;usb-storage.conf
+    # touch /etc/modprobe.d/usb-storage.conf
 
     Add the following line to the created file:
 
-    install usb-storage &#x2F;bin&#x2F;true
+    install usb-storage /bin/true
 
     Configure the operating system to disable the ability to use USB mass
 storage devices.
 
-    # vi &#x2F;etc&#x2F;modprobe.d&#x2F;blacklist.conf
+    # vi /etc/modprobe.d/blacklist.conf
 
     Add or update the line:
 
-    blacklist usb-storage</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7c8a7b3e-42c4-4e02-87b2-800c11d0b3ce</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Module usb_storage is expected not to be loaded
---------------------------------
-passed
-Kernel Module usb_storage is expected to be blacklisted</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86759r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030560</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    blacklist usb-storage</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71983\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\ndisable USB mass storage.\"\n  desc  \"USB mass storage permits easy introduction of unknown devices, thereby\nfacilitating malicious activity.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If there is an HBSS with a Device Control Module and a Data Loss Prevention\nmechanism, this requirement is not applicable.\n\n    Verify the operating system disables the ability to load the USB Storage\nkernel module.\n\n    # grep -r usb-storage /etc/modprobe.d/* | grep -i \\\"/bin/true\\\" | grep -v\n\\\"^#\\\"\n\n    install usb-storage /bin/true\n\n    If the command does not return any output, or the line is commented out,\nand use of USB Storage is not documented with the Information System Security\nOfficer (ISSO) as an operational requirement, this is a finding.\n\n    Verify the operating system disables the ability to use USB mass storage\ndevices.\n\n    Check to see if USB mass storage is disabled with the following command:\n\n    # grep usb-storage /etc/modprobe.d/* | grep -i \\\"blacklist\\\" | grep -v\n\\\"^#\\\"\n    blacklist usb-storage\n\n    If the command does not return any output or the output is not \\\"blacklist\nusb-storage\\\", and use of USB storage devices is not documented with the\nInformation System Security Officer (ISSO) as an operational requirement, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable the ability to use the USB\nStorage kernel module.\n\n    Create a file under \\\"/etc/modprobe.d\\\" with the following command:\n\n    # touch /etc/modprobe.d/usb-storage.conf\n\n    Add the following line to the created file:\n\n    install usb-storage /bin/true\n\n    Configure the operating system to disable the ability to use USB mass\nstorage devices.\n\n    # vi /etc/modprobe.d/blacklist.conf\n\n    Add or update the line:\n\n    blacklist usb-storage\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000114-GPOS-00059\"\n  tag satisfies: [\"SRG-OS-000114-GPOS-00059\", \"SRG-OS-000378-GPOS-00163\",\n\"SRG-OS-000480-GPOS-00227\"]\n  tag gid: \"V-71983\"\n  tag rid: \"SV-86607r4_rule\"\n  tag stig_id: \"RHEL-07-020100\"\n  tag fix_id: \"F-78335r4_fix\"\n  tag cci: [\"CCI-000366\", \"CCI-000778\", \"CCI-001958\"]\n  tag nist: [\"CM-6 b\", \"IA-3\", \"IA-3\", \"Rev_4\"]\n\n  describe kernel_module('usb_storage') do\n    it { should_not be_loaded }\n    it { should be_blacklisted }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000778</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001958</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Module usb_storage is expected not to be loaded
+--------------------------------
+passed :: TEST Kernel Module usb_storage is expected to be blacklisted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86759r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030560</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the semanage command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the semanage command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;semanage&quot; command occur.
+successful/unsuccessful attempts to use the "semanage" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;sbin&#x2F;semanage &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/sbin/semanage /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;semanage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;semanage&quot; command occur.
+successful/unsuccessful attempts to use the "semanage" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;semanage -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>46d09353-2b3d-41e4-a858-87cdff6bdbc1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;semanage&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;semanage&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72291</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86915r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040650</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72135\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe semanage command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"semanage\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/sbin/semanage /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"semanage\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/semanage -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72135\"\n  tag rid: \"SV-86759r4_rule\"\n  tag stig_id: \"RHEL-07-030560\"\n  tag fix_id: \"F-78487r5_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/semanage'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/semanage" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/semanage" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72291</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86915r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040650</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not allow
 interfaces to perform Internet Protocol version 4 (IPv4) Internet Control
-Message Protocol (ICMP) redirects by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Message Protocol (ICMP) redirects by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages contain
-information from the system&#39;s route table, possibly revealing portions of the
-network topology.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information from the system's route table, possibly revealing portions of the
+network topology.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not allow interfaces to perform IPv4 ICMP redirects
 by default.
 
-    # grep &#39;net.ipv4.conf.default.send_redirects&#39; &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.default.send_redirects' /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    If &quot;net.ipv4.conf.default.send_redirects&quot; is not configured in the
-&quot;&#x2F;etc&#x2F;sysctl.conf&quot; file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out
-or does not have a value of &quot;0&quot;, this is a finding.
+    If "net.ipv4.conf.default.send_redirects" is not configured in the
+"/etc/sysctl.conf" file or in the /etc/sysctl.d/ directory, is commented out
+or does not have a value of "0", this is a finding.
 
-    Check that the operating system implements the &quot;default send_redirects&quot;
+    Check that the operating system implements the "default send_redirects"
 variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.default.send_redirects&#39;
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.send_redirects'
 
-    net.ipv4.conf.default.send_redirects &#x3D; 0
+    net.ipv4.conf.default.send_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to not allow interfaces to perform IPv4 ICMP redirects
 by default.
 
     Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.default.send_redirects &#x3D; 0
+    net.ipv4.conf.default.send_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>051d822a-55df-4796-a763-0a97deb422aa</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.default.send_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86647r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020660</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72291\" do\n  title \"The Red Hat Enterprise Linux operating system must not allow\ninterfaces to perform Internet Protocol version 4 (IPv4) Internet Control\nMessage Protocol (ICMP) redirects by default.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages contain\ninformation from the system's route table, possibly revealing portions of the\nnetwork topology.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not allow interfaces to perform IPv4 ICMP redirects\nby default.\n\n    # grep 'net.ipv4.conf.default.send_redirects' /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    If \\\"net.ipv4.conf.default.send_redirects\\\" is not configured in the\n\\\"/etc/sysctl.conf\\\" file or in the /etc/sysctl.d/ directory, is commented out\nor does not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the \\\"default send_redirects\\\"\nvariables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.default.send_redirects'\n\n    net.ipv4.conf.default.send_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to not allow interfaces to perform IPv4 ICMP redirects\nby default.\n\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.default.send_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72291\"\n  tag rid: \"SV-86915r4_rule\"\n  tag stig_id: \"RHEL-07-040650\"\n  tag fix_id: \"F-78645r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.default.send_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.default.send_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86647r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020660</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all files and directories contained in local interactive user home
-directories are owned by the owner of the home directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directories are owned by the owner of the home directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If local interactive users do not own the files in their directories,
 unauthorized users may be able to access them. Additionally, if files are not
-owned by the user, this could be an indication of system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify all files and directories in a local interactive user&#39;s home
+owned by the user, this could be an indication of system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify all files and directories in a local interactive user's home
 directory are owned by the user.
 
-    Check the owner of all files and directories in a local interactive user&#39;s
+    Check the owner of all files and directories in a local interactive user's
 home directory with the following command:
 
-    Note: The example will be for the user &quot;smithj&quot;, who has a home directory
-of &quot;&#x2F;home&#x2F;smithj&quot;.
+    Note: The example will be for the user "smithj", who has a home directory
+of "/home/smithj".
 
-    # ls -lLR &#x2F;home&#x2F;smithj
+    # ls -lLR /home/smithj
     -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1
     -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2
     -rw-r--r-- 1 smithj smithj 231 Mar  5 17:06 file3
 
     If any files are found with an owner different than the home directory
-user, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the owner of a local interactive user&#39;s files and directories to
-that owner. To change the owner of a local interactive user&#39;s files and
+user, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the owner of a local interactive user's files and directories to
+that owner. To change the owner of a local interactive user's files and
 directories, use the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;.
-
-    # chown smithj &#x2F;home&#x2F;smithj&#x2F;&lt;file or directory&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>348ba8f2-0db0-49d5-9201-1c4da86002c8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Files and directories that are not owned by the user is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86861r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj".
+
+    # chown smithj /home/smithj/&lt;file or directory&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72023\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories contained in local interactive user home\ndirectories are owned by the owner of the home directory.\"\n  desc  \"If local interactive users do not own the files in their directories,\nunauthorized users may be able to access them. Additionally, if files are not\nowned by the user, this could be an indication of system compromise.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories in a local interactive user's home\ndirectory are owned by the user.\n\n    Check the owner of all files and directories in a local interactive user's\nhome directory with the following command:\n\n    Note: The example will be for the user \\\"smithj\\\", who has a home directory\nof \\\"/home/smithj\\\".\n\n    # ls -lLR /home/smithj\n    -rw-r--r-- 1 smithj smithj  18 Mar  5 17:06 file1\n    -rw-r--r-- 1 smithj smithj 193 Mar  5 17:06 file2\n    -rw-r--r-- 1 smithj smithj 231 Mar  5 17:06 file3\n\n    If any files are found with an owner different than the home directory\nuser, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the owner of a local interactive user's files and directories to\nthat owner. To change the owner of a local interactive user's files and\ndirectories, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\".\n\n    # chown smithj /home/smithj/&lt;file or directory&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72023\"\n  tag rid: \"SV-86647r2_rule\"\n  tag stig_id: \"RHEL-07-020660\"\n  tag fix_id: \"F-78375r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    findings = findings + command(\"find #{user_info.home} -xdev -xautofs -not -user #{user_info.username}\").stdout.split(\"\\n\")\n  end\n  describe \"Files and directories that are not owned by the user\" do\n    subject { findings.to_a }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Files and directories that are not owned by the user is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-GPOS-00072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86861r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all network connections associated with SSH traffic are terminated at the
 end of the session or after 10 minutes of inactivity, except to fulfill
-documented and validated mission requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+documented and validated mission requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Terminating an idle SSH session within a short time period reduces the
 window of opportunity for unauthorized personnel to take control of a
 management session enabled on the console or console port that has been left
@@ -30615,169 +29296,162 @@ unattended. In addition, quickly terminating an idle SSH session will also free
 up resources committed by the managed network element.
 
     Terminating network connections associated with communications sessions
-includes, for example, de-allocating associated TCP&#x2F;IP address&#x2F;port pairs at
+includes, for example, de-allocating associated TCP/IP address/port pairs at
 the operating system level and de-allocating networking assignments at the
 application level if multiple application sessions are using a single operating
 system-level network connection. This does not mean that the operating system
 terminates all sessions or network access; it only ends the inactive session
-and releases the resources associated with that session.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+and releases the resources associated with that session.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system automatically terminates a user session after
 inactivity time-outs have expired.
 
-    Check for the value of the &quot;ClientAliveInterval&quot; keyword with the
+    Check for the value of the "ClientAliveInterval" keyword with the
 following command:
 
-    # grep -iw clientaliveinterval &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -iw clientaliveinterval /etc/ssh/sshd_config
 
     ClientAliveInterval 600
 
-    If &quot;ClientAliveInterval&quot; is not configured, commented out, or has a value
-of &quot;0&quot;, this is a finding.
+    If "ClientAliveInterval" is not configured, commented out, or has a value
+of "0", this is a finding.
 
-    If &quot;ClientAliveInterval&quot; has a value that is greater than &quot;600&quot; and is
+    If "ClientAliveInterval" has a value that is greater than "600" and is
 not documented with the Information System Security Officer (ISSO) as an
-operational requirement, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+operational requirement, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to automatically terminate a user session
 after inactivity time-outs have expired or at shutdown.
 
     Add the following line (or modify the line to have the required value) to
-the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file (this file may be named differently or be in
+the "/etc/ssh/sshd_config" file (this file may be named differently or be in
 a different location if using a version of SSH that is provided by a
 third-party vendor):
 
     ClientAliveInterval 600
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>42dd65b5-d911-4178-bdb8-887fb4d81b9c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration ClientAliveInterval.to_i is expected to cmp &gt;&#x3D; 1
---------------------------------
-passed
-SSHD Configuration ClientAliveInterval.to_i is expected to cmp &lt;&#x3D; 600
---------------------------------
-passed
-SSHD Configuration ClientAliveInterval is expected not to eq nil</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71989</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86613r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable SELinux.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72237\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all network connections associated with SSH traffic are terminated at the\nend of the session or after 10 minutes of inactivity, except to fulfill\ndocumented and validated mission requirements.\"\n  desc  \"Terminating an idle SSH session within a short time period reduces the\nwindow of opportunity for unauthorized personnel to take control of a\nmanagement session enabled on the console or console port that has been left\nunattended. In addition, quickly terminating an idle SSH session will also free\nup resources committed by the managed network element.\n\n    Terminating network connections associated with communications sessions\nincludes, for example, de-allocating associated TCP/IP address/port pairs at\nthe operating system level and de-allocating networking assignments at the\napplication level if multiple application sessions are using a single operating\nsystem-level network connection. This does not mean that the operating system\nterminates all sessions or network access; it only ends the inactive session\nand releases the resources associated with that session.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system automatically terminates a user session after\ninactivity time-outs have expired.\n\n    Check for the value of the \\\"ClientAliveInterval\\\" keyword with the\nfollowing command:\n\n    # grep -iw clientaliveinterval /etc/ssh/sshd_config\n\n    ClientAliveInterval 600\n\n    If \\\"ClientAliveInterval\\\" is not configured, commented out, or has a value\nof \\\"0\\\", this is a finding.\n\n    If \\\"ClientAliveInterval\\\" has a value that is greater than \\\"600\\\" and is\nnot documented with the Information System Security Officer (ISSO) as an\noperational requirement, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to automatically terminate a user session\nafter inactivity time-outs have expired or at shutdown.\n\n    Add the following line (or modify the line to have the required value) to\nthe \\\"/etc/ssh/sshd_config\\\" file (this file may be named differently or be in\na different location if using a version of SSH that is provided by a\nthird-party vendor):\n\n    ClientAliveInterval 600\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000163-GPOS-00072\"\n  tag satisfies: [\"SRG-OS-000163-GPOS-00072\", \"SRG-OS-000279-GPOS-00109\"]\n  tag gid: \"V-72237\"\n  tag rid: \"SV-86861r4_rule\"\n  tag stig_id: \"RHEL-07-040320\"\n  tag fix_id: \"F-78591r2_fix\"\n  tag cci: [\"CCI-001133\", \"CCI-002361\"]\n  tag nist: [\"SC-10\", \"AC-12\", \"Rev_4\"]\n\n  client_alive_interval = input('client_alive_interval')\n\n  #This may show slightly confusing results when a ClientAliveInterValue is not\n  #specified. Specifically, because the value will be nil and when you try to\n  #convert it to an integer using to_i it will convert it to 0 and pass the\n  #&lt;= client_alive_interval check. However, the control as a whole will still fail.\n  describe sshd_config do\n    its(\"ClientAliveInterval.to_i\"){should cmp &gt;= 1}\n    its(\"ClientAliveInterval.to_i\"){should cmp &lt;= client_alive_interval}\n    its(\"ClientAliveInterval\"){should_not eq nil}\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration ClientAliveInterval.to_i is expected to cmp &gt;= 1
+--------------------------------
+passed :: TEST SSHD Configuration ClientAliveInterval.to_i is expected to cmp &lt;= 600
+--------------------------------
+passed :: TEST SSHD Configuration ClientAliveInterval is expected not to eq nil</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71989</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000445-GPOS-00199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86613r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable SELinux.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without verification of the security functions, security functions may
 not operate correctly and the failure may go unnoticed. Security function is
-defined as the hardware, software, and&#x2F;or firmware of the information system
+defined as the hardware, software, and/or firmware of the information system
 responsible for enforcing the system security policy and supporting the
 isolation of code and data on which the protection is based. Security
 functionality includes, but is not limited to, establishing system accounts,
@@ -30785,1431 +29459,1358 @@ configuring access authorizations (i.e., permissions, privileges), setting
 events to be audited, and setting intrusion detection parameters.
 
     This requirement applies to operating systems performing security function
-verification&#x2F;testing and&#x2F;or systems and environments that require this
-functionality.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+verification/testing and/or systems and environments that require this
+functionality.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an HBSS or HIPS is active on the system, this is Not Applicable.
 
     Verify the operating system verifies correct operation of all security
 functions.
 
-    Check if &quot;SELinux&quot; is active and in &quot;Enforcing&quot; mode with the following
+    Check if "SELinux" is active and in "Enforcing" mode with the following
 command:
 
     # getenforce
     Enforcing
 
-    If &quot;SELinux&quot; is not active and not in &quot;Enforcing&quot; mode, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "SELinux" is not active and not in "Enforcing" mode, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify correct operation of all security
 functions.
 
-    Set the &quot;SELinux&quot; status and the &quot;Enforcing&quot; mode by modifying the
-&quot;&#x2F;etc&#x2F;selinux&#x2F;config&quot; file to have the following line:
-
-    SELINUX&#x3D;enforcing
-
-    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>97d39031-5fe8-4f9f-b003-6991b40f09cc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;getenforce&#x60; stdout.strip is expected to eq &quot;Enforcing&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95727r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Set the "SELinux" status and the "Enforcing" mode by modifying the
+"/etc/selinux/config" file to have the following line:
+
+    SELINUX=enforcing
+
+    A reboot is required for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71989\" do\n  title \"The Red Hat Enterprise Linux operating system must enable SELinux.\"\n  desc  \"Without verification of the security functions, security functions may\nnot operate correctly and the failure may go unnoticed. Security function is\ndefined as the hardware, software, and/or firmware of the information system\nresponsible for enforcing the system security policy and supporting the\nisolation of code and data on which the protection is based. Security\nfunctionality includes, but is not limited to, establishing system accounts,\nconfiguring access authorizations (i.e., permissions, privileges), setting\nevents to be audited, and setting intrusion detection parameters.\n\n    This requirement applies to operating systems performing security function\nverification/testing and/or systems and environments that require this\nfunctionality.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If an HBSS or HIPS is active on the system, this is Not Applicable.\n\n    Verify the operating system verifies correct operation of all security\nfunctions.\n\n    Check if \\\"SELinux\\\" is active and in \\\"Enforcing\\\" mode with the following\ncommand:\n\n    # getenforce\n    Enforcing\n\n    If \\\"SELinux\\\" is not active and not in \\\"Enforcing\\\" mode, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify correct operation of all security\nfunctions.\n\n    Set the \\\"SELinux\\\" status and the \\\"Enforcing\\\" mode by modifying the\n\\\"/etc/selinux/config\\\" file to have the following line:\n\n    SELINUX=enforcing\n\n    A reboot is required for the changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000445-GPOS-00199\"\n  tag gid: \"V-71989\"\n  tag rid: \"SV-86613r3_rule\"\n  tag stig_id: \"RHEL-07-020210\"\n  tag fix_id: \"F-78341r2_fix\"\n  tag cci: [\"CCI-002165\", \"CCI-002696\"]\n  tag nist: [\"AC-3 (4)\", \"SI-6 a\", \"Rev_4\"]\n\n  describe command('getenforce') do\n    its('stdout.strip') { should eq 'Enforcing' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `getenforce` stdout.strip is expected to eq "Enforcing"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-GPOS-00133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95727r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured to
-use the au-remote plugin.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+use the au-remote plugin.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Information stored in one location is vulnerable to accidental or
 incidental deletion or alteration.
 
     Off-loading is a common process in information systems with limited audit
 storage capacity.
 
-    Without the configuration of the &quot;au-remote&quot; plugin, the audisp-remote
-daemon will not off-load the logs from the system being audited.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the &quot;au-remote&quot; plugin is active on the system:
-
-    # grep &quot;active&quot; &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf
-
-    active &#x3D; yes
-
-    If the &quot;active&quot; setting is not set to &quot;yes&quot;, or the line is commented
-out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Edit the &#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf file and change the value of
-&quot;active&quot; to &quot;yes&quot;.
+    Without the configuration of the "au-remote" plugin, the audisp-remote
+daemon will not off-load the logs from the system being audited.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the "au-remote" plugin is active on the system:
+
+    # grep "active" /etc/audisp/plugins.d/au-remote.conf
+
+    active = yes
+
+    If the "active" setting is not set to "yes", or the line is commented
+out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Edit the /etc/audisp/plugins.d/au-remote.conf file and change the value of
+"active" to "yes".
 
     The audit daemon must be restarted for changes to take effect:
 
-    # service auditd restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2efbb361-0752-4d96-ad7d-92cb69aace4b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This test cannot be checked in a automated fashion and you must check it manually
-File &#39;&#x2F;etc&#x2F;audisp&#x2F;plugins.d&#x2F;au-remote.conf&#39; cannot be found. This check must be performed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72003</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86627r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # service auditd restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81015\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured to\nuse the au-remote plugin.\"\n  desc  \"Information stored in one location is vulnerable to accidental or\nincidental deletion or alteration.\n\n    Off-loading is a common process in information systems with limited audit\nstorage capacity.\n\n    Without the configuration of the \\\"au-remote\\\" plugin, the audisp-remote\ndaemon will not off-load the logs from the system being audited.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the \\\"au-remote\\\" plugin is active on the system:\n\n    # grep \\\"active\\\" /etc/audisp/plugins.d/au-remote.conf\n\n    active = yes\n\n    If the \\\"active\\\" setting is not set to \\\"yes\\\", or the line is commented\nout, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Edit the /etc/audisp/plugins.d/au-remote.conf file and change the value of\n\\\"active\\\" to \\\"yes\\\".\n\n    The audit daemon must be restarted for changes to take effect:\n\n    # service auditd restart\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000342-GPOS-00133\"\n  tag satisfies: [\"SRG-OS-000342-GPOS-00133\", \"SRG-OS-000479-GPOS-00224\"]\n  tag gid: \"V-81015\"\n  tag rid: \"SV-95727r1_rule\"\n  tag stig_id: \"RHEL-07-030200\"\n  tag fix_id: \"F-87849r2_fix\"\n  tag cci: [\"CCI-001851\"]\n  tag nist: [\"AU-4 (1)\", \"Rev_4\"]\n\n  test_file = '/etc/audisp/plugins.d/au-remote.conf'\n\n  if file(test_file).exist?\n    describe parse_config_file(test_file) do\n      its('active') { should match %r{yes$} }\n    end\n  else\n    describe \"File '#{test_file}' cannot be found. This test cannot be checked in a automated fashion and you must check it manually\" do\n      skip \"File '#{test_file}' cannot be found. This check must be performed manually\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This test cannot be checked in a automated fashion and you must check it manually :: SKIP_MESSAGE File '/etc/audisp/plugins.d/au-remote.conf' cannot be found. This check must be performed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000104-GPOS-00051</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86627r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all Group Identifiers (GIDs) referenced in the &#x2F;etc&#x2F;passwd file are
-defined in the &#x2F;etc&#x2F;group file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all Group Identifiers (GIDs) referenced in the /etc/passwd file are
+defined in the /etc/group file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a user is assigned the GID of a group not existing on the system,
 and a group with the GID is subsequently created, the user may have unintended
-rights to any files associated with the group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify all GIDs referenced in the &quot;&#x2F;etc&#x2F;passwd&quot; file are defined in the
-&quot;&#x2F;etc&#x2F;group&quot; file.
+rights to any files associated with the group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify all GIDs referenced in the "/etc/passwd" file are defined in the
+"/etc/group" file.
 
     Check that all referenced GIDs exist with the following command:
 
     # pwck -r
 
-    If GIDs referenced in &quot;&#x2F;etc&#x2F;passwd&quot; file are returned as not defined in
-&quot;&#x2F;etc&#x2F;group&quot; file, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If GIDs referenced in "/etc/passwd" file are returned as not defined in
+"/etc/group" file, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to define all GIDs found in the
-&quot;&#x2F;etc&#x2F;passwd&quot; file by modifying the &quot;&#x2F;etc&#x2F;group&quot; file to add any
-non-existent group referenced in the &quot;&#x2F;etc&#x2F;passwd&quot; file, or change the GIDs
-referenced in the &quot;&#x2F;etc&#x2F;passwd&quot; file to a group that exists in
-&quot;&#x2F;etc&#x2F;group&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>40d5db8b-703a-4e85-934f-744a67b933a7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 1
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 2
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 4
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 7
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 12
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 0
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 99
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 192
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 81
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 998
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 74
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 89
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 995
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 1000
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 59
---------------------------------
-passed
-&#x2F;etc&#x2F;group gids is expected to include 993</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-92251</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-102353r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040611</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/passwd" file by modifying the "/etc/group" file to add any
+non-existent group referenced in the "/etc/passwd" file, or change the GIDs
+referenced in the "/etc/passwd" file to a group that exists in
+"/etc/group".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72003\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all Group Identifiers (GIDs) referenced in the /etc/passwd file are\ndefined in the /etc/group file.\"\n  desc  \"If a user is assigned the GID of a group not existing on the system,\nand a group with the GID is subsequently created, the user may have unintended\nrights to any files associated with the group.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all GIDs referenced in the \\\"/etc/passwd\\\" file are defined in the\n\\\"/etc/group\\\" file.\n\n    Check that all referenced GIDs exist with the following command:\n\n    # pwck -r\n\n    If GIDs referenced in \\\"/etc/passwd\\\" file are returned as not defined in\n\\\"/etc/group\\\" file, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system to define all GIDs found in the\n\\\"/etc/passwd\\\" file by modifying the \\\"/etc/group\\\" file to add any\nnon-existent group referenced in the \\\"/etc/passwd\\\" file, or change the GIDs\nreferenced in the \\\"/etc/passwd\\\" file to a group that exists in\n\\\"/etc/group\\\".\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000104-GPOS-00051\"\n  tag gid: \"V-72003\"\n  tag rid: \"SV-86627r2_rule\"\n  tag stig_id: \"RHEL-07-020300\"\n  tag fix_id: \"F-78355r1_fix\"\n  tag cci: [\"CCI-000764\"]\n  tag nist: [\"IA-2\", \"Rev_4\"]\n\n  passwd.gids.each do |gid|\n    describe etc_group do\n      its('gids') { should include gid.to_i }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 1
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 2
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 4
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 7
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 12
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 0
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 99
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 192
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 81
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 998
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 74
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 89
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 995
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 1000
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 59
+--------------------------------
+passed :: TEST /etc/group gids is expected to include 993</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-92251</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-102353r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040611</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a reverse-path
-filter for IPv4 network traffic when possible on all interfaces.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+filter for IPv4 network traffic when possible on all interfaces.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enabling reverse path filtering drops packets with source addresses
 that should not have been able to be received on the interface they were
 received on. It should not be used on systems which are routers for complicated
-networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+networks, but is helpful for end hosts and routers serving small networks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system uses a reverse-path filter for IPv4:
 
-    # grep net.ipv4.conf.all.rp_filter &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
-    net.ipv4.conf.all.rp_filter &#x3D; 1
+    # grep net.ipv4.conf.all.rp_filter /etc/sysctl.conf /etc/sysctl.d/*
+    net.ipv4.conf.all.rp_filter = 1
 
-    If &quot;net.ipv4.conf.all.rp_filter&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;1&quot;, this is a finding.
+    If "net.ipv4.conf.all.rp_filter" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "1", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.all.rp_filter
-    net.ipv4.conf.all.rp_filter &#x3D; 1
+    # /sbin/sysctl -a | grep net.ipv4.conf.all.rp_filter
+    net.ipv4.conf.all.rp_filter = 1
 
-    If the returned line does not have a value of &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.rp_filter &#x3D; 1
+    net.ipv4.conf.all.rp_filter = 1
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>354c1e5e-8a78-4bd9-b395-f39111132bc6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.rp_filter value is expected to eq 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86813r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030830</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-92251\" do\n  title \"The Red Hat Enterprise Linux operating system must use a reverse-path\nfilter for IPv4 network traffic when possible on all interfaces.\"\n  desc  \"Enabling reverse path filtering drops packets with source addresses\nthat should not have been able to be received on the interface they were\nreceived on. It should not be used on systems which are routers for complicated\nnetworks, but is helpful for end hosts and routers serving small networks.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system uses a reverse-path filter for IPv4:\n\n    # grep net.ipv4.conf.all.rp_filter /etc/sysctl.conf /etc/sysctl.d/*\n    net.ipv4.conf.all.rp_filter = 1\n\n    If \\\"net.ipv4.conf.all.rp_filter\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"1\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.all.rp_filter\n    net.ipv4.conf.all.rp_filter = 1\n\n    If the returned line does not have a value of \\\"1\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.rp_filter = 1\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-92251\"\n  tag rid: \"SV-102353r1_rule\"\n  tag stig_id: \"RHEL-07-040611\"\n  tag fix_id: \"F-98473r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.rp_filter') do\n    its('value') { should eq 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.rp_filter value is expected to eq 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000471-GPOS-00216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86813r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030830</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the delete_module syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the delete_module syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;delete_module&quot; syscall occur.
+successful/unsuccessful attempts to use the "delete_module" syscall occur.
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw delete_module &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw delete_module /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S delete_module -k module-change
+    -a always,exit -F arch=b32 -S delete_module -k module-change
 
-    -a always,exit -F arch&#x3D;b64 -S delete_module -k module-change
+    -a always,exit -F arch=b64 -S delete_module -k module-change
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;delete_module&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"delete_module" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;delete_module&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S delete_module -k module-change
-
-    -a always,exit -F arch&#x3D;b64 -S delete_module -k module-change
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>eb43ddd7-0c0a-476f-8913-2446c0b67214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;delete_module&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73175</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87827r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040641</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "delete_module" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S delete_module -k module-change
+
+    -a always,exit -F arch=b64 -S delete_module -k module-change
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72189\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe delete_module syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"delete_module\\\" syscall occur.\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw delete_module /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S delete_module -k module-change\n\n    -a always,exit -F arch=b64 -S delete_module -k module-change\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"delete_module\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"delete_module\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S delete_module -k module-change\n\n    -a always,exit -F arch=b64 -S delete_module -k module-change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000471-GPOS-00216\"\n  tag satisfies: [\"SRG-OS-000471-GPOS-00216\", \"SRG-OS-000477-GPOS-00222\"]\n  tag gid: \"V-72189\"\n  tag rid: \"SV-86813r5_rule\"\n  tag stig_id: \"RHEL-07-030830\"\n  tag fix_id: \"F-78543r7_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"delete_module\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"delete_module\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "delete_module" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73175</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87827r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040641</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must ignore Internet
 Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect
-messages.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+messages.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages modify the
-host&#39;s route table and are unauthenticated. An illicit ICMP redirect message
-could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+host's route table and are unauthenticated. An illicit ICMP redirect message
+could result in a man-in-the-middle attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system ignores IPv4 ICMP redirect messages.
 
-    # grep &#39;net.ipv4.conf.all.accept_redirects&#39; &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.all.accept_redirects' /etc/sysctl.conf /etc/sysctl.d/*
 
-    If &quot; net.ipv4.conf.all.accept_redirects &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.all.accept_redirects " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
-    Check that the operating system implements the &quot;accept_redirects&quot;
+    Check that the operating system implements the "accept_redirects"
 variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.all.accept_redirects&#39;
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.accept_redirects'
 
-    net.ipv4.conf.all.accept_redirects &#x3D; 0
+    net.ipv4.conf.all.accept_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to ignore IPv4 ICMP redirect messages by adding the
-following line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the
-&#x2F;etc&#x2F;sysctl.d&#x2F; directory (or modify the line to have the required value):
+following line to "/etc/sysctl.conf" or a configuration file in the
+/etc/sysctl.d/ directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.accept_redirects &#x3D; 0
+    net.ipv4.conf.all.accept_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0214b26a-eafa-4016-892d-30e4dc843f3d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.accept_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72261</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86885r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73175\" do\n  title \"The Red Hat Enterprise Linux operating system must ignore Internet\nProtocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect\nmessages.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages modify the\nhost's route table and are unauthenticated. An illicit ICMP redirect message\ncould result in a man-in-the-middle attack.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system ignores IPv4 ICMP redirect messages.\n\n    # grep 'net.ipv4.conf.all.accept_redirects' /etc/sysctl.conf /etc/sysctl.d/*\n\n    If \\\" net.ipv4.conf.all.accept_redirects \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the \\\"accept_redirects\\\"\nvariables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.accept_redirects'\n\n    net.ipv4.conf.all.accept_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to ignore IPv4 ICMP redirect messages by adding the\nfollowing line to \\\"/etc/sysctl.conf\\\" or a configuration file in the\n/etc/sysctl.d/ directory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.accept_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-73175\"\n  tag rid: \"SV-87827r4_rule\"\n  tag stig_id: \"RHEL-07-040641\"\n  tag fix_id: \"F-79621r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.accept_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.accept_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72261</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000364-GPOS-00151</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86885r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon does not permit Kerberos authentication unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon does not permit Kerberos authentication unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Kerberos authentication for SSH is often implemented using Generic
 Security Service Application Program Interface (GSSAPI). If Kerberos is enabled
-through SSH, the SSH daemon provides a means of access to the system&#39;s Kerberos
-implementation. Vulnerabilities in the system&#39;s Kerberos implementation may
+through SSH, the SSH daemon provides a means of access to the system's Kerberos
+implementation. Vulnerabilities in the system's Kerberos implementation may
 then be subject to exploitation. To reduce the attack surface of the system,
 the Kerberos authentication mechanism within SSH must be disabled for systems
-not using this capability.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+not using this capability.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon does not permit Kerberos to authenticate passwords
 unless approved.
 
     Check that the SSH daemon does not permit Kerberos to authenticate
 passwords with the following command:
 
-    # grep -i kerberosauth &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i kerberosauth /etc/ssh/sshd_config
     KerberosAuthentication no
 
-    If the &quot;KerberosAuthentication&quot; keyword is missing, or is set to &quot;yes&quot;
+    If the "KerberosAuthentication" keyword is missing, or is set to "yes"
 and is not documented with the Information System Security Officer (ISSO), or
-the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;KerberosAuthentication&quot; keyword in
-&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this file may be named differently or be in a
+the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "KerberosAuthentication" keyword in
+"/etc/ssh/sshd_config" (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
-vendor) and set the value to &quot;no&quot;:
+vendor) and set the value to "no":
 
     KerberosAuthentication no
 
     The SSH service must be restarted for changes to take effect.
 
     If Kerberos authentication is required, it must be documented, to include
-the location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>682b993c-c8af-4e04-853a-9c40a58ef39f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration KerberosAuthentication is expected to cmp &#x3D;&#x3D; &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72171</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86795r7_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030740</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+the location of the configuration file, with the ISSO.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72261\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not permit Kerberos authentication unless needed.\"\n  desc  \"Kerberos authentication for SSH is often implemented using Generic\nSecurity Service Application Program Interface (GSSAPI). If Kerberos is enabled\nthrough SSH, the SSH daemon provides a means of access to the system's Kerberos\nimplementation. Vulnerabilities in the system's Kerberos implementation may\nthen be subject to exploitation. To reduce the attack surface of the system,\nthe Kerberos authentication mechanism within SSH must be disabled for systems\nnot using this capability.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon does not permit Kerberos to authenticate passwords\nunless approved.\n\n    Check that the SSH daemon does not permit Kerberos to authenticate\npasswords with the following command:\n\n    # grep -i kerberosauth /etc/ssh/sshd_config\n    KerberosAuthentication no\n\n    If the \\\"KerberosAuthentication\\\" keyword is missing, or is set to \\\"yes\\\"\nand is not documented with the Information System Security Officer (ISSO), or\nthe returned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"KerberosAuthentication\\\" keyword in\n\\\"/etc/ssh/sshd_config\\\" (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor) and set the value to \\\"no\\\":\n\n    KerberosAuthentication no\n\n    The SSH service must be restarted for changes to take effect.\n\n    If Kerberos authentication is required, it must be documented, to include\nthe location of the configuration file, with the ISSO.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000364-GPOS-00151\"\n  tag gid: \"V-72261\"\n  tag rid: \"SV-86885r3_rule\"\n  tag stig_id: \"RHEL-07-040440\"\n  tag fix_id: \"F-78615r2_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('KerberosAuthentication') { should cmp 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration KerberosAuthentication is expected to cmp == "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72171</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86795r7_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030740</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the mount command and syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the mount command and syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged mount commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;mount&quot; command and syscall occur.
+successful/unsuccessful attempts to use the "mount" command and syscall occur.
 
     Check that the following system call is being audited by performing the
 following series of commands to check the file system rules in
-&quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+"/etc/audit/audit.rules":
 
-    # grep -iw &quot;mount&quot; &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw "mount" /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F arch&#x3D;b64 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;mount&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"mount" syscall, this is a finding.
 
-    If all uses of the &quot;mount&quot; command are not being audited, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If all uses of the "mount" command are not being audited, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;mount&quot; command and syscall occur.
+successful/unsuccessful attempts to use the "mount" command and syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F arch&#x3D;b64 -S mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;mount -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-mount
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3e996687-84ca-4ea3-835b-50056e823ff6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;mount&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with path &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;mount&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with path &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;mount&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81011</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95723r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount &#x2F;dev&#x2F;shm with
-the nosuid option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;nosuid&quot; mount option causes the system to not execute
-&quot;setuid&quot; and &quot;setgid&quot; files with owner privileges. This option must be used
-for mounting any file system not containing approved &quot;setuid&quot; and &quot;setguid&quot;
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72171\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe mount command and syscall.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged mount commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"mount\\\" command and syscall occur.\n\n    Check that the following system call is being audited by performing the\nfollowing series of commands to check the file system rules in\n\\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw \\\"mount\\\" /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"mount\\\" syscall, this is a finding.\n\n    If all uses of the \\\"mount\\\" command are not being audited, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"mount\\\" command and syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F arch=b64 -S mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n    -a always,exit -F path=/usr/bin/mount -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-mount\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72171\"\n  tag rid: \"SV-86795r7_rule\"\n  tag stig_id: \"RHEL-07-030740\"\n  tag fix_id: \"F-78525r9_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"mount\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"mount\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\n\n  describe auditd.path(\"/usr/bin/mount\") do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "mount" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "mount" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "mount" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "mount" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with path == "/usr/bin/mount" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with path == "/usr/bin/mount" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81011</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000368-GPOS-00154</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95723r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must mount /dev/shm with
+the nosuid option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "nosuid" mount option causes the system to not execute
+"setuid" and "setgid" files with owner privileges. This option must be used
+for mounting any file system not containing approved "setuid" and "setguid"
 files. Executing files from untrusted file systems increases the opportunity
-for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;nosuid&quot; option is configured for &#x2F;dev&#x2F;shm:
+for unprivileged users to attain unauthorized administrative access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "nosuid" option is configured for /dev/shm:
 
-    # cat &#x2F;etc&#x2F;fstab | grep &#x2F;dev&#x2F;shm
+    # cat /etc/fstab | grep /dev/shm
 
-    tmpfs &#x2F;dev&#x2F;shm tmpfs defaults,nodev,nosuid,noexec 0 0
+    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0
 
-    If any results are returned and the &quot;nosuid&quot; option is not listed, this
+    If any results are returned and the "nosuid" option is not listed, this
 is a finding.
 
-    Verify &quot;&#x2F;dev&#x2F;shm&quot; is mounted with the &quot;nosuid&quot; option:
-
-    # mount | grep &quot;&#x2F;dev&#x2F;shm&quot; | grep nosuid
-
-    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the system so that &#x2F;dev&#x2F;shm is mounted with the
-&quot;nosuid&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>24a0fd48-9ee7-4fb0-b1bf-328bb397abe0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;dev&#x2F;shm options is expected to include &quot;nosuid&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72001</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86625r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Verify "/dev/shm" is mounted with the "nosuid" option:
+
+    # mount | grep "/dev/shm" | grep nosuid
+
+    If no results are returned, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system so that /dev/shm is mounted with the
+"nosuid" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-81011\" do\n  title \"The Red Hat Enterprise Linux operating system must mount /dev/shm with\nthe nosuid option.\"\n  desc  \"The \\\"nosuid\\\" mount option causes the system to not execute\n\\\"setuid\\\" and \\\"setgid\\\" files with owner privileges. This option must be used\nfor mounting any file system not containing approved \\\"setuid\\\" and \\\"setguid\\\"\nfiles. Executing files from untrusted file systems increases the opportunity\nfor unprivileged users to attain unauthorized administrative access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"nosuid\\\" option is configured for /dev/shm:\n\n    # cat /etc/fstab | grep /dev/shm\n\n    tmpfs /dev/shm tmpfs defaults,nodev,nosuid,noexec 0 0\n\n    If any results are returned and the \\\"nosuid\\\" option is not listed, this\nis a finding.\n\n    Verify \\\"/dev/shm\\\" is mounted with the \\\"nosuid\\\" option:\n\n    # mount | grep \\\"/dev/shm\\\" | grep nosuid\n\n    If no results are returned, this is a finding.\n  \"\n  desc  \"fix\", \"Configure the system so that /dev/shm is mounted with the\n\\\"nosuid\\\" option.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000368-GPOS-00154\"\n  tag gid: \"V-81011\"\n  tag rid: \"SV-95723r2_rule\"\n  tag stig_id: \"RHEL-07-021023\"\n  tag fix_id: \"F-87845r2_fix\"\n  tag cci: [\"CCI-001764\"]\n  tag nist: [\"CM-7 (2)\", \"Rev_4\"]\n\n  describe mount('/dev/shm') do\n    its('options') { should include 'nosuid' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /dev/shm options is expected to include "nosuid"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86625r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have
-unnecessary accounts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+unnecessary accounts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Accounts providing no operational purpose provide additional
 opportunities for system compromise. Unnecessary accounts include user accounts
 for individuals not requiring access to the system and application accounts for
-applications not installed on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+applications not installed on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all accounts on the system are assigned to an active system,
 application, or user account.
 
@@ -32218,207 +30819,174 @@ Security Officer (ISSO).
 
     Check the system accounts on the system with the following command:
 
-    # more &#x2F;etc&#x2F;passwd
-    root:x:0:0:root:&#x2F;root:&#x2F;bin&#x2F;bash
-    bin:x:1:1:bin:&#x2F;bin:&#x2F;sbin&#x2F;nologin
-    daemon:x:2:2:daemon:&#x2F;sbin:&#x2F;sbin&#x2F;nologin
-    sync:x:5:0:sync:&#x2F;sbin:&#x2F;bin&#x2F;sync
-    shutdown:x:6:0:shutdown:&#x2F;sbin:&#x2F;sbin&#x2F;shutdown
-    halt:x:7:0:halt:&#x2F;sbin:&#x2F;sbin&#x2F;halt
-    games:x:12:100:games:&#x2F;usr&#x2F;games:&#x2F;sbin&#x2F;nologin
-    gopher:x:13:30:gopher:&#x2F;var&#x2F;gopher:&#x2F;sbin&#x2F;nologin
-
-    Accounts such as &quot;games&quot; and &quot;gopher&quot; are not authorized accounts as
+    # more /etc/passwd
+    root:x:0:0:root:/root:/bin/bash
+    bin:x:1:1:bin:/bin:/sbin/nologin
+    daemon:x:2:2:daemon:/sbin:/sbin/nologin
+    sync:x:5:0:sync:/sbin:/bin/sync
+    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
+    halt:x:7:0:halt:/sbin:/sbin/halt
+    games:x:12:100:games:/usr/games:/sbin/nologin
+    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
+
+    Accounts such as "games" and "gopher" are not authorized accounts as
 they do not support authorized system functions.
 
     If the accounts on the system do not match the provided documentation, or
 accounts that do not support an authorized system function are present, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system so all accounts on the system are assigned to an
 active system, application, or user account.
 
     Remove accounts that do not support approved system activities or that
 allow for a normal user to perform administrative-level actions.
 
-    Document all authorized accounts on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8b8e9b0c-afd6-4034-950a-9b9ff11a94be</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-root is listed in allowed users.
---------------------------------
-passed
-bin is listed in allowed users.
---------------------------------
-passed
-daemon is listed in allowed users.
---------------------------------
-passed
-adm is listed in allowed users.
---------------------------------
-passed
-lp is listed in allowed users.
---------------------------------
-passed
-sync is listed in allowed users.
---------------------------------
-passed
-shutdown is listed in allowed users.
---------------------------------
-passed
-halt is listed in allowed users.
---------------------------------
-passed
-mail is listed in allowed users.
---------------------------------
-passed
-operator is listed in allowed users.
---------------------------------
-passed
-nobody is listed in allowed users.
---------------------------------
-passed
-systemd-network is listed in allowed users.
-expected &#x60;systemd-network&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-dbus is listed in allowed users.
-expected &#x60;dbus&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-polkitd is listed in allowed users.
-expected &#x60;polkitd&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-sshd is listed in allowed users.
-expected &#x60;sshd&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-postfix is listed in allowed users.
-expected &#x60;postfix&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-chrony is listed in allowed users.
-expected &#x60;chrony&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-ec2-user is listed in allowed users.
-expected &#x60;ec2-user&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-tss is listed in allowed users.
-expected &#x60;tss&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;
---------------------------------
-passed
-sssd is listed in allowed users.
-expected &#x60;sssd&#x60; to be in the list: &#x60;[&quot;root&quot;, &quot;bin&quot;, &quot;daemon&quot;, &quot;adm&quot;, &quot;lp&quot;, &quot;sync&quot;, &quot;shutdown&quot;, &quot;halt&quot;, &quot;mail&quot;, &quot;operator&quot;, &quot;nobody&quot;, &quot;systemd-bus-proxy&quot;]&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-78997</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-93703r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010101</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Document all authorized accounts on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72001\" do\n  title \"The Red Hat Enterprise Linux operating system must not have\nunnecessary accounts.\"\n  desc  \"Accounts providing no operational purpose provide additional\nopportunities for system compromise. Unnecessary accounts include user accounts\nfor individuals not requiring access to the system and application accounts for\napplications not installed on the system.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all accounts on the system are assigned to an active system,\napplication, or user account.\n\n    Obtain the list of authorized system accounts from the Information System\nSecurity Officer (ISSO).\n\n    Check the system accounts on the system with the following command:\n\n    # more /etc/passwd\n    root:x:0:0:root:/root:/bin/bash\n    bin:x:1:1:bin:/bin:/sbin/nologin\n    daemon:x:2:2:daemon:/sbin:/sbin/nologin\n    sync:x:5:0:sync:/sbin:/bin/sync\n    shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown\n    halt:x:7:0:halt:/sbin:/sbin/halt\n    games:x:12:100:games:/usr/games:/sbin/nologin\n    gopher:x:13:30:gopher:/var/gopher:/sbin/nologin\n\n    Accounts such as \\\"games\\\" and \\\"gopher\\\" are not authorized accounts as\nthey do not support authorized system functions.\n\n    If the accounts on the system do not match the provided documentation, or\naccounts that do not support an authorized system function are present, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system so all accounts on the system are assigned to an\nactive system, application, or user account.\n\n    Remove accounts that do not support approved system activities or that\nallow for a normal user to perform administrative-level actions.\n\n    Document all authorized accounts on the system.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72001\"\n  tag rid: \"SV-86625r2_rule\"\n  tag stig_id: \"RHEL-07-020270\"\n  tag fix_id: \"F-78353r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  known_system_accounts = input('known_system_accounts')\n  user_accounts = input('user_accounts')\n\n  allowed_accounts = (known_system_accounts + user_accounts).uniq\n  passwd.users.each do |user|\n    describe user do\n      it \"is listed in allowed users.\" do\n        expect(subject).to(be_in allowed_accounts)\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST root is listed in allowed users.
+--------------------------------
+passed :: TEST bin is listed in allowed users.
+--------------------------------
+passed :: TEST daemon is listed in allowed users.
+--------------------------------
+passed :: TEST adm is listed in allowed users.
+--------------------------------
+passed :: TEST lp is listed in allowed users.
+--------------------------------
+passed :: TEST sync is listed in allowed users.
+--------------------------------
+passed :: TEST shutdown is listed in allowed users.
+--------------------------------
+passed :: TEST halt is listed in allowed users.
+--------------------------------
+passed :: TEST mail is listed in allowed users.
+--------------------------------
+passed :: TEST operator is listed in allowed users.
+--------------------------------
+passed :: TEST nobody is listed in allowed users.
+--------------------------------
+passed :: TEST systemd-network is listed in allowed users. :: MESSAGE expected `systemd-network` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST dbus is listed in allowed users. :: MESSAGE expected `dbus` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST polkitd is listed in allowed users. :: MESSAGE expected `polkitd` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST sshd is listed in allowed users. :: MESSAGE expected `sshd` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST postfix is listed in allowed users. :: MESSAGE expected `postfix` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST chrony is listed in allowed users. :: MESSAGE expected `chrony` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST ec2-user is listed in allowed users. :: MESSAGE expected `ec2-user` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST tss is listed in allowed users. :: MESSAGE expected `tss` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`
+--------------------------------
+passed :: TEST sssd is listed in allowed users. :: MESSAGE expected `sssd` to be in the list: `["root", "bin", "daemon", "adm", "lp", "sync", "shutdown", "halt", "mail", "operator", "nobody", "systemd-bus-proxy"]`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-78997</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-93703r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010101</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent a user from
 overriding the screensaver idle-activation-enabled setting for the graphical
-user interface.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+user interface.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session lock is a temporary action taken when a user stops work and
 moves away from the immediate physical vicinity of the information system but
 does not want to log out because of the temporary nature of the absence.
@@ -32426,17 +30994,17 @@ does not want to log out because of the temporary nature of the absence.
     The session lock is implemented at the point where session activity can be
 determined.
 
-    The ability to enable&#x2F;disable a session lock is given to the user by
-default. Disabling the user&#39;s ability to disengage the graphical user interface
+    The ability to enable/disable a session lock is given to the user by
+default. Disabling the user's ability to disengage the graphical user interface
 session lock provides the assurance that all sessions will lock after the
-specified period of time.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+specified period of time.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents a user from overriding the screensaver
 idle-activation-enabled setting for the graphical user interface.
 
@@ -32446,24 +31014,24 @@ console.
 
     Determine which profile the system database is using with the following
 command:
-    # grep system-db &#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user
+    # grep system-db /etc/dconf/profile/user
 
     system-db:local
 
     Check for the idle-activation-enabled setting with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-the path is &quot;&#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&quot;. This path must be modified if a database
-other than &quot;local&quot; is being used.
+    Note: The example below is using the database "local" for the system, so
+the path is "/etc/dconf/db/local.d". This path must be modified if a database
+other than "local" is being used.
 
-    # grep -i idle-activation-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;*
+    # grep -i idle-activation-enabled /etc/dconf/db/local.d/locks/*
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;idle-activation-enabled
+    /org/gnome/desktop/screensaver/idle-activation-enabled
 
-    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent a user from overriding a
 screensaver lock after a 15-minute period of inactivity for graphical user
 interfaces.
@@ -32471,444 +31039,426 @@ interfaces.
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    Note: The example below is using the database &quot;local&quot; for the system, so
-if the system is using another database in &quot;&#x2F;etc&#x2F;dconf&#x2F;profile&#x2F;user&quot;, the
+    Note: The example below is using the database "local" for the system, so
+if the system is using another database in "/etc/dconf/profile/user", the
 file should be created under the appropriate subdirectory.
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;locks&#x2F;session
+    # touch /etc/dconf/db/local.d/locks/session
 
     Add the setting to lock the screensaver idle-activation-enabled setting:
 
-    &#x2F;org&#x2F;gnome&#x2F;desktop&#x2F;screensaver&#x2F;idle-activation-enabled</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9ccd574c-d367-41c2-ab05-354fc3284df8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The GNOME desktop is not installed
-The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72265</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86889r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040460</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    /org/gnome/desktop/screensaver/idle-activation-enabled</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-78997\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent a user from\noverriding the screensaver idle-activation-enabled setting for the graphical\nuser interface.\"\n  desc  \"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    The ability to enable/disable a session lock is given to the user by\ndefault. Disabling the user's ability to disengage the graphical user interface\nsession lock provides the assurance that all sessions will lock after the\nspecified period of time.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents a user from overriding the screensaver\nidle-activation-enabled setting for the graphical user interface.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    Determine which profile the system database is using with the following\ncommand:\n    # grep system-db /etc/dconf/profile/user\n\n    system-db:local\n\n    Check for the idle-activation-enabled setting with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nthe path is \\\"/etc/dconf/db/local.d\\\". This path must be modified if a database\nother than \\\"local\\\" is being used.\n\n    # grep -i idle-activation-enabled /etc/dconf/db/local.d/locks/*\n\n    /org/gnome/desktop/screensaver/idle-activation-enabled\n\n    If the command does not return a result, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent a user from overriding a\nscreensaver lock after a 15-minute period of inactivity for graphical user\ninterfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    Note: The example below is using the database \\\"local\\\" for the system, so\nif the system is using another database in \\\"/etc/dconf/profile/user\\\", the\nfile should be created under the appropriate subdirectory.\n\n    # touch /etc/dconf/db/local.d/locks/session\n\n    Add the setting to lock the screensaver idle-activation-enabled setting:\n\n    /org/gnome/desktop/screensaver/idle-activation-enabled\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-78997\"\n  tag rid: \"SV-93703r2_rule\"\n  tag stig_id: \"RHEL-07-010101\"\n  tag fix_id: \"F-85747r1_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe command(\"gsettings writable org.gnome.desktop.screensaver idle-activation-enabled\") do\n    its('stdout.strip') { should cmp 'false' }\n  end if package('gnome-desktop3').installed?\n\n  describe \"The GNOME desktop is not installed\" do\n    skip \"The GNOME desktop is not installed, this control is Not Applicable.\"\n  end if !package('gnome-desktop3').installed?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The GNOME desktop is not installed :: SKIP_MESSAGE The GNOME desktop is not installed, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72265</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86889r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040460</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon uses privilege separation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon uses privilege separation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>SSH daemon privilege separation causes the SSH process to drop root
 privileges when not needed, which would decrease the impact of software
-vulnerabilities in the unprivileged section.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+vulnerabilities in the unprivileged section.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon performs privilege separation.
 
     Check that the SSH daemon performs privilege separation with the following
 command:
 
-    # grep -i usepriv &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i usepriv /etc/ssh/sshd_config
 
     UsePrivilegeSeparation sandbox
 
-    If the &quot;UsePrivilegeSeparation&quot; keyword is set to &quot;no&quot;, is missing, or
-the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;UsePrivilegeSeparation&quot; keyword in
-&quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this file may be named differently or be in a
+    If the "UsePrivilegeSeparation" keyword is set to "no", is missing, or
+the returned line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "UsePrivilegeSeparation" keyword in
+"/etc/ssh/sshd_config" (this file may be named differently or be in a
 different location if using a version of SSH that is provided by a third-party
-vendor) and set the value to &quot;sandbox&quot; or &quot;yes&quot;:
+vendor) and set the value to "sandbox" or "yes":
 
     UsePrivilegeSeparation sandbox
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5f65461e-0a4d-48ea-8acc-a43ef219b502</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration UsePrivilegeSeparation is expected to cmp &#x3D;&#x3D; &quot;sandbox&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-73165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-87817r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030871</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72265\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon uses privilege separation.\"\n  desc  \"SSH daemon privilege separation causes the SSH process to drop root\nprivileges when not needed, which would decrease the impact of software\nvulnerabilities in the unprivileged section.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon performs privilege separation.\n\n    Check that the SSH daemon performs privilege separation with the following\ncommand:\n\n    # grep -i usepriv /etc/ssh/sshd_config\n\n    UsePrivilegeSeparation sandbox\n\n    If the \\\"UsePrivilegeSeparation\\\" keyword is set to \\\"no\\\", is missing, or\nthe returned line is commented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"UsePrivilegeSeparation\\\" keyword in\n\\\"/etc/ssh/sshd_config\\\" (this file may be named differently or be in a\ndifferent location if using a version of SSH that is provided by a third-party\nvendor) and set the value to \\\"sandbox\\\" or \\\"yes\\\":\n\n    UsePrivilegeSeparation sandbox\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72265\"\n  tag rid: \"SV-86889r3_rule\"\n  tag stig_id: \"RHEL-07-040460\"\n  tag fix_id: \"F-78619r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe sshd_config do\n      its('UsePrivilegeSeparation') { should cmp 'sandbox' }\n    end\n    describe sshd_config do\n      its('UsePrivilegeSeparation') { should cmp 'yes' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration UsePrivilegeSeparation is expected to cmp == "sandbox"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-73165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-87817r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030871</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;group&quot;.
+"/etc/group".
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;group &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/group /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;group -p wa -k identity
+    -w /etc/group -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;group&quot;.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;group -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>43a01a99-30d1-49f4-988a-f40164da51f8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;group&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;group&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72307</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86931r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040730</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/group".
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/group -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-73165\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/group.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/group\\\".\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/group /etc/audit/audit.rules\n\n    -w /etc/group -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/group\\\".\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/group -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag gid: \"V-73165\"\n  tag rid: \"SV-87817r3_rule\"\n  tag stig_id: \"RHEL-07-030871\"\n  tag fix_id: \"F-79611r3_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/group'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/group" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/group" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72307</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86931r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040730</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have an X
-Windows display manager installed unless approved.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Windows display manager installed unless approved.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Internet services that are not required for system or application
 processes must not be active to decrease the attack surface of the system. X
 Windows has a long history of security vulnerabilities and will not be used
-unless approved and documented.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unless approved and documented.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that if the system has X Windows System installed, it is authorized.
 
     Check for the X11 package with the following command:
@@ -32919,476 +31469,449 @@ unless approved and documented.</ATTRIBUTE_DATA>
 operational requirement.
 
     If the use of X Windows on the system is not documented with the
-Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Information System Security Officer (ISSO), this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Document the requirement for an X Windows server with the ISSO or remove
 the related packages with the following commands:
 
-    # rpm -e xorg-x11-server-common</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>59e5d1bf-932b-4337-98d5-f8c1ca8583c1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package xorg-x11-server-common is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86757r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030550</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # rpm -e xorg-x11-server-common</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72307\" do\n  title \"The Red Hat Enterprise Linux operating system must not have an X\nWindows display manager installed unless approved.\"\n  desc  \"Internet services that are not required for system or application\nprocesses must not be active to decrease the attack surface of the system. X\nWindows has a long history of security vulnerabilities and will not be used\nunless approved and documented.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that if the system has X Windows System installed, it is authorized.\n\n    Check for the X11 package with the following command:\n\n    # rpm -qa | grep xorg | grep server\n\n    Ask the System Administrator if use of the X Windows System is an\noperational requirement.\n\n    If the use of X Windows on the system is not documented with the\nInformation System Security Officer (ISSO), this is a finding.\n  \"\n  desc  \"fix\", \"\n    Document the requirement for an X Windows server with the ISSO or remove\nthe related packages with the following commands:\n\n    # rpm -e xorg-x11-server-common\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72307\"\n  tag rid: \"SV-86931r4_rule\"\n  tag stig_id: \"RHEL-07-040730\"\n  tag fix_id: \"F-78661r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  x11_enabled = input('x11_enabled')\n\n  describe package('xorg-x11-server-common') do\n    it { should_not be_installed }\n  end if !x11_enabled\n\n  describe package('xorg-x11-server-common') do\n    it { should be_installed }\n  end if x11_enabled\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package xorg-x11-server-common is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86757r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030550</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the ftruncate syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the ftruncate syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ftruncate&quot; syscall occur.
+successful/unsuccessful attempts to use the "ftruncate" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw ftruncate &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw ftruncate /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;ftruncate&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"ftruncate" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;ftruncate&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S ftruncate -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9c18ed76-1690-4553-9a55-750d969c51db</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;ftruncate&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71941</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000118-GPOS-00060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86565r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010310</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "ftruncate" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72133\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe ftruncate syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"ftruncate\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw ftruncate /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"ftruncate\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"ftruncate\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S ftruncate -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72133\"\n  tag rid: \"SV-86757r5_rule\"\n  tag stig_id: \"RHEL-07-030550\"\n  tag fix_id: \"F-78485r8_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"ftruncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"ftruncate\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"ftruncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"ftruncate\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "ftruncate" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71941</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000118-GPOS-00060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86565r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010310</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must disable account
-identifiers (individuals, groups, roles, and devices) if the password expires.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+identifiers (individuals, groups, roles, and devices) if the password expires.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Inactive identifiers pose a risk to systems and applications because
 attackers may exploit an inactive identifier and potentially obtain undetected
 access to the system. Owners of inactive accounts will not notice if
 unauthorized access to their user account has been obtained.
 
     Operating systems need to track periods of inactivity and disable
-application identifiers after zero days of inactivity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+application identifiers after zero days of inactivity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If passwords are not being used for authentication, this is Not Applicable.
 
     Verify the operating system disables account identifiers (individuals,
 groups, roles, and devices) after the password expires with the following
 command:
 
-    # grep -i inactive &#x2F;etc&#x2F;default&#x2F;useradd
-    INACTIVE&#x3D;0
+    # grep -i inactive /etc/default/useradd
+    INACTIVE=0
 
-    If the value is not set to &quot;0&quot;, is commented out, or is not defined, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the value is not set to "0", is commented out, or is not defined, this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to disable account identifiers (individuals,
 groups, roles, and devices) after the password expires.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;default&#x2F;useradd&quot; (or modify the line to
+    Add the following line to "/etc/default/useradd" (or modify the line to
 have the required value):
 
-    INACTIVE&#x3D;0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b42f6bb4-302c-4a6e-9dda-72f200ed3bb9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000795</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;default&#x2F;useradd INACTIVE is expected to cmp &gt;&#x3D; 0
---------------------------------
-passed
-Parse Config File &#x2F;etc&#x2F;default&#x2F;useradd INACTIVE is expected to cmp &lt;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86837r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-032000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    INACTIVE=0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71941\" do\n  title \"The Red Hat Enterprise Linux operating system must disable account\nidentifiers (individuals, groups, roles, and devices) if the password expires.\"\n  desc  \"Inactive identifiers pose a risk to systems and applications because\nattackers may exploit an inactive identifier and potentially obtain undetected\naccess to the system. Owners of inactive accounts will not notice if\nunauthorized access to their user account has been obtained.\n\n    Operating systems need to track periods of inactivity and disable\napplication identifiers after zero days of inactivity.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If passwords are not being used for authentication, this is Not Applicable.\n\n    Verify the operating system disables account identifiers (individuals,\ngroups, roles, and devices) after the password expires with the following\ncommand:\n\n    # grep -i inactive /etc/default/useradd\n    INACTIVE=0\n\n    If the value is not set to \\\"0\\\", is commented out, or is not defined, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to disable account identifiers (individuals,\ngroups, roles, and devices) after the password expires.\n\n    Add the following line to \\\"/etc/default/useradd\\\" (or modify the line to\nhave the required value):\n\n    INACTIVE=0\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000118-GPOS-00060\"\n  tag gid: \"V-71941\"\n  tag rid: \"SV-86565r2_rule\"\n  tag stig_id: \"RHEL-07-010310\"\n  tag fix_id: \"F-78293r1_fix\"\n  tag cci: [\"CCI-000795\"]\n  tag nist: [\"IA-4 e\", \"Rev_4\"]\n\n  days_of_inactivity = input('days_of_inactivity')\n\n  describe parse_config_file(\"/etc/default/useradd\") do\n    its('INACTIVE') { should cmp &gt;= 0 }\n    its('INACTIVE') { should cmp &lt;= days_of_inactivity }\n  end\n\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000795</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/default/useradd INACTIVE is expected to cmp &gt;= 0
+--------------------------------
+passed :: TEST Parse Config File /etc/default/useradd INACTIVE is expected to cmp &lt;= 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86837r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-032000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a virus scan
-program.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+program.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Virus scanning software can be used to protect a system from
 penetration from computer viruses and to limit their spread through
 intermediate systems.
@@ -33399,749 +31922,712 @@ must be configured to scan, at a minimum, all altered files on the system on a
 daily basis.
 
     If the system processes inbound SMTP mail, the virus scanner must be
-configured to scan all received mail.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+configured to scan all received mail.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify an anti-virus solution is installed on the system. The anti-virus
 solution may be bundled with an approved host-based security solution.
 
     If there is no anti-virus solution installed on the system, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Install an antivirus solution on the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c9549eed-eba1-45e7-a434-15f759a88e79</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001668</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service nails is expected to be running
-expected that &#x60;Service nails&#x60; is running
---------------------------------
-passed
-Service clamav-daemon.socket is expected to be running
-expected that &#x60;Service clamav-daemon.socket&#x60; is running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72283</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86907r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040610</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Install an antivirus solution on the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72213\" do\n  title \"The Red Hat Enterprise Linux operating system must use a virus scan\nprogram.\"\n  desc  \"Virus scanning software can be used to protect a system from\npenetration from computer viruses and to limit their spread through\nintermediate systems.\n\n    The virus scanning software should be configured to perform scans\ndynamically on accessed files. If this capability is not available, the system\nmust be configured to scan, at a minimum, all altered files on the system on a\ndaily basis.\n\n    If the system processes inbound SMTP mail, the virus scanner must be\nconfigured to scan all received mail.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify an anti-virus solution is installed on the system. The anti-virus\nsolution may be bundled with an approved host-based security solution.\n\n    If there is no anti-virus solution installed on the system, this is a\nfinding.\n  \"\n  desc  \"fix\", \"Install an antivirus solution on the system.\"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72213\"\n  tag rid: \"SV-86837r3_rule\"\n  tag stig_id: \"RHEL-07-032000\"\n  tag fix_id: \"F-78567r2_fix\"\n  tag cci: [\"CCI-001668\"]\n  tag nist: [\"SI-3 a\", \"Rev_4\"]\n\n  custom_antivirus = input('custom_antivirus')\n\n  if ! custom_antivirus\n    describe.one do\n      describe service('nails') do\n      it { should be_running }\n    end\n    describe service('clamav-daemon.socket') do\n      it { should be_running }\n      end\n    end\n  else\n    # Allow user to provide a description of their AV solution\n    # for documentation.\n    custom_antivirus_description = input('custom_antivirus_description')\n    describe \"Antivirus: #{custom_antivirus_description}\" do\n      subject { custom_antivirus_description }\n      it { should_not cmp 'None' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001668</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service nails is expected to be running :: MESSAGE expected that `Service nails` is running
+--------------------------------
+passed :: TEST Service clamav-daemon.socket is expected to be running :: MESSAGE expected that `Service clamav-daemon.socket` is running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72283</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86907r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040610</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not forward
-Internet Protocol version 4 (IPv4) source-routed packets.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Internet Protocol version 4 (IPv4) source-routed packets.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Source-routed packets allow the source of the packet to suggest that
 routers forward the packet along a different path than configured on the
 router, which can be used to bypass network security measures. This requirement
 applies only to the forwarding of source-routed traffic, such as when IPv4
-forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+forwarding is enabled and the system is functioning as a router.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not accept IPv4 source-routed packets.
 
-    # grep net.ipv4.conf.all.accept_source_route &#x2F;etc&#x2F;sysctl.conf
-&#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep net.ipv4.conf.all.accept_source_route /etc/sysctl.conf
+/etc/sysctl.d/*
 
-    net.ipv4.conf.all.accept_source_route &#x3D; 0
+    net.ipv4.conf.all.accept_source_route = 0
 
-    If &quot; net.ipv4.conf.all.accept_source_route &quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out, or
-does not have a value of &quot;0&quot;, this is a finding.
+    If " net.ipv4.conf.all.accept_source_route " is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or
+does not have a value of "0", this is a finding.
 
     Check that the operating system implements the accept source route variable
 with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep net.ipv4.conf.all.accept_source_route
-    net.ipv4.conf.all.accept_source_route &#x3D; 0
+    # /sbin/sysctl -a | grep net.ipv4.conf.all.accept_source_route
+    net.ipv4.conf.all.accept_source_route = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.accept_source_route &#x3D; 0
+    net.ipv4.conf.all.accept_source_route = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl -system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b5dd8b48-e54b-4afc-bf31-32641da00201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72263</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86887r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl -system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72283\" do\n  title \"The Red Hat Enterprise Linux operating system must not forward\nInternet Protocol version 4 (IPv4) source-routed packets.\"\n  desc  \"Source-routed packets allow the source of the packet to suggest that\nrouters forward the packet along a different path than configured on the\nrouter, which can be used to bypass network security measures. This requirement\napplies only to the forwarding of source-routed traffic, such as when IPv4\nforwarding is enabled and the system is functioning as a router.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not accept IPv4 source-routed packets.\n\n    # grep net.ipv4.conf.all.accept_source_route /etc/sysctl.conf\n/etc/sysctl.d/*\n\n    net.ipv4.conf.all.accept_source_route = 0\n\n    If \\\" net.ipv4.conf.all.accept_source_route \\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out, or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the accept source route variable\nwith the following command:\n\n    # /sbin/sysctl -a | grep net.ipv4.conf.all.accept_source_route\n    net.ipv4.conf.all.accept_source_route = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.accept_source_route = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl -system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72283\"\n  tag rid: \"SV-86907r2_rule\"\n  tag stig_id: \"RHEL-07-040610\"\n  tag fix_id: \"F-78637r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.accept_source_route') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.accept_source_route value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72263</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86887r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the SSH daemon performs strict mode checking of home directory
-configuration files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+configuration files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If other users have access to modify user-specific SSH configuration
-files, they may be able to log on to the system as another user.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+files, they may be able to log on to the system as another user.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the SSH daemon performs strict mode checking of home directory
 configuration files.
 
-    The location of the &quot;sshd_config&quot; file may vary if a different daemon is
+    The location of the "sshd_config" file may vary if a different daemon is
 in use.
 
-    Inspect the &quot;sshd_config&quot; file with the following command:
+    Inspect the "sshd_config" file with the following command:
 
-    # grep -i strictmodes &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i strictmodes /etc/ssh/sshd_config
 
     StrictModes yes
 
-    If &quot;StrictModes&quot; is set to &quot;no&quot;, is missing, or the returned line is
-commented out, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Uncomment the &quot;StrictModes&quot; keyword in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; (this
+    If "StrictModes" is set to "no", is missing, or the returned line is
+commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Uncomment the "StrictModes" keyword in "/etc/ssh/sshd_config" (this
 file may be named differently or be in a different location if using a version
-of SSH that is provided by a third-party vendor) and set the value to &quot;yes&quot;:
+of SSH that is provided by a third-party vendor) and set the value to "yes":
 
     StrictModes yes
 
-    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>faa9f5b0-bec9-44ba-a544-5692bc874668</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration StrictModes is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72065</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86689r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The SSH service must be restarted for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72263\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon performs strict mode checking of home directory\nconfiguration files.\"\n  desc  \"If other users have access to modify user-specific SSH configuration\nfiles, they may be able to log on to the system as another user.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the SSH daemon performs strict mode checking of home directory\nconfiguration files.\n\n    The location of the \\\"sshd_config\\\" file may vary if a different daemon is\nin use.\n\n    Inspect the \\\"sshd_config\\\" file with the following command:\n\n    # grep -i strictmodes /etc/ssh/sshd_config\n\n    StrictModes yes\n\n    If \\\"StrictModes\\\" is set to \\\"no\\\", is missing, or the returned line is\ncommented out, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Uncomment the \\\"StrictModes\\\" keyword in \\\"/etc/ssh/sshd_config\\\" (this\nfile may be named differently or be in a different location if using a version\nof SSH that is provided by a third-party vendor) and set the value to \\\"yes\\\":\n\n    StrictModes yes\n\n    The SSH service must be restarted for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72263\"\n  tag rid: \"SV-86887r3_rule\"\n  tag stig_id: \"RHEL-07-040450\"\n  tag fix_id: \"F-78617r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('StrictModes') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration StrictModes is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72065</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86689r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a separate file
-system for &#x2F;tmp (or equivalent).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system for /tmp (or equivalent).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that a separate file system&#x2F;partition has been created for &quot;&#x2F;tmp&quot;.
-
-    Check that a file system&#x2F;partition has been created for &quot;&#x2F;tmp&quot; with the
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that a separate file system/partition has been created for "/tmp".
+
+    Check that a file system/partition has been created for "/tmp" with the
 following command:
 
     # systemctl is-enabled tmp.mount
     enabled
 
-    If the &quot;tmp.mount&quot; service is not enabled, check to see if &quot;&#x2F;tmp&quot; is
+    If the "tmp.mount" service is not enabled, check to see if "/tmp" is
 defined in the fstab with a device and mount point:
 
-    # grep -i &#x2F;tmp &#x2F;etc&#x2F;fstab
-    UUID&#x3D;a411dc99-f2a1-4c87-9e05-184977be8539 &#x2F;tmp   ext4
-rw,relatime,discard,data&#x3D;ordered,nosuid,noexec, 0 0
+    # grep -i /tmp /etc/fstab
+    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /tmp   ext4
+rw,relatime,discard,data=ordered,nosuid,noexec, 0 0
 
-    If &quot;tmp.mount&quot; service is not enabled and the &quot;&#x2F;tmp&quot; directory is not
-defined in the fstab with a device and mount point, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Start the &quot;tmp.mount&quot; service with the following command:
+    If "tmp.mount" service is not enabled and the "/tmp" directory is not
+defined in the fstab with a device and mount point, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Start the "tmp.mount" service with the following command:
 
     # systemctl enable tmp.mount
 
     OR
 
-    Edit the &quot;&#x2F;etc&#x2F;fstab&quot; file and ensure the &quot;&#x2F;tmp&quot; directory is defined
-in the fstab with a device and mount point.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f284235c-5733-4087-aaec-0d32c4c07416</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Service tmp.mount is expected to be enabled
-expected that &#x60;Service tmp.mount&#x60; is enabled
---------------------------------
-passed
-File System Table File (fstab) with mount_point &#x3D;&#x3D; &quot;&#x2F;tmp&quot; Should have a device name specified
-expected nil to respond to &#x60;empty?&#x60;
---------------------------------
-passed
-File System Table File (fstab) with mount_point &#x3D;&#x3D; &quot;&#x2F;tmp&quot; count is expected to cmp &#x3D;&#x3D; 1
-
+    Edit the "/etc/fstab" file and ensure the "/tmp" directory is defined
+in the fstab with a device and mount point.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72065\" do\n  title \"The Red Hat Enterprise Linux operating system must use a separate file\nsystem for /tmp (or equivalent).\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that a separate file system/partition has been created for \\\"/tmp\\\".\n\n    Check that a file system/partition has been created for \\\"/tmp\\\" with the\nfollowing command:\n\n    # systemctl is-enabled tmp.mount\n    enabled\n\n    If the \\\"tmp.mount\\\" service is not enabled, check to see if \\\"/tmp\\\" is\ndefined in the fstab with a device and mount point:\n\n    # grep -i /tmp /etc/fstab\n    UUID=a411dc99-f2a1-4c87-9e05-184977be8539 /tmp   ext4\nrw,relatime,discard,data=ordered,nosuid,noexec, 0 0\n\n    If \\\"tmp.mount\\\" service is not enabled and the \\\"/tmp\\\" directory is not\ndefined in the fstab with a device and mount point, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Start the \\\"tmp.mount\\\" service with the following command:\n\n    # systemctl enable tmp.mount\n\n    OR\n\n    Edit the \\\"/etc/fstab\\\" file and ensure the \\\"/tmp\\\" directory is defined\nin the fstab with a device and mount point.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72065\"\n  tag rid: \"SV-86689r3_rule\"\n  tag stig_id: \"RHEL-07-021340\"\n  tag fix_id: \"F-78417r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe systemd_service('tmp.mount') do\n      it { should be_enabled }\n    end\n    describe etc_fstab.where { mount_point == '/tmp' } do\n      its('count') { should cmp 1 }\n      it 'Should have a device name specified' do\n        expect(subject.device_name[0]).to_not(be_empty)\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Service tmp.mount is expected to be enabled :: MESSAGE expected that `Service tmp.mount` is enabled
+--------------------------------
+passed :: TEST File System Table File (fstab) with mount_point == "/tmp" Should have a device name specified :: MESSAGE expected nil to respond to `empty?`
+--------------------------------
+passed :: TEST File System Table File (fstab) with mount_point == "/tmp" count is expected to cmp == 1 :: MESSAGE 
 expected: 1
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72107</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86731r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72107</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86731r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fchmod syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fchmod syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmod" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following command:
 
-    # grep -iw fchmod &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fchmod /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fchmod&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fchmod" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fchmod&quot; syscall occur.
+successful/unsuccessful attempts to use the "fchmod" syscall occur.
 
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fchmod -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k
 perm_mod
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bb4e46bd-848d-4ea4-9b5f-efecbbadb42f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fchmod&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71935</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000078-GPOS-00046</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86559r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010280</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72107\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fchmod syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmod\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing command:\n\n    # grep -iw fchmod /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fchmod\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fchmod\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    -a always,exit -F arch=b64 -S fchmod -F auid&gt;=1000 -F auid!=4294967295 -k\nperm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72107\"\n  tag rid: \"SV-86731r5_rule\"\n  tag stig_id: \"RHEL-07-030420\"\n  tag fix_id: \"F-78459r9_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fchmod\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fchmod\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fchmod" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71935</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000078-GPOS-00046</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86559r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010280</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that passwords are a minimum of 15 characters in length.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that passwords are a minimum of 15 characters in length.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The shorter the password, the lower the number of possible
 combinations that need to be tested before the password is compromised.
 
@@ -34149,303 +32635,291 @@ combinations that need to be tested before the password is compromised.
 password in resisting attempts at guessing and brute-force attacks. Password
 length is one factor of several that helps to determine strength and how long
 it takes to crack a password. Use of more characters in a password helps to
-exponentially increase the time and&#x2F;or resources required to compromise the
-password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+exponentially increase the time and/or resources required to compromise the
+password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enforces a minimum 15-character password
-length. The &quot;minlen&quot; option sets the minimum number of characters in a new
+length. The "minlen" option sets the minimum number of characters in a new
 password.
 
-    Check for the value of the &quot;minlen&quot; option in
-&quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; with the following command:
+    Check for the value of the "minlen" option in
+"/etc/security/pwquality.conf" with the following command:
 
-    # grep minlen &#x2F;etc&#x2F;security&#x2F;pwquality.conf
-    minlen &#x3D; 15
+    # grep minlen /etc/security/pwquality.conf
+    minlen = 15
 
-    If the command does not return a &quot;minlen&quot; value of 15 or greater, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return a "minlen" value of 15 or greater, this is
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure operating system to enforce a minimum 15-character password
 length.
 
-    Add the following line to &quot;&#x2F;etc&#x2F;security&#x2F;pwquality.conf&quot; (or modify the
+    Add the following line to "/etc/security/pwquality.conf" (or modify the
 line to have the required value):
 
-    minlen &#x3D; 15</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d5dc66a8-3434-4621-82ff-981942a35a93</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Parse Config File &#x2F;etc&#x2F;security&#x2F;pwquality.conf minlen.to_i is expected to cmp &gt;&#x3D; 15</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71947</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86571r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010340</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    minlen = 15</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71935\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat passwords are a minimum of 15 characters in length.\"\n  desc  \"The shorter the password, the lower the number of possible\ncombinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a\npassword in resisting attempts at guessing and brute-force attacks. Password\nlength is one factor of several that helps to determine strength and how long\nit takes to crack a password. Use of more characters in a password helps to\nexponentially increase the time and/or resources required to compromise the\npassword.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enforces a minimum 15-character password\nlength. The \\\"minlen\\\" option sets the minimum number of characters in a new\npassword.\n\n    Check for the value of the \\\"minlen\\\" option in\n\\\"/etc/security/pwquality.conf\\\" with the following command:\n\n    # grep minlen /etc/security/pwquality.conf\n    minlen = 15\n\n    If the command does not return a \\\"minlen\\\" value of 15 or greater, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Configure operating system to enforce a minimum 15-character password\nlength.\n\n    Add the following line to \\\"/etc/security/pwquality.conf\\\" (or modify the\nline to have the required value):\n\n    minlen = 15\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000078-GPOS-00046\"\n  tag gid: \"V-71935\"\n  tag rid: \"SV-86559r2_rule\"\n  tag stig_id: \"RHEL-07-010280\"\n  tag fix_id: \"F-78287r1_fix\"\n  tag cci: [\"CCI-000205\"]\n  tag nist: [\"IA-5 (1) (a)\", \"Rev_4\"]\n\n  min_len = input('min_len')\n\n  describe parse_config_file(\"/etc/security/pwquality.conf\") do\n    its('minlen.to_i') { should cmp &gt;= min_len }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Parse Config File /etc/security/pwquality.conf minlen.to_i is expected to cmp &gt;= 15</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71947</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000373-GPOS-00156</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86571r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010340</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that users must provide a password for privilege escalation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that users must provide a password for privilege escalation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without re-authentication, users may access resources or perform tasks
 for which they do not have authorization.
 
     When operating systems provide the capability to escalate a functional
-capability, it is critical the user re-authenticate.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+capability, it is critical the user re-authenticate.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If passwords are not being used for authentication, this is Not Applicable.
 
     Verify the operating system requires users to supply a password for
 privilege escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; and &quot;&#x2F;etc&#x2F;sudoers.d&#x2F;*&quot;
+    Check the configuration of the "/etc/sudoers" and "/etc/sudoers.d/*"
 files with the following command:
 
-    # grep -i nopasswd &#x2F;etc&#x2F;sudoers &#x2F;etc&#x2F;sudoers.d&#x2F;*
+    # grep -i nopasswd /etc/sudoers /etc/sudoers.d/*
 
-    If any uncommented line is found with a &quot;NOPASSWD&quot; tag, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any uncommented line is found with a "NOPASSWD" tag, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to require users to supply a password for
 privilege escalation.
 
-    Check the configuration of the &quot;&#x2F;etc&#x2F;sudoers&quot; file with the following
+    Check the configuration of the "/etc/sudoers" file with the following
 command:
     # visudo
 
-    Remove any occurrences of &quot;NOPASSWD&quot; tags in the file.
+    Remove any occurrences of "NOPASSWD" tags in the file.
 
-    Check the configuration of the &#x2F;etc&#x2F;sudoers.d&#x2F;* files with the following
+    Check the configuration of the /etc/sudoers.d/* files with the following
 command:
-    # grep -i nopasswd &#x2F;etc&#x2F;sudoers.d&#x2F;*
-
-    Remove any occurrences of &quot;NOPASSWD&quot; tags in the file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>03269bcd-a953-4215-b628-b9bb69a70ebe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep -i nopasswd &#x2F;etc&#x2F;sudoers.d&#x2F;90-cloud-init-users&#x60; stdout is expected not to match &#x2F;^[^#]*NOPASSWD&#x2F;
-expected &quot;ec2-user ALL&#x3D;(ALL) NOPASSWD:ALL\n&quot; not to match &#x2F;^[^#]*NOPASSWD&#x2F;
+    # grep -i nopasswd /etc/sudoers.d/*
+
+    Remove any occurrences of "NOPASSWD" tags in the file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71947\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat users must provide a password for privilege escalation.\"\n  desc  \"Without re-authentication, users may access resources or perform tasks\nfor which they do not have authorization.\n\n    When operating systems provide the capability to escalate a functional\ncapability, it is critical the user re-authenticate.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If passwords are not being used for authentication, this is Not Applicable.\n\n    Verify the operating system requires users to supply a password for\nprivilege escalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" and \\\"/etc/sudoers.d/*\\\"\nfiles with the following command:\n\n    # grep -i nopasswd /etc/sudoers /etc/sudoers.d/*\n\n    If any uncommented line is found with a \\\"NOPASSWD\\\" tag, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to require users to supply a password for\nprivilege escalation.\n\n    Check the configuration of the \\\"/etc/sudoers\\\" file with the following\ncommand:\n    # visudo\n\n    Remove any occurrences of \\\"NOPASSWD\\\" tags in the file.\n\n    Check the configuration of the /etc/sudoers.d/* files with the following\ncommand:\n    # grep -i nopasswd /etc/sudoers.d/*\n\n    Remove any occurrences of \\\"NOPASSWD\\\" tags in the file.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000373-GPOS-00156\"\n  tag satisfies: [\"SRG-OS-000373-GPOS-00156\", \"SRG-OS-000373-GPOS-00157\",\n\"SRG-OS-000373-GPOS-00158\"]\n  tag gid: \"V-71947\"\n  tag rid: \"SV-86571r3_rule\"\n  tag stig_id: \"RHEL-07-010340\"\n  tag fix_id: \"F-78299r2_fix\"\n  tag cci: [\"CCI-002038\"]\n  tag nist: [\"IA-11\", \"Rev_4\"]\n\n  processed = []\n  to_process = ['/etc/sudoers', '/etc/sudoers.d']\n\n  while !to_process.empty?\n    in_process = to_process.pop\n    next if processed.include? in_process\n    processed.push in_process\n\n    if file(in_process).directory?\n      to_process.concat(\n        command(\"find #{in_process} -maxdepth 1 -mindepth 1\").\n          stdout.strip.split(\"\\n\").\n          select { |f| file(f).file? }\n      )\n    elsif file(in_process).file?\n      to_process.concat(\n        command(\"grep -E '#include\\\\s+' #{in_process} | sed 's/.*#include[[:space:]]*//g'\").\n          stdout.strip.split(\"\\n\").\n          map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n          select { |f| file(f).exist? }\n      )\n      to_process.concat(\n        command(\"grep -E '#includedir\\\\s+' #{in_process} | sed 's/.*#includedir[[:space:]]*//g'\").\n          stdout.strip.split(\"\\n\").\n          map { |f| f.start_with?('/') ? f : File.join(File.dirname(in_process), f) }.\n          select { |f| file(f).exist? }\n      )\n    end\n  end\n\n  sudoers = processed.select { |f| file(f).file? }\n\n  sudoers.each do |sudoer|\n    describe command(\"grep -i nopasswd #{sudoer}\") do\n      its('stdout') { should_not match %r{^[^#]*NOPASSWD} }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep -i nopasswd /etc/sudoers.d/90-cloud-init-users` stdout is expected not to match /^[^#]*NOPASSWD/ :: MESSAGE expected "ec2-user ALL=(ALL) NOPASSWD:ALL\n" not to match /^[^#]*NOPASSWD/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;^[^#]*NOPASSWD&#x2F;
-+ec2-user ALL&#x3D;(ALL) NOPASSWD:ALL
-
---------------------------------
-passed
-Command: &#x60;grep -i nopasswd &#x2F;etc&#x2F;sudoers&#x60; stdout is expected not to match &#x2F;^[^#]*NOPASSWD&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71891</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000028-GPOS-00009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86515r6_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+-/^[^#]*NOPASSWD/
++ec2-user ALL=(ALL) NOPASSWD:ALL
+
+--------------------------------
+passed :: TEST Command: `grep -i nopasswd /etc/sudoers` stdout is expected not to match /^[^#]*NOPASSWD/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71891</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000028-GPOS-00009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86515r6_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable a user
 session lock until that user re-establishes access using established
-identification and authentication procedures.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+identification and authentication procedures.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session lock is a temporary action taken when a user stops work and
 moves away from the immediate physical vicinity of the information system but
 does not want to log out because of the temporary nature of the absence.
@@ -34455,15 +32929,15 @@ determined.
 
     Regardless of where the session lock is determined and implemented, once
 invoked, the session lock must remain in place until the user reauthenticates.
-No other activity aside from reauthentication must unlock the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify the operating system enables a user&#39;s session lock until that user
+No other activity aside from reauthentication must unlock the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the operating system enables a user's session lock until that user
 re-establishes access using established identification and authentication
 procedures. The screen program must be installed to lock sessions on the
 console.
@@ -34473,176 +32947,171 @@ Applicable.
 
     Check to see if the screen lock is enabled with the following command:
 
-    # grep -i lock-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    lock-enabled&#x3D;true
+    # grep -i lock-enabled /etc/dconf/db/local.d/*
+    lock-enabled=true
 
-    If the &quot;lock-enabled&quot; setting is missing or is not set to &quot;true&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the operating system to enable a user&#39;s session lock until that
+    If the "lock-enabled" setting is missing or is not set to "true", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the operating system to enable a user's session lock until that
 user re-establishes access using established identification and authentication
 procedures.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following example:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
-    Edit the &quot;[org&#x2F;gnome&#x2F;desktop&#x2F;screensaver]&quot; section of the database file
+    Edit the "[org/gnome/desktop/screensaver]" section of the database file
 and add or update the following lines:
 
     # Set this to true to lock the screen when the screensaver activates
-    lock-enabled&#x3D;true
+    lock-enabled=true
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>bcec1b07-9611-4af6-b227-ac0ad0f00707</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000056</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71855</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86479r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71891\" do\n  title \"The Red Hat Enterprise Linux operating system must enable a user\nsession lock until that user re-establishes access using established\nidentification and authentication procedures.\"\n  desc  \"A session lock is a temporary action taken when a user stops work and\nmoves away from the immediate physical vicinity of the information system but\ndoes not want to log out because of the temporary nature of the absence.\n\n    The session lock is implemented at the point where session activity can be\ndetermined.\n\n    Regardless of where the session lock is determined and implemented, once\ninvoked, the session lock must remain in place until the user reauthenticates.\nNo other activity aside from reauthentication must unlock the system.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enables a user's session lock until that user\nre-establishes access using established identification and authentication\nprocedures. The screen program must be installed to lock sessions on the\nconsole.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable.\n\n    Check to see if the screen lock is enabled with the following command:\n\n    # grep -i lock-enabled /etc/dconf/db/local.d/*\n    lock-enabled=true\n\n    If the \\\"lock-enabled\\\" setting is missing or is not set to \\\"true\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to enable a user's session lock until that\nuser re-establishes access using established identification and authentication\nprocedures.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following example:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Edit the \\\"[org/gnome/desktop/screensaver]\\\" section of the database file\nand add or update the following lines:\n\n    # Set this to true to lock the screen when the screensaver activates\n    lock-enabled=true\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000028-GPOS-00009\"\n  tag satisfies: [\"SRG-OS-000028-GPOS-00009\", \"SRG-OS-000030-GPOS-00011\"]\n  tag gid: \"V-71891\"\n  tag rid: \"SV-86515r6_rule\"\n  tag stig_id: \"RHEL-07-010060\"\n  tag fix_id: \"F-78243r9_fix\"\n  tag cci: [\"CCI-000056\"]\n  tag nist: [\"AC-11 b\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command('gsettings get org.gnome.desktop.screensaver lock-enabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000056</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71855</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86479r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the cryptographic hash of system files and commands matches vendor values.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the cryptographic hash of system files and commands matches vendor values.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without cryptographic integrity protections, system command and files
 can be altered by unauthorized users without detection.
 
     Cryptographic mechanisms used for protecting the integrity of information
 include, for example, signed hash functions using asymmetric cryptography
 enabling distribution of the public key to verify the hash information while
-maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+maintaining the confidentiality of the key used to generate the hash.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the cryptographic hash of system files and commands match the vendor
 values.
 
     Check the cryptographic hash of system files and commands with the
 following command:
 
-    Note: System configuration files (indicated by a &quot;c&quot; in the second
+    Note: System configuration files (indicated by a "c" in the second
 column) are expected to change over time. Unusual modifications should be
 investigated through the system audit log.
 
-    # rpm -Va --noconfig | grep &#39;^..5&#39;
+    # rpm -Va --noconfig | grep '^..5'
 
     If there is any output from the command for system files or binaries, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Run the following command to determine which package owns the file:
 
     # rpm -qf &lt;filename&gt;
@@ -34654,281 +33123,269 @@ is a finding.</ATTRIBUTE_DATA>
     Alternatively, the package can be reinstalled from trusted media using the
 command:
 
-    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9a409c72-4e3e-42d8-98e7-e0c2bb572bf0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This control consistently takes a long to run and has been disabled
-    using the disable_slow_controls attribute.
-This control consistently takes a long to run and has been disabled
+    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71855\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the cryptographic hash of system files and commands matches vendor values.\"\n  desc  \"Without cryptographic integrity protections, system command and files\ncan be altered by unauthorized users without detection.\n\n    Cryptographic mechanisms used for protecting the integrity of information\ninclude, for example, signed hash functions using asymmetric cryptography\nenabling distribution of the public key to verify the hash information while\nmaintaining the confidentiality of the key used to generate the hash.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the cryptographic hash of system files and commands match the vendor\nvalues.\n\n    Check the cryptographic hash of system files and commands with the\nfollowing command:\n\n    Note: System configuration files (indicated by a \\\"c\\\" in the second\ncolumn) are expected to change over time. Unusual modifications should be\ninvestigated through the system audit log.\n\n    # rpm -Va --noconfig | grep '^..5'\n\n    If there is any output from the command for system files or binaries, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Run the following command to determine which package owns the file:\n\n    # rpm -qf &lt;filename&gt;\n\n    The package can be reinstalled from a yum repository using the command:\n\n    # sudo yum reinstall &lt;packagename&gt;\n\n    Alternatively, the package can be reinstalled from trusted media using the\ncommand:\n\n    # sudo rpm -Uvh &lt;packagename&gt;\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-71855\"\n  tag rid: \"SV-86479r4_rule\"\n  tag stig_id: \"RHEL-07-010020\"\n  tag fix_id: \"F-78207r1_fix\"\n  tag cci: [\"CCI-001749\"]\n  tag nist: [\"CM-5 (3)\", \"Rev_4\"]\n\nif input('disable_slow_controls')\n    describe \"This control consistently takes a long to run and has been disabled\n    using the disable_slow_controls attribute.\" do\n      skip \"This control consistently takes a long to run and has been disabled\n      using the disable_slow_controls attribute. You must enable this control for a\n      full accredidation for production.\"\n    end\n  else\n    # grep excludes files that are marked with 'c' attribute (config files)\n    describe command(\"rpm -Va | grep '^..5' | grep -E -v '[a-z]*c[a-z]*\\\\s+\\\\S+$' | awk 'NF&gt;1{print $NF}'\").\n      stdout.strip.split(\"\\n\") do\n        it { should all(be_in rpm_verify_integrity_except) }\n      end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This control consistently takes a long to run and has been disabled
+    using the disable_slow_controls attribute. :: SKIP_MESSAGE This control consistently takes a long to run and has been disabled
       using the disable_slow_controls attribute. You must enable this control for a
-      full accredidation for production.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86833r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-031000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+      full accredidation for production.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86833r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-031000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must send rsyslog output
-to a log aggregation server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+to a log aggregation server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Sending rsyslog output to another system ensures that the logs cannot
 be removed or modified in the event that the system is compromised or has a
-hardware failure.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify &quot;rsyslog&quot; is configured to send all messages to a log aggregation
+hardware failure.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify "rsyslog" is configured to send all messages to a log aggregation
 server.
 
-    Check the configuration of &quot;rsyslog&quot; with the following command:
+    Check the configuration of "rsyslog" with the following command:
 
     Note: If another logging package is used, substitute the utility
-configuration file for &quot;&#x2F;etc&#x2F;rsyslog.conf&quot;.
+configuration file for "/etc/rsyslog.conf".
 
-    # grep @ &#x2F;etc&#x2F;rsyslog.conf &#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf
+    # grep @ /etc/rsyslog.conf /etc/rsyslog.d/*.conf
     *.* @@logagg.site.mil
 
-    If there are no lines in the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or
-&quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; files that contain the &quot;@&quot; or &quot;@@&quot; symbol(s), and
+    If there are no lines in the "/etc/rsyslog.conf" or
+"/etc/rsyslog.d/*.conf" files that contain the "@" or "@@" symbol(s), and
 the lines with the correct symbol(s) to send output to another system do not
-cover all &quot;rsyslog&quot; output, ask the System Administrator to indicate how the
+cover all "rsyslog" output, ask the System Administrator to indicate how the
 audit logs are off-loaded to a different system or media.
 
     If the lines are commented out or there is no evidence that the audit logs
-are being sent to another system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Modify the &quot;&#x2F;etc&#x2F;rsyslog.conf&quot; or an &quot;&#x2F;etc&#x2F;rsyslog.d&#x2F;*.conf&quot; file to
-contain a configuration line to send all &quot;rsyslog&quot; output to a log
+are being sent to another system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Modify the "/etc/rsyslog.conf" or an "/etc/rsyslog.d/*.conf" file to
+contain a configuration line to send all "rsyslog" output to a log
 aggregation system:
-    *.* @@&lt;log aggregation system name&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>078df431-45f4-4e49-8c7d-40d1a10ad668</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;grep @ &#x2F;etc&#x2F;rsyslog.conf | grep -v &quot;^#&quot;&#x60; stdout.strip is expected not to be empty
-expected &#x60;&quot;&quot;.empty?&#x60; to return false, got true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71899</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86523r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    *.* @@&lt;log aggregation system name&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72209\" do\n  title \"The Red Hat Enterprise Linux operating system must send rsyslog output\nto a log aggregation server.\"\n  desc  \"Sending rsyslog output to another system ensures that the logs cannot\nbe removed or modified in the event that the system is compromised or has a\nhardware failure.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify \\\"rsyslog\\\" is configured to send all messages to a log aggregation\nserver.\n\n    Check the configuration of \\\"rsyslog\\\" with the following command:\n\n    Note: If another logging package is used, substitute the utility\nconfiguration file for \\\"/etc/rsyslog.conf\\\".\n\n    # grep @ /etc/rsyslog.conf /etc/rsyslog.d/*.conf\n    *.* @@logagg.site.mil\n\n    If there are no lines in the \\\"/etc/rsyslog.conf\\\" or\n\\\"/etc/rsyslog.d/*.conf\\\" files that contain the \\\"@\\\" or \\\"@@\\\" symbol(s), and\nthe lines with the correct symbol(s) to send output to another system do not\ncover all \\\"rsyslog\\\" output, ask the System Administrator to indicate how the\naudit logs are off-loaded to a different system or media.\n\n    If the lines are commented out or there is no evidence that the audit logs\nare being sent to another system, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Modify the \\\"/etc/rsyslog.conf\\\" or an \\\"/etc/rsyslog.d/*.conf\\\" file to\ncontain a configuration line to send all \\\"rsyslog\\\" output to a log\naggregation system:\n    *.* @@&lt;log aggregation system name&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72209\"\n  tag rid: \"SV-86833r2_rule\"\n  tag stig_id: \"RHEL-07-031000\"\n  tag fix_id: \"F-78563r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  log_pkg_path = input('log_pkg_path')\n\n  describe command(\"grep @ #{log_pkg_path} | grep -v \\\"^#\\\"\") do\n    its('stdout.strip') { should_not be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `grep @ /etc/rsyslog.conf | grep -v "^#"` stdout.strip is expected not to be empty :: MESSAGE expected `"".empty?` to return false, got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71899</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86523r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate a session
 lock for the screensaver after a period of inactivity for graphical user
-interfaces.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+interfaces.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates a session lock after a 15-minute
 period of inactivity for graphical user interfaces. The screen program must be
 installed to lock sessions on the console.
@@ -34938,161 +33395,156 @@ this requirement is Not Applicable.
 
     Check for the session lock settings with the following commands:
 
-    # grep -i idle-activation-enabled &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
+    # grep -i idle-activation-enabled /etc/dconf/db/local.d/*
 
-    idle-activation-enabled&#x3D;true
+    idle-activation-enabled=true
 
-    If &quot;idle-activation-enabled&quot; is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "idle-activation-enabled" is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate a session lock after a 15-minute
 period of inactivity for graphical user interfaces.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
     Add the setting to enable screensaver locking after 15 minutes of
 inactivity:
 
-    [org&#x2F;gnome&#x2F;desktop&#x2F;screensaver]
+    [org/gnome/desktop/screensaver]
 
-    idle-activation-enabled&#x3D;true
+    idle-activation-enabled=true
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a74fca47-26f7-49d9-b9a3-e9764e41e9af</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71901</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86525r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71899\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate a session\nlock for the screensaver after a period of inactivity for graphical user\ninterfaces.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces. The screen program must be\ninstalled to lock sessions on the console.\n\n    Note: If the system does not have a Graphical User Interface installed,\nthis requirement is Not Applicable.\n\n    Check for the session lock settings with the following commands:\n\n    # grep -i idle-activation-enabled /etc/dconf/db/local.d/*\n\n    idle-activation-enabled=true\n\n    If \\\"idle-activation-enabled\\\" is not set to \\\"true\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate a session lock after a 15-minute\nperiod of inactivity for graphical user interfaces.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Add the setting to enable screensaver locking after 15 minutes of\ninactivity:\n\n    [org/gnome/desktop/screensaver]\n\n    idle-activation-enabled=true\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71899\"\n  tag rid: \"SV-86523r5_rule\"\n  tag stig_id: \"RHEL-07-010100\"\n  tag fix_id: \"F-78251r2_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command('gsettings get org.gnome.desktop.screensaver idle-activation-enabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end \n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71901</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86525r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must initiate a session
-lock for graphical user interfaces when the screensaver is activated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+lock for graphical user interfaces when the screensaver is activated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>A session time-out lock is a temporary action taken when a user stops
 work and moves away from the immediate physical vicinity of the information
 system but does not log out because of the temporary nature of the absence.
 Rather than relying on the user to manually lock their operating system session
 prior to vacating the vicinity, operating systems need to be able to identify
-when a user&#39;s session has idled and take action to initiate the session lock.
+when a user's session has idled and take action to initiate the session lock.
 
     The session lock is implemented at the point where session activity can be
-determined and&#x2F;or controlled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+determined and/or controlled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system initiates a session lock a for graphical user
 interfaces when the screensaver is activated.
 
@@ -35103,155 +33555,150 @@ console.
     If GNOME is installed, check to see a session lock occurs when the
 screensaver is activated with the following command:
 
-    # grep -i lock-delay &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;*
-    lock-delay&#x3D;uint32 5
+    # grep -i lock-delay /etc/dconf/db/local.d/*
+    lock-delay=uint32 5
 
-    If the &quot;lock-delay&quot; setting is missing, or is not set to &quot;5&quot; or less,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "lock-delay" setting is missing, or is not set to "5" or less,
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to initiate a session lock for graphical
 user interfaces when a screensaver is activated.
 
     Create a database to contain the system-wide screensaver settings (if it
 does not already exist) with the following command:
 
-    # touch &#x2F;etc&#x2F;dconf&#x2F;db&#x2F;local.d&#x2F;00-screensaver
+    # touch /etc/dconf/db/local.d/00-screensaver
 
     Add the setting to enable session locking when a screensaver is activated:
 
-    [org&#x2F;gnome&#x2F;desktop&#x2F;screensaver]
-    lock-delay&#x3D;uint32 5
+    [org/gnome/desktop/screensaver]
+    lock-delay=uint32 5
 
-    The &quot;uint32&quot; must be included along with the integer key values as shown.
+    The "uint32" must be included along with the integer key values as shown.
 
     Update the system databases:
 
     # dconf update
 
     Users must log out and back in again before the system-wide settings take
-effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>24cdf8eb-aa4f-43c3-9ea8-c129ff16b7eb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-The system does not have GNOME installed
-The system does not have GNOME installed, this requirement is Not
-      Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72069</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86693r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-71901\" do\n  title \"The Red Hat Enterprise Linux operating system must initiate a session\nlock for graphical user interfaces when the screensaver is activated.\"\n  desc  \"A session time-out lock is a temporary action taken when a user stops\nwork and moves away from the immediate physical vicinity of the information\nsystem but does not log out because of the temporary nature of the absence.\nRather than relying on the user to manually lock their operating system session\nprior to vacating the vicinity, operating systems need to be able to identify\nwhen a user's session has idled and take action to initiate the session lock.\n\n    The session lock is implemented at the point where session activity can be\ndetermined and/or controlled.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system initiates a session lock a for graphical user\ninterfaces when the screensaver is activated.\n\n    Note: If the system does not have GNOME installed, this requirement is Not\nApplicable. The screen program must be installed to lock sessions on the\nconsole.\n\n    If GNOME is installed, check to see a session lock occurs when the\nscreensaver is activated with the following command:\n\n    # grep -i lock-delay /etc/dconf/db/local.d/*\n    lock-delay=uint32 5\n\n    If the \\\"lock-delay\\\" setting is missing, or is not set to \\\"5\\\" or less,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to initiate a session lock for graphical\nuser interfaces when a screensaver is activated.\n\n    Create a database to contain the system-wide screensaver settings (if it\ndoes not already exist) with the following command:\n\n    # touch /etc/dconf/db/local.d/00-screensaver\n\n    Add the setting to enable session locking when a screensaver is activated:\n\n    [org/gnome/desktop/screensaver]\n    lock-delay=uint32 5\n\n    The \\\"uint32\\\" must be included along with the integer key values as shown.\n\n    Update the system databases:\n\n    # dconf update\n\n    Users must log out and back in again before the system-wide settings take\neffect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71901\"\n  tag rid: \"SV-86525r3_rule\"\n  tag stig_id: \"RHEL-07-010110\"\n  tag fix_id: \"F-78253r2_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  if package('gnome-desktop3').installed?\n    describe command(\"gsettings get org.gnome.desktop.screensaver lock-delay | cut -d ' ' -f2\") do\n      its('stdout.strip') { should cmp &lt;= lock_delay }\n    end\n  else\n    impact 0.0\n    describe \"The system does not have GNOME installed\" do\n      skip \"The system does not have GNOME installed, this requirement is Not\n      Applicable.\"\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST The system does not have GNOME installed :: SKIP_MESSAGE The system does not have GNOME installed, this requirement is Not
+      Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72069</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86693r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that the file integrity tool is configured to verify Access Control Lists
-(ACLs).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(ACLs).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ACLs can provide permissions beyond those permitted through the file
-mode and must be verified by file integrity tools.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+mode and must be verified by file integrity tools.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the file integrity tool is configured to verify ACLs.
 
     Check to see if Advanced Intrusion Detection Environment (AIDE) is
@@ -35266,598 +33713,575 @@ checks are performed on the system.
 is a finding.
 
     Note: AIDE is highly configurable at install time. These commands assume
-the &quot;aide.conf&quot; file is under the &quot;&#x2F;etc&quot; directory.
+the "aide.conf" file is under the "/etc" directory.
 
     Use the following command to determine if the file is in another location:
 
-    # find &#x2F; -name aide.conf
+    # find / -name aide.conf
 
-    Check the &quot;aide.conf&quot; file to determine if the &quot;acl&quot; rule has been
+    Check the "aide.conf" file to determine if the "acl" rule has been
 added to the rule list being applied to the files and directories selection
 lists.
 
-    An example rule that includes the &quot;acl&quot; rule is below:
+    An example rule that includes the "acl" rule is below:
 
-    All&#x3D; p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
-    &#x2F;bin All # apply the custom rule to the files in bin
-    &#x2F;sbin All # apply the same custom rule to the files in sbin
+    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux
+    /bin All # apply the custom rule to the files in bin
+    /sbin All # apply the same custom rule to the files in sbin
 
-    If the &quot;acl&quot; rule is not being used on all uncommented selection lines in
-the &quot;&#x2F;etc&#x2F;aide.conf&quot; file, or ACLs are not being checked by another file
-integrity tool, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "acl" rule is not being used on all uncommented selection lines in
+the "/etc/aide.conf" file, or ACLs are not being checked by another file
+integrity tool, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the file integrity tool to check file and directory ACLs.
 
-    If AIDE is installed, ensure the &quot;acl&quot; rule is present on all uncommented
-file and directory selection lists.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>56627eee-8e63-4b6b-8477-b3a78bb96f63</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package aide is expected to be installed
---------------------------------
-passed
-List of monitored files&#x2F;directories without &#39;acl&#39; rule is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72063</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86687r6_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    If AIDE is installed, ensure the "acl" rule is present on all uncommented
+file and directory selection lists.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72069\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the file integrity tool is configured to verify Access Control Lists\n(ACLs).\"\n  desc  \"ACLs can provide permissions beyond those permitted through the file\nmode and must be verified by file integrity tools.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the file integrity tool is configured to verify ACLs.\n\n    Check to see if Advanced Intrusion Detection Environment (AIDE) is\ninstalled on the system with the following command:\n\n    # yum list installed aide\n\n    If AIDE is not installed, ask the System Administrator how file integrity\nchecks are performed on the system.\n\n    If there is no application installed to perform file integrity checks, this\nis a finding.\n\n    Note: AIDE is highly configurable at install time. These commands assume\nthe \\\"aide.conf\\\" file is under the \\\"/etc\\\" directory.\n\n    Use the following command to determine if the file is in another location:\n\n    # find / -name aide.conf\n\n    Check the \\\"aide.conf\\\" file to determine if the \\\"acl\\\" rule has been\nadded to the rule list being applied to the files and directories selection\nlists.\n\n    An example rule that includes the \\\"acl\\\" rule is below:\n\n    All= p+i+n+u+g+s+m+S+sha512+acl+xattrs+selinux\n    /bin All # apply the custom rule to the files in bin\n    /sbin All # apply the same custom rule to the files in sbin\n\n    If the \\\"acl\\\" rule is not being used on all uncommented selection lines in\nthe \\\"/etc/aide.conf\\\" file, or ACLs are not being checked by another file\nintegrity tool, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the file integrity tool to check file and directory ACLs.\n\n    If AIDE is installed, ensure the \\\"acl\\\" rule is present on all uncommented\nfile and directory selection lists.\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72069\"\n  tag rid: \"SV-86693r3_rule\"\n  tag stig_id: \"RHEL-07-021600\"\n  tag fix_id: \"F-78421r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe package(\"aide\") do\n    it { should be_installed }\n  end\n\n  findings = []\n  aide_conf.where { !selection_line.start_with? '!' }.entries.each do |selection|\n    unless selection.rules.include? 'acl'\n      findings.append(selection.selection_line)\n    end\n  end\n\n  describe \"List of monitored files/directories without 'acl' rule\" do\n    subject { findings }\n    it { should be_empty }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package aide is expected to be installed
+--------------------------------
+passed :: TEST List of monitored files/directories without 'acl' rule is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72063</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86687r6_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must use a separate file
-system for the system audit data path.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+system for the system audit data path.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The use of separate file systems for different paths can protect the
-system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+system from failures resulting from a file system becoming full or failing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Determine if the operating system is configured to have the
-&quot;&#x2F;var&#x2F;log&#x2F;audit&quot; path is on a separate file system.
+"/var/log/audit" path is on a separate file system.
 
-    # grep &#x2F;var&#x2F;log&#x2F;audit &#x2F;etc&#x2F;fstab
+    # grep /var/log/audit /etc/fstab
 
     If no result is returned, or the operating system is not configured to have
-&quot;&#x2F;var&#x2F;log&#x2F;audit&quot; on a separate file system, this is a finding.
-
-    Verify that &quot;&#x2F;var&#x2F;log&#x2F;audit&quot; is mounted on a separate file system:
-
-    # mount | grep &quot;&#x2F;var&#x2F;log&#x2F;audit&quot;
-
-    If no result is returned, or &quot;&#x2F;var&#x2F;log&#x2F;audit&quot; is not on a separate file
-system, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Migrate the system audit data path onto a separate file system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>329011ca-533a-4afe-93f8-08104db49d18</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Mount &#x2F;var&#x2F;log&#x2F;audit is expected to be mounted
-
-Mount &#x2F;var&#x2F;log&#x2F;audit is not mounted
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72031</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86655r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/var/log/audit" on a separate file system, this is a finding.
+
+    Verify that "/var/log/audit" is mounted on a separate file system:
+
+    # mount | grep "/var/log/audit"
+
+    If no result is returned, or "/var/log/audit" is not on a separate file
+system, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Migrate the system audit data path onto a separate file system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72063\" do\n  title \"The Red Hat Enterprise Linux operating system must use a separate file\nsystem for the system audit data path.\"\n  desc  \"The use of separate file systems for different paths can protect the\nsystem from failures resulting from a file system becoming full or failing.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Determine if the operating system is configured to have the\n\\\"/var/log/audit\\\" path is on a separate file system.\n\n    # grep /var/log/audit /etc/fstab\n\n    If no result is returned, or the operating system is not configured to have\n\\\"/var/log/audit\\\" on a separate file system, this is a finding.\n\n    Verify that \\\"/var/log/audit\\\" is mounted on a separate file system:\n\n    # mount | grep \\\"/var/log/audit\\\"\n\n    If no result is returned, or \\\"/var/log/audit\\\" is not on a separate file\nsystem, this is a finding.\n  \"\n  desc  \"fix\", \"Migrate the system audit data path onto a separate file system.\"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72063\"\n  tag rid: \"SV-86687r6_rule\"\n  tag stig_id: \"RHEL-07-021330\"\n  tag fix_id: \"F-78415r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe mount('/var/log/audit') do\n    it {should be_mounted}\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Mount /var/log/audit is expected to be mounted :: MESSAGE 
+Mount /var/log/audit is not mounted</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72031</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86655r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all local initialization files for local interactive users are be
-group-owned by the users primary group or root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+group-owned by the users primary group or root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Local initialization files for interactive users are used to configure
-the user&#39;s shell environment upon logon. Malicious modification of these files
-could compromise accounts upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+the user's shell environment upon logon. Malicious modification of these files
+could compromise accounts upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the local initialization files of all local interactive users are
-group-owned by that user&#39;s primary Group Identifier (GID).
+group-owned by that user's primary Group Identifier (GID).
 
     Check the home directory assignment for all non-privileged users on the
 system with the following command:
 
     Note: The example will be for the smithj user, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot; and a primary group of &quot;users&quot;.
+"/home/smithj" and a primary group of "users".
 
-    # cut -d: -f 1,4,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
-    smithj:1000:&#x2F;home&#x2F;smithj
+    # cut -d: -f 1,4,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
+    smithj:1000:/home/smithj
 
-    # grep 1000 &#x2F;etc&#x2F;group
+    # grep 1000 /etc/group
     users:x:1000:smithj,jonesj,jacksons
 
     Note: This may miss interactive users that have been assigned a privileged
 User Identifier (UID). Evidence of interactive use may be obtained from a
 number of log files containing system logon information.
 
-    Check the group owner of all local interactive user&#39;s initialization files
+    Check the group owner of all local interactive user's initialization files
 with the following command:
 
-    # ls -al &#x2F;home&#x2F;smithj&#x2F;.[^.]* | more
+    # ls -al /home/smithj/.[^.]* | more
 
     -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile
     -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login
     -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something
 
-    If all local interactive user&#39;s initialization files are not group-owned by
-that user&#39;s primary GID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Change the group owner of a local interactive user&#39;s files to the group
-found in &quot;&#x2F;etc&#x2F;passwd&quot; for the user. To change the group owner of a local
-interactive user&#39;s home directory, use the following command:
+    If all local interactive user's initialization files are not group-owned by
+that user's primary GID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Change the group owner of a local interactive user's files to the group
+found in "/etc/passwd" for the user. To change the group owner of a local
+interactive user's home directory, use the following command:
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;, and has a primary group of users.
-
-    # chgrp users &#x2F;home&#x2F;smithj&#x2F;.[^.]*</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f89367f3-a0f4-4609-9389-ac82c59fe019</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-#&lt;Set: {}&gt; length is expected to &#x3D;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71923</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86547r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj", and has a primary group of users.
+
+    # chgrp users /home/smithj/.[^.]*</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72031\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local initialization files for local interactive users are be\ngroup-owned by the users primary group or root.\"\n  desc  \"Local initialization files for interactive users are used to configure\nthe user's shell environment upon logon. Malicious modification of these files\ncould compromise accounts upon logon.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the local initialization files of all local interactive users are\ngroup-owned by that user's primary Group Identifier (GID).\n\n    Check the home directory assignment for all non-privileged users on the\nsystem with the following command:\n\n    Note: The example will be for the smithj user, who has a home directory of\n\\\"/home/smithj\\\" and a primary group of \\\"users\\\".\n\n    # cut -d: -f 1,4,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n    smithj:1000:/home/smithj\n\n    # grep 1000 /etc/group\n    users:x:1000:smithj,jonesj,jacksons\n\n    Note: This may miss interactive users that have been assigned a privileged\nUser Identifier (UID). Evidence of interactive use may be obtained from a\nnumber of log files containing system logon information.\n\n    Check the group owner of all local interactive user's initialization files\nwith the following command:\n\n    # ls -al /home/smithj/.[^.]* | more\n\n    -rwxr-xr-x 1 smithj users 896 Mar 10 2011 .profile\n    -rwxr-xr-x 1 smithj users 497 Jan 6 2007 .login\n    -rwxr-xr-x 1 smithj users 886 Jan 6 2007 .something\n\n    If all local interactive user's initialization files are not group-owned by\nthat user's primary GID, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Change the group owner of a local interactive user's files to the group\nfound in \\\"/etc/passwd\\\" for the user. To change the group owner of a local\ninteractive user's home directory, use the following command:\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\", and has a primary group of users.\n\n    # chgrp users /home/smithj/.[^.]*\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72031\"\n  tag rid: \"SV-86655r4_rule\"\n  tag stig_id: \"RHEL-07-020700\"\n  tag fix_id: \"F-78383r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  findings = Set[]\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= 1000 || uid == 0)}.entries.each do |user_info|\n    findings = findings + command(\"find #{user_info.home} -name '.*' -not -gid #{user_info.gid} -not -group root\").stdout.split(\"\\n\")\n  end\n  describe findings do\n    its('length') { should == 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST #&lt;Set: {}&gt; length is expected to == 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71923</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000073-GPOS-00041</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86547r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that user and group account administration utilities are configured to store
-only encrypted representations of passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+only encrypted representations of passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Passwords need to be protected at all times, and encryption is the
 standard method for protecting passwords. If passwords are not encrypted, they
 can be plainly read (i.e., clear text) and easily compromised. Passwords
 encrypted with a weak algorithm are no more protected than if they are kept in
-plain text.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+plain text.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the user and group account administration utilities are configured
 to store only encrypted representations of passwords. The strength of
-encryption that must be used to hash passwords for all accounts is &quot;SHA512&quot;.
+encryption that must be used to hash passwords for all accounts is "SHA512".
 
-    Check that the system is configured to create &quot;SHA512&quot; hashed passwords
+    Check that the system is configured to create "SHA512" hashed passwords
 with the following command:
 
-    # grep -i sha512 &#x2F;etc&#x2F;libuser.conf
+    # grep -i sha512 /etc/libuser.conf
 
-    crypt_style &#x3D; sha512
+    crypt_style = sha512
 
-    If the &quot;crypt_style&quot; variable is not set to &quot;sha512&quot;, is not in the
-defaults section, is commented out, or does not exist, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "crypt_style" variable is not set to "sha512", is not in the
+defaults section, is commented out, or does not exist, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to store only SHA512 encrypted
 representations of passwords.
 
-    Add or update the following line in &quot;&#x2F;etc&#x2F;libuser.conf&quot; in the [defaults]
+    Add or update the following line in "/etc/libuser.conf" in the [defaults]
 section:
 
-    crypt_style &#x3D; sha512</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f95f9c41-379a-47ee-9950-39895035a7df</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;cat &#x2F;etc&#x2F;libuser.conf | grep -i sha512&#x60; stdout.strip is expected to match &#x2F;^crypt_style &#x3D; sha512$&#x2F;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-81007</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-95719r1_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010491</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    crypt_style = sha512</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71923\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat user and group account administration utilities are configured to store\nonly encrypted representations of passwords.\"\n  desc  \"Passwords need to be protected at all times, and encryption is the\nstandard method for protecting passwords. If passwords are not encrypted, they\ncan be plainly read (i.e., clear text) and easily compromised. Passwords\nencrypted with a weak algorithm are no more protected than if they are kept in\nplain text.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the user and group account administration utilities are configured\nto store only encrypted representations of passwords. The strength of\nencryption that must be used to hash passwords for all accounts is \\\"SHA512\\\".\n\n    Check that the system is configured to create \\\"SHA512\\\" hashed passwords\nwith the following command:\n\n    # grep -i sha512 /etc/libuser.conf\n\n    crypt_style = sha512\n\n    If the \\\"crypt_style\\\" variable is not set to \\\"sha512\\\", is not in the\ndefaults section, is commented out, or does not exist, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to store only SHA512 encrypted\nrepresentations of passwords.\n\n    Add or update the following line in \\\"/etc/libuser.conf\\\" in the [defaults]\nsection:\n\n    crypt_style = sha512\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000073-GPOS-00041\"\n  tag gid: \"V-71923\"\n  tag rid: \"SV-86547r3_rule\"\n  tag stig_id: \"RHEL-07-010220\"\n  tag fix_id: \"F-78275r1_fix\"\n  tag cci: [\"CCI-000196\"]\n  tag nist: [\"IA-5 (1) (c)\", \"Rev_4\"]\n\n  describe command(\"cat /etc/libuser.conf | grep -i sha512\") do\n    its('stdout.strip') { should match %r(^crypt_style = sha512$) }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `cat /etc/libuser.conf | grep -i sha512` stdout.strip is expected to match /^crypt_style = sha512$/</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-81007</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-95719r1_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010491</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Red Hat Enterprise Linux operating systems version 7.2 or newer using
 Unified Extensible Firmware Interface (UEFI) must require authentication upon
-booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+booting into single-user and maintenance modes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system does not require valid root authentication before it
 boots into single-user or maintenance mode, anyone who invokes single-user or
 maintenance mode is granted privileged access to all files on the system. GRUB
 2 is the default boot loader for RHEL 7 and is designed to require a password
-to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+to boot into single-user mode or make modifications to the boot menu.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that use BIOS, this is Not Applicable.
 
     For systems that are running a version of RHEL prior to 7.2, this is Not
@@ -35866,22 +34290,22 @@ Applicable.
     Check to see if an encrypted root password is set. On systems that use
 UEFI, use the following command:
 
-    # grep -iw grub2_password &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;user.cfg
-    GRUB2_PASSWORD&#x3D;grub.pbkdf2.sha512.[password_hash]
+    # grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg
+    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]
 
-    If the root password does not begin with &quot;grub.pbkdf2.sha512&quot;, this is a
+    If the root password does not begin with "grub.pbkdf2.sha512", this is a
 finding.
 
-    Verify that the &quot;root&quot; account is set as the &quot;superusers&quot;:
+    Verify that the "root" account is set as the "superusers":
 
-    # grep -iw &quot;superusers&quot; &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg
-        set superusers&#x3D;&quot;root&quot;
+    # grep -iw "superusers" /boot/efi/EFI/redhat/grub.cfg
+        set superusers="root"
         export superusers
 
-    If &quot;superusers&quot; is not set to &quot;root&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "superusers" is not set to "root", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to encrypt the boot password for root.
 
     Generate an encrypted grub2 password for root with the following command:
@@ -35892,848 +34316,803 @@ finding.
     Enter password:
     Confirm password:
 
-    Edit the &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg file and add or modify the following
-lines in the &quot;### BEGIN &#x2F;etc&#x2F;grub.d&#x2F;01_users ###&quot; section:
-
-    set superusers&#x3D;&quot;root&quot;
-    export superusers</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7f9dd51d-9897-468d-9990-d68bd08d6d5d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-System running BIOS
-The System is running BIOS, this control is Not Applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72119</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86743r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following
+lines in the "### BEGIN /etc/grub.d/01_users ###" section:
+
+    set superusers="root"
+    export superusers</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "severity": "none",
+    "code": "control \"V-81007\" do\n  title \"Red Hat Enterprise Linux operating systems version 7.2 or newer using\nUnified Extensible Firmware Interface (UEFI) must require authentication upon\nbooting into single-user and maintenance modes.\"\n  desc  \"If the system does not require valid root authentication before it\nboots into single-user or maintenance mode, anyone who invokes single-user or\nmaintenance mode is granted privileged access to all files on the system. GRUB\n2 is the default boot loader for RHEL 7 and is designed to require a password\nto boot into single-user mode or make modifications to the boot menu.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    For systems that use BIOS, this is Not Applicable.\n\n    For systems that are running a version of RHEL prior to 7.2, this is Not\nApplicable.\n\n    Check to see if an encrypted root password is set. On systems that use\nUEFI, use the following command:\n\n    # grep -iw grub2_password /boot/efi/EFI/redhat/user.cfg\n    GRUB2_PASSWORD=grub.pbkdf2.sha512.[password_hash]\n\n    If the root password does not begin with \\\"grub.pbkdf2.sha512\\\", this is a\nfinding.\n\n    Verify that the \\\"root\\\" account is set as the \\\"superusers\\\":\n\n    # grep -iw \\\"superusers\\\" /boot/efi/EFI/redhat/grub.cfg\n        set superusers=\\\"root\\\"\n        export superusers\n\n    If \\\"superusers\\\" is not set to \\\"root\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to encrypt the boot password for root.\n\n    Generate an encrypted grub2 password for root with the following command:\n\n    Note: The hash generated is an example.\n\n    # grub2-setpassword\n    Enter password:\n    Confirm password:\n\n    Edit the /boot/efi/EFI/redhat/grub.cfg file and add or modify the following\nlines in the \\\"### BEGIN /etc/grub.d/01_users ###\\\" section:\n\n    set superusers=\\\"root\\\"\n    export superusers\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000080-GPOS-00048\"\n  tag gid: \"V-81007\"\n  tag rid: \"SV-95719r1_rule\"\n  tag stig_id: \"RHEL-07-010491\"\n  tag fix_id: \"F-87841r2_fix\"\n  tag cci: [\"CCI-000213\"]\n  tag nist: [\"AC-3\", \"Rev_4\"]\n\n  unless file('/sys/firmware/efi').exist?\n    impact 0.0\n    describe \"System running BIOS\" do\n      skip \"The System is running BIOS, this control is Not Applicable.\"\n    end\n  else\n    unless os[:release] &gt;= \"7.2\"\n      impact 0.0\n      describe \"System running version of RHEL prior to 7.2\" do\n        skip \"The System is running an outdated version of RHEL, this control is Not Applicable.\"\n      end\n    else\n      impact 0.7\n      input('grub_uefi_user_boot_files').each do |grub_user_file|\n        describe parse_config_file(grub_user_file) do\n          its('GRUB2_PASSWORD') { should include \"grub.pbkdf2.sha512\"}\n        end\n      end\n\n      describe parse_config_file(input('grub_uefi_main_cfg')) do\n        its('set superusers') { should cmp '\"root\"' }  \n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST System running BIOS :: SKIP_MESSAGE The System is running BIOS, this control is Not Applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72119</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000458-GPOS-00203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86743r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the fremovexattr syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the fremovexattr syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fremovexattr&quot; syscall occur.
+successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw fremovexattr &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw fremovexattr /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    -a always,exit -F arch&#x3D;b64 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
+    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;fremovexattr&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"fremovexattr" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;fremovexattr&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    -a always,exit -F arch&#x3D;b64 -S fremovexattr -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k perm_mod
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>121bbcd6-231a-46e9-90fd-5062ece6daa4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;fremovexattr&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86821r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030870</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "fremovexattr" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F
+auid!=4294967295 -k perm_mod
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72119\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe fremovexattr syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"fremovexattr\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw fremovexattr /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"fremovexattr\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"fremovexattr\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    -a always,exit -F arch=b64 -S fremovexattr -F auid&gt;=1000 -F\nauid!=4294967295 -k perm_mod\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000458-GPOS-00203\"\n  tag satisfies: [\"SRG-OS-000458-GPOS-00203\", \"SRG-OS-000392-GPOS-00172\",\n\"SRG-OS-000064-GPOS-00033\"]\n  tag gid: \"V-72119\"\n  tag rid: \"SV-86743r5_rule\"\n  tag stig_id: \"RHEL-07-030480\"\n  tag fix_id: \"F-78471r6_fix\"\n  tag cci: [\"CCI-000172\"]\n  tag nist: [\"AU-12 c\", \"Rev_4\"]\n\n  describe auditd.syscall(\"fremovexattr\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"fremovexattr\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "fremovexattr" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000004-GPOS-00004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86821r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030870</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must generate audit
 records for all account creations, modifications, disabling, and termination
-events that affect &#x2F;etc&#x2F;passwd.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+events that affect /etc/passwd.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system must generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;passwd&quot;.
+"/etc/passwd".
 
-    Check the auditing rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the auditing rules in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep &#x2F;etc&#x2F;passwd &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep /etc/passwd /etc/audit/audit.rules
 
-    -w &#x2F;etc&#x2F;passwd -p wa -k identity
+    -w /etc/passwd -p wa -k identity
 
     If the command does not return a line, or the line is commented out, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records for all account
 creations, modifications, disabling, and termination events that affect
-&quot;&#x2F;etc&#x2F;passwd&quot;.
-
-    Add or update the following rule &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -w &#x2F;etc&#x2F;passwd -p wa -k identity
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>54f67684-ad38-4ad0-8c63-3358b91ef07a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;passwd&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;etc&#x2F;passwd&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;w&quot;
---------------------------------
-passed
-[&quot;w&quot;, &quot;a&quot;] is expected to include &quot;a&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72125</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86749r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030510</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/passwd".
+
+    Add or update the following rule "/etc/audit/rules.d/audit.rules":
+
+    -w /etc/passwd -p wa -k identity
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72197\" do\n  title \"The Red Hat Enterprise Linux operating system must generate audit\nrecords for all account creations, modifications, disabling, and termination\nevents that affect /etc/passwd.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system must generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/passwd\\\".\n\n    Check the auditing rules in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep /etc/passwd /etc/audit/audit.rules\n\n    -w /etc/passwd -p wa -k identity\n\n    If the command does not return a line, or the line is commented out, this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records for all account\ncreations, modifications, disabling, and termination events that affect\n\\\"/etc/passwd\\\".\n\n    Add or update the following rule \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -w /etc/passwd -p wa -k identity\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000004-GPOS-00004\"\n  tag satisfies: [\"SRG-OS-000004-GPOS-00004\", \"SRG-OS-000239-GPOS-00089\",\n\"SRG-OS-000240-GPOS-00090\", \"SRG-OS-000241-GPOS-00091\",\n\"SRG-OS-000303-GPOS-00120\", \"SRG-OS-000476-GPOS-00221\"]\n  tag gid: \"V-72197\"\n  tag rid: \"SV-86821r5_rule\"\n  tag stig_id: \"RHEL-07-030870\"\n  tag fix_id: \"F-78551r4_fix\"\n  tag cci: [\"CCI-000018\", \"CCI-000172\", \"CCI-001403\", \"CCI-002130\"]\n  tag nist: [\"AC-2 (4)\", \"AU-12 c\", \"AC-2 (4)\", \"AC-2 (4)\", \"Rev_4\"]\n\n  audit_file = '/etc/passwd'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'w' }\n      it { should include 'a' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000018</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001403</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/etc/passwd" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/etc/passwd" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "w"
+--------------------------------
+passed :: TEST ["w", "a"] is expected to include "a"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000064-GPOS-00033</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86749r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030510</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the open syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the open syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open&quot; syscall occur.
+successful/unsuccessful attempts to use the "open" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw open &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw open /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
+    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;open&quot; syscall, this is a finding.
+    If both the "b32" and "b64" audit rules are not defined for the
+"open" syscall, this is a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EPERM&quot;, this is
+    If the output does not produce rules containing "-F exit=-EPERM", this is
 a finding.
 
-    If the output does not produce rules containing &quot;-F exit&#x3D;-EACCES&quot;, this
-is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the output does not produce rules containing "-F exit=-EACCES", this
+is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;open&quot; syscall occur.
-
-    Add or update the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b32 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EPERM -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    -a always,exit -F arch&#x3D;b64 -S open -F exit&#x3D;-EACCES -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k access
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5a5405b4-9be8-4fd8-b16a-f08cf3989481</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b32&quot; exit.uniq is expected to include &quot;-EACCES&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EPERM&quot;
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;open&quot; arch &#x3D;&#x3D; &quot;b64&quot; exit.uniq is expected to include &quot;-EACCES&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86785r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030690</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "open" syscall occur.
+
+    Add or update the following rules in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F
+auid!=4294967295 -k access
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72125\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe open syscall.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"open\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw open /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"open\\\" syscall, this is a finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EPERM\\\", this is\na finding.\n\n    If the output does not produce rules containing \\\"-F exit=-EACCES\\\", this\nis a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"open\\\" syscall occur.\n\n    Add or update the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b32 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EPERM -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    -a always,exit -F arch=b64 -S open -F exit=-EACCES -F auid&gt;=1000 -F\nauid!=4294967295 -k access\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000064-GPOS-00033\"\n  tag satisfies: [\"SRG-OS-000064-GPOS-00033\", \"SRG-OS-000458-GPOS-00203\",\n\"SRG-OS-000461-GPOS-00205\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72125\"\n  tag rid: \"SV-86749r5_rule\"\n  tag stig_id: \"RHEL-07-030510\"\n  tag fix_id: \"F-78477r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"open\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EPERM' }\n  end\n  describe auditd.syscall(\"open\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n    its('exit.uniq') { should include '-EACCES' }\n  end\n\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"open\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EPERM' }\n    end\n    describe auditd.syscall(\"open\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n      its('exit.uniq') { should include '-EACCES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "open" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b32" exit.uniq is expected to include "-EACCES"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" exit.uniq is expected to include "-EPERM"
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "open" arch == "b64" exit.uniq is expected to include "-EACCES"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-GPOS-00015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86785r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030690</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the sudo command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the sudo command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged access commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;sudo&quot; command occur.
+successful/unsuccessful attempts to use the "sudo" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;bin&#x2F;sudo &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/bin/sudo /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;sudo -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;sudo&quot; command occur.
+successful/unsuccessful attempts to use the "sudo" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;sudo -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2271cd4c-0ac7-4f64-99ce-5bf4860e7d8e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;sudo&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;sudo&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86639r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020620</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72161\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe sudo command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged access commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"sudo\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/bin/sudo /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"sudo\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/sudo -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000037-GPOS-00015\"\n  tag satisfies: [\"SRG-OS-000037-GPOS-00015\", \"SRG-OS-000042-GPOS-00020\",\n\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000462-GPOS-00206\",\n\"SRG-OS-000471-GPOS-00215\"]\n  tag gid: \"V-72161\"\n  tag rid: \"SV-86785r4_rule\"\n  tag stig_id: \"RHEL-07-030690\"\n  tag fix_id: \"F-78513r5_fix\"\n  tag cci: [\"CCI-000130\", \"CCI-000135\", \"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-3\", \"AU-3 (1)\", \"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/sudo'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/sudo" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/sudo" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86639r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020620</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all local interactive user home directories are defined in the &#x2F;etc&#x2F;passwd
-file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all local interactive user home directories are defined in the /etc/passwd
+file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If a local interactive user has a home directory defined that does not
-exist, the user may be given access to the &#x2F; directory as the current working
+exist, the user may be given access to the / directory as the current working
 directory upon logon. This could create a Denial of Service because the user
 would not be able to access their logon configuration files, and it may give
-them visibility to system files they normally would not be able to access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+them visibility to system files they normally would not be able to access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the assigned home directory of all local interactive users on the
 system exists.
 
     Check the home directory assignment for all local interactive
 non-privileged users on the system with the following command:
 
-    # cut -d: -f 1,3,6 &#x2F;etc&#x2F;passwd | egrep &quot;:[1-4][0-9]{3}&quot;
+    # cut -d: -f 1,3,6 /etc/passwd | egrep ":[1-4][0-9]{3}"
 
-    smithj:1001:&#x2F;home&#x2F;smithj
+    smithj:1001:/home/smithj
 
     Note: This may miss interactive users that have been assigned a privileged
 UID. Evidence of interactive use may be obtained from a number of log files
@@ -36742,593 +35121,570 @@ containing system logon information.
     Check that all referenced home directories exist with the following command:
 
     # pwck -r
-    user &#39;smithj&#39;: directory &#39;&#x2F;home&#x2F;smithj&#39; does not exist
+    user 'smithj': directory '/home/smithj' does not exist
 
-    If any home directories referenced in &quot;&#x2F;etc&#x2F;passwd&quot; are returned as not
-defined, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any home directories referenced in "/etc/passwd" are returned as not
+defined, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Create home directories to all local interactive users that currently do
 not have a home directory assigned. Use the following commands to create the
-user home directory assigned in &quot;&#x2F;etc&#x2F; passwd&quot;:
+user home directory assigned in "/etc/ passwd":
 
     Note: The example will be for the user smithj, who has a home directory of
-&quot;&#x2F;home&#x2F;smithj&quot;, a UID of &quot;smithj&quot;, and a Group Identifier (GID) of
-&quot;users&quot; assigned in &quot;&#x2F;etc&#x2F;passwd&quot;.
-
-    # mkdir &#x2F;home&#x2F;smithj
-    # chown smithj &#x2F;home&#x2F;smithj
-    # chgrp users &#x2F;home&#x2F;smithj
-    # chmod 0750 &#x2F;home&#x2F;smithj</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4cfc2467-64cc-4cb9-9bb3-24461e450f3b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Directory &#x2F;root is expected to exist
---------------------------------
-passed
-Directory &#x2F;home&#x2F;ec2-user is expected to exist</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72293</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86917r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040660</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/home/smithj", a UID of "smithj", and a Group Identifier (GID) of
+"users" assigned in "/etc/passwd".
+
+    # mkdir /home/smithj
+    # chown smithj /home/smithj
+    # chgrp users /home/smithj
+    # chmod 0750 /home/smithj</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72015\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all local interactive user home directories are defined in the /etc/passwd\nfile.\"\n  desc  \"If a local interactive user has a home directory defined that does not\nexist, the user may be given access to the / directory as the current working\ndirectory upon logon. This could create a Denial of Service because the user\nwould not be able to access their logon configuration files, and it may give\nthem visibility to system files they normally would not be able to access.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the assigned home directory of all local interactive users on the\nsystem exists.\n\n    Check the home directory assignment for all local interactive\nnon-privileged users on the system with the following command:\n\n    # cut -d: -f 1,3,6 /etc/passwd | egrep \\\":[1-4][0-9]{3}\\\"\n\n    smithj:1001:/home/smithj\n\n    Note: This may miss interactive users that have been assigned a privileged\nUID. Evidence of interactive use may be obtained from a number of log files\ncontaining system logon information.\n\n    Check that all referenced home directories exist with the following command:\n\n    # pwck -r\n    user 'smithj': directory '/home/smithj' does not exist\n\n    If any home directories referenced in \\\"/etc/passwd\\\" are returned as not\ndefined, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Create home directories to all local interactive users that currently do\nnot have a home directory assigned. Use the following commands to create the\nuser home directory assigned in \\\"/etc/ passwd\\\":\n\n    Note: The example will be for the user smithj, who has a home directory of\n\\\"/home/smithj\\\", a UID of \\\"smithj\\\", and a Group Identifier (GID) of\n\\\"users\\\" assigned in \\\"/etc/passwd\\\".\n\n    # mkdir /home/smithj\n    # chown smithj /home/smithj\n    # chgrp users /home/smithj\n    # chmod 0750 /home/smithj\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72015\"\n  tag rid: \"SV-86639r2_rule\"\n  tag stig_id: \"RHEL-07-020620\"\n  tag fix_id: \"F-78367r2_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  exempt_home_users = input('exempt_home_users')\n  non_interactive_shells = input('non_interactive_shells')\n\n  ignore_shells = non_interactive_shells.join('|')\n\n  uid_min = login_defs.read_params['UID_MIN'].to_i\n  uid_min = 1000 if uid_min.nil?\n\n  users.where{ !shell.match(ignore_shells) &amp;&amp; (uid &gt;= uid_min || uid == 0)}.entries.each do |user_info|\n    next if exempt_home_users.include?(\"#{user_info.username}\")\n    describe directory(user_info.home) do\n      it { should exist }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Directory /root is expected to exist
+--------------------------------
+passed :: TEST Directory /home/ec2-user is expected to exist</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72293</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86917r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040660</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not send Internet
-Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ICMP redirect messages are used by routers to inform hosts that a more
 direct route exists for a particular destination. These messages contain
-information from the system&#39;s route table, possibly revealing portions of the
-network topology.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information from the system's route table, possibly revealing portions of the
+network topology.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the system does not send IPv4 ICMP redirect messages.
 
-    # grep &#39;net.ipv4.conf.all.send_redirects&#39; &#x2F;etc&#x2F;sysctl.conf &#x2F;etc&#x2F;sysctl.d&#x2F;*
+    # grep 'net.ipv4.conf.all.send_redirects' /etc/sysctl.conf /etc/sysctl.d/*
 
-    If &quot;net.ipv4.conf.all.send_redirects&quot; is not configured in the
-&#x2F;etc&#x2F;sysctl.conf file or in the &#x2F;etc&#x2F;sysctl.d&#x2F; directory, is commented out or
-does not have a value of &quot;0&quot;, this is a finding.
+    If "net.ipv4.conf.all.send_redirects" is not configured in the
+/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or
+does not have a value of "0", this is a finding.
 
-    Check that the operating system implements the &quot;all send_redirects&quot;
+    Check that the operating system implements the "all send_redirects"
 variables with the following command:
 
-    # &#x2F;sbin&#x2F;sysctl -a | grep &#39;net.ipv4.conf.all.send_redirects&#39;
+    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.send_redirects'
 
-    net.ipv4.conf.all.send_redirects &#x3D; 0
+    net.ipv4.conf.all.send_redirects = 0
 
-    If the returned line does not have a value of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the returned line does not have a value of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the system to not allow interfaces to perform IPv4 ICMP
 redirects.
 
     Set the system to the required kernel parameter by adding the following
-line to &quot;&#x2F;etc&#x2F;sysctl.conf&quot; or a configuration file in the &#x2F;etc&#x2F;sysctl.d&#x2F;
+line to "/etc/sysctl.conf" or a configuration file in the /etc/sysctl.d/
 directory (or modify the line to have the required value):
 
-    net.ipv4.conf.all.send_redirects &#x3D; 0
+    net.ipv4.conf.all.send_redirects = 0
 
     Issue the following command to make the changes take effect:
 
-    # sysctl --system</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c17a0e1f-4e3f-4530-85e5-55841c9673cb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Kernel Parameter net.ipv4.conf.all.send_redirects value is expected to eq 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72141</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86765r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030590</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # sysctl --system</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72293\" do\n  title \"The Red Hat Enterprise Linux operating system must not send Internet\nProtocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirects.\"\n  desc  \"ICMP redirect messages are used by routers to inform hosts that a more\ndirect route exists for a particular destination. These messages contain\ninformation from the system's route table, possibly revealing portions of the\nnetwork topology.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the system does not send IPv4 ICMP redirect messages.\n\n    # grep 'net.ipv4.conf.all.send_redirects' /etc/sysctl.conf /etc/sysctl.d/*\n\n    If \\\"net.ipv4.conf.all.send_redirects\\\" is not configured in the\n/etc/sysctl.conf file or in the /etc/sysctl.d/ directory, is commented out or\ndoes not have a value of \\\"0\\\", this is a finding.\n\n    Check that the operating system implements the \\\"all send_redirects\\\"\nvariables with the following command:\n\n    # /sbin/sysctl -a | grep 'net.ipv4.conf.all.send_redirects'\n\n    net.ipv4.conf.all.send_redirects = 0\n\n    If the returned line does not have a value of \\\"0\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the system to not allow interfaces to perform IPv4 ICMP\nredirects.\n\n    Set the system to the required kernel parameter by adding the following\nline to \\\"/etc/sysctl.conf\\\" or a configuration file in the /etc/sysctl.d/\ndirectory (or modify the line to have the required value):\n\n    net.ipv4.conf.all.send_redirects = 0\n\n    Issue the following command to make the changes take effect:\n\n    # sysctl --system\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72293\"\n  tag rid: \"SV-86917r3_rule\"\n  tag stig_id: \"RHEL-07-040660\"\n  tag fix_id: \"F-78647r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe kernel_parameter('net.ipv4.conf.all.send_redirects') do\n    its('value') { should eq 0 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Kernel Parameter net.ipv4.conf.all.send_redirects value is expected to eq 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72141</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86765r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030590</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the setfiles command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the setfiles command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setfiles&quot; command occur.
+successful/unsuccessful attempts to use the "setfiles" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;setfiles &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/setfiles /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setfiles -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;setfiles&quot; command occur.
+successful/unsuccessful attempts to use the "setfiles" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;setfiles -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295
+    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295
 -k privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>778d96fd-c19b-4709-afc2-edc76ce0f434</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setfiles&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;setfiles&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72053</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86677r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72141\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe setfiles command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"setfiles\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -iw /usr/sbin/setfiles /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"setfiles\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/setfiles -F auid&gt;=1000 -F auid!=4294967295\n-k privileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72141\"\n  tag rid: \"SV-86765r5_rule\"\n  tag stig_id: \"RHEL-07-030590\"\n  tag fix_id: \"F-78493r7_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/setfiles'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/setfiles" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/setfiles" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72053</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86677r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the cron.allow file, if it exists, is owned by root.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the owner of the &quot;cron.allow&quot; file is not set to root, the
+that the cron.allow file, if it exists, is owned by root.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the owner of the "cron.allow" file is not set to root, the
 possibility exists for an unauthorized user to view or to edit sensitive
-information.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify that the &quot;cron.allow&quot; file is owned by root.
-
-    Check the owner of the &quot;cron.allow&quot; file with the following command:
-
-    # ls -al &#x2F;etc&#x2F;cron.allow
-    -rw------- 1 root root 6 Mar  5  2011 &#x2F;etc&#x2F;cron.allow
-
-    If the &quot;cron.allow&quot; file exists and has an owner other than root, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Set the owner on the &quot;&#x2F;etc&#x2F;cron.allow&quot; file to root with the following
+information.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the "cron.allow" file is owned by root.
+
+    Check the owner of the "cron.allow" file with the following command:
+
+    # ls -al /etc/cron.allow
+    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow
+
+    If the "cron.allow" file exists and has an owner other than root, this is
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Set the owner on the "/etc/cron.allow" file to root with the following
 command:
 
-    # chown root &#x2F;etc&#x2F;cron.allow</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>518267c7-eeb3-4a1b-9d62-3a90e4f3d60b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-File &#x2F;etc&#x2F;cron.allow is expected to be owned by &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71897</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86521r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010090</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # chown root /etc/cron.allow</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72053\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the cron.allow file, if it exists, is owned by root.\"\n  desc  \"If the owner of the \\\"cron.allow\\\" file is not set to root, the\npossibility exists for an unauthorized user to view or to edit sensitive\ninformation.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that the \\\"cron.allow\\\" file is owned by root.\n\n    Check the owner of the \\\"cron.allow\\\" file with the following command:\n\n    # ls -al /etc/cron.allow\n    -rw------- 1 root root 6 Mar  5  2011 /etc/cron.allow\n\n    If the \\\"cron.allow\\\" file exists and has an owner other than root, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Set the owner on the \\\"/etc/cron.allow\\\" file to root with the following\ncommand:\n\n    # chown root /etc/cron.allow\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72053\"\n  tag rid: \"SV-86677r3_rule\"\n  tag stig_id: \"RHEL-07-021110\"\n  tag fix_id: \"F-78405r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    # case where file doesn't exist\n    describe file('/etc/cron.allow') do\n      it { should_not exist }\n    end\n    # case where file exists\n    describe file('/etc/cron.allow') do\n      it { should be_owned_by 'root' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST File /etc/cron.allow is expected to be owned by "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71897</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-GPOS-00010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86521r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010090</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must have the screen
-package installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+package installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>:  A session time-out lock is a temporary action taken when a user
 stops work and moves away from the immediate physical vicinity of the
 information system but does not log out because of the temporary nature of the
 absence. Rather than relying on the user to manually lock their operating
 system session prior to vacating the vicinity, operating systems need to be
-able to identify when a user&#39;s session has idled and take action to initiate
+able to identify when a user's session has idled and take action to initiate
 the session lock.
 
     The screen and tmux packages allow for a session lock to be implemented and
-configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system has the screen package installed.
 
     Check to see if the screen package is installed with the following command:
@@ -37343,10 +35699,10 @@ installed with the following command:
     tmux-1.8-4.el7.x86_64.rpm
 
     If either the screen package or the tmux package is not installed, this is
-a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Install the screen package to allow the initiation of a session lock after
 a 15-minute period of inactivity.
 
@@ -37360,141 +35716,136 @@ command:
     Install the tmux program (if it is not on the system) with the following
 command:
 
-    #yum install tmux</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f732518e-83b1-4768-b772-81dd2c282f60</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package screen is expected to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72303</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86927r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    #yum install tmux</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71897\" do\n  title \"The Red Hat Enterprise Linux operating system must have the screen\npackage installed.\"\n  desc  \":  A session time-out lock is a temporary action taken when a user\nstops work and moves away from the immediate physical vicinity of the\ninformation system but does not log out because of the temporary nature of the\nabsence. Rather than relying on the user to manually lock their operating\nsystem session prior to vacating the vicinity, operating systems need to be\nable to identify when a user's session has idled and take action to initiate\nthe session lock.\n\n    The screen and tmux packages allow for a session lock to be implemented and\nconfigured.\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system has the screen package installed.\n\n    Check to see if the screen package is installed with the following command:\n\n    # yum list installed screen\n    screen-4.3.1-3-x86_64.rpm\n\n    If the screen package is not installed, check to see if the tmux package is\ninstalled with the following command:\n\n    #yum list installed tmux\n    tmux-1.8-4.el7.x86_64.rpm\n\n    If either the screen package or the tmux package is not installed, this is\na finding.\n  \"\n  desc  \"fix\", \"\n    Install the screen package to allow the initiation of a session lock after\na 15-minute period of inactivity.\n\n    Install the screen program (if it is not on the system) with the following\ncommand:\n\n    # yum install screen\n\n    OR\n\n    Install the tmux program (if it is not on the system) with the following\ncommand:\n\n    #yum install tmux\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000029-GPOS-00010\"\n  tag gid: \"V-71897\"\n  tag rid: \"SV-86521r3_rule\"\n  tag stig_id: \"RHEL-07-010090\"\n  tag fix_id: \"F-78249r3_fix\"\n  tag cci: [\"CCI-000057\"]\n  tag nist: [\"AC-11 a\", \"Rev_4\"]\n\n  multiplexer_packages = input('terminal_mux_pkgs')\n\n  describe.one do\n    multiplexer_packages.each do |pkg|  \n      describe package(pkg) do\n        it { should be_installed }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package screen is expected to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72303</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86927r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that remote X connections for interactive users are encrypted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that remote X connections for interactive users are encrypted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Open X displays allow an attacker to capture keystrokes and execute
-commands remotely.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+commands remotely.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify remote X connections for interactive users are encrypted.
 
     Check that remote X connections are encrypted with the following command:
 
-    # grep -i x11forwarding &#x2F;etc&#x2F;ssh&#x2F;sshd_config | grep -v &quot;^#&quot;
+    # grep -i x11forwarding /etc/ssh/sshd_config | grep -v "^#"
 
     X11Forwarding yes
 
-    If the &quot;X11Forwarding&quot; keyword is set to &quot;no&quot; or is missing, this is a
-finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the "X11Forwarding" keyword is set to "no" or is missing, this is a
+finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure SSH to encrypt connections for interactive users.
 
-    Edit the &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot; file to uncomment or add the line for the
-&quot;X11Forwarding&quot; keyword and set its value to &quot;yes&quot; (this file may be named
+    Edit the "/etc/ssh/sshd_config" file to uncomment or add the line for the
+"X11Forwarding" keyword and set its value to "yes" (this file may be named
 differently or be in a different location if using a version of SSH that is
 provided by a third-party vendor):
 
@@ -37502,118 +35853,113 @@ provided by a third-party vendor):
 
     The SSH service must be restarted for changes to take effect:
 
-    # systemctl restart sshd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>52380fdb-1400-4037-abdd-4f82a1f7fa07</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration X11Forwarding is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71979</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86603r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # systemctl restart sshd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72303\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat remote X connections for interactive users are encrypted.\"\n  desc  \"Open X displays allow an attacker to capture keystrokes and execute\ncommands remotely.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify remote X connections for interactive users are encrypted.\n\n    Check that remote X connections are encrypted with the following command:\n\n    # grep -i x11forwarding /etc/ssh/sshd_config | grep -v \\\"^#\\\"\n\n    X11Forwarding yes\n\n    If the \\\"X11Forwarding\\\" keyword is set to \\\"no\\\" or is missing, this is a\nfinding.\n  \"\n  desc  \"fix\", \"\n    Configure SSH to encrypt connections for interactive users.\n\n    Edit the \\\"/etc/ssh/sshd_config\\\" file to uncomment or add the line for the\n\\\"X11Forwarding\\\" keyword and set its value to \\\"yes\\\" (this file may be named\ndifferently or be in a different location if using a version of SSH that is\nprovided by a third-party vendor):\n\n    X11Forwarding yes\n\n    The SSH service must be restarted for changes to take effect:\n\n    # systemctl restart sshd\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72303\"\n  tag rid: \"SV-86927r4_rule\"\n  tag stig_id: \"RHEL-07-040710\"\n  tag fix_id: \"F-78657r6_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('X11Forwarding') { should cmp 'yes' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration X11Forwarding is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71979</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86603r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent the
 installation of software, patches, service packs, device drivers, or operating
 system components of local packages without verification they have been
 digitally signed using a certificate that is issued by a Certificate Authority
-(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Changes to any software components can have significant effects on the
 overall security of the operating system. This requirement ensures the software
 has not been tampered with and that it has been provided by a trusted vendor.
@@ -37628,14 +35974,14 @@ software has not been tampered with and that it has been provided by a trusted
 vendor. Self-signed certificates are disallowed by this requirement. The
 operating system should not have to verify the software again. This requirement
 does not mandate DoD certificates for this purpose; however, the certificate
-used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents the installation of patches, service
 packs, device drivers, or operating system components of local packages without
 verification that they have been digitally signed using a certificate that is
@@ -37644,131 +35990,126 @@ recognized and approved by the organization.
     Check that yum verifies the signature of local packages prior to install
 with the following command:
 
-    # grep localpkg_gpgcheck &#x2F;etc&#x2F;yum.conf
-    localpkg_gpgcheck&#x3D;1
+    # grep localpkg_gpgcheck /etc/yum.conf
+    localpkg_gpgcheck=1
 
-    If &quot;localpkg_gpgcheck&quot; is not set to &quot;1&quot;, or if options are missing or
+    If "localpkg_gpgcheck" is not set to "1", or if options are missing or
 commented out, ask the System Administrator how the signatures of local
 packages and other operating system components are verified.
 
     If there is no process to validate the signatures of local packages that is
-approved by the organization, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+approved by the organization, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify the signature of local packages
-prior to install by setting the following option in the &quot;&#x2F;etc&#x2F;yum.conf&quot; file:
-
-    localpkg_gpgcheck&#x3D;1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2751f72d-211c-4ce6-bc44-0bb2bf38434c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-INI &#x2F;etc&#x2F;yum.conf main.localpkg_gpgcheck </FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71971</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86595r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+prior to install by setting the following option in the "/etc/yum.conf" file:
+
+    localpkg_gpgcheck=1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71979\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent the\ninstallation of software, patches, service packs, device drivers, or operating\nsystem components of local packages without verification they have been\ndigitally signed using a certificate that is issued by a Certificate Authority\n(CA) that is recognized and approved by the organization.\"\n  desc  \"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components of local packages without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check that yum verifies the signature of local packages prior to install\nwith the following command:\n\n    # grep localpkg_gpgcheck /etc/yum.conf\n    localpkg_gpgcheck=1\n\n    If \\\"localpkg_gpgcheck\\\" is not set to \\\"1\\\", or if options are missing or\ncommented out, ask the System Administrator how the signatures of local\npackages and other operating system components are verified.\n\n    If there is no process to validate the signatures of local packages that is\napproved by the organization, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify the signature of local packages\nprior to install by setting the following option in the \\\"/etc/yum.conf\\\" file:\n\n    localpkg_gpgcheck=1\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000366-GPOS-00153\"\n  tag gid: \"V-71979\"\n  tag rid: \"SV-86603r2_rule\"\n  tag stig_id: \"RHEL-07-020060\"\n  tag fix_id: \"F-78331r1_fix\"\n  tag cci: [\"CCI-001749\"]\n  tag nist: [\"CM-5 (3)\", \"Rev_4\"]\n\n  yum_conf = '/etc/yum.conf'\n\n  if ((f = file(yum_conf)).exist?)\n     describe ini(yum_conf) do\n       its('main.localpkg_gpgcheck') { cmp 1 }\n     end\n   else\n     describe f do\n       it { should exist }\n     end\n   end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST INI /etc/yum.conf main.localpkg_gpgcheck </FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71971</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86595r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent
 non-privileged users from executing privileged functions to include disabling,
-circumventing, or altering implemented security safeguards&#x2F;countermeasures.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+circumventing, or altering implemented security safeguards/countermeasures.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Preventing non-privileged users from executing privileged functions
 mitigates the risk that unauthorized individuals or processes may gain
 unnecessary access to information or privileges.
@@ -37778,19 +36119,19 @@ performing system integrity checks, or administering cryptographic key
 management activities. Non-privileged users are individuals who do not possess
 appropriate authorizations. Circumventing intrusion detection and prevention
 mechanisms or malicious code protection mechanisms are examples of privileged
-functions that require protection from non-privileged users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+functions that require protection from non-privileged users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an HBSS or HIPS is active on the system, this is Not Applicable.
 
     Verify the operating system prevents non-privileged users from executing
 privileged functions to include disabling, circumventing, or altering
-implemented security safeguards&#x2F;countermeasures.
+implemented security safeguards/countermeasures.
 
     Get a list of authorized users (other than System Administrator and guest
 accounts) for the system.
@@ -37798,174 +36139,165 @@ accounts) for the system.
     Check the list against the system by using the following command:
 
     # semanage login -l | more
-    Login Name SELinux User MLS&#x2F;MCS Range Service
+    Login Name SELinux User MLS/MCS Range Service
     __default__ user_u s0-s0:c0.c1023 *
     root unconfined_u s0-s0:c0.c1023 *
     system_u system_u s0-s0:c0.c1023 *
     joe staff_u s0-s0:c0.c1023 *
 
-    All administrators must be mapped to the &quot;sysadm_u&quot; or &quot;staff_u&quot; users
+    All administrators must be mapped to the "sysadm_u" or "staff_u" users
 role.
 
-    All authorized non-administrative users must be mapped to the &quot;user_u&quot;
+    All authorized non-administrative users must be mapped to the "user_u"
 role.
 
-    If they are not mapped in this way, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If they are not mapped in this way, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to prevent non-privileged users from
 executing privileged functions to include disabling, circumventing, or altering
-implemented security safeguards&#x2F;countermeasures.
+implemented security safeguards/countermeasures.
 
-    Use the following command to map a new user to the &quot;sysdam_u&quot; role:
+    Use the following command to map a new user to the "sysdam_u" role:
 
     #semanage login -a -s sysadm_u &lt;username&gt;
 
-    Use the following command to map an existing user to the &quot;sysdam_u&quot; role:
+    Use the following command to map an existing user to the "sysdam_u" role:
 
     #semanage login -m -s sysadm_u &lt;username&gt;
 
-    Use the following command to map a new user to the &quot;staff_u&quot; role:
+    Use the following command to map a new user to the "staff_u" role:
 
     #semanage login -a -s staff_u &lt;username&gt;
 
-    Use the following command to map an existing user to the &quot;staff_u&quot; role:
+    Use the following command to map an existing user to the "staff_u" role:
 
     #semanage login -m -s staff_u &lt;username&gt;
 
-    Use the following command to map a new user to the &quot;user_u&quot; role:
+    Use the following command to map a new user to the "user_u" role:
 
     # semanage login -a -s user_u &lt;username&gt;
 
-    Use the following command to map an existing user to the &quot;user_u&quot; role:
-
-    # semanage login -m -s user_u &lt;username&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>39b1b0ed-93d9-4ded-8ec1-3fb5be593a03</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;selinuxenabled&#x60; exist? is expected to equal true
---------------------------------
-passed
-Command: &#x60;selinuxenabled&#x60; exit_status is expected to eq 0
---------------------------------
-passed
-seusers is expected not to be empty
---------------------------------
-passed
-SELinux login __default__ is expected to be in &quot;user_u&quot;
-expected &#x60;unconfined_u&#x60; to be in the list: &#x60;[&quot;user_u&quot;]&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71977</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86601r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Use the following command to map an existing user to the "user_u" role:
+
+    # semanage login -m -s user_u &lt;username&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71971\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent\nnon-privileged users from executing privileged functions to include disabling,\ncircumventing, or altering implemented security safeguards/countermeasures.\"\n  desc  \"Preventing non-privileged users from executing privileged functions\nmitigates the risk that unauthorized individuals or processes may gain\nunnecessary access to information or privileges.\n\n    Privileged functions include, for example, establishing accounts,\nperforming system integrity checks, or administering cryptographic key\nmanagement activities. Non-privileged users are individuals who do not possess\nappropriate authorizations. Circumventing intrusion detection and prevention\nmechanisms or malicious code protection mechanisms are examples of privileged\nfunctions that require protection from non-privileged users.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    If an HBSS or HIPS is active on the system, this is Not Applicable.\n\n    Verify the operating system prevents non-privileged users from executing\nprivileged functions to include disabling, circumventing, or altering\nimplemented security safeguards/countermeasures.\n\n    Get a list of authorized users (other than System Administrator and guest\naccounts) for the system.\n\n    Check the list against the system by using the following command:\n\n    # semanage login -l | more\n    Login Name SELinux User MLS/MCS Range Service\n    __default__ user_u s0-s0:c0.c1023 *\n    root unconfined_u s0-s0:c0.c1023 *\n    system_u system_u s0-s0:c0.c1023 *\n    joe staff_u s0-s0:c0.c1023 *\n\n    All administrators must be mapped to the \\\"sysadm_u\\\" or \\\"staff_u\\\" users\nrole.\n\n    All authorized non-administrative users must be mapped to the \\\"user_u\\\"\nrole.\n\n    If they are not mapped in this way, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to prevent non-privileged users from\nexecuting privileged functions to include disabling, circumventing, or altering\nimplemented security safeguards/countermeasures.\n\n    Use the following command to map a new user to the \\\"sysdam_u\\\" role:\n\n    #semanage login -a -s sysadm_u &lt;username&gt;\n\n    Use the following command to map an existing user to the \\\"sysdam_u\\\" role:\n\n    #semanage login -m -s sysadm_u &lt;username&gt;\n\n    Use the following command to map a new user to the \\\"staff_u\\\" role:\n\n    #semanage login -a -s staff_u &lt;username&gt;\n\n    Use the following command to map an existing user to the \\\"staff_u\\\" role:\n\n    #semanage login -m -s staff_u &lt;username&gt;\n\n    Use the following command to map a new user to the \\\"user_u\\\" role:\n\n    # semanage login -a -s user_u &lt;username&gt;\n\n    Use the following command to map an existing user to the \\\"user_u\\\" role:\n\n    # semanage login -m -s user_u &lt;username&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000324-GPOS-00125\"\n  tag gid: \"V-71971\"\n  tag rid: \"SV-86595r2_rule\"\n  tag stig_id: \"RHEL-07-020020\"\n  tag fix_id: \"F-78323r1_fix\"\n  tag cci: [\"CCI-002165\", \"CCI-002235\"]\n  tag nist: [\"AC-3 (4)\", \"AC-6 (10)\", \"Rev_4\"]\n\n  admin_logins = input('admin_logins')\n\n  describe command('selinuxenabled') do\n    its('exist?') { should be true }\n    its('exit_status') { should eq 0 }\n  end\n\n  # Get the currently enabled selinux mode\n  selinux_mode = file('/etc/selinux/config').content.lines.\n    grep(/\\A\\s*SELINUXTYPE=/).last.split('=').last.strip\n\n  # Get the current seusers configuration\n  #\n  # Avoid use of semanage in case it has been uninstalled\n  #\n  # Remove all comments and empty lines\n  seusers = file(\"/etc/selinux/#{selinux_mode}/seusers\").content.lines.\n    grep_v(/(#|\\A\\s+\\Z)/).map(&amp;:strip)\n\n  # Create collect the remaining results in user/context pairs\n  seusers = seusers.map{|x| x.split(':')[0..1]}\n\n  describe 'seusers' do\n    it { expect(seusers).to_not be_empty }\n  end\n\n  users_to_ignore = [\n    'root',\n    'system_u' # This is a default user mapping\n  ]\n\n  seusers.each do |user, context|\n    next if users_to_ignore.include?(user)\n\n    describe \"SELinux login #{user}\" do\n      # This is required by the STIG\n      if user == '__default__'\n        let(:valid_users){[ 'user_u' ]}\n      elsif admin_logins.include?(user)\n        let(:valid_users){[\n          'sysadm_u',\n          'staff_u'\n        ]}\n      else\n        let(:valid_users){[\n          'user_u',\n          'guest_u',\n          'xguest_u'\n        ]}\n      end\n\n      it { expect(context).to be_in(valid_users) }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `selinuxenabled` exist? is expected to equal true
+--------------------------------
+passed :: TEST Command: `selinuxenabled` exit_status is expected to eq 0
+--------------------------------
+passed :: TEST seusers is expected not to be empty
+--------------------------------
+passed :: TEST SELinux login __default__ is expected to be in "user_u" :: MESSAGE expected `unconfined_u` to be in the list: `["user_u"]`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71977</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000366-GPOS-00153</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86601r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must prevent the
 installation of software, patches, service packs, device drivers, or operating
 system components from a repository without verification they have been
 digitally signed using a certificate that is issued by a Certificate Authority
-(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(CA) that is recognized and approved by the organization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Changes to any software components can have significant effects on the
 overall security of the operating system. This requirement ensures the software
 has not been tampered with and that it has been provided by a trusted vendor.
@@ -37980,14 +36312,14 @@ software has not been tampered with and that it has been provided by a trusted
 vendor. Self-signed certificates are disallowed by this requirement. The
 operating system should not have to verify the software again. This requirement
 does not mandate DoD certificates for this purpose; however, the certificate
-used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+used to verify the software must be from an approved CA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system prevents the installation of patches, service
 packs, device drivers, or operating system components from a repository without
 verification that they have been digitally signed using a certificate that is
@@ -37996,149 +36328,144 @@ recognized and approved by the organization.
     Check that yum verifies the signature of packages from a repository prior
 to install with the following command:
 
-    # grep gpgcheck &#x2F;etc&#x2F;yum.conf
-    gpgcheck&#x3D;1
+    # grep gpgcheck /etc/yum.conf
+    gpgcheck=1
 
-    If &quot;gpgcheck&quot; is not set to &quot;1&quot;, or if options are missing or commented
+    If "gpgcheck" is not set to "1", or if options are missing or commented
 out, ask the System Administrator how the certificates for patches and other
 operating system components are verified.
 
     If there is no process to validate certificates that is approved by the
-organization, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+organization, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to verify the signature of packages from a
 repository prior to install by setting the following option in the
-&quot;&#x2F;etc&#x2F;yum.conf&quot; file:
-
-    gpgcheck&#x3D;1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fe4ae955-9cdc-406b-b07b-cdbe6bdf3bed</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-INI &#x2F;etc&#x2F;yum.conf main.gpgcheck is expected to cmp &#x3D;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72273</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86897r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040520</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/yum.conf" file:
+
+    gpgcheck=1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71977\" do\n  title \"The Red Hat Enterprise Linux operating system must prevent the\ninstallation of software, patches, service packs, device drivers, or operating\nsystem components from a repository without verification they have been\ndigitally signed using a certificate that is issued by a Certificate Authority\n(CA) that is recognized and approved by the organization.\"\n  desc  \"Changes to any software components can have significant effects on the\noverall security of the operating system. This requirement ensures the software\nhas not been tampered with and that it has been provided by a trusted vendor.\n\n    Accordingly, patches, service packs, device drivers, or operating system\ncomponents must be signed with a certificate recognized and approved by the\norganization.\n\n    Verifying the authenticity of the software prior to installation validates\nthe integrity of the patch or upgrade received from a vendor. This verifies the\nsoftware has not been tampered with and that it has been provided by a trusted\nvendor. Self-signed certificates are disallowed by this requirement. The\noperating system should not have to verify the software again. This requirement\ndoes not mandate DoD certificates for this purpose; however, the certificate\nused to verify the software must be from an approved CA.\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system prevents the installation of patches, service\npacks, device drivers, or operating system components from a repository without\nverification that they have been digitally signed using a certificate that is\nrecognized and approved by the organization.\n\n    Check that yum verifies the signature of packages from a repository prior\nto install with the following command:\n\n    # grep gpgcheck /etc/yum.conf\n    gpgcheck=1\n\n    If \\\"gpgcheck\\\" is not set to \\\"1\\\", or if options are missing or commented\nout, ask the System Administrator how the certificates for patches and other\noperating system components are verified.\n\n    If there is no process to validate certificates that is approved by the\norganization, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to verify the signature of packages from a\nrepository prior to install by setting the following option in the\n\\\"/etc/yum.conf\\\" file:\n\n    gpgcheck=1\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000366-GPOS-00153\"\n  tag gid: \"V-71977\"\n  tag rid: \"SV-86601r2_rule\"\n  tag stig_id: \"RHEL-07-020050\"\n  tag fix_id: \"F-78329r1_fix\"\n  tag cci: [\"CCI-001749\"]\n  tag nist: [\"CM-5 (3)\", \"Rev_4\"]\n\n  yum_conf = '/etc/yum.conf'\n\n  if ((f = file(yum_conf)).exist?)\n    describe ini(yum_conf) do\n      its('main.gpgcheck') { should cmp 1 }\n    end\n  else\n    describe f do\n      it { should exist }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST INI /etc/yum.conf main.gpgcheck is expected to cmp == 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72273</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86897r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040520</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must enable an
-application firewall, if available.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+application firewall, if available.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Firewalls protect computers from network attacks by blocking or
 limiting access to open network ports. Application firewalls limit which
-applications are allowed to communicate over the network.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+applications are allowed to communicate over the network.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system enabled an application firewall.
 
-    Check to see if &quot;firewalld&quot; is installed with the following command:
+    Check to see if "firewalld" is installed with the following command:
 
     # yum list installed firewalld
     firewalld-0.3.9-11.el7.noarch.rpm
 
-    If the &quot;firewalld&quot; package is not installed, ask the System Administrator
+    If the "firewalld" package is not installed, ask the System Administrator
 if another firewall application (such as iptables) is installed.
 
     If an application firewall is not installed, this is a finding.
@@ -38149,10 +36476,10 @@ command:
     # systemctl status firewalld
     firewalld.service - firewalld - dynamic firewall daemon
 
-       Loaded: loaded (&#x2F;usr&#x2F;lib&#x2F;systemd&#x2F;system&#x2F;firewalld.service; enabled)
+       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
        Active: active (running) since Tue 2014-06-17 11:14:49 CEST; 5 days ago
 
-    If &quot;firewalld&quot; does not show a status of &quot;loaded&quot; and &quot;active&quot;, this
+    If "firewalld" does not show a status of "loaded" and "active", this
 is a finding.
 
     Check the state of the firewall:
@@ -38160,146 +36487,139 @@ is a finding.
     # firewall-cmd --state
     running
 
-    If &quot;firewalld&quot; does not show a state of &quot;running&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure the operating system&#39;s application firewall is enabled.
+    If "firewalld" does not show a state of "running", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure the operating system's application firewall is enabled.
 
-    Install the &quot;firewalld&quot; package, if it is not on the system, with the
+    Install the "firewalld" package, if it is not on the system, with the
 following command:
 
     # yum install firewalld
 
-    Start the firewall via &quot;systemctl&quot; with the following command:
-
-    # systemctl start firewalld</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>dc05e874-b3ba-4b8a-9b18-cf0ecfa203a1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package firewalld is expected to be installed
---------------------------------
-passed
-System Package iptables is expected to be installed
---------------------------------
-passed
-Service firewalld.service is expected to be running</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72299</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86923r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040690</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    Start the firewall via "systemctl" with the following command:
+
+    # systemctl start firewalld</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72273\" do\n  title \"The Red Hat Enterprise Linux operating system must enable an\napplication firewall, if available.\"\n  desc  \"Firewalls protect computers from network attacks by blocking or\nlimiting access to open network ports. Application firewalls limit which\napplications are allowed to communicate over the network.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system enabled an application firewall.\n\n    Check to see if \\\"firewalld\\\" is installed with the following command:\n\n    # yum list installed firewalld\n    firewalld-0.3.9-11.el7.noarch.rpm\n\n    If the \\\"firewalld\\\" package is not installed, ask the System Administrator\nif another firewall application (such as iptables) is installed.\n\n    If an application firewall is not installed, this is a finding.\n\n    Check to see if the firewall is loaded and active with the following\ncommand:\n\n    # systemctl status firewalld\n    firewalld.service - firewalld - dynamic firewall daemon\n\n       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)\n       Active: active (running) since Tue 2014-06-17 11:14:49 CEST; 5 days ago\n\n    If \\\"firewalld\\\" does not show a status of \\\"loaded\\\" and \\\"active\\\", this\nis a finding.\n\n    Check the state of the firewall:\n\n    # firewall-cmd --state\n    running\n\n    If \\\"firewalld\\\" does not show a state of \\\"running\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Ensure the operating system's application firewall is enabled.\n\n    Install the \\\"firewalld\\\" package, if it is not on the system, with the\nfollowing command:\n\n    # yum install firewalld\n\n    Start the firewall via \\\"systemctl\\\" with the following command:\n\n    # systemctl start firewalld\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag satisfies: [\"SRG-OS-000480-GPOS-00227\", \"SRG-OS-000480-GPOS-00231\",\n\"SRG-OS-000480-GPOS-00232\"]\n  tag gid: \"V-72273\"\n  tag rid: \"SV-86897r2_rule\"\n  tag stig_id: \"RHEL-07-040520\"\n  tag fix_id: \"F-78627r1_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe package('firewalld') do\n      it { should be_installed }\n    end\n    describe package('iptables') do\n      it { should be_installed }\n    end\n  end\n  describe.one do\n    describe systemd_service('firewalld.service') do\n      it { should be_running }\n    end\n\tdescribe systemd_service('iptables.service') do\n      it { should be_running }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package firewalld is expected to be installed
+--------------------------------
+passed :: TEST System Package iptables is expected to be installed
+--------------------------------
+passed :: TEST Service firewalld.service is expected to be running</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72299</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86923r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040690</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must not have a File
-Transfer Protocol (FTP) server package installed unless needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Transfer Protocol (FTP) server package installed unless needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The FTP service provides an unencrypted remote access that does not
 provide for the confidentiality and integrity of user passwords or the remote
 session. If a privileged user were to log on using this service, the privileged
 user password could be compromised. SSH or other encrypted file transfer
-methods must be used in place of this service.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+methods must be used in place of this service.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify an FTP server has not been installed on the system.
 
     Check to see if an FTP server has been installed with the following
@@ -38309,338 +36629,326 @@ commands:
 
      vsftpd-3.0.2.el7.x86_64.rpm
 
-    If &quot;vsftpd&quot; is installed and is not documented with the Information
-System Security Officer (ISSO) as an operational requirement, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Document the &quot;vsftpd&quot; package with the ISSO as an operational requirement
+    If "vsftpd" is installed and is not documented with the Information
+System Security Officer (ISSO) as an operational requirement, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Document the "vsftpd" package with the ISSO as an operational requirement
 or remove it from the system with the following command:
 
-    # yum remove vsftpd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6d30b3cc-0e2e-4470-ac19-6426d806dc15</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package vsftpd is expected not to be installed</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72177</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86801r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030770</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    # yum remove vsftpd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72299\" do\n  title \"The Red Hat Enterprise Linux operating system must not have a File\nTransfer Protocol (FTP) server package installed unless needed.\"\n  desc  \"The FTP service provides an unencrypted remote access that does not\nprovide for the confidentiality and integrity of user passwords or the remote\nsession. If a privileged user were to log on using this service, the privileged\nuser password could be compromised. SSH or other encrypted file transfer\nmethods must be used in place of this service.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify an FTP server has not been installed on the system.\n\n    Check to see if an FTP server has been installed with the following\ncommands:\n\n    # yum list installed vsftpd\n\n     vsftpd-3.0.2.el7.x86_64.rpm\n\n    If \\\"vsftpd\\\" is installed and is not documented with the Information\nSystem Security Officer (ISSO) as an operational requirement, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Document the \\\"vsftpd\\\" package with the ISSO as an operational requirement\nor remove it from the system with the following command:\n\n    # yum remove vsftpd\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72299\"\n  tag rid: \"SV-86923r3_rule\"\n  tag stig_id: \"RHEL-07-040690\"\n  tag fix_id: \"F-78653r3_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe.one do\n    describe package('vsftpd') do\n      it { should_not be_installed }\n    end\n    describe parse_config_file('/etc/vsftpd/vsftpd.conf') do\n      its('ssl_enable') { should cmp 'YES' }\n      its('force_anon_data_ssl') { should cmp 'YES' }\n      its('force_anon_logins_ssl') { should cmp 'YES' }\n      its('force_local_data_ssl') { should cmp 'YES' }\n      its('force_local_logins_ssl') { should cmp 'YES' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package vsftpd is expected not to be installed</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72177</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000042-GPOS-00020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86801r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030770</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the postqueue command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the postqueue command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Reconstruction of harmful events or forensic analysis is not possible
 if audit records do not contain enough information.
 
     At a minimum, the organization must audit the full-text recording of
 privileged postfix commands. The organization must maintain audit trails in
 sufficient detail to reconstruct events to determine the cause and impact of
-compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postqueue&quot; command occur.
+successful/unsuccessful attempts to use the "postqueue" command occur.
 
     Check that the following system call is being audited by performing the
-following command to check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot;:
+following command to check the file system rules in "/etc/audit/audit.rules":
 
-    # grep -iw &#x2F;usr&#x2F;sbin&#x2F;postqueue &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw /usr/sbin/postqueue /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postqueue -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-postfix
+    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-postfix
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;postqueue&quot; command occur.
-
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
-
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;sbin&#x2F;postqueue -F auid&gt;&#x3D;1000 -F
-auid!&#x3D;4294967295 -k privileged-postfix
-
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6abca034-2878-4688-9352-7eac20df9238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postqueue&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;sbin&#x2F;postqueue&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72067</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86691r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-021350</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+successful/unsuccessful attempts to use the "postqueue" command occur.
+
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
+
+    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F
+auid!=4294967295 -k privileged-postfix
+
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72177\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe postqueue command.\"\n  desc  \"Reconstruction of harmful events or forensic analysis is not possible\nif audit records do not contain enough information.\n\n    At a minimum, the organization must audit the full-text recording of\nprivileged postfix commands. The organization must maintain audit trails in\nsufficient detail to reconstruct events to determine the cause and impact of\ncompromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"postqueue\\\" command occur.\n\n    Check that the following system call is being audited by performing the\nfollowing command to check the file system rules in \\\"/etc/audit/audit.rules\\\":\n\n    # grep -iw /usr/sbin/postqueue /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-postfix\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"postqueue\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/sbin/postqueue -F auid&gt;=1000 -F\nauid!=4294967295 -k privileged-postfix\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000042-GPOS-00020\"\n  tag satisfies: [\"SRG-OS-000042-GPOS-00020\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72177\"\n  tag rid: \"SV-86801r3_rule\"\n  tag stig_id: \"RHEL-07-030770\"\n  tag fix_id: \"F-78531r5_fix\"\n  tag cci: [\"CCI-000135\", \"CCI-002884\"]\n  tag nist: [\"AU-3 (1)\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/sbin/postqueue'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000135</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/sbin/postqueue" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/sbin/postqueue" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72067</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000033-GPOS-00014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86691r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-021350</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must implement NIST
 FIPS-validated cryptography for the following: to provision digital signatures,
 to generate cryptographic hashes, and to protect data requiring data-at-rest
 protections in accordance with applicable federal laws, Executive Orders,
-directives, policies, regulations, and standards.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+directives, policies, regulations, and standards.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Use of weak or untested encryption algorithms undermines the purposes
 of using encryption to protect data. The operating system must implement
 cryptographic modules adhering to the higher standards approved by the federal
-government since this provides assurance they have been tested and validated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+government since this provides assurance they have been tested and validated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system implements DoD-approved encryption to protect
 the confidentiality of remote access sessions.
 
-    Check to see if the &quot;dracut-fips&quot; package is installed with the following
+    Check to see if the "dracut-fips" package is installed with the following
 command:
 
     # yum list installed dracut-fips
 
     dracut-fips-033-360.el7_2.x86_64.rpm
 
-    If a &quot;dracut-fips&quot; package is installed, check to see if the kernel
+    If a "dracut-fips" package is installed, check to see if the kernel
 command line is configured to use FIPS mode with the following command:
 
-    Note: GRUB 2 reads its configuration from the &quot;&#x2F;boot&#x2F;grub2&#x2F;grub.cfg&quot; file
+    Note: GRUB 2 reads its configuration from the "/boot/grub2/grub.cfg" file
 on traditional BIOS-based machines and from the
-&quot;&#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg&quot; file on UEFI machines.
+"/boot/efi/EFI/redhat/grub.cfg" file on UEFI machines.
 
-    # grep fips &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
-    &#x2F;vmlinuz-3.8.0-0.40.el7.x86_64 root&#x3D;&#x2F;dev&#x2F;mapper&#x2F;rhel-root ro rd.md&#x3D;0
-rd.dm&#x3D;0 rd.lvm.lv&#x3D;rhel&#x2F;swap crashkernel&#x3D;auto rd.luks&#x3D;0 vconsole.keymap&#x3D;us
-rd.lvm.lv&#x3D;rhel&#x2F;root rhgb fips&#x3D;1 quiet
+    # grep fips /boot/grub2/grub.cfg
+    /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0
+rd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us
+rd.lvm.lv=rhel/root rhgb fips=1 quiet
 
     If the kernel command line is configured to use FIPS mode, check to see if
 the system is in FIPS mode with the following command:
 
-    # cat &#x2F;proc&#x2F;sys&#x2F;crypto&#x2F;fips_enabled
+    # cat /proc/sys/crypto/fips_enabled
     1
 
-    If a &quot;dracut-fips&quot; package is not installed, the kernel command line does
-not have a fips entry, or the system has a value of &quot;0&quot; for &quot;fips_enabled&quot;
-in &quot;&#x2F;proc&#x2F;sys&#x2F;crypto&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If a "dracut-fips" package is not installed, the kernel command line does
+not have a fips entry, or the system has a value of "0" for "fips_enabled"
+in "/proc/sys/crypto", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to implement DoD-approved encryption by
 installing the dracut-fips package.
 
-    To enable strict FIPS compliance, the fips&#x3D;1 kernel option needs to be
+    To enable strict FIPS compliance, the fips=1 kernel option needs to be
 added to the kernel command line during system installation so key generation
 is done with FIPS-approved algorithms and continuous monitoring tests in place.
 
     Configure the operating system to implement DoD-approved encryption by
 following the steps below:
 
-    The fips&#x3D;1 kernel option needs to be added to the kernel command line
+    The fips=1 kernel option needs to be added to the kernel command line
 during system installation so that key generation is done with FIPS-approved
 algorithms and continuous monitoring tests in place. Users should also ensure
 that the system has plenty of entropy during the installation process by moving
@@ -38652,644 +36960,614 @@ keystrokes may generate a non-unique key.
 
     # yum install dracut-fips
 
-    Recreate the &quot;initramfs&quot; file with the following command:
+    Recreate the "initramfs" file with the following command:
 
-    Note: This command will overwrite the existing &quot;initramfs&quot; file.
+    Note: This command will overwrite the existing "initramfs" file.
 
     # dracut -f
 
-    Modify the kernel command line of the current kernel in the &quot;grub.cfg&quot;
+    Modify the kernel command line of the current kernel in the "grub.cfg"
 file by adding the following option to the GRUB_CMDLINE_LINUX key in the
-&quot;&#x2F;etc&#x2F;default&#x2F;grub&quot; file and then rebuild the &quot;grub.cfg&quot; file:
+"/etc/default/grub" file and then rebuild the "grub.cfg" file:
 
-    fips&#x3D;1
+    fips=1
 
-    Changes to &quot;&#x2F;etc&#x2F;default&#x2F;grub&quot; require rebuilding the &quot;grub.cfg&quot; file
+    Changes to "/etc/default/grub" require rebuilding the "grub.cfg" file
 as follows:
 
     On BIOS-based machines, use the following command:
 
-    # grub2-mkconfig -o &#x2F;boot&#x2F;grub2&#x2F;grub.cfg
+    # grub2-mkconfig -o /boot/grub2/grub.cfg
 
     On UEFI-based machines, use the following command:
 
-    # grub2-mkconfig -o &#x2F;boot&#x2F;efi&#x2F;EFI&#x2F;redhat&#x2F;grub.cfg
+    # grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
 
-    If &#x2F;boot or &#x2F;boot&#x2F;efi reside on separate partitions, the kernel parameter
-boot&#x3D;&lt;partition of &#x2F;boot or &#x2F;boot&#x2F;efi&gt; must be added to the kernel command
-line. You can identify a partition by running the df &#x2F;boot or df &#x2F;boot&#x2F;efi
+    If /boot or /boot/efi reside on separate partitions, the kernel parameter
+boot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command
+line. You can identify a partition by running the df /boot or df /boot/efi
 command:
 
-    # df &#x2F;boot
+    # df /boot
     Filesystem 1K-blocks Used Available Use% Mounted on
-    &#x2F;dev&#x2F;sda1 495844 53780 416464 12% &#x2F;boot
+    /dev/sda1 495844 53780 416464 12% /boot
 
-    To ensure the &quot;boot&#x3D;&quot; configuration option will work even if device
+    To ensure the "boot=" configuration option will work even if device
 naming changes occur between boots, identify the universally unique identifier
 (UUID) of the partition with the following command:
 
-    # blkid &#x2F;dev&#x2F;sda1
-    &#x2F;dev&#x2F;sda1: UUID&#x3D;&quot;05c000f1-a213-759e-c7a2-f11b7424c797&quot; TYPE&#x3D;&quot;ext4&quot;
+    # blkid /dev/sda1
+    /dev/sda1: UUID="05c000f1-a213-759e-c7a2-f11b7424c797" TYPE="ext4"
 
     For the example above, append the following string to the kernel command
 line:
 
-    boot&#x3D;UUID&#x3D;05c000f1-a213-759e-c7a2-f11b7424c797
-
-    Reboot the system for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>eca1cb5f-6a4e-4220-9c29-956d9225507d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002476</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-System Package dracut-fips is expected to be installed
---------------------------------
-passed
-ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto  is expected to match &#x2F;\bfips&#x3D;1\b&#x2F;
-expected &quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot; to match &#x2F;\bfips&#x3D;1\b&#x2F;
+    boot=UUID=05c000f1-a213-759e-c7a2-f11b7424c797
+
+    Reboot the system for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72067\" do\n  title \"The Red Hat Enterprise Linux operating system must implement NIST\nFIPS-validated cryptography for the following: to provision digital signatures,\nto generate cryptographic hashes, and to protect data requiring data-at-rest\nprotections in accordance with applicable federal laws, Executive Orders,\ndirectives, policies, regulations, and standards.\"\n  desc  \"Use of weak or untested encryption algorithms undermines the purposes\nof using encryption to protect data. The operating system must implement\ncryptographic modules adhering to the higher standards approved by the federal\ngovernment since this provides assurance they have been tested and validated.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system implements DoD-approved encryption to protect\nthe confidentiality of remote access sessions.\n\n    Check to see if the \\\"dracut-fips\\\" package is installed with the following\ncommand:\n\n    # yum list installed dracut-fips\n\n    dracut-fips-033-360.el7_2.x86_64.rpm\n\n    If a \\\"dracut-fips\\\" package is installed, check to see if the kernel\ncommand line is configured to use FIPS mode with the following command:\n\n    Note: GRUB 2 reads its configuration from the \\\"/boot/grub2/grub.cfg\\\" file\non traditional BIOS-based machines and from the\n\\\"/boot/efi/EFI/redhat/grub.cfg\\\" file on UEFI machines.\n\n    # grep fips /boot/grub2/grub.cfg\n    /vmlinuz-3.8.0-0.40.el7.x86_64 root=/dev/mapper/rhel-root ro rd.md=0\nrd.dm=0 rd.lvm.lv=rhel/swap crashkernel=auto rd.luks=0 vconsole.keymap=us\nrd.lvm.lv=rhel/root rhgb fips=1 quiet\n\n    If the kernel command line is configured to use FIPS mode, check to see if\nthe system is in FIPS mode with the following command:\n\n    # cat /proc/sys/crypto/fips_enabled\n    1\n\n    If a \\\"dracut-fips\\\" package is not installed, the kernel command line does\nnot have a fips entry, or the system has a value of \\\"0\\\" for \\\"fips_enabled\\\"\nin \\\"/proc/sys/crypto\\\", this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to implement DoD-approved encryption by\ninstalling the dracut-fips package.\n\n    To enable strict FIPS compliance, the fips=1 kernel option needs to be\nadded to the kernel command line during system installation so key generation\nis done with FIPS-approved algorithms and continuous monitoring tests in place.\n\n    Configure the operating system to implement DoD-approved encryption by\nfollowing the steps below:\n\n    The fips=1 kernel option needs to be added to the kernel command line\nduring system installation so that key generation is done with FIPS-approved\nalgorithms and continuous monitoring tests in place. Users should also ensure\nthat the system has plenty of entropy during the installation process by moving\nthe mouse around, or if no mouse is available, ensuring that many keystrokes\nare typed. The recommended amount of keystrokes is 256 and more. Less than 256\nkeystrokes may generate a non-unique key.\n\n    Install the dracut-fips package with the following command:\n\n    # yum install dracut-fips\n\n    Recreate the \\\"initramfs\\\" file with the following command:\n\n    Note: This command will overwrite the existing \\\"initramfs\\\" file.\n\n    # dracut -f\n\n    Modify the kernel command line of the current kernel in the \\\"grub.cfg\\\"\nfile by adding the following option to the GRUB_CMDLINE_LINUX key in the\n\\\"/etc/default/grub\\\" file and then rebuild the \\\"grub.cfg\\\" file:\n\n    fips=1\n\n    Changes to \\\"/etc/default/grub\\\" require rebuilding the \\\"grub.cfg\\\" file\nas follows:\n\n    On BIOS-based machines, use the following command:\n\n    # grub2-mkconfig -o /boot/grub2/grub.cfg\n\n    On UEFI-based machines, use the following command:\n\n    # grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg\n\n    If /boot or /boot/efi reside on separate partitions, the kernel parameter\nboot=&lt;partition of /boot or /boot/efi&gt; must be added to the kernel command\nline. You can identify a partition by running the df /boot or df /boot/efi\ncommand:\n\n    # df /boot\n    Filesystem 1K-blocks Used Available Use% Mounted on\n    /dev/sda1 495844 53780 416464 12% /boot\n\n    To ensure the \\\"boot=\\\" configuration option will work even if device\nnaming changes occur between boots, identify the universally unique identifier\n(UUID) of the partition with the following command:\n\n    # blkid /dev/sda1\n    /dev/sda1: UUID=\\\"05c000f1-a213-759e-c7a2-f11b7424c797\\\" TYPE=\\\"ext4\\\"\n\n    For the example above, append the following string to the kernel command\nline:\n\n    boot=UUID=05c000f1-a213-759e-c7a2-f11b7424c797\n\n    Reboot the system for the changes to take effect.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000033-GPOS-00014\"\n  tag satisfies: [\"SRG-OS-000033-GPOS-00014\", \"SRG-OS-000185-GPOS-00079\",\n\"SRG-OS-000396-GPOS-00176\", \"SRG-OS-000405-GPOS-00184\",\n\"SRG-OS-000478-GPOS-00223\"]\n  tag gid: \"V-72067\"\n  tag rid: \"SV-86691r4_rule\"\n  tag stig_id: \"RHEL-07-021350\"\n  tag fix_id: \"F-78419r3_fix\"\n  tag cci: [\"CCI-000068\", \"CCI-001199\", \"CCI-002450\", \"CCI-002476\"]\n  tag nist: [\"AC-17 (2)\", \"SC-28\", \"SC-13\", \"SC-28 (1)\", \"Rev_4\"]\n\n  describe package('dracut-fips') do\n    it { should be_installed }\n  end\n\n  all_args = command('grubby --info=ALL | grep \"^args=\" | sed \"s/^args=//g\"').\n    stdout.strip.split(\"\\n\").\n    map { |s| s.sub(%r{^\"(.*)\"$}, '\\1') } # strip outer quotes if they exist\n\n  all_args.each { |args|\n    describe args do\n      it { should match %r{\\bfips=1\\b} }\n    end\n  }\n\n  describe file('/proc/sys/crypto/fips_enabled') do\n    its('content.strip') { should cmp 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002476</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST System Package dracut-fips is expected to be installed
+--------------------------------
+passed :: TEST ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto  is expected to match /\bfips=1\b/ :: MESSAGE expected "ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto " to match /\bfips=1\b/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;\bfips&#x3D;1\b&#x2F;
-+&quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot;
+-/\bfips=1\b/
++"ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto "
 
 --------------------------------
-passed
-ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto  is expected to match &#x2F;\bfips&#x3D;1\b&#x2F;
-expected &quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot; to match &#x2F;\bfips&#x3D;1\b&#x2F;
+passed :: TEST ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto  is expected to match /\bfips=1\b/ :: MESSAGE expected "ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto " to match /\bfips=1\b/
 Diff:
 @@ -1,2 +1,2 @@
--&#x2F;\bfips&#x3D;1\b&#x2F;
-+&quot;ro console&#x3D;ttyS0,115200n8 console&#x3D;tty0 net.ifnames&#x3D;0 rd.blacklist&#x3D;nouveau nvme_core.io_timeout&#x3D;4294967295 crashkernel&#x3D;auto &quot;
+-/\bfips=1\b/
++"ro console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295 crashkernel=auto "
 
 --------------------------------
-passed
-File &#x2F;proc&#x2F;sys&#x2F;crypto&#x2F;fips_enabled content.strip is expected to cmp &#x3D;&#x3D; 1
-
+passed :: TEST File /proc/sys/crypto/fips_enabled content.strip is expected to cmp == 1 :: MESSAGE 
 expected: 1
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72139</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86763r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030580</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72139</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000392-GPOS-00172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86763r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030580</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the chcon command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the chcon command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without generating audit records that are specific to the security and
 mission needs of the organization, it would be difficult to establish,
 correlate, and investigate the events relating to an incident or identify those
 responsible for one.
 
     Audit records can be generated from various components within the
-information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+information system (e.g., module or policy filter).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chcon&quot; command occur.
+successful/unsuccessful attempts to use the "chcon" command occur.
 
-    Check the file system rule in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the following
+    Check the file system rule in "/etc/audit/audit.rules" with the following
 command:
 
-    # grep -i &#x2F;usr&#x2F;bin&#x2F;chcon &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -i /usr/bin/chcon /etc/audit/audit.rules
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chcon -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the command does not return any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;chcon&quot; command occur.
+successful/unsuccessful attempts to use the "chcon" command occur.
 
-    Add or update the following rule in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add or update the following rule in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F path&#x3D;&#x2F;usr&#x2F;bin&#x2F;chcon -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k
 privileged-priv_change
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>04f3be5f-0df3-4cd2-a2a0-f1cf79146a14</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chcon&quot; permissions is expected not to cmp &#x3D;&#x3D; []
---------------------------------
-passed
-Auditd Rules with file &#x3D;&#x3D; &quot;&#x2F;usr&#x2F;bin&#x2F;chcon&quot; action is expected not to include &quot;never&quot;
---------------------------------
-passed
-[&quot;x&quot;] is expected to include &quot;x&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72275</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86899r4_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-040530</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72139\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe chcon command.\"\n  desc  \"Without generating audit records that are specific to the security and\nmission needs of the organization, it would be difficult to establish,\ncorrelate, and investigate the events relating to an incident or identify those\nresponsible for one.\n\n    Audit records can be generated from various components within the\ninformation system (e.g., module or policy filter).\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"chcon\\\" command occur.\n\n    Check the file system rule in \\\"/etc/audit/audit.rules\\\" with the following\ncommand:\n\n    # grep -i /usr/bin/chcon /etc/audit/audit.rules\n\n    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    If the command does not return any output, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"chcon\\\" command occur.\n\n    Add or update the following rule in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F path=/usr/bin/chcon -F auid&gt;=1000 -F auid!=4294967295 -k\nprivileged-priv_change\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000392-GPOS-00172\"\n  tag satisfies: [\"SRG-OS-000392-GPOS-00172\", \"SRG-OS-000463-GPOS-00207\",\n\"SRG-OS-000465-GPOS-00209\"]\n  tag gid: \"V-72139\"\n  tag rid: \"SV-86763r4_rule\"\n  tag stig_id: \"RHEL-07-030580\"\n  tag fix_id: \"F-78491r6_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  audit_file = '/usr/bin/chcon'\n\n  if file(audit_file).exist?\n    impact 0.5\n  else\n    impact 0.0\n  end\n\n  describe auditd.file(audit_file) do\n    its('permissions') { should_not cmp [] }\n    its('action') { should_not include 'never' }\n  end if file(audit_file).exist?\n\n  # Resource creates data structure including all usages of file\n  perms = auditd.file(audit_file).permissions\n\n  perms.each do |perm|\n    describe perm do\n      it { should include 'x' }\n    end\n  end if file(audit_file).exist?\n\n  describe \"The #{audit_file} file does not exist\" do\n    skip \"The #{audit_file} file does not exist, this requirement is Not Applicable.\"\n  end if !file(audit_file).exist?\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with file == "/usr/bin/chcon" permissions is expected not to cmp == []
+--------------------------------
+passed :: TEST Auditd Rules with file == "/usr/bin/chcon" action is expected not to include "never"
+--------------------------------
+passed :: TEST ["x"] is expected to include "x"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72275</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86899r4_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-040530</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must display the date
-and time of the last successful account logon upon logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+and time of the last successful account logon upon logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Providing users with feedback on when account accesses last occurred
-facilitates user recognition and reporting of unauthorized account use.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+facilitates user recognition and reporting of unauthorized account use.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify users are provided with feedback on when account accesses last
 occurred.
 
-    Check that &quot;pam_lastlog&quot; is used and not silent with the following
+    Check that "pam_lastlog" is used and not silent with the following
 command:
 
-    # grep pam_lastlog &#x2F;etc&#x2F;pam.d&#x2F;postlogin
+    # grep pam_lastlog /etc/pam.d/postlogin
     session required pam_lastlog.so showfailed
 
-    If &quot;pam_lastlog&quot; is missing from &quot;&#x2F;etc&#x2F;pam.d&#x2F;postlogin&quot; file, or the
-silent option is present, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If "pam_lastlog" is missing from "/etc/pam.d/postlogin" file, or the
+silent option is present, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to provide users with feedback on when
 account accesses last occurred by setting the required configuration options in
-&quot;&#x2F;etc&#x2F;pam.d&#x2F;postlogin&quot;.
-
-    Add the following line to the top of &quot;&#x2F;etc&#x2F;pam.d&#x2F;postlogin&quot;:
-
-    session required pam_lastlog.so showfailed</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>df8f0904-0188-415e-a558-e95b901da843</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PAM Config[&#x2F;etc&#x2F;pam.d&#x2F;postlogin] lines is expected to include session .* pam_lastlog.so showfailed
---------------------------------
-passed
-SSHD Configuration PrintLastLog is expected to cmp &#x3D;&#x3D; &quot;yes&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-71939</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000106-GPOS-00053</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86563r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-010300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+"/etc/pam.d/postlogin".
+
+    Add the following line to the top of "/etc/pam.d/postlogin":
+
+    session required pam_lastlog.so showfailed</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72275\" do\n  title \"The Red Hat Enterprise Linux operating system must display the date\nand time of the last successful account logon upon logon.\"\n  desc  \"Providing users with feedback on when account accesses last occurred\nfacilitates user recognition and reporting of unauthorized account use.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify users are provided with feedback on when account accesses last\noccurred.\n\n    Check that \\\"pam_lastlog\\\" is used and not silent with the following\ncommand:\n\n    # grep pam_lastlog /etc/pam.d/postlogin\n    session required pam_lastlog.so showfailed\n\n    If \\\"pam_lastlog\\\" is missing from \\\"/etc/pam.d/postlogin\\\" file, or the\nsilent option is present, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to provide users with feedback on when\naccount accesses last occurred by setting the required configuration options in\n\\\"/etc/pam.d/postlogin\\\".\n\n    Add the following line to the top of \\\"/etc/pam.d/postlogin\\\":\n\n    session required pam_lastlog.so showfailed\n  \"\n  impact 0.3\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72275\"\n  tag rid: \"SV-86899r4_rule\"\n  tag stig_id: \"RHEL-07-040530\"\n  tag fix_id: \"F-78629r4_fix\"\n  tag cci: [\"CCI-000366\"]\n  tag nist: [\"CM-6 b\", \"Rev_4\"]\n\n  describe pam('/etc/pam.d/postlogin') do\n    its('lines') { should match_pam_rule('session .* pam_lastlog.so showfailed') }\n  end\n\n  describe.one do\n    describe sshd_config do\n      its('PrintLastLog') { should cmp 'yes' }\n    end\n\n    describe pam('/etc/pam.d/postlogin') do\n      its('lines') { should match_pam_rule('session .* pam_lastlog.so showfailed').all_without_args('silent') }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PAM Config[/etc/pam.d/postlogin] lines is expected to include session .* pam_lastlog.so showfailed
+--------------------------------
+passed :: TEST SSHD Configuration PrintLastLog is expected to cmp == "yes"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-71939</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000106-GPOS-00053</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86563r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-010300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that the SSH daemon does not allow authentication using an empty password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that the SSH daemon does not allow authentication using an empty password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional
 assurance that remote logon via SSH will require a password, even in the event
-of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To determine how the SSH daemon&#39;s &quot;PermitEmptyPasswords&quot; option is set,
+of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To determine how the SSH daemon's "PermitEmptyPasswords" option is set,
 run the following command:
 
-    # grep -i PermitEmptyPasswords &#x2F;etc&#x2F;ssh&#x2F;sshd_config
+    # grep -i PermitEmptyPasswords /etc/ssh/sshd_config
     PermitEmptyPasswords no
 
-    If no line, a commented line, or a line indicating the value &quot;no&quot; is
+    If no line, a commented line, or a line indicating the value "no" is
 returned, the required value is set.
 
-    If the required value is not set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If the required value is not set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To explicitly disallow remote logon from accounts with empty passwords, add
-or correct the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
+or correct the following line in "/etc/ssh/sshd_config":
 
     PermitEmptyPasswords no
 
     The SSH service must be restarted for changes to take effect.  Any accounts
 with empty passwords should be disabled immediately, and PAM configuration
-should prevent users from being able to assign themselves empty passwords.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6102773d-1950-4b20-b6d4-690152984427</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-SSHD Configuration PermitEmptyPasswords is expected to eq &quot;no&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72007</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86631r3_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020320</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+should prevent users from being able to assign themselves empty passwords.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-71939\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat the SSH daemon does not allow authentication using an empty password.\"\n  desc  \"Configuring this setting for the SSH daemon provides additional\nassurance that remote logon via SSH will require a password, even in the event\nof misconfiguration elsewhere.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    To determine how the SSH daemon's \\\"PermitEmptyPasswords\\\" option is set,\nrun the following command:\n\n    # grep -i PermitEmptyPasswords /etc/ssh/sshd_config\n    PermitEmptyPasswords no\n\n    If no line, a commented line, or a line indicating the value \\\"no\\\" is\nreturned, the required value is set.\n\n    If the required value is not set, this is a finding.\n  \"\n  desc  \"fix\", \"\n    To explicitly disallow remote logon from accounts with empty passwords, add\nor correct the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n\n    The SSH service must be restarted for changes to take effect.  Any accounts\nwith empty passwords should be disabled immediately, and PAM configuration\nshould prevent users from being able to assign themselves empty passwords.\n  \"\n  impact 0.7\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000106-GPOS-00053\"\n  tag gid: \"V-71939\"\n  tag rid: \"SV-86563r3_rule\"\n  tag stig_id: \"RHEL-07-010300\"\n  tag fix_id: \"F-78291r2_fix\"\n  tag cci: [\"CCI-000766\"]\n  tag nist: [\"IA-2 (2)\", \"Rev_4\"]\n\n  describe sshd_config do\n    its('PermitEmptyPasswords') { should eq 'no' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST SSHD Configuration PermitEmptyPasswords is expected to eq "no"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72007</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86631r3_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020320</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
-that all files and directories have a valid owner.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+that all files and directories have a valid owner.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Unowned files and directories may be unintentionally inherited if a
-user is assigned the same User Identifier &quot;UID&quot; as the UID of the un-owned
-files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+user is assigned the same User Identifier "UID" as the UID of the un-owned
+files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify all files and directories on the system have a valid owner.
 
     Check the owner of all files and directories with the following command:
@@ -39297,344 +37575,324 @@ files.</ATTRIBUTE_DATA>
     Note: The value after -fstype must be replaced with the filesystem type.
 XFS is used as an example.
 
-    # find &#x2F; -fstype xfs -nouser
+    # find / -fstype xfs -nouser
 
-    If any files on the system do not have an assigned owner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If any files on the system do not have an assigned owner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Either remove all files and directories from the system that do not have a
 valid user, or assign a valid user to all unowned files and directories on the
-system with the &quot;chown&quot; command:
-
-    # chown &lt;user&gt; &lt;file&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>562becf7-bb16-4dae-8851-89fb9e1864fc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Command: &#x60;find &#x2F; -xautofs -fstype xfs -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext3 -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext2 -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype ext4 -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype msdos -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype vfat -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype btrfs -nouser&#x60; stdout.strip is expected to be empty
---------------------------------
-passed
-Command: &#x60;find &#x2F; -xautofs -fstype fuseblk -nouser&#x60; stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86827r5_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-030900</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+system with the "chown" command:
+
+    # chown &lt;user&gt; &lt;file&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72007\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all files and directories have a valid owner.\"\n  desc  \"Unowned files and directories may be unintentionally inherited if a\nuser is assigned the same User Identifier \\\"UID\\\" as the UID of the un-owned\nfiles.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify all files and directories on the system have a valid owner.\n\n    Check the owner of all files and directories with the following command:\n\n    Note: The value after -fstype must be replaced with the filesystem type.\nXFS is used as an example.\n\n    # find / -fstype xfs -nouser\n\n    If any files on the system do not have an assigned owner, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Either remove all files and directories from the system that do not have a\nvalid user, or assign a valid user to all unowned files and directories on the\nsystem with the \\\"chown\\\" command:\n\n    # chown &lt;user&gt; &lt;file&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72007\"\n  tag rid: \"SV-86631r3_rule\"\n  tag stig_id: \"RHEL-07-020320\"\n  tag fix_id: \"F-78359r1_fix\"\n  tag cci: [\"CCI-002165\"]\n  tag nist: [\"AC-3 (4)\", \"Rev_4\"]\n\n  command('grep -v \"nodev\" /proc/filesystems | awk \\'NF{ print $NF }\\'').\n    stdout.strip.split(\"\\n\").each do |fs|\n      describe command(\"find / -xautofs -fstype #{fs} -nouser\") do\n        its('stdout.strip') { should be_empty }\n      end\n    end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Command: `find / -xautofs -fstype xfs -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext3 -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext2 -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype ext4 -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype msdos -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype vfat -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype btrfs -nouser` stdout.strip is expected to be empty
+--------------------------------
+passed :: TEST Command: `find / -xautofs -fstype fuseblk -nouser` stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000466-GPOS-00210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86827r5_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-030900</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must audit all uses of
-the rmdir syscall.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+the rmdir syscall.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the system is not configured to audit certain activities and write
 them to an audit log, it is more difficult to detect and track system
-compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+compromises and damages incurred during a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the operating system generates audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rmdir&quot; syscall occur.
+successful/unsuccessful attempts to use the "rmdir" syscall occur.
 
-    Check the file system rules in &quot;&#x2F;etc&#x2F;audit&#x2F;audit.rules&quot; with the
+    Check the file system rules in "/etc/audit/audit.rules" with the
 following commands:
 
-    # grep -iw rmdir &#x2F;etc&#x2F;audit&#x2F;audit.rules
+    # grep -iw rmdir /etc/audit/audit.rules
 
-    -a always,exit -F arch&#x3D;b32 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    If both the &quot;b32&quot; and &quot;b64&quot; audit rules are not defined for the
-&quot;rmdir&quot; syscall, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+    If both the "b32" and "b64" audit rules are not defined for the
+"rmdir" syscall, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configure the operating system to generate audit records when
-successful&#x2F;unsuccessful attempts to use the &quot;rmdir&quot; syscall occur.
+successful/unsuccessful attempts to use the "rmdir" syscall occur.
 
-    Add the following rules in &quot;&#x2F;etc&#x2F;audit&#x2F;rules.d&#x2F;audit.rules&quot;:
+    Add the following rules in "/etc/audit/rules.d/audit.rules":
 
-    -a always,exit -F arch&#x3D;b32 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    -a always,exit -F arch&#x3D;b64 -S rmdir -F auid&gt;&#x3D;1000 -F auid!&#x3D;4294967295 -k
+    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k
 delete
 
-    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>82c366ca-e10c-4364-9278-e52b832d14ad</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b32&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b32&quot; list.uniq is expected to eq [&quot;exit&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b64&quot; action.uniq is expected to eq [&quot;always&quot;]
---------------------------------
-passed
-Auditd Rules with syscall &#x3D;&#x3D; &quot;rmdir&quot; arch &#x3D;&#x3D; &quot;b64&quot; list.uniq is expected to eq [&quot;exit&quot;]</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-72039</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-86663r2_rule</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>RHEL-07-020900</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+    The audit daemon must be restarted for the changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72203\" do\n  title \"The Red Hat Enterprise Linux operating system must audit all uses of\nthe rmdir syscall.\"\n  desc  \"If the system is not configured to audit certain activities and write\nthem to an audit log, it is more difficult to detect and track system\ncompromises and damages incurred during a system compromise.\n\n\n  \"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify the operating system generates audit records when\nsuccessful/unsuccessful attempts to use the \\\"rmdir\\\" syscall occur.\n\n    Check the file system rules in \\\"/etc/audit/audit.rules\\\" with the\nfollowing commands:\n\n    # grep -iw rmdir /etc/audit/audit.rules\n\n    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    If both the \\\"b32\\\" and \\\"b64\\\" audit rules are not defined for the\n\\\"rmdir\\\" syscall, this is a finding.\n  \"\n  desc  \"fix\", \"\n    Configure the operating system to generate audit records when\nsuccessful/unsuccessful attempts to use the \\\"rmdir\\\" syscall occur.\n\n    Add the following rules in \\\"/etc/audit/rules.d/audit.rules\\\":\n\n    -a always,exit -F arch=b32 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    -a always,exit -F arch=b64 -S rmdir -F auid&gt;=1000 -F auid!=4294967295 -k\ndelete\n\n    The audit daemon must be restarted for the changes to take effect.\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000466-GPOS-00210\"\n  tag satisfies: [\"SRG-OS-000466-GPOS-00210\", \"SRG-OS-000467-GPOS-00210\",\n\"SRG-OS-000468-GPOS-00212\", \"SRG-OS-000392-GPOS-00172\"]\n  tag gid: \"V-72203\"\n  tag rid: \"SV-86827r5_rule\"\n  tag stig_id: \"RHEL-07-030900\"\n  tag fix_id: \"F-78557r9_fix\"\n  tag cci: [\"CCI-000172\", \"CCI-002884\"]\n  tag nist: [\"AU-12 c\", \"MA-4 (1) (a)\", \"Rev_4\"]\n\n  describe auditd.syscall(\"rmdir\").where {arch == \"b32\"} do\n    its('action.uniq') { should eq ['always'] }\n    its('list.uniq') { should eq ['exit'] }\n  end\n  if os.arch == 'x86_64'\n    describe auditd.syscall(\"rmdir\").where {arch == \"b64\"} do\n      its('action.uniq') { should eq ['always'] }\n      its('list.uniq') { should eq ['exit'] }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002884</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b32" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b32" list.uniq is expected to eq ["exit"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b64" action.uniq is expected to eq ["always"]
+--------------------------------
+passed :: TEST Auditd Rules with syscall == "rmdir" arch == "b64" list.uniq is expected to eq ["exit"]</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-72039</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-86663r2_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-07-020900</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The Red Hat Enterprise Linux operating system must be configured so
 that all system device files are correctly labeled to prevent unauthorized
-modification.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+modification.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If an unauthorized or modified device is allowed to exist on the
 system, there is the possibility the system may perform unintended or
-unauthorized operations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+unauthorized operations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify that all system device files are correctly labeled to prevent
 unauthorized modification.
 
     List all device files on the system that are incorrectly labeled with the
 following commands:
 
-    Note: Device files are normally found under &quot;&#x2F;dev&quot;, but applications may
+    Note: Device files are normally found under "/dev", but applications may
 place device files in other directories and may necessitate a search of the
 entire system.
 
-    #find &#x2F;dev -context *:device_t:* \( -type c -o -type b \) -printf &quot;%p %Z    &quot;
+    #find /dev -context *:device_t:* \( -type c -o -type b \) -printf "%p %Z    "
 
-    #find &#x2F;dev -context *:unlabeled_t:* \( -type c -o -type b \) -printf &quot;%p
-%Z    &quot;
+    #find /dev -context *:unlabeled_t:* \( -type c -o -type b \) -printf "%p
+%Z    "
 
-    Note: There are device files, such as &quot;&#x2F;dev&#x2F;vmci&quot;, that are used when the
+    Note: There are device files, such as "/dev/vmci", that are used when the
 operating system is a host virtual machine. They will not be owned by a user on
-the system and require the &quot;device_t&quot; label to operate. These device files
+the system and require the "device_t" label to operate. These device files
 are not a finding.
 
     If there is output from either of these commands, other than already noted,
-this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Run the following command to determine which package owns the device file:
 
     # rpm -qf &lt;filename&gt;
@@ -39646,103 +37904,98 @@ this is a finding.</ATTRIBUTE_DATA>
     Alternatively, the package can be reinstalled from trusted media using the
 command:
 
-    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 STIG </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>779db859-f859-40b9-8ab1-2022f8e764c8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-#&lt;Set: {}&gt; length is expected to cmp &#x3D;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-		</iSTIG>
-	</STIGS>
+    # sudo rpm -Uvh &lt;packagename&gt;</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control \"V-72039\" do\n  title \"The Red Hat Enterprise Linux operating system must be configured so\nthat all system device files are correctly labeled to prevent unauthorized\nmodification.\"\n  desc  \"If an unauthorized or modified device is allowed to exist on the\nsystem, there is the possibility the system may perform unintended or\nunauthorized operations.\"\n  desc  \"rationale\", \"\"\n  desc  \"check\", \"\n    Verify that all system device files are correctly labeled to prevent\nunauthorized modification.\n\n    List all device files on the system that are incorrectly labeled with the\nfollowing commands:\n\n    Note: Device files are normally found under \\\"/dev\\\", but applications may\nplace device files in other directories and may necessitate a search of the\nentire system.\n\n    #find /dev -context *:device_t:* \\\\( -type c -o -type b \\\\) -printf \\\"%p %Z\\\n    \\\"\n\n    #find /dev -context *:unlabeled_t:* \\\\( -type c -o -type b \\\\) -printf \\\"%p\n%Z\\\n    \\\"\n\n    Note: There are device files, such as \\\"/dev/vmci\\\", that are used when the\noperating system is a host virtual machine. They will not be owned by a user on\nthe system and require the \\\"device_t\\\" label to operate. These device files\nare not a finding.\n\n    If there is output from either of these commands, other than already noted,\nthis is a finding.\n  \"\n  desc  \"fix\", \"\n    Run the following command to determine which package owns the device file:\n\n    # rpm -qf &lt;filename&gt;\n\n    The package can be reinstalled from a yum repository using the command:\n\n    # sudo yum reinstall &lt;packagename&gt;\n\n    Alternatively, the package can be reinstalled from trusted media using the\ncommand:\n\n    # sudo rpm -Uvh &lt;packagename&gt;\n  \"\n  impact 0.5\n  tag severity: nil\n  tag gtitle: \"SRG-OS-000480-GPOS-00227\"\n  tag gid: \"V-72039\"\n  tag rid: \"SV-86663r2_rule\"\n  tag stig_id: \"RHEL-07-020900\"\n  tag fix_id: \"F-78391r1_fix\"\n  tag cci: [\"CCI-000318\", \"CCI-000368\", \"CCI-001812\", \"CCI-001813\",\n\"CCI-001814\"]\n  tag nist: [\"CM-3 f\", \"CM-6 c\", \"CM-11 (2)\", \"CM-5 (1)\", \"CM-5 (1)\", \"Rev_4\"]\n\n  virtual_machine = input('virtual_machine')\n\n  findings = Set[]\n  findings = findings + command('find / -context *:device_t:* \\( -type c -o -type b \\) -printf \"%p %Z\\n\"').stdout.split(\"\\n\")\n  findings = findings + command('find / -context *:unlabeled_t:* \\( -type c -o -type b \\) -printf \"%p %Z\\n\"').stdout.split(\"\\n\")\n  findings = findings + command('find / -context *:vmci_device_t:* \\( -type c -o -type b \\) -printf \"%p %Z\\n\"').stdout.split(\"\\n\")\n\n  describe findings do\n    if virtual_machine\n      its ('length') { should cmp 1 }\n      its ('first') { should include '/dev/vmci' }\n    else\n      its ('length') { should cmp 0 }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 7 Security Technical Implementation Guide - v2r6 :: Version 2, Release: 6 Benchmark Date: 2024/06/08</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000318</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000368</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001812</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001814</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST #&lt;Set: {}&gt; length is expected to cmp == 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+	</STIGS>
 </CHECKLIST>
\ No newline at end of file
diff --git a/test/sample_data/checklist/sample_input_report/ckl_with_invalid_metadata.ckl b/test/sample_data/checklist/sample_input_report/ckl_with_invalid_metadata.ckl
new file mode 100644
index 000000000..01b25edbc
--- /dev/null
+++ b/test/sample_data/checklist/sample_input_report/ckl_with_invalid_metadata.ckl
@@ -0,0 +1,505 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--DISA STIG Viewer :: 2.17-->
+<CHECKLIST>
+	<ASSET>
+		<ROLE>Member Server</ROLE>
+		<ASSET_TYPE>Computing</ASSET_TYPE>
+		<MARKING>CUI</MARKING>
+		<HOST_NAME>valid</HOST_NAME>
+		<HOST_IP>invalid</HOST_IP>
+		<HOST_MAC>invalid</HOST_MAC>
+		<HOST_FQDN>invalid</HOST_FQDN>
+		<TARGET_COMMENT></TARGET_COMMENT>
+		<TECH_AREA>Exchange Server</TECH_AREA>
+		<TARGET_KEY>5339</TARGET_KEY>
+		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
+		<WEB_DB_SITE></WEB_DB_SITE>
+		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
+	</ASSET>
+	<STIGS>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>1</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>Cisco_ASA_FW_STIG</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+					<SID_DATA>U_Cisco_ASA_Firewall_STIG_V1R4_Manual-xccdf.xml</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+					<SID_DATA>Release: 4 Benchmark Date: 27 Apr 2023</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>Cisco ASA Firewall Security Technical Implementation Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+					<SID_DATA>b6a7cb18-6ffe-4a6e-9f44-60d514c98db9</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>terms-of-use</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-239852</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-NET-000019-FW-000003</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-239852r665842_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CASA-FW-000010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Cisco ASA must be configured to filter outbound traffic, allowing only authorized ports and services.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Information flow control regulates where information is allowed to travel within a network and between interconnected networks. Blocking or restricting detected harmful or suspicious communications between interconnected networks enforces approved authorizations for controlling the flow of traffic.
+
+The firewall that filters traffic outbound to interconnected networks with different security policies must be configured to permit or block traffic based on organization-defined traffic authorizations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Review the ASA configuration to determine if it only permits outbound traffic using authorized ports and services.
+
+Step 1: Verify that an ingress ACL has been applied to all internal interfaces as shown in the example below.
+
+ interface GigabitEthernet0/0
+ nameif INSIDE
+ security-level 100
+ ip address 10.1.11.1 255.255.255.0
+…
+…
+…
+access-group INSIDE _IN in interface INSIDE 
+
+Step 2: Verify that the ingress ACL only allows outbound traffic using authorized ports and services as shown in the example below.
+
+access-list INSIDE _IN extended permit tcp any any eq www 
+access-list INSIDE _IN extended permit tcp any any eq https 
+access-list INSIDE _IN extended permit tcp any any eq …
+access-list INSIDE _IN extended deny ip any any log
+
+If the ASA is not configured to only allow outbound traffic using authorized ports and services, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Step 1: Configure the ingress ACL similar to the example below.
+
+ASA(config)# access-list INSIDE_INextended permit tcp any any eq https
+ASA(config)# access-list INSIDE_INextended permit tcp any any eq http
+ASA(config)# access-list INSIDE_INextended permit tcp any any eq …
+ASA(config)# access-list INSIDE_INextended deny ip any any log      
+
+Step 2: Apply the ACL inbound on all internal interfaces as shown in the example below.
+
+ASA(config)# access-group INSIDE_IN in interface INSIDE
+ASA(config)# end</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Cisco ASA Firewall Security Technical Implementation Guide :: Version 1, Release: 4 Benchmark Date: 27 Apr 2023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5339</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>54b4701f-19a1-4d5b-9497-5be85f995362</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001414</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-239853</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-NET-000019-FW-000004</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-239853r665845_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CASA-FW-000020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Cisco ASA must immediately use updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Information flow policies regarding dynamic information flow control include, for example, allowing or disallowing information flows based on changes to the Ports, Protocols, Services Management (PPSM) Category Assurance Levels (CAL) list, vulnerability assessments, or mission conditions. Changing conditions include changes in the threat environment and detection of potentially harmful or adverse events.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By default, when you change a rule-based policy such as access rules, the changes become effective immediately. With transactional model configured, the rules are not active until after compilation.
+
+Review the ASA configuration and verify that the following command is not configured.
+
+asp rule-engine transactional-commit access-group
+
+If transactional-commit access-group has been configured, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remove the command asp rule-engine transactional-commit access-group
+
+ASA(config)# no asp rule-engine transactional-commit access-group</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Cisco ASA Firewall Security Technical Implementation Guide :: Version 1, Release: 4 Benchmark Date: 27 Apr 2023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5339</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>54b4701f-19a1-4d5b-9497-5be85f995362</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001414</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-239854</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-NET-000061-FW-000001</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-239854r665848_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CASA-FW-000030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The Cisco ASA must be configured to restrict VPN traffic according to organization-defined filtering rules.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Remote access devices (such as those providing remote access to network devices and information systems) that lack automated capabilities increase risk and make remote user access management difficult at best.
+
+Remote access is access to DoD non-public information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network.
+
+Automated monitoring of remote access sessions allows organizations to detect cyberattacks and also ensure ongoing compliance with remote access policies by auditing connection activities of remote access capabilities from a variety of information system components (e.g., servers, workstations, notebook computers, smart phones, and tablets).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Step 1: Verify that an ACL has been applied to the applicable VPN group policy via the vpn-filter attribute as shown in the example below.
+
+group-policy VPN_POLICY internal
+group-policy VPN_POLICY attributes
+ …
+ …
+ …
+ vpn-filter value RESTRICT_VPN
+
+Step 2: Verify that the filter restricts traffic according to organization-defined filtering rules as shown in the example below.
+
+access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.0 host 192.168.1.12 eq http 
+access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.0  host 192.168.1.13 eq smtp 
+access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.0  host 192.168.1.14 eq ftp 
+access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.0 host 192.168.1.14 eq ftp-data 
+access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.0  host 192.168.1.15 eq domain
+access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.0  host 192.168.1.16 eq sqlnet
+access-list RESTRICT_VPN extended deny ip any any log
+
+Note: In the example above, assume that the client-assigned IP address pool is 10.10.10.0/24 and the local private network is 192.168.1.0/24.
+
+If the ASA is not configured to restrict VPN traffic according to organization-defined filtering rules, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Step 1: Configure the ACL to restrict VPN traffic.
+
+ASA(config)# access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255. host 192.168.1.12 eq http
+ASA(config)# access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255. host 192.168.1.13 eq smtp
+ASA(config)# access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255. host 192.168.1.14 eq ftp
+ASA(config)# access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255. host 192.168.1.14 eq ftp-data
+ASA(config)# access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255.y host 192.168.1.15 eq domain
+ASA(config)# access-list RESTRICT_VPN extended permit tcp 10.0.0.0 255.255.255. host 192.168.1.16 eq sqlnet
+ASA(config)# access-list RESTRICT_VPN extended deny ip any any log
+ASA(config)# exit 
+
+Step 2: Apply the VPN filter to the applicable group policy as shown in the example below.
+
+ASA(config)# group-policy VPN_POLICY attributes 
+ASA(config-group-policy)# vpn-filter value RESTRICT_VPN 
+ASA(config-group-policy)# end</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Cisco ASA Firewall Security Technical Implementation Guide :: Version 1, Release: 4 Benchmark Date: 27 Apr 2023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5339</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>54b4701f-19a1-4d5b-9497-5be85f995362</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000067</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+	</STIGS>
+</CHECKLIST>
\ No newline at end of file
diff --git a/test/sample_data/checklist/sample_input_report/invalid_metadata.json b/test/sample_data/checklist/sample_input_report/invalid_metadata.json
new file mode 100644
index 000000000..4cfba2aa8
--- /dev/null
+++ b/test/sample_data/checklist/sample_input_report/invalid_metadata.json
@@ -0,0 +1,19 @@
+{
+  "profiles": [
+    {
+      "name": "My benchmark",
+      "title": "RHEL 219",
+      "version": 12,
+      "releasenumber": 23,
+      "releasedate": "2024/07/10",
+      "showCalendar": true
+    }
+  ],
+  "marking": "CUI",
+  "hostip": "invalid",
+  "role": "Workstation",
+  "assettype": "Not a real assettype",
+  "techarea": "Traditional Security",
+  "webordatabase": "false",
+  "vulidmapping": "id"
+}
\ No newline at end of file
diff --git a/test/sample_data/checklist/sample_input_report/small_ckl_overrides.ckl b/test/sample_data/checklist/sample_input_report/small_ckl_overrides.ckl
new file mode 100644
index 000000000..69eaad38c
--- /dev/null
+++ b/test/sample_data/checklist/sample_input_report/small_ckl_overrides.ckl
@@ -0,0 +1,1592 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--DISA STIG Viewer :: 2.17-->
+<CHECKLIST>
+	<ASSET>
+		<ROLE>None</ROLE>
+		<ASSET_TYPE>Computing</ASSET_TYPE>
+		<MARKING>CUI</MARKING>
+		<HOST_NAME></HOST_NAME>
+		<HOST_IP></HOST_IP>
+		<HOST_MAC></HOST_MAC>
+		<HOST_FQDN></HOST_FQDN>
+		<TARGET_COMMENT></TARGET_COMMENT>
+		<TECH_AREA></TECH_AREA>
+		<TARGET_KEY>5551</TARGET_KEY>
+		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
+		<WEB_DB_SITE></WEB_DB_SITE>
+		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
+	</ASSET>
+	<STIGS>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>1</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>RHEL_9_STIG</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+					<SID_DATA>U_RHEL_9_STIG_V1R3_Manual-xccdf.xml</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+					<SID_DATA>Release: 3 Benchmark Date: 24 Apr 2024</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+					<SID_DATA>47e1d7ee-1fe2-4f8b-9914-3aaa2b6ace72</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>terms-of-use</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257777</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257777r925318_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 must be a vendor-supported release.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>An operating system release is considered "supported" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.
+
+Red Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that the version or RHEL 9 is vendor supported with the following command:
+
+$ cat /etc/redhat-release 
+
+Red Hat Enterprise Linux release 9.2 (Plow)
+
+If the installed version of RHEL 9 is not supported, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Upgrade to a supported version of RHEL 9.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE>medium</SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION>Testing both N/A and overidden</SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257778</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257778r925321_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 vendor packaged system security patches and updates must be installed and up to date.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify RHEL 9 security patches and updates are installed and up to date. Updates are required to be applied with a frequency determined by organizational policy.
+
+Obtain the list of available package security updates from Red Hat. The URL for updates is https://access.redhat.com/errata-search/. It is important to note that updates provided by Red Hat may not be present on the system if the underlying packages are not installed.
+
+Check that the available package security updates have been installed on the system with the following command:
+
+$ dnf history list | more
+
+    ID | Command line | Date and time | Action(s) | Altered    
+-------------------------------------------------------------------------------    
+   70 | install aide | 2023-03-05 10:58 | Install | 1    
+   69 | update -y | 2023-03-04 14:34 | Update | 18 EE    
+   68 | install vlc | 2023-02-21 17:12 | Install | 21   
+   67 | update -y | 2023-02-21 17:04 | Update | 7 EE 
+
+Typical update frequency may be overridden by Information Assurance Vulnerability Alert (IAVA) notifications from CYBERCOM.
+
+If the system is in noncompliance with the organizational patching policy, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Install RHEL 9 security patches and updates at the organizationally defined frequency. If system updates are installed via a centralized repository that is configured on the system, all updates can be installed with the following command:
+
+$ sudo dnf update</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE>low</SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION>Example of overridden severity</SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257779</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-GPOS-00006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257779r925324_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211020</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+
+System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.
+
+Satisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify RHEL 9 displays the Standard Mandatory DOD Notice and Consent Banner before granting access to the operating system via a command line user logon.
+
+Check that a banner is displayed at the command line login screen with the following command:
+
+$ sudo cat /etc/issue
+
+If the banner is set correctly it will return the following text:
+
+"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+
+-At any time, the USG may inspect and seize data stored on this IS.
+
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
+
+If the banner text does not match the Standard Mandatory DOD Notice and Consent Banner exactly, or the line is commented out, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure RHEL 9 to display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via command line logon.
+
+Edit the "/etc/issue" file to replace the default text with the Standard Mandatory DOD Notice and Consent Banner. The DOD-required text is:
+
+"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+
+-At any time, the USG may inspect and seize data stored on this IS.
+
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests -- not for your personal benefit or privacy.
+
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "impact": 1.0,
+    "severity": "critical"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001385</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001386</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001387</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001388</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE>high</SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION>Example high justification</SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257780</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000191-GPOS-00080</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257780r939261_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211025</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 must implement the Endpoint Security for Linux Threat Prevention tool.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Without the use of automated mechanisms to scan for security flaws on a continuous and/or periodic basis, the operating system or other system components may remain vulnerable to the exploits presented by undetected software flaws.
+
+To support this requirement, the operating system may have an integrated solution incorporating continuous scanning using ESS and periodic scanning using other tools, as specified in the requirement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that RHEL 9 has implemented the Endpoint Security for Linux Threat Prevention tool.
+
+Check that the following package has been installed:
+
+$ sudo rpm -qa | grep -i mcafeetp
+
+If the "mcafeetp" package is not installed, this is a finding.
+
+Verify that the daemon is running:
+
+$ sudo ps -ef | grep -i mfetpd
+
+If the daemon is not running, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Install and enable the latest McAfee ENSLTP package.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001233</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257781</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257781r925330_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211030</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The graphical display manager must not be the default target on RHEL 9 unless approved.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that RHEL 9 is configured to boot to the command line:
+
+$ systemctl get-default
+
+multi-user.target
+
+If the system default target is not set to "multi-user.target" and the information system security officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Document the requirement for a graphical user interface with the ISSO or set the default target to multi-user with the following command:
+
+$ sudo systemctl set-default multi-user.target</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257782</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257782r942961_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211035</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 must enable the hardware random number generator entropy gatherer service.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.  
+
+The rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Note: For RHEL 9 systems running with kernel FIPS mode enabled as specified by RHEL-09-671010, this requirement is Not Applicable.
+
+Verify that RHEL 9 has enabled the hardware random number generator entropy gatherer service with the following command:
+
+$ systemctl is-active rngd
+
+active
+
+If the "rngd" service is not active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Install the rng-tools package with the following command:
+
+$ sudo dnf install rng-tools
+
+Then enable the rngd service run the following command:
+
+$ sudo systemctl enable --now rngd</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257783</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000269-GPOS-00103</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257783r925336_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211040</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 systemd-journald service must be enabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify that "systemd-journald" is active with the following command:
+
+$ systemctl is-active systemd-journald
+
+active
+
+If the systemd-journald service is not active, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To enable the systemd-journald service, run the following command:
+
+$ sudo systemctl enable --now systemd-journald</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001665</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257784</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257784r925339_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211045</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+
+Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify RHEL 9 is configured to not reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:
+
+$ grep -i ctrl /etc/systemd/system.conf
+
+CtrlAltDelBurstAction=none
+
+If the "CtrlAltDelBurstAction" is not set to "none", commented out, or is missing, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the system to disable the CtrlAltDelBurstAction by added or modifying the following line in the "/etc/systemd/system.conf" configuration file:
+
+CtrlAltDelBurstAction=none
+
+Reload the daemon for this change to take effect.
+
+$ sudo systemctl daemon-reload</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257785</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257785r925342_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.
+
+Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify RHEL 9 is not configured to reboot the system when Ctrl-Alt-Delete is pressed with the following command:
+
+$ sudo systemctl status ctrl-alt-del.target
+
+ctrl-alt-del.target
+Loaded: masked (Reason: Unit ctrl-alt-del.target is masked.)
+Active: inactive (dead)
+
+If the "ctrl-alt-del.target" is loaded and not masked, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure RHEL 9 to disable the ctrl-alt-del.target with the following command:
+
+$ sudo systemctl disable --now ctrl-alt-del.target
+$ sudo systemctl mask --now ctrl-alt-del.target</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257786</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000324-GPOS-00125</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257786r943026_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-211055</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 debug-shell systemd service must be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd. This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.
+
+Satisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify RHEL 9 is configured to mask the debug-shell systemd service with the following command:
+
+$ sudo systemctl status debug-shell.service
+
+debug-shell.service
+Loaded: masked (Reason: Unit debug-shell.service is masked.)
+Active: inactive (dead)
+
+If the "debug-shell.service" is loaded and not masked, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure RHEL 9 to mask the debug-shell systemd service with the following command:
+
+$ sudo systemctl disable --now debug-shell.service
+$ sudo systemctl mask --now debug-shell.service</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>V-257787</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000080-GPOS-00048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-257787r925348_rule</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL-09-212010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>RHEL 9 must require a boot loader superuser password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.
+
+Password protection on the boot loader configuration ensures users with physical access cannot trivially alter important bootloader settings. These include which kernel to use, and whether to enter single-user mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify the boot loader superuser password has been set and run the following command:
+
+$ sudo grep "superusers" /etc/grub2.cfg 
+
+password_pbkdf2  superusers-account   ${GRUB2_PASSWORD}  
+
+To verify the boot loader superuser account password has been set, and the password encrypted, run the following command:
+
+$ sudo cat /boot/grub2/user.cfg 
+
+GRUB2_PASSWORD=grub.pbkdf2.sha512.10000.C4E08AC72FBFF7E837FD267BFAD7AEB3D42DDC
+2C99F2A94DD5E2E75C2DC331B719FE55D9411745F82D1B6CFD9E927D61925F9BBDD1CFAA0080E0
+916F7AB46E0D.1302284FCCC52CD73BA3671C6C12C26FF50BA873293B24EE2A96EE3B57963E6D7
+0C83964B473EC8F93B07FE749AA6710269E904A9B08A6BBACB00A2D242AD828 
+
+If a "GRUB2_PASSWORD" is not set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure RHEL 9 to require a grub bootloader password for the grub superuser account.
+
+Generate an encrypted grub2 password for the grub superuser account with the following command:
+
+$ sudo grub2-setpassword
+Enter password:
+Confirm password:</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>5551</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>4f55ab46-138a-4554-952f-4bf8523b04ec</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS></FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+	</STIGS>
+</CHECKLIST>
\ No newline at end of file
diff --git a/test/sample_data/checklist/small_overrides_hdf.json b/test/sample_data/checklist/small_overrides_hdf.json
new file mode 100644
index 000000000..105eabf3c
--- /dev/null
+++ b/test/sample_data/checklist/small_overrides_hdf.json
@@ -0,0 +1,907 @@
+{
+  "platform": {
+    "name": "Heimdall Tools",
+    "release": "2.10.8"
+  },
+  "version": "2.10.8",
+  "statistics": {},
+  "profiles": [
+    {
+      "name": "RHEL_9_STIG",
+      "version": "1",
+      "title": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide",
+      "summary": "This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.",
+      "license": "terms-of-use",
+      "supports": [],
+      "attributes": [],
+      "groups": [],
+      "status": "loaded",
+      "controls": [
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "rid": "SV-257777r925318_rule",
+            "gid": "V-257777",
+            "stig_id": "RHEL-09-211010",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "severity": "high",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+            "severityjustification": "Testing both N/A and overidden",
+            "severityoverride": "medium"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 must be a vendor-supported release.",
+          "id": "V-257777",
+          "desc": "An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\nRed Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period.",
+          "descriptions": [
+            {
+              "data": "Verify that the version or RHEL 9 is vendor supported with the following command:\n\n$ cat /etc/redhat-release \n\nRed Hat Enterprise Linux release 9.2 (Plow)\n\nIf the installed version of RHEL 9 is not supported, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Upgrade to a supported version of RHEL 9.",
+              "label": "fix"
+            }
+          ],
+          "impact": 0,
+          "code": "{\n  \"status\": \"Not Applicable\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"medium\",\n  \"severityjustification\": \"Testing both N/A and overidden\",\n  \"vulnNum\": \"V-257777\",\n  \"severity\": \"high\",\n  \"groupTitle\": \"SRG-OS-000480-GPOS-00227\",\n  \"ruleId\": \"SV-257777r925318_rule\",\n  \"ruleVer\": \"RHEL-09-211010\",\n  \"ruleTitle\": \"RHEL 9 must be a vendor-supported release.\",\n  \"vulnDiscuss\": \"An operating system release is considered \\\"supported\\\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\\n\\nRed Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period.\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify that the version or RHEL 9 is vendor supported with the following command:\\n\\n$ cat /etc/redhat-release \\n\\nRed Hat Enterprise Linux release 9.2 (Plow)\\n\\nIf the installed version of RHEL 9 is not supported, this is a finding.\",\n  \"fixText\": \"Upgrade to a supported version of RHEL 9.\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366\"\n}",
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "rid": "SV-257778r925321_rule",
+            "gid": "V-257778",
+            "stig_id": "RHEL-09-211015",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "severity": "medium",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+            "severityjustification": "Example of overridden severity",
+            "severityoverride": "low"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 vendor packaged system security patches and updates must be installed and up to date.",
+          "id": "V-257778",
+          "desc": "Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.",
+          "descriptions": [
+            {
+              "data": "Verify RHEL 9 security patches and updates are installed and up to date. Updates are required to be applied with a frequency determined by organizational policy.\n\nObtain the list of available package security updates from Red Hat. The URL for updates is https://access.redhat.com/errata-search/. It is important to note that updates provided by Red Hat may not be present on the system if the underlying packages are not installed.\n\nCheck that the available package security updates have been installed on the system with the following command:\n\n$ dnf history list | more\n\n    ID | Command line | Date and time | Action(s) | Altered    \n-------------------------------------------------------------------------------    \n   70 | install aide | 2023-03-05 10:58 | Install | 1    \n   69 | update -y | 2023-03-04 14:34 | Update | 18 EE    \n   68 | install vlc | 2023-02-21 17:12 | Install | 21   \n   67 | update -y | 2023-02-21 17:04 | Update | 7 EE \n\nTypical update frequency may be overridden by Information Assurance Vulnerability Alert (IAVA) notifications from CYBERCOM.\n\nIf the system is in noncompliance with the organizational patching policy, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Install RHEL 9 security patches and updates at the organizationally defined frequency. If system updates are installed via a centralized repository that is configured on the system, all updates can be installed with the following command:\n\n$ sudo dnf update",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.3,
+          "code": "{\n  \"status\": \"Failed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"low\",\n  \"severityjustification\": \"Example of overridden severity\",\n  \"vulnNum\": \"V-257778\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000480-GPOS-00227\",\n  \"ruleId\": \"SV-257778r925321_rule\",\n  \"ruleVer\": \"RHEL-09-211015\",\n  \"ruleTitle\": \"RHEL 9 vendor packaged system security patches and updates must be installed and up to date.\",\n  \"vulnDiscuss\": \"Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify RHEL 9 security patches and updates are installed and up to date. Updates are required to be applied with a frequency determined by organizational policy.\\n\\nObtain the list of available package security updates from Red Hat. The URL for updates is https://access.redhat.com/errata-search/. It is important to note that updates provided by Red Hat may not be present on the system if the underlying packages are not installed.\\n\\nCheck that the available package security updates have been installed on the system with the following command:\\n\\n$ dnf history list | more\\n\\n    ID | Command line | Date and time | Action(s) | Altered    \\n-------------------------------------------------------------------------------    \\n   70 | install aide | 2023-03-05 10:58 | Install | 1    \\n   69 | update -y | 2023-03-04 14:34 | Update | 18 EE    \\n   68 | install vlc | 2023-02-21 17:12 | Install | 21   \\n   67 | update -y | 2023-02-21 17:04 | Update | 7 EE \\n\\nTypical update frequency may be overridden by Information Assurance Vulnerability Alert (IAVA) notifications from CYBERCOM.\\n\\nIf the system is in noncompliance with the organizational patching policy, this is a finding.\",\n  \"fixText\": \"Install RHEL 9 security patches and updates at the organizationally defined frequency. If system updates are installed via a centralized repository that is configured on the system, all updates can be installed with the following command:\\n\\n$ sudo dnf update\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366\"\n}",
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000023-GPOS-00006",
+            "rid": "SV-257779r925324_rule",
+            "gid": "V-257779",
+            "stig_id": "RHEL-09-211020",
+            "cci": [
+              "CCI-000048",
+              "CCI-001384",
+              "CCI-001385",
+              "CCI-001386",
+              "CCI-001387",
+              "CCI-001388"
+            ],
+            "nist": [
+              "AC-8 a",
+              "AC-8 c 1",
+              "AC-8 c 2",
+              "AC-8 c 3"
+            ],
+            "severity": "critical",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+            "severityjustification": "Example high justification",
+            "severityoverride": "high"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.",
+          "id": "V-257779",
+          "desc": "Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nSatisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088",
+          "descriptions": [
+            {
+              "data": "Verify RHEL 9 displays the Standard Mandatory DOD Notice and Consent Banner before granting access to the operating system via a command line user logon.\n\nCheck that a banner is displayed at the command line login screen with the following command:\n\n$ sudo cat /etc/issue\n\nIf the banner is set correctly it will return the following text:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nIf the banner text does not match the Standard Mandatory DOD Notice and Consent Banner exactly, or the line is commented out, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Configure RHEL 9 to display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via command line logon.\n\nEdit the \"/etc/issue\" file to replace the default text with the Standard Mandatory DOD Notice and Consent Banner. The DOD-required text is:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests -- not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"",
+              "label": "fix"
+            }
+          ],
+          "impact": 1,
+          "code": "{\n  \"status\": \"Failed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"high\",\n  \"severityjustification\": \"Example high justification\",\n  \"vulnNum\": \"V-257779\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000023-GPOS-00006\",\n  \"ruleId\": \"SV-257779r925324_rule\",\n  \"ruleVer\": \"RHEL-09-211020\",\n  \"ruleTitle\": \"RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.\",\n  \"vulnDiscuss\": \"Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\\n\\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\\n\\nSatisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify RHEL 9 displays the Standard Mandatory DOD Notice and Consent Banner before granting access to the operating system via a command line user logon.\\n\\nCheck that a banner is displayed at the command line login screen with the following command:\\n\\n$ sudo cat /etc/issue\\n\\nIf the banner is set correctly it will return the following text:\\n\\n\\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\n\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n\\n-At any time, the USG may inspect and seize data stored on this IS.\\n\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\\n\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\\n\\nIf the banner text does not match the Standard Mandatory DOD Notice and Consent Banner exactly, or the line is commented out, this is a finding.\",\n  \"fixText\": \"Configure RHEL 9 to display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via command line logon.\\n\\nEdit the \\\"/etc/issue\\\" file to replace the default text with the Standard Mandatory DOD Notice and Consent Banner. The DOD-required text is:\\n\\n\\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\\n\\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\\n\\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\\n\\n-At any time, the USG may inspect and seize data stored on this IS.\\n\\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\\n\\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests -- not for your personal benefit or privacy.\\n\\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"{\\n  \\\"hdfSpecificData\\\": {\\n    \\\"impact\\\": 1.0,\\n    \\\"severity\\\": \\\"critical\\\"\\n  }\\n}\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000048; CCI-001384; CCI-001385; CCI-001386; CCI-001387; CCI-001388\"\n}",
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000191-GPOS-00080",
+            "rid": "SV-257780r939261_rule",
+            "gid": "V-257780",
+            "stig_id": "RHEL-09-211025",
+            "cci": [
+              "CCI-001233"
+            ],
+            "nist": [
+              "SI-2 (2)"
+            ],
+            "severity": "medium",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 must implement the Endpoint Security for Linux Threat Prevention tool.",
+          "id": "V-257780",
+          "desc": "Without the use of automated mechanisms to scan for security flaws on a continuous and/or periodic basis, the operating system or other system components may remain vulnerable to the exploits presented by undetected software flaws.\n\nTo support this requirement, the operating system may have an integrated solution incorporating continuous scanning using ESS and periodic scanning using other tools, as specified in the requirement.",
+          "descriptions": [
+            {
+              "data": "Verify that RHEL 9 has implemented the Endpoint Security for Linux Threat Prevention tool.\n\nCheck that the following package has been installed:\n\n$ sudo rpm -qa | grep -i mcafeetp\n\nIf the \"mcafeetp\" package is not installed, this is a finding.\n\nVerify that the daemon is running:\n\n$ sudo ps -ef | grep -i mfetpd\n\nIf the daemon is not running, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Install and enable the latest McAfee ENSLTP package.",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.5,
+          "code": "{\n  \"status\": \"Failed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257780\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000191-GPOS-00080\",\n  \"ruleId\": \"SV-257780r939261_rule\",\n  \"ruleVer\": \"RHEL-09-211025\",\n  \"ruleTitle\": \"RHEL 9 must implement the Endpoint Security for Linux Threat Prevention tool.\",\n  \"vulnDiscuss\": \"Without the use of automated mechanisms to scan for security flaws on a continuous and/or periodic basis, the operating system or other system components may remain vulnerable to the exploits presented by undetected software flaws.\\n\\nTo support this requirement, the operating system may have an integrated solution incorporating continuous scanning using ESS and periodic scanning using other tools, as specified in the requirement.\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify that RHEL 9 has implemented the Endpoint Security for Linux Threat Prevention tool.\\n\\nCheck that the following package has been installed:\\n\\n$ sudo rpm -qa | grep -i mcafeetp\\n\\nIf the \\\"mcafeetp\\\" package is not installed, this is a finding.\\n\\nVerify that the daemon is running:\\n\\n$ sudo ps -ef | grep -i mfetpd\\n\\nIf the daemon is not running, this is a finding.\",\n  \"fixText\": \"Install and enable the latest McAfee ENSLTP package.\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-001233\"\n}",
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "rid": "SV-257781r925330_rule",
+            "gid": "V-257781",
+            "stig_id": "RHEL-09-211030",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "severity": "medium",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "The graphical display manager must not be the default target on RHEL 9 unless approved.",
+          "id": "V-257781",
+          "desc": "Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.",
+          "descriptions": [
+            {
+              "data": "Verify that RHEL 9 is configured to boot to the command line:\n\n$ systemctl get-default\n\nmulti-user.target\n\nIf the system default target is not set to \"multi-user.target\" and the information system security officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Document the requirement for a graphical user interface with the ISSO or set the default target to multi-user with the following command:\n\n$ sudo systemctl set-default multi-user.target",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.5,
+          "code": "{\n  \"status\": \"Failed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257781\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000480-GPOS-00227\",\n  \"ruleId\": \"SV-257781r925330_rule\",\n  \"ruleVer\": \"RHEL-09-211030\",\n  \"ruleTitle\": \"The graphical display manager must not be the default target on RHEL 9 unless approved.\",\n  \"vulnDiscuss\": \"Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify that RHEL 9 is configured to boot to the command line:\\n\\n$ systemctl get-default\\n\\nmulti-user.target\\n\\nIf the system default target is not set to \\\"multi-user.target\\\" and the information system security officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.\",\n  \"fixText\": \"Document the requirement for a graphical user interface with the ISSO or set the default target to multi-user with the following command:\\n\\n$ sudo systemctl set-default multi-user.target\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366\"\n}",
+          "results": [
+            {
+              "status": "failed",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000480-GPOS-00227",
+            "rid": "SV-257782r942961_rule",
+            "gid": "V-257782",
+            "stig_id": "RHEL-09-211035",
+            "cci": [
+              "CCI-000366"
+            ],
+            "nist": [
+              "CM-6 b"
+            ],
+            "severity": "low",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 must enable the hardware random number generator entropy gatherer service.",
+          "id": "V-257782",
+          "desc": "The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.  \n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).",
+          "descriptions": [
+            {
+              "data": "Note: For RHEL 9 systems running with kernel FIPS mode enabled as specified by RHEL-09-671010, this requirement is Not Applicable.\n\nVerify that RHEL 9 has enabled the hardware random number generator entropy gatherer service with the following command:\n\n$ systemctl is-active rngd\n\nactive\n\nIf the \"rngd\" service is not active, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Install the rng-tools package with the following command:\n\n$ sudo dnf install rng-tools\n\nThen enable the rngd service run the following command:\n\n$ sudo systemctl enable --now rngd",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.3,
+          "code": "{\n  \"status\": \"Passed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257782\",\n  \"severity\": \"low\",\n  \"groupTitle\": \"SRG-OS-000480-GPOS-00227\",\n  \"ruleId\": \"SV-257782r942961_rule\",\n  \"ruleVer\": \"RHEL-09-211035\",\n  \"ruleTitle\": \"RHEL 9 must enable the hardware random number generator entropy gatherer service.\",\n  \"vulnDiscuss\": \"The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.  \\n\\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Note: For RHEL 9 systems running with kernel FIPS mode enabled as specified by RHEL-09-671010, this requirement is Not Applicable.\\n\\nVerify that RHEL 9 has enabled the hardware random number generator entropy gatherer service with the following command:\\n\\n$ systemctl is-active rngd\\n\\nactive\\n\\nIf the \\\"rngd\\\" service is not active, this is a finding.\",\n  \"fixText\": \"Install the rng-tools package with the following command:\\n\\n$ sudo dnf install rng-tools\\n\\nThen enable the rngd service run the following command:\\n\\n$ sudo systemctl enable --now rngd\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366\"\n}",
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000269-GPOS-00103",
+            "rid": "SV-257783r925336_rule",
+            "gid": "V-257783",
+            "stig_id": "RHEL-09-211040",
+            "cci": [
+              "CCI-001665"
+            ],
+            "nist": [
+              "SC-24"
+            ],
+            "severity": "medium",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 systemd-journald service must be enabled.",
+          "id": "V-257783",
+          "desc": "In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.",
+          "descriptions": [
+            {
+              "data": "Verify that \"systemd-journald\" is active with the following command:\n\n$ systemctl is-active systemd-journald\n\nactive\n\nIf the systemd-journald service is not active, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "To enable the systemd-journald service, run the following command:\n\n$ sudo systemctl enable --now systemd-journald",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.5,
+          "code": "{\n  \"status\": \"Passed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257783\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000269-GPOS-00103\",\n  \"ruleId\": \"SV-257783r925336_rule\",\n  \"ruleVer\": \"RHEL-09-211040\",\n  \"ruleTitle\": \"RHEL 9 systemd-journald service must be enabled.\",\n  \"vulnDiscuss\": \"In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify that \\\"systemd-journald\\\" is active with the following command:\\n\\n$ systemctl is-active systemd-journald\\n\\nactive\\n\\nIf the systemd-journald service is not active, this is a finding.\",\n  \"fixText\": \"To enable the systemd-journald service, run the following command:\\n\\n$ sudo systemctl enable --now systemd-journald\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-001665\"\n}",
+          "results": [
+            {
+              "status": "passed",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000324-GPOS-00125",
+            "rid": "SV-257784r925339_rule",
+            "gid": "V-257784",
+            "stig_id": "RHEL-09-211045",
+            "cci": [
+              "CCI-000366",
+              "CCI-002235"
+            ],
+            "nist": [
+              "CM-6 b",
+              "AC-6 (10)"
+            ],
+            "severity": "high",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.",
+          "id": "V-257784",
+          "desc": "A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.\n\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227",
+          "descriptions": [
+            {
+              "data": "Verify RHEL 9 is configured to not reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:\n\n$ grep -i ctrl /etc/systemd/system.conf\n\nCtrlAltDelBurstAction=none\n\nIf the \"CtrlAltDelBurstAction\" is not set to \"none\", commented out, or is missing, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Configure the system to disable the CtrlAltDelBurstAction by added or modifying the following line in the \"/etc/systemd/system.conf\" configuration file:\n\nCtrlAltDelBurstAction=none\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.7,
+          "code": "{\n  \"status\": \"Not Reviewed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257784\",\n  \"severity\": \"high\",\n  \"groupTitle\": \"SRG-OS-000324-GPOS-00125\",\n  \"ruleId\": \"SV-257784r925339_rule\",\n  \"ruleVer\": \"RHEL-09-211045\",\n  \"ruleTitle\": \"The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.\",\n  \"vulnDiscuss\": \"A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.\\n\\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify RHEL 9 is configured to not reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:\\n\\n$ grep -i ctrl /etc/systemd/system.conf\\n\\nCtrlAltDelBurstAction=none\\n\\nIf the \\\"CtrlAltDelBurstAction\\\" is not set to \\\"none\\\", commented out, or is missing, this is a finding.\",\n  \"fixText\": \"Configure the system to disable the CtrlAltDelBurstAction by added or modifying the following line in the \\\"/etc/systemd/system.conf\\\" configuration file:\\n\\nCtrlAltDelBurstAction=none\\n\\nReload the daemon for this change to take effect.\\n\\n$ sudo systemctl daemon-reload\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366; CCI-002235\"\n}",
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000324-GPOS-00125",
+            "rid": "SV-257785r925342_rule",
+            "gid": "V-257785",
+            "stig_id": "RHEL-09-211050",
+            "cci": [
+              "CCI-000366",
+              "CCI-002235"
+            ],
+            "nist": [
+              "CM-6 b",
+              "AC-6 (10)"
+            ],
+            "severity": "high",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.",
+          "id": "V-257785",
+          "desc": "A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.\n\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227",
+          "descriptions": [
+            {
+              "data": "Verify RHEL 9 is not configured to reboot the system when Ctrl-Alt-Delete is pressed with the following command:\n\n$ sudo systemctl status ctrl-alt-del.target\n\nctrl-alt-del.target\nLoaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\nActive: inactive (dead)\n\nIf the \"ctrl-alt-del.target\" is loaded and not masked, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Configure RHEL 9 to disable the ctrl-alt-del.target with the following command:\n\n$ sudo systemctl disable --now ctrl-alt-del.target\n$ sudo systemctl mask --now ctrl-alt-del.target",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.7,
+          "code": "{\n  \"status\": \"Not Reviewed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257785\",\n  \"severity\": \"high\",\n  \"groupTitle\": \"SRG-OS-000324-GPOS-00125\",\n  \"ruleId\": \"SV-257785r925342_rule\",\n  \"ruleVer\": \"RHEL-09-211050\",\n  \"ruleTitle\": \"The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.\",\n  \"vulnDiscuss\": \"A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.\\n\\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify RHEL 9 is not configured to reboot the system when Ctrl-Alt-Delete is pressed with the following command:\\n\\n$ sudo systemctl status ctrl-alt-del.target\\n\\nctrl-alt-del.target\\nLoaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\\nActive: inactive (dead)\\n\\nIf the \\\"ctrl-alt-del.target\\\" is loaded and not masked, this is a finding.\",\n  \"fixText\": \"Configure RHEL 9 to disable the ctrl-alt-del.target with the following command:\\n\\n$ sudo systemctl disable --now ctrl-alt-del.target\\n$ sudo systemctl mask --now ctrl-alt-del.target\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366; CCI-002235\"\n}",
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000324-GPOS-00125",
+            "rid": "SV-257786r943026_rule",
+            "gid": "V-257786",
+            "stig_id": "RHEL-09-211055",
+            "cci": [
+              "CCI-000366",
+              "CCI-002235"
+            ],
+            "nist": [
+              "CM-6 b",
+              "AC-6 (10)"
+            ],
+            "severity": "medium",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 debug-shell systemd service must be disabled.",
+          "id": "V-257786",
+          "desc": "The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd. This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.\n\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227",
+          "descriptions": [
+            {
+              "data": "Verify RHEL 9 is configured to mask the debug-shell systemd service with the following command:\n\n$ sudo systemctl status debug-shell.service\n\ndebug-shell.service\nLoaded: masked (Reason: Unit debug-shell.service is masked.)\nActive: inactive (dead)\n\nIf the \"debug-shell.service\" is loaded and not masked, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Configure RHEL 9 to mask the debug-shell systemd service with the following command:\n\n$ sudo systemctl disable --now debug-shell.service\n$ sudo systemctl mask --now debug-shell.service",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.5,
+          "code": "{\n  \"status\": \"Not Reviewed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257786\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000324-GPOS-00125\",\n  \"ruleId\": \"SV-257786r943026_rule\",\n  \"ruleVer\": \"RHEL-09-211055\",\n  \"ruleTitle\": \"RHEL 9 debug-shell systemd service must be disabled.\",\n  \"vulnDiscuss\": \"The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd. This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.\\n\\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify RHEL 9 is configured to mask the debug-shell systemd service with the following command:\\n\\n$ sudo systemctl status debug-shell.service\\n\\ndebug-shell.service\\nLoaded: masked (Reason: Unit debug-shell.service is masked.)\\nActive: inactive (dead)\\n\\nIf the \\\"debug-shell.service\\\" is loaded and not masked, this is a finding.\",\n  \"fixText\": \"Configure RHEL 9 to mask the debug-shell systemd service with the following command:\\n\\n$ sudo systemctl disable --now debug-shell.service\\n$ sudo systemctl mask --now debug-shell.service\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000366; CCI-002235\"\n}",
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        },
+        {
+          "tags": {
+            "gtitle": "SRG-OS-000080-GPOS-00048",
+            "rid": "SV-257787r925348_rule",
+            "gid": "V-257787",
+            "stig_id": "RHEL-09-212010",
+            "cci": [
+              "CCI-000213"
+            ],
+            "nist": [
+              "AC-3"
+            ],
+            "severity": "medium",
+            "weight": "10.0",
+            "STIGRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024"
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "RHEL 9 must require a boot loader superuser password.",
+          "id": "V-257787",
+          "desc": "To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.\n\nPassword protection on the boot loader configuration ensures users with physical access cannot trivially alter important bootloader settings. These include which kernel to use, and whether to enter single-user mode.",
+          "descriptions": [
+            {
+              "data": "Verify the boot loader superuser password has been set and run the following command:\n\n$ sudo grep \"superusers\" /etc/grub2.cfg \n\npassword_pbkdf2  superusers-account   ${GRUB2_PASSWORD}  \n\nTo verify the boot loader superuser account password has been set, and the password encrypted, run the following command:\n\n$ sudo cat /boot/grub2/user.cfg \n\nGRUB2_PASSWORD=grub.pbkdf2.sha512.10000.C4E08AC72FBFF7E837FD267BFAD7AEB3D42DDC\n2C99F2A94DD5E2E75C2DC331B719FE55D9411745F82D1B6CFD9E927D61925F9BBDD1CFAA0080E0\n916F7AB46E0D.1302284FCCC52CD73BA3671C6C12C26FF50BA873293B24EE2A96EE3B57963E6D7\n0C83964B473EC8F93B07FE749AA6710269E904A9B08A6BBACB00A2D242AD828 \n\nIf a \"GRUB2_PASSWORD\" is not set, this is a finding.",
+              "label": "check"
+            },
+            {
+              "data": "Configure RHEL 9 to require a grub bootloader password for the grub superuser account.\n\nGenerate an encrypted grub2 password for the grub superuser account with the following command:\n\n$ sudo grub2-setpassword\nEnter password:\nConfirm password:",
+              "label": "fix"
+            }
+          ],
+          "impact": 0.5,
+          "code": "{\n  \"status\": \"Not Reviewed\",\n  \"findingdetails\": \"\",\n  \"comments\": \"\",\n  \"severityoverride\": \"\",\n  \"severityjustification\": \"\",\n  \"vulnNum\": \"V-257787\",\n  \"severity\": \"medium\",\n  \"groupTitle\": \"SRG-OS-000080-GPOS-00048\",\n  \"ruleId\": \"SV-257787r925348_rule\",\n  \"ruleVer\": \"RHEL-09-212010\",\n  \"ruleTitle\": \"RHEL 9 must require a boot loader superuser password.\",\n  \"vulnDiscuss\": \"To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.\\n\\nPassword protection on the boot loader configuration ensures users with physical access cannot trivially alter important bootloader settings. These include which kernel to use, and whether to enter single-user mode.\",\n  \"iaControls\": \"\",\n  \"checkContent\": \"Verify the boot loader superuser password has been set and run the following command:\\n\\n$ sudo grep \\\"superusers\\\" /etc/grub2.cfg \\n\\npassword_pbkdf2  superusers-account   ${GRUB2_PASSWORD}  \\n\\nTo verify the boot loader superuser account password has been set, and the password encrypted, run the following command:\\n\\n$ sudo cat /boot/grub2/user.cfg \\n\\nGRUB2_PASSWORD=grub.pbkdf2.sha512.10000.C4E08AC72FBFF7E837FD267BFAD7AEB3D42DDC\\n2C99F2A94DD5E2E75C2DC331B719FE55D9411745F82D1B6CFD9E927D61925F9BBDD1CFAA0080E0\\n916F7AB46E0D.1302284FCCC52CD73BA3671C6C12C26FF50BA873293B24EE2A96EE3B57963E6D7\\n0C83964B473EC8F93B07FE749AA6710269E904A9B08A6BBACB00A2D242AD828 \\n\\nIf a \\\"GRUB2_PASSWORD\\\" is not set, this is a finding.\",\n  \"fixText\": \"Configure RHEL 9 to require a grub bootloader password for the grub superuser account.\\n\\nGenerate an encrypted grub2 password for the grub superuser account with the following command:\\n\\n$ sudo grub2-setpassword\\nEnter password:\\nConfirm password:\",\n  \"falsePositives\": \"\",\n  \"falseNegatives\": \"\",\n  \"documentable\": \"false\",\n  \"mitigations\": \"\",\n  \"potentialImpact\": \"\",\n  \"thirdPartyTools\": \"\",\n  \"mitigationControl\": \"\",\n  \"responsibility\": \"\",\n  \"securityOverrideGuidance\": \"\",\n  \"checkContentRef\": \"M\",\n  \"weight\": \"10.0\",\n  \"class\": \"Unclass\",\n  \"stigRef\": \"Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024\",\n  \"targetKey\": \"5551\",\n  \"stigUuid\": \"4f55ab46-138a-4554-952f-4bf8523b04ec\",\n  \"legacyId\": \"; \",\n  \"cciRef\": \"CCI-000213\"\n}",
+          "results": [
+            {
+              "status": "skipped",
+              "code_desc": "",
+              "start_time": ""
+            }
+          ]
+        }
+      ],
+      "sha256": "cd0150021884813f964483b2e543dd6458e106d0c6fa125852991525a9c1e0f8"
+    }
+  ],
+  "passthrough": {
+    "checklist": {
+      "asset": {
+        "role": "None",
+        "assettype": "Computing",
+        "hostname": "",
+        "hostip": "",
+        "hostmac": "",
+        "hostfqdn": "",
+        "marking": "CUI",
+        "targetcomment": "",
+        "techarea": "",
+        "targetkey": "5551",
+        "webordatabase": false,
+        "webdbsite": "",
+        "webdbinstance": ""
+      },
+      "stigs": [
+        {
+          "header": {
+            "version": "1",
+            "classification": "UNCLASSIFIED",
+            "customname": "",
+            "stigid": "RHEL_9_STIG",
+            "description": "This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.",
+            "filename": "U_RHEL_9_STIG_V1R3_Manual-xccdf.xml",
+            "releaseinfo": "Release: 3 Benchmark Date: 24 Apr 2024",
+            "title": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide",
+            "uuid": "47e1d7ee-1fe2-4f8b-9914-3aaa2b6ace72",
+            "notice": "terms-of-use",
+            "source": "STIG.DOD.MIL"
+          },
+          "vulns": [
+            {
+              "status": "Not Applicable",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "medium",
+              "severityjustification": "Testing both N/A and overidden",
+              "vulnNum": "V-257777",
+              "severity": "high",
+              "groupTitle": "SRG-OS-000480-GPOS-00227",
+              "ruleId": "SV-257777r925318_rule",
+              "ruleVer": "RHEL-09-211010",
+              "ruleTitle": "RHEL 9 must be a vendor-supported release.",
+              "vulnDiscuss": "An operating system release is considered \"supported\" if the vendor continues to provide security patches for the product. With an unsupported release, it will not be possible to resolve security issues discovered in the system software.\n\nRed Hat offers the Extended Update Support (EUS) add-on to a Red Hat Enterprise Linux subscription, for a fee, for those customers who wish to standardize on a specific minor release for an extended period.",
+              "iaControls": "",
+              "checkContent": "Verify that the version or RHEL 9 is vendor supported with the following command:\n\n$ cat /etc/redhat-release \n\nRed Hat Enterprise Linux release 9.2 (Plow)\n\nIf the installed version of RHEL 9 is not supported, this is a finding.",
+              "fixText": "Upgrade to a supported version of RHEL 9.",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366"
+            },
+            {
+              "status": "Failed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "low",
+              "severityjustification": "Example of overridden severity",
+              "vulnNum": "V-257778",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000480-GPOS-00227",
+              "ruleId": "SV-257778r925321_rule",
+              "ruleVer": "RHEL-09-211015",
+              "ruleTitle": "RHEL 9 vendor packaged system security patches and updates must be installed and up to date.",
+              "vulnDiscuss": "Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities. If the most recent security patches and updates are not installed, unauthorized users may take advantage of weaknesses in the unpatched software. The lack of prompt attention to patching could result in a system compromise.",
+              "iaControls": "",
+              "checkContent": "Verify RHEL 9 security patches and updates are installed and up to date. Updates are required to be applied with a frequency determined by organizational policy.\n\nObtain the list of available package security updates from Red Hat. The URL for updates is https://access.redhat.com/errata-search/. It is important to note that updates provided by Red Hat may not be present on the system if the underlying packages are not installed.\n\nCheck that the available package security updates have been installed on the system with the following command:\n\n$ dnf history list | more\n\n    ID | Command line | Date and time | Action(s) | Altered    \n-------------------------------------------------------------------------------    \n   70 | install aide | 2023-03-05 10:58 | Install | 1    \n   69 | update -y | 2023-03-04 14:34 | Update | 18 EE    \n   68 | install vlc | 2023-02-21 17:12 | Install | 21   \n   67 | update -y | 2023-02-21 17:04 | Update | 7 EE \n\nTypical update frequency may be overridden by Information Assurance Vulnerability Alert (IAVA) notifications from CYBERCOM.\n\nIf the system is in noncompliance with the organizational patching policy, this is a finding.",
+              "fixText": "Install RHEL 9 security patches and updates at the organizationally defined frequency. If system updates are installed via a centralized repository that is configured on the system, all updates can be installed with the following command:\n\n$ sudo dnf update",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366"
+            },
+            {
+              "status": "Failed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "high",
+              "severityjustification": "Example high justification",
+              "vulnNum": "V-257779",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000023-GPOS-00006",
+              "ruleId": "SV-257779r925324_rule",
+              "ruleVer": "RHEL-09-211020",
+              "ruleTitle": "RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon.",
+              "vulnDiscuss": "Display of a standardized and approved use notification before granting access to the operating system ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\nSystem use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\nSatisfies: SRG-OS-000023-GPOS-00006, SRG-OS-000228-GPOS-00088",
+              "iaControls": "",
+              "checkContent": "Verify RHEL 9 displays the Standard Mandatory DOD Notice and Consent Banner before granting access to the operating system via a command line user logon.\n\nCheck that a banner is displayed at the command line login screen with the following command:\n\n$ sudo cat /etc/issue\n\nIf the banner is set correctly it will return the following text:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"\n\nIf the banner text does not match the Standard Mandatory DOD Notice and Consent Banner exactly, or the line is commented out, this is a finding.",
+              "fixText": "Configure RHEL 9 to display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via command line logon.\n\nEdit the \"/etc/issue\" file to replace the default text with the Standard Mandatory DOD Notice and Consent Banner. The DOD-required text is:\n\n\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n-At any time, the USG may inspect and seize data stored on this IS.\n\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests -- not for your personal benefit or privacy.\n\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\"",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "{\n  \"hdfSpecificData\": {\n    \"impact\": 1.0,\n    \"severity\": \"critical\"\n  }\n}",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "",
+              "legacyId": "; ",
+              "cciRef": "CCI-000048; CCI-001384; CCI-001385; CCI-001386; CCI-001387; CCI-001388"
+            },
+            {
+              "status": "Failed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257780",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000191-GPOS-00080",
+              "ruleId": "SV-257780r939261_rule",
+              "ruleVer": "RHEL-09-211025",
+              "ruleTitle": "RHEL 9 must implement the Endpoint Security for Linux Threat Prevention tool.",
+              "vulnDiscuss": "Without the use of automated mechanisms to scan for security flaws on a continuous and/or periodic basis, the operating system or other system components may remain vulnerable to the exploits presented by undetected software flaws.\n\nTo support this requirement, the operating system may have an integrated solution incorporating continuous scanning using ESS and periodic scanning using other tools, as specified in the requirement.",
+              "iaControls": "",
+              "checkContent": "Verify that RHEL 9 has implemented the Endpoint Security for Linux Threat Prevention tool.\n\nCheck that the following package has been installed:\n\n$ sudo rpm -qa | grep -i mcafeetp\n\nIf the \"mcafeetp\" package is not installed, this is a finding.\n\nVerify that the daemon is running:\n\n$ sudo ps -ef | grep -i mfetpd\n\nIf the daemon is not running, this is a finding.",
+              "fixText": "Install and enable the latest McAfee ENSLTP package.",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-001233"
+            },
+            {
+              "status": "Failed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257781",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000480-GPOS-00227",
+              "ruleId": "SV-257781r925330_rule",
+              "ruleVer": "RHEL-09-211030",
+              "ruleTitle": "The graphical display manager must not be the default target on RHEL 9 unless approved.",
+              "vulnDiscuss": "Unnecessary service packages must not be installed to decrease the attack surface of the system. Graphical display managers have a long history of security vulnerabilities and must not be used, unless approved and documented.",
+              "iaControls": "",
+              "checkContent": "Verify that RHEL 9 is configured to boot to the command line:\n\n$ systemctl get-default\n\nmulti-user.target\n\nIf the system default target is not set to \"multi-user.target\" and the information system security officer (ISSO) lacks a documented requirement for a graphical user interface, this is a finding.",
+              "fixText": "Document the requirement for a graphical user interface with the ISSO or set the default target to multi-user with the following command:\n\n$ sudo systemctl set-default multi-user.target",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366"
+            },
+            {
+              "status": "Passed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257782",
+              "severity": "low",
+              "groupTitle": "SRG-OS-000480-GPOS-00227",
+              "ruleId": "SV-257782r942961_rule",
+              "ruleVer": "RHEL-09-211035",
+              "ruleTitle": "RHEL 9 must enable the hardware random number generator entropy gatherer service.",
+              "vulnDiscuss": "The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.  \n\nThe rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).",
+              "iaControls": "",
+              "checkContent": "Note: For RHEL 9 systems running with kernel FIPS mode enabled as specified by RHEL-09-671010, this requirement is Not Applicable.\n\nVerify that RHEL 9 has enabled the hardware random number generator entropy gatherer service with the following command:\n\n$ systemctl is-active rngd\n\nactive\n\nIf the \"rngd\" service is not active, this is a finding.",
+              "fixText": "Install the rng-tools package with the following command:\n\n$ sudo dnf install rng-tools\n\nThen enable the rngd service run the following command:\n\n$ sudo systemctl enable --now rngd",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366"
+            },
+            {
+              "status": "Passed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257783",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000269-GPOS-00103",
+              "ruleId": "SV-257783r925336_rule",
+              "ruleVer": "RHEL-09-211040",
+              "ruleTitle": "RHEL 9 systemd-journald service must be enabled.",
+              "vulnDiscuss": "In the event of a system failure, RHEL 9 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to system processes.",
+              "iaControls": "",
+              "checkContent": "Verify that \"systemd-journald\" is active with the following command:\n\n$ systemctl is-active systemd-journald\n\nactive\n\nIf the systemd-journald service is not active, this is a finding.",
+              "fixText": "To enable the systemd-journald service, run the following command:\n\n$ sudo systemctl enable --now systemd-journald",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-001665"
+            },
+            {
+              "status": "Not Reviewed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257784",
+              "severity": "high",
+              "groupTitle": "SRG-OS-000324-GPOS-00125",
+              "ruleId": "SV-257784r925339_rule",
+              "ruleVer": "RHEL-09-211045",
+              "ruleTitle": "The systemd Ctrl-Alt-Delete burst key sequence in RHEL 9 must be disabled.",
+              "vulnDiscuss": "A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.\n\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227",
+              "iaControls": "",
+              "checkContent": "Verify RHEL 9 is configured to not reboot the system when Ctrl-Alt-Delete is pressed seven times within two seconds with the following command:\n\n$ grep -i ctrl /etc/systemd/system.conf\n\nCtrlAltDelBurstAction=none\n\nIf the \"CtrlAltDelBurstAction\" is not set to \"none\", commented out, or is missing, this is a finding.",
+              "fixText": "Configure the system to disable the CtrlAltDelBurstAction by added or modifying the following line in the \"/etc/systemd/system.conf\" configuration file:\n\nCtrlAltDelBurstAction=none\n\nReload the daemon for this change to take effect.\n\n$ sudo systemctl daemon-reload",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366; CCI-002235"
+            },
+            {
+              "status": "Not Reviewed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257785",
+              "severity": "high",
+              "groupTitle": "SRG-OS-000324-GPOS-00125",
+              "ruleId": "SV-257785r925342_rule",
+              "ruleVer": "RHEL-09-211050",
+              "ruleTitle": "The x86 Ctrl-Alt-Delete key sequence must be disabled on RHEL 9.",
+              "vulnDiscuss": "A locally logged-on user who presses Ctrl-Alt-Delete when at the console can reboot the system. If accidentally pressed, as could happen in the case of a mixed OS environment, this can create the risk of short-term loss of availability of systems due to unintentional reboot. In a graphical user environment, risk of unintentional reboot from the Ctrl-Alt-Delete sequence is reduced because the user will be prompted before any action is taken.\n\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227",
+              "iaControls": "",
+              "checkContent": "Verify RHEL 9 is not configured to reboot the system when Ctrl-Alt-Delete is pressed with the following command:\n\n$ sudo systemctl status ctrl-alt-del.target\n\nctrl-alt-del.target\nLoaded: masked (Reason: Unit ctrl-alt-del.target is masked.)\nActive: inactive (dead)\n\nIf the \"ctrl-alt-del.target\" is loaded and not masked, this is a finding.",
+              "fixText": "Configure RHEL 9 to disable the ctrl-alt-del.target with the following command:\n\n$ sudo systemctl disable --now ctrl-alt-del.target\n$ sudo systemctl mask --now ctrl-alt-del.target",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366; CCI-002235"
+            },
+            {
+              "status": "Not Reviewed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257786",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000324-GPOS-00125",
+              "ruleId": "SV-257786r943026_rule",
+              "ruleVer": "RHEL-09-211055",
+              "ruleTitle": "RHEL 9 debug-shell systemd service must be disabled.",
+              "vulnDiscuss": "The debug-shell requires no authentication and provides root privileges to anyone who has physical access to the machine. While this feature is disabled by default, masking it adds an additional layer of assurance that it will not be enabled via a dependency in systemd. This also prevents attackers with physical access from trivially bypassing security on the machine through valid troubleshooting configurations and gaining root access when the system is rebooted.\n\nSatisfies: SRG-OS-000324-GPOS-00125, SRG-OS-000480-GPOS-00227",
+              "iaControls": "",
+              "checkContent": "Verify RHEL 9 is configured to mask the debug-shell systemd service with the following command:\n\n$ sudo systemctl status debug-shell.service\n\ndebug-shell.service\nLoaded: masked (Reason: Unit debug-shell.service is masked.)\nActive: inactive (dead)\n\nIf the \"debug-shell.service\" is loaded and not masked, this is a finding.",
+              "fixText": "Configure RHEL 9 to mask the debug-shell systemd service with the following command:\n\n$ sudo systemctl disable --now debug-shell.service\n$ sudo systemctl mask --now debug-shell.service",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-000366; CCI-002235"
+            },
+            {
+              "status": "Not Reviewed",
+              "findingdetails": "",
+              "comments": "",
+              "severityoverride": "",
+              "severityjustification": "",
+              "vulnNum": "V-257787",
+              "severity": "medium",
+              "groupTitle": "SRG-OS-000080-GPOS-00048",
+              "ruleId": "SV-257787r925348_rule",
+              "ruleVer": "RHEL-09-212010",
+              "ruleTitle": "RHEL 9 must require a boot loader superuser password.",
+              "vulnDiscuss": "To mitigate the risk of unauthorized access to sensitive information by entities that have been issued certificates by DOD-approved PKIs, all DOD systems (e.g., web servers and web portals) must be properly configured to incorporate access control methods that do not rely solely on the possession of a certificate for access. Successful authentication must not automatically give an entity access to an asset or security boundary. Authorization procedures and controls must be implemented to ensure each authenticated entity also has a validated and current authorization. Authorization is the process of determining whether an entity, once authenticated, is permitted to access a specific asset. Information systems use access control policies and enforcement mechanisms to implement this requirement.\n\nPassword protection on the boot loader configuration ensures users with physical access cannot trivially alter important bootloader settings. These include which kernel to use, and whether to enter single-user mode.",
+              "iaControls": "",
+              "checkContent": "Verify the boot loader superuser password has been set and run the following command:\n\n$ sudo grep \"superusers\" /etc/grub2.cfg \n\npassword_pbkdf2  superusers-account   ${GRUB2_PASSWORD}  \n\nTo verify the boot loader superuser account password has been set, and the password encrypted, run the following command:\n\n$ sudo cat /boot/grub2/user.cfg \n\nGRUB2_PASSWORD=grub.pbkdf2.sha512.10000.C4E08AC72FBFF7E837FD267BFAD7AEB3D42DDC\n2C99F2A94DD5E2E75C2DC331B719FE55D9411745F82D1B6CFD9E927D61925F9BBDD1CFAA0080E0\n916F7AB46E0D.1302284FCCC52CD73BA3671C6C12C26FF50BA873293B24EE2A96EE3B57963E6D7\n0C83964B473EC8F93B07FE749AA6710269E904A9B08A6BBACB00A2D242AD828 \n\nIf a \"GRUB2_PASSWORD\" is not set, this is a finding.",
+              "fixText": "Configure RHEL 9 to require a grub bootloader password for the grub superuser account.\n\nGenerate an encrypted grub2 password for the grub superuser account with the following command:\n\n$ sudo grub2-setpassword\nEnter password:\nConfirm password:",
+              "falsePositives": "",
+              "falseNegatives": "",
+              "documentable": "false",
+              "mitigations": "",
+              "potentialImpact": "",
+              "thirdPartyTools": "",
+              "mitigationControl": "",
+              "responsibility": "",
+              "securityOverrideGuidance": "",
+              "checkContentRef": "M",
+              "weight": "10.0",
+              "class": "Unclass",
+              "stigRef": "Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 3 Benchmark Date: 24 Apr 2024",
+              "targetKey": "5551",
+              "stigUuid": "4f55ab46-138a-4554-952f-4bf8523b04ec",
+              "legacyId": "; ",
+              "cciRef": "CCI-000213"
+            }
+          ]
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/test/sample_data/checklist/three_stig_checklist-hdf.json b/test/sample_data/checklist/three_stig_checklist-hdf.json
index 7c41b63ab..ecc40fe30 100644
--- a/test/sample_data/checklist/three_stig_checklist-hdf.json
+++ b/test/sample_data/checklist/three_stig_checklist-hdf.json
@@ -1,14 +1,14 @@
 {
   "platform": {
     "name": "Heimdall Tools",
-    "release": "2.10.1"
+    "release": "2.10.8"
   },
-  "version": "2.10.1",
+  "version": "2.10.8",
   "statistics": {},
   "profiles": [
     {
       "name": "Parent Profile",
-      "version": "2.10.1",
+      "version": "2.10.8",
       "supports": [],
       "attributes": [],
       "groups": [],
@@ -36,6 +36,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -76,6 +77,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -116,6 +118,7 @@
             "nist": [
               "AC-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -156,6 +159,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -196,6 +200,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -236,6 +241,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -276,6 +282,7 @@
             "nist": [
               "AC-2 (3) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -316,6 +323,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -356,6 +364,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -396,6 +405,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -436,6 +446,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -476,6 +487,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -516,6 +528,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -556,6 +569,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -596,6 +610,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -636,6 +651,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -676,6 +692,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -716,6 +733,7 @@
             "nist": [
               "AC-3 (7)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -756,6 +774,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -796,6 +815,7 @@
             "nist": [
               "AC-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -836,6 +856,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -876,6 +897,7 @@
             "nist": [
               "AU-3 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -916,6 +938,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -956,6 +979,7 @@
             "nist": [
               "AU-3 d"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -996,6 +1020,7 @@
             "nist": [
               "AU-3 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1036,6 +1061,7 @@
             "nist": [
               "AU-3 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1076,6 +1102,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1116,6 +1143,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1156,6 +1184,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1196,6 +1225,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1236,6 +1266,7 @@
             "nist": [
               "AU-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1276,6 +1307,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1316,6 +1348,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1358,6 +1391,7 @@
               "CM-6 b",
               "AU-8 (1) (a)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1400,6 +1434,7 @@
               "CM-6 b",
               "AU-8 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1440,6 +1475,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1480,6 +1516,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1520,6 +1557,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1560,6 +1598,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1600,6 +1639,7 @@
             "nist": [
               "IA-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1640,6 +1680,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1680,6 +1721,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1720,6 +1762,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1760,6 +1803,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1800,6 +1844,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1840,6 +1885,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1880,6 +1926,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1920,6 +1967,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -1960,6 +2008,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2000,6 +2049,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2040,6 +2090,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2080,6 +2131,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2120,6 +2172,7 @@
             "nist": [
               "IA-5 (1) (e)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2160,6 +2213,7 @@
             "nist": [
               "IA-5 (1) (f)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2200,6 +2254,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2240,6 +2295,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2280,6 +2336,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2320,6 +2377,7 @@
             "nist": [
               "IA-5 (2) (a) (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2360,6 +2418,7 @@
             "nist": [
               "SC-28"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2400,6 +2459,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2440,6 +2500,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2480,6 +2541,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2520,6 +2582,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2560,6 +2623,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2600,6 +2664,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2640,6 +2705,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2680,6 +2746,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2720,6 +2787,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2760,6 +2828,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -2800,6 +2869,7 @@
             "nist": [
               "AC-10"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102427; SV-111371",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -2841,6 +2911,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102429; SV-111373",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -2882,6 +2953,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102431; SV-111375",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -2927,6 +2999,7 @@
               "AC-17 (2)",
               "SC-8"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102433; SV-111547",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -2980,6 +3053,7 @@
               "AU-12 a",
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102435; SV-111379",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3023,6 +3097,7 @@
               "IA-5 (2) (a) (1)",
               "AC-3"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102445; SV-111393",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3064,6 +3139,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102447; SV-111395",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3105,6 +3181,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102449; SV-111397",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3146,6 +3223,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102451; SV-111399",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3187,6 +3265,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102453; SV-111401",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3228,6 +3307,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102455; SV-111403",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3269,6 +3349,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102457; SV-111405",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3318,6 +3399,7 @@
               "AU-12 c",
               "AU-3 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102603; SV-111549",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3359,6 +3441,7 @@
             "nist": [
               "AU-3 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102461; SV-111407",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3400,6 +3483,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102463; SV-111409",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3441,6 +3525,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102465; SV-111411",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3482,6 +3567,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102467; SV-111413",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3523,6 +3609,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102469; SV-111415",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3564,6 +3651,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102471; SV-111417",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3607,6 +3695,7 @@
               "AU-9 a",
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102473; SV-111419",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3650,6 +3739,7 @@
               "AU-9 a",
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102605; SV-111551",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3691,6 +3781,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102477; SV-111421",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3737,6 +3828,7 @@
               "AU-9",
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102607; SV-111553",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3778,6 +3870,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102481; SV-111423",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3819,6 +3912,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102483; SV-111425",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3860,6 +3954,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102485; SV-111427",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3901,6 +3996,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102487; SV-111429",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3942,6 +4038,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102489; SV-111431",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -3983,6 +4080,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102491; SV-111433",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4024,6 +4122,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102493; SV-111435",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4065,6 +4164,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102495; SV-111437",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4106,6 +4206,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102497; SV-111439",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4147,6 +4248,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102499; SV-111441",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4188,6 +4290,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102501; SV-111443",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4229,6 +4332,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102503; SV-111445",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4270,6 +4374,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102505; SV-111447",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4311,6 +4416,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102507; SV-111449",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4352,6 +4458,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102509; SV-111451",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4393,6 +4500,7 @@
             "nist": [
               "IA-2 (5)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102511; SV-111565",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4434,6 +4542,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102513; SV-111455",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4475,6 +4584,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102515; SV-111457",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4516,6 +4626,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102517; SV-111459",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4566,6 +4677,7 @@
               "SC-8 (1)",
               "SC-28 (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102609; SV-111567",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4607,6 +4719,7 @@
             "nist": [
               "SC-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102521; SV-111461",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4648,6 +4761,7 @@
             "nist": [
               "SC-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102523; SV-111463",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4689,6 +4803,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102525; SV-111465",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4730,6 +4845,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102529; SV-111469",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4771,6 +4887,7 @@
             "nist": [
               "SC-24"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102531; SV-111471",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4812,6 +4929,7 @@
             "nist": [
               "SI-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102533; SV-111473",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4853,6 +4971,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102535; SV-111475",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4894,6 +5013,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102537; SV-111477",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4935,6 +5055,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102539; SV-111479",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -4978,6 +5099,7 @@
               "IA-11",
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102541; SV-111481",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5019,6 +5141,7 @@
             "nist": [
               "AC-17 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102543; SV-111483",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5060,6 +5183,7 @@
             "nist": [
               "AC-17 (9)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102545; SV-111485",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5101,6 +5225,7 @@
             "nist": [
               "AC-17 (9)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102547; SV-111487",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5142,6 +5267,7 @@
             "nist": [
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102549; SV-111489",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5183,6 +5309,7 @@
             "nist": [
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102551; SV-111491",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5224,6 +5351,7 @@
             "nist": [
               "AC-6 (9)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102553; SV-111493",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5265,6 +5393,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102555; SV-111495",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5306,6 +5435,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102557; SV-111497",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5347,6 +5477,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102559; SV-111499",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5388,6 +5519,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102561; SV-111501",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5429,6 +5561,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102563; SV-111503",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5470,6 +5603,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102565; SV-111505",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5515,6 +5649,7 @@
               "IA-2 (12)",
               "IA-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102569; SV-111509",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5556,6 +5691,7 @@
             "nist": [
               "SC-23 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102571; SV-111511",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5597,6 +5733,7 @@
             "nist": [
               "SC-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102573; SV-111513",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5640,6 +5777,7 @@
               "SC-5 a",
               "SI-2 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102575; SV-111515",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5683,6 +5821,7 @@
               "AU-12 c",
               "CM-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102577; SV-111517",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5724,6 +5863,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102579; SV-111519",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5765,6 +5905,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102581; SV-111521",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5806,6 +5947,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102583; SV-111523",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5847,6 +5989,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102585; SV-111525",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5888,6 +6031,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102587; SV-111527",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5929,6 +6073,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102589; SV-111529",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -5970,6 +6115,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102591; SV-111531",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6011,6 +6157,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102593; SV-111533",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6052,6 +6199,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102595; SV-111535",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6093,6 +6241,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102597; SV-111537",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6134,6 +6283,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102599; SV-111539",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6175,6 +6325,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102601; SV-111541",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6216,6 +6367,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102621; SV-111571",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -6257,6 +6409,7 @@
             "nist": [
               "AC-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69239; SV-83861",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6298,6 +6451,7 @@
             "nist": [
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69241; SV-83863",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6339,6 +6493,7 @@
             "nist": [
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69243; SV-83865",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6380,6 +6535,7 @@
             "nist": [
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69245; SV-83867",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6421,6 +6577,7 @@
             "nist": [
               "AC-12 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69247; SV-83869",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6462,6 +6619,7 @@
             "nist": [
               "AC-12 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69249; SV-83871",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6503,6 +6661,7 @@
             "nist": [
               "AC-16 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69251; SV-83873",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6544,6 +6703,7 @@
             "nist": [
               "AC-16 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69253; SV-83875",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6585,6 +6745,7 @@
             "nist": [
               "AC-16 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69255; SV-83877",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6626,6 +6787,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69257; SV-83879",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6667,6 +6829,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69259; SV-83881",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6708,6 +6871,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69261; SV-83883",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6749,6 +6913,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69279; SV-83901",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6790,6 +6955,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69281; SV-83903",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6831,6 +6997,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69283; SV-83905",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6872,6 +7039,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69285; SV-83907",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6913,6 +7081,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69287; SV-83909",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6954,6 +7123,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69289; SV-83911",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -6995,6 +7165,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69291; SV-83913",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7036,6 +7207,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69293; SV-83915",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7077,6 +7249,7 @@
             "nist": [
               "AC-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69295; SV-83917",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7118,6 +7291,7 @@
             "nist": [
               "AC-2 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69297; SV-83919",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7159,6 +7333,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69299; SV-83921",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7200,6 +7375,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70173; SV-84795",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7241,6 +7417,7 @@
             "nist": [
               "AC-2 (3) (d)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69301; SV-83923",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7282,6 +7459,7 @@
             "nist": [
               "AC-2 (3) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69303; SV-83925",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7323,6 +7501,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69305; SV-83927",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7364,6 +7543,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69307; SV-83929",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7405,6 +7585,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69309; SV-83931",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7446,6 +7627,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69311; SV-83933",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7487,6 +7669,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69313; SV-83935",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7528,6 +7711,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69315; SV-83937",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7569,6 +7753,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69317; SV-83939",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7610,6 +7795,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69319; SV-83941",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7651,6 +7837,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69321; SV-83943",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7692,6 +7879,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69323; SV-83945",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7733,6 +7921,7 @@
             "nist": [
               "AC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69325; SV-83947",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7774,6 +7963,7 @@
             "nist": [
               "AC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69327; SV-83949",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7815,6 +8005,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69329; SV-83951",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7856,6 +8047,7 @@
             "nist": [
               "AC-3 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69331; SV-83953",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7897,6 +8089,7 @@
             "nist": [
               "AC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69333; SV-83955",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7938,6 +8131,7 @@
             "nist": [
               "AC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69335; SV-83957",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -7979,6 +8173,7 @@
             "nist": [
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69337; SV-83959",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8020,6 +8215,7 @@
             "nist": [
               "AC-6 (8)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69339; SV-83961",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8061,6 +8257,7 @@
             "nist": [
               "AC-6 (9)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69341; SV-83963",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8102,6 +8299,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69343; SV-83965",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8143,6 +8341,7 @@
             "nist": [
               "AC-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69347; SV-83969",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8184,6 +8383,7 @@
             "nist": [
               "AC-8 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69349; SV-83971",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8225,6 +8425,7 @@
             "nist": [
               "AC-8 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69351; SV-83973",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8272,6 +8473,7 @@
               "AC-8 c 2",
               "AC-8 c 3"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69353; SV-83975",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8313,6 +8515,7 @@
             "nist": [
               "AC-9"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69355; SV-83977",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8354,6 +8557,7 @@
             "nist": [
               "AU-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69357; SV-83979",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8395,6 +8599,7 @@
             "nist": [
               "AU-12 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69359; SV-83981",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8436,6 +8641,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69363; SV-83985",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8477,6 +8683,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69365; SV-83987",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8518,6 +8725,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69367; SV-83989",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8559,6 +8767,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69369; SV-83991",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8600,6 +8809,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69371; SV-83993",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8641,6 +8851,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69373; SV-83995",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8682,6 +8893,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69375; SV-83997",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8723,6 +8935,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69377; SV-83999",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8764,6 +8977,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69379; SV-84001",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8805,6 +9019,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69381; SV-84003",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8846,6 +9061,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69383; SV-84005",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8887,6 +9103,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69385; SV-84007",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8928,6 +9145,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69387; SV-84009",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -8969,6 +9187,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69389; SV-84011",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9010,6 +9229,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69391; SV-84013",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9051,6 +9271,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69393; SV-84015",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9092,6 +9313,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69395; SV-84017",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9133,6 +9355,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69397; SV-84019",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9174,6 +9397,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69399; SV-84021",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9215,6 +9439,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69401; SV-84023",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9256,6 +9481,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69403; SV-84025",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9297,6 +9523,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69405; SV-84027",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9338,6 +9565,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69407; SV-84029",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9379,6 +9607,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69409; SV-84031",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9420,6 +9649,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69411; SV-84033",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9461,6 +9691,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69413; SV-84035",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9502,6 +9733,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69415; SV-84037",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9543,6 +9775,7 @@
             "nist": [
               "AU-14 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69419; SV-84041",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9584,6 +9817,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69421; SV-84043",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9625,6 +9859,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69423; SV-84045",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9666,6 +9901,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69425; SV-84047",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9707,6 +9943,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69427; SV-84049",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9748,6 +9985,7 @@
             "nist": [
               "AU-3 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69429; SV-84051",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9789,6 +10027,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69431; SV-84053",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9830,6 +10069,7 @@
             "nist": [
               "AU-3 d"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69433; SV-84055",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9871,6 +10111,7 @@
             "nist": [
               "AU-3 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69435; SV-84057",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9912,6 +10153,7 @@
             "nist": [
               "AU-3 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69437; SV-84059",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9953,6 +10195,7 @@
             "nist": [
               "AU-3 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69439; SV-84061",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -9994,6 +10237,7 @@
             "nist": [
               "AU-3 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69441; SV-84063",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10035,6 +10279,7 @@
             "nist": [
               "AU-3 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69443; SV-84065",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10076,6 +10321,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69445; SV-84067",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10117,6 +10363,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69447; SV-84069",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10158,6 +10405,7 @@
             "nist": [
               "AU-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69449; SV-84071",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10199,6 +10447,7 @@
             "nist": [
               "AU-5 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69451; SV-84073",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10240,6 +10489,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69453; SV-84075",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10281,6 +10531,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69455; SV-84077",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10322,6 +10573,7 @@
             "nist": [
               "AU-6 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69457; SV-84079",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10363,6 +10615,7 @@
             "nist": [
               "AU-7 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69459; SV-84081",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10404,6 +10657,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69461; SV-84083",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10445,6 +10699,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69463; SV-84085",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10486,6 +10741,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69465; SV-84087",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10527,6 +10783,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69467; SV-84089",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10568,6 +10825,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69469; SV-84091",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10609,6 +10867,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69471; SV-84093",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10650,6 +10909,7 @@
             "nist": [
               "AU-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69473; SV-84095",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10691,6 +10951,7 @@
             "nist": [
               "AU-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69475; SV-84097",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10732,6 +10993,7 @@
             "nist": [
               "AU-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69477; SV-84099",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10773,6 +11035,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69479; SV-84101",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10814,6 +11077,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69481; SV-84103",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10855,6 +11119,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69483; SV-84105",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10896,6 +11161,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69485; SV-84107",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10937,6 +11203,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69487; SV-84109",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -10978,6 +11245,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69489; SV-84111",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11019,6 +11287,7 @@
             "nist": [
               "AU-9"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69491; SV-84113",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11060,6 +11329,7 @@
             "nist": [
               "AU-9"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69493; SV-84115",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11101,6 +11371,7 @@
             "nist": [
               "AU-9 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69495; SV-84117",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11142,6 +11413,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69497; SV-84119",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11183,6 +11455,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69499; SV-84121",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11224,6 +11497,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69501; SV-84123",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11265,6 +11539,7 @@
             "nist": [
               "CM-11 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69503; SV-84125",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11306,6 +11581,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69505; SV-84127",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11347,6 +11623,7 @@
             "nist": [
               "CM-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69507; SV-84129",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11388,6 +11665,7 @@
             "nist": [
               "CM-5 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69509; SV-84131",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11429,6 +11707,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69511; SV-84133",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11470,6 +11749,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69513; SV-84135",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11511,6 +11791,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69515; SV-84137",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11552,6 +11833,7 @@
             "nist": [
               "CM-7 (5) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69517; SV-84139",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11593,6 +11875,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69519; SV-84141",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11634,6 +11917,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69521; SV-84143",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11675,6 +11959,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69523; SV-84145",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11716,6 +12001,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69525; SV-84147",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11757,6 +12043,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69527; SV-84149",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11798,6 +12085,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69529; SV-84151",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11839,6 +12127,7 @@
             "nist": [
               "IA-2 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69531; SV-84153",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11880,6 +12169,7 @@
             "nist": [
               "IA-2 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69533; SV-84155",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11921,6 +12211,7 @@
             "nist": [
               "IA-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69535; SV-84157",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -11962,6 +12253,7 @@
             "nist": [
               "IA-2 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69537; SV-84159",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12003,6 +12295,7 @@
             "nist": [
               "IA-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69539; SV-84161",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12044,6 +12337,7 @@
             "nist": [
               "IA-2 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69541; SV-84163",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12085,6 +12379,7 @@
             "nist": [
               "IA-2 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69543; SV-84165",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12126,6 +12421,7 @@
             "nist": [
               "IA-2 (9)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69545; SV-84167",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12167,6 +12463,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69547; SV-84169",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12208,6 +12505,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69549; SV-84171",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12249,6 +12547,7 @@
             "nist": [
               "IA-3 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69551; SV-84173",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12290,6 +12589,7 @@
             "nist": [
               "IA-4 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69553; SV-84175",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12331,6 +12631,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69555; SV-84177",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12372,6 +12673,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69557; SV-84179",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12413,6 +12715,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69559; SV-84181",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12454,6 +12757,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69561; SV-84183",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12495,6 +12799,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69563; SV-84185",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12536,6 +12841,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69565; SV-84187",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12577,6 +12883,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69567; SV-84189",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12618,6 +12925,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69569; SV-84191",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12659,6 +12967,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69571; SV-84193",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12700,6 +13009,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69573; SV-84195",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12741,6 +13051,7 @@
             "nist": [
               "IA-5 (1) (e)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69575; SV-84197",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12782,6 +13093,7 @@
             "nist": [
               "IA-5 (1) (f)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69577; SV-84199",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12823,6 +13135,7 @@
             "nist": [
               "IA-5 h"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70145; SV-84767",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12864,6 +13177,7 @@
             "nist": [
               "IA-5 (13)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70147; SV-84769",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12905,6 +13219,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70149; SV-84771",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12946,6 +13261,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70151; SV-84773",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -12987,6 +13303,7 @@
             "nist": [
               "IA-5 (2) (a) (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70153; SV-84775",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13028,6 +13345,7 @@
             "nist": [
               "IA-5 (2) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70155; SV-84777",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13069,6 +13387,7 @@
             "nist": [
               "IA-6"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70157; SV-84779",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13110,6 +13429,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70159; SV-84781",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13151,6 +13471,7 @@
             "nist": [
               "IA-8"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70161; SV-84783",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13192,6 +13513,7 @@
             "nist": [
               "IA-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70163; SV-84785",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13233,6 +13555,7 @@
             "nist": [
               "IA-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70165; SV-84787",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13274,6 +13597,7 @@
             "nist": [
               "IA-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70167; SV-84789",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13315,6 +13639,7 @@
             "nist": [
               "IA-8 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70169; SV-84791",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13356,6 +13681,7 @@
             "nist": [
               "MA-4 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70171; SV-84793",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13397,6 +13723,7 @@
             "nist": [
               "MA-4 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70175; SV-84797",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13438,6 +13765,7 @@
             "nist": [
               "MA-4 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70177; SV-84799",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13479,6 +13807,7 @@
             "nist": [
               "MA-4 (7)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70179; SV-84801",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13520,6 +13849,7 @@
             "nist": [
               "MA-4 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70181; SV-84803",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13561,6 +13891,7 @@
             "nist": [
               "MA-4 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70183; SV-84805",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13604,6 +13935,7 @@
               "CM-6 b",
               "SA-11 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70185; SV-84807",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13645,6 +13977,7 @@
             "nist": [
               "SC-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70187; SV-84809",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13686,6 +14019,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70191; SV-84813",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13727,6 +14061,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70193; SV-84815",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13768,6 +14103,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70195; SV-84817",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13809,6 +14145,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70197; SV-84819",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13850,6 +14187,7 @@
             "nist": [
               "SC-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70199; SV-84821",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13891,6 +14229,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70201; SV-84823",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13932,6 +14271,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70203; SV-84825",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -13973,6 +14313,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70205; SV-84827",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14014,6 +14355,7 @@
             "nist": [
               "SC-23 (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70207; SV-84829",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14055,6 +14397,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70209; SV-84831",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14096,6 +14439,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70211; SV-84833",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14137,6 +14481,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70213; SV-84835",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14178,6 +14523,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70215; SV-84837",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14219,6 +14565,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70217; SV-84839",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14260,6 +14607,7 @@
             "nist": [
               "SC-23 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70219; SV-84841",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14301,6 +14649,7 @@
             "nist": [
               "SC-24"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70221; SV-84843",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14342,6 +14691,7 @@
             "nist": [
               "SC-24"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70223; SV-84845",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14383,6 +14733,7 @@
             "nist": [
               "SC-28"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70225; SV-84847",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14424,6 +14775,7 @@
             "nist": [
               "SC-28 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70227; SV-84849",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14465,6 +14817,7 @@
             "nist": [
               "SC-28 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70229; SV-84851",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14506,6 +14859,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70231; SV-84853",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14547,6 +14901,7 @@
             "nist": [
               "SC-39"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70233; SV-84855",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14588,6 +14943,7 @@
             "nist": [
               "SC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70235; SV-84857",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14629,6 +14985,7 @@
             "nist": [
               "SC-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70237; SV-84859",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14670,6 +15027,7 @@
             "nist": [
               "SC-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70239; SV-84861",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14711,6 +15069,7 @@
             "nist": [
               "SC-5 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70241; SV-84863",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14752,6 +15111,7 @@
             "nist": [
               "SC-8"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70245; SV-84867",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14793,6 +15153,7 @@
             "nist": [
               "SC-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70247; SV-84869",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14834,6 +15195,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70249; SV-84871",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14875,6 +15237,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70251; SV-84873",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14916,6 +15279,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70253; SV-84875",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14957,6 +15321,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70255; SV-84877",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -14998,6 +15363,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70257; SV-84879",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15039,6 +15405,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70259; SV-84881",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15080,6 +15447,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70261; SV-84883",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15121,6 +15489,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70263; SV-84885",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15162,6 +15531,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70265; SV-84887",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15203,6 +15573,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70267; SV-84889",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15244,6 +15615,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70269; SV-84891",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15285,6 +15657,7 @@
             "nist": [
               "SI-10 (3)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70271; SV-84893",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15326,6 +15699,7 @@
             "nist": [
               "SI-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70273; SV-84895",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15367,6 +15741,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70275; SV-84897",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15408,6 +15783,7 @@
             "nist": [
               "SI-16"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70277; SV-84899",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15449,6 +15825,7 @@
             "nist": [
               "SI-2 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70279; SV-84901",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15490,6 +15867,7 @@
             "nist": [
               "SI-2 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70281; SV-84903",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15531,6 +15909,7 @@
             "nist": [
               "SI-6 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70283; SV-84905",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15572,6 +15951,7 @@
             "nist": [
               "SI-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70285; SV-84907",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15613,6 +15993,7 @@
             "nist": [
               "SI-6 c"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70287; SV-84909",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15654,6 +16035,7 @@
             "nist": [
               "SC-18 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70289; SV-84911",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15695,6 +16077,7 @@
             "nist": [
               "AC-2 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70291; SV-84913",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15736,6 +16119,7 @@
             "nist": [
               "AC-6 (4)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70293; SV-84915",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15777,6 +16161,7 @@
             "nist": [
               "AU-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70295; SV-84917",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15818,6 +16203,7 @@
             "nist": [
               "AU-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70297; SV-84919",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15859,6 +16245,7 @@
             "nist": [
               "AU-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70301; SV-84923",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15900,6 +16287,7 @@
             "nist": [
               "CA-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70303; SV-84925",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15943,6 +16331,7 @@
               "CM-4 (2)",
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70307; SV-84929",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -15984,6 +16373,7 @@
             "nist": [
               "CM-5"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70309; SV-84931",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16025,6 +16415,7 @@
             "nist": [
               "CM-6 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70311; SV-84933",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16066,6 +16457,7 @@
             "nist": [
               "CM-7 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70313; SV-84935",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16107,6 +16499,7 @@
             "nist": [
               "CM-7 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70317; SV-84939",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16148,6 +16541,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70339; SV-84961",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16189,6 +16583,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70341; SV-84963",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16230,6 +16625,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70343; SV-84965",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16271,6 +16667,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70345; SV-84967",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16312,6 +16709,7 @@
             "nist": [
               "CP-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70347; SV-84969",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16353,6 +16751,7 @@
             "nist": [
               "CP-2 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70349; SV-84971",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16394,6 +16793,7 @@
             "nist": [
               "CP-2 a 1"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70351; SV-84973",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16435,6 +16835,7 @@
             "nist": [
               "CP-2 a 2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70353; SV-84975",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16476,6 +16877,7 @@
             "nist": [
               "CP-9 (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70355; SV-84977",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16517,6 +16919,7 @@
             "nist": [
               "CP-9 (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70357; SV-84979",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16558,6 +16961,7 @@
             "nist": [
               "CP-9 (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70359; SV-84981",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16599,6 +17003,7 @@
             "nist": [
               "IA-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70361; SV-84983",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16640,6 +17045,7 @@
             "nist": [
               "IA-5 (7)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70363; SV-84985",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16681,6 +17087,7 @@
             "nist": [
               "MP-3 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70365; SV-84987",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16722,6 +17129,7 @@
             "nist": [
               "PM-14 a 2"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70367; SV-84989",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16763,6 +17171,7 @@
             "nist": [
               "SA-10 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70369; SV-84991",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16804,6 +17213,7 @@
             "nist": [
               "SA-11 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70371; SV-84993",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16845,6 +17255,7 @@
             "nist": [
               "SA-11 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70373; SV-84995",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16886,6 +17297,7 @@
             "nist": [
               "SA-11 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70375; SV-84997",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16927,6 +17339,7 @@
             "nist": [
               "SA-11 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70377; SV-84999",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -16968,6 +17381,7 @@
             "nist": [
               "SA-11 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70379; SV-85001",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17009,6 +17423,7 @@
             "nist": [
               "SA-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70381; SV-85003",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17050,6 +17465,7 @@
             "nist": [
               "SA-11 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70383; SV-85005",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17091,6 +17507,7 @@
             "nist": [
               "SA-15 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70385; SV-85007",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17132,6 +17549,7 @@
             "nist": [
               "SA-15 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70387; SV-85009",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17173,6 +17591,7 @@
             "nist": [
               "SA-15 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70389; SV-85011",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17214,6 +17633,7 @@
             "nist": [
               "SA-15 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70391; SV-85013",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17255,6 +17675,7 @@
             "nist": [
               "SA-15 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70393; SV-85015",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17296,6 +17717,7 @@
             "nist": [
               "SA-22 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70395; SV-85017",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17337,6 +17759,7 @@
             "nist": [
               "SA-22 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70397; SV-85019",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17378,6 +17801,7 @@
             "nist": [
               "SA-22 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70399; SV-85021",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17419,6 +17843,7 @@
             "nist": [
               "SA-4 (5) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70401; SV-85023",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17460,6 +17885,7 @@
             "nist": [
               "SA-4 (5) (a)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70403; SV-85025",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17501,6 +17927,7 @@
             "nist": [
               "SA-5 a 1"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70405; SV-85027",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17542,6 +17969,7 @@
             "nist": [
               "SA-5 a 1"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70407; SV-85029",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17583,6 +18011,7 @@
             "nist": [
               "SC-18 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70409; SV-85031",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17624,6 +18053,7 @@
             "nist": [
               "SC-28 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70411; SV-85033",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17665,6 +18095,7 @@
             "nist": [
               "SC-5"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70413; SV-85035",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17706,6 +18137,7 @@
             "nist": [
               "SI-4 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70415; SV-85037",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17747,6 +18179,7 @@
             "nist": [
               "SI-5 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70417; SV-85039",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17788,6 +18221,7 @@
             "nist": [
               "SI-5 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70419; SV-85041",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17829,6 +18263,7 @@
             "nist": [
               "SC-7 (13)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70421; SV-85043",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17870,6 +18305,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70423; SV-85045",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17911,6 +18347,7 @@
             "nist": [
               "AT-3 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70425; SV-85047",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17952,6 +18389,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70189; SV-84811",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -17982,7 +18420,7 @@
           ]
         }
       ],
-      "sha256": "58a48bbf1947aaed4c1c7cabf630c90bfad3b4a7e814e1d95ceb9bcc01ebb7a9"
+      "sha256": "dcb441963b292ffddc7b1545fba19623ce10c78d48306894f61b2a3dbc62b25d"
     },
     {
       "name": "AAA_Service_SRG",
@@ -18007,6 +18445,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18047,6 +18486,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18087,6 +18527,7 @@
             "nist": [
               "AC-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18127,6 +18568,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18167,6 +18609,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18207,6 +18650,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18247,6 +18691,7 @@
             "nist": [
               "AC-2 (3) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18287,6 +18732,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18327,6 +18773,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18367,6 +18814,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18407,6 +18855,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18447,6 +18896,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18487,6 +18937,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18527,6 +18978,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18567,6 +19019,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18607,6 +19060,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18647,6 +19101,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18687,6 +19142,7 @@
             "nist": [
               "AC-3 (7)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18727,6 +19183,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18767,6 +19224,7 @@
             "nist": [
               "AC-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18807,6 +19265,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18847,6 +19306,7 @@
             "nist": [
               "AU-3 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18887,6 +19347,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18927,6 +19388,7 @@
             "nist": [
               "AU-3 d"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -18967,6 +19429,7 @@
             "nist": [
               "AU-3 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19007,6 +19470,7 @@
             "nist": [
               "AU-3 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19047,6 +19511,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19087,6 +19552,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19127,6 +19593,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19167,6 +19634,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19207,6 +19675,7 @@
             "nist": [
               "AU-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19247,6 +19716,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19287,6 +19757,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19329,6 +19800,7 @@
               "CM-6 b",
               "AU-8 (1) (a)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19371,6 +19843,7 @@
               "CM-6 b",
               "AU-8 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19411,6 +19884,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19451,6 +19925,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19491,6 +19966,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19531,6 +20007,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19571,6 +20048,7 @@
             "nist": [
               "IA-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19611,6 +20089,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19651,6 +20130,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19691,6 +20171,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19731,6 +20212,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19771,6 +20253,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19811,6 +20294,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19851,6 +20335,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19891,6 +20376,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19931,6 +20417,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -19971,6 +20458,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20011,6 +20499,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20051,6 +20540,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20091,6 +20581,7 @@
             "nist": [
               "IA-5 (1) (e)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20131,6 +20622,7 @@
             "nist": [
               "IA-5 (1) (f)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20171,6 +20663,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20211,6 +20704,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20251,6 +20745,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20291,6 +20786,7 @@
             "nist": [
               "IA-5 (2) (a) (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20331,6 +20827,7 @@
             "nist": [
               "SC-28"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20371,6 +20868,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20411,6 +20909,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20451,6 +20950,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20491,6 +20991,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20531,6 +21032,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20571,6 +21073,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20611,6 +21114,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20651,6 +21155,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20691,6 +21196,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20731,6 +21237,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "STIGRef": "Authentication, Authorization, and Accounting Services (AAA) Security Requirements Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2020"
           },
@@ -20760,7 +21267,7 @@
           ]
         }
       ],
-      "sha256": "146e96ba50d6041b8530ec87807704dda1bd0a8b883dc6ba097d321f55f13692",
+      "sha256": "53e2df777d0b38b565db5bf2faabc1422e497cafe2791f12e73b9ba4565fd6f5",
       "parent_profile": "Parent Profile"
     },
     {
@@ -20786,6 +21293,7 @@
             "nist": [
               "AC-10"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102427; SV-111371",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -20827,6 +21335,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102429; SV-111373",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -20868,6 +21377,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102431; SV-111375",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -20913,6 +21423,7 @@
               "AC-17 (2)",
               "SC-8"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102433; SV-111547",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -20966,6 +21477,7 @@
               "AU-12 a",
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102435; SV-111379",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21009,6 +21521,7 @@
               "IA-5 (2) (a) (1)",
               "AC-3"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102445; SV-111393",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21050,6 +21563,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102447; SV-111395",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21091,6 +21605,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102449; SV-111397",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21132,6 +21647,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102451; SV-111399",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21173,6 +21689,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102453; SV-111401",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21214,6 +21731,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102455; SV-111403",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21255,6 +21773,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102457; SV-111405",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21304,6 +21823,7 @@
               "AU-12 c",
               "AU-3 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102603; SV-111549",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21345,6 +21865,7 @@
             "nist": [
               "AU-3 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102461; SV-111407",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21386,6 +21907,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102463; SV-111409",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21427,6 +21949,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102465; SV-111411",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21468,6 +21991,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102467; SV-111413",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21509,6 +22033,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102469; SV-111415",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21550,6 +22075,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102471; SV-111417",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21593,6 +22119,7 @@
               "AU-9 a",
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102473; SV-111419",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21636,6 +22163,7 @@
               "AU-9 a",
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102605; SV-111551",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21677,6 +22205,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102477; SV-111421",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21723,6 +22252,7 @@
               "AU-9",
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102607; SV-111553",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21764,6 +22294,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102481; SV-111423",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21805,6 +22336,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102483; SV-111425",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21846,6 +22378,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102485; SV-111427",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21887,6 +22420,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102487; SV-111429",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21928,6 +22462,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102489; SV-111431",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -21969,6 +22504,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102491; SV-111433",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22010,6 +22546,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102493; SV-111435",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22051,6 +22588,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102495; SV-111437",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22092,6 +22630,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102497; SV-111439",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22133,6 +22672,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102499; SV-111441",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22174,6 +22714,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102501; SV-111443",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22215,6 +22756,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102503; SV-111445",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22256,6 +22798,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102505; SV-111447",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22297,6 +22840,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102507; SV-111449",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22338,6 +22882,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102509; SV-111451",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22379,6 +22924,7 @@
             "nist": [
               "IA-2 (5)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102511; SV-111565",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22420,6 +22966,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102513; SV-111455",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22461,6 +23008,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102515; SV-111457",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22502,6 +23050,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102517; SV-111459",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22552,6 +23101,7 @@
               "SC-8 (1)",
               "SC-28 (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-102609; SV-111567",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22593,6 +23143,7 @@
             "nist": [
               "SC-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102521; SV-111461",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22634,6 +23185,7 @@
             "nist": [
               "SC-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102523; SV-111463",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22675,6 +23227,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102525; SV-111465",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22716,6 +23269,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102529; SV-111469",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22757,6 +23311,7 @@
             "nist": [
               "SC-24"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102531; SV-111471",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22798,6 +23353,7 @@
             "nist": [
               "SI-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102533; SV-111473",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22839,6 +23395,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102535; SV-111475",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22880,6 +23437,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102537; SV-111477",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22921,6 +23479,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102539; SV-111479",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -22964,6 +23523,7 @@
               "IA-11",
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102541; SV-111481",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23005,6 +23565,7 @@
             "nist": [
               "AC-17 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102543; SV-111483",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23046,6 +23607,7 @@
             "nist": [
               "AC-17 (9)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102545; SV-111485",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23087,6 +23649,7 @@
             "nist": [
               "AC-17 (9)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102547; SV-111487",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23128,6 +23691,7 @@
             "nist": [
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102549; SV-111489",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23169,6 +23733,7 @@
             "nist": [
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102551; SV-111491",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23210,6 +23775,7 @@
             "nist": [
               "AC-6 (9)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102553; SV-111493",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23251,6 +23817,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102555; SV-111495",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23292,6 +23859,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102557; SV-111497",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23333,6 +23901,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102559; SV-111499",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23374,6 +23943,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102561; SV-111501",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23415,6 +23985,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102563; SV-111503",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23456,6 +24027,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102565; SV-111505",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23501,6 +24073,7 @@
               "IA-2 (12)",
               "IA-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102569; SV-111509",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23542,6 +24115,7 @@
             "nist": [
               "SC-23 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102571; SV-111511",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23583,6 +24157,7 @@
             "nist": [
               "SC-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102573; SV-111513",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23626,6 +24201,7 @@
               "SC-5 a",
               "SI-2 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102575; SV-111515",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23669,6 +24245,7 @@
               "AU-12 c",
               "CM-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102577; SV-111517",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23710,6 +24287,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102579; SV-111519",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23751,6 +24329,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102581; SV-111521",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23792,6 +24371,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102583; SV-111523",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23833,6 +24413,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102585; SV-111525",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23874,6 +24455,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102587; SV-111527",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23915,6 +24497,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102589; SV-111529",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23956,6 +24539,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102591; SV-111531",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -23997,6 +24581,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102593; SV-111533",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -24038,6 +24623,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102595; SV-111535",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -24079,6 +24665,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102597; SV-111537",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -24120,6 +24707,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102599; SV-111539",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -24161,6 +24749,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-102601; SV-111541",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -24202,6 +24791,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-102621; SV-111571",
             "STIGRef": "Apache Tomcat Application Sever 9 Security Technical Implementation Guide :: Version 2, Release: 4 Benchmark Date: 27 Jan 2022"
@@ -24232,7 +24822,7 @@
           ]
         }
       ],
-      "sha256": "f1a63ebf8958eb8b41df6100af8c7b5a859a8004723b5093fb9fbd6022f9338e",
+      "sha256": "be76a2514c65d678d36fcd98c645f90908c1807e77462b9b9b9ffa659ee39017",
       "parent_profile": "Parent Profile"
     },
     {
@@ -24258,6 +24848,7 @@
             "nist": [
               "AC-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69239; SV-83861",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24299,6 +24890,7 @@
             "nist": [
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69241; SV-83863",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24340,6 +24932,7 @@
             "nist": [
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69243; SV-83865",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24381,6 +24974,7 @@
             "nist": [
               "AC-12"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69245; SV-83867",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24422,6 +25016,7 @@
             "nist": [
               "AC-12 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69247; SV-83869",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24463,6 +25058,7 @@
             "nist": [
               "AC-12 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69249; SV-83871",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24504,6 +25100,7 @@
             "nist": [
               "AC-16 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69251; SV-83873",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24545,6 +25142,7 @@
             "nist": [
               "AC-16 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69253; SV-83875",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24586,6 +25184,7 @@
             "nist": [
               "AC-16 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69255; SV-83877",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24627,6 +25226,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69257; SV-83879",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24668,6 +25268,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69259; SV-83881",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24709,6 +25310,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69261; SV-83883",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24750,6 +25352,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69279; SV-83901",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24791,6 +25394,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69281; SV-83903",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24832,6 +25436,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69283; SV-83905",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24873,6 +25478,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69285; SV-83907",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24914,6 +25520,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69287; SV-83909",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24955,6 +25562,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69289; SV-83911",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -24996,6 +25604,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69291; SV-83913",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25037,6 +25646,7 @@
             "nist": [
               "AC-17 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69293; SV-83915",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25078,6 +25688,7 @@
             "nist": [
               "AC-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69295; SV-83917",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25119,6 +25730,7 @@
             "nist": [
               "AC-2 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69297; SV-83919",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25160,6 +25772,7 @@
             "nist": [
               "AC-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69299; SV-83921",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25201,6 +25814,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70173; SV-84795",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25242,6 +25856,7 @@
             "nist": [
               "AC-2 (3) (d)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69301; SV-83923",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25283,6 +25898,7 @@
             "nist": [
               "AC-2 (3) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69303; SV-83925",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25324,6 +25940,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69305; SV-83927",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25365,6 +25982,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69307; SV-83929",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25406,6 +26024,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69309; SV-83931",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25447,6 +26066,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69311; SV-83933",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25488,6 +26108,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69313; SV-83935",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25529,6 +26150,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69315; SV-83937",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25570,6 +26192,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69317; SV-83939",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25611,6 +26234,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69319; SV-83941",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25652,6 +26276,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69321; SV-83943",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25693,6 +26318,7 @@
             "nist": [
               "AC-2 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69323; SV-83945",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25734,6 +26360,7 @@
             "nist": [
               "AC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69325; SV-83947",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25775,6 +26402,7 @@
             "nist": [
               "AC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69327; SV-83949",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25816,6 +26444,7 @@
             "nist": [
               "AC-3"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69329; SV-83951",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25857,6 +26486,7 @@
             "nist": [
               "AC-3 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69331; SV-83953",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25898,6 +26528,7 @@
             "nist": [
               "AC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69333; SV-83955",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25939,6 +26570,7 @@
             "nist": [
               "AC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69335; SV-83957",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -25980,6 +26612,7 @@
             "nist": [
               "AC-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69337; SV-83959",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26021,6 +26654,7 @@
             "nist": [
               "AC-6 (8)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69339; SV-83961",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26062,6 +26696,7 @@
             "nist": [
               "AC-6 (9)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69341; SV-83963",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26103,6 +26738,7 @@
             "nist": [
               "AC-7 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69343; SV-83965",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26144,6 +26780,7 @@
             "nist": [
               "AC-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69347; SV-83969",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26185,6 +26822,7 @@
             "nist": [
               "AC-8 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69349; SV-83971",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26226,6 +26864,7 @@
             "nist": [
               "AC-8 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69351; SV-83973",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26273,6 +26912,7 @@
               "AC-8 c 2",
               "AC-8 c 3"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69353; SV-83975",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26314,6 +26954,7 @@
             "nist": [
               "AC-9"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-69355; SV-83977",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26355,6 +26996,7 @@
             "nist": [
               "AU-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69357; SV-83979",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26396,6 +27038,7 @@
             "nist": [
               "AU-12 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69359; SV-83981",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26437,6 +27080,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69363; SV-83985",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26478,6 +27122,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69365; SV-83987",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26519,6 +27164,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69367; SV-83989",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26560,6 +27206,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69369; SV-83991",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26601,6 +27248,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69371; SV-83993",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26642,6 +27290,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69373; SV-83995",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26683,6 +27332,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69375; SV-83997",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26724,6 +27374,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69377; SV-83999",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26765,6 +27416,7 @@
             "nist": [
               "AU-12 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69379; SV-84001",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26806,6 +27458,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69381; SV-84003",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26847,6 +27500,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69383; SV-84005",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26888,6 +27542,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69385; SV-84007",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26929,6 +27584,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69387; SV-84009",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -26970,6 +27626,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69389; SV-84011",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27011,6 +27668,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69391; SV-84013",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27052,6 +27710,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69393; SV-84015",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27093,6 +27752,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69395; SV-84017",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27134,6 +27794,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69397; SV-84019",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27175,6 +27836,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69399; SV-84021",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27216,6 +27878,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69401; SV-84023",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27257,6 +27920,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69403; SV-84025",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27298,6 +27962,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69405; SV-84027",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27339,6 +28004,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69407; SV-84029",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27380,6 +28046,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69409; SV-84031",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27421,6 +28088,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69411; SV-84033",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27462,6 +28130,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69413; SV-84035",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27503,6 +28172,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69415; SV-84037",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27544,6 +28214,7 @@
             "nist": [
               "AU-14 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69419; SV-84041",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27585,6 +28256,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69421; SV-84043",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27626,6 +28298,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69423; SV-84045",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27667,6 +28340,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69425; SV-84047",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27708,6 +28382,7 @@
             "nist": [
               "AU-3 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69427; SV-84049",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27749,6 +28424,7 @@
             "nist": [
               "AU-3 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69429; SV-84051",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27790,6 +28466,7 @@
             "nist": [
               "AU-3 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69431; SV-84053",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27831,6 +28508,7 @@
             "nist": [
               "AU-3 d"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69433; SV-84055",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27872,6 +28550,7 @@
             "nist": [
               "AU-3 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69435; SV-84057",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27913,6 +28592,7 @@
             "nist": [
               "AU-3 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69437; SV-84059",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27954,6 +28634,7 @@
             "nist": [
               "AU-3 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69439; SV-84061",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -27995,6 +28676,7 @@
             "nist": [
               "AU-3 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69441; SV-84063",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28036,6 +28718,7 @@
             "nist": [
               "AU-3 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69443; SV-84065",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28077,6 +28760,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69445; SV-84067",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28118,6 +28802,7 @@
             "nist": [
               "AU-4 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69447; SV-84069",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28159,6 +28844,7 @@
             "nist": [
               "AU-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69449; SV-84071",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28200,6 +28886,7 @@
             "nist": [
               "AU-5 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69451; SV-84073",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28241,6 +28928,7 @@
             "nist": [
               "AU-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69453; SV-84075",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28282,6 +28970,7 @@
             "nist": [
               "AU-5 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69455; SV-84077",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28323,6 +29012,7 @@
             "nist": [
               "AU-6 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69457; SV-84079",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28364,6 +29054,7 @@
             "nist": [
               "AU-7 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69459; SV-84081",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28405,6 +29096,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69461; SV-84083",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28446,6 +29138,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69463; SV-84085",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28487,6 +29180,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69465; SV-84087",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28528,6 +29222,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69467; SV-84089",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28569,6 +29264,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69469; SV-84091",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28610,6 +29306,7 @@
             "nist": [
               "AU-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69471; SV-84093",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28651,6 +29348,7 @@
             "nist": [
               "AU-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69473; SV-84095",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28692,6 +29390,7 @@
             "nist": [
               "AU-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69475; SV-84097",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28733,6 +29432,7 @@
             "nist": [
               "AU-8 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69477; SV-84099",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28774,6 +29474,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69479; SV-84101",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28815,6 +29516,7 @@
             "nist": [
               "AU-8 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69481; SV-84103",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28856,6 +29558,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69483; SV-84105",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28897,6 +29600,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69485; SV-84107",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28938,6 +29642,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69487; SV-84109",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -28979,6 +29684,7 @@
             "nist": [
               "AU-9 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69489; SV-84111",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29020,6 +29726,7 @@
             "nist": [
               "AU-9"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69491; SV-84113",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29061,6 +29768,7 @@
             "nist": [
               "AU-9"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69493; SV-84115",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29102,6 +29810,7 @@
             "nist": [
               "AU-9 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69495; SV-84117",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29143,6 +29852,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69497; SV-84119",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29184,6 +29894,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69499; SV-84121",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29225,6 +29936,7 @@
             "nist": [
               "AU-9 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69501; SV-84123",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29266,6 +29978,7 @@
             "nist": [
               "CM-11 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69503; SV-84125",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29307,6 +30020,7 @@
             "nist": [
               "CM-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69505; SV-84127",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29348,6 +30062,7 @@
             "nist": [
               "CM-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69507; SV-84129",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29389,6 +30104,7 @@
             "nist": [
               "CM-5 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69509; SV-84131",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29430,6 +30146,7 @@
             "nist": [
               "CM-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69511; SV-84133",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29471,6 +30188,7 @@
             "nist": [
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69513; SV-84135",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29512,6 +30230,7 @@
             "nist": [
               "CM-7 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69515; SV-84137",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29553,6 +30272,7 @@
             "nist": [
               "CM-7 (5) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69517; SV-84139",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29594,6 +30314,7 @@
             "nist": [
               "CM-7 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69519; SV-84141",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29635,6 +30356,7 @@
             "nist": [
               "CM-7 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69521; SV-84143",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29676,6 +30398,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69523; SV-84145",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29717,6 +30440,7 @@
             "nist": [
               "IA-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69525; SV-84147",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29758,6 +30482,7 @@
             "nist": [
               "IA-2"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69527; SV-84149",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29799,6 +30524,7 @@
             "nist": [
               "IA-2 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69529; SV-84151",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29840,6 +30566,7 @@
             "nist": [
               "IA-2 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69531; SV-84153",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29881,6 +30608,7 @@
             "nist": [
               "IA-2 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69533; SV-84155",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29922,6 +30650,7 @@
             "nist": [
               "IA-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69535; SV-84157",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -29963,6 +30692,7 @@
             "nist": [
               "IA-2 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69537; SV-84159",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30004,6 +30734,7 @@
             "nist": [
               "IA-2 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69539; SV-84161",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30045,6 +30776,7 @@
             "nist": [
               "IA-2 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69541; SV-84163",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30086,6 +30818,7 @@
             "nist": [
               "IA-2 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69543; SV-84165",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30127,6 +30860,7 @@
             "nist": [
               "IA-2 (9)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69545; SV-84167",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30168,6 +30902,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69547; SV-84169",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30209,6 +30944,7 @@
             "nist": [
               "IA-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69549; SV-84171",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30250,6 +30986,7 @@
             "nist": [
               "IA-3 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69551; SV-84173",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30291,6 +31028,7 @@
             "nist": [
               "IA-4 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69553; SV-84175",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30332,6 +31070,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69555; SV-84177",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30373,6 +31112,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69557; SV-84179",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30414,6 +31154,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69559; SV-84181",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30455,6 +31196,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69561; SV-84183",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30496,6 +31238,7 @@
             "nist": [
               "IA-5 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69563; SV-84185",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30537,6 +31280,7 @@
             "nist": [
               "IA-5 (1) (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69565; SV-84187",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30578,6 +31322,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69567; SV-84189",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30619,6 +31364,7 @@
             "nist": [
               "IA-5 (1) (c)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-69569; SV-84191",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30660,6 +31406,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69571; SV-84193",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30701,6 +31448,7 @@
             "nist": [
               "IA-5 (1) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69573; SV-84195",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30742,6 +31490,7 @@
             "nist": [
               "IA-5 (1) (e)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69575; SV-84197",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30783,6 +31532,7 @@
             "nist": [
               "IA-5 (1) (f)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-69577; SV-84199",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30824,6 +31574,7 @@
             "nist": [
               "IA-5 h"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70145; SV-84767",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30865,6 +31616,7 @@
             "nist": [
               "IA-5 (13)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70147; SV-84769",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30906,6 +31658,7 @@
             "nist": [
               "IA-5 (2) (b) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70149; SV-84771",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30947,6 +31700,7 @@
             "nist": [
               "IA-5 (2) (a) (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70151; SV-84773",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -30988,6 +31742,7 @@
             "nist": [
               "IA-5 (2) (a) (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70153; SV-84775",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31029,6 +31784,7 @@
             "nist": [
               "IA-5 (2) (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70155; SV-84777",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31070,6 +31826,7 @@
             "nist": [
               "IA-6"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70157; SV-84779",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31111,6 +31868,7 @@
             "nist": [
               "IA-7"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70159; SV-84781",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31152,6 +31910,7 @@
             "nist": [
               "IA-8"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70161; SV-84783",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31193,6 +31952,7 @@
             "nist": [
               "IA-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70163; SV-84785",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31234,6 +31994,7 @@
             "nist": [
               "IA-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70165; SV-84787",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31275,6 +32036,7 @@
             "nist": [
               "IA-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70167; SV-84789",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31316,6 +32078,7 @@
             "nist": [
               "IA-8 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70169; SV-84791",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31357,6 +32120,7 @@
             "nist": [
               "MA-4 (1) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70171; SV-84793",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31398,6 +32162,7 @@
             "nist": [
               "MA-4 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70175; SV-84797",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31439,6 +32204,7 @@
             "nist": [
               "MA-4 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70177; SV-84799",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31480,6 +32246,7 @@
             "nist": [
               "MA-4 (7)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70179; SV-84801",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31521,6 +32288,7 @@
             "nist": [
               "MA-4 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70181; SV-84803",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31562,6 +32330,7 @@
             "nist": [
               "MA-4 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70183; SV-84805",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31605,6 +32374,7 @@
               "CM-6 b",
               "SA-11 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70185; SV-84807",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31646,6 +32416,7 @@
             "nist": [
               "SC-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70187; SV-84809",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31687,6 +32458,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70191; SV-84813",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31728,6 +32500,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70193; SV-84815",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31769,6 +32542,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70195; SV-84817",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31810,6 +32584,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70197; SV-84819",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31851,6 +32626,7 @@
             "nist": [
               "SC-2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70199; SV-84821",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31892,6 +32668,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70201; SV-84823",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31933,6 +32710,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70203; SV-84825",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -31974,6 +32752,7 @@
             "nist": [
               "SC-23"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70205; SV-84827",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32015,6 +32794,7 @@
             "nist": [
               "SC-23 (1)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70207; SV-84829",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32056,6 +32836,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70209; SV-84831",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32097,6 +32878,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70211; SV-84833",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32138,6 +32920,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70213; SV-84835",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32179,6 +32962,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70215; SV-84837",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32220,6 +33004,7 @@
             "nist": [
               "SC-23 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70217; SV-84839",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32261,6 +33046,7 @@
             "nist": [
               "SC-23 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70219; SV-84841",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32302,6 +33088,7 @@
             "nist": [
               "SC-24"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70221; SV-84843",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32343,6 +33130,7 @@
             "nist": [
               "SC-24"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70223; SV-84845",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32384,6 +33172,7 @@
             "nist": [
               "SC-28"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70225; SV-84847",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32425,6 +33214,7 @@
             "nist": [
               "SC-28 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70227; SV-84849",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32466,6 +33256,7 @@
             "nist": [
               "SC-28 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70229; SV-84851",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32507,6 +33298,7 @@
             "nist": [
               "SC-3"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70231; SV-84853",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32548,6 +33340,7 @@
             "nist": [
               "SC-39"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70233; SV-84855",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32589,6 +33382,7 @@
             "nist": [
               "SC-4"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70235; SV-84857",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32630,6 +33424,7 @@
             "nist": [
               "SC-5 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70237; SV-84859",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32671,6 +33466,7 @@
             "nist": [
               "SC-5 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70239; SV-84861",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32712,6 +33508,7 @@
             "nist": [
               "SC-5 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70241; SV-84863",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32753,6 +33550,7 @@
             "nist": [
               "SC-8"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70245; SV-84867",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32794,6 +33592,7 @@
             "nist": [
               "SC-8 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70247; SV-84869",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32835,6 +33634,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70249; SV-84871",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32876,6 +33676,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70251; SV-84873",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32917,6 +33718,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70253; SV-84875",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32958,6 +33760,7 @@
             "nist": [
               "SC-8 (2)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70255; SV-84877",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -32999,6 +33802,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70257; SV-84879",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33040,6 +33844,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70259; SV-84881",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33081,6 +33886,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70261; SV-84883",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33122,6 +33928,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70263; SV-84885",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33163,6 +33970,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70265; SV-84887",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33204,6 +34012,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70267; SV-84889",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33245,6 +34054,7 @@
             "nist": [
               "SI-10"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70269; SV-84891",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33286,6 +34096,7 @@
             "nist": [
               "SI-10 (3)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70271; SV-84893",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33327,6 +34138,7 @@
             "nist": [
               "SI-11 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70273; SV-84895",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33368,6 +34180,7 @@
             "nist": [
               "SI-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70275; SV-84897",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33409,6 +34222,7 @@
             "nist": [
               "SI-16"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70277; SV-84899",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33450,6 +34264,7 @@
             "nist": [
               "SI-2 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70279; SV-84901",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33491,6 +34306,7 @@
             "nist": [
               "SI-2 c"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70281; SV-84903",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33532,6 +34348,7 @@
             "nist": [
               "SI-6 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70283; SV-84905",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33573,6 +34390,7 @@
             "nist": [
               "SI-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70285; SV-84907",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33614,6 +34432,7 @@
             "nist": [
               "SI-6 c"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70287; SV-84909",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33655,6 +34474,7 @@
             "nist": [
               "SC-18 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70289; SV-84911",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33696,6 +34516,7 @@
             "nist": [
               "AC-2 f"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70291; SV-84913",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33737,6 +34558,7 @@
             "nist": [
               "AC-6 (4)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70293; SV-84915",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33778,6 +34600,7 @@
             "nist": [
               "AU-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70295; SV-84917",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33819,6 +34642,7 @@
             "nist": [
               "AU-6 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70297; SV-84919",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33860,6 +34684,7 @@
             "nist": [
               "AU-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70301; SV-84923",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33901,6 +34726,7 @@
             "nist": [
               "CA-2 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70303; SV-84925",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33944,6 +34770,7 @@
               "CM-4 (2)",
               "CM-6 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70307; SV-84929",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -33985,6 +34812,7 @@
             "nist": [
               "CM-5"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70309; SV-84931",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34026,6 +34854,7 @@
             "nist": [
               "CM-6 a"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70311; SV-84933",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34067,6 +34896,7 @@
             "nist": [
               "CM-7 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70313; SV-84935",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34108,6 +34938,7 @@
             "nist": [
               "CM-7 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70317; SV-84939",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34149,6 +34980,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70339; SV-84961",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34190,6 +35022,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70341; SV-84963",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34231,6 +35064,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70343; SV-84965",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34272,6 +35106,7 @@
             "nist": [
               "CM-9 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70345; SV-84967",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34313,6 +35148,7 @@
             "nist": [
               "CP-11"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70347; SV-84969",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34354,6 +35190,7 @@
             "nist": [
               "CP-2 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70349; SV-84971",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34395,6 +35232,7 @@
             "nist": [
               "CP-2 a 1"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70351; SV-84973",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34436,6 +35274,7 @@
             "nist": [
               "CP-2 a 2"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70353; SV-84975",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34477,6 +35316,7 @@
             "nist": [
               "CP-9 (b)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70355; SV-84977",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34518,6 +35358,7 @@
             "nist": [
               "CP-9 (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70357; SV-84979",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34559,6 +35400,7 @@
             "nist": [
               "CP-9 (d)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70359; SV-84981",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34600,6 +35442,7 @@
             "nist": [
               "IA-5 (6)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70361; SV-84983",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34641,6 +35484,7 @@
             "nist": [
               "IA-5 (7)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70363; SV-84985",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34682,6 +35526,7 @@
             "nist": [
               "MP-3 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70365; SV-84987",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34723,6 +35568,7 @@
             "nist": [
               "PM-14 a 2"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70367; SV-84989",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34764,6 +35610,7 @@
             "nist": [
               "SA-10 (1)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70369; SV-84991",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34805,6 +35652,7 @@
             "nist": [
               "SA-11 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70371; SV-84993",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34846,6 +35694,7 @@
             "nist": [
               "SA-11 (2)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70373; SV-84995",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34887,6 +35736,7 @@
             "nist": [
               "SA-11 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70375; SV-84997",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34928,6 +35778,7 @@
             "nist": [
               "SA-11 (4)"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70377; SV-84999",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -34969,6 +35820,7 @@
             "nist": [
               "SA-11 (8)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70379; SV-85001",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35010,6 +35862,7 @@
             "nist": [
               "SA-11 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70381; SV-85003",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35051,6 +35904,7 @@
             "nist": [
               "SA-11 e"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70383; SV-85005",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35092,6 +35946,7 @@
             "nist": [
               "SA-15 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70385; SV-85007",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35133,6 +35988,7 @@
             "nist": [
               "SA-15 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70387; SV-85009",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35174,6 +36030,7 @@
             "nist": [
               "SA-15 (4)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70389; SV-85011",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35215,6 +36072,7 @@
             "nist": [
               "SA-15 (5)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70391; SV-85013",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35256,6 +36114,7 @@
             "nist": [
               "SA-15 (10)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70393; SV-85015",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35297,6 +36156,7 @@
             "nist": [
               "SA-22 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70395; SV-85017",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35338,6 +36198,7 @@
             "nist": [
               "SA-22 a"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70397; SV-85019",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35379,6 +36240,7 @@
             "nist": [
               "SA-22 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70399; SV-85021",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35420,6 +36282,7 @@
             "nist": [
               "SA-4 (5) (a)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70401; SV-85023",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35461,6 +36324,7 @@
             "nist": [
               "SA-4 (5) (a)"
             ],
+            "severity": "high",
             "weight": "10.0",
             "Legacy_ID": "V-70403; SV-85025",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35502,6 +36366,7 @@
             "nist": [
               "SA-5 a 1"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70405; SV-85027",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35543,6 +36408,7 @@
             "nist": [
               "SA-5 a 1"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70407; SV-85029",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35584,6 +36450,7 @@
             "nist": [
               "SC-18 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70409; SV-85031",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35625,6 +36492,7 @@
             "nist": [
               "SC-28 (2)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70411; SV-85033",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35666,6 +36534,7 @@
             "nist": [
               "SC-5"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70413; SV-85035",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35707,6 +36576,7 @@
             "nist": [
               "SI-4 (12)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70415; SV-85037",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35748,6 +36618,7 @@
             "nist": [
               "SI-5 a"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70417; SV-85039",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35789,6 +36660,7 @@
             "nist": [
               "SI-5 b"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70419; SV-85041",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35830,6 +36702,7 @@
             "nist": [
               "SC-7 (13)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70421; SV-85043",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35871,6 +36744,7 @@
             "nist": [
               "AU-12 c"
             ],
+            "severity": "low",
             "weight": "10.0",
             "Legacy_ID": "V-70423; SV-85045",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35912,6 +36786,7 @@
             "nist": [
               "AT-3 (3)"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70425; SV-85047",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35953,6 +36828,7 @@
             "nist": [
               "SC-13 b"
             ],
+            "severity": "medium",
             "weight": "10.0",
             "Legacy_ID": "V-70189; SV-84811",
             "STIGRef": "Application Security and Development Security Technical Implementation Guide :: Version 5, Release: 2 Benchmark Date: 27 Oct 2022"
@@ -35983,7 +36859,7 @@
           ]
         }
       ],
-      "sha256": "0d57041a0f5c07558bddcdea8c503c01b53ae6c250b9e3b6604fa16c59c6b0bd",
+      "sha256": "35832930d09885896e597eabd3c066d944ea965471cc6d37774c0e99ef8d5c77",
       "parent_profile": "Parent Profile"
     }
   ],
diff --git a/test/sample_data/checklist/vSphere8_report.ckl b/test/sample_data/checklist/vSphere8_report.ckl
index b4b44d122..f325e596e 100644
--- a/test/sample_data/checklist/vSphere8_report.ckl
+++ b/test/sample_data/checklist/vSphere8_report.ckl
@@ -1,112 +1,106 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--DISA STIG Viewer :: 2.14-->
-<CHECKLIST>
-	<ASSET>
-		<ROLE>None</ROLE>
-		<ASSET_TYPE>Computing</ASSET_TYPE>
-		<HOST_NAME></HOST_NAME>
-		<HOST_IP></HOST_IP>
-		<HOST_MAC></HOST_MAC>
-		<HOST_FQDN></HOST_FQDN>
-		<TARGET_COMMENT></TARGET_COMMENT>
-		<TECH_AREA></TECH_AREA>
-		<TARGET_KEY>0</TARGET_KEY>
-		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
-		<WEB_DB_SITE></WEB_DB_SITE>
-		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
-	</ASSET>
-	<STIGS>
-		<iSTIG>
-			<STIG_INFO>
-				<SI_DATA>
-					<SID_NAME>version</SID_NAME>
-					<SID_DATA>1</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>classification</SID_NAME>
-					<SID_DATA>UNCLASSIFIED</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>customname</SID_NAME>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>stigid</SID_NAME>
-					<SID_DATA>vmware-vsphere-8.0-stig-baseline</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>description</SID_NAME>
-					<SID_DATA>File Name: vSphere8_report.json
-Version: 1.0.1
-SHA256 Hash: 037df02b2bce1332a63d955e79ec40ce574f703eb75c99ba683cac85c3471612
-Maintainer: VMware
-Copyright: The Authors
-Copyright Email: stigs@vmware.com
-Control Count: 168</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>filename</SID_NAME>
-					<SID_DATA>vSphere8_report.json</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>releaseinfo</SID_NAME>
-					<SID_DATA></SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>title</SID_NAME>
-					<SID_DATA>vmware-vsphere-8.0-stig-baseline</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>uuid</SID_NAME>
-					<SID_DATA>1eb334c8-7149-4a60-b039-081fc3897e03</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>notice</SID_NAME>
-					<SID_DATA>terms-of-use</SID_DATA>
-				</SI_DATA>
-				<SI_DATA>
-					<SID_NAME>source</SID_NAME>
-				</SI_DATA>
-			</STIG_INFO>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000021-VMM-000050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000005</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+<?xml version="1.0" encoding="UTF-8"?>
+<!--Heimdall Version :: 2.10.8-->
+<CHECKLIST>
+	<ASSET>
+		<ROLE>None</ROLE>
+		<ASSET_TYPE>Computing</ASSET_TYPE>
+		<MARKING></MARKING>
+		<HOST_NAME></HOST_NAME>
+		<HOST_IP></HOST_IP>
+		<HOST_MAC></HOST_MAC>
+		<HOST_FQDN></HOST_FQDN>
+		<TARGET_COMMENT></TARGET_COMMENT>
+		<TECH_AREA></TECH_AREA>
+		<TARGET_KEY></TARGET_KEY>
+		<WEB_OR_DATABASE>false</WEB_OR_DATABASE>
+		<WEB_DB_SITE></WEB_DB_SITE>
+		<WEB_DB_INSTANCE></WEB_DB_INSTANCE>
+	</ASSET>
+	<STIGS>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>1</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+					<SID_DATA>{"hdfSpecificData":{"copyright":"The Authors","maintainer":"The Authors","version":"1.0.1"}}</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>An InSpec Compliance Profile</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>Apache-2.0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000021-VMM-000050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000005</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Security.AccountLockFailures&quot; value and verify it is set to &quot;3&quot;.
+Select the "Security.AccountLockFailures" value and verify it is set to "3".
 
 or
 
@@ -114,141 +108,134 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures
 
-If the &quot;Security.AccountLockFailures&quot; setting is set to a value other than &quot;3&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Security.AccountLockFailures" setting is set to a value other than "3", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Security.AccountLockFailures&quot; value and configure it to &quot;3&quot;.
+Click "Edit". Select the "Security.AccountLockFailures" value and configure it to "3".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e38083f9-b06f-473d-acb6-b956853665ca</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;3&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000005' do\n  title 'The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.'\n  desc  'By limiting the number of failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Once the configured number of attempts is reached, the account is locked by the ESXi host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Security.AccountLockFailures\\\" value and verify it is set to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures\n\n    If the \\\"Security.AccountLockFailures\\\" setting is set to a value other than \\\"3\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountLockFailures\\\" value and configure it to \\\"3\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountLockFailures | Set-AdvancedSetting -Value 3\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000021-VMM-000050'\n  tag gid: 'V-ESXI-80-000005'\n  tag rid: 'SV-ESXI-80-000005'\n  tag stig_id: 'ESXI-80-000005'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '3' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountLockFailures | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "3" :: MESSAGE 
 expected: 3
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-VMM-000060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000006</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-VMM-000060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000006</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
 
 System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
 
 The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:
 
-&quot;You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.
+"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.
 
 By using this IS (which includes any device attached to this IS), you consent to the following conditions:
 
@@ -260,23 +247,23 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.&quot;
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
 
 Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:
 
-&quot;I&#39;ve read (literal ampersand) consent to terms in IS user agreem&#39;t.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+"I've read (literal ampersand) consent to terms in IS user agreem't."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Annotations.WelcomeMessage&quot; value and verify it contains the standard mandatory DOD notice and consent banner.
+Select the "Annotations.WelcomeMessage" value and verify it contains the standard mandatory DOD notice and consent banner.
 
 or
 
@@ -284,347 +271,333 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage
 
-If the &quot;Annotations.WelcomeMessage&quot; setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Annotations.WelcomeMessage" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Annotations.WelcomeMessage&quot; value and set it to the following. Click &quot;OK&quot;.
-
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:black}{color:white}	{&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
-{bgcolor:black} {&#x2F;color}{align:left}{bgcolor:dark-grey}{color:white}  &lt;F2&gt; Accept Conditions and Customize System &#x2F; View Logs{&#x2F;align}{align:right}&lt;F12&gt; Accept Conditions and Shut Down&#x2F;Restart  {bgcolor:black} {&#x2F;color}{&#x2F;color}{&#x2F;bgcolor}{&#x2F;align}
-{bgcolor:black} {&#x2F;color}{bgcolor:dark-grey}{color:black}                                                                                                                          {&#x2F;color}{&#x2F;bgcolor}
+Click "Edit". Select the "Annotations.WelcomeMessage" value and set it to the following. Click "OK".
+
+{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}	{/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
+{bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  &lt;F2&gt; Accept Conditions and Customize System / View Logs{/align}{align:right}&lt;F12&gt; Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}
+{bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value &quot;&lt;Banner text above&gt;&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ee488c0d-1327-4950-8af4-55e08f03ca47</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match &quot;You are accessing a U.S. Government&quot;
-expected &quot;&quot; to match &quot;You are accessing a U.S. Government&quot;
+Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value "&lt;Banner text above&gt;"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000006' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via the Direct Console User Interface (DCUI).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Annotations.WelcomeMessage\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage\n\n    If the \\\"Annotations.WelcomeMessage\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Annotations.WelcomeMessage\\\" value and set it to the following. Click \\\"OK\\\".\n\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{hostname} , {ip}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{esxproduct} {esxversion}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:yellow}{memory} RAM{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:black}{color:white}\\t{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  using this IS (which includes any device attached to this IS), you consent to the following conditions:                 {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law      {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          enforcement (LE), and counterintelligence (CI) investigations.                                                  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       At any time, the USG may inspect and seize data stored on this IS.                                              {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Communications using, or data stored on, this IS are not private, are subject to routine monitoring,            {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          interception, and search, and may be disclosed or used for any USG-authorized purpose.                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not     {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          for your personal benefit or privacy.                                                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}  -       Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching    {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or monitoring of the content of privileged communications, or work product, related to personal representation  {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work       {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}          product are private and confidential. See User Agreement for details.                                           {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{align:left}{bgcolor:yellow}{color:black}                                                                                                                          {/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n    {bgcolor:black} {/color}{align:left}{bgcolor:dark-grey}{color:white}  &lt;F2&gt; Accept Conditions and Customize System / View Logs{/align}{align:right}&lt;F12&gt; Accept Conditions and Shut Down/Restart  {bgcolor:black} {/color}{/color}{/bgcolor}{/align}\n    {bgcolor:black} {/color}{bgcolor:dark-grey}{color:black}                                                                                                                          {/color}{/bgcolor}\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Set-AdvancedSetting -Value \\\"&lt;Banner text above&gt;\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag satisfies: ['SRG-OS-000024-VMM-000070']\n  tag gid: 'V-ESXI-80-000006'\n  tag rid: 'SV-ESXI-80-000006'\n  tag stig_id: 'ESXI-80-000006'\n  tag cci: ['CCI-000048', 'CCI-000050']\n  tag nist: ['AC-8 a', 'AC-8 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read &amp; consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match "You are accessing a U.S. Government" :: MESSAGE expected "" to match "You are accessing a U.S. Government"
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match &quot;I&#39;ve read &amp; consent to terms in IS user agreem&#39;t&quot;
-expected &quot;&quot; to match &quot;I&#39;ve read &amp; consent to terms in IS user agreem&#39;t&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000008</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000027-VMM-000080</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000008</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000008</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable lockdown mode.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Annotations.WelcomeMessage | Select-Object -ExpandProperty Value stdout.strip is expected to match "I've read &amp; consent to terms in IS user agreem't" :: MESSAGE expected "" to match "I've read &amp; consent to terms in IS user agreem't"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000008</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000027-VMM-000080</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000008</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000008</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable lockdown mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.
 
-By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For environments that do not use vCenter server to manage ESXi, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.
 
-Scroll down to &quot;Lockdown Mode&quot; and verify it is set to &quot;Enabled&quot; (Normal or Strict).
+Scroll down to "Lockdown Mode" and verify it is set to "Enabled" (Normal or Strict).
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Select Name,@{N&#x3D;&quot;Lockdown&quot;;E&#x3D;{$_.Extensiondata.Config.LockdownMode}}
+Get-VMHost | Select Name,@{N="Lockdown";E={$_.Extensiondata.Config.LockdownMode}}
 
-If &quot;Lockdown Mode&quot; is disabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If "Lockdown Mode" is disabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile &gt;&gt; Lockdown Mode.
 
-Click edit and select either the &quot;Normal&quot; or &quot;Strict&quot; radio buttons.
+Click edit and select either the "Normal" or "Strict" radio buttons.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$level &#x3D; &quot;lockdownNormal&quot; OR &quot;lockdownStrict&quot;
-$vmhost &#x3D; Get-VMHost -Name &lt;hostname&gt; | Get-View
-$lockdown &#x3D; Get-View $vmhost.ConfigManager.HostAccessManager
+$level = "lockdownNormal" OR "lockdownStrict"
+$vmhost = Get-VMHost -Name &lt;hostname&gt; | Get-View
+$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager
 $lockdown.ChangeLockdownMode($level)
 
-Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1c96c876-617a-4a1b-9c7b-2d265410fdc2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-VMHost -Name 10.186.25.26).Extensiondata.Config.LockdownMode stdout.strip is expected to be in &quot;lockdownNormal&quot; and &quot;lockdownStrict&quot;
-expected &#x60;lockdownDisabled&#x60; to be in the list: &#x60;[&quot;lockdownNormal&quot;, &quot;lockdownStrict&quot;]&#x60;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000029-VMM-000100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host client must be configured with an idle session timeout.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to &quot;https:&#x2F;&#x2F;&lt;ESX FQDN&gt;&#x2F;ui&quot;. ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000008' do\n  title 'The ESXi host must enable lockdown mode.'\n  desc  \"\n    Enabling Lockdown Mode disables direct access to an ESXi host, requiring the host to be managed remotely from vCenter Server. This is done to ensure the roles and access controls implemented in vCenter are always enforced and users cannot bypass them by logging on to a host directly.\n\n    By forcing all interaction to occur through vCenter Server, the risk of someone inadvertently attaining elevated privileges or performing tasks that are not properly audited is greatly reduced.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.\n\n    Scroll down to \\\"Lockdown Mode\\\" and verify it is set to \\\"Enabled\\\" (Normal or Strict).\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Select Name,@{N=\\\"Lockdown\\\";E={$_.Extensiondata.Config.LockdownMode}}\n\n    If \\\"Lockdown Mode\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile &gt;&gt; Lockdown Mode.\n\n    Click edit and select either the \\\"Normal\\\" or \\\"Strict\\\" radio buttons.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $level = \\\"lockdownNormal\\\" OR \\\"lockdownStrict\\\"\n    $vmhost = Get-VMHost -Name &lt;hostname&gt; | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.ChangeLockdownMode($level)\n\n    Note: In strict lockdown mode, the Direct Console User Interface (DCUI) service is stopped. If the connection to vCenter Server is lost and the vSphere Client is no longer available, the ESXi host becomes inaccessible.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000027-VMM-000080'\n  tag gid: 'V-ESXI-80-000008'\n  tag rid: 'SV-ESXI-80-000008'\n  tag stig_id: 'ESXI-80-000008'\n  tag cci: ['CCI-000054']\n  tag nist: ['AC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['lockdownNormal', 'lockdownStrict']\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).Extensiondata.Config.LockdownMode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000054</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-VMHost -Name 10.186.25.26).Extensiondata.Config.LockdownMode stdout.strip is expected to be in "lockdownNormal" and "lockdownStrict" :: MESSAGE expected `lockdownDisabled` to be in the list: `["lockdownNormal", "lockdownStrict"]`</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000029-VMM-000100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host client must be configured with an idle session timeout.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to "https://&lt;ESX FQDN&gt;/ui". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.HostClientSessionTimeout&quot; value and verify it is set to &quot;900&quot; or less.
+Select the "UserVars.HostClientSessionTimeout" value and verify it is set to "900" or less.
 
 or
 
@@ -632,138 +605,133 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout
 
-If the &quot;UserVars.HostClientSessionTimeout&quot; setting is not set to &quot;900&quot; or less, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.HostClientSessionTimeout" setting is not set to "900" or less, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Fom the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.HostClientSessionTimeout&quot; value and configure it to &quot;900&quot;.
+Click "Edit". Select the "UserVars.HostClientSessionTimeout" value and configure it to "900".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value &quot;900&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a83dbe83-26ab-4b21-ab0c-c6370e7e6978</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;&#x3D; 900</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000033-VMM-000140</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value "900"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000010' do\n  title 'The ESXi host client must be configured with an idle session timeout.'\n  desc  'The ESXi host client is the UI served up by the host itself, outside of vCenter. It is accessed by browsing to \"https://&lt;ESX FQDN&gt;/ui\". ESXi is not usually administered via this interface for long periods and all users will be highly privileged. Implementing a mandatory session idle limit will ensure that orphaned, forgotten or ignored sessions will be closed promptly.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.HostClientSessionTimeout\\\" value and verify it is set to \\\"900\\\" or less.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout\n\n    If the \\\"UserVars.HostClientSessionTimeout\\\" setting is not set to \\\"900\\\" or less, this is a finding.\n  \"\n  desc  'fix', \"\n    Fom the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.HostClientSessionTimeout\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Set-AdvancedSetting -Value \\\"900\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000029-VMM-000100'\n  tag gid: 'V-ESXI-80-000010'\n  tag rid: 'SV-ESXI-80-000010'\n  tag stig_id: 'ESXI-80-000010'\n  tag cci: ['CCI-000057']\n  tag nist: ['AC-11 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp &lt;= 900 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.HostClientSessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;= 900</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000033-VMM-000140</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.
 
-OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
 # esxcli system security fips140 ssh get
@@ -772,17 +740,17 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 $esxcli.system.security.fips140.ssh.get.invoke()
 
 Expected result:
 
 Enabled: true
 
-If the FIPS mode is not enabled for SSH, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the FIPS mode is not enabled for SSH, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
 # esxcli system security fips140 ssh set -e true
@@ -791,130 +759,125 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.system.security.fips140.ssh.set.CreateArgs()
-$arguments.enable &#x3D; $true
-$esxcli.system.security.fips140.ssh.set.Invoke($arguments)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f292bfa2-dbed-4ad3-ab78-ec3cdbcb573b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-VMM-000150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000015</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi must produce audit records containing information to establish what type of events occurred.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()
+$arguments.enable = $true
+$esxcli.system.security.fips140.ssh.set.Invoke($arguments)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000014' do\n  title 'The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions.'\n  desc  \"\n    Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session.\n\n    OpenSSH on the ESXi host ships with a FIPS 140-2 validated cryptographic module and it is enabled by default. For backward compatibility reasons, this can be disabled so this setting must be audited and corrected if necessary.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.security.fips140.ssh.get.invoke()\n\n    Expected result:\n\n    Enabled: true\n\n    If the FIPS mode is not enabled for SSH, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system security fips140 ssh set -e true\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.fips140.ssh.set.CreateArgs()\n    $arguments.enable = $true\n    $esxcli.system.security.fips140.ssh.set.Invoke($arguments)\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000033-VMM-000140'\n  tag gid: 'V-ESXI-80-000014'\n  tag rid: 'SV-ESXI-80-000014'\n  tag stig_id: 'ESXI-80-000014'\n  tag cci: ['CCI-000068']\n  tag nist: ['AC-17 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.security.fips140.ssh.get.invoke() | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp == "true"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-VMM-000150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000015</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi must produce audit records containing information to establish what type of events occurred.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Config.HostAgent.log.level&quot; value and verify it is set to &quot;info&quot;.
+Select the "Config.HostAgent.log.level" value and verify it is set to "info".
 
 or
 
@@ -922,149 +885,144 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level
 
-If the &quot;Config.HostAgent.log.level&quot; setting is not set to &quot;info&quot;, this is a finding.
+If the "Config.HostAgent.log.level" setting is not set to "info", this is a finding.
 
-Note: Verbose logging level is acceptable for troubleshooting purposes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Note: Verbose logging level is acceptable for troubleshooting purposes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Config.HostAgent.log.level&quot; value and configure it to &quot;info&quot;.
+Click "Edit". Select the "Config.HostAgent.log.level" value and configure it to "info".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value &quot;info&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7871ad32-44bc-40cb-9c5a-c595233c5cbe</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000171</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;info&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000069-VMM-000360</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enforce password complexity by configuring a password quality policy.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value "info"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000015' do\n  title 'The ESXi must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.log.level\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level\n\n    If the \\\"Config.HostAgent.log.level\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.log.level\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.log.level | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag satisfies: ['SRG-OS-000063-VMM-000310']\n  tag gid: 'V-ESXI-80-000015'\n  tag rid: 'SV-ESXI-80-000015'\n  tag stig_id: 'ESXI-80-000015'\n  tag cci: ['CCI-000130', 'CCI-000171']\n  tag nist: ['AU-12 b', 'AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000171</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "info"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000035</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000069-VMM-000360</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000035</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000035</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enforce password complexity by configuring a password quality policy.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.
 
-The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Security.PasswordQualityControl&quot; value and verify it is set to &quot;similar&#x3D;deny retry&#x3D;3 min&#x3D;disabled,disabled,disabled,disabled,15&quot;.
+Select the "Security.PasswordQualityControl" value and verify it is set to "similar=deny retry=3 min=disabled,disabled,disabled,disabled,15".
 
 or
 
@@ -1072,167 +1030,160 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl
 
-If the &quot;Security.PasswordQualityControl&quot; setting is set to a value other than &quot;similar&#x3D;deny retry&#x3D;3 min&#x3D;disabled,disabled,disabled,disabled,15&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Security.PasswordQualityControl" setting is set to a value other than "similar=deny retry=3 min=disabled,disabled,disabled,disabled,15", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Security.PasswordQualityControl&quot; value and configure it to &quot;similar&#x3D;deny retry&#x3D;3 min&#x3D;disabled,disabled,disabled,disabled,15&quot;.
+Click "Edit". Select the "Security.PasswordQualityControl" value and configure it to "similar=deny retry=3 min=disabled,disabled,disabled,disabled,15".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value &quot;similar&#x3D;deny retry&#x3D;3 min&#x3D;disabled,disabled,disabled,disabled,15&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>27e4d075-c96e-4a24-bef8-08429a86d7fd</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;similar&#x3D;deny retry&#x3D;3 min&#x3D;disabled,disabled,disabled,disabled,15&quot;
-
-expected: similar&#x3D;deny retry&#x3D;3 min&#x3D;disabled,disabled,disabled,disabled,15
-     got: retry&#x3D;3 min&#x3D;disabled,disabled,disabled,7,7
-
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000077-VMM-000440</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000043</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must prohibit password reuse for a minimum of five generations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user&#39;s password until it was guessed correctly.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value "similar=deny retry=3 min=disabled,disabled,disabled,disabled,15"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000035' do\n  title 'The ESXi host must enforce password complexity by configuring a password quality policy.'\n  desc  \"\n    To enforce the use of complex passwords, minimum numbers of characters of different classes are mandated.\n\n    The use of complex passwords reduces the ability of attackers to successfully obtain valid passwords using guessing or exhaustive search techniques. Complexity requirements increase the password search space by requiring users to construct passwords from a larger character set than they may otherwise use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Security.PasswordQualityControl\\\" value and verify it is set to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl\n\n    If the \\\"Security.PasswordQualityControl\\\" setting is set to a value other than \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordQualityControl\\\" value and configure it to \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordQualityControl | Set-AdvancedSetting -Value \\\"similar=deny retry=3 min=disabled,disabled,disabled,disabled,15\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000069-VMM-000360'\n  tag satisfies: ['SRG-OS-000070-VMM-000370', 'SRG-OS-000071-VMM-000380', 'SRG-OS-000072-VMM-000390', 'SRG-OS-000078-VMM-000450', 'SRG-OS-000266-VMM-000940']\n  tag gid: 'V-ESXI-80-000035'\n  tag rid: 'SV-ESXI-80-000035'\n  tag stig_id: 'ESXI-80-000035'\n  tag cci: ['CCI-000192', 'CCI-000193', 'CCI-000194', 'CCI-000195', 'CCI-000205', 'CCI-001619']\n  tag nist: ['IA-5 (1) (a)', 'IA-5 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'similar=deny retry=3 min=disabled,disabled,disabled,disabled,15' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordQualityControl | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "similar=deny retry=3 min=disabled,disabled,disabled,disabled,15" :: MESSAGE 
+expected: similar=deny retry=3 min=disabled,disabled,disabled,disabled,15
+     got: retry=3 min=disabled,disabled,disabled,7,7
+
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000077-VMM-000440</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000043</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must prohibit password reuse for a minimum of five generations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Security.PasswordHistory&quot; value and verify it is set to &quot;5&quot; or greater.
+Select the "Security.PasswordHistory" value and verify it is set to "5" or greater.
 
 or
 
@@ -1240,141 +1191,136 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory
 
-If the &quot;Security.PasswordHistory&quot; setting is set to a value other than 5 or greater, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Security.PasswordHistory" setting is set to a value other than 5 or greater, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Security.PasswordHistory&quot; value and configure it to &quot;5&quot;.
+Click "Edit". Select the "Security.PasswordHistory" value and configure it to "5".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e1a34ed1-1e99-4261-b859-429f7f36a035</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;5&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000047</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-VMM-000480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000047</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000047</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000043' do\n  title 'The ESXi host must prohibit password reuse for a minimum of five generations.'\n  desc  \"If a user or root used the same password continuously or was allowed to change it back shortly after being forced to change it to something else, it would provide a potential intruder with the opportunity to keep guessing at one user's password until it was guessed correctly.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Security.PasswordHistory\\\" value and verify it is set to \\\"5\\\" or greater.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory\n\n    If the \\\"Security.PasswordHistory\\\" setting is set to a value other than 5 or greater, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordHistory\\\" value and configure it to \\\"5\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordHistory | Set-AdvancedSetting -Value 5\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000077-VMM-000440'\n  tag gid: 'V-ESXI-80-000043'\n  tag rid: 'SV-ESXI-80-000043'\n  tag stig_id: 'ESXI-80-000043'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '5' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordHistory | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "5"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000047</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-VMM-000480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000047</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000047</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Config.HostAgent.plugins.solo.enableMob&quot; value and verify it is set to &quot;false&quot;.
+Select the "Config.HostAgent.plugins.solo.enableMob" value and verify it is set to "false".
 
 or
 
@@ -1382,145 +1328,140 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob
 
-If the &quot;Config.HostAgent.plugins.solo.enableMob&quot; setting is not set to &quot;false&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Config.HostAgent.plugins.solo.enableMob" setting is not set to "false", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Config.HostAgent.plugins.solo.enableMob&quot; value and configure it to &quot;false&quot;.
+Click "Edit". Select the "Config.HostAgent.plugins.solo.enableMob" value and configure it to "false".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1e4264a4-81b3-4f2b-b345-da511e0b652c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000104-VMM-000500</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000049</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000047' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the Managed Object Browser (MOB).'\n  desc  'The MOB provides a way to explore the object model used by the VMkernel to manage the host and enables configurations to be changed. This interface is meant to be used primarily for debugging the vSphere Software Development Kit (SDK), but because there are no access controls it could also be used as a method to obtain information about a host being targeted for unauthorized access.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and verify it is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob\n\n    If the \\\"Config.HostAgent.plugins.solo.enableMob\\\" setting is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.solo.enableMob\\\" value and configure it to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Set-AdvancedSetting -Value false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000047'\n  tag rid: 'SV-ESXI-80-000047'\n  tag stig_id: 'ESXI-80-000047'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.plugins.solo.enableMob | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000104-VMM-000500</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000049</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.
 
-Note: If the Active Directory group &quot;ESX Admins&quot; (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For systems that do not use Active Directory and have no local user accounts other than root and&#x2F;or service accounts, this is not applicable.
+Note: If the Active Directory group "ESX Admins" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Authentication Services.
 
-Verify the &quot;Directory Services Type&quot; is set to &quot;Active Directory&quot;.
+Verify the "Directory Services Type" is set to "Active Directory".
 
 or
 
@@ -1528,294 +1469,283 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-VMHostAuthentication
 
-For systems that do not use Active Directory and do have local user accounts, other than root and&#x2F;or service accounts, this is a finding.
+For systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.
 
-If the &quot;Directory Services Type&quot; is not set to &quot;Active Directory&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Directory Services Type" is not set to "Active Directory", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Authentication Services.
 
-Click &quot;Join Domain...&quot; and enter the AD domain to join.
+Click "Join Domain..." and enter the AD domain to join.
 
-Select the &quot;Using credentials&quot; radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming &quot;user@domain&quot;). Click &quot;OK&quot;.
+Select the "Using credentials" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming "user@domain"). Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain &quot;domain name&quot; -User &quot;username&quot; -Password &quot;password&quot;
-
-If any local user accounts are present besides root and service accounts, delete them by going to Host UI &gt;&gt; Manage &gt;&gt; Security &amp; Users &gt;&gt; Users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ca3893ce-60bc-4be2-b9fd-99fc1c6a3f84</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000770</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001682</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001941</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001942</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus stdout.strip is expected to cmp &#x3D;&#x3D; &quot;&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000052</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000107-VMM-000530</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000052</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000052</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete &quot;rsh&quot; command in allowing users to enable insecure access to their accounts via &quot;.rhosts&quot; files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain "domain name" -User "username" -Password "password"
+
+If any local user accounts are present besides root and service accounts, delete them by going to Host UI &gt;&gt; Manage &gt;&gt; Security &amp; Users &gt;&gt; Users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000049' do\n  title 'The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory.'\n  desc  \"\n    Join ESXi hosts to an Active Directory domain to eliminate the need to create and maintain multiple local user accounts. Using Active Directory for user authentication simplifies the ESXi host configuration, ensures password complexity and reuse policies are enforced, and reduces the risk of security breaches and unauthorized access.\n\n    Note: If the Active Directory group \\\"ESX Admins\\\" (default) exists, all users and groups assigned as members to this group will have full administrative access to all ESXi hosts in the domain.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory and have no local user accounts other than root and/or service accounts, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Authentication Services.\n\n    Verify the \\\"Directory Services Type\\\" is set to \\\"Active Directory\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication\n\n    For systems that do not use Active Directory and do have local user accounts, other than root and/or service accounts, this is a finding.\n\n    If the \\\"Directory Services Type\\\" is not set to \\\"Active Directory\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Authentication Services.\n\n    Click \\\"Join Domain...\\\" and enter the AD domain to join.\n\n    Select the \\\"Using credentials\\\" radio button and enter the credentials of an account with permissions to join machines to AD (use UPN naming \\\"user@domain\\\"). Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostAuthentication | Set-VMHostAuthentication -JoinDomain -Domain \\\"domain name\\\" -User \\\"username\\\" -Password \\\"password\\\"\n\n    If any local user accounts are present besides root and service accounts, delete them by going to Host UI &gt;&gt; Manage &gt;&gt; Security &amp; Users &gt;&gt; Users.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000104-VMM-000500'\n  tag satisfies: ['SRG-OS-000109-VMM-000550', 'SRG-OS-000112-VMM-000560', 'SRG-OS-000113-VMM-000570', 'SRG-OS-000123-VMM-000620']\n  tag gid: 'V-ESXI-80-000049'\n  tag rid: 'SV-ESXI-80-000049'\n  tag stig_id: 'ESXI-80-000049'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-001682', 'CCI-001941', 'CCI-001942']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-2 (8)', 'IA-2 (9)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if input('adJoined')\n      list = ['Joined', 'Ok']\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should be_in list }\n        end\n      end\n    else\n      vmhosts.each do |vmhost|\n        command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp '' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000770</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001682</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001941</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001942</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus stdout.strip is expected to cmp == ""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000052</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000107-VMM-000530</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000052</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000052</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete "rsh" command in allowing users to enable insecure access to their accounts via ".rhosts" files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep ignorerhosts
+# /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts
 
 Expected result:
 
 ignorerhosts yes
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-IgnoreRhosts yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6014ac4b-a3a3-46d7-b468-b533db282e50</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000767</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-VMM-000700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The &quot;ESXiShellInteractiveTimeOut&quot; allows the automatic termination of idle shell sessions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+IgnoreRhosts yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000052' do\n  title 'The ESXi host Secure Shell (SSH) daemon must ignore .rhosts files.'\n  desc  'SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH can emulate the behavior of the obsolete \"rsh\" command in allowing users to enable insecure access to their accounts via \".rhosts\" files.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ignorerhosts\n\n    Expected result:\n\n    ignorerhosts yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    IgnoreRhosts yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000107-VMM-000530'\n  tag gid: 'V-ESXI-80-000052'\n  tag rid: 'SV-ESXI-80-000052'\n  tag stig_id: 'ESXI-80-000052'\n  tag cci: ['CCI-000767']\n  tag nist: ['IA-2 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000767</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-VMM-000700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The "ESXiShellInteractiveTimeOut" allows the automatic termination of idle shell sessions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.ESXiShellInteractiveTimeOut&quot; value and verify it is set to less than &quot;900&quot; and not &quot;0&quot;.
+Select the "UserVars.ESXiShellInteractiveTimeOut" value and verify it is set to less than "900" and not "0".
 
 or
 
@@ -1823,151 +1753,143 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut
 
-If the &quot;UserVars.ESXiShellInteractiveTimeOut&quot; setting is set to a value greater than &quot;900&quot; or &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.ESXiShellInteractiveTimeOut" setting is set to a value greater than "900" or "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.ESXiShellInteractiveTimeOut&quot; value and configure it to &quot;900&quot;.
+Click "Edit". Select the "UserVars.ESXiShellInteractiveTimeOut" value and configure it to "900".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4e75cd46-a7b6-49cf-8c89-8cb72142b2cb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;&#x3D; 900
+Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000068' do\n  title 'The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes.'\n  desc  'If a user forgets to log out of their local or remote ESXi Shell session, the idle connection will remain open indefinitely and increase the likelihood of inappropriate host access via session hijacking. The \"ESXiShellInteractiveTimeOut\" allows the automatic termination of idle shell sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut\n\n    If the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" setting is set to a value greater than \\\"900\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellInteractiveTimeOut\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag satisfies: ['SRG-OS-000279-VMM-001010']\n  tag gid: 'V-ESXI-80-000068'\n  tag rid: 'SV-ESXI-80-000068'\n  tag stig_id: 'ESXI-80-000068'\n  tag cci: ['CCI-001133', 'CCI-002361']\n  tag nist: ['AC-12', 'SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp &lt;= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;= 900
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp &#x3D;&#x3D; 0
-
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellInteractiveTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0 :: MESSAGE 
 expected: 0
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000085</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000257-VMM-000910</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000085</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000085</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must implement Secure Boot enforcement.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000085</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000257-VMM-000910</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000085</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000085</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must implement Secure Boot enforcement.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.
 
-Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.
 
 From an ESXi shell, run the following command:
@@ -1978,307 +1900,294 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 $esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot
 
 Expected result:
 
 Require Secure Boot: true
 
-If &quot;Require Secure Boot&quot; is not enable, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If "Require Secure Boot" is not enable, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.
 
 From an ESXi shell, run the following commands:
 
-# esxcli system settings encryption set --require-secure-boot&#x3D;true
-# &#x2F;sbin&#x2F;auto-backup.sh
+# esxcli system settings encryption set --require-secure-boot=true
+# /sbin/auto-backup.sh
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.system.settings.encryption.set.CreateArgs()
-$arguments.requiresecureboot &#x3D; $true
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.system.settings.encryption.set.CreateArgs()
+$arguments.requiresecureboot = $true
 $esxcli.system.settings.encryption.set.Invoke($arguments)
 
-Evacuate the host and gracefully reboot for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b052cb65-55db-4e44-a31f-294efadffc77</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001495</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002699</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
-
+Evacuate the host and gracefully reboot for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000085' do\n  title 'The ESXi host must implement Secure Boot enforcement.'\n  desc  \"\n    Secure Boot is part of the UEFI firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and it requires that all ESXi kernel modules, drivers and VIBs be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. This control flips ESXi from merely supporting Secure Boot to requiring it. Without this setting enabled, and configuration encryption, an ESXi host could be subject to offline attacks. An attacker could simply transfer the ESXi install drive to a non-Secure Boot host and boot it up without ESXi complaining.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select RequireSecureBoot\n\n    Expected result:\n\n    Require Secure Boot: true\n\n    If \\\"Require Secure Boot\\\" is not enable, this is a finding.\n  \"\n  desc 'fix', \"\n    This setting cannot be configured until Secure Boot is properly enabled in the servers firmware.\n\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings encryption set --require-secure-boot=true\n    # /sbin/auto-backup.sh\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.requiresecureboot = $true\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000257-VMM-000910'\n  tag satisfies: ['SRG-OS-000258-VMM-000920', 'SRG-OS-000445-VMM-001780', 'SRG-OS-000446-VMM-001790']\n  tag gid: 'V-ESXI-80-000085'\n  tag rid: 'SV-ESXI-80-000085'\n  tag stig_id: 'ESXI-80-000085'\n  tag cci: ['CCI-001494', 'CCI-001495', 'CCI-002696', 'CCI-002699']\n  tag nist: ['AU-9', 'SI-6 a', 'SI-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001494</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001495</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002696</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002699</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty RequireSecureBoot stdout.strip is expected to cmp == "true" :: MESSAGE 
 expected: true
      got: false
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000094</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000278-VMM-001000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000094</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000094</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable Secure Boot.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000094</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000278-VMM-001000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000094</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000094</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable Secure Boot.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.
 
-Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to &quot;turn on&quot; Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to "turn on" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;secureboot&#x2F;bin&#x2F;secureBoot.py -s
+# /usr/lib/vmware/secureboot/bin/secureBoot.py -s
 
-If Secure Boot is not &quot;Enabled&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If Secure Boot is not "Enabled", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;secureboot&#x2F;bin&#x2F;secureBoot.py -c
+# /usr/lib/vmware/secureboot/bin/secureBoot.py -c
 
 If the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.
 
 Once all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.
 
-To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>846a6cfc-c721-4045-a4ba-6103d544569b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000111</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000329-VMM-001180</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000111</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000111</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000094' do\n  title 'The ESXi host must enable Secure Boot.'\n  desc  \"\n    Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) firmware standard. With UEFI Secure Boot enabled, a host refuses to load any UEFI driver or app unless the operating system bootloader has a valid digital signature. Secure Boot for ESXi requires support from the firmware and requires that all ESXi kernel modules, drivers, and vSphere Installation Bundles (VIBs) be signed by VMware or a partner subordinate.\n\n    Secure Boot is enabled in the BIOS of the ESXi physical server and supported by the hypervisor boot loader. There is no ESXi control to \\\"turn on\\\" Secure Boot. Requiring Secure Boot (failing to boot without it present) is accomplished in another control.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -s\n\n    If Secure Boot is not \\\"Enabled\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/secureboot/bin/secureBoot.py -c\n\n    If the output indicates that Secure Boot cannot be enabled, correct the discrepancies and try again.\n\n    Once all discrepancies are resolved then the server ESXi is installed on can be updated to enable Secure Boot in the firmware.\n\n    To enable Secure Boot in the servers firmware follow the instructions for the specific manufacturer.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000278-VMM-001000'\n  tag gid: 'V-ESXI-80-000094'\n  tag rid: 'SV-ESXI-80-000094'\n  tag stig_id: 'ESXI-80-000094'\n  tag cci: ['CCI-001496']\n  tag nist: ['AU-9 (3)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001496</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000111</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000329-VMM-001180</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000111</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000111</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Security.AccountUnlockTime&quot; value and verify it is set to less than &quot;900&quot; and not &quot;0&quot;.
+Select the "Security.AccountUnlockTime" value and verify it is set to less than "900" and not "0".
 
 or
 
@@ -2286,146 +2195,140 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime
 
-If the &quot;Security.AccountUnlockTime&quot; setting is less than 900 or 0, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Security.AccountUnlockTime" setting is less than 900 or 0, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Security.AccountUnlockTime&quot; value and configure it to &quot;900&quot;.
+Click "Edit". Select the "Security.AccountUnlockTime" value and configure it to "900".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8d8e4a4b-37cd-4750-a33f-be46ce35ba39</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;&#x3D; 900
+Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000111' do\n  title 'The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.'\n  desc  'By enforcing a reasonable unlock timeout after multiple failed logon attempts, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. Users must wait for the timeout period to elapse before subsequent logon attempts are allowed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Security.AccountUnlockTime\\\" value and verify it is set to less than \\\"900\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime\n\n    If the \\\"Security.AccountUnlockTime\\\" setting is less than 900 or 0, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.AccountUnlockTime\\\" value and configure it to \\\"900\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.AccountUnlockTime | Set-AdvancedSetting -Value 900\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000329-VMM-001180'\n  tag gid: 'V-ESXI-80-000111'\n  tag rid: 'SV-ESXI-80-000111'\n  tag stig_id: 'ESXI-80-000111'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp &lt;= 900 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;= 900
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp &#x3D;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000113</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000341-VMM-001220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000113</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000113</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.AccountUnlockTime | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000113</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000341-VMM-001220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000113</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000113</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.
 
-If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.auditRecord.storageCapacity&quot; value and verify it is set to &quot;100&quot;.
+Select the "Syslog.global.auditRecord.storageCapacity" value and verify it is set to "100".
 
 or
 
@@ -2433,155 +2336,148 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity
 
-If the &quot;Syslog.global.auditRecord.storageCapacity&quot; setting is not set to 100, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Syslog.global.auditRecord.storageCapacity" setting is not set to 100, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.auditRecord.storageCapacity&quot; value and configure it to &quot;100&quot;.
+Click "Edit". Select the "Syslog.global.auditRecord.storageCapacity" value and configure it to "100".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>20c235b2-afe4-4d27-bfe4-14bc87f0dbe6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001849</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;100&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000113' do\n  title 'The ESXi host must allocate audit record storage capacity to store at least one weeks worth of audit records.'\n  desc  \"\n    In order to ensure ESXi has sufficient storage capacity in which to write the audit logs, audit record storage capacity should be configured.\n\n    If a central audit record storage facility is available, the local storage capacity should be sufficient to hold audit records that would accumulate during anticipated interruptions in delivery of records to the facility.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and verify it is set to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity\n\n    If the \\\"Syslog.global.auditRecord.storageCapacity\\\" setting is not set to 100, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageCapacity\\\" value and configure it to \\\"100\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Set-AdvancedSetting -Value 100\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000113'\n  tag rid: 'SV-ESXI-80-000113'\n  tag stig_id: 'ESXI-80-000113'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '100' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001849</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageCapacity | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "100" :: MESSAGE 
 expected: 100
      got: 4
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000114</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-VMM-001230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000114</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000114</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must off-load logs via syslog.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000114</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-VMM-001230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000114</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000114</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must off-load logs via syslog.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.
 
-Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.logHost&quot; value and verify it is set to a site-specific syslog server.
+Select the "Syslog.global.logHost" value and verify it is set to a site-specific syslog server.
 
 Syslog servers are specified in the following formats:
 
-udp:&#x2F;&#x2F;&lt;IP or FQDN&gt;:514
-tcp:&#x2F;&#x2F;&lt;IP or FQDN&gt;:514
-ssl:&#x2F;&#x2F;&lt;IP or FQDN&gt;:1514
+udp://&lt;IP or FQDN&gt;:514
+tcp://&lt;IP or FQDN&gt;:514
+ssl://&lt;IP or FQDN&gt;:1514
 
 Multiple servers can also be specified when separated by commas.
 
@@ -2591,154 +2487,147 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost
 
-If the &quot;Syslog.global.logHost&quot; setting is not set to a valid, site-specific syslog server, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Syslog.global.logHost" setting is not set to a valid, site-specific syslog server, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.logHost&quot; value and configure it to a site-specific syslog server.
+Click "Edit". Select the "Syslog.global.logHost" value and configure it to a site-specific syslog server.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value &quot;enter site specific servers&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>caa99df6-a7cc-4865-9abf-cd2d35be741e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001683</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001684</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001686</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;tcp:&#x2F;&#x2F;log.test.local:514&quot;
-
-expected: tcp:&#x2F;&#x2F;log.test.local:514
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value "enter site specific servers"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000114' do\n  title 'The ESXi host must off-load logs via syslog.'\n  desc  \"\n    Remote logging to a central log host provides a secure, centralized store for ESXi logs. By gathering host log files onto a central host, it can more easily monitor all hosts with a single tool. It can also do aggregate analysis and searching to look for such things as coordinated attacks on multiple hosts.\n\n    Logging to a secure, centralized log server also helps prevent log tampering and provides a long-term audit record.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.logHost\\\" value and verify it is set to a site-specific syslog server.\n\n    Syslog servers are specified in the following formats:\n\n    udp://&lt;IP or FQDN&gt;:514\n    tcp://&lt;IP or FQDN&gt;:514\n    ssl://&lt;IP or FQDN&gt;:1514\n\n    Multiple servers can also be specified when separated by commas.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost\n\n    If the \\\"Syslog.global.logHost\\\" setting is not set to a valid, site-specific syslog server, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logHost\\\" value and configure it to a site-specific syslog server.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logHost | Set-AdvancedSetting -Value \\\"enter site specific servers\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag satisfies: ['SRG-OS-000274-VMM-000960', 'SRG-OS-000275-VMM-000970', 'SRG-OS-000277-VMM-000990', 'SRG-OS-000479-VMM-001990']\n  tag gid: 'V-ESXI-80-000114'\n  tag rid: 'SV-ESXI-80-000114'\n  tag stig_id: 'ESXI-80-000114'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001686', 'CCI-001851']\n  tag nist: ['AC-2 (4)', 'AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('syslogServer')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001683</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001684</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001686</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logHost | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "tcp://log.test.local:514" :: MESSAGE 
+expected: tcp://log.test.local:514
      got: 
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000124</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000355-VMM-001330</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000124</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000124</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must synchronize internal information system clocks to an authoritative time source.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000124</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000355-VMM-001330</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000124</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000124</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must synchronize internal information system clocks to an authoritative time source.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Time Configuration.
@@ -2756,39 +2645,39 @@ or
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
 Get-VMHost | Get-VMHostNTPServer
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;NTP Daemon&quot; -or $_.Label -eq &quot;PTP Daemon&quot;}
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "NTP Daemon" -or $_.Label -eq "PTP Daemon"}
 
-If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (&quot;Policy&quot; of &quot;on&quot; in PowerCLI) or is stopped, this is a finding.
-If PTP is used instead of NTP, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host ("Policy" of "on" in PowerCLI) or is stopped, this is a finding.
+If PTP is used instead of NTP, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To configure NTP, perform the following:
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Time Configuration.
 
-Click &quot;Add Service&quot; and select &quot;Network Time Protocol&quot;.
+Click "Add Service" and select "Network Time Protocol".
 
-Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click &quot;OK&quot;.
+Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click "OK".
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Select the &quot;NTP Daemon&quot; service and click &quot;Edit Startup Policy&quot;.
+Select the "NTP Daemon" service and click "Edit Startup Policy".
 
-Select &quot;Start and stop with host&quot;. Click &quot;OK&quot;.
+Select "Start and stop with host". Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$NTPServers &#x3D; &quot;ntpserver1&quot;,&quot;ntpserver2&quot;
+$NTPServers = "ntpserver1","ntpserver2"
 Get-VMHost | Add-VMHostNTPServer $NTPServers
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;NTP Daemon&quot;} | Set-VMHostService -Policy On
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;NTP Daemon&quot;} | Start-VMHostService
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "NTP Daemon"} | Set-VMHostService -Policy On
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "NTP Daemon"} | Start-VMHostService
 
 To configure PTP, perform the following:
 
@@ -2796,149 +2685,139 @@ From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Time Configuration.
 
-Click &quot;Add Service&quot; and select &quot;Precision Time Protocol&quot;.
+Click "Add Service" and select "Precision Time Protocol".
 
 Select the network adapter that can receive the PTP traffic.
 
-If NTP servers are available, select &quot;Enable fallback&quot; and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click &quot;OK&quot;.
+If NTP servers are available, select "Enable fallback" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click "OK".
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Select the &quot;PTP Daemon&quot; service and click &quot;Edit Startup Policy&quot;.
-
-Select &quot;Start and stop with host&quot;. Click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d878425f-8f95-4e1a-9e2d-eaa8135da946</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002046</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;NTP Daemon&#39;} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp &#x3D;&#x3D; &quot;on&quot;
-
+Select the "PTP Daemon" service and click "Edit Startup Policy".
+
+Select "Start and stop with host". Click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000124' do\n  title 'The ESXi host must synchronize internal information system clocks to an authoritative time source.'\n  desc  'To ensure the accuracy of the system clock, it must be synchronized with an authoritative time source within DOD. Many system functions, including time-based logon and activity restrictions, automated reports, system logs, and audit records, depend on an accurate system clock. If there is no confidence in the correctness of the system clock, time-based functions may not operate as intended and records may be of diminished value.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Time Configuration.\n\n    Verify NTP or PTP are configured, and one or more authoritative time sources are listed.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Verify the NTP or PTP service is running and configured to start and stop with the host.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostNTPServer\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\" -or $_.Label -eq \\\"PTP Daemon\\\"}\n\n    If the NTP service is not configured with authoritative DOD time sources or the service is not configured to start and stop with the host (\\\"Policy\\\" of \\\"on\\\" in PowerCLI) or is stopped, this is a finding.\n    If PTP is used instead of NTP, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    To configure NTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Network Time Protocol\\\".\n\n    Enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Select the \\\"NTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $NTPServers = \\\"ntpserver1\\\",\\\"ntpserver2\\\"\n    Get-VMHost | Add-VMHostNTPServer $NTPServers\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Set-VMHostService -Policy On\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"NTP Daemon\\\"} | Start-VMHostService\n\n    To configure PTP, perform the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Time Configuration.\n\n    Click \\\"Add Service\\\" and select \\\"Precision Time Protocol\\\".\n\n    Select the network adapter that can receive the PTP traffic.\n\n    If NTP servers are available, select \\\"Enable fallback\\\" and enter or update the NTP servers listed with a comma separate list of authoritative time servers. Click \\\"OK\\\".\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Select the \\\"PTP Daemon\\\" service and click \\\"Edit Startup Policy\\\".\n\n    Select \\\"Start and stop with host\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000355-VMM-001330'\n  tag satisfies: ['SRG-OS-000356-VMM-001340']\n  tag gid: 'V-ESXI-80-000124'\n  tag rid: 'SV-ESXI-80-000124'\n  tag stig_id: 'ESXI-80-000124'\n  tag cci: ['CCI-001891', 'CCI-002046']\n  tag nist: ['AU-8 (1) (a)', 'AU-8 (1) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'on' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      results = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-VMHostNTPServer\").stdout\n      if !results.empty?\n        results.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n          describe \"NTP Server: #{result} for VMHost: #{vmhost}\" do\n            subject { result }\n            it { should be_in \"#{input('esxiNtpServers')}\" }\n          end\n        end\n      else\n        describe \"No NTP servers found on VMhost: #{vmhost}\" do\n          subject { results }\n          it { should_not be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002046</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == "on" :: MESSAGE 
 expected: on
      got: off
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;NTP Daemon&#39;} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
-
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'NTP Daemon'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == "true" :: MESSAGE 
 expected: true
      got: False
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-No NTP servers found on VMhost: 10.186.25.26 is expected not to be empty
-expected &#x60;&quot;&quot;.empty?&#x60; to be falsey, got true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000366-VMM-001430</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+failed :: TEST No NTP servers found on VMhost: 10.186.25.26 is expected not to be empty :: MESSAGE expected `"".empty?` to be falsey, got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000366-VMM-001430</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:
 
 1. VMwareCertified - VIBs created, tested, and signed by VMware.
@@ -2946,168 +2825,163 @@ expected &#x60;&quot;&quot;.empty?&#x60; to be falsey, got true</FINDING_DETAILS
 3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.
 4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.
 
-Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.
 
-Under &quot;Host Image Profile Acceptance Level&quot; view the acceptance level.
+Under "Host Image Profile Acceptance Level" view the acceptance level.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 $esxcli.software.acceptance.get.Invoke()
 
-If the acceptance level is &quot;CommunitySupported&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the acceptance level is "CommunitySupported", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.
 
-Under &quot;Host Image Profile Acceptance Level&quot;, click &quot;Edit&quot;.
+Under "Host Image Profile Acceptance Level", click "Edit".
 
-Using the drop-down selection, set the acceptance level as &quot;VMwareCertified&quot;, &quot;VMwareAccepted&quot;, or &quot;PartnerSupported&quot;. The default is &quot;PartnerSupported&quot;.
+Using the drop-down selection, set the acceptance level as "VMwareCertified", "VMwareAccepted", or "PartnerSupported". The default is "PartnerSupported".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.software.acceptance.set.CreateArgs()
-$arguments.level &#x3D; &quot;PartnerSupported&quot;
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.software.acceptance.set.CreateArgs()
+$arguments.level = "PartnerSupported"
 $esxcli.software.acceptance.set.Invoke($arguments)
 
-Note: &quot;VMwareCertified&quot; or &quot;VMwareAccepted&quot; may be substituted for &quot;PartnerSupported&quot;, depending on local requirements. These are case sensitive.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>dbb3e51a-64c5-401b-9e4e-b1d73be5ddf3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001774</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke() stdout.strip is expected to be in &quot;PartnerSupported&quot;, &quot;VMwareCertified&quot;, and &quot;VMwareAccepted&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000379-VMM-001550</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Note: "VMwareCertified" or "VMwareAccepted" may be substituted for "PartnerSupported", depending on local requirements. These are case sensitive.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000133' do\n  title 'The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified.'\n  desc  \"\n    Verify the ESXi Image Profile to only allow signed VIBs. An unsigned VIB represents untested code installed on an ESXi host. The ESXi Image profile supports four acceptance levels:\n\n    1. VMwareCertified - VIBs created, tested, and signed by VMware.\n    2. VMwareAccepted - VIBs created by a VMware partner but tested and signed by VMware.\n    3. PartnerSupported - VIBs created, tested, and signed by a certified VMware partner.\n    4. CommunitySupported - VIBs that have not been tested by VMware or a VMware partner.\n\n    Community Supported VIBs are not supported and do not have a digital signature. To protect the security and integrity of ESXi hosts, do not allow unsigned (CommunitySupported) VIBs to be installed on hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\" view the acceptance level.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.software.acceptance.get.Invoke()\n\n    If the acceptance level is \\\"CommunitySupported\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.\n\n    Under \\\"Host Image Profile Acceptance Level\\\", click \\\"Edit\\\".\n\n    Using the drop-down selection, set the acceptance level as \\\"VMwareCertified\\\", \\\"VMwareAccepted\\\", or \\\"PartnerSupported\\\". The default is \\\"PartnerSupported\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.software.acceptance.set.CreateArgs()\n    $arguments.level = \\\"PartnerSupported\\\"\n    $esxcli.software.acceptance.set.Invoke($arguments)\n\n    Note: \\\"VMwareCertified\\\" or \\\"VMwareAccepted\\\" may be substituted for \\\"PartnerSupported\\\", depending on local requirements. These are case sensitive.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000366-VMM-001430'\n  tag satisfies: ['SRG-OS-000370-VMM-001460']\n  tag gid: 'V-ESXI-80-000133'\n  tag rid: 'SV-ESXI-80-000133'\n  tag stig_id: 'ESXI-80-000133'\n  tag cci: ['CCI-001749', 'CCI-001774']\n  tag nist: ['CM-5 (3)', 'CM-7 (5) (b)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    list = ['PartnerSupported', 'VMwareCertified', 'VMwareAccepted']\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke()\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should be_in list }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001749</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001774</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.software.acceptance.get.Invoke() stdout.strip is expected to be in "PartnerSupported", "VMwareCertified", and "VMwareAccepted"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000379-VMM-001550</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If iSCSI is not used, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
@@ -3122,145 +2996,139 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostHba | Where {$_.Type -eq &quot;iscsi&quot;} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties
+Get-VMHost | Get-VMHostHba | Where {$_.Type -eq "iscsi"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties
 
-If iSCSI is used and CHAP is not set to &quot;required&quot; for both the target and host, this is a finding.
+If iSCSI is used and CHAP is not set to "required" for both the target and host, this is a finding.
 
-If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Storage &gt;&gt; Storage Adapters.
 
 Select the iSCSI adapter &gt;&gt; Properties &gt;&gt; Authentication.
 
-Click &quot;Edit...&quot;. Set &quot;Authentication Method&quot; to &quot;Use bidirectional CHAP&quot; and enter a unique secret for each traffic flow direction.
+Click "Edit...". Set "Authentication Method" to "Use bidirectional CHAP" and enter a unique secret for each traffic flow direction.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostHba | Where {$_.Type -eq &quot;iscsi&quot;} | Set-VMHostHba -ChapType Required -ChapName &quot;chapname&quot; -ChapPassword &quot;password&quot; -MutualChapEnabled $true -MutualChapName &quot;mutualchapname&quot; -MutualChapPassword &quot;mutualpassword&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a8d7b85d-f65a-40de-8966-90e4196c1d54</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-
-There are no iSCSI HBAs present so this control is Not Applicable</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-VMM-001700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000160</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-VMHostHba | Where {$_.Type -eq "iscsi"} | Set-VMHostHba -ChapType Required -ChapName "chapname" -ChapPassword "password" -MutualChapEnabled $true -MutualChapName "mutualchapname" -MutualChapPassword "mutualpassword"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000145' do\n  title 'The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, there is potential for a man-in-the-middle attack, in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If iSCSI is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Storage &gt;&gt; Storage Adapters.\n\n    Select the iSCSI adapter &gt;&gt; Properties &gt;&gt; Authentication &gt;&gt; Method.\n\n    View the CHAP configuration and verify CHAP is required for target and host authentication.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Select AuthenticationProperties -ExpandProperty AuthenticationProperties\n\n    If iSCSI is used and CHAP is not set to \\\"required\\\" for both the target and host, this is a finding.\n\n    If iSCSI is used and unique CHAP secrets are not used for each host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Storage &gt;&gt; Storage Adapters.\n\n    Select the iSCSI adapter &gt;&gt; Properties &gt;&gt; Authentication.\n\n    Click \\\"Edit...\\\". Set \\\"Authentication Method\\\" to \\\"Use bidirectional CHAP\\\" and enter a unique secret for each traffic flow direction.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostHba | Where {$_.Type -eq \\\"iscsi\\\"} | Set-VMHostHba -ChapType Required -ChapName \\\"chapname\\\" -ChapPassword \\\"password\\\" -MutualChapEnabled $true -MutualChapName \\\"mutualchapname\\\" -MutualChapPassword \\\"mutualpassword\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000379-VMM-001550'\n  tag gid: 'V-ESXI-80-000145'\n  tag rid: 'SV-ESXI-80-000145'\n  tag stig_id: 'ESXI-80-000145'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(command).stdout\n\n      if iscsi_hbas.empty?\n        impact 0.0\n        describe '' do\n          skip 'There are no iSCSI HBAs present so this control is Not Applicable'\n        end\n      else\n        command1 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty MutualChapEnabled\"\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'} | Select-Object -ExpandProperty AuthenticationProperties | Select-Object -ExpandProperty ChapType\"\n        describe powercli_command(command1) do\n          its('stdout.strip') { should cmp 'True' }\n        end\n        describe powercli_command(command2) do\n          its('stdout.strip') { should cmp 'Required' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST  :: SKIP_MESSAGE There are no iSCSI HBAs present so this control is Not Applicable</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-VMM-001700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000160</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.
 
-The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For environments that do not use vCenter server to manage ESXi, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
@@ -3271,10 +3139,10 @@ Review the VLAN associated with any vMotion VMkernel(s) and verify they are dedi
 
 If long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.
 
-If the vMotion port group is not on an isolated VLAN and&#x2F;or is routable to systems other than ESXi hosts, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuration of the vMotion VMkernel will be unique to each environment.
 
 As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:
@@ -3283,117 +3151,111 @@ From the vSphere Client, go to Networking.
 
 Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Click &quot;Edit&quot; and select VLAN.
-
-Change the &quot;VLAN Type&quot; to &quot;VLAN&quot; and change the &quot;VLAN ID&quot; to a network allocated and dedicated to vMotion traffic exclusively. Click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f90aecfb-f03a-4ddf-8750-bcec7db02884</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-
-There are no VMKernel adapters with vMotion enabled so this control is N&#x2F;A.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000425-VMM-001710</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000161</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Click "Edit" and select VLAN.
+
+Change the "VLAN Type" to "VLAN" and change the "VLAN ID" to a network allocated and dedicated to vMotion traffic exclusively. Click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000160' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic.'\n  desc  \"\n    While encrypted vMotion is available, vMotion traffic should still be sequestered from other traffic to further protect it from attack. This network must only be accessible to other ESXi hosts, preventing outside access to the network.\n\n    The vMotion VMkernel port group must be in a dedicated VLAN that can be on a standard or distributed virtual switch as long as the vMotion VLAN is not shared by any other function and is not routed to anything but ESXi hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.\n\n    Review the VLAN associated with any vMotion VMkernel(s) and verify they are dedicated for that purpose and are logically separated from other functions.\n\n    If long distance or cross vCenter vMotion is used the vMotion network can be routable but must be accessible to only the intended ESXi hosts.\n\n    If the vMotion port group is not on an isolated VLAN and/or is routable to systems other than ESXi hosts, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the vMotion VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to vMotion traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000160'\n  tag rid: 'SV-ESXI-80-000160'\n  tag stig_id: 'ESXI-80-000160'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VMotionEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      if vmks.empty?\n        describe '' do\n          skip 'There are no VMKernel adapters with vMotion enabled so this control is N/A.'\n        end\n      else\n        vmks.split.each do |vmk|\n          # Check to see if vMotion and any other services are enabled on the same VMkernel adapter\n          command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should be_empty }\n          end\n          # Get vMotion Port Group Name\n          command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n          pgname = powercli_command(command3).stdout.strip\n          # Test standard port groups\n          command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" -Standard | Select-Object -ExpandProperty VlanId\"\n          stdpgs = powercli_command(command4).stdout.strip\n          unless stdpgs.empty?\n            describe 'Checking standand port group VLAN ID' do\n              subject { stdpgs }\n              it { should cmp \"#{input('vMotionVlanId')}\" }\n            end\n          end\n          describe 'SA Interview' do\n            skip 'SA also needs to confirm this VLAN is dedicated to vMotion and not routable except to other ESXi hosts.'\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST  :: SKIP_MESSAGE There are no VMKernel adapters with vMotion enabled so this control is N/A.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000425-VMM-001710</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000161</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.
 
 Mandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.
@@ -3402,19 +3264,19 @@ On interfaces where required functionality is broken with TLS 1.2, this finding
 
 Modify TLS settings in the following order:
 1. vCenter.
-2. ESXi.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+2. ESXi.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.ESXiVPsDisabledProtocols&quot; value and verify it is set to &quot;sslv3,tlsv1,tlsv1.1&quot;.
+Select the "UserVars.ESXiVPsDisabledProtocols" value and verify it is set to "sslv3,tlsv1,tlsv1.1".
 
 or
 
@@ -3422,282 +3284,271 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols
 
-If the &quot;UserVars.ESXiVPsDisabledProtocols&quot; setting is set to a value other than &quot;sslv3,tlsv1,tlsv1.1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.ESXiVPsDisabledProtocols" setting is set to a value other than "sslv3,tlsv1,tlsv1.1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.ESXiVPsDisabledProtocols&quot; value and configure it to &quot;sslv3,tlsv1,tlsv1.1&quot;.
+Click "Edit". Select the "UserVars.ESXiVPsDisabledProtocols" value and configure it to "sslv3,tlsv1,tlsv1.1".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value &quot;sslv3,tlsv1,tlsv1.1&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>47d059d4-7cdc-4d0a-852b-684eb65394b4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;sslv3,tlsv1,tlsv1.1&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000478-VMM-001980</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000187</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value "sslv3,tlsv1,tlsv1.1"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000161' do\n  title 'The ESXi host must maintain the confidentiality and integrity of information during transmission by exclusively enabling Transport Layer Security (TLS) 1.2.'\n  desc  \"\n    TLS 1.0 and 1.1 are deprecated protocols with well-published shortcomings and vulnerabilities. TLS 1.2 should be enabled on all interfaces and SSLv3, TL 1.1, and 1.0 disabled, where supported.\n\n    Mandating TLS 1.2 may break third-party integrations and add-ons to vSphere. Test these integrations carefully after implementing TLS 1.2 and roll back where appropriate.\n\n    On interfaces where required functionality is broken with TLS 1.2, this finding is not applicable until such time as the third-party software supports TLS 1.2.\n\n    Modify TLS settings in the following order:\n    1. vCenter.\n    2. ESXi.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and verify it is set to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols\n\n    If the \\\"UserVars.ESXiVPsDisabledProtocols\\\" setting is set to a value other than \\\"sslv3,tlsv1,tlsv1.1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiVPsDisabledProtocols\\\" value and configure it to \\\"sslv3,tlsv1,tlsv1.1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Set-AdvancedSetting -Value \\\"sslv3,tlsv1,tlsv1.1\\\"\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000425-VMM-001710'\n  tag satisfies: ['SRG-OS-000426-VMM-001720']\n  tag gid: 'V-ESXI-80-000161'\n  tag rid: 'SV-ESXI-80-000161'\n  tag stig_id: 'ESXI-80-000161'\n  tag cci: ['CCI-002420', 'CCI-002422']\n  tag nist: ['SC-8 (2)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'sslv3,tlsv1,tlsv1.1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiVPsDisabledProtocols | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "sslv3,tlsv1,tlsv1.1"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000478-VMM-001980</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000187</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep ciphers
+# /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers
 
 Expected result:
 
 ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
 
 Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
 
-Note: The ciphers line must be after the FipsMode setting.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8a9fa0c1-8146-4ae3-9c2d-9fd5e47f1c7d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host DCUI.Access list must be verified.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Note: The ciphers line must be after the FipsMode setting.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000187' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to only use FIPS 140-2 validated ciphers.'\n  desc  'Use of weak or untested encryption algorithms undermines the purposes of utilizing encryption to protect data. ESXi must implement cryptographic modules adhering to the higher standards approved by the federal government since this provides assurance they have been tested and validated.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep ciphers\n\n    Expected result:\n\n    ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr\n\n    Note: The ciphers line must be after the FipsMode setting.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000478-VMM-001980'\n  tag gid: 'V-ESXI-80-000187'\n  tag rid: 'SV-ESXI-80-000187'\n  tag stig_id: 'ESXI-80-000187'\n  tag cci: ['CCI-002450']\n  tag nist: ['SC-13']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host DCUI.Access list must be verified.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.
 
-The &quot;DCUI.Access&quot; advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The "DCUI.Access" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For environments that do not use vCenter server to manage ESXi, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;DCUI.Access&quot; value and verify only the root user is listed.
+Select the "DCUI.Access" value and verify only the root user is listed.
 
 or
 
@@ -3705,137 +3556,132 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.
 
-If the &quot;DCUI.Access&quot; is not restricted to &quot;root&quot;, this is a finding.
+If the "DCUI.Access" is not restricted to "root", this is a finding.
 
-Note: This list is only for local user accounts and should only contain the root user.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Note: This list is only for local user accounts and should only contain the root user.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;DCUI.Access&quot; value and configure it to &quot;root&quot;.
+Click "Edit". Select the "DCUI.Access" value and configure it to "root".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value &quot;root&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>01eabde0-efee-49cc-b798-de49363c74e1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;root&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-VMM-000060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value "root"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000189' do\n  title 'The ESXi host DCUI.Access list must be verified.'\n  desc  \"\n    Lockdown mode disables direct host access, requiring that administrators manage hosts from vCenter Server. However, if a host becomes isolated from vCenter, the administrator is locked out and can no longer manage the host.\n\n    The \\\"DCUI.Access\\\" advanced setting allows specified users to exit lockdown mode in such a scenario. If the Direct Console User Interface (DCUI) is running in strict lockdown mode, this setting is ineffective.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"DCUI.Access\\\" value and verify only the root user is listed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access and verify it is set to root.\n\n    If the \\\"DCUI.Access\\\" is not restricted to \\\"root\\\", this is a finding.\n\n    Note: This list is only for local user accounts and should only contain the root user.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"DCUI.Access\\\" value and configure it to \\\"root\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name DCUI.Access | Set-AdvancedSetting -Value \\\"root\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000189'\n  tag rid: 'SV-ESXI-80-000189'\n  tag stig_id: 'ESXI-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'root' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name DCUI.Access | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "root"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-VMM-000060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
 
 System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
 
 The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:
 
-&quot;You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.
+"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.
 
 By using this IS (which includes any device attached to this IS), you consent to the following conditions:
 
@@ -3847,23 +3693,23 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.&quot;
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
 
 Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:
 
-&quot;I&#39;ve read (literal ampersand) consent to terms in IS user agreem&#39;t.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+"I've read (literal ampersand) consent to terms in IS user agreem't."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Config.Etc.issue&quot; value and verify it contains the standard mandatory DOD notice and consent banner.
+Select the "Config.Etc.issue" value and verify it contains the standard mandatory DOD notice and consent banner.
 
 or
 
@@ -3871,142 +3717,134 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue
 
-If the &quot;Config.Etc.issue&quot; setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Config.Etc.issue" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Config.Etc.issue&quot; value and set it to the following:
+Click "Edit". Select the "Config.Etc.issue" value and set it to the following:
 
-&quot;You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.&quot;
+"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value &quot;&lt;Banner text above&gt;&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ace3fadd-16a2-4b5f-8666-5b6e73bd34a9</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match &quot;You are accessing a U.S. Government&quot;
-expected &quot;&quot; to match &quot;You are accessing a U.S. Government&quot;
+Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value "&lt;Banner text above&gt;"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000191' do\n  title 'The ESXi host must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system via Secure Shell (SSH).'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Config.Etc.issue\\\" value and verify it contains the standard mandatory DOD notice and consent banner.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue\n\n    If the \\\"Config.Etc.issue\\\" setting does not contain the standard mandatory DOD notice and consent banner, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.Etc.issue\\\" value and set it to the following:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only. By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.Etc.issue | Set-AdvancedSetting -Value \\\"&lt;Banner text above&gt;\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000191'\n  tag rid: 'SV-ESXI-80-000191'\n  tag stig_id: 'ESXI-80-000191'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      result = powercli_command(\"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value\")\n      describe.one do\n        describe result do\n          its('stdout.strip') { should match 'You are accessing a U.S. Government' }\n        end\n        describe result do\n          its('stdout.strip') { should match \"I've read &amp; consent to terms in IS user agreem't\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match "You are accessing a U.S. Government" :: MESSAGE expected "" to match "You are accessing a U.S. Government"
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match &quot;I&#39;ve read &amp; consent to terms in IS user agreem&#39;t&quot;
-expected &quot;&quot; to match &quot;I&#39;ve read &amp; consent to terms in IS user agreem&#39;t&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000023-VMM-000060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.Etc.issue | Select-Object -ExpandProperty Value stdout.strip is expected to match "I've read &amp; consent to terms in IS user agreem't" :: MESSAGE expected "" to match "I've read &amp; consent to terms in IS user agreem't"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000023-VMM-000060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
 
 System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.
 
 The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:
 
-&quot;You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.
+"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.
 
 By using this IS (which includes any device attached to this IS), you consent to the following conditions:
 
@@ -4018,496 +3856,473 @@ By using this IS (which includes any device attached to this IS), you consent to
 
 -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.&quot;
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
 
 Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:
 
-&quot;I&#39;ve read (literal ampersand) consent to terms in IS user agreem&#39;t.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+"I've read (literal ampersand) consent to terms in IS user agreem't."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep banner
+# /usr/lib/vmware/openssh/bin/sshd -T | grep banner
 
 Expected result:
 
-banner &#x2F;etc&#x2F;issue
+banner /etc/issue
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, navigate to and open:
 
-&#x2F;etc&#x2F;ssh&#x2F;sshd_config
+/etc/ssh/sshd_config
 
-Ensure that the &quot;Banner&quot; line is uncommented and set to the following:
+Ensure that the "Banner" line is uncommented and set to the following:
 
-Banner &#x2F;etc&#x2F;issue
+Banner /etc/issue
 
 Restart SSH from the UI or run the following command:
 
-# &#x2F;etc&#x2F;init.d&#x2F;SSH restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7ae5b601-9784-4a3c-a326-964b65685df7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-VMM-000480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+# /etc/init.d/SSH restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000192' do\n  title 'The ESXi host Secure Shell (SSH) daemon must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the system.'\n  desc  \"\n    Display of a standardized and approved use notification before granting access to the host ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via logon interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with applicable DOD policy. Use the following verbiage for a host that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) VMM (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for VMMs that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep banner\n\n    Expected result:\n\n    banner /etc/issue\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, navigate to and open:\n\n    /etc/ssh/sshd_config\n\n    Ensure that the \\\"Banner\\\" line is uncommented and set to the following:\n\n    Banner /etc/issue\n\n    Restart SSH from the UI or run the following command:\n\n    # /etc/init.d/SSH restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000023-VMM-000060'\n  tag gid: 'V-ESXI-80-000192'\n  tag rid: 'SV-ESXI-80-000192'\n  tag stig_id: 'ESXI-80-000192'\n  tag cci: ['CCI-000048']\n  tag nist: ['AC-8 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-VMM-000480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.
 
-The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under Services, locate the &quot;SSH&quot; service and verify it is &quot;Stopped&quot;.
+Under Services, locate the "SSH" service and verify it is "Stopped".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;SSH&quot;}
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "SSH"}
 
-If the SSH service is &quot;Running&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the SSH service is "Running", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under &quot;Services&quot;, select the &quot;SSH&quot; service and click the &quot;Stop&quot; button.
+Under "Services", select the "SSH" service and click the "Stop" button.
 
-Click the &quot;Edit Startup policy...&quot; button.
+Click the "Edit Startup policy..." button.
 
-Select the &quot;Start and stop manually&quot; radio button.
+Select the "Start and stop manually" radio button.
 
-Click &quot;OK&quot;.
+Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;SSH&quot;} | Set-VMHostService -Policy Off
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;SSH&quot;} | Stop-VMHostService</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b0c6184a-3174-4571-b18b-38cea7c5e296</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002314</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002322</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;SSH&#39;} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp &#x3D;&#x3D; &quot;off&quot;
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "SSH"} | Set-VMHostService -Policy Off
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "SSH"} | Stop-VMHostService</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000193' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH).'\n  desc  \"\n    The ESXi Shell is an interactive command line interface (CLI) available at the ESXi server console. The ESXi shell provides temporary access to commands essential for server maintenance. Intended primarily for use in break-fix scenarios, the ESXi shell is well suited for checking and modifying configuration details, which are not always generally accessible, using the vSphere Client.\n\n    The ESXi shell is accessible remotely using SSH by users with the Administrator role. Under normal operating conditions, SSH access to the host must be disabled as is the default. As with the ESXi shell, SSH is also intended only for temporary use during break-fix scenarios. SSH must therefore be disabled under normal operating conditions and must only be enabled for diagnostics or troubleshooting. Remote access to the host must therefore be limited to the vSphere Client or Host Client at all other times.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under Services, locate the \\\"SSH\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"}\n\n    If the SSH service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under \\\"Services\\\", select the \\\"SSH\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"SSH\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag satisfies: ['SRG-OS-000297-VMM-001040', 'SRG-OS-000298-VMM-001050']\n  tag gid: 'V-ESXI-80-000193'\n  tag rid: 'SV-ESXI-80-000193'\n  tag stig_id: 'ESXI-80-000193'\n  tag cci: ['CCI-000381', 'CCI-002314', 'CCI-002322']\n  tag nist: ['AC-17 (1)', 'AC-17 (9)', 'CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002314</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002322</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == "off"
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;SSH&#39;} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
-
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'SSH'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == "false" :: MESSAGE 
 expected: false
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000095-VMM-000480</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000095-VMM-000480</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.
 
-The ESXi shell must only be turned on when needed to troubleshoot&#x2F;resolve problems that cannot be fixed through the vSphere client.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under Services, locate the &quot;ESXi Shell&quot; service and verify it is &quot;Stopped&quot;.
+Under Services, locate the "ESXi Shell" service and verify it is "Stopped".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;ESXi Shell&quot;}
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"}
 
-If the ESXi Shell service is &quot;Running&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the ESXi Shell service is "Running", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under &quot;Services&quot;, select the &quot;ESXi Shell&quot; service and click the &quot;Stop&quot; button.
+Under "Services", select the "ESXi Shell" service and click the "Stop" button.
 
-Click the &quot;Edit Startup policy...&quot; button.
+Click the "Edit Startup policy..." button.
 
-Select the &quot;Start and stop manually&quot; radio button.
+Select the "Start and stop manually" radio button.
 
-Click &quot;OK&quot;.
+Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;ESXi Shell&quot;} | Set-VMHostService -Policy Off
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;ESXi Shell&quot;} | Stop-VMHostService</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2b3d1681-947f-4298-b599-594515edf8c3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;ESXi Shell&#39;} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp &#x3D;&#x3D; &quot;off&quot;
-
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"} | Set-VMHostService -Policy Off
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "ESXi Shell"} | Stop-VMHostService</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000194' do\n  title 'The ESXi host must be configured to disable nonessential capabilities by disabling the ESXi shell.'\n  desc  \"\n    The ESXi Shell is an interactive command line environment available locally from the Direct Console User Interface (DCUI) or remotely via SSH. Activities performed from the ESXi Shell bypass vCenter role-based access control (RBAC) and audit controls.\n\n    The ESXi shell must only be turned on when needed to troubleshoot/resolve problems that cannot be fixed through the vSphere client.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under Services, locate the \\\"ESXi Shell\\\" service and verify it is \\\"Stopped\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"}\n\n    If the ESXi Shell service is \\\"Running\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under \\\"Services\\\", select the \\\"ESXi Shell\\\" service and click the \\\"Stop\\\" button.\n\n    Click the \\\"Edit Startup policy...\\\" button.\n\n    Select the \\\"Start and stop manually\\\" radio button.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"ESXi Shell\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000095-VMM-000480'\n  tag gid: 'V-ESXI-80-000194'\n  tag rid: 'SV-ESXI-80-000194'\n  tag stig_id: 'ESXI-80-000194'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == "off" :: MESSAGE 
 expected: off
      got: on
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;ESXi Shell&#39;} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
-
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'ESXi Shell'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == "false" :: MESSAGE 
 expected: false
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-VMM-000700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must automatically stop shell services after ten minutes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the &quot;ESXiShellTimeOut&quot;. The &quot;ESXiShellTimeOut&quot; defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-VMM-000700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must automatically stop shell services after ten minutes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the "ESXiShellTimeOut". The "ESXiShellTimeOut" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.ESXiShellTimeOut&quot; value and verify it is set to less than &quot;600&quot; and not &quot;0&quot;.
+Select the "UserVars.ESXiShellTimeOut" value and verify it is set to less than "600" and not "0".
 
 or
 
@@ -4515,150 +4330,142 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut
 
-If the &quot;UserVars.ESXiShellTimeOut&quot; setting is set to a value greater than &quot;600&quot; or &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.ESXiShellTimeOut" setting is set to a value greater than "600" or "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.ESXiShellTimeOut&quot; value and configure it to &quot;600&quot;.
+Click "Edit". Select the "UserVars.ESXiShellTimeOut" value and configure it to "600".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>cce10f03-2843-4292-8668-2b01a63072e1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;&#x3D; 600
+Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000195' do\n  title 'The ESXi host must automatically stop shell services after ten minutes.'\n  desc  'When the ESXi Shell or Secure Shell (SSH) services are enabled on a host, they will run indefinitely. To avoid having these services left running, set the \"ESXiShellTimeOut\". The \"ESXiShellTimeOut\" defines a window of time after which the ESXi Shell and SSH services will be stopped automatically.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.ESXiShellTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut\n\n    If the \\\"UserVars.ESXiShellTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.ESXiShellTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000195'\n  tag rid: 'SV-ESXI-80-000195'\n  tag stig_id: 'ESXI-80-000195'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp &lt;= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;= 600
 --------------------------------
-failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp &#x3D;&#x3D; 0
-
+failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.ESXiShellTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0 :: MESSAGE 
 expected: 0
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000163-VMM-000700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The &quot;DcuiTimeOut&quot; setting defines a window of time after which the DCUI will be logged out.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000163-VMM-000700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The "DcuiTimeOut" setting defines a window of time after which the DCUI will be logged out.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.DcuiTimeOut&quot; value and verify it is set to less than &quot;600&quot; and not &quot;0&quot;.
+Select the "UserVars.DcuiTimeOut" value and verify it is set to less than "600" and not "0".
 
 or
 
@@ -4666,146 +4473,140 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut
 
-If the &quot;UserVars.DcuiTimeOut&quot; setting is set to a value greater than &quot;600&quot; or &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.DcuiTimeOut" setting is set to a value greater than "600" or "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.DcuiTimeOut&quot; value and configure it to &quot;600&quot;.
+Click "Edit". Select the "UserVars.DcuiTimeOut" value and configure it to "600".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8241e592-233d-440b-8738-054cc5f38894</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;&#x3D; 600
+Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000196' do\n  title 'The ESXi host must set a timeout to automatically end idle DCUI sessions after ten minutes.'\n  desc  'When the Direct Console User Interface (DCUI) is enabled and logged in, it should be automatically logged out if left logged on to avoid access by unauthorized persons. The \"DcuiTimeOut\" setting defines a window of time after which the DCUI will be logged out.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.DcuiTimeOut\\\" value and verify it is set to less than \\\"600\\\" and not \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut\n\n    If the \\\"UserVars.DcuiTimeOut\\\" setting is set to a value greater than \\\"600\\\" or \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.DcuiTimeOut\\\" value and configure it to \\\"600\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Set-AdvancedSetting -Value 600\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000163-VMM-000700'\n  tag gid: 'V-ESXI-80-000196'\n  tag rid: 'SV-ESXI-80-000196'\n  tag stig_id: 'ESXI-80-000196'\n  tag cci: ['CCI-001133']\n  tag nist: ['SC-10']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp &lt;= 600 }\n        its('stdout.strip') { should_not cmp 0 }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &lt;= 600
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp &#x3D;&#x3D; 0</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-VMM-001700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.DcuiTimeOut | Select-Object -ExpandProperty Value stdout.strip is expected not to cmp == 0</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-VMM-001700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.
 
-The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.
 
-Review each VMkernel adapter that is used for management traffic and view the &quot;Enabled services&quot;.
+Review each VMkernel adapter that is used for management traffic and view the "Enabled services".
 
 Review the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.
 
@@ -4813,10 +4614,10 @@ If any services are enabled on any Management VMkernel adapter, this is a findin
 
 If the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.
 
-If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuration of the management VMkernel will be unique to each environment.
 
 As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:
@@ -4825,153 +4626,143 @@ From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.
 
-Select the Management VMkernel and click &quot;Edit&quot;. On the Port properties tab, uncheck all services except for &quot;Management&quot;. Click &quot;OK&quot;.
+Select the Management VMkernel and click "Edit". On the Port properties tab, uncheck all services except for "Management". Click "OK".
 
 From the vSphere Client, go to Networking.
 
 Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Click &quot;Edit&quot; and select VLAN.
-
-Change the &quot;VLAN Type&quot; to &quot;VLAN&quot; and change the &quot;VLAN ID&quot; to a network allocated and dedicated to management traffic exclusively. Click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fba04095-b741-4712-a506-edda7c24b0e2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.VMotionEnabled -eq &quot;True&quot; -or $_.FaultToleranceLoggingEnabled -eq &quot;True&quot; -or $_.VsanTrafficEnabled -eq &quot;True&quot; -or $_.VSphereReplicationEnabled -eq &quot;True&quot; -or $_.VSphereReplicationNFCEnabled -eq &quot;True&quot; -or $_.VSphereBackupNFCEnabled -eq &quot;True&quot;} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty
-expected &#x60;&quot;vmk0&quot;.empty?&#x60; to be truthy, got false
+Click "Edit" and select VLAN.
+
+Change the "VLAN Type" to "VLAN" and change the "VLAN ID" to a network allocated and dedicated to management traffic exclusively. Click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000198' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating ESXi management traffic.'\n  desc  \"\n    The vSphere management network provides access to the vSphere management interface on each component. Services running on the management interface provide an opportunity for an attacker to gain privileged access to the systems. Any remote attack most likely would begin with gaining entry to this network.\n\n    The Management VMkernel port group can be on a standard or distributed virtual switch but must be on a dedicated VLAN. The Management VLAN must not be shared by any other function and must not be accessible to anything other than management-related functions such as vCenter.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.\n\n    Review each VMkernel adapter that is used for management traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for management traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on any Management VMkernel adapter, this is a finding.\n\n    If the network segment is accessible, except to networks where other management-related entities are located such as vCenter, this is a finding.\n\n    If there are any other systems or devices such as VMs on the ESXi management segment, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of the management VMkernel will be unique to each environment.\n\n    As an example, to modify the IP address and VLAN information to the correct network on a distributed switch do the following:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.\n\n    Select the Management VMkernel and click \\\"Edit\\\". On the Port properties tab, uncheck all services except for \\\"Management\\\". Click \\\"OK\\\".\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Click \\\"Edit\\\" and select VLAN.\n\n    Change the \\\"VLAN Type\\\" to \\\"VLAN\\\" and change the \\\"VLAN ID\\\" to a network allocated and dedicated to management traffic exclusively. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000198'\n  tag rid: 'SV-ESXI-80-000198'\n  tag stig_id: 'ESXI-80-000198'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vmks = powercli_command(command).stdout\n\n      vmks.split.each do |vmk|\n        # Check to see if Management and any other services are enabled on the same VMkernel adapter\n        command2 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.VMotionEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n        describe powercli_command(command2) do\n          its('stdout.strip') { should be_empty }\n        end\n        # Get Management Port Group Name\n        command3 = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Select-Object -ExpandProperty PortGroupName\"\n        pgname = powercli_command(command3).stdout.strip\n        # Test standard port groups\n        command4 = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup -Name \\\"#{pgname}\\\" | Select-Object -ExpandProperty VlanId\"\n        stdpgs = powercli_command(command4).stdout.strip\n        unless stdpgs.empty?\n          describe 'Checking standand port group VLAN ID' do\n            subject { stdpgs }\n            it { should cmp \"#{input('mgtVlanId')}\" }\n          end\n        end\n        describe 'SA Interview' do\n          skip 'SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.VMotionEnabled -eq "True" -or $_.FaultToleranceLoggingEnabled -eq "True" -or $_.VsanTrafficEnabled -eq "True" -or $_.VSphereReplicationEnabled -eq "True" -or $_.VSphereReplicationNFCEnabled -eq "True" -or $_.VSphereBackupNFCEnabled -eq "True"} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty :: MESSAGE expected `"vmk0".empty?` to be truthy, got false
 --------------------------------
-failed
-Checking standand port group VLAN ID is expected to cmp &#x3D;&#x3D; &quot;101&quot;
-
+failed :: TEST Checking standand port group VLAN ID is expected to cmp == "101" :: MESSAGE 
 expected: 101
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-skipped
-SA Interview
-SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000423-VMM-001700</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+skipped :: TEST SA Interview :: SKIP_MESSAGE SA also needs to confirm this VLAN is dedicated to Management and not shared with VMs or other services.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000423-VMM-001700</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.
 
-To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If IP-based storage is not used, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.
 
-Review each VMkernel adapter that is used for IP-based storage traffic and view the &quot;Enabled services&quot;.
+Review each VMkernel adapter that is used for IP-based storage traffic and view the "Enabled services".
 
 Review the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.
 
@@ -4979,17 +4770,17 @@ If any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter
 
 If any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.
 
-If any IP-based storage networks are not isolated from other traffic types, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If any IP-based storage networks are not isolated from other traffic types, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Configuration of an IP-Based VMkernel will be unique to each environment.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.
 
-Select the VMkernel used for IP-based storage and click &quot;Edit&quot;. On the &quot;Port&quot; properties tab, uncheck all services. Click &quot;OK&quot;.
+Select the VMkernel used for IP-based storage and click "Edit". On the "Port" properties tab, uncheck all services. Click "OK".
 
 Note: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.
 
@@ -4997,1579 +4788,1508 @@ From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual switches.
 
-Find the port group that is dedicated to IP-based storage and click the &#39;...&#39; button next to the name. Click &quot;Edit Settings&quot;.
-
-On the &quot;Properties&quot; tab, change the &quot;VLAN ID&quot; to one dedicated for IP-based storage traffic. Click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e237bab2-5ab0-4f7f-a327-6e39a7867812</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.ManagementTrafficEnabled -eq &quot;True&quot; -or $_.FaultToleranceLoggingEnabled -eq &quot;True&quot; -or $_.VMotionEnabled -eq &quot;True&quot; -or $_.VSphereReplicationEnabled -eq &quot;True&quot; -or $_.VSphereReplicationNFCEnabled -eq &quot;True&quot; -or $_.VSphereBackupNFCEnabled -eq &quot;True&quot;} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty
-expected &#x60;&quot;vmk0&quot;.empty?&#x60; to be truthy, got false</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host lockdown mode exception users list must be verified.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>While a host is in lockdown mode (strict or normal), only users on the &quot;Exception Users&quot; list are allowed access. These users do not lose their permissions when the host enters lockdown mode.
-
-The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Find the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click "Edit Settings".
+
+On the "Properties" tab, change the "VLAN ID" to one dedicated for IP-based storage traffic. Click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000199' do\n  title 'The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.'\n  desc  \"\n    Virtual machines (VMs) might share virtual switches and VLANs with the IP-based storage configurations. IP-based storage includes vSAN, iSCSI, and NFS. This configuration might expose IP-based storage traffic to unauthorized VM users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from any other traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and VMs will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.\n\n    Review each VMkernel adapter that is used for IP-based storage traffic and view the \\\"Enabled services\\\".\n\n    Review the VLAN associated with each VMkernel that is used for IP-based storage traffic. Verify with the system administrator that they are dedicated for that purpose and are logically separated from other functions.\n\n    If any services are enabled on an NFS or iSCSI IP-based storage VMkernel adapter, this is a finding.\n\n    If any services are enabled on a vSAN VMkernel adapter other than vSAN, this is a finding.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-Based VMkernel will be unique to each environment.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.\n\n    Select the VMkernel used for IP-based storage and click \\\"Edit\\\". On the \\\"Port\\\" properties tab, uncheck all services. Click \\\"OK\\\".\n\n    Note: For VMkernels used for vSAN leave the vSAN service enabled and uncheck all others.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual switches.\n\n    Find the port group that is dedicated to IP-based storage and click the '...' button next to the name. Click \\\"Edit Settings\\\".\n\n    On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to one dedicated for IP-based storage traffic. Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000423-VMM-001700'\n  tag gid: 'V-ESXI-80-000199'\n  tag rid: 'SV-ESXI-80-000199'\n  tag stig_id: 'ESXI-80-000199'\n  tag cci: ['CCI-002418']\n  tag nist: ['SC-8']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      # Check for iSCSI HBAs\n      commandiscsihbas = \"Get-VMHost -Name #{vmhost} | Get-VMHostHba | Where {$_.Type -eq 'iscsi'}\"\n      iscsi_hbas = powercli_command(commandiscsihbas).stdout\n\n      # Check for vSAN VMkernels\n      commandvsanvmks = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -VMKernel | Where-Object {$_.VsanTrafficEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n      vsanvmks = powercli_command(commandvsanvmks).stdout\n\n      # Check for NFS Datastores\n      commandnfs = \"Get-VMHost -Name #{vmhost} | Get-Datastore | Where {$_.Type -eq 'NFS'} | Select-Object -ExpandProperty Name\"\n      nfsds = powercli_command(commandnfs).stdout\n\n      if iscsi_hbas.empty? &amp;&amp; vsanvmks.empty? &amp;&amp; nfsds.empty?\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not using IP-based storage, so this control is N/A.\"\n        end\n      else\n        # Do any iSCSI VMKs have any services enabled?\n        commandivmks = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.iscsi.networkportal.list.Invoke() | Select-Object -ExpandProperty Vmknic\"\n        ivmks = powercli_command(commandivmks).stdout\n        ivmks.split.each do |ivmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{ivmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.VsanTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Does the vSAN VMK have any other services enabled?\n        vsanvmks.split.each do |vmk|\n          commandvsck = \"Get-VMHost -Name #{vmhost} | Get-VMHostNetworkAdapter -Name #{vmk} | Where-Object {$_.ManagementTrafficEnabled -eq \\\"True\\\" -or $_.FaultToleranceLoggingEnabled -eq \\\"True\\\" -or $_.VMotionEnabled -eq \\\"True\\\" -or $_.VSphereReplicationEnabled -eq \\\"True\\\" -or $_.VSphereReplicationNFCEnabled -eq \\\"True\\\" -or $_.VSphereBackupNFCEnabled -eq \\\"True\\\"} | Select-Object -ExpandProperty DeviceName\"\n          describe powercli_command(commandvsck) do\n            its('stdout.strip') { should be_empty }\n          end\n        end\n        # Do any VMKs used for NFS storage have any services enabled?\n        unless nfsds.empty?\n          describe '' do\n            skip \"The ESXi host #{vmhost} has NFS datastores and requires manual validation.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostNetworkAdapter -Name vmk0 | Where-Object {$_.ManagementTrafficEnabled -eq "True" -or $_.FaultToleranceLoggingEnabled -eq "True" -or $_.VMotionEnabled -eq "True" -or $_.VSphereReplicationEnabled -eq "True" -or $_.VSphereReplicationNFCEnabled -eq "True" -or $_.VSphereBackupNFCEnabled -eq "True"} | Select-Object -ExpandProperty DeviceName stdout.strip is expected to be empty :: MESSAGE expected `"vmk0".empty?` to be truthy, got false</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host lockdown mode exception users list must be verified.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>While a host is in lockdown mode (strict or normal), only users on the "Exception Users" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.
+
+The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For environments that do not use vCenter server to manage ESXi, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.
 
-Under &quot;Lockdown Mode&quot;, review the Exception Users list.
+Under "Lockdown Mode", review the Exception Users list.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following script:
 
-$vmhost &#x3D; Get-VMHost | Get-View
-$lockdown &#x3D; Get-View $vmhost.ConfigManager.HostAccessManager
+$vmhost = Get-VMHost | Get-View
+$lockdown = Get-View $vmhost.ConfigManager.HostAccessManager
 $lockdown.QueryLockdownExceptions()
 
 If the Exception Users list contains accounts that do not require special permissions, this is a finding.
 
-Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.
 
-Under &quot;Lockdown Mode&quot;, click &quot;Edit&quot; and remove unnecessary users from the Exception Users list.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9ced8256-c31b-4b1b-a57a-80145296ec26</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Exception users for host: 10.186.25.26 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000202</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000202</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000202</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH&#39;s cryptographic host-based authentication is more secure than &quot;.rhosts&quot; authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Under "Lockdown Mode", click "Edit" and remove unnecessary users from the Exception Users list.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000201' do\n  title 'The ESXi host lockdown mode exception users list must be verified.'\n  desc  \"\n    While a host is in lockdown mode (strict or normal), only users on the \\\"Exception Users\\\" list are allowed access. These users do not lose their permissions when the host enters lockdown mode.\n\n    The organization may want to add service accounts such as a backup agent to the Exception Users list. Verify the list of users exempted from losing permissions is legitimate and as needed per the environment. Adding unnecessary users to the exception list defeats the purpose of lockdown mode.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.\n\n    Under \\\"Lockdown Mode\\\", review the Exception Users list.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following script:\n\n    $vmhost = Get-VMHost | Get-View\n    $lockdown = Get-View $vmhost.ConfigManager.HostAccessManager\n    $lockdown.QueryLockdownExceptions()\n\n    If the Exception Users list contains accounts that do not require special permissions, this is a finding.\n\n    Note: The Exception Users list is empty by default and should remain that way except under site-specific circumstances.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Security Profile.\n\n    Under \\\"Lockdown Mode\\\", click \\\"Edit\\\" and remove unnecessary users from the Exception Users list.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000201'\n  tag rid: 'SV-ESXI-80-000201'\n  tag stig_id: 'ESXI-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost} | Get-View; (Get-View $vmhost.ConfigManager.HostAccessManager).QueryLockdownExceptions()\"\n      results = powercli_command(command).stdout\n      if !results.empty?\n        results.split.each do |exceptionUser|\n          describe \"Exception user: #{exceptionUser} on host: #{vmhost}\" do\n            subject { exceptionUser }\n            it { should be_in \"#{input('exceptionUsers')}\" }\n          end\n        end\n      else\n        describe \"Exception users for host: #{vmhost}\" do\n          subject { results }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Exception users for host: 10.186.25.26 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000202</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000202</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000202</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than ".rhosts" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep hostbasedauthentication
+# /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication
 
 Expected result:
 
 hostbasedauthentication no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-HostbasedAuthentication no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a99504c2-9fbf-471d-8d9c-777f92270782</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+HostbasedAuthentication no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000202' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication.'\n  desc  \"SSH trust relationships mean a compromise on one host can allow an attacker to move trivially to other hosts. SSH's cryptographic host-based authentication is more secure than \\\".rhosts\\\" authentication, since hosts are cryptographically authenticated. However, it is not recommended that hosts unilaterally trust one another, even within an organization.\"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep hostbasedauthentication\n\n    Expected result:\n\n    hostbasedauthentication no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    HostbasedAuthentication no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000202'\n  tag rid: 'SV-ESXI-80-000202'\n  tag stig_id: 'ESXI-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep permitemptypasswords
+# /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords
 
 Expected result:
 
 permitemptypasswords no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-PermitEmptyPasswords no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c33b2bfa-c26a-4e56-a436-affb751e6431</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000204</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000204</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000204</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+PermitEmptyPasswords no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000203' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password.'\n  desc  'Configuring this setting for the SSH daemon provides additional assurance that remote logon via SSH will require a password, even in the event of misconfiguration elsewhere.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permitemptypasswords\n\n    Expected result:\n\n    permitemptypasswords no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitEmptyPasswords no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000203'\n  tag rid: 'SV-ESXI-80-000203'\n  tag stig_id: 'ESXI-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000204</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000204</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000204</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep permituserenvironment
+# /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment
 
 Expected result:
 
 permituserenvironment no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-PermitUserEnvironment no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>48a278ea-c630-4183-b7ac-b8c6cb73de63</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+PermitUserEnvironment no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000204' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.'\n  desc  'SSH environment options potentially allow users to bypass access restriction in some configurations. Users must not be able to present environment options to the SSH daemon.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permituserenvironment\n\n    Expected result:\n\n    permituserenvironment no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitUserEnvironment no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000204'\n  tag rid: 'SV-ESXI-80-000204'\n  tag stig_id: 'ESXI-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep strictmodes
+# /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes
 
 Expected result:
 
 strictmodes yes
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-StrictModes yes</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>eed8276e-4804-4a35-9170-2cf2a9f058b3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000206</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000206</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000206</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not allow compression.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+StrictModes yes</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000205' do\n  title 'The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.'\n  desc  'If other users have access to modify user-specific SSH configuration files, they may be able to log on the system as another user.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep strictmodes\n\n    Expected result:\n\n    strictmodes yes\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    StrictModes yes\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000205'\n  tag rid: 'SV-ESXI-80-000205'\n  tag stig_id: 'ESXI-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000206</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000206</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000206</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not allow compression.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep compression
+# /usr/lib/vmware/openssh/bin/sshd -T | grep compression
 
 Expected result:
 
 compression no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-Compression no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d581a3f4-55ec-49db-9bc5-5fd658749370</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+Compression no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000206' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not allow compression.'\n  desc  'If compression is allowed in an SSH connection prior to authentication, vulnerabilities in the compression software could result in compromise of the system from an unauthenticated connection, potentially with root privileges.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep compression\n\n    Expected result:\n\n    compression no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    Compression no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000206'\n  tag rid: 'SV-ESXI-80-000206'\n  tag stig_id: 'ESXI-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep gatewayports
+# /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports
 
 Expected result:
 
 gatewayports no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-GatewayPorts no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7f16f2d9-6607-454f-8f78-220511cbe73b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000208</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000208</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000208</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+GatewayPorts no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000207' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.'\n  desc  'SSH Transmission Control Protocol (TCP) connection forwarding provides a mechanism to establish TCP connections proxied by the SSH server. This function can provide convenience similar to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs). Gateway ports allow remote forwarded ports to bind to nonloopback addresses on the server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep gatewayports\n\n    Expected result:\n\n    gatewayports no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    GatewayPorts no\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000207'\n  tag rid: 'SV-ESXI-80-000207'\n  tag stig_id: 'ESXI-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000208</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000208</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000208</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep x11forwarding
+# /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding
 
 Expected result:
 
 x11forwarding no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-X11Forwarding no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fb93a36b-3731-4028-969c-dfbedfd6dfaf</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not permit tunnels.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+X11Forwarding no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000208' do\n  title 'The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding.'\n  desc  'X11 forwarding over SSH allows for the secure remote execution of X11-based applications. This feature can increase the attack surface of an SSH connection.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep x11forwarding\n\n    Expected result:\n\n    x11forwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    X11Forwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000208'\n  tag rid: 'SV-ESXI-80-000208'\n  tag stig_id: 'ESXI-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must not permit tunnels.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep permittunnel
+# /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel
 
 Expected result:
 
 permittunnel no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-PermitTunnel no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c8af399d-c64f-4962-8b1d-feb67926510e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Setting a timeout ensures that a user login will be terminated as soon as the &quot;ClientAliveCountMax&quot; is reached.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+PermitTunnel no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000209' do\n  title 'The ESXi host Secure Shell (SSH) daemon must not permit tunnels.'\n  desc  'OpenSSH has the ability to create network tunnels (layer 2 and layer 3) over an SSH connection. This function can provide similar convenience to a virtual private network (VPN) with the similar risk of providing a path to circumvent firewalls and network Access Control Lists (ACLs).'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep permittunnel\n\n    Expected result:\n\n    permittunnel no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    PermitTunnel no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000209'\n  tag rid: 'SV-ESXI-80-000209'\n  tag stig_id: 'ESXI-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Setting a timeout ensures that a user login will be terminated as soon as the "ClientAliveCountMax" is reached.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep clientalivecountmax
+# /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax
 
 Expected result:
 
 clientalivecountmax 3
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-ClientAliveCountMax 3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9284ae99-9363-4abc-9a33-262a087a5b5b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Automatically logging out idle users guards against compromises via hijacked administrative sessions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+ClientAliveCountMax 3</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000210' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions.'\n  desc  'Setting a timeout ensures that a user login will be terminated as soon as the \"ClientAliveCountMax\" is reached.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientalivecountmax\n\n    Expected result:\n\n    clientalivecountmax 3\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveCountMax 3\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000210'\n  tag rid: 'SV-ESXI-80-000210'\n  tag stig_id: 'ESXI-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Automatically logging out idle users guards against compromises via hijacked administrative sessions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep clientaliveinterval
+# /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval
 
 Expected result:
 
 clientaliveinterval 200
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-ClientAliveInterval 200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>65af0ad5-98d6-4efe-9d70-2910ace9e8ee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000212</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000212</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000212</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+ClientAliveInterval 200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000211' do\n  title 'The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.'\n  desc  'Automatically logging out idle users guards against compromises via hijacked administrative sessions.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep clientaliveinterval\n\n    Expected result:\n\n    clientaliveinterval 200\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    ClientAliveInterval 200\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000211'\n  tag rid: 'SV-ESXI-80-000211'\n  tag stig_id: 'ESXI-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000212</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000212</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000212</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
 # esxcli system snmp get
@@ -6584,10 +6304,10 @@ If SNMP is not in use and is enabled, this is a finding.
 
 If SNMP is enabled and is not using v3 targets with authentication, this is a finding.
 
-Note: SNMP v3 targets can only be viewed and configured via the &quot;esxcli&quot; command.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Note: SNMP v3 targets can only be viewed and configured via the "esxcli" command.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>To disable SNMP from an ESXi shell, run the following command:
 
 # esxcli system snmp set -e no
@@ -6596,129 +6316,124 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi Host:
 
-Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b5b69aaa-03da-40d3-9f7f-48d791a096a4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000212' do\n  title 'The ESXi host must disable Simple Network Management Protocol (SNMP) v1 and v2c.'\n  desc  'If SNMP is not being used, it must remain disabled. If it is being used, the proper trap destination must be configured. If SNMP is not properly configured, monitoring information can be sent to a malicious host that can use this information to plan an attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system snmp get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostSnmp | Select *\n\n    If SNMP is not in use and is enabled, this is a finding.\n\n    If SNMP is enabled and is not using v3 targets with authentication, this is a finding.\n\n    Note: SNMP v3 targets can only be viewed and configured via the \\\"esxcli\\\" command.\n  \"\n  desc 'fix', \"\n    To disable SNMP from an ESXi shell, run the following command:\n\n    # esxcli system snmp set -e no\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi Host:\n\n    Get-VMHostSnmp | Set-VMHostSnmp -Enabled $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000212'\n  tag rid: 'SV-ESXI-80-000212'\n  tag stig_id: 'ESXI-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    if \"#{input('snmpEnabled')}\" == 'false'\n      vmhosts.each do |vmhost|\n        command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'false' }\n        end\n      end\n    else\n      describe 'SNMP Enabled' do\n        skip 'Manually verify SNMP v3 is configured correctly and v2 is not used.'\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.snmp.get.Invoke() | Select-Object -ExpandProperty enable stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.
 
-Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Mem.ShareForceSalting&quot; value and verify it is set to &quot;2&quot;.
+Select the "Mem.ShareForceSalting" value and verify it is set to "2".
 
 or
 
@@ -6726,142 +6441,137 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting
 
-If the &quot;Mem.ShareForceSalting&quot; setting is not set to 2, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Mem.ShareForceSalting" setting is not set to 2, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Mem.ShareForceSalting&quot; value and set it to &quot;2&quot;.
+Click "Edit". Select the "Mem.ShareForceSalting" value and set it to "2".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d8e200ef-60d4-4582-b221-103f877a0ca8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;2&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure the firewall to block network traffic by default.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000213' do\n  title 'The ESXi host must disable Inter-Virtual Machine (VM) Transparent Page Sharing.'\n  desc  \"\n    Published academic papers have demonstrated that by forcing a flush and reload of cache memory, it is possible to measure memory timings to try to determine an Advanced Encryption Standard (AES) encryption key in use on another virtual machine running on the same physical processor of the host server if Transparent Page Sharing (TPS) is enabled between the two VMs. This technique works only in a highly controlled system configured in a nonstandard way that VMware believes would not be recreated in a production environment.\n\n    Although VMware believes information being disclosed in real-world conditions is unrealistic, out of an abundance of caution, upcoming ESXi Update releases will no longer enable TPS between VMs by default (TPS will still be used within individual VMs).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Mem.ShareForceSalting\\\" value and verify it is set to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting\n\n    If the \\\"Mem.ShareForceSalting\\\" setting is not set to 2, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.ShareForceSalting\\\" value and set it to \\\"2\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.ShareForceSalting | Set-AdvancedSetting -Value 2\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000213'\n  tag rid: 'SV-ESXI-80-000213'\n  tag stig_id: 'ESXI-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '2' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.ShareForceSalting | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "2"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000214</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000214</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000214</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure the firewall to block network traffic by default.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
 # esxcli network firewall get
 
-If the &quot;Default Action&quot; does not equal &quot;DROP&quot;, this is a finding.
-If &quot;Enabled&quot; does not equal &quot;true&quot;, this is a finding.
+If the "Default Action" does not equal "DROP", this is a finding.
+If "Enabled" does not equal "true", this is a finding.
 
 or
 
@@ -6869,143 +6579,138 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHostFirewallDefaultPolicy
 
-If the Incoming or Outgoing policies are &quot;True&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the Incoming or Outgoing policies are "True", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# esxcli network firewall set --default-action&#x3D;false
+# esxcli network firewall set --default-action=false
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>637e507d-69c5-4082-b6d3-769fa00cc42f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostFirewallDefaultPolicy stdout.strip is expected not to match &quot;True&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000215</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000215</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000215</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000214' do\n  title 'The ESXi host must configure the firewall to block network traffic by default.'\n  desc  'In addition to service-specific firewall rules, ESXi has a default firewall rule policy to allow or deny incoming and outgoing traffic. Reduce the risk of attack by ensuring this is set to deny incoming and outgoing traffic.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall get\n\n    If the \\\"Default Action\\\" does not equal \\\"DROP\\\", this is a finding.\n    If \\\"Enabled\\\" does not equal \\\"true\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy\n\n    If the Incoming or Outgoing policies are \\\"True\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli network firewall set --default-action=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHostFirewallDefaultPolicy | Set-VMHostFirewallDefaultPolicy -AllowIncoming $false -AllowOutgoing $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000214'\n  tag rid: 'SV-ESXI-80-000214'\n  tag stig_id: 'ESXI-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostFirewallDefaultPolicy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostFirewallDefaultPolicy stdout.strip is expected not to match "True"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000215</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000215</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000215</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.
 
 If a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.
 
-The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Net.BlockGuestBPDU&quot; value and verify it is set to &quot;1&quot;.
+Select the "Net.BlockGuestBPDU" value and verify it is set to "1".
 
 or
 
@@ -7013,149 +6718,144 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU
 
-If the &quot;Net.BlockGuestBPDU&quot; setting is not set to &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Net.BlockGuestBPDU" setting is not set to "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Net.BlockGuestBPDU&quot; value and configure it to &quot;1&quot;.
+Click "Edit". Select the "Net.BlockGuestBPDU" value and configure it to "1".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9ca291e1-fdaa-41f7-92d1-6a57f108e2c3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;1&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000216</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure virtual switch security policies to reject forged transmits.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000215' do\n  title 'The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled.'\n  desc  \"\n    BPDU Guard and Portfast are commonly enabled on the physical switch to which the ESXi host is directly connected to reduce the Spanning Tree Protocol (STP) convergence delay.\n\n    If a BPDU packet is sent from a virtual machine (VM) on the ESXi host to the physical switch configured as stated above, a cascading lockout of all the uplink interfaces from the ESXi host can occur. To prevent this type of lockout, BPDU Filter can be enabled on the ESXi host to drop any BPDU packets being sent to the physical switch.\n\n    The caveat is that certain Secure Socket Layer (SSL) virtual private networks that use Windows bridging capability can legitimately generate BPDU packets. The administrator should verify no legitimate BPDU packets are generated by VMs on the ESXi host prior to enabling BPDU Filter. If BPDU Filter is enabled in this situation, enabling Reject Forged Transmits on the virtual switch port group adds protection against Spanning Tree loops.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Net.BlockGuestBPDU\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU\n\n    If the \\\"Net.BlockGuestBPDU\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.BlockGuestBPDU\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000215'\n  tag rid: 'SV-ESXI-80-000215'\n  tag stig_id: 'ESXI-80-000215'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.BlockGuestBPDU | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "1"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000216</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure virtual switch security policies to reject forged transmits.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.
 
 This means the virtual switch does not compare the source and effective MAC addresses.
 
-To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and&#x2F;or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-On each standard switch, click the &#39;...&#39; button next to each port group and select &quot;Edit Settings&quot;.
+On each standard switch, click the '...' button next to each port group and select "Edit Settings".
 
-Click the &quot;Security&quot; tab. Verify that &quot;Forged transmits&quot; is set to &quot;Reject&quot; and that &quot;Override&quot; is not checked.
+Click the "Security" tab. Verify that "Forged transmits" is set to "Reject" and that "Override" is not checked.
 
 or
 
@@ -7164,157 +6864,151 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 Get-VirtualSwitch | Get-SecurityPolicy
 Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *
 
-If the &quot;Forged Transmits&quot; policy is set to &quot;Accept&quot; (or &quot;true&quot;, via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Forged Transmits" policy is set to "Accept" (or "true", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-On each standard switch, click &quot;Edit&quot; and select Security.
+On each standard switch, click "Edit" and select Security.
 
-Set &quot;Forged transmits&quot; to &quot;Reject&quot;. Click &quot;OK&quot;.
+Set "Forged transmits" to "Reject". Click "OK".
 
-For each port group, click the &#39;...&#39; button and select &quot;Edit Settings&quot; then Security.
+For each port group, click the '...' button and select "Edit Settings" then Security.
 
-Set &quot;Forged transmits&quot; to &quot;Reject&quot; and uncheck the &quot;Override&quot; box. Click &quot;OK&quot;.
+Set "Forged transmits" to "Reject" and uncheck the "Override" box. Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
 Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false
-Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b10712a8-9385-4bfd-8d04-9eebf3a814b3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match &quot;True&quot;
+Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000216' do\n  title 'The ESXi host must configure virtual switch security policies to reject forged transmits.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This means the virtual switch does not compare the source and effective MAC addresses.\n\n    To protect against MAC address impersonation, all virtual switches must have forged transmissions set to reject. Reject Forged Transmit can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Note: This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Forged transmits\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Forged Transmits\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Forged transmits\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmits $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -ForgedTransmitsInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000216'\n  tag rid: 'SV-ESXI-80-000216'\n  tag stig_id: 'ESXI-80-000216'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match "True"
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match &quot;True&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000217</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000217</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000217</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected not to match "True"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000217</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000217</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000217</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.
 
-This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. &quot;Reject MAC Changes&quot; can be set at the vSwitch and&#x2F;or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. "Reject MAC Changes" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-On each standard switch, click the &#39;...&#39; button next to each port group and select &quot;Edit Settings&quot;.
+On each standard switch, click the '...' button next to each port group and select "Edit Settings".
 
-Click the &quot;Security&quot; tab. Verify that &quot;MAC Address Changes&quot; is set to &quot;Reject&quot; and that &quot;Override&quot; is not checked.
+Click the "Security" tab. Verify that "MAC Address Changes" is set to "Reject" and that "Override" is not checked.
 
 or
 
@@ -7323,157 +7017,151 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 Get-VirtualSwitch | Get-SecurityPolicy
 Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *
 
-If the &quot;MAC Address Changes&quot; policy is set to &quot;Accept&quot; (or &quot;true&quot;, via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "MAC Address Changes" policy is set to "Accept" (or "true", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-On each standard switch, click &quot;Edit&quot; and select Security.
+On each standard switch, click "Edit" and select Security.
 
-Set &quot;MAC Address Changes&quot; to &quot;Reject&quot;. Click &quot;OK&quot;.
+Set "MAC Address Changes" to "Reject". Click "OK".
 
-For each port group, click the &#39;...&#39; button and select &quot;Edit Settings&quot; then Security.
+For each port group, click the '...' button and select "Edit Settings" then Security.
 
-Set &quot;MAC Address Changes&quot; to &quot;Reject&quot; and uncheck the &quot;Override&quot; box. Click &quot;OK&quot;.
+Set "MAC Address Changes" to "Reject" and uncheck the "Override" box. Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
 Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false
-Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9813f8a3-2fb4-47e4-a843-590fa19e650b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match &quot;True&quot;
+Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000217' do\n  title 'The ESXi host must configure virtual switch security policies to reject Media Access Control (MAC) address changes.'\n  desc  \"\n    If the virtual machine (VM) operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent VMs from changing their effective MAC address, which will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing. \\\"Reject MAC Changes\\\" can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"MAC Address Changes\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"MAC Address Changes\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -MacChanges $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -MacChangesInherited $true\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000217'\n  tag rid: 'SV-ESXI-80-000217'\n  tag stig_id: 'ESXI-80-000217'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match "True"
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match &quot;True&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000218</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000218</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000218</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected not to match "True"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000218</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000218</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000218</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).
 
-Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and&#x2F;or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-On each standard switch, click the &#39;...&#39; button next to each port group and select &quot;Edit Settings&quot;.
+On each standard switch, click the '...' button next to each port group and select "Edit Settings".
 
-Click the &quot;Security&quot; tab. Verify that &quot;Promiscuous Mode&quot; is set to &quot;Reject&quot; and that &quot;Override&quot; is not checked.
+Click the "Security" tab. Verify that "Promiscuous Mode" is set to "Reject" and that "Override" is not checked.
 
 or
 
@@ -7482,155 +7170,149 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 Get-VirtualSwitch | Get-SecurityPolicy
 Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *
 
-If the &quot;Promiscuous Mode&quot; policy is set to &quot;Accept&quot; (or &quot;true&quot;, via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Promiscuous Mode" policy is set to "Accept" (or "true", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-On each standard switch, click &quot;Edit&quot; and select Security.
+On each standard switch, click "Edit" and select Security.
 
-Set &quot;Promiscuous Mode&quot; to &quot;Reject&quot;. Click &quot;OK&quot;.
+Set "Promiscuous Mode" to "Reject". Click "OK".
 
-For each port group, click the &#39;...&#39; button and select &quot;Edit Settings&quot; then Security.
+For each port group, click the '...' button and select "Edit Settings" then Security.
 
-Set &quot;Promiscuous Mode&quot; to &quot;Reject&quot; and uncheck the &quot;Override&quot; box. Click &quot;OK&quot;.
+Set "Promiscuous Mode" to "Reject" and uncheck the "Override" box. Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
 Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false
-Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7a182848-19af-4af2-a4ac-85388b203856</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match &quot;True&quot;
+Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000218' do\n  title 'The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines (VMs) connected to the Portgroup have the potential to read all packets across that network (only the virtual machines connected to that Portgroup).\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting. Promiscuous mode can be set at the vSwitch and/or the Portgroup level. Switch-level settings can be overridden at the Portgroup level.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    On each standard switch, click the '...' button next to each port group and select \\\"Edit Settings\\\".\n\n    Click the \\\"Security\\\" tab. Verify that \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\" and that \\\"Override\\\" is not checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy\n    Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object *\n\n    If the \\\"Promiscuous Mode\\\" policy is set to \\\"Accept\\\" (or \\\"true\\\", via PowerCLI) or the security policy inherited from the virtual switch is overridden, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    On each standard switch, click \\\"Edit\\\" and select Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\". Click \\\"OK\\\".\n\n    For each port group, click the '...' button and select \\\"Edit Settings\\\" then Security.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\" and uncheck the \\\"Override\\\" box. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VirtualSwitch | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuous $false\n    Get-VirtualPortGroup | Get-SecurityPolicy | Set-SecurityPolicy -AllowPromiscuousInherited $true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000218'\n  tag rid: 'SV-ESXI-80-000218'\n  tag stig_id: 'ESXI-80-000218'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match 'True' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualSwitch | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match "True"
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match &quot;True&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000219</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000219</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000219</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must restrict use of the dvFilter network application programming interface (API).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Get-SecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected not to match "True"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000219</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000219</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000219</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must restrict use of the dvFilter network application programming interface (API).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).
 
 If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.
 
-If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Net.DVFilterBindIpAddress&quot; value and verify the value is blank or the correct IP address of a security appliance if in use.
+Select the "Net.DVFilterBindIpAddress" value and verify the value is blank or the correct IP address of a security appliance if in use.
 
 or
 
@@ -7638,145 +7320,140 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress
 
-If the &quot;Net.DVFilterBindIpAddress&quot; setting is not blank and security appliances are not in use on the host, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Net.DVFilterBindIpAddress" setting is not blank and security appliances are not in use on the host, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Net.DVFilterBindIpAddress&quot; value and remove any incorrect addresses.
+Click "Edit". Select the "Net.DVFilterBindIpAddress" value and remove any incorrect addresses.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value &quot;&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>802ad697-cf1f-463f-8f4d-28d43e2c732f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value ""</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000219' do\n  title 'The ESXi host must restrict use of the dvFilter network application programming interface (API).'\n  desc  \"\n    If the organization is not using products that use the dvfilter network API, the host should not be configured to send network information to a virtual machine (VM).\n\n    If the API is enabled, an attacker might attempt to connect a virtual machine to it, potentially providing access to the network of other VMs on the host.\n\n    If using a product that makes use of this API, verify the host has been configured correctly. If not using such a product, ensure the setting is blank.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Net.DVFilterBindIpAddress\\\" value and verify the value is blank or the correct IP address of a security appliance if in use.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress\n\n    If the \\\"Net.DVFilterBindIpAddress\\\" setting is not blank and security appliances are not in use on the host, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Net.DVFilterBindIpAddress\\\" value and remove any incorrect addresses.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Set-AdvancedSetting -Value \\\"\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000219'\n  tag rid: 'SV-ESXI-80-000219'\n  tag stig_id: 'ESXI-80-000219'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Net.DVFilterBindIpAddress | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == ""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.
 
-VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-For each standard switch, review the &quot;VLAN ID&quot; on each port group and verify it is not set to &quot;4095&quot;.
+For each standard switch, review the "VLAN ID" on each port group and verify it is not set to "4095".
 
 or
 
@@ -7784,143 +7461,138 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VirtualPortGroup | Select Name, VLanID
 
-If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.
 
-For each port group on a standard switch that is configured to a native VLAN, click the &#39;...&#39; button next to the port group.
+For each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.
 
-Click &quot;Edit Settings&quot;. On the &quot;Properties&quot; tab, change the &quot;VLAN ID&quot; to an appropriate VLAN ID. Click &quot;OK&quot;.
+Click "Edit Settings". On the "Properties" tab, change the "VLAN ID" to an appropriate VLAN ID. Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VirtualPortGroup -Name &quot;portgroup name&quot; | Set-VirtualPortGroup -VLanId &quot;New VLAN#&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>154c68f2-292a-470f-b7ac-bcffe1dd4477</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId stdout.strip is expected not to match &quot;4095&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000221</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000221</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000221</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must have all security patches and updates installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VirtualPortGroup -Name "portgroup name" | Set-VirtualPortGroup -VLanId "New VLAN#"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000220' do\n  title 'The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches.'\n  desc  \"\n    When a port group is set to VLAN 4095, the vSwitch passes all network frames to the attached virtual machines (VMs) without modifying the VLAN tags. In vSphere, this is referred to as VGT. The VM must process the VLAN information itself via an 802.1Q driver in the operating system.\n\n    VLAN 4095 must only be implemented if the attached VMs have been specifically authorized and are capable of managing VLAN tags themselves. If VLAN 4095 is enabled inappropriately, it may cause denial of service or allow a VM to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    This control addresses ESXi standard switches. Distributed switches are addressed in the vCenter STIG. If there is no standard switch on the ESXi host, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    For each standard switch, review the \\\"VLAN ID\\\" on each port group and verify it is not set to \\\"4095\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup | Select Name, VLanID\n\n    If any port group is configured with VLAN 4095 and is not documented as a needed exception, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; Networking &gt;&gt; Virtual Switches.\n\n    For each port group on a standard switch that is configured to a native VLAN, click the '...' button next to the port group.\n\n    Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, change the \\\"VLAN ID\\\" to an appropriate VLAN ID. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VirtualPortGroup -Name \\\"portgroup name\\\" | Set-VirtualPortGroup -VLanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000220'\n  tag rid: 'SV-ESXI-80-000220'\n  tag stig_id: 'ESXI-80-000220'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not match '4095' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VirtualPortGroup | Select-Object -ExpandProperty VlanId stdout.strip is expected not to match "4095"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000221</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000221</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000221</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must have all security patches and updates installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Determine the current version and build:
 
 From the vSphere Client, go to Hosts and Clusters.
 
-Select the ESXi Host &gt;&gt; Summary. Note the version string next to &quot;Hypervisor:&quot;.
+Select the ESXi Host &gt;&gt; Summary. Note the version string next to "Hypervisor:".
 
 or
 
@@ -7932,19 +7604,19 @@ If the ESXi host does not have the latest patches, this is a finding.
 
 If the ESXi host is not on a supported release, this is a finding.
 
-The latest ESXi versions and their build numbers can be found here: https:&#x2F;&#x2F;kb.vmware.com&#x2F;s&#x2F;article&#x2F;2143832
+The latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832
 
 VMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.
 
-Go to: https:&#x2F;&#x2F;www.vmware.com&#x2F;support&#x2F;policies&#x2F;security_response</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Go to: https://www.vmware.com/support/policies/security_response</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ESXi can be patched in multiple ways, and this fix text does not cover all methods.
 
 Manual patching when image profiles are not used:
 
-- Download the latest &quot;offline bundle&quot; .zip update from vmware.com. Verify the hash.
+- Download the latest "offline bundle" .zip update from vmware.com. Verify the hash.
 
 - Transfer the file to a datastore accessible by the ESXi host, local or remote.
 
@@ -7958,133 +7630,128 @@ Manual patching when image profiles are used:
 
 From an ESXi shell, run the following command:
 
-# esxcli software sources profile list -d &#x2F;vmfs&#x2F;volumes&#x2F;&lt;your datastore&gt;&#x2F;&lt;bundle name.zip&gt;
-
-Note the available profiles. The organization will usually want the one ending in &quot;-standard&quot;.
-
-# esxcli software profile update -p &lt;selected profile&gt; -d &#x2F;vmfs&#x2F;volumes&#x2F;&lt;your datastore&gt;&#x2F;&lt;bundle name.zip&gt;
-
-There will be little output during the update. Once complete, reboot the host for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>614d2acf-3c21-4f8a-b4ff-f1bfd24d91a1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VMHost -Name 10.186.25.26).ExtensionData.Config.Product.build stdout.strip is expected to cmp &#x3D;&#x3D; &quot;21813344&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000222</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000222</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000222</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+# esxcli software sources profile list -d /vmfs/volumes/&lt;your datastore&gt;/&lt;bundle name.zip&gt;
+
+Note the available profiles. The organization will usually want the one ending in "-standard".
+
+# esxcli software profile update -p &lt;selected profile&gt; -d /vmfs/volumes/&lt;your datastore&gt;/&lt;bundle name.zip&gt;
+
+There will be little output during the update. Once complete, reboot the host for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000221' do\n  title 'The ESXi host must have all security patches and updates installed.'\n  desc  'Installing software updates is a fundamental mitigation against the exploitation of publicly known vulnerabilities.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Determine the current version and build:\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Summary. Note the version string next to \\\"Hypervisor:\\\".\n\n    or\n\n    From a Secure Shell (SSH) session connected to the ESXi host, or from the ESXi shell, run the following command:\n\n    # vmware -v\n\n    If the ESXi host does not have the latest patches, this is a finding.\n\n    If the ESXi host is not on a supported release, this is a finding.\n\n    The latest ESXi versions and their build numbers can be found here: https://kb.vmware.com/s/article/2143832\n\n    VMware also publishes Advisories on security patches and offers a way to subscribe to email alerts for them.\n\n    Go to: https://www.vmware.com/support/policies/security_response\n  \"\n  desc 'fix', \"\n    ESXi can be patched in multiple ways, and this fix text does not cover all methods.\n\n    Manual patching when image profiles are not used:\n\n    - Download the latest \\\"offline bundle\\\" .zip update from vmware.com. Verify the hash.\n\n    - Transfer the file to a datastore accessible by the ESXi host, local or remote.\n\n    - Put the ESXi host into maintenance mode.\n\n    - From an ESXi shell, run the following command:\n\n    esxcli software vib update -d &lt;path to offline patch bundle.zip&gt;\n\n    Manual patching when image profiles are used:\n\n    From an ESXi shell, run the following command:\n\n    # esxcli software sources profile list -d /vmfs/volumes/&lt;your datastore&gt;/&lt;bundle name.zip&gt;\n\n    Note the available profiles. The organization will usually want the one ending in \\\"-standard\\\".\n\n    # esxcli software profile update -p &lt;selected profile&gt; -d /vmfs/volumes/&lt;your datastore&gt;/&lt;bundle name.zip&gt;\n\n    There will be little output during the update. Once complete, reboot the host for changes to take effect.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000221'\n  tag rid: 'SV-ESXI-80-000221'\n  tag stig_id: 'ESXI-80-000221'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost}).ExtensionData.Config.Product.build\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp \"#{input('esxiBuildNumber')}\" }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VMHost -Name 10.186.25.26).ExtensionData.Config.Product.build stdout.strip is expected to cmp == "21813344"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000222</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000222</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000222</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.SuppressShellWarning&quot; value and verify it is set to &quot;0&quot;.
+Select the "UserVars.SuppressShellWarning" value and verify it is set to "0".
 
 or
 
@@ -8092,141 +7759,136 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning
 
-If the &quot;UserVars.SuppressShellWarning&quot; setting is not set to &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.SuppressShellWarning" setting is not set to "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.SuppressShellWarning&quot; value and configure it to &quot;0&quot;.
+Click "Edit". Select the "UserVars.SuppressShellWarning" value and configure it to "0".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1658f21f-9b99-4fe7-89c9-168f591ab425</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;0&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000223</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000223</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000223</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000222' do\n  title 'The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.'\n  desc  'Warnings that local or remote shell sessions are enabled alert administrators to activity they may not be aware of and need to investigate.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressShellWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning\n\n    If the \\\"UserVars.SuppressShellWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressShellWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000222'\n  tag rid: 'SV-ESXI-80-000222'\n  tag stig_id: 'ESXI-80-000222'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "0"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000223</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000223</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000223</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;UserVars.SuppressHyperthreadWarning&quot; value and verify it is set to &quot;0&quot;.
+Select the "UserVars.SuppressHyperthreadWarning" value and verify it is set to "0".
 
 or
 
@@ -8234,143 +7896,138 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning
 
-If the &quot;UserVars.SuppressHyperthreadWarning&quot; setting is not set to &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "UserVars.SuppressHyperthreadWarning" setting is not set to "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;UserVars.SuppressHyperthreadWarning&quot; value and configure it to &quot;0&quot;.
+Click "Edit". Select the "UserVars.SuppressHyperthreadWarning" value and configure it to "0".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f638e158-cb44-4c05-bcc2-051768dc082d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;0&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000224</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000224</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000224</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must verify certificates for SSL syslog endpoints.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000223' do\n  title 'The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities.'\n  desc  'The L1 Terminal Fault (L1TF) CPU vulnerabilities published in 2018 have patches and mitigations available in vSphere. However, there are performance impacts to these mitigations that require careful thought and planning from the system administrator before implementation. Until a mitigation is implemented, the UI warning about the lack of a mitigation must not be dismissed so the system administrator does not assume the vulnerability has been addressed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and verify it is set to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning\n\n    If the \\\"UserVars.SuppressHyperthreadWarning\\\" setting is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"UserVars.SuppressHyperthreadWarning\\\" value and configure it to \\\"0\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Set-AdvancedSetting -Value 0\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000223'\n  tag rid: 'SV-ESXI-80-000223'\n  tag stig_id: 'ESXI-80-000223'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name UserVars.SuppressHyperthreadWarning | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "0"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000224</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000224</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000224</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must verify certificates for SSL syslog endpoints.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If SSL is not used for a syslog target, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.logCheckSSLCerts&quot; value and verify it is set to &quot;true&quot;.
+Select the "Syslog.global.logCheckSSLCerts" value and verify it is set to "true".
 
 or
 
@@ -8378,159 +8035,153 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts
 
-If the &quot;Syslog.global.logCheckSSLCerts&quot; setting is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi&#39;s trusted store.
+If the "Syslog.global.logCheckSSLCerts" setting is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.
 
 From the vSphere Client go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.logCheckSSLCerts&quot; value and configure it to &quot;true&quot;.
+Click "Edit". Select the "Syslog.global.logCheckSSLCerts" value and configure it to "true".
 
-Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to &#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;castore.pem by running the follow command:
+Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:
 
-# &lt;path&#x2F;to&#x2F;cacert&gt; &gt;&gt; &#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;castore.pem
+# &lt;path/to/cacert&gt; &gt;&gt; /etc/vmware/ssl/castore.pem
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value &quot;true&quot;
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value "true"
 
 Copy the PEM formatted trusted CA certificate so that is accessible to the host.
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.system.security.certificatestore.add.CreateArgs()
-$arguments.filename &#x3D; &lt;path&#x2F;to&#x2F;cacert&gt;
-$esxcli.system.security.certificatestore.add.Invoke($arguments)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ec0a0891-5ffa-4278-9455-429d053acd7e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-
-No SSL syslog targets found, this check is not applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000225</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000225</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000225</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable volatile key destruction.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.system.security.certificatestore.add.CreateArgs()
+$arguments.filename = &lt;path/to/cacert&gt;
+$esxcli.system.security.certificatestore.add.Invoke($arguments)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000224' do\n  title 'The ESXi host must verify certificates for SSL syslog endpoints.'\n  desc  'When sending syslog data to a remote host, ESXi can be configured to use any combination of TCP, UDP and SSL transports. When using SSL, the server certificate must be validated to ensure that the host is connecting to a valid syslog server.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts\n\n    If the \\\"Syslog.global.logCheckSSLCerts\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    To configure SSL syslog endpoint certificate checking it must be turned on and also the trusted certificate chain must be added to ESXi's trusted store.\n\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logCheckSSLCerts\\\" value and configure it to \\\"true\\\".\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host and append the contents to /etc/vmware/ssl/castore.pem by running the follow command:\n\n    # &lt;path/to/cacert&gt; &gt;&gt; /etc/vmware/ssl/castore.pem\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Set-AdvancedSetting -Value \\\"true\\\"\n\n    Copy the PEM formatted trusted CA certificate so that is accessible to the host.\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.security.certificatestore.add.CreateArgs()\n    $arguments.filename = &lt;path/to/cacert&gt;\n    $esxcli.system.security.certificatestore.add.Invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000224'\n  tag rid: 'SV-ESXI-80-000224'\n  tag stig_id: 'ESXI-80-000224'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logHost | Where {$_.Value -match \\\"ssl\\\"} | Select-Object -ExpandProperty Value\"\n      syslogservers = powercli_command(command).stdout\n\n      if !syslogservers.empty?\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logCheckSSLCerts | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'true' }\n        end\n      else\n        impact 0.0\n        describe '' do\n          skip 'No SSL syslog targets found, this check is not applicable.'\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST  :: SKIP_MESSAGE No SSL syslog targets found, this check is not applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000225</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000225</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000225</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable volatile key destruction.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.
 
 The NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.
 
-To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Mem.MemEagerZero&quot; value and verify it is set to &quot;1&quot;.
+Select the "Mem.MemEagerZero" value and verify it is set to "1".
 
 or
 
@@ -8538,149 +8189,142 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero
 
-If the &quot;Mem.MemEagerZero&quot; setting is not set to &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Mem.MemEagerZero" setting is not set to "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Mem.MemEagerZero&quot; value and configure it to &quot;1&quot;.
+Click "Edit". Select the "Mem.MemEagerZero" value and configure it to "1".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>005bc009-575f-4d86-9a8b-97e273eceed0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;1&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000225' do\n  title 'The ESXi host must enable volatile key destruction.'\n  desc  \"\n    By default, pages allocated for virtual machines (VMs), userspace applications, and kernel threads are zeroed out at allocation time. ESXi will always ensure that no nonzero pages are exposed to VMs or userspace applications. While this prevents exposing cryptographic keys from VMs or userworlds to other clients, these keys can stay present in host memory for a long time if the memory is not reused.\n\n    The NIAP Virtualization Protection Profile and Server Virtualization Extended Package require that memory that may contain cryptographic keys be zeroed upon process exit.\n\n    To this end, a new configuration option, MemEagerZero, can be configured to enforce zeroing out userworld and guest memory pages when a userworld process or guest exits. For kernel threads, memory spaces holding keys are zeroed out as soon as the secret is no longer needed.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Mem.MemEagerZero\\\" value and verify it is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero\n\n    If the \\\"Mem.MemEagerZero\\\" setting is not set to \\\"1\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Mem.MemEagerZero\\\" value and configure it to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Mem.MemEagerZero | Set-AdvancedSetting -Value 1\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000225'\n  tag rid: 'SV-ESXI-80-000225'\n  tag stig_id: 'ESXI-80-000225'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '1' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Mem.MemEagerZero | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "1" :: MESSAGE 
 expected: 1
      got: 0
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000226</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000226</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000226</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure a session timeout for the vSphere API.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000226</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000226</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000226</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure a session timeout for the vSphere API.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.
 
-One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Config.HostAgent.vmacore.soap.sessionTimeout&quot; value and verify it is set to &quot;30&quot;.
+Select the "Config.HostAgent.vmacore.soap.sessionTimeout" value and verify it is set to "30".
 
 or
 
@@ -8688,141 +8332,136 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout
 
-If the &quot;Config.HostAgent.vmacore.soap.sessionTimeout&quot; setting is not set to &quot;30&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Config.HostAgent.vmacore.soap.sessionTimeout" setting is not set to "30", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Config.HostAgent.vmacore.soap.sessionTimeout&quot; value and configure it to &quot;30&quot;.
+Click "Edit". Select the "Config.HostAgent.vmacore.soap.sessionTimeout" value and configure it to "30".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b24b0b26-b7ae-4ce4-bff6-4fa1c04c91bc</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;30&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000227</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must be configured with an appropriate maximum password age.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000226' do\n  title 'The ESXi host must configure a session timeout for the vSphere API.'\n  desc  \"\n    The vSphere API (VIM) allows for remote, programmatic administration of the ESXi host. Authenticated API sessions are no different from a risk perspective than authenticated UI sessions and they need similar protections.\n\n    One of these protections is a basic inactivity timeout, after which the session will be invalidated and reauthentication will be required by the application accessing the API. This is set to 30 seconds by default but can be disabled, thus leaving API sessions open indefinitely. The 30 second default must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and verify it is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout\n\n    If the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" setting is not set to \\\"30\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.vmacore.soap.sessionTimeout\\\" value and configure it to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Set-AdvancedSetting -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000226'\n  tag rid: 'SV-ESXI-80-000226'\n  tag stig_id: 'ESXI-80-000226'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '30' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Config.HostAgent.vmacore.soap.sessionTimeout | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "30"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000227</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must be configured with an appropriate maximum password age.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Security.PasswordMaxDays&quot; value and verify it is set to &quot;90&quot;.
+Select the "Security.PasswordMaxDays" value and verify it is set to "90".
 
 or
 
@@ -8830,310 +8469,296 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays
 
-If the &quot;Security.PasswordMaxDays&quot; setting is not set to &quot;90&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Security.PasswordMaxDays" setting is not set to "90", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Security.PasswordMaxDays&quot; value and configure it to &quot;90&quot;.
+Click "Edit". Select the "Security.PasswordMaxDays" value and configure it to "90".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>68f9d35b-a2cf-4912-988e-330be9c86538</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;90&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000227' do\n  title 'The ESXi host must be configured with an appropriate maximum password age.'\n  desc  'The older an ESXi local account password is, the larger the opportunity window is for attackers to guess, crack or re-use a previously cracked password. Rotating passwords on a regular basis is a fundamental security practice and one that ESXi supports.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Security.PasswordMaxDays\\\" value and verify it is set to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays\n\n    If the \\\"Security.PasswordMaxDays\\\" setting is not set to \\\"90\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Security.PasswordMaxDays\\\" value and configure it to \\\"90\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Security.PasswordMaxDays | Set-AdvancedSetting -Value 90\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000227'\n  tag rid: 'SV-ESXI-80-000227'\n  tag stig_id: 'ESXI-80-000227'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '90' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Security.PasswordMaxDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "90" :: MESSAGE 
 expected: 90
      got: 99999
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000228</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000228</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000228</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi Common Information Model (CIM) service must be disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000228</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000228</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000228</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi Common Information Model (CIM) service must be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.
 
-To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under &quot;Services&quot;, locate the &quot;CIM Server&quot; service and verify it is &quot;Stopped&quot; and the &quot;Startup Policy&quot; is set to &quot;Start and stop manually&quot;.
+Under "Services", locate the "CIM Server" service and verify it is "Stopped" and the "Startup Policy" is set to "Start and stop manually".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;CIM Server&quot;}
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "CIM Server"}
 
-If the &quot;CIM Server&quot; service does not have a &quot;Policy&quot; of &quot;off&quot; or is running, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "CIM Server" service does not have a "Policy" of "off" or is running, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under &quot;Services&quot; select the &quot;CIM Server&quot; service and click the &quot;Stop&quot; button.
+Under "Services" select the "CIM Server" service and click the "Stop" button.
 
-Click &quot;Edit Startup policy...&quot; and select the &quot;Start and stop manually&quot; radio button. Click &quot;OK&quot;.
+Click "Edit Startup policy..." and select the "Start and stop manually" radio button. Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;CIM Server&quot;} | Set-VMHostService -Policy Off
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;CIM Server&quot;} | Stop-VMHostService</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>207305b8-54ef-479f-96a9-b62aa3a69750</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;CIM Server&#39;} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp &#x3D;&#x3D; &quot;off&quot;
-
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "CIM Server"} | Set-VMHostService -Policy Off
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "CIM Server"} | Stop-VMHostService</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000228' do\n  title 'The ESXi Common Information Model (CIM) service must be disabled.'\n  desc  \"\n    The CIM system provides an interface that enables hardware-level management from remote applications via a set of standard application programming interfaces (APIs). These APIs are consumed by external applications such as HP SIM or Dell OpenManage for agentless, remote hardware monitoring of the ESXi host.\n\n    To reduce attack surface area and following the minimum functionality principal, the CIM service must be disabled unless explicitly needed and approved.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under \\\"Services\\\", locate the \\\"CIM Server\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"}\n\n    If the \\\"CIM Server\\\" service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under \\\"Services\\\" select the \\\"CIM Server\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"CIM Server\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000228'\n  tag rid: 'SV-ESXI-80-000228'\n  tag stig_id: 'ESXI-80-000228'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == "off" :: MESSAGE 
 expected: off
      got: on
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;CIM Server&#39;} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000229</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must use DOD-approved certificates.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'CIM Server'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000229</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must use DOD-approved certificates.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.
 
-The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Certificate.
 
 If the issuer is not a DOD-approved certificate authority, this is a finding.
 
-If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Join the ESXi host to vCenter before replacing the certificate.
 
 Obtain a DOD-issued certificate and private key for the host following the requirements below:
@@ -9144,7 +8769,7 @@ Key format: PEM
 VMware supports PKCS8 and PKCS1 (RSA keys)
 x509 version 3
 
-SubjectAltName must contain DNS Name&#x3D;&lt;machine_FQDN&gt;
+SubjectAltName must contain DNS Name=&lt;machine_FQDN&gt;
 
 CRT (Base-64) format
 
@@ -9154,433 +8779,414 @@ Start time of one day before the current time
 
 CN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory
 
-From the vSphere Web Client, select the ESXi host&#39;s vCenter Server &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced Settings.
+From the vSphere Web Client, select the ESXi host's vCenter Server &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced Settings.
 
-Select the &quot;vpxd.certmgmt.mode&quot; value and ensure it is set to &quot;custom&quot;.
+Select the "vpxd.certmgmt.mode" value and ensure it is set to "custom".
 
 Put the host into maintenance mode.
 
-Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to &#x2F;tmp. SSH to the host. Back up the existing certificate and key:
+Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:
 
-# mv &#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;rui.crt &#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;rui.crt.bak
-# mv &#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;rui.key &#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;rui.key.bak
+# mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak
+# mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak
 
-Copy the new certificate and key to &quot;&#x2F;etc&#x2F;vmware&#x2F;ssl&#x2F;&quot; and rename them to &quot;rui.crt&quot; and &quot;rui.key&quot; respectively.
+Copy the new certificate and key to "/etc/vmware/ssl/" and rename them to "rui.crt" and "rui.key" respectively.
 
 Restart management agents to implement the new certificate:
 
-# services.sh restart</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ac1f8a82-0a90-42b5-839d-3c7a74ccc1e8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-ssl_certificate for &#39;10.186.25.26&#39; issuer_organization is expected to cmp &#x3D;&#x3D; &quot;U.S. Government&quot;
-
+# services.sh restart</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000229' do\n  title 'The ESXi host must use DOD-approved certificates.'\n  desc  \"\n    The default self-signed host certificate issued by the VMware Certificate Authority (VMCA) must be replaced with a DOD-approved certificate when the host will be accessed directly, such as during a virtual machine (VM) console connection.\n\n    The use of a DOD certificate on the host assures clients the service they are connecting to is legitimate and properly secured.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Certificate.\n\n    If the issuer is not a DOD-approved certificate authority, this is a finding.\n\n    If the host will never be accessed directly (virtual machine console connections bypass vCenter), this is not a finding.\n  \"\n  desc 'fix', \"\n    Join the ESXi host to vCenter before replacing the certificate.\n\n    Obtain a DOD-issued certificate and private key for the host following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n\n    Key format: PEM\n    VMware supports PKCS8 and PKCS1 (RSA keys)\n    x509 version 3\n\n    SubjectAltName must contain DNS Name=&lt;machine_FQDN&gt;\n\n    CRT (Base-64) format\n\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Start time of one day before the current time\n\n    CN (and SubjectAltName) set to the host name (or IP address) that the ESXi host has in the vCenter Server inventory\n\n    From the vSphere Web Client, select the ESXi host's vCenter Server &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced Settings.\n\n    Select the \\\"vpxd.certmgmt.mode\\\" value and ensure it is set to \\\"custom\\\".\n\n    Put the host into maintenance mode.\n\n    Temporarily enable Secure Shell (SSH) on the host. Use Secure Copy Protocol (SCP) to transfer the new certificate and key to /tmp. SSH to the host. Back up the existing certificate and key:\n\n    # mv /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.bak\n    # mv /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.bak\n\n    Copy the new certificate and key to \\\"/etc/vmware/ssl/\\\" and rename them to \\\"rui.crt\\\" and \\\"rui.key\\\" respectively.\n\n    Restart management agents to implement the new certificate:\n\n    # services.sh restart\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000229'\n  tag rid: 'SV-ESXI-80-000229'\n  tag stig_id: 'ESXI-80-000229'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      describe ssl_certificate(host: \"#{vmhost}\", port: 443) do\n        its('issuer_organization') { should cmp 'U.S. Government' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST ssl_certificate for '10.186.25.26' issuer_organization is expected to cmp == "U.S. Government" :: MESSAGE 
 expected: U.S. Government
      got: sc2-10-186-30-81.eng.vmware.com
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must disable port forwarding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host Secure Shell (SSH) daemon must disable port forwarding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware&#x2F;openssh&#x2F;bin&#x2F;sshd -T | grep allowtcpforwarding
+# /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding
 
 Expected result:
 
 allowtcpforwarding no
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in &quot;&#x2F;etc&#x2F;ssh&#x2F;sshd_config&quot;:
-
-AllowTcpForwarding no</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>97aa1f57-27c8-44a5-b2e5-96a17884666d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000231</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host OpenSLP service must be disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From an ESXi shell, add or update the following line in "/etc/ssh/sshd_config":
+
+AllowTcpForwarding no</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000230' do\n  title 'The ESXi host Secure Shell (SSH) daemon must disable port forwarding.'\n  desc  'While enabling Transmission Control Protocol (TCP) tunnels is a valuable function of sshd, this feature is not appropriate for use on the ESXi hypervisor.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # /usr/lib/vmware/openssh/bin/sshd -T | grep allowtcpforwarding\n\n    Expected result:\n\n    allowtcpforwarding no\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, add or update the following line in \\\"/etc/ssh/sshd_config\\\":\n\n    AllowTcpForwarding no\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000230'\n  tag rid: 'SV-ESXI-80-000230'\n  tag stig_id: 'ESXI-80-000230'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000231</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host OpenSLP service must be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.
 
-Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under &quot;Services&quot;, locate the &quot;slpd&quot; service and verify it is &quot;Stopped&quot; and the &quot;Startup Policy&quot; is set to &quot;Start and stop manually&quot;.
+Under "Services", locate the "slpd" service and verify it is "Stopped" and the "Startup Policy" is set to "Start and stop manually".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;slpd&quot;}
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "slpd"}
 
-If the slpd service does not have a &quot;Policy&quot; of &quot;off&quot; or is running, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the slpd service does not have a "Policy" of "off" or is running, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.
 
-Under &quot;Services&quot; select the &quot;slpd&quot; service and click the &quot;Stop&quot; button.
+Under "Services" select the "slpd" service and click the "Stop" button.
 
-Click &quot;Edit Startup policy...&quot; and select the &quot;Start and stop manually&quot; radio button. Click &quot;OK&quot;.
+Click "Edit Startup policy..." and select the "Start and stop manually" radio button. Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;slpd&quot;} | Set-VMHostService -Policy Off
-Get-VMHost | Get-VMHostService | Where {$_.Label -eq &quot;slpd&quot;} | Stop-VMHostService</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>56b3ce2f-a959-4c42-8204-b68a338d879f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;slpd&#39;} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp &#x3D;&#x3D; &quot;off&quot;
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "slpd"} | Set-VMHostService -Policy Off
+Get-VMHost | Get-VMHostService | Where {$_.Label -eq "slpd"} | Stop-VMHostService</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000231' do\n  title 'The ESXi host OpenSLP service must be disabled.'\n  desc  \"\n    OpenSLP implements the Service Location Protocol to help CIM clients discover CIM servers over TCP 427. This service is not widely needed and has had vulnerabilities exposed in the past. To reduce attack surface area and following the minimum functionality principal, the OpenSLP service must be disabled unless explicitly needed and approved.\n\n    Note: Disabling the OpenSLP service may affect monitoring and third-party systems that use the WBEM DTMF protocols.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under \\\"Services\\\", locate the \\\"slpd\\\" service and verify it is \\\"Stopped\\\" and the \\\"Startup Policy\\\" is set to \\\"Start and stop manually\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"}\n\n    If the slpd service does not have a \\\"Policy\\\" of \\\"off\\\" or is running, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Services.\n\n    Under \\\"Services\\\" select the \\\"slpd\\\" service and click the \\\"Stop\\\" button.\n\n    Click \\\"Edit Startup policy...\\\" and select the \\\"Start and stop manually\\\" radio button. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Set-VMHostService -Policy Off\n    Get-VMHost | Get-VMHostService | Where {$_.Label -eq \\\"slpd\\\"} | Stop-VMHostService\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000231'\n  tag rid: 'SV-ESXI-80-000231'\n  tag stig_id: 'ESXI-80-000231'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'off' }\n      end\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Policy stdout.strip is expected to cmp == "off"
 --------------------------------
-passed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq &#39;slpd&#39;} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000232</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000232</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000232</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable audit logging.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-VMHostService | Where {$_.Label -eq 'slpd'} | Select-Object -ExpandProperty Running stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000232</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000232</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000232</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable audit logging.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.
 
 To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.
 
-Note: Audit records can be viewed locally via the &quot;&#x2F;bin&#x2F;viewAudit&quot; utility over SSH or at the ESXi shell.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Note: Audit records can be viewed locally via the "/bin/viewAudit" utility over SSH or at the ESXi shell.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.auditRecord.storageEnable&quot; value and verify it is set to &quot;true&quot;.
+Select the "Syslog.global.auditRecord.storageEnable" value and verify it is set to "true".
 
 or
 
@@ -9588,151 +9194,144 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable
 
-If the &quot;Syslog.global.auditRecord.storageEnable&quot; setting is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Syslog.global.auditRecord.storageEnable" setting is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.auditRecord.storageEnable&quot; value and configure it to &quot;true&quot;.
+Click "Edit". Select the "Syslog.global.auditRecord.storageEnable" value and configure it to "true".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value &quot;true&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ad154438-41c4-4202-bf08-c27ca289662f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value "true"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000232' do\n  title 'The ESXi host must enable audit logging.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable\n\n    If the \\\"Syslog.global.auditRecord.storageEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.storageEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000232'\n  tag rid: 'SV-ESXI-80-000232'\n  tag stig_id: 'ESXI-80-000232'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.storageEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "true" :: MESSAGE 
 expected: true
      got: False
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000233</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000342-VMM-001230</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000233</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000233</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must off-load audit records via syslog.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000233</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000342-VMM-001230</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000233</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000233</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must off-load audit records via syslog.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.
 
 To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.
 
-Note: Audit records can be viewed locally via the &quot;&#x2F;bin&#x2F;viewAudit&quot; utility over SSH or at the ESXi shell.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Note: Audit records can be viewed locally via the "/bin/viewAudit" utility over SSH or at the ESXi shell.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.auditRecord.remoteEnable&quot; value and verify it is set to &quot;true&quot;.
+Select the "Syslog.global.auditRecord.remoteEnable" value and verify it is set to "true".
 
 or
 
@@ -9740,151 +9339,144 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable
 
-If the &quot;Syslog.global.auditRecord.remoteEnable&quot; setting is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Syslog.global.auditRecord.remoteEnable" setting is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.auditRecord.remoteEnable&quot; value and configure it to &quot;true&quot;.
+Click "Edit". Select the "Syslog.global.auditRecord.remoteEnable" value and configure it to "true".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value &quot;true&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d223c3fe-11ae-4526-bbb1-825bcf4acd01</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value "true"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000233' do\n  title 'The ESXi host must off-load audit records via syslog.'\n  desc  \"\n    ESXi offers both local and remote audit recordkeeping to meet the requirements of the NIAP Virtualization Protection Profile and Server Virtualization Extended Package. Local records are stored on any accessible local or VMFS path. Remote records are sent to the global syslog servers configured elsewhere.\n\n    To operate in the NIAP validated state, ESXi must enable and properly configure this audit system. This system is disabled by default.\n\n    Note: Audit records can be viewed locally via the \\\"/bin/viewAudit\\\" utility over SSH or at the ESXi shell.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable\n\n    If the \\\"Syslog.global.auditRecord.remoteEnable\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.auditRecord.remoteEnable\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000342-VMM-001230'\n  tag gid: 'V-ESXI-80-000233'\n  tag rid: 'SV-ESXI-80-000233'\n  tag stig_id: 'ESXI-80-000233'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.auditRecord.remoteEnable | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "true" :: MESSAGE 
 expected: true
      got: False
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000234</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000234</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000234</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enable strict x509 verification for SSL syslog endpoints.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint&#39;s SSL server certificate. In addition to trust verification, configured elsewhere, this &quot;x509-strict&quot; option performs additional validity checks on CA root certificates during verification.
-
-These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000234</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000234</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000234</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enable strict x509 verification for SSL syslog endpoints.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this "x509-strict" option performs additional validity checks on CA root certificates during verification.
+
+These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If SSL is not used for a syslog target, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.certificate.strictX509Compliance&quot; value and verify it is set to &quot;true&quot;.
+Select the "Syslog.global.certificate.strictX509Compliance" value and verify it is set to "true".
 
 or
 
@@ -9892,151 +9484,144 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance
 
-If the &quot;Syslog.global.certificate.strictX509Compliance&quot; setting is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Syslog.global.certificate.strictX509Compliance" setting is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.certificate.strictX509Compliance&quot; value and configure it to &quot;true&quot;.
+Click "Edit". Select the "Syslog.global.certificate.strictX509Compliance" value and configure it to "true".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value &quot;true&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>523a95d4-7166-44d1-bc88-24afe230fe63</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value "true"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000234' do\n  title 'The ESXi host must enable strict x509 verification for SSL syslog endpoints.'\n  desc  \"\n    When sending syslog data to a remote host via SSL, the ESXi host is presented with the endpoint's SSL server certificate. In addition to trust verification, configured elsewhere, this \\\"x509-strict\\\" option performs additional validity checks on CA root certificates during verification.\n\n    These checks are generally not performed (CA roots are inherently trusted) and might cause incompatibilities with existing, misconfigured CA roots. The NIAP requirements in the Virtualization Protection Profile and Server Virtualization Extended Package, however, require even CA roots to pass validations.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If SSL is not used for a syslog target, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and verify it is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance\n\n    If the \\\"Syslog.global.certificate.strictX509Compliance\\\" setting is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.certificate.strictX509Compliance\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Set-AdvancedSetting -Value \\\"true\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000234'\n  tag rid: 'SV-ESXI-80-000234'\n  tag stig_id: 'ESXI-80-000234'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.certificate.strictX509Compliance | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "true" :: MESSAGE 
 expected: true
      got: False
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000037-VMM-000150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000235</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must forward audit records containing information to establish what type of events occurred.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000037-VMM-000150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000235</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must forward audit records containing information to establish what type of events occurred.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.
 
-Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user&#x2F;process&#x2F;VM identifiers, event descriptions, success&#x2F;fail indications, filenames involved, and access control or flow control rules invoked.
+Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.
 
-Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.logLevel&quot; value and verify it is set to &quot;info&quot;.
+Select the "Syslog.global.logLevel" value and verify it is set to "info".
 
 or
 
@@ -10044,413 +9629,394 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel
 
-If the &quot;Syslog.global.logLevel&quot; setting is not set to &quot;info&quot;, this is a finding.
+If the "Syslog.global.logLevel" setting is not set to "info", this is a finding.
 
-Note: Verbose logging level is acceptable for troubleshooting purposes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Note: Verbose logging level is acceptable for troubleshooting purposes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.logLevel&quot; value and configure it to &quot;info&quot;.
+Click "Edit". Select the "Syslog.global.logLevel" value and configure it to "info".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value &quot;info&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a7db61cb-5f4a-4825-8ea8-5ca64f855837</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;info&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value "info"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000235' do\n  title 'The ESXi host must forward audit records containing information to establish what type of events occurred.'\n  desc  \"\n    Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.\n\n    Audit record content that may be necessary to satisfy this requirement includes, for example, time stamps, source and destination addresses, user/process/VM identifiers, event descriptions, success/fail indications, filenames involved, and access control or flow control rules invoked.\n\n    Associating event types with detected events in the ESXi audit logs provides a means of investigating an attack; recognizing resource utilization or capacity thresholds; or identifying an improperly configured host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.logLevel\\\" value and verify it is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel\n\n    If the \\\"Syslog.global.logLevel\\\" setting is not set to \\\"info\\\", this is a finding.\n\n    Note: Verbose logging level is acceptable for troubleshooting purposes.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logLevel\\\" value and configure it to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logLevel | Set-AdvancedSetting -Value \\\"info\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000037-VMM-000150'\n  tag gid: 'V-ESXI-80-000235'\n  tag rid: 'SV-ESXI-80-000235'\n  tag stig_id: 'ESXI-80-000235'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'info' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name Syslog.global.logLevel | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "info" :: MESSAGE 
 expected: info
      got: error
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000236</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000236</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000236</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must not be configured to override virtual machine (VM) configurations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Each VM on an ESXi host runs in its own &quot;vmx&quot; process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.
-
-This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000236</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000236</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000236</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must not be configured to override virtual machine (VM) configurations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Each VM on an ESXi host runs in its own "vmx" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.
+
+This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# stat -c &quot;%s&quot; &#x2F;etc&#x2F;vmware&#x2F;settings
+# stat -c "%s" /etc/vmware/settings
 
 Expected result:
 
 0
 
-If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the output does not match the expected result, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# echo -n &gt;&#x2F;etc&#x2F;vmware&#x2F;settings</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>40d582cc-56bb-4b0d-a13a-21ddefc41ef8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000237</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must not be configured to override virtual machine (VM) logger settings.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Each VM on an ESXi host runs in its own &quot;vmx&quot; process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.
-
-This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+# echo -n &gt;/etc/vmware/settings</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000236' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) configurations.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # stat -c \\\"%s\\\" /etc/vmware/settings\n\n    Expected result:\n\n    0\n\n    If the output does not match the expected result, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # echo -n &gt;/etc/vmware/settings\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000236'\n  tag rid: 'SV-ESXI-80-000236'\n  tag stig_id: 'ESXI-80-000236'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000237</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must not be configured to override virtual machine (VM) logger settings.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Each VM on an ESXi host runs in its own "vmx" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.
+
+This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# grep &quot;^vmx\.log&quot; &#x2F;etc&#x2F;vmware&#x2F;config
+# grep "^vmx\.log" /etc/vmware/config
 
-If the command produces any output, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the command produces any output, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following commands:
 
-# cp &#x2F;etc&#x2F;vmware&#x2F;config &#x2F;etc&#x2F;vmware&#x2F;config.bak
-# grep -v &quot;^vmx\.log&quot; &#x2F;etc&#x2F;vmware&#x2F;config.bak&gt;&#x2F;etc&#x2F;vmware&#x2F;config</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7ccdb490-599b-41e5-bb53-02ad327ddc6b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must require TPM-based configuration encryption.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>An ESXi host&#39;s configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the &#x2F;etc&#x2F; directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.
+# cp /etc/vmware/config /etc/vmware/config.bak
+# grep -v "^vmx\.log" /etc/vmware/config.bak&gt;/etc/vmware/config</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000237' do\n  title 'The ESXi host must not be configured to override virtual machine (VM) logger settings.'\n  desc  \"\n    Each VM on an ESXi host runs in its own \\\"vmx\\\" process. Upon creation, a vmx process will look in two locations for configuration items, the ESXi host itself and the per-vm *.vmx file in the VM storage path on the datastore. The settings on the ESXi host are read first and take precedence over settings in the *.vmx file.\n\n    This can be a convenient way to set a setting in one place and have it apply to all VMs running on that host. The difficulty is in managing those settings and determining the effective state. Since managing per-VM vmx settings can be fully automated and customized while the ESXi setting cannot be easily queried, the ESXi configuration must not be used.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # grep \\\"^vmx\\\\.log\\\" /etc/vmware/config\n\n    If the command produces any output, this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # cp /etc/vmware/config /etc/vmware/config.bak\n    # grep -v \\\"^vmx\\\\.log\\\" /etc/vmware/config.bak&gt;/etc/vmware/config\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000237'\n  tag rid: 'SV-ESXI-80-000237'\n  tag stig_id: 'ESXI-80-000237'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must require TPM-based configuration encryption.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.
 
 A cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.
 
-Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to &quot;seal&quot; the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.
+Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to "seal" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.
 
-Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.
 
 From an ESXi shell, run the following command:
@@ -10461,510 +10027,455 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 $esxcli.system.settings.encryption.get.invoke() | Select Mode
 
 Expected result:
 
 Mode: TPM
 
-If the &quot;Mode&quot; is not set to &quot;TPM&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Mode" is not set to "TPM", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.
 
 This setting cannot be configured until the TPM is properly enabled in firmware.
 
 From an ESXi shell, run the following command:
 
-# esxcli system settings encryption set --mode&#x3D;TPM
+# esxcli system settings encryption set --mode=TPM
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.system.settings.encryption.set.CreateArgs()
-$arguments.mode &#x3D; &quot;TPM&quot;
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.system.settings.encryption.set.CreateArgs()
+$arguments.mode = "TPM"
 $esxcli.system.settings.encryption.set.Invoke($arguments)
 
-Evacuate the host and gracefully reboot for changes to take effect.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a82e45a5-e379-43ad-93a4-8aee98cd85c3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode stdout.strip is expected to cmp &#x3D;&#x3D; &quot;TPM&quot;
-
+Evacuate the host and gracefully reboot for changes to take effect.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000238' do\n  title 'The ESXi host must require TPM-based configuration encryption.'\n  desc  \"\n    An ESXi host's configuration consists of configuration files for each service that runs on the host. The configuration files typically reside in the /etc/ directory, but they can also reside in other namespaces. The configuration files contain run-time information about the state of the services. Over time, the default values in the configuration files might change, for example, when settings on the ESXi host are changed.\n\n    A cron job backs up the ESXi configuration files periodically, when ESXi shuts down gracefully or on demand, and creates an archived configuration file in the boot bank. When ESXi reboots, it reads the archived configuration file and recreates the state that ESXi was in when the backup was taken.\n\n    Before vSphere 7.0 Update 2, the archived ESXi configuration file is not encrypted. In vSphere 7.0 Update 2 and later, the archived configuration file is encrypted. When the ESXi host is configured with a Trusted Platform Module (TPM), the TPM is used to \\\"seal\\\" the configuration to the host, providing a strong security guarantee and additional protection from offline attacks.\n\n    Configuration encryption uses the physical TPM when it is available and supported at install or upgrade time. If the TPM was added or enabled later, the ESXi host must be told to reconfigure to use the newly available TPM. Once the TPM configuration encryption is enabled, it cannot be disabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.encryption.get.invoke() | Select Mode\n\n    Expected result:\n\n    Mode: TPM\n\n    If the \\\"Mode\\\" is not set to \\\"TPM\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Ensure the TPM 2.0 chip is enabled in the BIOS and the ESX UI does not show any errors about a present but unavailable TPM.\n\n    This setting cannot be configured until the TPM is properly enabled in firmware.\n\n    From an ESXi shell, run the following command:\n\n    # esxcli system settings encryption set --mode=TPM\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.encryption.set.CreateArgs()\n    $arguments.mode = \\\"TPM\\\"\n    $esxcli.system.settings.encryption.set.Invoke($arguments)\n\n    Evacuate the host and gracefully reboot for changes to take effect.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000238'\n  tag rid: 'SV-ESXI-80-000238'\n  tag stig_id: 'ESXI-80-000238'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'TPM' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.encryption.get.invoke() | Select-Object -ExpandProperty Mode stdout.strip is expected to cmp == "TPM" :: MESSAGE 
 expected: TPM
      got: NONE
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000239</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000239</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000239</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure the firewall to restrict access to services running on the host.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000239</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000239</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000239</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure the firewall to restrict access to services running on the host.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Firewall.
 
-Under the &quot;Allowed IP addresses&quot; column, review the allowed IPs for each service.
+Under the "Allowed IP addresses" column, review the allowed IPs for each service.
 
-Check this for &quot;Incoming&quot; and &quot;Outgoing&quot; sections.
+Check this for "Incoming" and "Outgoing" sections.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N&#x3D;&quot;AllIPEnabled&quot;;E&#x3D;{$_.ExtensionData.AllowedHosts.AllIP}}
+Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N="AllIPEnabled";E={$_.ExtensionData.AllowedHosts.AllIP}}
 
-If for an enabled service &quot;Allow connections from any IP address&quot; is selected, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If for an enabled service "Allow connections from any IP address" is selected, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Firewall.
 
-Click &quot;Edit...&quot;. For each enabled service, uncheck the check box to &quot;Allow connections from any IP address&quot; and input the site-specific network(s) required.
+Click "Edit...". For each enabled service, uncheck the check box to "Allow connections from any IP address" and input the site-specific network(s) required.
 
 The following example formats are acceptable:
 
-192.168.0.0&#x2F;24
-192.168.1.2, 2001::1&#x2F;64
-fd3e:29a6:0a81:e478::&#x2F;64
+192.168.0.0/24
+192.168.1.2, 2001::1/64
+fd3e:29a6:0a81:e478::/64
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 #This disables the allow all rule for the target service. We are targeting the sshServer service in this example.
-$arguments &#x3D; $esxcli.network.firewall.ruleset.set.CreateArgs()
-$arguments.rulesetid &#x3D; &quot;sshServer&quot;
-$arguments.allowedall &#x3D; $false
+$arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()
+$arguments.rulesetid = "sshServer"
+$arguments.allowedall = $false
 $esxcli.network.firewall.ruleset.set.Invoke($arguments)
 
-#Next add the allowed IPs for the service. Note doing the &quot;vSphere Web Client&quot; service this way may disable access but may be done through vCenter or through the console.
-$arguments &#x3D; $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()
-$arguments.rulesetid &#x3D; &quot;sshServer&quot;
-$arguments.ipaddress &#x3D; &quot;10.0.0.0&#x2F;8&quot;
+#Next add the allowed IPs for the service. Note doing the "vSphere Web Client" service this way may disable access but may be done through vCenter or through the console.
+$arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()
+$arguments.rulesetid = "sshServer"
+$arguments.ipaddress = "10.0.0.0/8"
 $esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)
 
-This must be done for each enabled service.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>37e3928c-59d6-4b5f-a874-944bbccd696a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+This must be done for each enabled service.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000239' do\n  title 'The ESXi host must configure the firewall to restrict access to services running on the host.'\n  desc  'Unrestricted access to services running on an ESXi host can expose a host to outside attacks and unauthorized access. Reduce the risk by configuring the ESXi firewall to only allow access from authorized networks.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Firewall.\n\n    Under the \\\"Allowed IP addresses\\\" column, review the allowed IPs for each service.\n\n    Check this for \\\"Incoming\\\" and \\\"Outgoing\\\" sections.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-VMHostFirewallException | Where {$_.Enabled -eq $true} | Select Name,Enabled,@{N=\\\"AllIPEnabled\\\";E={$_.ExtensionData.AllowedHosts.AllIP}}\n\n    If for an enabled service \\\"Allow connections from any IP address\\\" is selected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Firewall.\n\n    Click \\\"Edit...\\\". For each enabled service, uncheck the check box to \\\"Allow connections from any IP address\\\" and input the site-specific network(s) required.\n\n    The following example formats are acceptable:\n\n    192.168.0.0/24\n    192.168.1.2, 2001::1/64\n    fd3e:29a6:0a81:e478::/64\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    #This disables the allow all rule for the target service. We are targeting the sshServer service in this example.\n    $arguments = $esxcli.network.firewall.ruleset.set.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.allowedall = $false\n    $esxcli.network.firewall.ruleset.set.Invoke($arguments)\n\n    #Next add the allowed IPs for the service. Note doing the \\\"vSphere Web Client\\\" service this way may disable access but may be done through vCenter or through the console.\n    $arguments = $esxcli.network.firewall.ruleset.allowedip.add.CreateArgs()\n    $arguments.rulesetid = \\\"sshServer\\\"\n    $arguments.ipaddress = \\\"10.0.0.0/8\\\"\n    $esxcli.network.firewall.ruleset.allowedip.add.Invoke($arguments)\n\n    This must be done for each enabled service.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000239'\n  tag rid: 'SV-ESXI-80-000239'\n  tag stig_id: 'ESXI-80-000239'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"(Get-VMHost -Name #{vmhost} | Get-VMHostFirewallException | Where {$_.Enabled -eq $true}).ExtensionData.AllowedHosts.AllIP\"\n      powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |result|\n        describe result do\n          it { should_not cmp 'True' }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-passed
-False is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
+passed :: TEST False is expected not to cmp == "True"
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
+(compared using `cmp` matcher)
 
 --------------------------------
-failed
-True is expected not to cmp &#x3D;&#x3D; &quot;True&quot;
-
+failed :: TEST True is expected not to cmp == "True" :: MESSAGE 
 expected: True
      got: True
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000240</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host when using Host Profiles and&#x2F;or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a host is configured to join an Active Directory domain using Host Profiles and&#x2F;or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.
-
-To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000240</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.
+
+To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For environments that do not use vCenter server to manage ESXi, this is not applicable.
 
 If the organization is not using Host Profiles to join Active Directory, this is not applicable.
@@ -10973,150 +10484,144 @@ From the vSphere Client, go to Home &gt;&gt; Policies and Profiles &gt;&gt; Host
 
 Click a Host Profile &gt;&gt; Configure &gt;&gt; Security and Services &gt;&gt; Security Settings &gt;&gt; Authentication Configuration &gt;&gt; Active Directory Configuration &gt;&gt; Join Domain Method.
 
-If the method used to join hosts to a domain is not set to &quot;Use vSphere Authentication Proxy to add the host to domain&quot;, this is a finding.
+If the method used to join hosts to a domain is not set to "Use vSphere Authentication Proxy to add the host to domain", this is a finding.
 
 or
 
 From a PowerCLI command prompt while connected to vCenter, run the following command:
 
-Get-VMHost | Select Name, &#x60; @{N&#x3D;&quot;HostProfile&quot;;E&#x3D;{$_ | Get-VMHostProfile}}, &#x60; @{N&#x3D;&quot;JoinADEnabled&quot;;E&#x3D;{($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, &#x60; @{N&#x3D;&quot;JoinDomainMethod&quot;;E&#x3D;{(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq &quot;JoinDomainMethodPolicy&quot;}).Policyoption.Id}}
+Get-VMHost | Select Name, ` @{N="HostProfile";E={$_ | Get-VMHostProfile}}, ` @{N="JoinADEnabled";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N="JoinDomainMethod";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq "JoinDomainMethodPolicy"}).Policyoption.Id}}
 
-If &quot;JoinADEnabled&quot; is &quot;True&quot; and &quot;JoinDomainMethod&quot; is not &quot;FixedCAMConfigOption&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If "JoinADEnabled" is "True" and "JoinDomainMethod" is not "FixedCAMConfigOption", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Home &gt;&gt; Policies and Profiles &gt;&gt; Host Profiles.
 
 Click a Host Profile &gt;&gt; Configure &gt;&gt; Security and Services &gt;&gt; Security Settings &gt;&gt; Authentication Configuration &gt;&gt; Active Directory Configuration.
 
-Click &quot;Edit Host Profile...&quot;. Set the &quot;Join Domain Method&quot; to &quot;Use vSphere Authentication Proxy to add the host to domain&quot; and provide the IP address of the vSphere Authentication Proxy server.
-
-Click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6987eb64-5347-42f4-881b-81b1032aec2e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-There are no attached host profiles host: 10.186.25.26. This control is not applicable.
-There are no attached host profiles host: 10.186.25.26. This control is not applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000241</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000241</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000241</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must not use the default Active Directory ESX Admin group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When adding ESXi hosts to Active Directory, all user&#x2F;group accounts assigned to the Active Directory group &quot;ESX Admins&quot; will have full administrative access to the host.
-
-If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Click "Edit Host Profile...". Set the "Join Domain Method" to "Use vSphere Authentication Proxy to add the host to domain" and provide the IP address of the vSphere Authentication Proxy server.
+
+Click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000240' do\n  title 'The ESXi host when using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory.'\n  desc  \"\n    If a host is configured to join an Active Directory domain using Host Profiles and/or Auto Deploy, the Active Directory credentials are saved in the profile and are transmitted over the network.\n\n    To avoid having to save Active Directory credentials in the Host Profile and to avoid transmitting Active Directory credentials over the network, use the vSphere Authentication Proxy.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For environments that do not use vCenter server to manage ESXi, this is not applicable.\n\n    If the organization is not using Host Profiles to join Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Home &gt;&gt; Policies and Profiles &gt;&gt; Host Profiles.\n\n    Click a Host Profile &gt;&gt; Configure &gt;&gt; Security and Services &gt;&gt; Security Settings &gt;&gt; Authentication Configuration &gt;&gt; Active Directory Configuration &gt;&gt; Join Domain Method.\n\n    If the method used to join hosts to a domain is not set to \\\"Use vSphere Authentication Proxy to add the host to domain\\\", this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to vCenter, run the following command:\n\n    Get-VMHost | Select Name, ` @{N=\\\"HostProfile\\\";E={$_ | Get-VMHostProfile}}, ` @{N=\\\"JoinADEnabled\\\";E={($_ | Get-VmHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled}}, ` @{N=\\\"JoinDomainMethod\\\";E={(($_ | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select -ExpandProperty Policy | Where {$_.Id -eq \\\"JoinDomainMethodPolicy\\\"}).Policyoption.Id}}\n\n    If \\\"JoinADEnabled\\\" is \\\"True\\\" and \\\"JoinDomainMethod\\\" is not \\\"FixedCAMConfigOption\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Home &gt;&gt; Policies and Profiles &gt;&gt; Host Profiles.\n\n    Click a Host Profile &gt;&gt; Configure &gt;&gt; Security and Services &gt;&gt; Security Settings &gt;&gt; Authentication Configuration &gt;&gt; Active Directory Configuration.\n\n    Click \\\"Edit Host Profile...\\\". Set the \\\"Join Domain Method\\\" to \\\"Use vSphere Authentication Proxy to add the host to domain\\\" and provide the IP address of the vSphere Authentication Proxy server.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000240'\n  tag rid: 'SV-ESXI-80-000240'\n  tag stig_id: 'ESXI-80-000240'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    setimpact = true\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostProfile\"\n      hostprofile = powercli_command(command).stdout\n\n      if hostprofile.empty?\n        describe \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\" do\n          skip \"There are no attached host profiles host: #{vmhost}. This control is not applicable.\"\n        end\n      else\n        command1 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory.Enabled\"\n        adEnabled = powercli_command(command1).stdout.strip\n\n        if adEnabled.match?('True')\n          command2 = \"(Get-VMHost -Name #{vmhost} | Get-VMHostProfile).ExtensionData.Config.ApplyProfile.Authentication.ActiveDirectory | Select-Object -ExpandProperty Policy | Where {$_.Id -eq 'JoinDomainMethodPolicy'} | Select-Object -ExpandProperty PolicyOption | Select-Object -ExpandProperty Id\"\n          describe powercli_command(command2) do\n            its('stdout.strip') { should cmp 'FixedCAMConfigOption' }\n          end\n          setimpact = false\n        else\n          describe \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\" do\n            skip \"Active Directory is not enabled on host: #{vmhost}. This control is not applicable.\"\n          end\n        end\n      end\n    end\n  else\n    describe 'No ESXi hosts found. Review inputs provided for errors and rerun profile.' do\n      skip 'No ESXi hosts found. Review inputs provided for errors and rerun profile.'\n    end\n    setimpact = false\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST There are no attached host profiles host: 10.186.25.26. This control is not applicable. :: SKIP_MESSAGE There are no attached host profiles host: 10.186.25.26. This control is not applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000241</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000241</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000241</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must not use the default Active Directory ESX Admin group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group "ESX Admins" will have full administrative access to the host.
+
+If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>For systems that do not use Active Directory, this is not applicable.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Config.HostAgent.plugins.hostsvc.esxAdminsGroup&quot; value and verify it is not set to &quot;ESX Admins&quot;.
+Select the "Config.HostAgent.plugins.hostsvc.esxAdminsGroup" value and verify it is not set to "ESX Admins".
 
 or
 
@@ -11124,303 +10629,292 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup
 
-If the &quot;Config.HostAgent.plugins.hostsvc.esxAdminsGroup&quot; setting is set to &quot;ESX Admins&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "Config.HostAgent.plugins.hostsvc.esxAdminsGroup" setting is set to "ESX Admins", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Config.HostAgent.plugins.hostsvc.esxAdminsGroup&quot; key and configure its value to an appropriate Active Directory group other than &quot;ESX Admins&quot;.
+Click "Edit". Select the "Config.HostAgent.plugins.hostsvc.esxAdminsGroup" key and configure its value to an appropriate Active Directory group other than "ESX Admins".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value &quot;&lt;site specific AD group&gt;&quot;
-
-Note: Changing the group name does not remove the permissions of the previous group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>14594726-bfab-4be0-90ac-b9ce89443696</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-
-The ESXi host 10.186.25.26 is not joined to AD, so this control is not applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000243</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000341-VMM-001220</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000243</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000243</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must configure a persistent log location for all locally stored logs.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXi can be configured to store log files on an in-memory file system. This occurs when the host&#39;s &quot;&#x2F;scratch&quot; directory is linked to &quot;&#x2F;tmp&#x2F;scratch&quot;. When this is done, only a single day&#39;s worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.
+Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value "&lt;site specific AD group&gt;"
+
+Note: Changing the group name does not remove the permissions of the previous group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000241' do\n  title 'The ESXi host must not use the default Active Directory ESX Admin group.'\n  desc  \"\n    When adding ESXi hosts to Active Directory, all user/group accounts assigned to the Active Directory group \\\"ESX Admins\\\" will have full administrative access to the host.\n\n    If this group is not controlled or known to the system administrators, it may be used for inappropriate access to the host. Therefore, the default group must be changed to a site-specific Active Directory group and membership must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For systems that do not use Active Directory, this is not applicable.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" value and verify it is not set to \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup\n\n    If the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" setting is set to \\\"ESX Admins\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Config.HostAgent.plugins.hostsvc.esxAdminsGroup\\\" key and configure its value to an appropriate Active Directory group other than \\\"ESX Admins\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Set-AdvancedSetting -Value \\\"&lt;site specific AD group&gt;\\\"\n\n    Note: Changing the group name does not remove the permissions of the previous group.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000241'\n  tag rid: 'SV-ESXI-80-000241'\n  tag stig_id: 'ESXI-80-000241'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-VMHostAuthentication | Select-Object -ExpandProperty DomainMembershipStatus\"\n      domainstatus = powercli_command(command).stdout\n      if domainstatus.empty?\n        impact 0.0\n        describe '' do\n          skip \"The ESXi host #{vmhost} is not joined to AD, so this control is not applicable.\"\n        end\n      else\n        command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name Config.HostAgent.plugins.hostsvc.esxAdminsGroup | Select-Object -ExpandProperty Value\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should_not cmp 'ESX Admins' }\n          its('stdout.strip') { should cmp \"#{input('adAdminGroup')}\" }\n        end\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST  :: SKIP_MESSAGE The ESXi host 10.186.25.26 is not joined to AD, so this control is not applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000243</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000341-VMM-001220</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000243</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000243</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must configure a persistent log location for all locally stored logs.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXi can be configured to store log files on an in-memory file system. This occurs when the host's "/scratch" directory is linked to "/tmp/scratch". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.
 
 This presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.
 
 Note: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.
 
-If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;Syslog.global.logDir&quot; value and verify it is set to a persistent location.
+Select the "Syslog.global.logDir" value and verify it is set to a persistent location.
 
-If the value of the setting is &quot;[] &#x2F;scratch&#x2F;logs&quot;, verify the advanced setting &quot;ScratchConfig.CurrentScratchLocation&quot; is not set to &quot;&#x2F;tmp&#x2F;scratch&quot;. This is a nonpersistent location.
+If the value of the setting is "[] /scratch/logs", verify the advanced setting "ScratchConfig.CurrentScratchLocation" is not set to "/tmp/scratch". This is a nonpersistent location.
 
-If &quot;Syslog.global.logDir&quot; is not configured to a persistent location, this is a finding.
+If "Syslog.global.logDir" is not configured to a persistent location, this is a finding.
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 $esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent
 
-If the &quot;LocalLogOutputIsPersistent&quot; value is not true, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "LocalLogOutputIsPersistent" value is not true, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;Syslog.global.logDir&quot; value and set it to a known persistent location.
+Click "Edit". Select the "Syslog.global.logDir" value and set it to a known persistent location.
 
 An example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:
 
-&#x2F;vmfs&#x2F;volumes&#x2F;51dda02d-fade5016-8a08-005056171889
+/vmfs/volumes/51dda02d-fade5016-8a08-005056171889
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value &quot;New Log Location&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6866bec5-e9e4-4157-a98b-90ceefbb952d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001849</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000244</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000244</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000244</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must enforce the exclusive running of executables from approved VIBs.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;execInstalledOnly&quot; advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the &quot;execInstalledOnly&quot; option.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value "New Log Location"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000243' do\n  title 'The ESXi host must configure a persistent log location for all locally stored logs.'\n  desc  \"\n    ESXi can be configured to store log files on an in-memory file system. This occurs when the host's \\\"/scratch\\\" directory is linked to \\\"/tmp/scratch\\\". When this is done, only a single day's worth of logs are stored at any time. In addition, log files will be reinitialized upon each reboot.\n\n    This presents a security risk as user activity logged on the host is only stored temporarily and will not persist across reboots. This can also complicate auditing and make it harder to monitor events and diagnose issues. ESXi host logging should always be configured to a persistent datastore.\n\n    Note: Scratch space is configured automatically during installation or first boot of an ESXi host and does not usually need to be configured manually.\n\n    If ESXi is installed on an SD card or USB device, a persistent log location may not be configured upon install as normal.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"Syslog.global.logDir\\\" value and verify it is set to a persistent location.\n\n    If the value of the setting is \\\"[] /scratch/logs\\\", verify the advanced setting \\\"ScratchConfig.CurrentScratchLocation\\\" is not set to \\\"/tmp/scratch\\\". This is a nonpersistent location.\n\n    If \\\"Syslog.global.logDir\\\" is not configured to a persistent location, this is a finding.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.get.Invoke() | Select LocalLogOutput,LocalLogOutputIsPersistent\n\n    If the \\\"LocalLogOutputIsPersistent\\\" value is not true, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"Syslog.global.logDir\\\" value and set it to a known persistent location.\n\n    An example is shown below, where 51dda02d-fade5016-8a08-005056171889 is the UUID of the target datastore:\n\n    /vmfs/volumes/51dda02d-fade5016-8a08-005056171889\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name Syslog.global.logDir | Set-AdvancedSetting -Value \\\"New Log Location\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000341-VMM-001220'\n  tag gid: 'V-ESXI-80-000243'\n  tag rid: 'SV-ESXI-80-000243'\n  tag stig_id: 'ESXI-80-000243'\n  tag cci: ['CCI-001849']\n  tag nist: ['AU-4']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001849</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.get.Invoke() | Select-Object -ExpandProperty LocalLogOutputIsPersistent stdout.strip is expected to cmp == "true"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000244</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000244</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000244</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must enforce the exclusive running of executables from approved VIBs.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "execInstalledOnly" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the "execInstalledOnly" option.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.
 
 From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Select the &quot;VMkernel.Boot.execInstalledOnly&quot; value and verify that it is &quot;true&quot;.
+Select the "VMkernel.Boot.execInstalledOnly" value and verify that it is "true".
 
 or
 
@@ -11428,150 +10922,143 @@ From a PowerCLI command prompt while connected to the ESXi host, run the followi
 
 Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly
 
-If the &quot;VMkernel.Boot.execInstalledOnly&quot; setting is not &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If the "VMkernel.Boot.execInstalledOnly" setting is not "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Hosts and Clusters.
 
 Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.
 
-Click &quot;Edit&quot;. Select the &quot;VMkernel.Boot.execInstalledOnly&quot; value and configure it to &quot;true&quot;.
+Click "Edit". Select the "VMkernel.Boot.execInstalledOnly" value and configure it to "true".
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following command:
 
-Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f55f6156-2a97-41a3-a700-70bb609fb245</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
-
+Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000244' do\n  title 'The ESXi host must enforce the exclusive running of executables from approved VIBs.'\n  desc  'The \"execInstalledOnly\" advanced ESXi boot option, when set to TRUE, guarantees that the VMkernel executes only those binaries that have been packaged as part of a signed VIB. While this option is effective on its own, it can be further enhanced by telling the Secure Boot to check with the TPM to make sure that the boot process does not proceed unless this setting is enabled. This further protects against malicious offline changes to ESXi configuration to disable the \"execInstalledOnly\" option.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the ESXi host does not have a compatible TPM, this finding is downgraded to a CAT III.\n\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and verify that it is \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly\n\n    If the \\\"VMkernel.Boot.execInstalledOnly\\\" setting is not \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Hosts and Clusters.\n\n    Select the ESXi Host &gt;&gt; Configure &gt;&gt; System &gt;&gt; Advanced System Settings.\n\n    Click \\\"Edit\\\". Select the \\\"VMkernel.Boot.execInstalledOnly\\\" value and configure it to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following command:\n\n    Get-VMHost | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Set-AdvancedSetting -Value True\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000244'\n  tag rid: 'SV-ESXI-80-000244'\n  tag stig_id: 'ESXI-80-000244'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"Get-VMHost -Name #{vmhost} | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VMHost -Name 10.186.25.26 | Get-AdvancedSetting -Name VMkernel.Boot.execInstalledOnly | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "true" :: MESSAGE 
 expected: true
      got: False
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000245</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000245</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000245</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must use sufficient entropy for cryptographic operations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000245</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000245</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000245</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must use sufficient entropy for cryptographic operations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.
 
-In computing, the term &quot;entropy&quot; refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.
+In computing, the term "entropy" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.
 
 FIPS entropy handling is the default behavior if the following conditions are true:
 
 -The hardware supports RDSEED.
--The disableHwrng VMkernel boot option isn&#39;t present or is FALSE.
--The entropySources VMkernel boot option isn&#39;t present or is 0 (zero).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+-The disableHwrng VMkernel boot option isn't present or is FALSE.
+-The entropySources VMkernel boot option isn't present or is 0 (zero).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following commands:
 
 # esxcli system settings kernel list -o disableHwrng
@@ -11581,14 +11068,14 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq &quot;disableHwrng&quot; -or $_.Name -eq &quot;entropySources&quot;}
+$esxcli = Get-EsxCli -v2
+$esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq "disableHwrng" -or $_.Name -eq "entropySources"}
 
-If &quot;disableHwrng&quot; is not set to &quot;false&quot;, this is a finding.
-If &quot;entropySources&quot; is not set to &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If "disableHwrng" is not set to "false", this is a finding.
+If "entropySources" is not set to "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following commands:
 
 # esxcli system settings kernel set -s disableHwrng -v FALSE
@@ -11598,136 +11085,130 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.system.settings.kernel.set.CreateArgs()
-$arguments.setting &#x3D; &quot;disableHwrng&quot;
-$arguments.value &#x3D; &quot;FALSE&quot;
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.system.settings.kernel.set.CreateArgs()
+$arguments.setting = "disableHwrng"
+$arguments.value = "FALSE"
 $esxcli.system.settings.kernel.set.invoke($arguments)
-$arguments.setting &#x3D; &quot;entropySources&quot;
-$arguments.value &#x3D; &quot;0&quot;
+$arguments.setting = "entropySources"
+$arguments.value = "0"
 $esxcli.system.settings.kernel.set.invoke($arguments)
 
-Reboot the ESXi host after updating entropy settings.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fc7d215e-1b54-46d5-8a31-6e46faf197a8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq &quot;disableHwrng&quot;} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp &#x3D;&#x3D; &quot;FALSE&quot;
+Reboot the ESXi host after updating entropy settings.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000245' do\n  title 'The ESXi host must use sufficient entropy for cryptographic operations.'\n  desc  \"\n    Starting in vSphere 8.0, the ESXi Entropy implementation supports the FIPS 140-3 and EAL4 certifications. Kernel boot options control which entropy sources to activate on an ESXi host.\n\n    In computing, the term \\\"entropy\\\" refers to random characters and data that are collected for use in cryptography, such as generating encryption keys to secure data transmitted over a network. Entropy is required by security for generating keys and communicating securely over the network. Entropy is often collected from a variety of sources on a system.\n\n    FIPS entropy handling is the default behavior if the following conditions are true:\n\n    -The hardware supports RDSEED.\n    -The disableHwrng VMkernel boot option isn't present or is FALSE.\n    -The entropySources VMkernel boot option isn't present or is 0 (zero).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel list -o disableHwrng\n    # esxcli system settings kernel list -o entropySources\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.settings.kernel.list.invoke() | Where {$_.Name -eq \\\"disableHwrng\\\" -or $_.Name -eq \\\"entropySources\\\"}\n\n    If \\\"disableHwrng\\\" is not set to \\\"false\\\", this is a finding.\n    If \\\"entropySources\\\" is not set to \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following commands:\n\n    # esxcli system settings kernel set -s disableHwrng -v FALSE\n    # esxcli system settings kernel set -s entropySources -v 0\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.settings.kernel.set.CreateArgs()\n    $arguments.setting = \\\"disableHwrng\\\"\n    $arguments.value = \\\"FALSE\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n    $arguments.setting = \\\"entropySources\\\"\n    $arguments.value = \\\"0\\\"\n    $esxcli.system.settings.kernel.set.invoke($arguments)\n\n    Reboot the ESXi host after updating entropy settings.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000245'\n  tag rid: 'SV-ESXI-80-000245'\n  tag stig_id: 'ESXI-80-000245'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"disableHwrng\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'FALSE' }\n      end\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq \\\"entropySources\\\"} | Select-Object -ExpandProperty Configured\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '0' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq "disableHwrng"} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp == "FALSE"
 --------------------------------
-passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq &quot;entropySources&quot;} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp &#x3D;&#x3D; &quot;0&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-ESXI-80-000246</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-ESXI-80-000246</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXI-80-000246</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi host must not enable log filtering.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.settings.kernel.list.invoke()| Where {$_.Name -eq "entropySources"} | Select-Object -ExpandProperty Configured stdout.strip is expected to cmp == "0"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000246</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-ESXI-80-000246</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXI-80-000246</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi host must not enable log filtering.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.
 
-Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
 # esxcli system syslog config logfilter get
@@ -11736,14368 +11217,13711 @@ or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
+$esxcli = Get-EsxCli -v2
 $esxcli.system.syslog.config.logfilter.get.invoke()
 
-If &quot;LogFilteringEnabled&quot; is not set to &quot;false&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+If "LogFilteringEnabled" is not set to "false", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From an ESXi shell, run the following command:
 
-# esxcli system syslog config logfilter set --log-filtering-enabled&#x3D;false
+# esxcli system syslog config logfilter set --log-filtering-enabled=false
 
 or
 
 From a PowerCLI command prompt while connected to the ESXi host, run the following commands:
 
-$esxcli &#x3D; Get-EsxCli -v2
-$arguments &#x3D; $esxcli.system.syslog.config.logfilter.set.CreateArgs()
-$arguments.logfilteringenabled &#x3D; $false
-$esxcli.system.syslog.config.logfilter.set.invoke($arguments)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ea0ef964-c62b-43a8-96fb-7445c3d333d0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: $vmhost &#x3D; Get-VMHost -Name 10.186.25.26; $esxcli &#x3D; Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000189</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must have copy operations disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy&#x2F;paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
-
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
-
-Verify the &quot;isolation.tools.copy.disable&quot; value is set to &quot;true&quot;.
+$esxcli = Get-EsxCli -v2
+$arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()
+$arguments.logfilteringenabled = $false
+$esxcli.system.syslog.config.logfilter.set.invoke($arguments)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'ESXI-80-000246' do\n  title 'The ESXi host must not enable log filtering.'\n  desc  \"\n    The log filtering capability lets you modify the logging policy of the syslog service that is running on an ESXi host. You can create log filters to reduce the number of repetitive entries in the ESXi logs and to deny specific log events entirely.\n\n    Setting a limit to the amount of logging information restricts the ability to detect and respond to potential security issues or system failures properly.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter get\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $esxcli.system.syslog.config.logfilter.get.invoke()\n\n    If \\\"LogFilteringEnabled\\\" is not set to \\\"false\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From an ESXi shell, run the following command:\n\n    # esxcli system syslog config logfilter set --log-filtering-enabled=false\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host, run the following commands:\n\n    $esxcli = Get-EsxCli -v2\n    $arguments = $esxcli.system.syslog.config.logfilter.set.CreateArgs()\n    $arguments.logfilteringenabled = $false\n    $esxcli.system.syslog.config.logfilter.set.invoke($arguments)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-ESXI-80-000246'\n  tag rid: 'SV-ESXI-80-000246'\n  tag stig_id: 'ESXI-80-000246'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmhostName = input('vmhostName')\n  cluster = input('cluster')\n  allhosts = input('allesxi')\n  vmhosts = []\n\n  unless vmhostName.empty?\n    vmhosts = powercli_command(\"Get-VMHost -Name #{vmhostName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless cluster.empty?\n    vmhosts = powercli_command(\"Get-Cluster -Name '#{cluster}' | Get-VMHost | Sort-Object Name | Select -ExpandProperty Name\").stdout.split\n  end\n  unless allhosts == false\n    vmhosts = powercli_command('Get-VMHost | Sort-Object Name | Select -ExpandProperty Name').stdout.split\n  end\n\n  if !vmhosts.empty?\n    vmhosts.each do |vmhost|\n      command = \"$vmhost = Get-VMHost -Name #{vmhost}; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No hosts found!' do\n      skip 'No hosts found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 ESXi STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: $vmhost = Get-VMHost -Name 10.186.25.26; $esxcli = Get-EsxCli -VMHost $vmhost -V2; $esxcli.system.syslog.config.logfilter.get.invoke() | Select-Object -ExpandProperty LogFilteringEnabled stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>1</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+					<SID_DATA>{"hdfSpecificData":{"copyright":"The Authors","maintainer":"The Authors","version":"1.0.1"}}</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>An InSpec Compliance Profile</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>Apache-2.0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000014</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following command:
 
-or
+# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.copy.disable
+# /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2
 
-If the virtual machine advanced setting &quot;isolation.tools.copy.disable&quot; is not set to &quot;true&quot;, this is a finding.
+vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.
 
-If the virtual machine advanced setting &quot;isolation.tools.copy.disable&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+The "--no-restart" flag can be added to restart services at a later time.
+
+Changes will not take effect until all services are restarted or the appliance is rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000009' do\n  title 'The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.'\n  desc  'Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.'\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc scan\n\n    If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following command:\n\n    # /usr/lib/vmware-TlsReconfigurator/VcTlsReconfigurator/reconfigureVc update -p TLSv1.2\n\n    vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.\n\n    The \\\"--no-restart\\\" flag can be added to restart services at a later time.\n\n    Changes will not take effect until all services are restarted or the appliance is rebooted.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000014'\n  tag satisfies: ['SRG-APP-000156', 'SRG-APP-000157', 'SRG-APP-000219', 'SRG-APP-000439', 'SRG-APP-000440', 'SRG-APP-000441', 'SRG-APP-000442', 'SRG-APP-000560', 'SRG-APP-000565', 'SRG-APP-000625', 'SRG-APP-000645']\n  tag gid: 'V-VCSA-80-000009'\n  tag rid: 'SV-VCSA-80-000009'\n  tag stig_id: 'VCSA-80-000009'\n  tag cci: ['CCI-000068', 'CCI-000382', 'CCI-001184', 'CCI-001453', 'CCI-001941', 'CCI-001942', 'CCI-002418', 'CCI-002420', 'CCI-002421', 'CCI-002422', 'CCI-002450']\n  tag nist: ['AC-17 (2)', 'CM-7 b', 'IA-2 (8)', 'IA-2 (9)', 'SC-13', 'SC-23', 'SC-8', 'SC-8 (1)', 'SC-8 (2)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000382</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001184</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001941</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001942</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000065</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000023</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+The following lockout policy should be set as follows:
 
-Find the &quot;isolation.tools.copy.disable&quot; value and set it to &quot;true&quot;.
+Maximum number of failed login attempts: 3
 
-If the setting does not exist no action is needed.
+If this account lockout policy is not configured as stated, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
 
-or
+Click "Edit".
+
+Set the "Maximum number of failed login attempts" to "3" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000023' do\n  title 'The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account. '\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.\n\n    The following lockout policy should be set as follows:\n\n    Maximum number of failed login attempts: 3\n\n    If this account lockout policy is not configured as stated, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Maximum number of failed login attempts\\\" to \\\"3\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000065'\n  tag gid: 'V-VCSA-80-000023'\n  tag rid: 'SV-VCSA-80-000023'\n  tag stig_id: 'VCSA-80-000023'\n  tag cci: ['CCI-000044']\n  tag nist: ['AC-7 a']\n\n  command = '(Get-SsoLockoutPolicy).MaxFailedAttempts'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '3' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-SsoLockoutPolicy).MaxFailedAttempts stdout.strip is expected to cmp == "3" :: MESSAGE 
+expected: 3
+     got: 5
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000068</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000024</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2f8d54a0-78e3-4f4d-86e5-af680e43c44a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000191</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must have drag and drop operations disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy&#x2F;paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:
 
-Verify the &quot;isolation.tools.dnd.disable&quot; value is set to &quot;true&quot;.
+"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
 
-or
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.dnd.disable
+-At any time, the USG may inspect and seize data stored on this IS.
 
-If the virtual machine advanced setting &quot;isolation.tools.dnd.disable&quot; is not set to &quot;true&quot;, this is a finding.
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
 
-If the virtual machine advanced setting &quot;isolation.tools.dnd.disable&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details."
 
-Find the &quot;isolation.tools.dnd.disable&quot; value and set it to &quot;true&quot;.
+Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:
 
-If the setting does not exist no action is needed.
+"I've read (literal ampersand) consent to terms in IS user agreem't."</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Login Message.
 
-or
+If the selection box next to "Show login message" is disabled, "Details of login message" is not configured to the standard DOD User Agreement, or the "Consent checkbox" is disabled, this is a finding.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Note: Refer to vulnerability discussion for user agreement language.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Login Message.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>eb3ef6df-98b2-4d37-a009-4f2f47070761</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must have paste operations disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy&#x2F;paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Click "Edit".
+
+Click the "Show login message" slider to enable.
+
+Configure the "Login message" to "DOD User Agreement".
+
+Click the "Consent checkbox" slider to enable.
+
+Set the "Details of login message" to the Standard Mandatory DOD Notice and Consent Banner text.
+
+Click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000024' do\n  title 'The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.'\n  desc  \"\n    Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.\n\n    System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.\n\n    The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:\n\n    \\\"You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\n\n    By using this IS (which includes any device attached to this IS), you consent to the following conditions:\n\n    -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n\n    -At any time, the USG may inspect and seize data stored on this IS.\n\n    -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n\n    -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n\n    -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.\\\"\n\n    Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:\n\n    \\\"I've read (literal ampersand) consent to terms in IS user agreem't.\\\"\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Login Message.\n\n    If the selection box next to \\\"Show login message\\\" is disabled, \\\"Details of login message\\\" is not configured to the standard DOD User Agreement, or the \\\"Consent checkbox\\\" is disabled, this is a finding.\n\n    Note: Refer to vulnerability discussion for user agreement language.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Login Message.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Show login message\\\" slider to enable.\n\n    Configure the \\\"Login message\\\" to \\\"DOD User Agreement\\\".\n\n    Click the \\\"Consent checkbox\\\" slider to enable.\n\n    Set the \\\"Details of login message\\\" to the Standard Mandatory DOD Notice and Consent Banner text.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000068'\n  tag satisfies: ['SRG-APP-000069', 'SRG-APP-000070']\n  tag gid: 'V-VCSA-80-000024'\n  tag rid: 'SV-VCSA-80-000024'\n  tag stig_id: 'VCSA-80-000024'\n  tag cci: ['CCI-000048', 'CCI-000050', 'CCI-001384']\n  tag nist: ['AC-8 a', 'AC-8 b', 'AC-8 c 1']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000034</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000034</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000034</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must produce audit records containing information to establish what type of events occurred.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-Verify the &quot;isolation.tools.paste.disable&quot; value is set to &quot;true&quot;.
+Verify the "config.log.level" value is set to "info".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
-
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.paste.disable
-
-If the virtual machine advanced setting &quot;isolation.tools.paste.disable&quot; is not set to &quot;true&quot;, this is a finding.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-If the virtual machine advanced setting &quot;isolation.tools.paste.disable&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.log.level and verify it is set to "info".
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+If the "config.log.level" value is not set to "info" or does not exist, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-Find the &quot;isolation.tools.paste.disable&quot; value and set it to &quot;true&quot;.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-If the setting does not exist no action is needed.
+Click "Edit Settings" and configure the "config.log.level" setting to "info".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>abcc7f66-62ea-42c7-9621-3d6bcc40cdb3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must have virtual disk shrinking disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.log.level | Set-AdvancedSetting -Value info</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000034' do\n  title 'The vCenter Server must produce audit records containing information to establish what type of events occurred.'\n  desc  'Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Verify the \\\"config.log.level\\\" value is set to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.log.level and verify it is set to \\\"info\\\".\n\n    If the \\\"config.log.level\\\" value is not set to \\\"info\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.log.level\\\" setting to \\\"info\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.log.level | Set-AdvancedSetting -Value info\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000095'\n  tag gid: 'V-VCSA-80-000034'\n  tag rid: 'SV-VCSA-80-000034'\n  tag stig_id: 'VCSA-80-000034'\n  tag cci: ['CCI-000130']\n  tag nist: ['AU-3']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'info' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "info"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000141</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000057</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter Server plugins must be verified.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.
 
-However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM&#39;s guest operating system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Solutions &gt;&gt; Client Plug-Ins.
 
-Verify the &quot;isolation.tools.diskShrink.disable&quot; value is set to &quot;true&quot;.
+View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.
 
-or
+If any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Solutions &gt;&gt; Client Plug-Ins, click the radio button next to the unknown plug-in, and click "Disable".
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If the plugin will not be needed in the future, proceed to uninstall the plug-in.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable
+To uninstall plug-ins, do the following:
 
-If the virtual machine advanced setting &quot;isolation.tools.diskShrink.disable&quot; is not set to &quot;true&quot;, this is a finding.
+If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:
 
-If the virtual machine advanced setting &quot;isolation.tools.diskShrink.disable&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+In a web browser, navigate to "http://vCenter_Server_name_or_IP/mob", where "vCenter_Server_name_or_IP/mob" is the name of the vCenter Server or its IP address.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Click "Content".
 
-Find the &quot;isolation.tools.diskShrink.disable&quot; value and set it to &quot;true&quot;.
+Click "ExtensionManager".
 
-If the setting does not exist no action is needed.
+Select and copy the name of the plug-in to be removed from the list of values under "Properties".
 
-or
+Click "UnregisterExtension". A new window appears.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Paste the name of the plug-in and click "Invoke Method". This removes the plug-in.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ac54e227-d985-424c-9e6e-968d926df0a1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must have virtual disk wiping disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.
+Close the window.
 
-However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM&#39;s guest operating system.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Note: If the plug-in still appears, restart the vSphere Client.
 
-Verify the &quot;isolation.tools.diskWiper.disable&quot; value is set to &quot;true&quot;.
+Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000057' do\n  title 'vCenter Server plugins must be verified.'\n  desc  \"\n    The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.\n\n    vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.\n\n    Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Solutions &gt;&gt; Client Plug-Ins.\n\n    View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and/or site-specific approved plug-ins.\n\n    If any installed/available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Solutions &gt;&gt; Client Plug-Ins, click the radio button next to the unknown plug-in, and click \\\"Disable\\\".\n\n    If the plugin will not be needed in the future, proceed to uninstall the plug-in.\n\n    To uninstall plug-ins, do the following:\n\n    If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:\n\n    In a web browser, navigate to \\\"http://vCenter_Server_name_or_IP/mob\\\", where \\\"vCenter_Server_name_or_IP/mob\\\" is the name of the vCenter Server or its IP address.\n\n    Click \\\"Content\\\".\n\n    Click \\\"ExtensionManager\\\".\n\n    Select and copy the name of the plug-in to be removed from the list of values under \\\"Properties\\\".\n\n    Click \\\"UnregisterExtension\\\". A new window appears.\n\n    Paste the name of the plug-in and click \\\"Invoke Method\\\". This removes the plug-in.\n\n    Close the window.\n\n    Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.\n\n    Note: If the plug-in still appears, restart the vSphere Client.\n\n    Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000141'\n  tag gid: 'V-VCSA-80-000057'\n  tag rid: 'SV-VCSA-80-000057'\n  tag stig_id: 'VCSA-80-000057'\n  tag cci: ['CCI-000381']\n  tag nist: ['CM-7 a']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000148</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000059</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
 
-or
+Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and
+(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable
+Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
 
-If the virtual machine advanced setting &quot;isolation.tools.diskWiper.disable&quot; is not set to &quot;true&quot;, this is a finding.
+If the identity provider type is "embedded" and there is no identity source of type "Active Directory" (either Windows Integrated Authentication or LDAP), this is a finding.
 
-If the virtual machine advanced setting &quot;isolation.tools.diskWiper.disable&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If the identity provider type is "Microsoft ADFS" or another supported identity provider, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When using the embedded identity provider type, perform the following:
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Identity Sources.
 
-Find the &quot;isolation.tools.diskWiper.disable&quot; value and set it to &quot;true&quot;.
+Click "Add".
 
-If the setting does not exist no action is needed.
+Select either "Active Directory over LDAP" or "Active Directory (Windows Integrated Authentication)" and configure appropriately.
 
-or
+Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Active Directory Domain.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+OR
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a28b16f5-40e0-4df5-8e6b-2e6d80f48864</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must limit console sharing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator&#39;s actions.
-
-Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
 
-Verify the &quot;RemoteDisplay.maxConnections&quot; value is set to &quot;1&quot;.
+Click "Change Identity Provider".
+
+Select "Microsoft ADFS" and click "Next".
+
+Enter the ADFS server information and User and Group details and click "Finish".
+
+For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000059' do\n  title 'The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.'\n  desc  \"\n    To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.\n\n    Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.\n\n    (i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and\n    (ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.\n\n    Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.\n\n    If the identity provider type is \\\"embedded\\\" and there is no identity source of type \\\"Active Directory\\\" (either Windows Integrated Authentication or LDAP), this is a finding.\n\n    If the identity provider type is \\\"Microsoft ADFS\\\" or another supported identity provider, this is NOT a finding.\n  \"\n  desc 'fix', \"\n    When using the embedded identity provider type, perform the following:\n\n    From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Identity Sources.\n\n    Click \\\"Add\\\".\n\n    Select either \\\"Active Directory over LDAP\\\" or \\\"Active Directory (Windows Integrated Authentication)\\\" and configure appropriately.\n\n    Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Active Directory Domain.\n\n    OR\n\n    To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:\n\n    From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.\n\n    Click \\\"Change Identity Provider\\\".\n\n    Select \\\"Microsoft ADFS\\\" and click \\\"Next\\\".\n\n    Enter the ADFS server information and User and Group details and click \\\"Finish\\\".\n\n    For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000148'\n  tag satisfies: ['SRG-APP-000153', 'SRG-APP-000163', 'SRG-APP-000180', 'SRG-APP-000234']\n  tag gid: 'V-VCSA-80-000059'\n  tag rid: 'SV-VCSA-80-000059'\n  tag stig_id: 'VCSA-80-000059'\n  tag cci: ['CCI-000764', 'CCI-000770', 'CCI-000795', 'CCI-000804', 'CCI-001682']\n  tag nist: ['AC-2 (2)', 'IA-2', 'IA-2 (5)', 'IA-4 e', 'IA-8']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000770</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000795</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000804</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001682</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000149</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000060</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must require multifactor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.
 
-or
+Multifactor authentication requires using two or more factors to achieve authentication.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Factors include:
+(i) something a user knows (e.g., password/PIN);
+(ii) something a user has (e.g., cryptographic identification device, token); or
+(iii) something a user is (e.g., biometric).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name RemoteDisplay.maxConnections
+If the embedded identity provider is used, click on "Smart Card Authentication".
 
-If the virtual machine advanced setting &quot;RemoteDisplay.maxConnections&quot; does not exist or is not set to &quot;1&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If the embedded identity provider is used and "Smart Card Authentication" is not enabled, this is a finding.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.
 
-Find the &quot;RemoteDisplay.maxConnections&quot; value and set it to &quot;1&quot;.
+For vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000060' do\n  title 'The vCenter Server must require multifactor authentication.'\n  desc  \"\n    Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.\n\n    Multifactor authentication requires using two or more factors to achieve authentication.\n\n    Factors include:\n    (i) something a user knows (e.g., password/PIN);\n    (ii) something a user has (e.g., cryptographic identification device, token); or\n    (iii) something a user is (e.g., biometric).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.\n\n    If the embedded identity provider is used, click on \\\"Smart Card Authentication\\\".\n\n    If the embedded identity provider is used and \\\"Smart Card Authentication\\\" is not enabled, this is a finding.\n\n    If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.\n  \"\n  desc 'fix', \"\n    To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.\n\n    For vCenter Servers using a third-party identity provider, consult the product's documentation for enabling multifactor authentication.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000149'\n  tag satisfies: ['SRG-APP-000080', 'SRG-APP-000150', 'SRG-APP-000391', 'SRG-APP-000402']\n  tag gid: 'V-VCSA-80-000060'\n  tag rid: 'SV-VCSA-80-000060'\n  tag stig_id: 'VCSA-80-000060'\n  tag cci: ['CCI-000166', 'CCI-000765', 'CCI-000766', 'CCI-001953', 'CCI-002009']\n  tag nist: ['AU-10', 'IA-2 (1)', 'IA-2 (12)', 'IA-2 (2)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    command = '(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled'\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp 'true' }\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000166</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000765</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002009</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: False
 
-If the setting does not exist, add the Name and Value setting at the bottom of screen.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000069</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000164</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000069</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000069</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server passwords must be at least 15 characters in length.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
 
-or
+Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d06e6ea4-2fc3-4ef8-8bd7-39721eefaeda</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-VM: stig vm2 is expected to cmp &#x3D;&#x3D; &quot;1&quot;
+View the value of the "Minimum Length" setting.
 
-expected: 1
-     got: -1
+Minimum Length: 15
 
-(compared using &#x60;cmp&#x60; matcher)
+If the password policy is not configured with a "Minimum Length" policy of "15" or more, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
---------------------------------
-failed
-VM: stigvm1 is expected to cmp &#x3D;&#x3D; &quot;1&quot;
+Click "Edit".
+
+Set the "Minimum Length" to "15" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000069' do\n  title 'The vCenter Server passwords must be at least 15 characters in length.'\n  desc  \"\n    The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.\n\n    Use of more characters in a password helps to exponentially increase the time and/or resources required to compromise the password.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Minimum Length\\\" setting.\n\n    Minimum Length: 15\n\n    If the password policy is not configured with a \\\"Minimum Length\\\" policy of \\\"15\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Minimum Length\\\" to \\\"15\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000164'\n  tag gid: 'V-VCSA-80-000069'\n  tag rid: 'SV-VCSA-80-000069'\n  tag stig_id: 'VCSA-80-000069'\n  tag cci: ['CCI-000205']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLength'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 15 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).MinLength stdout.strip is expected to cmp &gt;= 15 :: MESSAGE 
+expected it to be &gt;= 15
+     got: 8
 
-expected: 1
-     got: -1
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000070</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000165</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000070</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000070</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must prohibit password reuse for a minimum of five generations.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
-(compared using &#x60;cmp&#x60; matcher)
+To meet password policy requirements, passwords must be changed at specific policy-based intervals.
 
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp &#x3D;&#x3D; &quot;1&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp &#x3D;&#x3D; &quot;1&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp &#x3D;&#x3D; &quot;1&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.
+If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+View the value of the "Restrict reuse" setting.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Restrict reuse: Users cannot reuse any previous 5 passwords
 
-Verify the &quot;tools.setinfo.sizeLimit&quot; value is set to &quot;1048576&quot;.
+If the password policy is not configured with a "Restrict reuse" policy of "5" or more, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-or
+Click "Edit".
+
+Set the "Restrict reuse" to "5" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000070' do\n  title 'The vCenter Server must prohibit password reuse for a minimum of five generations.'\n  desc  \"\n    Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    To meet password policy requirements, passwords must be changed at specific policy-based intervals.\n\n    If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Restrict reuse\\\" setting.\n\n    Restrict reuse: Users cannot reuse any previous 5 passwords\n\n    If the password policy is not configured with a \\\"Restrict reuse\\\" policy of \\\"5\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Restrict reuse\\\" to \\\"5\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000165'\n  tag gid: 'V-VCSA-80-000070'\n  tag rid: 'SV-VCSA-80-000070'\n  tag stig_id: 'VCSA-80-000070'\n  tag cci: ['CCI-000200']\n  tag nist: ['IA-5 (1) (e)']\n\n  command = '(Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 5 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount stdout.strip is expected to cmp &gt;= 5</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000071</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000166</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000071</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000071</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one uppercase character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name tools.setinfo.sizeLimit
+View the value of the "Character requirements" setting.
 
-If the virtual machine advanced setting &quot;tools.setinfo.sizeLimit&quot; is not set to &quot;1048576&quot;, this is a finding.
+Character requirements: At least 1 uppercase characters
 
-If the virtual machine advanced setting &quot;tools.setinfo.sizeLimit&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If the password policy is not configured with "Character requirements" policy requiring "1" or more uppercase characters, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Click "Edit".
+
+Set "uppercase characters" to at least "1" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000071' do\n  title 'The vCenter Server passwords must contain at least one uppercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 uppercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more uppercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"uppercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000166'\n  tag gid: 'V-VCSA-80-000071'\n  tag rid: 'SV-VCSA-80-000071'\n  tag stig_id: 'VCSA-80-000071'\n  tag cci: ['CCI-000192']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinUppercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).MinUppercaseCount stdout.strip is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000167</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000072</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one lowercase character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
-Find the &quot;tools.setinfo.sizeLimit&quot; value and set it to &quot;1048576&quot;.
+Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-If the setting does not exist no action is needed.
+View the value of the "Character requirements" setting.
 
-or
+Character requirements: At least 1 lowercase characters
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If the password policy is not configured with "Character requirements" policy requiring "1" or more lowercase characters, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f202ef80-166e-46ce-9744-afc43e0b206c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.
+Click "Edit".
+
+Set "lowercase characters" to at least "1" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000072' do\n  title 'The vCenter Server passwords must contain at least one lowercase character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 lowercase characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more lowercase characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"lowercase characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000167'\n  tag gid: 'V-VCSA-80-000072'\n  tag rid: 'SV-VCSA-80-000072'\n  tag stig_id: 'VCSA-80-000072'\n  tag cci: ['CCI-000193']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinLowercaseCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).MinLowercaseCount stdout.strip is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000073</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000168</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000073</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000073</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one numeric character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
-By default, a rogue user with nonadministrator privileges in a virtual machine can:
+Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.
-2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.
-3. Modify settings on a device.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+View the value of the "Character requirements" setting.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Character requirements: At least 1 numeric characters
 
-Verify the &quot;isolation.device.connectable.disable&quot; value is set to &quot;true&quot;.
+If the password policy is not configured with "Character requirements" policy requiring "1" or more numeric characters, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-or
+Click "Edit".
+
+Set "numeric characters" to at least "1" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000073' do\n  title 'The vCenter Server passwords must contain at least one numeric character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 numeric characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more numeric characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"numeric characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000168'\n  tag gid: 'V-VCSA-80-000073'\n  tag rid: 'SV-VCSA-80-000073'\n  tag stig_id: 'VCSA-80-000073'\n  tag cci: ['CCI-000194']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinNumericCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).MinNumericCount stdout.strip is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000074</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000169</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000074</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000074</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one special character.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.device.connectable.disable
+Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-If the virtual machine advanced setting &quot;isolation.device.connectable.disable&quot; is not set to &quot;true&quot;, this is a finding.
+View the value of the "Character requirements" setting.
 
-If the virtual machine advanced setting &quot;isolation.device.connectable.disable&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Character requirements: At least 1 special characters
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+If the password policy is not configured with "Character requirements" policy requiring "1" or more special characters, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-Find the &quot;isolation.device.connectable.disable&quot; value and set it to &quot;true&quot;.
+Click "Edit".
+
+Set "special characters" to at least "1" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000074' do\n  title 'The vCenter Server passwords must contain at least one special character.'\n  desc  \"\n    Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.\n\n    Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.\n\n    Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Character requirements\\\" setting.\n\n    Character requirements: At least 1 special characters\n\n    If the password policy is not configured with \\\"Character requirements\\\" policy requiring \\\"1\\\" or more special characters, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"special characters\\\" to at least \\\"1\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000169'\n  tag gid: 'V-VCSA-80-000074'\n  tag rid: 'SV-VCSA-80-000074'\n  tag stig_id: 'VCSA-80-000074'\n  tag cci: ['CCI-001619']\n  tag nist: ['IA-5 (1) (a)']\n\n  command = '(Get-SsoPasswordPolicy).MinSpecialCharCount'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 1 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).MinSpecialCharCount stdout.strip is expected to cmp &gt;= 1</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000077</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must enable FIPS-validated cryptography.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.
 
-If the setting does not exist no action is needed.
+In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).
 
-or
+vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Web Client, go to Developer Center &gt;&gt; API Explorer.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From the "Select API" drop-down menu, select appliance.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>05a671c3-bd64-4f3d-af26-f556c46d8cff</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000198</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must not be able to obtain host information from the hypervisor.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Expand system/security/global_fips &gt;&gt; GET.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Click "Execute" and then "Copy Response" to view the results.
+
+Example response:
 
-Verify the &quot;tools.guestlib.enableHostInfo&quot; value is set to &quot;false&quot;.
+{
+    "enabled": true
+}
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo
+Invoke-GetSystemGlobalFips
 
-If the virtual machine advanced setting &quot;tools.guestlib.enableHostInfo&quot; is not set to &quot;false&quot;, this is a finding.
+If global FIPS mode is not enabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Web Client go to Developer Center &gt;&gt; API Explorer.
 
-If the virtual machine advanced setting &quot;tools.guestlib.enableHostInfo&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+From the "Select API" drop-down menu, select appliance.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Expand system/security/global_fips &gt;&gt; PUT.
 
-Find the &quot;tools.guestlib.enableHostInfo&quot; value and set it to &quot;false&quot;.
+In the response body under "Try it out" paste the following:
 
-If the setting does not exist no action is needed.
+{
+    "enabled": true
+}
+
+Click "Execute".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>08047089-ea83-4c99-b554-5d6f39b0887d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must have shared salt values disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When salting is enabled (Mem.ShareForceSalting&#x3D;1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine&#39;s advanced settings with the new option &quot;sched.mem.pshare.salt&quot;.
-
-If this option is not present in the virtual machine&#39;s advanced settings, the value of the &quot;vc.uuid&quot; option is taken as the default value. Because the &quot;vc.uuid&quot; is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+$spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec
+
+Note: The vCenter server reboots after FIPS is enabled or disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000077' do\n  title 'The vCenter Server must enable FIPS-validated cryptography.'\n  desc  \"\n    FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.\n\n    In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).\n\n    vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Web Client, go to Developer Center &gt;&gt; API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips &gt;&gt; GET.\n\n    Click \\\"Execute\\\" and then \\\"Copy Response\\\" to view the results.\n\n    Example response:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Invoke-GetSystemGlobalFips\n\n    If global FIPS mode is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Web Client go to Developer Center &gt;&gt; API Explorer.\n\n    From the \\\"Select API\\\" drop-down menu, select appliance.\n\n    Expand system/security/global_fips &gt;&gt; PUT.\n\n    In the response body under \\\"Try it out\\\" paste the following:\n\n    {\n        \\\"enabled\\\": true\n    }\n\n    Click \\\"Execute\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $spec = Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec\n\n    Note: The vCenter server reboots after FIPS is enabled or disabled.\n  \"\n  impact 0.7\n  tag severity: 'high'\n  tag gtitle: 'SRG-APP-000172'\n  tag satisfies: ['SRG-APP-000179', 'SRG-APP-000224', 'SRG-APP-000231', 'SRG-APP-000412', 'SRG-APP-000514', 'SRG-APP-000555', 'SRG-APP-000600', 'SRG-APP-000610', 'SRG-APP-000620', 'SRG-APP-000630', 'SRG-APP-000635']\n  tag gid: 'V-VCSA-80-000077'\n  tag rid: 'SV-VCSA-80-000077'\n  tag stig_id: 'VCSA-80-000077'\n  tag cci: ['CCI-000197', 'CCI-000803', 'CCI-001188', 'CCI-001199', 'CCI-001967', 'CCI-002450', 'CCI-003123']\n  tag nist: ['IA-3 (1)', 'IA-5 (1) (c)', 'IA-7', 'MA-4 (6)', 'SC-13', 'SC-23 (3)', 'SC-28']\n\n  command = 'Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'True' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000803</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001188</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-003123</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled stdout.strip is expected to cmp == "True" :: MESSAGE 
+expected: True
+     got: False
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000079</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000174</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000079</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000079</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must enforce a 90-day maximum password lifetime restriction.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.
 
-Verify the &quot;sched.mem.pshare.salt&quot; setting does not exist.
+One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.
 
-or
+This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+View the value of the "Maximum lifetime" setting.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name sched.mem.pshare.salt
+Maximum lifetime: Password must be changed every 90 days
 
-If the virtual machine advanced setting &quot;sched.mem.pshare.salt&quot; exists, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If the password policy is not configured with "Maximum lifetime" policy of "90" or less, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Click "Edit".
+
+Set "Maximum lifetime" to "90" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000079' do\n  title 'The vCenter Server must enforce a 90-day maximum password lifetime restriction.'\n  desc  \"\n    Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.\n\n    One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and/or application passwords could be compromised.\n\n    This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    View the value of the \\\"Maximum lifetime\\\" setting.\n\n    Maximum lifetime: Password must be changed every 90 days\n\n    If the password policy is not configured with \\\"Maximum lifetime\\\" policy of \\\"90\\\" or less, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.\n\n    Click \\\"Edit\\\".\n\n    Set \\\"Maximum lifetime\\\" to \\\"90\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000174'\n  tag gid: 'V-VCSA-80-000079'\n  tag rid: 'SV-VCSA-80-000079'\n  tag stig_id: 'VCSA-80-000079'\n  tag cci: ['CCI-000199']\n  tag nist: ['IA-5 (1) (d)']\n\n  command = '(Get-SsoPasswordPolicy).PasswordLifetimeDays'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &lt;= 90 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoPasswordPolicy).PasswordLifetimeDays stdout.strip is expected to cmp &lt;= 90</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000080</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000175</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000080</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000080</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must enable revocation checking for certificate-based authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.
 
-Delete the &quot;sched.mem.pshare.salt&quot; setting.
+From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
 
-or
+Under Smart card authentication settings &gt;&gt; Certificate revocation, verify "Revocation check" does not show as disabled.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If "Revocation check" shows as disabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>659a1794-e864-4886-9ca5-a3bb90a5a465</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must disable access through the &quot;dvfilter&quot; network Application Programming Interface (API).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>An attacker might compromise a VM by using the &quot;dvFilter&quot; API. Configure only VMs that need this access to use the API.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Under Smart card authentication settings &gt;&gt; Certificate revocation, click the "Edit" button.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Configure revocation checking per site requirements. OCSP with CRL failover is recommended.
 
-Verify the settings with the format &quot;ethernet*.filter*.name&quot; do not exist.
+By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000080' do\n  title 'The vCenter Server must enable revocation checking for certificate-based authentication.'\n  desc  'The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and/or Certificate Revocation List (CRL) revocation checking.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.\n\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.\n\n    Under Smart card authentication settings &gt;&gt; Certificate revocation, verify \\\"Revocation check\\\" does not show as disabled.\n\n    If \\\"Revocation check\\\" shows as disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.\n\n    Under Smart card authentication settings &gt;&gt; Certificate revocation, click the \\\"Edit\\\" button.\n\n    Configure revocation checking per site requirements. OCSP with CRL failover is recommended.\n\n    By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000175'\n  tag satisfies: ['SRG-APP-000392', 'SRG-APP-000401', 'SRG-APP-000403']\n  tag gid: 'V-VCSA-80-000080'\n  tag rid: 'SV-VCSA-80-000080'\n  tag stig_id: 'VCSA-80-000080'\n  tag cci: ['CCI-000185', 'CCI-001954', 'CCI-001991', 'CCI-002010']\n  tag nist: ['IA-2 (12)', 'IA-5 (2) (a)', 'IA-5 (2) (d)', 'IA-8 (1)']\n\n  if input('embeddedIdp')\n    describe.one do\n      describe powercli_command('(Get-SsoAuthenticationPolicy).OCSPEnabled') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).UseInCertCRL') do\n        its('stdout.strip') { should cmp 'true' }\n      end\n      describe powercli_command('(Get-SsoAuthenticationPolicy).CRLUrl') do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    end\n  else\n    describe 'This check is a manual or policy based check and must be reviewed manually.' do\n      skip 'This check is a manual or policy based check and must be reviewed manually.'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000185</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001991</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002010</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-SsoAuthenticationPolicy).UseInCertCRL stdout.strip is expected to cmp == "true"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000089</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000190</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000089</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000089</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Client Configuration.
 
-or
+View the value of the "Session timeout" setting.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If the "Session timeout" is not set to "15 minute(s)" or less this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Client Configuration.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name &quot;ethernet*.filter*.name*&quot;
+Click "Edit" and enter "15" minutes into the "Session timeout" setting. Click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000089' do\n  title 'The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.'\n  desc  'Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Client Configuration.\n\n    View the value of the \\\"Session timeout\\\" setting.\n\n    If the \\\"Session timeout\\\" is not set to \\\"15 minute(s)\\\" or less this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Client Configuration.\n\n    Click \\\"Edit\\\" and enter \\\"15\\\" minutes into the \\\"Session timeout\\\" setting. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000190'\n  tag satisfies: ['SRG-APP-000295', 'SRG-APP-000389']\n  tag gid: 'V-VCSA-80-000089'\n  tag rid: 'SV-VCSA-80-000089'\n  tag stig_id: 'VCSA-80-000089'\n  tag cci: ['CCI-001133', 'CCI-002038', 'CCI-002361']\n  tag nist: ['AC-12', 'IA-11', 'SC-10']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server user roles must be verified.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-If the virtual machine advanced setting &quot;ethernet*.filter*.name&quot; exists and dvfilters are not in use, this is a finding.
+View each role and verify the users and/or groups assigned to it by clicking on "Usage".
 
-If the virtual machine advanced setting &quot;ethernet*.filter*.name&quot; exists and the value is not valid, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+or
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Look for settings with the format &quot;ethernet*.filter*.name&quot;.
+Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto
 
-Ensure only required VMs use this setting.
+Application service account and user required privileges should be documented.
 
-or
+If any user or service account has more privileges than required, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To update a user's or group's permissions to an existing role with reduced permissions, do the following:
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Global Permissions.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting
-
-Note: Change the X and Y values to match the specific setting in the organization&#39;s environment.
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3aefe941-2dd2-46cd-a652-0f6b03dc9eb2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000201</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must be configured to lock when the last console connection is closed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Select the user or group, click the pencil button, change the assigned role, and click "OK".
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; VMware Remote Console Options.
+Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).
 
-Verify the option &quot;Lock the guest operating system when the last remote user disconnects&quot; is checked.
+To create a new role with reduced permissions, do the following:
 
-or
+From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Click the green plus sign and enter a name for the role and select only the specific permissions required.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name tools.guest.desktop.autolock
+Users can then be assigned to the newly created role.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000095' do\n  title 'The vCenter Server user roles must be verified.'\n  desc  'Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    View each role and verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    Application service account and user required privileges should be documented.\n\n    If any user or service account has more privileges than required, this is a finding.\n  \"\n  desc 'fix', \"\n    To update a user's or group's permissions to an existing role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Global Permissions.\n\n    Select the user or group, click the pencil button, change the assigned role, and click \\\"OK\\\".\n\n    Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).\n\n    To create a new role with reduced permissions, do the following:\n\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    Click the green plus sign and enter a name for the role and select only the specific permissions required.\n\n    Users can then be assigned to the newly created role.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000211'\n  tag satisfies: ['SRG-APP-000233', 'SRG-APP-000380']\n  tag gid: 'V-VCSA-80-000095'\n  tag rid: 'SV-VCSA-80-000095'\n  tag stig_id: 'VCSA-80-000095'\n  tag cci: ['CCI-001082', 'CCI-001084', 'CCI-001813']\n  tag nist: ['CM-5 (1)', 'SC-2', 'SC-3']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001082</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001084</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000247</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000110</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
 
-If the virtual machine advanced setting &quot;tools.guest.desktop.autolock&quot; is not set to &quot;true&quot;, this is a finding.
+Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-If the virtual machine advanced setting &quot;tools.guest.desktop.autolock&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+From the vSphere Client, go to Networking.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; VMware Remote Console Options.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Check the box next to &quot;Lock the guest operating system when the last remote user disconnects&quot;. Click &quot;OK&quot;.
+View the "Properties" pane and verify "Network I/O Control" is "Enabled".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>09ff2ed2-62d3-4362-95dd-374d15d5d442</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp &#x3D;&#x3D; &quot;true&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp &#x3D;&#x3D; &quot;true&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp &#x3D;&#x3D; &quot;true&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000202</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000202</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000202</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must disable 3D features when not required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Get-VDSwitch | select Name,@{N="NIOC Enabled";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.
+If "Network I/O Control" is disabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Networking.
 
-Expand the &quot;Video card&quot; and verify the &quot;Enable 3D Support&quot; checkbox is unchecked.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+
+In the "Properties" pane, click "Edit". Change "Network I/O Control" to "Enabled". Click "OK".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name mks.enable3d
+(Get-VDSwitch "VDSwitch Name" | Get-View).EnableNetworkResourceManagement($true)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000110' do\n  title 'The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC).'\n  desc  \"\n    DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.\n\n    Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    View the \\\"Properties\\\" pane and verify \\\"Network I/O Control\\\" is \\\"Enabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NIOC Enabled\\\";E={$_.ExtensionData.config.NetworkResourceManagementEnabled}}\n\n    If \\\"Network I/O Control\\\" is disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Networking.\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    In the \\\"Properties\\\" pane, click \\\"Edit\\\". Change \\\"Network I/O Control\\\" to \\\"Enabled\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDSwitch \\\"VDSwitch Name\\\" | Get-View).EnableNetworkResourceManagement($true)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000247'\n  tag gid: 'V-VCSA-80-000110'\n  tag rid: 'SV-VCSA-80-000110'\n  tag stig_id: 'VCSA-80-000110'\n  tag cci: ['CCI-001095']\n  tag nist: ['SC-5 (2)']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.NetworkResourceManagementEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001095</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 1").ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: False
 
-If the virtual machine advanced setting &quot;mks.enable3d&quot; exists and is not set to &quot;false&quot;, this is a finding.
+(compared using `cmp` matcher)
 
-If the virtual machine advanced setting &quot;mks.enable3d&quot; does not exist, this is not a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+--------------------------------
+failed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 2").ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: False
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000123</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000291</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000123</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000123</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.
 
-Expand the &quot;Video card&quot; and uncheck the &quot;Enable 3D Support&quot; checkbox.
+To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the "com.vmware.sso.PrincipalManagement" event ID and configure the alert mechanisms appropriately.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Security &gt;&gt; Alarm Definitions.
+
+Verify there is an alarm created to alert upon all SSO account actions.
 
-Click &quot;OK&quot;.
+The alarm name may vary, but it is suggested to name it "SSO account actions - com.vmware.sso.PrincipalManagement".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value &quot;false&quot;
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>faa7ca2d-1d0f-4050-a233-1fa668a277d0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000203</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must enable encryption for vMotion.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.
+Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq "com.vmware.sso.PrincipalManagement"} | Select Name,Enabled,@{N="EventTypeId";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}
 
-vSphere enables encrypted vMotion by default as &quot;Opportunistic&quot;, meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.
+If an alarm is not created to alert on SSO account actions, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to &quot;Required&quot;, vMotions to unsupported hosts will fail. This must be set to &quot;Opportunistic&quot; or &quot;Required&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Security &gt;&gt; Alarm Definitions.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
+Click "Add".
 
-or
+Provide the alarm name of "SSO account actions - com.vmware.sso.PrincipalManagement" and an optional description.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From the "Target type" dropdown menu, select "vCenter Server".
 
-Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq &quot;disabled&quot;)}
+Click "Next".
 
-If the &quot;Encrypted vMotion&quot; setting does not have a value of &quot;Opportunistic&quot; or &quot;Required&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Paste "com.vmware.sso.PrincipalManagement" (without quotes) in the line after "IF" and press "Enter".
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
+Next to "Trigger the alarm and", select "Show as Warning".
 
-For &quot;Encrypted vMotion&quot; set the value to &quot;Opportunistic&quot; or &quot;Required&quot;. Click &quot;OK&quot;.
+Configure the desired notification actions that will inform the SA and ISSO of the event.
 
-or
+Click "Next". Click "Next" again. Click "Create".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000123' do\n  title 'The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.'\n  desc  \"\n    Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.\n\n    To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the \\\"com.vmware.sso.PrincipalManagement\\\" event ID and configure the alert mechanisms appropriately.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Security &gt;&gt; Alarm Definitions.\n\n    Verify there is an alarm created to alert upon all SSO account actions.\n\n    The alarm name may vary, but it is suggested to name it \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \\\"com.vmware.sso.PrincipalManagement\\\"} | Select Name,Enabled,@{N=\\\"EventTypeId\\\";E={$_.ExtensionData.Info.Expression.Expression.EventTypeId}}\n\n    If an alarm is not created to alert on SSO account actions, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Security &gt;&gt; Alarm Definitions.\n\n    Click \\\"Add\\\".\n\n    Provide the alarm name of \\\"SSO account actions - com.vmware.sso.PrincipalManagement\\\" and an optional description.\n\n    From the \\\"Target type\\\" dropdown menu, select \\\"vCenter Server\\\".\n\n    Click \\\"Next\\\".\n\n    Paste \\\"com.vmware.sso.PrincipalManagement\\\" (without quotes) in the line after \\\"IF\\\" and press \\\"Enter\\\".\n\n    Next to \\\"Trigger the alarm and\\\", select \\\"Show as Warning\\\".\n\n    Configure the desired notification actions that will inform the SA and ISSO of the event.\n\n    Click \\\"Next\\\". Click \\\"Next\\\" again. Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000291'\n  tag satisfies: ['SRG-APP-000292', 'SRG-APP-000293', 'SRG-APP-000294', 'SRG-APP-000320']\n  tag gid: 'V-VCSA-80-000123'\n  tag rid: 'SV-VCSA-80-000123'\n  tag stig_id: 'VCSA-80-000123'\n  tag cci: ['CCI-001683', 'CCI-001684', 'CCI-001685', 'CCI-001686', 'CCI-002132']\n  tag nist: ['AC-2 (4)']\n\n  command = 'Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq \"com.vmware.sso.PrincipalManagement\"} | Select-Object -ExpandProperty Enabled'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001683</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001684</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001685</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001686</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002132</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq "com.vmware.sso.PrincipalManagement"} | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: 
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000345</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000145</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
 
-$spec &#x3D; New-Object VMware.Vim.VirtualMachineConfigSpec
-$spec.MigrateEncryption &#x3D; New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes
-$spec.MigrateEncryption &#x3D; $true
-(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4f4cf11d-de32-491c-bcc7-c078f9fbce58</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be in &quot;opportunistic&quot; and &quot;required&quot;
---------------------------------
-passed
-VM: stigvm1 is expected to be in &quot;opportunistic&quot; and &quot;required&quot;
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in &quot;opportunistic&quot; and &quot;required&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in &quot;opportunistic&quot; and &quot;required&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in &quot;opportunistic&quot; and &quot;required&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000204</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000204</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000204</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must enable encryption for Fault Tolerance.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine&#39;s memory or CPU instructions.
+View the value of the "Time interval between failures" setting.
 
-vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.
+Time interval between failures: 900 seconds
 
-When Fault Tolerance is turned on, FT encryption is set to &quot;Opportunistic&quot; by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.
+If the lockout policy is not configured with "Time interval between failures" policy of "900" or more, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
 
-For each virtual machine do the following:
+Click "Edit".
+
+Set the "Time interval between failures" to "900" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000145' do\n  title 'The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.'\n  desc  'By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.\n\n    View the value of the \\\"Time interval between failures\\\" setting.\n\n    Time interval between failures: 900 seconds\n\n    If the lockout policy is not configured with \\\"Time interval between failures\\\" policy of \\\"900\\\" or more, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Time interval between failures\\\" to \\\"900\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000145'\n  tag rid: 'SV-VCSA-80-000145'\n  tag stig_id: 'VCSA-80-000145'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).FailedAttemptIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= 900 }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-SsoLockoutPolicy).FailedAttemptIntervalSec stdout.strip is expected to cmp &gt;= 900 :: MESSAGE 
+expected it to be &gt;= 900
+     got: 180
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000148</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000358</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000148</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000148</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must be configured to send logs to a central log server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.
+
+Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
+
+Select "Syslog" on the left navigation pane.
+
+On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as "Reachable".
+
+If no valid syslog collector is configured or if the collector is not listed as "Reachable", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Open the VAMI by navigating to https://&lt;vCenter server&gt;:5480.
+
+Log in with local operating system administrative credentials or with an SSO account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
+
+Select "Syslog" on the left navigation pane.
+
+On the resulting pane on the right, click "Edit" or "Configure".
 
-or
+Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.
 
-Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne &quot;ftEncryptionOpportunistic&quot;) -and ($_.ExtensionData.Config.FtEncryptionMode -ne &quot;ftEncryptionRequired&quot;)}
+Click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000148' do\n  title 'The vCenter Server must be configured to send logs to a central log server.'\n  desc  'vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as \\\"Reachable\\\".\n\n    If no valid syslog collector is configured or if the collector is not listed as \\\"Reachable\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Syslog\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" or \\\"Configure\\\".\n\n    Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.\n\n    User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000148'\n  tag rid: 'SV-VCSA-80-000148'\n  tag stig_id: 'VCSA-80-000148'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Invoke-GetLoggingForwarding | Select-Object -ExpandProperty hostname'\n  logservers = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if logservers.empty?\n    describe \"No log servers configured: #{logservers}\" do\n      subject { logservers }\n      it { should_not be_empty }\n    end\n  else\n    logservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('syslogServers') }\n      end\n    end\n    logserverstatuscommand = 'Invoke-TestLoggingForwarding | Select-Object -ExpandProperty state'\n    logserverstatus = powercli_command(logserverstatuscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    logserverstatus.each do |status|\n      describe status do\n        subject { status }\n        it { should cmp 'UP' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST No log servers configured: [] is expected not to be empty :: MESSAGE expected `[].empty?` to be falsey, got true</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000360</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000150</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.
 
-If the &quot;Encrypted FT&quot; setting does not have a value of &quot;Opportunistic&quot; or &quot;Required&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
+If there are no AO-defined events, this is not a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000150' do\n  title 'The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.'\n  desc  \"\n    It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.\n\n    Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.\n\n    If there are no AO-defined events, this is not a finding.\n  \"\n  desc 'fix', 'Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000360'\n  tag satisfies: ['SRG-APP-000379', 'SRG-APP-000510']\n  tag gid: 'V-VCSA-80-000150'\n  tag rid: 'SV-VCSA-80-000150'\n  tag stig_id: 'VCSA-80-000150'\n  tag cci: ['CCI-000172', 'CCI-001744', 'CCI-001858']\n  tag nist: ['AU-12 c', 'AU-5 (2)', 'CM-3 (5)']\n\n  describe 'This check is a manual or policy based check' do\n    skip 'This must be reviewed manually'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001858</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check :: SKIP_MESSAGE This must be reviewed manually</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000158</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000371</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000158</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000158</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.
 
-For &quot;Encrypted FT&quot; set the value to &quot;Opportunistic&quot; or &quot;Required&quot;. Click &quot;OK&quot;.
+Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.
+
+Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
+
+Select "Time" on the left navigation pane.
+
+On the resulting pane on the right, verify at least one authorized time server is configured and is listed as "Reachable".
+
+If "NTP" is not enabled and at least one authorized time server configured, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Open the VAMI by navigating to https://&lt;vCenter server&gt;:5480.
+
+Log in with local operating system administrative credentials or with an SSO account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
+
+Select "Time" on the left navigation pane.
+
+On the resulting pane on the right, click "Edit" under "Time Synchronization".
+
+Select "NTP" for "Mode" and enter a list of authorized time servers separated by commas. Click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000158' do\n  title 'The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.'\n  desc  \"\n    Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.\n\n    Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify at least one authorized time server is configured and is listed as \\\"Reachable\\\".\n\n    If \\\"NTP\\\" is not enabled and at least one authorized time server configured, this is a finding.\n  \"\n  desc 'fix', \"\n    Open the VAMI by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Time\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Edit\\\" under \\\"Time Synchronization\\\".\n\n    Select \\\"NTP\\\" for \\\"Mode\\\" and enter a list of authorized time servers separated by commas. Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000371'\n  tag gid: 'V-VCSA-80-000158'\n  tag rid: 'SV-VCSA-80-000158'\n  tag stig_id: 'VCSA-80-000158'\n  tag cci: ['CCI-001891']\n  tag nist: ['AU-8 (1) (a)']\n\n  command = 'Invoke-GetTimesync'\n  timesync = powercli_command(command).stdout.strip\n\n  if timesync == 'NTP'\n    ntpserverscommand = 'Invoke-GetNtp'\n    ntpservers = powercli_command(ntpserverscommand).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n    ntpservers.each do |server|\n      describe server do\n        subject { server }\n        it { should be_in input('ntpServers') }\n      end\n      ntpstatuscommand = \"Initialize-NtpTestRequestBody -Servers #{server} | Invoke-TestNtp | Select-Object -ExpandProperty status\"\n      ntpstatus = powercli_command(ntpstatuscommand).stdout.strip\n      describe ntpstatus do\n        subject { ntpstatus }\n        it { should cmp 'SERVER_REACHABLE' }\n      end\n    end\n  else\n    describe \"Timesync Configuration: #{timesync}\" do\n      subject { timesync }\n      it { should cmp 'NTP' }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST Timesync Configuration: HOST is expected to cmp == "NTP" :: MESSAGE 
+expected: NTP
+     got: HOST
 
-or
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000427</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
+The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.
 
-$spec &#x3D; New-Object VMware.Vim.VirtualMachineConfigSpec
-$spec.FTEncryption &#x3D; New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes
-$spec.FT &#x3D; ftEncryptionOpportunistic or ftEncryptionRequired
-(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d62cd526-5d92-495e-9c4f-5e2bb4fa3423</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be in &quot;ftEncryptionOpportunistic&quot; and &quot;ftEncryptionRequired&quot;
---------------------------------
-passed
-VM: stigvm1 is expected to be in &quot;ftEncryptionOpportunistic&quot; and &quot;ftEncryptionRequired&quot;
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in &quot;ftEncryptionOpportunistic&quot; and &quot;ftEncryptionRequired&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in &quot;ftEncryptionOpportunistic&quot; and &quot;ftEncryptionRequired&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in &quot;ftEncryptionOpportunistic&quot; and &quot;ftEncryptionRequired&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must configure log size.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.
+The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Certificates &gt;&gt; Certificate Management &gt;&gt; Machine SSL Certificate.
 
-By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Click "View Details" and examine the "Issuer Information" block.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+If the issuer specified is not a DOD approved certificate authority, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:
 
-Verify the &quot;log.rotateSize&quot; value is set to &quot;2048000&quot;.
+Key size: 2048 bits or more (PEM encoded)
+CRT format (Base-64)
+x509 version 3
+SubjectAltName must contain DNS Name=&lt;machine_FQDN&gt;
+Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment
 
-or
+Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the ".cer" extension.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From the vSphere Client, go to Administration &gt;&gt; Certificates &gt;&gt; Certificate Management &gt;&gt; Machine SSL Certificate.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name log.rotateSize
+Click Actions &gt;&gt; Import and Replace Certificate.
 
-If the virtual machine advanced setting &quot;log.rotateSize&quot; is not set to &quot;2048000&quot;, this is a finding.
+Select the "Replace with external CA certificate" radio button and click "Next".
 
-If the virtual machine advanced setting &quot;log.rotateSize&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Supply the CA-issued certificate , the exported roots file, and the private key.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Click "Replace".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000195' do\n  title 'The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.'\n  desc  \"\n    Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.\n\n    The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.\n\n    The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Certificates &gt;&gt; Certificate Management &gt;&gt; Machine SSL Certificate.\n\n    Click \\\"View Details\\\" and examine the \\\"Issuer Information\\\" block.\n\n    If the issuer specified is not a DOD approved certificate authority, this is a finding.\n  \"\n  desc 'fix', \"\n    Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:\n\n    Key size: 2048 bits or more (PEM encoded)\n    CRT format (Base-64)\n    x509 version 3\n    SubjectAltName must contain DNS Name=&lt;machine_FQDN&gt;\n    Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment\n\n    Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the \\\".cer\\\" extension.\n\n    From the vSphere Client, go to Administration &gt;&gt; Certificates &gt;&gt; Certificate Management &gt;&gt; Machine SSL Certificate.\n\n    Click Actions &gt;&gt; Import and Replace Certificate.\n\n    Select the \\\"Replace with external CA certificate\\\" radio button and click \\\"Next\\\".\n\n    Supply the CA-issued certificate , the exported roots file, and the private key.\n\n    Click \\\"Replace\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000427'\n  tag gid: 'V-VCSA-80-000195'\n  tag rid: 'SV-VCSA-80-000195'\n  tag stig_id: 'VCSA-80-000195'\n  tag cci: ['CCI-002470']\n  tag nist: ['SC-23 (5)']\n\n  vcenter = powercli_command('$global:DefaultViServers.Name').stdout.strip\n  describe ssl_certificate(host: \"#{vcenter}\", port: 443) do\n    its('issuer_organization') { should cmp 'U.S. Government' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002470</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST ssl_certificate for '10.186.30.81' issuer_organization is expected to cmp == "U.S. Government" :: MESSAGE 
+expected: U.S. Government
+     got: sc2-10-186-30-81.eng.vmware.com
 
-Find the &quot;log.rotateSize&quot; value and set it to &quot;2048000&quot;.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000428</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must enable data at rest encryption for vSAN.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Applications handling data requiring "data at rest" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.
 
-If the setting does not exist no action is needed.
+Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.
+
+vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
+
+From the vSphere Client, go to Host and Clusters.
+
+Select the vCenter Server &gt;&gt; Select the cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
+
+Review the "Data-at-rest encryption" status.
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>4554aa41-fff8-48b3-874b-01dc7222f8b8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp &#x3D;&#x3D; &quot;2048000&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp &#x3D;&#x3D; &quot;2048000&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp &#x3D;&#x3D; &quot;2048000&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000206</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000206</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000206</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must configure log retention.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.
+Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled
 
-By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If "Data-At-Rest encryption" is not enabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+Select the vCenter Server &gt;&gt; Select the target cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
 
-Verify the &quot;log.keepOld&quot; value is set to &quot;10&quot;.
+Click "Edit".
+
+Enable "Data-At-Rest encryption" and select a pre-configured key provider from the drop down. Click "Apply".
+
+Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000196' do\n  title 'The vCenter Server must enable data at rest encryption for vSAN.'\n  desc  \"\n    Applications handling data requiring \\\"data at rest\\\" protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.\n\n    Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.\n\n    vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server &gt;&gt; Select the cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.\n\n    Review the \\\"Data-at-rest encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled\n\n    If \\\"Data-At-Rest encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server &gt;&gt; Select the target cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-At-Rest encryption\\\" and select a pre-configured key provider from the drop down. Click \\\"Apply\\\".\n\n    Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000428'\n  tag gid: 'V-VCSA-80-000196'\n  tag rid: 'SV-VCSA-80-000196'\n  tag stig_id: 'VCSA-80-000196'\n  tag cci: ['CCI-002475']\n  tag nist: ['SC-28 (1)']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"Get-Cluster -Name #{cluster} | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002475</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-Cluster -Name cluster0 | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: False
 
-or
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000248</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000248</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000248</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must disable the Customer Experience Improvement Program (CEIP).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Customer Experience Improvement Program.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If Customer Experience Improvement "Program Status" is "Joined", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Customer Experience Improvement Program.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name log.keepOld
+Click "Leave Program".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000248' do\n  title 'The vCenter Server must disable the Customer Experience Improvement Program (CEIP).'\n  desc  'The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Customer Experience Improvement Program.\n\n    If Customer Experience Improvement \\\"Program Status\\\" is \\\"Joined\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Customer Experience Improvement Program.\n\n    Click \\\"Leave Program\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000248'\n  tag rid: 'SV-VCSA-80-000248'\n  tag stig_id: 'VCSA-80-000248'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000575</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000253</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must enforce SNMPv3 security features where SNMP is required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.
 
-If the virtual machine advanced setting &quot;log.keepOld&quot; is not set to &quot;10&quot;, this is a finding.
+SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.
 
-If the virtual machine advanced setting &quot;log.keepOld&quot; does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following commands:
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
+# appliancesh
+# snmp.get
 
-Find the &quot;log.keepOld&quot; value and set it to &quot;10&quot;.
+Note: The "appliancesh" command is not needed if the default shell has not been changed for root.
 
-If the setting does not exist no action is needed.
+If "Enable" is set to "False", this is not a finding.
 
-or
+If "Enable" is set to "True" and "Authentication" is not set to "SHA1", this is a finding.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+If "Enable" is set to "True" and "Privacy" is not set to "AES128", this is a finding.
 
-Get-VM &quot;VM Name&quot; | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10
-
-Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5c091d99-c245-43aa-b4b5-9cbd2306fdd6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to be empty
---------------------------------
-passed
-VM: stigvm1 is expected to be empty
---------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp &#x3D;&#x3D; &quot;10&quot;
---------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp &#x3D;&#x3D; &quot;10&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp &#x3D;&#x3D; &quot;10&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000207</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must enable logging.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If any "Users" are configured with a "Sec_level" that does not equal "priv", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following commands:
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Advanced.
+# appliancesh
+# snmp.set --authentication SHA1
+# snmp.set --privacy AES128
 
-Ensure that the checkbox next to &quot;Enable logging&quot; is checked.
+To change the security level of a user, run the following command:
 
-or
+# snmp.set --users &lt;username&gt;/&lt;auth_password&gt; &lt;priv_password&gt;/priv</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000253' do\n  title 'The vCenter server must enforce SNMPv3 security features where SNMP is required.'\n  desc  \"\n    SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.\n\n    SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.\n\n    SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.get\n\n    Note: The \\\"appliancesh\\\" command is not needed if the default shell has not been changed for root.\n\n    If \\\"Enable\\\" is set to \\\"False\\\", this is not a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Authentication\\\" is not set to \\\"SHA1\\\", this is a finding.\n\n    If \\\"Enable\\\" is set to \\\"True\\\" and \\\"Privacy\\\" is not set to \\\"AES128\\\", this is a finding.\n\n    If any \\\"Users\\\" are configured with a \\\"Sec_level\\\" that does not equal \\\"priv\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    At the command prompt on the vCenter Server Appliance, run the following commands:\n\n    # appliancesh\n    # snmp.set --authentication SHA1\n    # snmp.set --privacy AES128\n\n    To change the security level of a user, run the following command:\n\n    # snmp.set --users &lt;username&gt;/&lt;auth_password&gt; &lt;priv_password&gt;/priv\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000253'\n  tag rid: 'SV-VCSA-80-000253'\n  tag stig_id: 'VCSA-80-000253'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000265</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000575</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000265</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000265</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must disable SNMPv1/2 receivers.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
 
-Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne &quot;True&quot;}
+Click "Edit".
 
-If logging is not enabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+On the "SNMP receivers" tab, note the presence of any enabled receiver.
 
-From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Advanced.
+If there are any enabled receivers, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-Click the checkbox next to &quot;Enable logging&quot;. Click &quot;OK&quot;.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
 
-or
+Click "Edit".
+
+On the "SNMP receivers" tab, ensure all receivers are disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000265' do\n  title 'The vCenter server must disable SNMPv1/2 receivers.'\n  desc  'SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1/2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1/2 in the UI and SNMPv3 in the CLI.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, note the presence of any enabled receiver.\n\n    If there are any enabled receivers, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"SNMP receivers\\\" tab, ensure all receivers are disabled.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000575'\n  tag gid: 'V-VCSA-80-000265'\n  tag rid: 'SV-VCSA-80-000265'\n  tag stig_id: 'VCSA-80-000265'\n  tag cci: ['CCI-001967']\n  tag nist: ['IA-3 (1)']\n\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\n  command = \"(Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value\"\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'False' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.1.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "False" :: MESSAGE 
+expected: False
+     got: True
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
+(compared using `cmp` matcher)
 
-$spec &#x3D; New-Object VMware.Vim.VirtualMachineConfigSpec
-$spec.Flags &#x3D; New-Object VMware.Vim.VirtualMachineFlagInfo
-$spec.Flags.enableLogging &#x3D; $true
-(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1ca92941-615f-4e0b-b5e1-c03d8073948b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VM: stig vm2 is expected to cmp &#x3D;&#x3D; &quot;true&quot;
 --------------------------------
-passed
-VM: stigvm1 is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+passed :: TEST PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.2.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "False"
 --------------------------------
-passed
-VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+passed :: TEST PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.3.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "False"
 --------------------------------
-passed
-VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp &#x3D;&#x3D; &quot;true&quot;
---------------------------------
-passed
-VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp &#x3D;&#x3D; &quot;true&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000208</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000208</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000208</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must not use independent, non-persistent disks.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.
-
-There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+passed :: TEST PowerCLI Command: (Get-View -Id 'OptionManager-VpxSettings').setting | Where-Object {$_.key -match 'snmp.receiver.4.enabled'} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "False"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000266</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000345</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000266</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000266</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+View the value of the "Unlock time" setting.
 
-Review the attached hard disks and verify they are not configured as independent nonpersistent disks.
+Unlock time: 0 seconds
 
-or
+If the lockout policy is not configured with "Unlock time" policy of "0", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Click "Edit".
+
+Set the "Unlock time" to "0" and click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000266' do\n  title 'The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.'\n  desc  'By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.\n\n    View the value of the \\\"Unlock time\\\" setting.\n\n    Unlock time: 0 seconds\n\n    If the lockout policy is not configured with \\\"Unlock time\\\" policy of \\\"0\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.\n\n    Click \\\"Edit\\\".\n\n    Set the \\\"Unlock time\\\" to \\\"0\\\" and click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000345'\n  tag gid: 'V-VCSA-80-000266'\n  tag rid: 'SV-VCSA-80-000266'\n  tag stig_id: 'VCSA-80-000266'\n  tag cci: ['CCI-002238']\n  tag nist: ['AC-7 b']\n\n  command = '(Get-SsoLockoutPolicy).AutoUnlockIntervalSec'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '0' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-SsoLockoutPolicy).AutoUnlockIntervalSec stdout.strip is expected to cmp == "0" :: MESSAGE 
+expected: 0
+     got: 300
 
-Get-VM &quot;VM Name&quot; | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000267</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000267</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000267</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must disable the distributed virtual switch health check.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+From the vSphere Client, go to "Networking".
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Health Check.
 
-Select the target hard disk and change the mode to persistent or uncheck Independent.
+View the health check pane and verify the "VLAN and MTU" and "Teaming and failover" checks are "Disabled".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-Get-VM &quot;VM Name&quot; | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent
+$vds = Get-VDSwitch
+$vds.ExtensionData.Config.HealthCheckConfig
 
-or
+If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-Get-VM &quot;VM Name&quot; | Get-HardDisk | Set-HardDisk -Persistence Persistent</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7d113aef-3f31-4cb0-bb77-e8723bab1f86</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Checking the VM: stig vm2 for Non-Persistent Hard Disks is expected not to cmp &#x3D;&#x3D; &quot;IndependentNonPersistent&quot;
---------------------------------
-passed
-Checking the VM: stigvm1 for Non-Persistent Hard Disks is expected not to cmp &#x3D;&#x3D; &quot;IndependentNonPersistent&quot;
---------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Non-Persistent Hard Disks is expected not to cmp &#x3D;&#x3D; &quot;IndependentNonPersistent&quot;
---------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Non-Persistent Hard Disks is expected not to cmp &#x3D;&#x3D; &quot;IndependentNonPersistent&quot;
---------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Non-Persistent Hard Disks is expected not to cmp &#x3D;&#x3D; &quot;IndependentNonPersistent&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000209</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded floppy devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD&#x2F;DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Health Check.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Click "Edit".
 
-Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState
+Disable the "VLAN and MTU" and "Teaming and failover" checks.
 
-If a virtual machine has a floppy drive connected, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
+Click "OK".
 
-The VM must be powered off to remove a floppy drive.
+or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VM &quot;VM Name&quot; | Get-FloppyDrive | Remove-FloppyDrive</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c59a5770-7639-46aa-94b1-c7c2e26a37b2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Checking the VM: stig vm2 for Floppy drives is expected to be empty
---------------------------------
-passed
-Checking the VM: stigvm1 for Floppy drives is expected to be empty
+Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch "False"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000267' do\n  title 'The vCenter Server must disable the distributed virtual switch health check.'\n  desc  'Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Health Check.\n\n    View the health check pane and verify the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks are \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vds = Get-VDSwitch\n    $vds.ExtensionData.Config.HealthCheckConfig\n\n    If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Health Check.\n\n    Click \\\"Edit\\\".\n\n    Disable the \\\"VLAN and MTU\\\" and \\\"Teaming and failover\\\" checks.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch \\\"False\\\"})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable=0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable=0})))}\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000267'\n  tag rid: 'SV-VCSA-80-000267'\n  tag stig_id: 'VCSA-80-000267'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.HealthCheckConfig | Select-Object -ExpandProperty Enable\"\n      checks = powercli_command(command)\n      checks.stdout.split.each do |hc|\n        describe \"Health check for #{vds}\" do\n          subject { hc }\n          it { should cmp 'false' }\n        end\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Health check for VDSwitch STIG 1 is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Floppy drives is expected to be empty
+passed :: TEST Health check for VDSwitch STIG 1 is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Floppy drives is expected to be empty
+passed :: TEST Health check for VDSwitch STIG 2 is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Floppy drives is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000210</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded CD&#x2F;DVD devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD&#x2F;DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+passed :: TEST Health check for VDSwitch STIG 2 is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000268</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000268</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000268</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must set the distributed port group Forged Transmits policy to "Reject".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.
+
+When the "Forged Transmits" option is set to "Accept", ESXi does not compare source and effective MAC addresses.
+
+To protect against MAC impersonation, set the "Forged Transmits" option to "Reject". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+
+From the vSphere Client, go to "Networking".
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-Review the VMs hardware and verify no CD&#x2F;DVD drives are connected.
+Verify "Forged Transmits" is set to "Reject".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name
+Get-VDSwitch | Get-VDSecurityPolicy
+Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy
 
-If a virtual machine has a CD&#x2F;DVD drive connected other than temporarily, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+If the "Forged Transmits" policy is set to accept for a non-uplink port, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
+
+Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+
+Click "Edit".
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+Click the "Security" tab.
 
-Select the CD&#x2F;DVD drive and uncheck &quot;Connected&quot; and &quot;Connect at power on&quot; and remove any attached ISOs.
+Set "Forged Transmits" to "Reject".
+
+Click "OK".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-Get-VM &quot;VM Name&quot; | Get-CDDrive | Set-CDDrive -NoMedia</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>82f29342-3998-4048-8e3c-86a3c7def730</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Checking the VM: stig vm2 for CD&#x2F;DVD drives is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false
+Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000268' do\n  title 'The vCenter Server must set the distributed port group Forged Transmits policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    When the \\\"Forged Transmits\\\" option is set to \\\"Accept\\\", ESXi does not compare source and effective MAC addresses.\n\n    To protect against MAC impersonation, set the \\\"Forged Transmits\\\" option to \\\"Reject\\\". The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Verify \\\"Forged Transmits\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Forged Transmits\\\" policy is set to accept for a non-uplink port, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Forged Transmits\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000268'\n  tag rid: 'SV-VCSA-80-000268'\n  tag stig_id: 'VCSA-80-000268'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 1") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: stigvm1 for CD&#x2F;DVD drives is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 2") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for CD&#x2F;DVD drives is expected to be empty
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for CD&#x2F;DVD drives is expected to be empty
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for CD&#x2F;DVD drives is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded parallel devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD&#x2F;DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == "false"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4") | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000269</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000269</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000269</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to "Reject".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match &quot;parallel&quot;}
+From the vSphere Client, go to "Networking".
 
-If a virtual machine has a parallel device present, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
+Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-The VM must be powered off to remove a parallel device.
+Verify "MAC Address Changes" is set to "Reject".
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
+or
 
-$pport &#x3D; (Get-VM -Name &lt;vmname&gt;).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match &quot;Parallel&quot;}
-$spec &#x3D; New-Object VMware.Vim.VirtualMachineConfigSpec
-$spec.DeviceChange +&#x3D; New-Object VMware.Vim.VirtualDeviceConfigSpec
-$spec.DeviceChange[-1].device &#x3D; $pport
-$spec.DeviceChange[-1].operation &#x3D; &quot;remove&quot;
-(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c50dc5d3-01a9-477e-bffe-63382022c1cb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Checking the VM: stig vm2 for parallel devices is expected not to match &quot;Parallel&quot;
---------------------------------
-passed
-Checking the VM: stigvm1 for parallel devices is expected not to match &quot;Parallel&quot;
---------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for parallel devices is expected not to match &quot;Parallel&quot;
---------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for parallel devices is expected not to match &quot;Parallel&quot;
---------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for parallel devices is expected not to match &quot;Parallel&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000212</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000212</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000212</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded serial devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD&#x2F;DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+Get-VDSwitch | Get-VDSecurityPolicy
+Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy
 
-Review the VMs hardware and verify no serial devices exist.
+If the "MAC Address Changes" policy is set to accept, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-or
+Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Click "Edit".
 
-Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match &quot;serial&quot;}
+Click the "Security" tab.
 
-If a virtual machine has a serial device present, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The VM must be powered off to remove a serial device.
+Set "MAC Address Changes" to "Reject".
 
-For each virtual machine do the following:
+Click "OK".
+
+or
+
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
-
-Select the serial device, click the circled &quot;X&quot; to remove it, and click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>dcf120d1-50da-49e9-8a96-38fd0df44682</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Checking the VM: stig vm2 for serial devices is expected not to match &quot;Serial&quot;
+Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false
+Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000269' do\n  title 'The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to \"Reject\".'\n  desc  \"\n    If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.\n\n    This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Verify \\\"MAC Address Changes\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"MAC Address Changes\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"MAC Address Changes\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000269'\n  tag rid: 'SV-VCSA-80-000269'\n  tag stig_id: 'VCSA-80-000269'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 1") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: stigvm1 for serial devices is expected not to match &quot;Serial&quot;
+passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 2") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for serial devices is expected not to match &quot;Serial&quot;
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for serial devices is expected not to match &quot;Serial&quot;
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for serial devices is expected not to match &quot;Serial&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000213</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded USB devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD&#x2F;DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == "false"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4") | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000270</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must set the distributed port group Promiscuous Mode policy to "Reject".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-Review the VMs hardware and verify no USB devices exist.
+From the vSphere Client, go to "Networking".
+
+Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+
+Verify "Promiscuous Mode" is set to "Reject".
 
 or
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match &quot;usb&quot;}
-Get-VM | Get-UsbDevice
+Get-VDSwitch | Get-VDSecurityPolicy
+Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy
 
-If a virtual machine has any USB devices or USB controllers present, this is a finding.
+If the "Promiscuous Mode" policy is set to accept, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
+Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-From the vSphere Client, right-click the Virtual Machine and go to &quot;Edit Settings&quot;.
+Click "Edit".
 
-Select the USB controller, click the circled &quot;X&quot; to remove it, and click &quot;OK&quot;.
+Click the "Security" tab.
 
-or
+Set "Promiscuous Mode" to "Reject".
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Click "OK".
 
-Get-VM &quot;VM Name&quot; | Get-USBDevice | Remove-USBDevice
-
-Note:  This will not remove the USB controller, just any connected devices.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6e8c4b4d-898b-4dea-819a-f7e67a47cc41</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-Checking the VM: stig vm2 for USB devices is expected not to match &quot;USB&quot;
-expected &quot;IDE 0\r\nIDE 1\r\nPS2 controller 0\r\nPCI controller 0\r\nSIO controller 0\r\nKeyboard \r\nPointing ...er \r\nSCSI controller 0\r\nSATA controller 0\r\nCD&#x2F;DVD drive 1\r\nHard disk 1\r\nNetwork adapter 1&quot; not to match &quot;USB&quot;
-Diff:
-@@ -1,15 +1,29 @@
--USB
-+IDE 0
-+IDE 1
-+PS2 controller 0
-+PCI controller 0
-+SIO controller 0
-+Keyboard 
-+Pointing device
-+Video card 
-+VMCI device
-+USB xHCI controller 
-+SCSI controller 0
-+SATA controller 0
-+CD&#x2F;DVD drive 1
-+Hard disk 1
-+Network adapter 1
+or
 
---------------------------------
-failed
-Checking the VM: stigvm1 for USB devices is expected not to match &quot;USB&quot;
-expected &quot;IDE 0\r\nIDE 1\r\nPS2 controller 0\r\nPCI controller 0\r\nSIO controller 0\r\nKeyboard \r\nPointing ...er \r\nSCSI controller 0\r\nSATA controller 0\r\nCD&#x2F;DVD drive 1\r\nHard disk 1\r\nNetwork adapter 1&quot; not to match &quot;USB&quot;
-Diff:
-@@ -1,15 +1,29 @@
--USB
-+IDE 0
-+IDE 1
-+PS2 controller 0
-+PCI controller 0
-+SIO controller 0
-+Keyboard 
-+Pointing device
-+Video card 
-+VMCI device
-+USB xHCI controller 
-+SCSI controller 0
-+SATA controller 0
-+CD&#x2F;DVD drive 1
-+Hard disk 1
-+Network adapter 1
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
+Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false
+Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000270' do\n  title 'The vCenter Server must set the distributed port group Promiscuous Mode policy to \"Reject\".'\n  desc  \"\n    When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.\n\n    Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Verify \\\"Promiscuous Mode\\\" is set to \\\"Reject\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy\n\n    If the \\\"Promiscuous Mode\\\" policy is set to accept, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Security\\\" tab.\n\n    Set \\\"Promiscuous Mode\\\" to \\\"Reject\\\".\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n    Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000270'\n  tag rid: 'SV-VCSA-80-000270'\n  tag stig_id: 'VCSA-80-000270'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'false' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 1") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for USB devices is expected not to match &quot;USB&quot;
+passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 2") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for USB devices is expected not to match &quot;USB&quot;
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == "false"
 --------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for USB devices is expected not to match &quot;USB&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VMCH-80-000214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VMCH-80-000214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMCH-80-000214</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines (VMs) must disable DirectPath I&#x2F;O devices when not required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VMDirectPath I&#x2F;O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For each virtual machine do the following:
-
-From the vSphere Client, view the Summary tab.
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == "false"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == "false"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4") | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000271</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000271</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000271</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must only send NetFlow traffic to authorized collectors.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-Review the PCI devices section and verify none exist.
+To view NetFlow Collector IPs configured on distributed switches:
 
-or
+From the vSphere Client, go to "Networking".
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; NetFlow.
 
-Get-VM &quot;VM Name&quot; | Get-PassthroughDevice
+View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.
 
-If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings &gt;&gt; Virtual Hardware tab.
+or
 
-Find the unexpected PCI device returned from the check.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Hover the mouse over the device and click the circled &quot;X&quot; to remove the device. Click &quot;OK&quot;.
+Get-VDSwitch | select Name,@{N="NetFlowCollectorIPs";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}
 
-or
+To view if NetFlow is enabled on any distributed port groups:
 
-From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+From the vSphere Client, go to "Networking".
 
-Get-VM &quot;VM Name&quot; | Get-PassthroughDevice | Remove-PassthroughDevice</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c1262eac-eaea-45e7-a9a5-f0f0ea2b0258</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Checking the VM: stig vm2 for PCI passthrough devices is expected to be empty
---------------------------------
-passed
-Checking the VM: stigvm1 for PCI passthrough devices is expected to be empty
---------------------------------
-passed
-Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for PCI passthrough devices is expected to be empty
---------------------------------
-passed
-Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for PCI passthrough devices is expected to be empty
---------------------------------
-passed
-Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for PCI passthrough devices is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000014</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following command:
+Select a distributed port group &gt;&gt; Manage &gt;&gt; Settings &gt;&gt; Policies.
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware-TlsReconfigurator&#x2F;VcTlsReconfigurator&#x2F;reconfigureVc scan
+Go to "Monitoring" and view the NetFlow status.
 
-If the output indicates versions of TLS other than 1.2 are enabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following command:
+or
 
-# &#x2F;usr&#x2F;lib&#x2F;vmware-TlsReconfigurator&#x2F;VcTlsReconfigurator&#x2F;reconfigureVc update -p TLSv1.2
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-vCenter services will be restarted as part of the reconfiguration. The operating system will not be restarted.
+Get-VDPortgroup | Select Name,VirtualSwitch,@{N="NetFlowEnabled";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}
 
-The &quot;--no-restart&quot; flag can be added to restart services at a later time.
-
-Changes will not take effect until all services are restarted or the appliance is rebooted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>62759690-289a-4453-b8bc-c9d791228c06</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000382</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001184</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001453</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001941</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001942</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002418</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002420</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002421</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002422</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000065</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000023</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
+If NetFlow is configured and the collector IP is not known and documented, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To remove collector IPs, do the following:
 
-The following lockout policy should be set as follows:
+From the vSphere Client, go to "Networking".
 
-Maximum number of failed login attempts: 3
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; NetFlow.
 
-If this account lockout policy is not configured as stated, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
+Click "Edit".
 
-Click &quot;Edit&quot;.
-
-Set the &quot;Maximum number of failed login attempts&quot; to &quot;3&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2ae67084-9909-42f7-9601-96ce276a8eba</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000044</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-SsoLockoutPolicy).MaxFailedAttempts stdout.strip is expected to cmp &#x3D;&#x3D; &quot;3&quot;
+Remove any unknown collector IPs.
 
-expected: 3
-     got: 5
+or
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000024</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000068</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000024</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000024</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Display of the DOD-approved use notification before granting access to the application ensures privacy and security notification verbiage used is consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-System use notifications are required only for access via login interfaces with human users and are not required when such human interfaces do not exist.
+$dvs = Get-VDSwitch dvswitch | Get-View
+ForEach($vs in $dvs){
+$spec = New-Object VMware.Vim.VMwareDVSConfigSpec
+$spec.configversion = $vs.Config.ConfigVersion
+$spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig
+$spec.IpfixConfig.CollectorIpAddress = ""
+$spec.IpfixConfig.CollectorPort = "0"
+$spec.IpfixConfig.ActiveFlowTimeout = "60"
+$spec.IpfixConfig.IdleFlowTimeout = "15"
+$spec.IpfixConfig.SamplingRate = "0"
+$spec.IpfixConfig.InternalFlowsOnly = $False
+$vs.ReconfigureDvs_Task($spec)
+}
 
-The banner must be formatted in accordance with DTM-08-060. Use the following verbiage for applications that can accommodate banners of 1300 characters:
+Note: This will reset the NetFlow collector configuration back to the defaults.
 
-&quot;You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+To disable NetFlow on a distributed port group, do the following:
 
-By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+From the vSphere Client, go to "Networking".
 
--The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
--At any time, the USG may inspect and seize data stored on this IS.
+Click "Edit".
 
--Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+Click the "Monitoring" tab.
 
--This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+Change "NetFlow" to "Disabled".
 
--Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.&quot;
+or
 
-Use the following verbiage for operating systems that have severe limitations on the number of characters that can be displayed in the banner:
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-&quot;I&#39;ve read (literal ampersand) consent to terms in IS user agreem&#39;t.&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Login Message.
+$pgs = Get-VDPortgroup | Get-View
+ForEach($pg in $pgs){
+$spec = New-Object VMware.Vim.DVPortgroupConfigSpec
+$spec.configversion = $pg.Config.ConfigVersion
+$spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting
+$spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy
+$spec.defaultPortConfig.ipfixEnabled.inherited = $false
+$spec.defaultPortConfig.ipfixEnabled.value = $false
+$pg.ReconfigureDVPortgroup_Task($spec)
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000271' do\n  title 'The vCenter Server must only send NetFlow traffic to authorized collectors.'\n  desc  'The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    To view NetFlow Collector IPs configured on distributed switches:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; NetFlow.\n\n    View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"NetFlowCollectorIPs\\\";E={$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}\n\n    To view if NetFlow is enabled on any distributed port groups:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group &gt;&gt; Manage &gt;&gt; Settings &gt;&gt; Policies.\n\n    Go to \\\"Monitoring\\\" and view the NetFlow status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Select Name,VirtualSwitch,@{N=\\\"NetFlowEnabled\\\";E={$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}\n\n    If NetFlow is configured and the collector IP is not known and documented, this is a finding.\n  \"\n  desc 'fix', \"\n    To remove collector IPs, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; NetFlow.\n\n    Click \\\"Edit\\\".\n\n    Remove any unknown collector IPs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $dvs = Get-VDSwitch dvswitch | Get-View\n    ForEach($vs in $dvs){\n    $spec = New-Object VMware.Vim.VMwareDVSConfigSpec\n    $spec.configversion = $vs.Config.ConfigVersion\n    $spec.IpfixConfig = New-Object VMware.Vim.VMwareIpfixConfig\n    $spec.IpfixConfig.CollectorIpAddress = \\\"\\\"\n    $spec.IpfixConfig.CollectorPort = \\\"0\\\"\n    $spec.IpfixConfig.ActiveFlowTimeout = \\\"60\\\"\n    $spec.IpfixConfig.IdleFlowTimeout = \\\"15\\\"\n    $spec.IpfixConfig.SamplingRate = \\\"0\\\"\n    $spec.IpfixConfig.InternalFlowsOnly = $False\n    $vs.ReconfigureDvs_Task($spec)\n    }\n\n    Note: This will reset the NetFlow collector configuration back to the defaults.\n\n    To disable NetFlow on a distributed port group, do the following:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"Monitoring\\\" tab.\n\n    Change \\\"NetFlow\\\" to \\\"Disabled\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.defaultPortConfig = New-Object VMware.Vim.VMwareDVSPortSetting\n    $spec.defaultPortConfig.ipfixEnabled = New-Object VMware.Vim.BoolPolicy\n    $spec.defaultPortConfig.ipfixEnabled.inherited = $false\n    $spec.defaultPortConfig.ipfixEnabled.value = $false\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000271'\n  tag rid: 'SV-VCSA-80-000271'\n  tag stig_id: 'VCSA-80-000271'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  if vdswitches.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed switches found to check. This is not applicable.'\n    end\n  else\n    setimpact = true\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.IpfixConfig.CollectorIpAddress\"\n      result = powercli_command(command).stdout.strip\n      if !result.empty?\n        describe '' do\n          subject { result }\n          it { should cmp \"#{input('ipfixCollectorAddress')}\" }\n        end\n        setimpact = false\n      else\n        describe '' do\n          skip \"Ipfix CollectorIpAddress not configured...skipping #{vds}.\"\n        end\n      end\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST  :: SKIP_MESSAGE Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 1.
+--------------------------------
+skipped :: TEST  :: SKIP_MESSAGE Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 2.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000272</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000272</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000272</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.
 
-If the selection box next to &quot;Show login message&quot; is disabled, &quot;Details of login message&quot; is not configured to the standard DOD User Agreement, or the &quot;Consent checkbox&quot; is disabled, this is a finding.
+For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a "1"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a "1" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).
 
-Note: Refer to vulnerability discussion for user agreement language.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Login Message.
+If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-Click &quot;Edit&quot;.
-
-Click the &quot;Show login message&quot; slider to enable.
-
-Configure the &quot;Login message&quot; to &quot;DOD User Agreement&quot;.
-
-Click the &quot;Consent checkbox&quot; slider to enable.
-
-Set the &quot;Details of login message&quot; to the Standard Mandatory DOD Notice and Consent Banner text.
-
-Click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9d376c7f-6690-4392-8e78-e2f74ce6ed8d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000048</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000050</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001384</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000034</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000034</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000034</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must produce audit records containing information to establish what type of events occurred.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Without establishing what types of events occurred, it would be difficult to establish, correlate, and investigate the events leading up to an outage or attack.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From the vSphere Client, go to "Networking".
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-Verify the &quot;config.log.level&quot; value is set to &quot;info&quot;.
+Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.log.level and verify it is set to &quot;info&quot;.
+Get-VDPortgroup | select Name, VlanConfiguration
 
-If the &quot;config.log.level&quot; value is not set to &quot;info&quot; or does not exist, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+
+Click "Edit".
+
+Click the "VLAN" tab.
+
+Change the VLAN ID to a non-native VLAN.
 
-Click &quot;Edit Settings&quot; and configure the &quot;config.log.level&quot; setting to &quot;info&quot;.
+Click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.log.level | Set-AdvancedSetting -Value info</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>6966a20e-926c-4934-96d5-9538ff788082</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000130</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.log.level | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;info&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000141</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000057</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter Server plugins must be verified.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, web-based functionality.
+Get-VDPortgroup "portgroup name" | Set-VDVlanConfiguration -VlanId "New VLAN#"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000272' do\n  title 'The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).'\n  desc  \"\n    ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.\n\n    For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a \\\"1\\\"; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a \\\"1\\\" instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).\n\n    If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Change the VLAN ID to a non-native VLAN.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000272'\n  tag rid: 'SV-VCSA-80-000272'\n  tag stig_id: 'VCSA-80-000272'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '1' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == "1"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == "1"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == "1"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp == "1"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000273</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000273</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000273</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.
 
-vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.
+The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.
 
-Additionally, vCenter comes with a number of plugins preinstalled that may or may not be necessary for proper operation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Solutions &gt;&gt; Client Plug-Ins.
+If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-View the Installed&#x2F;Available Plug-ins list and verify they are all identified as authorized VMware, third-party (partner), and&#x2F;or site-specific approved plug-ins.
+From the vSphere Client, go to "Networking".
 
-If any installed&#x2F;available plug-ins in the viewable list cannot be verified as allowed vSphere Client plug-ins from trusted sources or are not in active use, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Solutions &gt;&gt; Client Plug-Ins, click the radio button next to the unknown plug-in, and click &quot;Disable&quot;.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-If the plugin will not be needed in the future, proceed to uninstall the plug-in.
+Review the port group "VLAN Type" and "VLAN trunk range", if present.
 
-To uninstall plug-ins, do the following:
+or
 
-If vCenter Server is in linked mode, perform this procedure on the vCenter Server that is used to install the plug-in initially and then restart the vCenter Server services on the linked vCenter Server:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-In a web browser, navigate to &quot;http:&#x2F;&#x2F;vCenter_Server_name_or_IP&#x2F;mob&quot;, where &quot;vCenter_Server_name_or_IP&#x2F;mob&quot; is the name of the vCenter Server or its IP address.
+Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne "True"} | Select Name,VlanConfiguration
 
-Click &quot;Content&quot;.
+If any port group is configured with "VLAN trunking" and is not documented as a needed exception (such as NSX appliances), this is a finding.
 
-Click &quot;ExtensionManager&quot;.
+If any port group is authorized to be configured with "VLAN trunking" but is not configured with the most limited range necessary, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-Select and copy the name of the plug-in to be removed from the list of values under &quot;Properties&quot;.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-Click &quot;UnregisterExtension&quot;. A new window appears.
+Click "Edit".
 
-Paste the name of the plug-in and click &quot;Invoke Method&quot;. This removes the plug-in.
+Click the "VLAN" tab.
 
-Close the window.
+If "VLAN trunking" is not authorized, remove it by setting "VLAN type" to "VLAN" and configure an appropriate VLAN ID. Click "OK".
 
-Refresh the Managed Object Type:ManagedObjectReference:ExtensionManager window to verify the plug-in is removed successfully.
+If "VLAN trunking" is authorized but the range is too broad, modify the range in the "VLAN trunk range" field to the minimum necessary and authorized range. An example range would be "1,3-5,8". Click "OK".
 
-Note: If the plug-in still appears, restart the vSphere Client.
+or
 
-Note: The Managed Object Browser (MOB) may have to be enabled temporarily if it was disabled previously.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b1d2df29-7d9d-4cbb-ad96-90cb8bea782e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000381</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000148</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000059</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:
 
-Organizational users include organizational employees or individuals the organization deems to have equivalent status of employees (e.g., contractors). Organizational users (and any processes acting on behalf of users) must be uniquely identified and authenticated for all accesses except the following.
+Get-VDPortgroup "Portgroup Name" | Set-VDVlanConfiguration -VlanTrunkRange "&lt;VLAN Range(s) comma separated&gt;"
 
-(i) Accesses explicitly identified and documented by the organization. Organizations document specific user actions that can be performed on the information system without identification or authentication; and
-(ii) Accesses that occur through authorized use of group authenticators without individual authentication. Organizations may require unique identification of individuals in group accounts (e.g., shared privilege accounts) or for detailed accountability of individual activity.
+or
 
-Using Active Directory or an identity provider for authentication provides more robust account management capabilities and accountability.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
+Run this command to configure a single VLAN ID:
 
-If the identity provider type is &quot;embedded&quot; and there is no identity source of type &quot;Active Directory&quot; (either Windows Integrated Authentication or LDAP), this is a finding.
+Get-VDPortgroup "Portgroup Name" | Set-VDVlanConfiguration -VlanId "&lt;New VLAN#&gt;"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000273' do\n  title 'The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.'\n  desc  \"\n    When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.\n\n    The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.\n\n    If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Review the port group \\\"VLAN Type\\\" and \\\"VLAN trunk range\\\", if present.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne \\\"True\\\"} | Select Name,VlanConfiguration\n\n    If any port group is configured with \\\"VLAN trunking\\\" and is not documented as a needed exception (such as NSX appliances), this is a finding.\n\n    If any port group is authorized to be configured with \\\"VLAN trunking\\\" but is not configured with the most limited range necessary, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    If \\\"VLAN trunking\\\" is not authorized, remove it by setting \\\"VLAN type\\\" to \\\"VLAN\\\" and configure an appropriate VLAN ID. Click \\\"OK\\\".\n\n    If \\\"VLAN trunking\\\" is authorized but the range is too broad, modify the range in the \\\"VLAN trunk range\\\" field to the minimum necessary and authorized range. An example range would be \\\"1,3-5,8\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanTrunkRange \\\"&lt;VLAN Range(s) comma separated&gt;\\\"\n\n    or\n\n    Run this command to configure a single VLAN ID:\n\n    Get-VDPortgroup \\\"Portgroup Name\\\" | Set-VDVlanConfiguration -VlanId \\\"&lt;New VLAN#&gt;\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000273'\n  tag rid: 'SV-VCSA-80-000273'\n  tag stig_id: 'VCSA-80-000273'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {(($_.IsUplink -eq $false) -and ($_.VlanConfiguration -match \"Trunk\"))} | Select-Object -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    impact 0.0\n    describe '' do\n      skip 'No distributed port groups found to check. This is not applicable.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.Start\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '0' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId.End\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not cmp '4094' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST  :: SKIP_MESSAGE No distributed port groups found to check. This is not applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000274</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000274</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000274</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.
 
-If the identity provider type is &quot;Microsoft ADFS&quot; or another supported identity provider, this is NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When using the embedded identity provider type, perform the following:
+Check with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Identity Sources.
+From the vSphere Client, go to "Networking".
 
-Click &quot;Add&quot;.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-Select either &quot;Active Directory over LDAP&quot; or &quot;Active Directory (Windows Integrated Authentication)&quot; and configure appropriately.
+Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.
 
-Note: Windows Integrated Authentication requires that the vCenter server be joined to Active Directory before configuration via Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Active Directory Domain.
+or
 
-OR
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-To change the identity provider type to a third-party identity provider such as Microsoft ADFS, perform the following:
+Get-VDPortgroup | select Name, VlanConfiguration
 
-From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
+If any port group is configured with a reserved VLAN ID, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-Click &quot;Change Identity Provider&quot;.
-
-Select &quot;Microsoft ADFS&quot; and click &quot;Next&quot;.
-
-Enter the ADFS server information and User and Group details and click &quot;Finish&quot;.
-
-For additional information on configuring ADFS for use with vCenter, refer to the vSphere documentation.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>037a109a-3552-4c3b-857a-8f572e830f9a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000764</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000770</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000795</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000804</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001682</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000149</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000060</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must require multifactor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Without the use of multifactor authentication, the ease of access to privileged functions is greatly increased.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
 
-Multifactor authentication requires using two or more factors to achieve authentication.
+Click "Edit".
 
-Factors include:
-(i) something a user knows (e.g., password&#x2F;PIN);
-(ii) something a user has (e.g., cryptographic identification device, token); or
-(iii) something a user is (e.g., biometric).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Web Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
+Click the "VLAN" tab. Change the VLAN ID to an unreserved VLAN ID.
 
-If the embedded identity provider is used, click on &quot;Smart Card Authentication&quot;.
+Click "OK".
 
-If the embedded identity provider is used and &quot;Smart Card Authentication&quot; is not enabled, this is a finding.
+or
 
-If a third-party identity provider is used, such as Microsoft ADFS, and it does not require multifactor authentication to log on to vCenter, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To configure smart card authentication for vCenter when using the embedded identity provider, refer to the vSphere documentation.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-For vCenter Servers using a third-party identity provider, consult the product&#39;s documentation for enabling multifactor authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e344ab21-e4e1-453a-a6ee-ef1d3fca0186</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000166</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000765</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000766</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001953</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002009</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+Get-VDPortgroup "portgroup name" | Set-VDVlanConfiguration -VlanId "New VLAN#"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000274' do\n  title 'The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.'\n  desc  \"\n    Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.\n\n    Check with the documentation for the organization's specific switch. Using a reserved VLAN might result in a denial of service on the network.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup | select Name, VlanConfiguration\n\n    If any port group is configured with a reserved VLAN ID, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab. Change the VLAN ID to an unreserved VLAN ID.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDPortgroup \\\"portgroup name\\\" | Set-VDVlanConfiguration -VlanId \\\"New VLAN#\\\"\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000274'\n  tag rid: 'SV-VCSA-80-000274'\n  tag stig_id: 'VCSA-80-000274'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Where-Object {$_.IsUplink -eq $false} | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vlanlist = ['1001', '1024', '3968', '4047', '4094']\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should_not be_in vlanlist }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in "1001", "1024", "3968", "4047", and "4094"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in "1001", "1024", "3968", "4047", and "4094"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in "1001", "1024", "3968", "4047", and "4094"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in "1001", "1024", "3968", "4047", and "4094"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000275</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000275</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000275</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must configure the "vpxuser" auto-password to be changed every 30 days.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By default, vCenter will change the "vpxuser" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.
+
+Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the "vpxuser" password to preclude the possibility that vCenter might be locked out of an ESXi host.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-expected: true
-     got: False
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000069</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000164</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000069</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000069</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server passwords must be at least 15 characters in length.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+Verify that "VirtualCenter.VimPasswordExpirationInDays" is set to "30".
 
-Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks. Password length is one factor of several that helps to determine strength and how long it takes to crack a password. The shorter the password, the lower the number of possible combinations that need to be tested before the password is compromised.
+or
 
-Use of more characters in a password helps to exponentially increase the time and&#x2F;or resources required to compromise the password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-View the value of the &quot;Minimum Length&quot; setting.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays
 
-Minimum Length: 15
+If the "VirtualCenter.VimPasswordExpirationInDays" is set to a value other than "30" or does not exist, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-If the password policy is not configured with a &quot;Minimum Length&quot; policy of &quot;15&quot; or more, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-Click &quot;Edit&quot;.
-
-Set the &quot;Minimum Length&quot; to &quot;15&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d9050334-a1a1-4e08-985f-040d82758bb2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000205</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-SsoPasswordPolicy).MinLength stdout.strip is expected to cmp &gt;&#x3D; 15
-
-expected it to be &gt;&#x3D; 15
-     got: 8
+Click "Edit Settings" and configure the "VirtualCenter.VimPasswordExpirationInDays" value to "30" or if the value does not exist create it by entering the values in the "Key" and "Value" fields and clicking "Add".
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000070</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000165</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000070</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000070</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must prohibit password reuse for a minimum of five generations.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+or
 
-To meet password policy requirements, passwords must be changed at specific policy-based intervals.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-If the information system or application allows the user to consecutively reuse their password when that password has exceeded its defined lifetime, the result is a password that is not changed per policy requirements.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+If the setting already exists:
 
-View the value of the &quot;Restrict reuse&quot; setting.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30
 
-Restrict reuse: Users cannot reuse any previous 5 passwords
+If the setting does not exist:
 
-If the password policy is not configured with a &quot;Restrict reuse&quot; policy of &quot;5&quot; or more, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+New-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays -Value 30</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000275' do\n  title 'The vCenter Server must configure the \"vpxuser\" auto-password to be changed every 30 days.'\n  desc  \"\n    By default, vCenter will change the \\\"vpxuser\\\" password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.\n\n    Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the \\\"vpxuser\\\" password to preclude the possibility that vCenter might be locked out of an ESXi host.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Verify that \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to \\\"30\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays\n\n    If the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" is set to a value other than \\\"30\\\" or does not exist, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"VirtualCenter.VimPasswordExpirationInDays\\\" value to \\\"30\\\" or if the value does not exist create it by entering the values in the \\\"Key\\\" and \\\"Value\\\" fields and clicking \\\"Add\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    If the setting already exists:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30\n\n    If the setting does not exist:\n\n    New-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays -Value 30\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000275'\n  tag rid: 'SV-VCSA-80-000275'\n  tag stig_id: 'VCSA-80-000275'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp '30' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "30"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000276</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000276</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000276</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must configure the "vpxuser" password to meet length policy.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The "vpxuser" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.
+
+Longer passwords make brute-force password attacks more difficult. The "vpxuser" password is added by vCenter, meaning no manual intervention is normally required. The "vpxuser" password length must never be modified to less than the default length of 32 characters.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-Click &quot;Edit&quot;.
-
-Set the &quot;Restrict reuse&quot; to &quot;5&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>94bd3a60-e2e3-42db-bca9-f7a34aba37a6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000200</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoPasswordPolicy).ProhibitedPreviousPasswordsCount stdout.strip is expected to cmp &gt;&#x3D; 5</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000071</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000166</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000071</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000071</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one uppercase character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password is, the greater the number of possible combinations that need to be tested before the password is compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+Verify that "config.vpxd.hostPasswordLength" is set to "32".
 
-View the value of the &quot;Character requirements&quot; setting.
+or
 
-Character requirements: At least 1 uppercase characters
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-If the password policy is not configured with &quot;Character requirements&quot; policy requiring &quot;1&quot; or more uppercase characters, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.vpxd.hostPasswordLength and verify it is set to 32.
 
-Click &quot;Edit&quot;.
-
-Set &quot;uppercase characters&quot; to at least &quot;1&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>93cb5da4-d844-44b7-8924-8ac354538ec1</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000192</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoPasswordPolicy).MinUppercaseCount stdout.strip is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000167</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000072</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one lowercase character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+If the "config.vpxd.hostPasswordLength" is set to a value other than "32, this is a finding.
 
-Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+If the setting does not exist, this is not a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-View the value of the &quot;Character requirements&quot; setting.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-Character requirements: At least 1 lowercase characters
+Click "Edit Settings" and configure the "config.vpxd.hostPasswordLength" value to "32".
 
-If the password policy is not configured with &quot;Character requirements&quot; policy requiring &quot;1&quot; or more lowercase characters, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+or
 
-Click &quot;Edit&quot;.
-
-Set &quot;lowercase characters&quot; to at least &quot;1&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8cba8bef-2f5a-4856-8caf-3738b3dea93b</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000193</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoPasswordPolicy).MinLowercaseCount stdout.strip is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000073</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000168</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000073</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000073</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one numeric character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Password complexity is one factor of several that determine how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000276' do\n  title 'The vCenter Server must configure the \"vpxuser\" password to meet length policy.'\n  desc  \"\n    The \\\"vpxuser\\\" password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.\n\n    Longer passwords make brute-force password attacks more difficult. The \\\"vpxuser\\\" password is added by vCenter, meaning no manual intervention is normally required. The \\\"vpxuser\\\" password length must never be modified to less than the default length of 32 characters.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Verify that \\\"config.vpxd.hostPasswordLength\\\" is set to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.vpxd.hostPasswordLength and verify it is set to 32.\n\n    If the \\\"config.vpxd.hostPasswordLength\\\" is set to a value other than \\\"32, this is a finding.\n\n    If the setting does not exist, this is not a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"config.vpxd.hostPasswordLength\\\" value to \\\"32\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000276'\n  tag rid: 'SV-VCSA-80-000276'\n  tag stig_id: 'VCSA-80-000276'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value'\n  describe.one do\n    describe powercli_command(command) do\n      its('stdout.strip') { should cmp '32' }\n    end\n    describe powercli_command(command) do\n      its('stdout.strip') { should be_empty }\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value stdout.strip is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000277</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000277</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000277</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.
 
-View the value of the &quot;Character requirements&quot; setting.
+There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.
 
-Character requirements: At least 1 numeric characters
+Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Check the following conditions:
 
-If the password policy is not configured with &quot;Character requirements&quot; policy requiring &quot;1&quot; or more numeric characters, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+1. Lifecycle Manager must be configured to use the UMDS.
 
-Click &quot;Edit&quot;.
-
-Set &quot;numeric characters&quot; to at least &quot;1&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>1cb17dbf-c77a-4297-843f-6ea61c5dce73</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000194</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoPasswordPolicy).MinNumericCount stdout.strip is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000074</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000169</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000074</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000074</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server passwords must contain at least one special character.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Use of a complex password helps to increase the time and resources required to compromise the password. Password complexity, or strength, is a measure of the effectiveness of a password in resisting attempts at guessing and brute-force attacks.
+OR
 
-Password complexity is one factor in determining how long it takes to crack a password. The more complex the password, the greater the number of possible combinations that need to be tested before the password is compromised.
+2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.
 
-Special characters are not alphanumeric. Examples include: ~ ! @ # $ % ^ *.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+OR
 
-View the value of the &quot;Character requirements&quot; setting.
+3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.
 
-Character requirements: At least 1 special characters
+Option 1:
 
-If the password policy is not configured with &quot;Character requirements&quot; policy requiring &quot;1&quot; or more special characters, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
 
-Click &quot;Edit&quot;.
-
-Set &quot;special characters&quot; to at least &quot;1&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>dabf0efc-9b2a-4638-9b28-fba5f3318a30</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001619</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoPasswordPolicy).MinSpecialCharCount stdout.strip is expected to cmp &gt;&#x3D; 1</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000077</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must enable FIPS-validated cryptography.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>FIPS 140-2 is the current standard for validating that mechanisms used to access cryptographic modules use authentication that meets DOD requirements.
+Click the "Change Download Source" button.
 
-In vSphere 6.7 and later, ESXi and vCenter Server use FIPS-validated cryptography to protect management interfaces and the VMware Certificate Authority (VMCA).
+Verify the "Download patches from a UMDS shared repository" radio button is selected and that a valid UMDS repository is supplied.
 
-vSphere 7.0 Update 2 and later adds additional FIPS-validated cryptography to vCenter Server Appliance. By default, this FIPS validation option is disabled and must be enabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Web Client, go to Developer Center &gt;&gt; API Explorer.
+Click "Cancel".
 
-From the &quot;Select API&quot; drop-down menu, select appliance.
+If this is not set, this is a finding.
 
-Expand system&#x2F;security&#x2F;global_fips &gt;&gt; GET.
+Option 2:
 
-Click &quot;Execute&quot; and then &quot;Copy Response&quot; to view the results.
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
 
-Example response:
+Click the "Change Download Source" button.
 
-{
-    &quot;enabled&quot;: true
-}
+Verify the "Download patches directly from the internet" radio button is selected.
 
-or
+Click "Cancel".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Navigate to the vCenter Server Management interface at https://&lt;vcenter dns&gt;:5480 &gt;&gt; Networking &gt;&gt; Proxy Settings.
 
-Invoke-GetSystemGlobalFips
+Verify that "HTTPS" is "Enabled".
 
-If global FIPS mode is not enabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Web Client go to Developer Center &gt;&gt; API Explorer.
+Click the "HTTPS" row.
 
-From the &quot;Select API&quot; drop-down menu, select appliance.
+Verify the proxy server configuration is accurate.
 
-Expand system&#x2F;security&#x2F;global_fips &gt;&gt; PUT.
+If this is not set, this is a finding.
 
-In the response body under &quot;Try it out&quot; paste the following:
+Option 3:
 
-{
-    &quot;enabled&quot;: true
-}
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Downloads.
 
-Click &quot;Execute&quot;.
+Verify the "Automatic downloads" option is disabled.
 
-or
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Verify any download sources are disabled.
 
-$spec &#x3D; Initialize-SystemSecurityGlobalFipsUpdateSpec -Enabled $true; Invoke-SetSystemGlobalFips -SystemSecurityGlobalFipsUpdateSpec $spec
-
-Note: The vCenter server reboots after FIPS is enabled or disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2a0ea005-fb92-4c14-95f0-6bc977f8dd44</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000197</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000803</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001188</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002450</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-003123</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Invoke-GetSystemGlobalFips | Select-Object -ExpandProperty enabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;
+If this is not set, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Option 1:
 
-expected: True
-     got: False
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000079</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000174</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000079</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000079</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must enforce a 90-day maximum password lifetime restriction.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Any password, no matter how complex, can eventually be cracked. Therefore, passwords must be changed at specific intervals.
+Click the "Change Download Source" button.
 
-One method of minimizing this risk is to use complex passwords and periodically change them. If the application does not limit the lifetime of passwords and force users to change their passwords, there is the risk that the system and&#x2F;or application passwords could be compromised.
+Select the "Download patches from a UMDS shared repository" radio button and supply a valid UMDS repository.
 
-This requirement does not include emergency administration accounts, which are meant for access to the application in case of failure. These accounts are not required to have maximum password lifetime restrictions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+Click "Save".
 
-View the value of the &quot;Maximum lifetime&quot; setting.
+Option 2:
 
-Maximum lifetime: Password must be changed every 90 days
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
 
-If the password policy is not configured with &quot;Maximum lifetime&quot; policy of &quot;90&quot; or less, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Password Policy.
+Click the "Change Download Source" button.
 
-Click &quot;Edit&quot;.
-
-Set &quot;Maximum lifetime&quot; to &quot;90&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8e865e54-ce30-4498-9c63-ed34acf4fd3d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000199</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoPasswordPolicy).PasswordLifetimeDays stdout.strip is expected to cmp &lt;&#x3D; 90</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000080</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000175</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000080</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000080</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must enable revocation checking for certificate-based authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The system must establish the validity of the user-supplied identity certificate using Online Certificate Status Protocol (OCSP) and&#x2F;or Certificate Revocation List (CRL) revocation checking.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a federated identity provider is configured and used for an identity source and supports Smartcard authentication, this is not applicable.
+Select the "Download patches directly from the internet" radio button.
 
-From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
+Click "Save".
 
-Under Smart card authentication settings &gt;&gt; Certificate revocation, verify &quot;Revocation check&quot; does not show as disabled.
+Navigate to the vCenter Server Management interface at https://&lt;vcenter dns&gt;:5480 &gt;&gt; Networking &gt;&gt; Proxy Settings.
 
-If &quot;Revocation check&quot; shows as disabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
+Click "Edit".
 
-Under Smart card authentication settings &gt;&gt; Certificate revocation, click the &quot;Edit&quot; button.
+Slide "HTTPS" to "Enabled".
 
-Configure revocation checking per site requirements. OCSP with CRL failover is recommended.
+Supply the appropriate proxy server configuration.
 
-By default, both locations are pulled from the cert. CRL location can be overridden in this screen, and local responders can be specified via the sso-config command line tool. See the vSphere documentation for more information.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b7eb09c1-dac6-43db-b820-a865780c7c74</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000185</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001954</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001991</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002010</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-SsoAuthenticationPolicy).UseInCertCRL stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000089</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000190</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000089</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000089</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session will also free resources committed by the managed network element.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Client Configuration.
+Click "Save".
 
-View the value of the &quot;Session timeout&quot; setting.
+Option 3:
 
-If the &quot;Session timeout&quot; is not set to &quot;15 minute(s)&quot; or less this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Client Configuration.
+From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Downloads.
 
-Click &quot;Edit&quot; and enter &quot;15&quot; minutes into the &quot;Session timeout&quot; setting. Click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ccbc173b-0d2a-4c5d-a627-efa15f53f1f2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001133</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002038</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002361</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000211</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server user roles must be verified.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+Click "Edit" and uncheck "Download patches".
+
+Under "Patch Setup" select each download source and click Disable.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000277' do\n  title 'The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.'\n  desc  \"\n    vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.\n\n    There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.\n\n    Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Check the following conditions:\n\n    1. Lifecycle Manager must be configured to use the UMDS.\n\n    OR\n\n    2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.\n\n    OR\n\n    3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.\n\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches from a UMDS shared repository\\\" radio button is selected and that a valid UMDS repository is supplied.\n\n    Click \\\"Cancel\\\".\n\n    If this is not set, this is a finding.\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Verify the \\\"Download patches directly from the internet\\\" radio button is selected.\n\n    Click \\\"Cancel\\\".\n\n    Navigate to the vCenter Server Management interface at https://&lt;vcenter dns&gt;:5480 &gt;&gt; Networking &gt;&gt; Proxy Settings.\n\n    Verify that \\\"HTTPS\\\" is \\\"Enabled\\\".\n\n    Click the \\\"HTTPS\\\" row.\n\n    Verify the proxy server configuration is accurate.\n\n    If this is not set, this is a finding.\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Downloads.\n\n    Verify the \\\"Automatic downloads\\\" option is disabled.\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.\n\n    Verify any download sources are disabled.\n\n    If this is not set, this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches from a UMDS shared repository\\\" radio button and supply a valid UMDS repository.\n\n    Click \\\"Save\\\".\n\n    Option 2:\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.\n\n    Click the \\\"Change Download Source\\\" button.\n\n    Select the \\\"Download patches directly from the internet\\\" radio button.\n\n    Click \\\"Save\\\".\n\n    Navigate to the vCenter Server Management interface at https://&lt;vcenter dns&gt;:5480 &gt;&gt; Networking &gt;&gt; Proxy Settings.\n\n    Click \\\"Edit\\\".\n\n    Slide \\\"HTTPS\\\" to \\\"Enabled\\\".\n\n    Supply the appropriate proxy server configuration.\n\n    Click \\\"Save\\\".\n\n    Option 3:\n\n    From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Downloads.\n\n    Click \\\"Edit\\\" and uncheck \\\"Download patches\\\".\n\n    Under \\\"Patch Setup\\\" select each download source and click Disable.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000277'\n  tag rid: 'SV-VCSA-80-000277'\n  tag stig_id: 'VCSA-80-000277'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000278</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000278</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000278</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must use unique service accounts when applications connect to vCenter.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Verify each external application that connects to vCenter has a unique service account dedicated to that application.
 
-View each role and verify the users and&#x2F;or groups assigned to it by clicking on &quot;Usage&quot;.
+For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.
 
-or
+If any application shares a service account that is used to connect to vCenter, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000278' do\n  title 'The vCenter Server must use unique service accounts when applications connect to vCenter.'\n  desc  'To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Verify each external application that connects to vCenter has a unique service account dedicated to that application.\n\n    For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.\n\n    If any application shares a service account that is used to connect to vCenter, this is a finding.\n  \"\n  desc  'fix', \"\n    For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.\n\n    When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000278'\n  tag rid: 'SV-VCSA-80-000278'\n  tag stig_id: 'VCSA-80-000278'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000279</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000279</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000279</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.
 
-Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto
+IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.
 
-Application service account and user required privileges should be documented.
+To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If IP-based storage is not used, this is not applicable.
 
-If any user or service account has more privileges than required, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To update a user&#39;s or group&#39;s permissions to an existing role with reduced permissions, do the following:
+IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.
 
-From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Global Permissions.
+The check for this will be unique per environment.
 
-Select the user or group, click the pencil button, change the assigned role, and click &quot;OK&quot;.
+To check a standard switch, do the following:
 
-Note: If permissions are assigned on a specific object, the role must be updated where it is assigned (for example, at the cluster level).
+From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; Virtual switches. Select a standard switch.
 
-To create a new role with reduced permissions, do the following:
+For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.
 
-From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+Verify it is dedicated to that purpose and is logically separated from other traffic types.
 
-Click the green plus sign and enter a name for the role and select only the specific permissions required.
+To check a distributed switch, do the following,
 
-Users can then be assigned to the newly created role.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>97c390e7-d911-4687-b3d2-65149dbfbe63</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001082</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001084</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001813</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000247</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000110</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I&#x2F;O Control (NIOC).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>DoS is a condition when a resource is not available for legitimate users. When this occurs, the organization either cannot accomplish its mission or must operate at degraded capacity.
+From the vSphere Client, go to "Networking".
 
-Managing excess capacity ensures sufficient capacity is available to counter flooding attacks. Employing increased capacity and service redundancy may reduce the susceptibility to some DoS attacks. Managing excess capacity may include, for example, establishing selected usage priorities, quotas, or partitioning.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+Select and expand a distributed switch.
 
-From the vSphere Client, go to Networking.
+For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the "Summary" tab.
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.
 
-View the &quot;Properties&quot; pane and verify &quot;Network I&#x2F;O Control&quot; is &quot;Enabled&quot;.
+If any IP-based storage networks are not isolated from other traffic types, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Configuration of an IP-based VMkernel will be unique to each environment.
 
-or
+To configure VLANs and traffic types, do the following:
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Standard switch:
 
-Get-VDSwitch | select Name,@{N&#x3D;&quot;NIOC Enabled&quot;;E&#x3D;{$_.ExtensionData.config.NetworkResourceManagementEnabled}}
+From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.
 
-If &quot;Network I&#x2F;O Control&quot; is disabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Networking.
+Select the Storage VMkernel (for any IP-based storage). Click "Edit..." and click the "Port properties" tab.
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+Uncheck everything (unless vSAN).
 
-In the &quot;Properties&quot; pane, click &quot;Edit&quot;. Change &quot;Network I&#x2F;O Control&quot; to &quot;Enabled&quot;. Click &quot;OK&quot;.
+Click the "IPv4" settings or "IPv6" settings tab.
 
-or
+Enter the appropriate IP address and subnet information.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Click "OK".
 
-(Get-VDSwitch &quot;VDSwitch Name&quot; | Get-View).EnableNetworkResourceManagement($true)</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b1bdf42d-5111-4663-8e9d-f3a464dbc2d5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001095</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 1&quot;).ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; Virtual switches. Select a standard switch.
 
-expected: true
-     got: False
+For each storage port group (iSCSI, NFS, vSAN), select the port group and click "...". Click "Edit Settings". On the "Properties" tab, enter the appropriate VLAN ID and click "OK".
 
-(compared using &#x60;cmp&#x60; matcher)
+Distributed switch:
 
---------------------------------
-failed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 2&quot;).ExtensionData.Config.NetworkResourceManagementEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+From the vSphere Client, go to "Networking".
 
-expected: true
-     got: False
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Topology.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000123</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000291</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000123</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000123</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Once an attacker establishes initial access to a system, they often attempt to create a persistent method of reestablishing access. One way to accomplish this is for the attacker to create a new account. They may also try to hijack an existing account by changing a password or enabling a previously disabled account. Therefore, all actions performed on accounts in the SSO domain much be alerted on in vCenter at a minimum and ideally on a Security Information and Event Management (SIEM) system as well.
+Select the Storage VMkernel (for any IP-based storage). Click "..." and click "Edit Settings".
 
-To ensure the appropriate personnel are alerted about SSO account actions, create a new vCenter alarm for the &quot;com.vmware.sso.PrincipalManagement&quot; event ID and configure the alert mechanisms appropriately.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+On the "Port properties" tab, uncheck everything (unless vSAN).
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Security &gt;&gt; Alarm Definitions.
+Click the "IPv4" settings or "IPv6" settings tab.
 
-Verify there is an alarm created to alert upon all SSO account actions.
+Enter the appropriate IP address and subnet information.
 
-The alarm name may vary, but it is suggested to name it &quot;SSO account actions - com.vmware.sso.PrincipalManagement&quot;.
+Click "OK".
 
-or
+From the vSphere Client, go to "Networking".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Select and expand a distributed switch.
 
-Get-AlarmDefinition | Where {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq &quot;com.vmware.sso.PrincipalManagement&quot;} | Select Name,Enabled,@{N&#x3D;&quot;EventTypeId&quot;;E&#x3D;{$_.ExtensionData.Info.Expression.Expression.EventTypeId}}
+For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-If an alarm is not created to alert on SSO account actions, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+Click "Edit".
+
+Click the "VLAN" tab.
+
+Enter the appropriate VLAN type and ID and click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000279' do\n  title 'The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.'\n  desc  \"\n    Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.\n\n    IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.\n\n    To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If IP-based storage is not used, this is not applicable.\n\n    IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.\n\n    The check for this will be unique per environment.\n\n    To check a standard switch, do the following:\n\n    From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.\n\n    Verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    To check a distributed switch, do the following,\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the \\\"Summary\\\" tab.\n\n    Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.\n\n    If any IP-based storage networks are not isolated from other traffic types, this is a finding.\n  \"\n  desc 'fix', \"\n    Configuration of an IP-based VMkernel will be unique to each environment.\n\n    To configure VLANs and traffic types, do the following:\n\n    Standard switch:\n\n    From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"Edit...\\\" and click the \\\"Port properties\\\" tab.\n\n    Uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; Virtual switches. Select a standard switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and click \\\"...\\\". Click \\\"Edit Settings\\\". On the \\\"Properties\\\" tab, enter the appropriate VLAN ID and click \\\"OK\\\".\n\n    Distributed switch:\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Topology.\n\n    Select the Storage VMkernel (for any IP-based storage). Click \\\"...\\\" and click \\\"Edit Settings\\\".\n\n    On the \\\"Port properties\\\" tab, uncheck everything (unless vSAN).\n\n    Click the \\\"IPv4\\\" settings or \\\"IPv6\\\" settings tab.\n\n    Enter the appropriate IP address and subnet information.\n\n    Click \\\"OK\\\".\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select and expand a distributed switch.\n\n    For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Click \\\"Edit\\\".\n\n    Click the \\\"VLAN\\\" tab.\n\n    Enter the appropriate VLAN type and ID and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000279'\n  tag rid: 'SV-VCSA-80-000279'\n  tag stig_id: 'VCSA-80-000279'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000280</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000358</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000280</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000280</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must be configured to send events to a central log server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.
+
+The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Security &gt;&gt; Alarm Definitions.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-Click &quot;Add&quot;.
+Verify that "vpxd.event.syslog.enabled" value is set to "true".
 
-Provide the alarm name of &quot;SSO account actions - com.vmware.sso.PrincipalManagement&quot; and an optional description.
+or
 
-From the &quot;Target type&quot; dropdown menu, select &quot;vCenter Server&quot;.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Click &quot;Next&quot;.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name vpxd.event.syslog.enabled
 
-Paste &quot;com.vmware.sso.PrincipalManagement&quot; (without quotes) in the line after &quot;IF&quot; and press &quot;Enter&quot;.
+If the "vpxd.event.syslog.enabled" value is not set to "true", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-Next to &quot;Trigger the alarm and&quot;, select &quot;Show as Warning&quot;.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
 
-Configure the desired notification actions that will inform the SA and ISSO of the event.
+Click "Edit Settings" and configure the "vpxd.event.syslog.enabled" setting to "true".
 
-Click &quot;Next&quot;. Click &quot;Next&quot; again. Click &quot;Create&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>76584551-e7ae-4214-94b9-9bd7730dfc73</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001683</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001684</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001685</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001686</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002132</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-AlarmDefinition | Where-Object {$_.ExtensionData.Info.Expression.Expression.EventTypeId -eq &quot;com.vmware.sso.PrincipalManagement&quot;} | Select-Object -ExpandProperty Enabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+or
 
-expected: true
-     got: 
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000345</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000145</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By limiting the number of failed login attempts, the risk of unauthorized system access via user password guessing, otherwise known as brute forcing, is reduced. Limits are imposed by locking the account.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
+Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000280' do\n  title 'The vCenter server must be configured to send events to a central log server.'\n  desc  \"\n    vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and/or central log server.\n\n    The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Verify that \\\"vpxd.event.syslog.enabled\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name vpxd.event.syslog.enabled\n\n    If the \\\"vpxd.event.syslog.enabled\\\" value is not set to \\\"true\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.\n\n    Click \\\"Edit Settings\\\" and configure the \\\"vpxd.event.syslog.enabled\\\" setting to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000358'\n  tag gid: 'V-VCSA-80-000280'\n  tag rid: 'SV-VCSA-80-000280'\n  tag stig_id: 'VCSA-80-000280'\n  tag cci: ['CCI-001851']\n  tag nist: ['AU-4 (1)']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp 'true' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value stdout.strip is expected to cmp == "true"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000281</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000281</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000281</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
 
-View the value of the &quot;Time interval between failures&quot; setting.
+From the vSphere Client, go to Host and Clusters.
 
-Time interval between failures: 900 seconds
+Select the vCenter Server &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Internet Connectivity.
 
-If the lockout policy is not configured with &quot;Time interval between failures&quot; policy of &quot;900&quot; or more, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
+If the HCL internet download is not required, verify "Status" is "Disabled".
 
-Click &quot;Edit&quot;.
-
-Set the &quot;Time interval between failures&quot; to &quot;900&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5e6de067-26cf-412a-b4b2-1f24a105bd6f</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-SsoLockoutPolicy).FailedAttemptIntervalSec stdout.strip is expected to cmp &gt;&#x3D; 900
-
-expected it to be &gt;&#x3D; 900
-     got: 180
+If the "Status" is "Enabled", this is a finding.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000148</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000358</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000148</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000148</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must be configured to send logs to a central log server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter must be configured to send near real-time log data to syslog collectors so information will be available to investigators in the case of a security incident or to assist in troubleshooting.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
-
-Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
-
-Select &quot;Syslog&quot; on the left navigation pane.
-
-On the resulting pane on the right, verify at least one site-specific syslog receiver is configured and is listed as &quot;Reachable&quot;.
-
-If no valid syslog collector is configured or if the collector is not listed as &quot;Reachable&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Open the VAMI by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
-
-Log in with local operating system administrative credentials or with an SSO account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
-
-Select &quot;Syslog&quot; on the left navigation pane.
-
-On the resulting pane on the right, click &quot;Edit&quot; or &quot;Configure&quot;.
+If the HCL internet download is required, verify "Status" is "Enabled" and a proxy host is configured.
 
-Edit or add the address and port of a site-specific syslog aggregator or Security Information Event Management (SIEM) system with the appropriate protocol.
+If "Status" is "Enabled" and a proxy is not configured, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-User Datagram Protocol (UDP) is discouraged due to its stateless and unencrypted nature. Transport Layer Security (TLS) is preferred.
+Select the vCenter Server &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Internet Connectivity.
 
-Click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>61f6b9ae-3ae6-4529-ad83-ab8b5e130ee8</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-No log servers configured: [] is expected not to be empty
-expected &#x60;[].empty?&#x60; to be falsey, got true</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000360</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000150</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, of all audit failure events requiring real-time alerts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>It is critical for the appropriate personnel to be aware if a system is at risk of failing to process audit logs as required. Without a real-time alert, security personnel may be unaware of an impending failure of the audit capability and system operation may be adversely affected.
+Click "Edit".
+
+If the HCL internet download is not required, ensure that "Status" is "Disabled".
+
+If the HCL internet download is required, ensure that "Status" is "Enabled" and that a proxy host is appropriately configured.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000281' do\n  title 'The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.'\n  desc  'The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Internet Connectivity.\n\n    If the HCL internet download is not required, verify \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the \\\"Status\\\" is \\\"Enabled\\\", this is a finding.\n\n    If the HCL internet download is required, verify \\\"Status\\\" is \\\"Enabled\\\" and a proxy host is configured.\n\n    If \\\"Status\\\" is \\\"Enabled\\\" and a proxy is not configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Internet Connectivity.\n\n    Click \\\"Edit\\\".\n\n    If the HCL internet download is not required, ensure that \\\"Status\\\" is \\\"Disabled\\\".\n\n    If the HCL internet download is required, ensure that \\\"Status\\\" is \\\"Enabled\\\" and that a proxy host is appropriately configured.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000281'\n  tag rid: 'SV-VCSA-80-000281'\n  tag stig_id: 'VCSA-80-000281'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    command = '$vsanphview = Get-VsanView -Id VsanPhoneHomeSystem-vsan-phonehome-system; $vsanphview.QueryVsanCloudHealthStatus().InternetConnectivity'\n    vcinternetenabled = powercli_command(command).stdout.strip\n\n    if vcinternetenabled == 'True'\n      proxycommand = '$vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host'\n      describe powercli_command(proxycommand) do\n        its('stdout.strip') { should_not cmp '' }\n      end\n    else\n      describe 'Enable Internet access for all vSAN clusters.' do\n        subject { vcinternetenabled }\n        it { should cmp 'false' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: $vsanhealthview = Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host stdout.strip is expected not to cmp == "" :: MESSAGE 
+expected: 
+     got: 
 
-Alerts provide organizations with urgent messages. Real-time alerts provide these messages immediately (i.e., the time from event detection to alert occurs in seconds or less).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Review the Central Logging Server being used to verify it is configured to alert the SA and ISSO, at a minimum, on any AO-defined events. Otherwise, this is a finding.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000282</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000282</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000282</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must configure the vSAN Datastore name to a unique name.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>A vSAN Datastore name by default is "vsanDatastore". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
 
-If there are no AO-defined events, this is not a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configure the Central Logging Server being used to alert the SA and ISSO, at a minimum, on any AO-defined events.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>695bf69f-954e-4561-8268-c8a01f53be06</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000172</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001744</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001858</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check
-This must be reviewed manually</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000158</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000371</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000158</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000158</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must compare internal information system clocks at least every 24 hours with an authoritative time server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Inaccurate time stamps make it more difficult to correlate events and can lead to an inaccurate analysis. Determining the correct time a particular event occurred on a system is critical when conducting forensic analysis and investigating system events. Sources outside of the configured acceptable allowance (drift) may be inaccurate. Additionally, unnecessary synchronization may have an adverse impact on system performance and may indicate malicious activity.
+From the vSphere Client, go to Host and Clusters.
 
-Synchronizing internal information system clocks to an authoritative time server provides uniformity of time stamps for information systems with multiple system clocks and systems connected over a network.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
-
-Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
-
-Select &quot;Time&quot; on the left navigation pane.
-
-On the resulting pane on the right, verify at least one authorized time server is configured and is listed as &quot;Reachable&quot;.
-
-If &quot;NTP&quot; is not enabled and at least one authorized time server configured, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Open the VAMI by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
-
-Log in with local operating system administrative credentials or with an SSO account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
-
-Select &quot;Time&quot; on the left navigation pane.
-
-On the resulting pane on the right, click &quot;Edit&quot; under &quot;Time Synchronization&quot;.
-
-Select &quot;NTP&quot; for &quot;Mode&quot; and enter a list of authorized time servers separated by commas. Click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>910161ad-1060-456f-8a20-387aac9e1b8c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001891</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-Timesync Configuration: HOST is expected to cmp &#x3D;&#x3D; &quot;NTP&quot;
+Select a vSAN Enabled Cluster &gt;&gt; Datastores.
 
-expected: NTP
-     got: HOST
+Review the datastores and identify any datastores with "vSAN" as the datastore type.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000427</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000195</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server Machine Secure Sockets Layer (SSL) certificate must be issued by a DOD certificate authority.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Untrusted certificate authorities (CA) can issue certificates, but they may be issued by organizations or individuals that seek to compromise DOD systems or by organizations with insufficient security controls. If the CA used for verifying the certificate is not a DOD-approved CA, trust of this CA has not been established.
+or
 
-The DOD will only accept public key infrastructure (PKI) certificates obtained from a DOD-approved internal or external certificate authority. Reliance on CAs for the establishment of secure sessions includes, for example, the use of Transport Layer Security (TLS) certificates.
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-The default self-signed, VMware Certificate Authority (VMCA)-issued vCenter reverse proxy certificate must be replaced with a DOD-approved certificate. The use of a DOD certificate on the vCenter reverse proxy and other services assures clients that the service they are connecting to is legitimate and trusted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Certificates &gt;&gt; Certificate Management &gt;&gt; Machine SSL Certificate.
+If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){
+Write-Host "vSAN Enabled Cluster found"
+Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match "vsan"}
+}
+else{
+Write-Host "vSAN is not enabled, this finding is not applicable."
+}
 
-Click &quot;View Details&quot; and examine the &quot;Issuer Information&quot; block.
+If vSAN is enabled and a datastore is named "vsanDatastore", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-If the issuer specified is not a DOD approved certificate authority, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Obtain a DOD-issued certificate and private key for each vCenter in the system following the requirements below:
+Select a vSAN Enabled Cluster &gt;&gt; Datastores.
 
-Key size: 2048 bits or more (PEM encoded)
-CRT format (Base-64)
-x509 version 3
-SubjectAltName must contain DNS Name&#x3D;&lt;machine_FQDN&gt;
-Contains the following Key Usages: Digital Signature, Non Repudiation, Key Encipherment
+Right-click on the datastore named "vsanDatastore" and select "Rename".
 
-Export the entire certificate issuing chain up to the root in Base-64 format. Concatenate the individual certificates into one file with the &quot;.cer&quot; extension.
+Rename the datastore based on site-specific naming standards.
 
-From the vSphere Client, go to Administration &gt;&gt; Certificates &gt;&gt; Certificate Management &gt;&gt; Machine SSL Certificate.
+Click "OK".
 
-Click Actions &gt;&gt; Import and Replace Certificate.
+or
 
-Select the &quot;Replace with external CA certificate&quot; radio button and click &quot;Next&quot;.
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-Supply the CA-issued certificate , the exported roots file, and the private key.
+If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){
+Write-Host "vSAN Enabled Cluster found"
+$Clusters = Get-Cluster | where {$_.VsanEnabled}
+Foreach ($clus in $clusters){
+ $clus | Get-Datastore | where {$_.type -match "vsan"} | Set-Datastore -Name $(($clus.name) + "_vSAN_Datastore")
+}
+}
+else{
+Write-Host "vSAN is not enabled, this finding is not applicable."
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000282' do\n  title 'The vCenter Server must configure the vSAN Datastore name to a unique name.'\n  desc  'A vSAN Datastore name by default is \"vsanDatastore\". If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster &gt;&gt; Datastores.\n\n    Review the datastores and identify any datastores with \\\"vSAN\\\" as the datastore type.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match \\\"vsan\\\"}\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n\n    If vSAN is enabled and a datastore is named \\\"vsanDatastore\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster &gt;&gt; Datastores.\n\n    Right-click on the datastore named \\\"vsanDatastore\\\" and select \\\"Rename\\\".\n\n    Rename the datastore based on site-specific naming standards.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){\n    Write-Host \\\"vSAN Enabled Cluster found\\\"\n    $Clusters = Get-Cluster | where {$_.VsanEnabled}\n    Foreach ($clus in $clusters){\n     $clus | Get-Datastore | where {$_.type -match \\\"vsan\\\"} | Set-Datastore -Name $(($clus.name) + \\\"_vSAN_Datastore\\\")\n    }\n    }\n    else{\n    Write-Host \\\"vSAN is not enabled, this finding is not applicable.\\\"\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000282'\n  tag rid: 'SV-VCSA-80-000282'\n  tag stig_id: 'VCSA-80-000282'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-Cluster | Where-Object {$_.VsanEnabled} | Get-Datastore | Where-Object {$_.type -match \"vsan\"} | Select-Object -ExpandProperty Name'\n  vsandatastores = powercli_command(command).stdout.strip.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vsandatastores.empty?\n    describe '' do\n      skip 'No VSAN datastores found to check.'\n    end\n  else\n    vsandatastores.each do |ds|\n      describe '' do\n        subject { ds }\n        it { should_not cmp 'vsanDatastore' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST is expected not to cmp == "vsanDatastore" :: MESSAGE 
+expected: vsanDatastore
+     got: vsanDatastore
 
-Click &quot;Replace&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a3d531f1-5507-4eb5-a730-6475315e68eb</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002470</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-ssl_certificate for &#39;10.186.30.81&#39; issuer_organization is expected to cmp &#x3D;&#x3D; &quot;U.S. Government&quot;
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000283</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000283</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000283</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must disable Username/Password and Windows Integrated Authentication.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If a federated identity provider is configured and used for an identity source, this is not applicable.
 
-expected: U.S. Government
-     got: sc2-10-186-30-81.eng.vmware.com
+From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000428</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000196</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must enable data at rest encryption for vSAN.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Applications handling data requiring &quot;data at rest&quot; protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest.
+Under "Authentication method", examine the allowed methods.
 
-Data encryption is a common technique used in environments that require additional levels of security.  It consists of a process to ensure that data can only be consumed by systems that have appropriate levels of access.  Approved systems must have and use the appropriate cryptographic keys to encrypt and decrypt the data.  Systems that do not have the keys will not be able to consume the data in any meaningful way, as it will remain encrypted in accordance to the commonly used Advanced Encryption Standard (AES) from the National Institute of Standards and Technology, or NIST.
+If "Smart card authentication" is not enabled and "Password and windows session authentication" is not disabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
 
-vSAN supports Data-At-Rest Encryption and Data-in-Transit Encryption and uses an AES 256 cipher. Data is encrypted after all other processing, such as deduplication, is performed. Data at rest encryption protects data on storage devices, in case a device is removed from the cluster.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
+Next to "Authentication method", click "Edit".
 
-From the vSphere Client, go to Host and Clusters.
+Select to radio button to "Enable smart card authentication".
 
-Select the vCenter Server &gt;&gt; Select the cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
+Click "Save".
 
-Review the &quot;Data-at-rest encryption&quot; status.
+To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:
 
-or
+# /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000283' do\n  title 'The vCenter Server must disable Username/Password and Windows Integrated Authentication.'\n  desc  'All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user/pass accounts, but it must be disabled as soon as CAC authentication is functional.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If a federated identity provider is configured and used for an identity source, this is not applicable.\n\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.\n\n    Under \\\"Authentication method\\\", examine the allowed methods.\n\n    If \\\"Smart card authentication\\\" is not enabled and \\\"Password and windows session authentication\\\" is not disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.\n\n    Next to \\\"Authentication method\\\", click \\\"Edit\\\".\n\n    Select to radio button to \\\"Enable smart card authentication\\\".\n\n    Click \\\"Save\\\".\n\n    To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:\n\n    # /opt/vmware/bin/sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000283'\n  tag rid: 'SV-VCSA-80-000283'\n  tag stig_id: 'VCSA-80-000283'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('embeddedIdp')\n    describe powercli_command('(Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled') do\n      its('stdout.strip') { should cmp 'true' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).PasswordAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n    describe powercli_command('(Get-SsoAuthenticationPolicy).WindowsAuthnEnabled') do\n      its('stdout.strip') { should cmp 'false' }\n    end\n  else\n    describe 'A federated IDP is configured so this is Not Applicable.' do\n      skip 'A federated IDP is configured so this is Not Applicable.'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: False
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+(compared using `cmp` matcher)
 
-Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Get-VsanClusterConfiguration | Select-Object Name,EncryptionEnabled
+--------------------------------
+failed :: TEST PowerCLI Command: (Get-SsoAuthenticationPolicy).PasswordAuthnEnabled stdout.strip is expected to cmp == "false" :: MESSAGE 
+expected: false
+     got: True
 
-If &quot;Data-At-Rest encryption&quot; is not enabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+(compared using `cmp` matcher)
 
-Select the vCenter Server &gt;&gt; Select the target cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
+--------------------------------
+failed :: TEST PowerCLI Command: (Get-SsoAuthenticationPolicy).WindowsAuthnEnabled stdout.strip is expected to cmp == "false" :: MESSAGE 
+expected: false
+     got: True
 
-Click &quot;Edit&quot;.
-
-Enable &quot;Data-At-Rest encryption&quot; and select a pre-configured key provider from the drop down. Click &quot;Apply&quot;.
-
-Note: Before enabling, read and understand the operational implications of enabling data at rest encryption in vSAN and how it effects capacity, performance, and recovery scenarios.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>82f95148-5412-40e3-9c00-87d9759e07da</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002475</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-Cluster -Name cluster0 | Get-VsanClusterConfiguration | Select-Object -ExpandProperty EncryptionEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000284</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000284</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000284</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must restrict access to the default roles with cryptographic permissions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>In vSphere, the built-in "Administrator" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.
+
+A new built-in role called "No Cryptography Administrator" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the "No Cryptography Administrator" role or more restrictive.
+
+The "Administrator" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.
 
-expected: true
-     got: False
+From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000248</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000248</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000248</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must disable the Customer Experience Improvement Program (CEIP).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The VMware CEIP sends VMware anonymized system information that is used to improve the quality, reliability, and functionality of VMware products and services. For confidentiality purposes this feature must be disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Customer Experience Improvement Program.
+or
 
-If Customer Experience Improvement &quot;Program Status&quot; is &quot;Joined&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Deployment &gt;&gt; Customer Experience Improvement Program.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Click &quot;Leave Program&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7cdd9353-2410-46fa-9a50-eb21cf78e7f5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000575</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000253</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must enforce SNMPv3 security features where SNMP is required.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. SNMPv3 can be configured for identification and cryptographically based authentication.
+Get-VIPermission | Where {$_.Role -eq "Admin" -or $_.Role -eq "NoTrustedAdmin" -or $_.Role -eq "vCLSAdmin" -or $_.Role -eq "vSphereKubernetesManager"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto
 
-SNMPv3 defines a user-based security model (USM) and a view-based access control model (VACM). SNMPv3 USM provides data integrity, data origin authentication, message replay protection, and protection against disclosure of the message payload. SNMPv3 VACM provides access control to determine whether a specific type of access (read or write) to the management information is allowed. Implement both VACM and USM for full protection.
+If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.
 
-SNMPv3 must be disabled by default and enabled only if used. SNMP v3 provides security feature enhancements to SNMP, including encryption and message authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following commands:
+The built-in solution users assigned to the administrator role are NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-# appliancesh
-# snmp.get
+Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as "No Cryptography Administrator".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000284' do\n  title 'The vCenter Server must restrict access to the default roles with cryptographic permissions.'\n  desc  \"\n    In vSphere, the built-in \\\"Administrator\\\" role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use.\n\n    A new built-in role called \\\"No Cryptography Administrator\\\" exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the \\\"No Cryptography Administrator\\\" role or more restrictive.\n\n    The \\\"Administrator\\\" role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Where {$_.Role -eq \\\"Admin\\\" -or $_.Role -eq \\\"NoTrustedAdmin\\\" -or $_.Role -eq \\\"vCLSAdmin\\\" -or $_.Role -eq \\\"vSphereKubernetesManager\\\"} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.\n\n    The built-in solution users assigned to the administrator role are NOT a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as \\\"No Cryptography Administrator\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000284'\n  tag rid: 'SV-VCSA-80-000284'\n  tag stig_id: 'VCSA-80-000284'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoAdmins = input('vcCryptoAdmins')\n\n  # Get all users/groups with Admin/Administrator role excluding vpxd- accounts\n  command = 'Get-VIPermission | Where-Object {($_.Role -eq \"Admin\" -or $_.Role -eq \"NoTrustedAdmin\" -or $_.Role -eq \"vCLSAdmin\" -or $_.Role -eq \"vSphereKubernetesManager\") -and $_.Principal -notmatch \"vpxd-\"} | Select-Object -ExpandProperty Principal'\n  cryptoadmins = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoadmins.empty?\n    cryptoadmins.each do |cryptoadmin|\n      describe cryptoadmin do\n        subject { cryptoadmin }\n        it { should be_in vcCryptoAdmins }\n      end\n    end\n  else\n    describe 'No users/groups found assigned to crypto roles...skipping tests.' do\n      skip 'No users/groups found assigned to crypto roles...skipping tests.'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VSPHERE.LOCAL\Administrator is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\Administrators is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\Administrators is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\vCLSAdmin is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\Administrators is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\vCLSAdmin is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\Administrators is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\vCLSAdmin is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\Administrators is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"
+--------------------------------
+passed :: TEST VSPHERE.LOCAL\vCLSAdmin is expected to be in "VSPHERE.LOCAL\\Administrator", "VSPHERE.LOCAL\\Administrators", and "VSPHERE.LOCAL\\vCLSAdmin"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000285</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000285</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000285</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must restrict access to cryptographic permissions.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.
 
-Note: The &quot;appliancesh&quot; command is not needed if the default shell has not been changed for root.
+From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-If &quot;Enable&quot; is set to &quot;False&quot;, this is not a finding.
+Highlight each role and click the 'Privileges" button in the right pane.
 
-If &quot;Enable&quot; is set to &quot;True&quot; and &quot;Authentication&quot; is not set to &quot;SHA1&quot;, this is a finding.
+Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:
 
-If &quot;Enable&quot; is set to &quot;True&quot; and &quot;Privacy&quot; is not set to &quot;AES128&quot;, this is a finding.
+Cryptographic Operations privileges
+Global.Diagnostics
+Host.Inventory.Add host to cluster
+Host.Inventory.Add standalone host
+Host.Local operations.Manage user groups
 
-If any &quot;Users&quot; are configured with a &quot;Sec_level&quot; that does not equal &quot;priv&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>At the command prompt on the vCenter Server Appliance, run the following commands:
-
-# appliancesh
-# snmp.set --authentication SHA1
-# snmp.set --privacy AES128
-
-To change the security level of a user, run the following command:
-
-# snmp.set --users &lt;username&gt;&#x2F;&lt;auth_password&gt; &lt;priv_password&gt;&#x2F;priv</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d139ee3a-6afe-48a4-a6af-0c8a13e8b530</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000265</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000575</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000265</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000265</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must disable SNMPv1&#x2F;2 receivers.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SNMPv3 supports commercial-grade security, including authentication, authorization, access control, and privacy. Previous versions of the protocol contained well-known security weaknesses that were easily exploited. Therefore, SNMPv1&#x2F;2 receivers must be disabled, while SNMPv3 is configured in another control. vCenter exposes SNMP v1&#x2F;2 in the UI and SNMPv3 in the CLI.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
-
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
-
-Click &quot;Edit&quot;.
-
-On the &quot;SNMP receivers&quot; tab, note the presence of any enabled receiver.
+or
 
-If there are any enabled receivers, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
+$roles = Get-VIRole
+ForEach($role in $roles){
+    $privileges = $role.PrivilegeList
+    If($privileges -match "Crypto*" -or $privileges -match "Global.Diagnostics" -or $privileges -match "Host.Inventory.Add*" -or $privileges -match "Host.Local operations.Manage user groups"){
+    Write-Host "$role has Cryptographic privileges"
+    }
+}
 
-Click &quot;Edit&quot;.
-
-On the &quot;SNMP receivers&quot; tab, ensure all receivers are disabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>67b90404-8381-48ec-bceb-73ea2101285e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001967</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-View -Id &#39;OptionManager-VpxSettings&#39;).setting | Where-Object {$_.key -match &#39;snmp.receiver.1.enabled&#39;} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-expected: False
-     got: True
+Highlight the target custom role and click "Edit".
 
-(compared using &#x60;cmp&#x60; matcher)
+Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:
 
+Cryptographic Operations privileges
+Global.Diagnostics
+Host.Inventory.Add host to cluster
+Host.Inventory.Add standalone host
+Host.Local operations.Manage user groups</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000285' do\n  title 'The vCenter Server must restrict access to cryptographic permissions.'\n  desc  'These permissions must be reserved for cryptographic administrators where virtual machine encryption and/or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.'\n  desc  'rationale', ''\n  desc  'check', \"\n    By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.\n\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    Highlight each role and click the 'Privileges\\\" button in the right pane.\n\n    Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $roles = Get-VIRole\n    ForEach($role in $roles){\n        $privileges = $role.PrivilegeList\n        If($privileges -match \\\"Crypto*\\\" -or $privileges -match \\\"Global.Diagnostics\\\" -or $privileges -match \\\"Host.Inventory.Add*\\\" -or $privileges -match \\\"Host.Local operations.Manage user groups\\\"){\n        Write-Host \\\"$role has Cryptographic privileges\\\"\n        }\n    }\n\n    If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    Highlight the target custom role and click \\\"Edit\\\".\n\n    Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:\n\n    Cryptographic Operations privileges\n    Global.Diagnostics\n    Host.Inventory.Add host to cluster\n    Host.Inventory.Add standalone host\n    Host.Local operations.Manage user groups\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000285'\n  tag rid: 'SV-VCSA-80-000285'\n  tag stig_id: 'VCSA-80-000285'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vcCryptoRoles = input('vcCryptoRoles')\n\n  command = 'Get-VIRole | Where-Object {$_.PrivilegeList -match \"Crypto*\" -or $_.PrivilegeList -match \"Global.Diagnostics\" -or $_.PrivilegeList -match \"Host.Inventory.Add*\" -or $_.PrivilegeList -match \"Host.Local operations.Manage user groups\"} | Select-Object -ExpandProperty Name'\n  cryptoroles = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !cryptoroles.empty?\n    cryptoroles.each do |cryptorole|\n      describe cryptorole do\n        subject { cryptorole }\n        it { should be_in vcCryptoRoles }\n      end\n    end\n  else\n    describe 'No roles found with crypto permissions...skipping tests.' do\n      skip 'No roles found with crypto permissions...skipping tests.'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST NoTrustedAdmin is expected to be in "Admin", "NoTrustedAdmin", "vCLSAdmin", and "vSphereKubernetesManager"
 --------------------------------
-passed
-PowerCLI Command: (Get-View -Id &#39;OptionManager-VpxSettings&#39;).setting | Where-Object {$_.key -match &#39;snmp.receiver.2.enabled&#39;} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Admin is expected to be in "Admin", "NoTrustedAdmin", "vCLSAdmin", and "vSphereKubernetesManager"
 --------------------------------
-passed
-PowerCLI Command: (Get-View -Id &#39;OptionManager-VpxSettings&#39;).setting | Where-Object {$_.key -match &#39;snmp.receiver.3.enabled&#39;} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST vSphereKubernetesManager is expected to be in "Admin", "NoTrustedAdmin", "vCLSAdmin", and "vSphereKubernetesManager"
 --------------------------------
-passed
-PowerCLI Command: (Get-View -Id &#39;OptionManager-VpxSettings&#39;).setting | Where-Object {$_.key -match &#39;snmp.receiver.4.enabled&#39;} | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000266</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000345</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000266</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000266</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must require an administrator to unlock an account locked due to excessive login failures.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By requiring that Single Sign-On (SSO) accounts be unlocked manually, the risk of unauthorized access via user password guessing, otherwise known as brute forcing, is reduced. When the account unlock time is set to zero, once an account is locked it can only be unlocked manually by an administrator.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
-
-View the value of the &quot;Unlock time&quot; setting.
-
-Unlock time: 0 seconds
-
-If the lockout policy is not configured with &quot;Unlock time&quot; policy of &quot;0&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Local Accounts &gt;&gt; Lockout Policy.
-
-Click &quot;Edit&quot;.
-
-Set the &quot;Unlock time&quot; to &quot;0&quot; and click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a0c43b5d-fc66-466b-a5a1-2a3c3a864b59</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-002238</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-SsoLockoutPolicy).AutoUnlockIntervalSec stdout.strip is expected to cmp &#x3D;&#x3D; &quot;0&quot;
-
-expected: 0
-     got: 300
-
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000267</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000267</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000267</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must disable the distributed virtual switch health check.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Network health check is disabled by default. Once enabled, the health check packets contain information on host#, vds#, and port#, which an attacker would find useful. It is recommended that network health check be used for troubleshooting and turned off when troubleshooting is finished.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
-
-From the vSphere Client, go to &quot;Networking&quot;.
-
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Health Check.
-
-View the health check pane and verify the &quot;VLAN and MTU&quot; and &quot;Teaming and failover&quot; checks are &quot;Disabled&quot;.
-
-or
-
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
-
-$vds &#x3D; Get-VDSwitch
-$vds.ExtensionData.Config.HealthCheckConfig
-
-If the health check feature is enabled on distributed switches and is not on temporarily for troubleshooting purposes, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+passed :: TEST vCLSAdmin is expected to be in "Admin", "NoTrustedAdmin", "vCLSAdmin", and "vSphereKubernetesManager"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000286</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000286</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000286</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Health Check.
+From the vSphere Client, go to Host and Clusters.
 
-Click &quot;Edit&quot;.
+Select a vSAN Enabled Cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; iSCSI Target Service.
 
-Disable the &quot;VLAN and MTU&quot; and &quot;Teaming and failover&quot; checks.
+For each iSCSI target, review the value in the "Authentication" column.
 
-Click &quot;OK&quot;.
+If the Authentication method is not set to "CHAP_Mutual" for any iSCSI target, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-or
+Select a vSAN Enabled Cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; iSCSI Target Service.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+For each iSCSI target, select the item and click "Edit".
+
+Change the "Authentication" field to "Mutual CHAP" and configure the incoming and outgoing users and secrets appropriately.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000286' do\n  title 'The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.'\n  desc  'When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; iSCSI Target Service.\n\n    For each iSCSI target, review the value in the \\\"Authentication\\\" column.\n\n    If the Authentication method is not set to \\\"CHAP_Mutual\\\" for any iSCSI target, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vSAN Enabled Cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; iSCSI Target Service.\n\n    For each iSCSI target, select the item and click \\\"Edit\\\".\n\n    Change the \\\"Authentication\\\" field to \\\"Mutual CHAP\\\" and configure the incoming and outgoing users and secrets appropriately.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000286'\n  tag rid: 'SV-VCSA-80-000286'\n  tag stig_id: 'VCSA-80-000286'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !clusters.empty?\n    clusters.each do |cluster|\n      iscsiEnabled = powercli_command(\"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").IscsiTargetServiceEnabled\").stdout.strip\n      if iscsiEnabled == 'True'\n        command = \"(Get-VsanClusterConfiguration -Cluster \\\"#{cluster}\\\").DefaultIscsiAuthenticationType\"\n        describe powercli_command(command) do\n          its('stdout.strip') { should cmp 'MutualChap' }\n        end\n        setimpact = false\n      else\n        describe \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\" do\n          skip \"vSAN iSCSI service not enabled on cluster: #{cluster}...this is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No vSAN enabled clusters found...this is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Applicable</STATUS>
+				<FINDING_DETAILS>skipped :: TEST vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable. :: SKIP_MESSAGE vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000287</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000287</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000287</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.
 
-Get-View -ViewType DistributedVirtualSwitch | ?{($_.config.HealthCheckConfig | ?{$_.enable -notmatch &quot;False&quot;})}| %{$_.UpdateDVSHealthCheckConfig(@((New-Object Vmware.Vim.VMwareDVSVlanMtuHealthCheckConfig -property @{enable&#x3D;0}),(New-Object Vmware.Vim.VMwareDVSTeamingHealthCheckConfig -property @{enable&#x3D;0})))}</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b956492c-21e3-4d2d-a0de-1e2cb841bd96</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Health check for VDSwitch STIG 1 is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-Health check for VDSwitch STIG 1 is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-Health check for VDSwitch STIG 2 is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-Health check for VDSwitch STIG 2 is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000268</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000268</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000268</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must set the distributed port group Forged Transmits policy to &quot;Reject&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the virtual machine operating system changes the Media Access Control (MAC) address, the operating system can send frames with an impersonated source MAC address at any time. This allows an operating system to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.
+This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If vSAN is not in use, this is not applicable.
 
-When the &quot;Forged Transmits&quot; option is set to &quot;Accept&quot;, ESXi does not compare source and effective MAC addresses.
+Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.
 
-To protect against MAC impersonation, set the &quot;Forged Transmits&quot; option to &quot;Reject&quot;. The host compares the source MAC address being transmitted by the guest operating system with the effective MAC address for its virtual machine adapter to determine if they match. If the addresses do not match, the ESXi host drops the packet.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).
 
-From the vSphere Client, go to &quot;Networking&quot;.
+If vSAN encryption is not in use, this is not a finding.
 
-Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If vSAN encryption is in use, ensure that a regular rekey procedure is in place.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000287' do\n  title 'The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).'\n  desc  \"\n    The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.\n\n    This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If vSAN is not in use, this is not applicable.\n\n    Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.\n\n    VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).\n\n    If vSAN encryption is not in use, this is not a finding.\n\n    If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.\n  \"\n  desc 'fix', 'If vSAN encryption is in use, ensure that a regular rekey procedure is in place.'\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000287'\n  tag rid: 'SV-VCSA-80-000287'\n  tag stig_id: 'VCSA-80-000287'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000288</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000288</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000288</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).
+
+When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If LDAP is not used as an identity provider, this is not applicable.
 
-Verify &quot;Forged Transmits&quot; is set to &quot;Reject&quot;.
+From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
 
-or
+Click the "Identity Sources" tab.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+For each identity source of type "Active Directory over LDAP", if the "Server URL" does not indicate "ldaps://", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
 
-Get-VDSwitch | Get-VDSecurityPolicy
-Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy
+Click the "Identity Sources" tab.
+
+For each identity source of type "Active Directory over LDAP" where LDAPS is not configured, highlight the item and click "Edit".
+
+Ensure the primary and secondary server URLs, if specified, are configured for "ldaps://".
+
+At the bottom, click the "Browse" button, select the AD LDAP cert previously exported to your local computer, click "Open", and "Save" to complete modifications.
+
+Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000288' do\n  title 'The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.'\n  desc  \"\n    LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).\n\n    When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If LDAP is not used as an identity provider, this is not applicable.\n\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\", if the \\\"Server URL\\\" does not indicate \\\"ldaps://\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.\n\n    Click the \\\"Identity Sources\\\" tab.\n\n    For each identity source of type \\\"Active Directory over LDAP\\\" where LDAPS is not configured, highlight the item and click \\\"Edit\\\".\n\n    Ensure the primary and secondary server URLs, if specified, are configured for \\\"ldaps://\\\".\n\n    At the bottom, click the \\\"Browse\\\" button, select the AD LDAP cert previously exported to your local computer, click \\\"Open\\\", and \\\"Save\\\" to complete modifications.\n\n    Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000288'\n  tag rid: 'SV-VCSA-80-000288'\n  tag stig_id: 'VCSA-80-000288'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000290</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000290</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000290</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must limit membership to the "SystemConfiguration.BashShellAdministrators" Single Sign-On (SSO) group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter SSO integrates with PAM in the underlying Photon operating system so members of the "SystemConfiguration.BashShellAdministrators" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named "sso-user" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.
+
+To force accountability and nonrepudiation, the SSO group "SystemConfiguration.BashShellAdministrators" must be severely restricted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
 
-If the &quot;Forged Transmits&quot; policy is set to accept for a non-uplink port, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+Click the next page arrow until the "SystemConfiguration.BashShellAdministrators" group appears.
 
-Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Click "SystemConfiguration.BashShellAdministrators".
 
-Click &quot;Edit&quot;.
+Review the members of the group and ensure that only authorized accounts are present.
 
-Click the &quot;Security&quot; tab.
+Note: By default the Administrator and a unique service account similar to "vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2" will be in the group and should not be removed.
 
-Set &quot;Forged Transmits&quot; to &quot;Reject&quot;.
+If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
 
-Click &quot;OK&quot;.
+Click the next page arrow until the "SystemConfiguration.BashShellAdministrators" group appears.
 
-or
+Click "SystemConfiguration.BashShellAdministrators".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+Click the three vertical dots next to the name of each unauthorized account.
 
-Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false
-Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -ForgedTransmits $false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9ad6245b-0d22-4f13-8bc6-5f8a22063b4c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 1&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 2&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+Select "Remove Member".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000290' do\n  title 'The vCenter Server must limit membership to the \"SystemConfiguration.BashShellAdministrators\" Single Sign-On (SSO) group.'\n  desc  \"\n    vCenter SSO integrates with PAM in the underlying Photon operating system so members of the \\\"SystemConfiguration.BashShellAdministrators\\\" SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named \\\"sso-user\\\" as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.\n\n    To force accountability and nonrepudiation, the SSO group \\\"SystemConfiguration.BashShellAdministrators\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: By default the Administrator and a unique service account similar to \\\"vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2\\\" will be in the group and should not be removed.\n\n    If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.\n\n    Click the next page arrow until the \\\"SystemConfiguration.BashShellAdministrators\\\" group appears.\n\n    Click \\\"SystemConfiguration.BashShellAdministrators\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000290'\n  tag rid: 'SV-VCSA-80-000290'\n  tag stig_id: 'VCSA-80-000290'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  bashShellAdminUsers = input('bashShellAdminUsers')\n  # Get appliance management user and add to list of authorized users. Unique to each vCenter.\n  applmgmtuser = powercli_command('Get-SsoGroup -Domain vsphere.local -Name applmgmtSvcUsers | Get-SsoPersonUser | Select-Object -ExpandProperty Name').stdout.strip\n  bashShellAdminUsers.push(applmgmtuser)\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in SystemConfiguration.BashShellAdministrators' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |user|\n      describe user do\n        it { should be_in bashShellAdminUsers }\n      end\n    end\n  end\n  bashShellAdminGroups = input('bashShellAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name SystemConfiguration.BashShellAdministrators | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in SystemConfiguration.BashShellAdministrators' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\").each do |group|\n      describe group do\n        it { should be_in bashShellAdminGroups }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Administrator is expected to be in "Administrator" and "vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+passed :: TEST vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d is expected to be in "Administrator" and "vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+passed :: TEST Stderr should be empty if no groups found is expected to be empty
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty ForgedTransmits stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000269</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000269</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000269</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to &quot;Reject&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the virtual machine operating system changes the MAC address, it can send frames with an impersonated source MAC address at any time. This allows it to stage malicious attacks on the devices in a network by impersonating a network adaptor authorized by the receiving network.
-
-This will prevent virtual machines from changing their effective MAC address and will affect applications that require this functionality. This will also affect how a layer 2 bridge will operate and will affect applications that require a specific MAC address for licensing.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
-
-From the vSphere Client, go to &quot;Networking&quot;.
-
-Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
-
-Verify &quot;MAC Address Changes&quot; is set to &quot;Reject&quot;.
-
-or
-
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
-
-Get-VDSwitch | Get-VDSecurityPolicy
-Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy
+passed :: TEST No groups found in SystemConfiguration.BashShellAdministrators is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000291</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000291</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000291</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must limit membership to the "TrustedAdmins" Single Sign-On (SSO) group.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vSphere "TrustedAdmins" group grants additional rights to administer the vSphere Trust Authority feature.
+
+To force accountability and nonrepudiation, the SSO group "TrustedAdmins" must be severely restricted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
 
-If the &quot;MAC Address Changes&quot; policy is set to accept, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+Click the next page arrow until the "TrustedAdmins" group appears.
 
-Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Click "TrustedAdmins".
 
-Click &quot;Edit&quot;.
+Review the members of the group and ensure that only authorized accounts are present.
 
-Click the &quot;Security&quot; tab.
+Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.
 
-Set &quot;MAC Address Changes&quot; to &quot;Reject&quot;.
+If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
 
-Click &quot;OK&quot;.
+Click the next page arrow until the "TrustedAdmins" group appears.
 
-or
+Click "TrustedAdmins".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+Click the three vertical dots next to the name of each unauthorized account.
 
-Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false
-Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -MacChanges $false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a11a2b95-a934-405e-ac40-668586c38781</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 1&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 2&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+Select "Remove Member".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000291' do\n  title 'The vCenter Server must limit membership to the \"TrustedAdmins\" Single Sign-On (SSO) group.'\n  desc  \"\n    The vSphere \\\"TrustedAdmins\\\" group grants additional rights to administer the vSphere Trust Authority feature.\n\n    To force accountability and nonrepudiation, the SSO group \\\"TrustedAdmins\\\" must be severely restricted.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Review the members of the group and ensure that only authorized accounts are present.\n\n    Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.\n\n    If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.\n\n    Click the next page arrow until the \\\"TrustedAdmins\\\" group appears.\n\n    Click \\\"TrustedAdmins\\\".\n\n    Click the three vertical dots next to the name of each unauthorized account.\n\n    Select \\\"Remove Member\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000291'\n  tag rid: 'SV-VCSA-80-000291'\n  tag stig_id: 'VCSA-80-000291'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  trustedAdminUsers = input('trustedAdminUsers')\n  users = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoPersonUser | Select-Object -ExpandProperty Name')\n  if users.stdout.empty?\n    describe 'Stderr should be empty if no users found' do\n      subject { users.stderr }\n      it { should be_empty }\n    end\n    describe 'No users found in TrustedAdmins' do\n      subject { users.stdout }\n      it { should be_empty }\n    end\n  else\n    users.stdout.split.each do |user|\n      describe user do\n        it { should be_in trustedAdminUsers }\n      end\n    end\n  end\n  trustedAdminGroups = input('trustedAdminGroups')\n  groups = powercli_command('Get-SsoGroup -Domain vsphere.local -Name TrustedAdmins | Get-SsoGroup | Select-Object -ExpandProperty Name')\n  if groups.stdout.empty?\n    describe 'Stderr should be empty if no groups found' do\n      subject { groups.stderr }\n      it { should be_empty }\n    end\n    describe 'No groups found in TrustedAdmins' do\n      subject { groups.stdout }\n      it { should be_empty }\n    end\n  else\n    groups.stdout.split.each do |group|\n      describe group do\n        it { should be_in trustedAdminGroups }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Stderr should be empty if no users found is expected to be empty
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+passed :: TEST No users found in TrustedAdmins is expected to be empty
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+passed :: TEST Stderr should be empty if no groups found is expected to be empty
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty MacChanges stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000270</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must set the distributed port group Promiscuous Mode policy to &quot;Reject&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When promiscuous mode is enabled for a virtual switch, all virtual machines connected to the port group have the potential of reading all packets across that network, meaning only the virtual machines connected to that port group.
-
-Promiscuous mode is disabled by default on the ESXi Server, and this is the recommended setting.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
-
-From the vSphere Client, go to &quot;Networking&quot;.
-
-Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
-
-Verify &quot;Promiscuous Mode&quot; is set to &quot;Reject&quot;.
+passed :: TEST No groups found in TrustedAdmins is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000292</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000292</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000292</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server configuration must be backed up on a regular basis.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.
+
+For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Option 1:
 
-or
+If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+Option 2:
 
-Get-VDSwitch | Get-VDSecurityPolicy
-Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy
+For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.
 
-If the &quot;Promiscuous Mode&quot; policy is set to accept, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
 
-Select a distributed switch &gt;&gt; Select a port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Select "Backup" on the left navigation pane.
 
-Click &quot;Edit&quot;.
+On the resulting pane on the right, verify the "Status" is "Enabled".
 
-Click the &quot;Security&quot; tab.
+Click "Status" to expand the backup details.
 
-Set &quot;Promiscuous Mode&quot; to &quot;Reject&quot;.
+If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.
 
-Click &quot;OK&quot;.
+If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than "Daily", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Option 1:
 
-or
+Implement and document a VMware-supported storage/image-based backup schedule.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+Option 2:
 
-Get-VDSwitch | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false
-Get-VDPortgroup | ?{$_.IsUplink -eq $false} | Get-VDSecurityPolicy | Set-VDSecurityPolicy -AllowPromiscuous $false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>2475340e-936a-48a7-84e2-0ca5fd3df10a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 1&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 2&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;) | Get-VDSecurityPolicy | Select-Object -ExpandProperty AllowPromiscuous stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000271</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000271</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000271</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must only send NetFlow traffic to authorized collectors.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The distributed virtual switch can export NetFlow information about traffic crossing the switch. NetFlow exports are not encrypted and can contain information about the virtual network, making it easier for a man-in-the-middle attack to be executed successfully. If NetFlow export is required, verify that all NetFlow target Internet Protocols (IPs) are correct.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+To configure vCenter native backup functionality, open the VAMI by navigating to https://&lt;vCenter server&gt;:5480.
 
-To view NetFlow Collector IPs configured on distributed switches:
+Log in with local operating system administrative credentials or with an SSO account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+Select "Backup" on the left navigation pane.
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; NetFlow.
+On the resulting pane on the right, click "Configure" (or "Edit" for an existing configuration).
 
-View the NetFlow pane and verify any collector IP addresses are valid and in use for troubleshooting.
+Enter site-specific information for the backup job.
 
-or
+Ensure "Schedule" is set to "Daily". Limiting the number of retained backups is recommended but not required.
+
+Click "Create".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000292' do\n  title 'The vCenter server configuration must be backed up on a regular basis.'\n  desc  \"\n    vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage/image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.\n\n    For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Option 1:\n\n    If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.\n\n    Option 2:\n\n    For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, verify the \\\"Status\\\" is \\\"Enabled\\\".\n\n    Click \\\"Status\\\" to expand the backup details.\n\n    If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.\n\n    If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than \\\"Daily\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Option 1:\n\n    Implement and document a VMware-supported storage/image-based backup schedule.\n\n    Option 2:\n\n    To configure vCenter native backup functionality, open the VAMI by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with an SSO account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Backup\\\" on the left navigation pane.\n\n    On the resulting pane on the right, click \\\"Configure\\\" (or \\\"Edit\\\" for an existing configuration).\n\n    Enter site-specific information for the backup job.\n\n    Ensure \\\"Schedule\\\" is set to \\\"Daily\\\". Limiting the number of retained backups is recommended but not required.\n\n    Click \\\"Create\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000292'\n  tag rid: 'SV-VCSA-80-000292'\n  tag stig_id: 'VCSA-80-000292'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  if input('backup3rdParty')\n    describe '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.' do\n      skip '3rd party backups indicated. This check is a manual or policy based check and must be reviewed manually.'\n    end\n  else\n    command = '(Invoke-ListRecoveryBackupSchedules).default.enable'\n    backupsenabled = powercli_command(command).stdout.strip\n\n    describe 'File based backups should be enabled.' do\n      subject { backupsenabled }\n      it { should cmp 'true' }\n    end\n\n    if backupsenabled == 'True'\n      # check that backups are scheduled daily. if so the days configuration will be empty\n      # if a custom schedule is specified and every day is selected this will fail and that should be changed to daily\n      backupschedule = powercli_command('(Invoke-ListRecoveryBackupSchedules).default.recurrence_info.days').stdout.strip\n      describe 'Backups should be scheduled daily.' do\n        subject { backupschedule }\n        it { should cmp '' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST File based backups should be enabled. is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: 
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000293</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000293</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000293</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must have task and event retention set to at least 30 days.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.
 
-Get-VDSwitch | select Name,@{N&#x3D;&quot;NetFlowCollectorIPs&quot;;E&#x3D;{$_.ExtensionData.config.IpfixConfig.CollectorIpAddress}}
+vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-To view if NetFlow is enabled on any distributed port groups:
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+Click to expand the "Database" section.
 
-Select a distributed port group &gt;&gt; Manage &gt;&gt; Settings &gt;&gt; Policies.
+Note the "Task retention" and "Event retention" values.
 
-Go to &quot;Monitoring&quot; and view the NetFlow status.
+If either value is configured to less than "30" days, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-or
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Click "Edit".
+
+On the "Database" tab, set the value for both "Task retention" and "Event retention" to "30" days (default) or greater, as required by your site.
+
+Click "Save".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000293' do\n  title 'The vCenter server must have task and event retention set to at least 30 days.'\n  desc  \"\n    vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.\n\n    vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.\n\n    Click to expand the \\\"Database\\\" section.\n\n    Note the \\\"Task retention\\\" and \\\"Event retention\\\" values.\n\n    If either value is configured to less than \\\"30\\\" days, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.\n\n    Click \\\"Edit\\\".\n\n    On the \\\"Database\\\" tab, set the value for both \\\"Task retention\\\" and \\\"Event retention\\\" to \\\"30\\\" days (default) or greater, as required by your site.\n\n    Click \\\"Save\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000293'\n  tag rid: 'SV-VCSA-80-000293'\n  tag stig_id: 'VCSA-80-000293'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= '30' }\n  end\n  command = 'Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value'\n  describe powercli_command(command) do\n    its('stdout.strip') { should cmp &gt;= '30' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &gt;= "30"
+--------------------------------
+passed :: TEST PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &gt;= "30"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000294</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000294</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000294</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server Native Key Provider must be backed up with a strong password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the vCenter Native Key Provider feature is not in use, this is not applicable.
 
-Get-VDPortgroup | Select Name,VirtualSwitch,@{N&#x3D;&quot;NetFlowEnabled&quot;;E&#x3D;{$_.Extensiondata.Config.defaultPortConfig.ipfixEnabled.Value}}
+Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.
 
-If NetFlow is configured and the collector IP is not known and documented, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To remove collector IPs, do the following:
+If backups exist for the Native Key Provider that are not password protected, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Key Providers.
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; NetFlow.
+Select the Native Key Provider, click "Back-up", and check the box "Protect Native Key Provider data with password".
+
+Provide a strong password and click "Back up key provider".
+
+Delete any previous backups that were not protected with a password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000294' do\n  title 'The vCenter server Native Key Provider must be backed up with a strong password.'\n  desc  'The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If the vCenter Native Key Provider feature is not in use, this is not applicable.\n\n    Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.\n\n    If backups exist for the Native Key Provider that are not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Key Providers.\n\n    Select the Native Key Provider, click \\\"Back-up\\\", and check the box \\\"Protect Native Key Provider data with password\\\".\n\n    Provide a strong password and click \\\"Back up key provider\\\".\n\n    Delete any previous backups that were not protected with a password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000294'\n  tag rid: 'SV-VCSA-80-000294'\n  tag stig_id: 'VCSA-80-000294'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000295</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000295</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000295</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must require authentication for published content libraries.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
 
-Click &quot;Edit&quot;.
+Review the "Password Protected" column.
 
-Remove any unknown collector IPs.
+If a content library is published and is not password protected, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
 
-or
+Select the target content library.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+Select "Actions" then "Edit Settings".
+
+Click the checkbox to "Enable user authentication for access to this content library".
+
+Enter and confirm a password for the content library. Click "Ok".
+
+Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000295' do\n  title 'The vCenter server must require authentication for published content libraries.'\n  desc  'In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.'\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Password Protected\\\" column.\n\n    If a content library is published and is not password protected, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Enable user authentication for access to this content library\\\".\n\n    Enter and confirm a password for the content library. Click \\\"Ok\\\".\n\n    Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000295'\n  tag rid: 'SV-VCSA-80-000295'\n  tag stig_id: 'VCSA-80-000295'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      if libinfojson['publish_info']['published'] == true\n        describe \"Authentication should be enabled on Content Library: #{libinfojson['name']}\" do\n          subject { libinfojson }\n          its(['publish_info', 'authentication_method']) { should cmp 'BASIC' }\n        end\n        setimpact = false\n      else\n        describe \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\" do\n          skip \"Publishing not enabled on Content Library: #{libinfojson['name']}. This control is not applicable.\"\n        end\n      end\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST Authentication should be enabled on Content Library: STIG Content Library ["publish_info", "authentication_method"] is expected to cmp == "BASIC" :: MESSAGE 
+expected: BASIC
+     got: NONE
 
-$dvs &#x3D; Get-VDSwitch dvswitch | Get-View
-ForEach($vs in $dvs){
-$spec &#x3D; New-Object VMware.Vim.VMwareDVSConfigSpec
-$spec.configversion &#x3D; $vs.Config.ConfigVersion
-$spec.IpfixConfig &#x3D; New-Object VMware.Vim.VMwareIpfixConfig
-$spec.IpfixConfig.CollectorIpAddress &#x3D; &quot;&quot;
-$spec.IpfixConfig.CollectorPort &#x3D; &quot;0&quot;
-$spec.IpfixConfig.ActiveFlowTimeout &#x3D; &quot;60&quot;
-$spec.IpfixConfig.IdleFlowTimeout &#x3D; &quot;15&quot;
-$spec.IpfixConfig.SamplingRate &#x3D; &quot;0&quot;
-$spec.IpfixConfig.InternalFlowsOnly &#x3D; $False
-$vs.ReconfigureDvs_Task($spec)
-}
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000296</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000296</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000296</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter server must enable the OVF security policy for content libraries.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.
 
-Note: This will reset the NetFlow collector configuration back to the defaults.
+You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
 
-To disable NetFlow on a distributed port group, do the following:
+Review the "Security Policy" column.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+If a content library does not have the "OVF default policy" enabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
 
-Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Select the target content library.
 
-Click &quot;Edit&quot;.
+Select "Actions" then "Edit Settings".
+
+Click the checkbox to "Apply Security Policy". Click "OK".
+
+Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000296' do\n  title 'The vCenter server must enable the OVF security policy for content libraries.'\n  desc  \"\n    In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.\n\n    You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Review the \\\"Security Policy\\\" column.\n\n    If a content library does not have the \\\"OVF default policy\\\" enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Content Libraries.\n\n    Select the target content library.\n\n    Select \\\"Actions\\\" then \\\"Edit Settings\\\".\n\n    Click the checkbox to \\\"Apply Security Policy\\\". Click \\\"OK\\\".\n\n    Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000296'\n  tag rid: 'SV-VCSA-80-000296'\n  tag stig_id: 'VCSA-80-000296'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-ContentLibrary | Select-Object -ExpandProperty Id'\n  libraries = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  setimpact = true\n  if !libraries.empty?\n    libraries.each do |library|\n      libinfo = powercli_command(\"Invoke-GetLibraryIdContent #{library} | ConvertTo-Json\").stdout\n      libinfojson = JSON.parse(libinfo)\n      describe \"OVF security policy should be enabled on Content Library: #{libinfojson['name']}\" do\n        subject { libinfojson }\n        its(['security_policy_id']) { should_not be nil }\n      end\n      setimpact = false\n    end\n  else\n    describe '' do\n      skip 'No content libraries found. This control is not applicable.'\n    end\n  end\n  unless !setimpact\n    impact 0.0\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST OVF security policy should be enabled on Content Library: STIG Content Library ["security_policy_id"] is expected not to equal nil :: MESSAGE 
+expected not #&lt;NilClass:8&gt; =&gt; nil
+         got #&lt;NilClass:8&gt; =&gt; nil
+
+Compared using equal?, which compares object identity.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000298</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000298</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000298</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must separate authentication and authorization for administrators.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.
 
-Click the &quot;Monitoring&quot; tab.
+The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
 
-Change &quot;NetFlow&quot; to &quot;Disabled&quot;.
+View the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on "Usage".
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
-
-$pgs &#x3D; Get-VDPortgroup | Get-View
-ForEach($pg in $pgs){
-$spec &#x3D; New-Object VMware.Vim.DVPortgroupConfigSpec
-$spec.configversion &#x3D; $pg.Config.ConfigVersion
-$spec.defaultPortConfig &#x3D; New-Object VMware.Vim.VMwareDVSPortSetting
-$spec.defaultPortConfig.ipfixEnabled &#x3D; New-Object VMware.Vim.BoolPolicy
-$spec.defaultPortConfig.ipfixEnabled.inherited &#x3D; $false
-$spec.defaultPortConfig.ipfixEnabled.value &#x3D; $false
-$pg.ReconfigureDVPortgroup_Task($spec)
-}</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a737d250-e7ad-4b0e-adac-a7efd7848b06</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-
-Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 1.
---------------------------------
-skipped
-
-Ipfix CollectorIpAddress not configured...skipping VDSwitch STIG 2.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000272</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000272</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000272</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ESXi does not use the concept of native VLAN. Frames with VLAN specified in the port group will have a tag, but frames with VLAN not specified in the port group are not tagged and therefore will end up belonging to native VLAN of the physical switch.
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-For example, frames on VLAN 1 from a Cisco physical switch will be untagged, because this is considered as the native VLAN. However, frames from ESXi specified as VLAN 1 will be tagged with a &quot;1&quot;; therefore, traffic from ESXi that is destined for the native VLAN will not be correctly routed (because it is tagged with a &quot;1&quot; instead of being untagged), and traffic from the physical switch coming from the native VLAN will not be visible (because it is not tagged).
+Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto
 
-If the ESXi virtual switch port group uses the native VLAN ID, traffic from those virtual machines will not be visible to the native VLAN on the switch, because the switch is expecting untagged traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+Note: Users and/or groups assigned to roles should be from the "VSPHERE.LOCAL" identity source.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Groups.
 
-Review the port group VLAN tags and verify they are not set to the native VLAN ID of the attached physical switch.
+Select the Administrators group and click "Edit".
 
-or
+In the "Add Members" section, select the identity source and type the name of the target user/group in the search bar.
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Select the target user/group to add them and click "Save".
 
-Get-VDPortgroup | select Name, VlanConfiguration
+Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.
 
-If any port group is configured with the native VLAN of the ESXi hosts attached physical switch, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+To remove identity provider users/groups from a role, do the following:
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Global Permissions.
 
-Click &quot;Edit&quot;.
+Select the offending user/group and click "Delete".
+
+Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000298' do\n  title 'The vCenter Server must separate authentication and authorization for administrators.'\n  desc  \"\n    Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.\n\n    The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.\n\n    View the Administrator role and any other role providing administrative access to vCenter to verify the users and/or groups assigned to it by clicking on \\\"Usage\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto\n\n    If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.\n\n    Note: Users and/or groups assigned to roles should be from the \\\"VSPHERE.LOCAL\\\" identity source.\n  \"\n  desc 'fix', \"\n    To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:\n\n    From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Groups.\n\n    Select the Administrators group and click \\\"Edit\\\".\n\n    In the \\\"Add Members\\\" section, select the identity source and type the name of the target user/group in the search bar.\n\n    Select the target user/group to add them and click \\\"Save\\\".\n\n    Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.\n\n    To remove identity provider users/groups from a role, do the following:\n\n    From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Global Permissions.\n\n    Select the offending user/group and click \\\"Delete\\\".\n\n    Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000298'\n  tag rid: 'SV-VCSA-80-000298'\n  tag stig_id: 'VCSA-80-000298'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe 'This check is a manual or policy based check and must be reviewed manually.' do\n    skip 'This check is a manual or policy based check and must be reviewed manually.'\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Not_Reviewed</STATUS>
+				<FINDING_DETAILS>skipped :: TEST This check is a manual or policy based check and must be reviewed manually. :: SKIP_MESSAGE This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000299</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000299</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000299</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must disable CDP/LLDP on distributed switches.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-Click the &quot;VLAN&quot; tab.
+From the vSphere Client, go to "Networking".
 
-Change the VLAN ID to a non-native VLAN.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Click &quot;OK&quot;.
+Review the "Discovery Protocol" configuration.
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VDPortgroup &quot;portgroup name&quot; | Set-VDVlanConfiguration -VlanId &quot;New VLAN#&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fb68d569-a379-44d1-8e0a-c30fc231253e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp &#x3D;&#x3D; &quot;1&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp &#x3D;&#x3D; &quot;1&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp &#x3D;&#x3D; &quot;1&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to cmp &#x3D;&#x3D; &quot;1&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000273</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000273</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000273</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When a port group is set to VLAN Trunking, the vSwitch passes all network frames in the specified range to the attached virtual machines without modifying the virtual local area network (VLAN) tags. In vSphere, this is referred to as VGT.
-
-The virtual machine must process the VLAN information itself via an 802.1Q driver in the operating system. VLAN Trunking must only be implemented if the attached virtual machines have been specifically authorized and are capable of managing VLAN tags themselves.
+Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation
 
-If VLAN Trunking is enabled inappropriately, it may cause a denial of service or allow a virtual machine to interact with traffic on an unauthorized VLAN.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+If any distributed switch does not have "Discovery Protocols" disabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-From the vSphere Client, go to &quot;Networking&quot;.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Click "Edit".
 
-Review the port group &quot;VLAN Type&quot; and &quot;VLAN trunk range&quot;, if present.
+Select the advanced tab and update the "Type" under "Discovery Protocol" to disabled and click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VDPortgroup | Where {$_.ExtensionData.Config.Uplink -ne &quot;True&quot;} | Select Name,VlanConfiguration
-
-If any port group is configured with &quot;VLAN trunking&quot; and is not documented as a needed exception (such as NSX appliances), this is a finding.
+Get-VDSwitch -Name "DSwitch" | Set-VDSwitch -LinkDiscoveryProtocolOperation "Disabled"</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000299' do\n  title 'The vCenter Server must disable CDP/LLDP on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Review the \\\"Discovery Protocol\\\" configuration.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation\n\n    If any distributed switch does not have \\\"Discovery Protocols\\\" disabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Click \\\"Edit\\\".\n\n    Select the advanced tab and update the \\\"Type\\\" under \\\"Discovery Protocol\\\" to disabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch -Name \\\"DSwitch\\\" | Set-VDSwitch -LinkDiscoveryProtocolOperation \\\"Disabled\\\"\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000299'\n  tag rid: 'SV-VCSA-80-000299'\n  tag stig_id: 'VCSA-80-000299'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"Get-VDSwitch -Name \\\"#{vds}\\\" | Select -ExpandProperty LinkDiscoveryProtocolOperation\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'Disabled' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: Get-VDSwitch -Name "VDSwitch STIG 1" | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp == "Disabled" :: MESSAGE 
+expected: Disabled
+     got: Listen
 
-If any port group is authorized to be configured with &quot;VLAN trunking&quot; but is not configured with the most limited range necessary, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+(compared using `cmp` matcher)
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+--------------------------------
+failed :: TEST PowerCLI Command: Get-VDSwitch -Name "VDSwitch STIG 2" | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp == "Disabled" :: MESSAGE 
+expected: Disabled
+     got: Listen
 
-Click &quot;Edit&quot;.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000300</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-Click the &quot;VLAN&quot; tab.
+From the vSphere Client, go to "Networking".
 
-If &quot;VLAN trunking&quot; is not authorized, remove it by setting &quot;VLAN type&quot; to &quot;VLAN&quot; and configure an appropriate VLAN ID. Click &quot;OK&quot;.
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Port Mirroring.
 
-If &quot;VLAN trunking&quot; is authorized but the range is too broad, modify the range in the &quot;VLAN trunk range&quot; field to the minimum necessary and authorized range. An example range would be &quot;1,3-5,8&quot;. Click &quot;OK&quot;.
+Review any configured "Port Mirroring" sessions.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command to configure trunking:
+From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VDPortgroup &quot;Portgroup Name&quot; | Set-VDVlanConfiguration -VlanTrunkRange &quot;&lt;VLAN Range(s) comma separated&gt;&quot;
+Get-VDSwitch | select Name,@{N="Port Mirroring Sessions";E={$_.ExtensionData.Config.VspanSession.Name}}
 
-or
+If there are any unauthorized port mirroring sessions configured, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-Run this command to configure a single VLAN ID:
+Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Port Mirroring.
 
-Get-VDPortgroup &quot;Portgroup Name&quot; | Set-VDVlanConfiguration -VlanId &quot;&lt;New VLAN#&gt;&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>ba54cb69-f9c5-4fce-8bf6-b8467bbb6279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-
-No distributed port groups found to check. This is not applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000274</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000274</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000274</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Certain physical switches reserve certain VLAN IDs for internal purposes and often disallow traffic configured to these values. For example, Cisco Catalyst switches typically reserve VLANs 1001 to 1024 and 4094, while Nexus switches typically reserve 3968 to 4094.
+Select the unauthorized "Port Mirroring" session and click "Remove". Click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000300' do\n  title 'The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.'\n  desc  'The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.'\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Port Mirroring.\n\n    Review any configured \\\"Port Mirroring\\\" sessions.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    Get-VDSwitch | select Name,@{N=\\\"Port Mirroring Sessions\\\";E={$_.ExtensionData.Config.VspanSession.Name}}\n\n    If there are any unauthorized port mirroring sessions configured, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Port Mirroring.\n\n    Select the unauthorized \\\"Port Mirroring\\\" session and click \\\"Remove\\\". Click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000300'\n  tag rid: 'SV-VCSA-80-000300'\n  tag stig_id: 'VCSA-80-000300'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDSwitch | Select -ExpandProperty Name'\n  vdswitches = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdswitches.empty?\n    describe '' do\n      skip 'No distributed switches found to check.'\n    end\n  else\n    vdswitches.each do |vds|\n      command = \"(Get-VDSwitch -Name \\\"#{vds}\\\").ExtensionData.Config.VspanSession\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp '' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 1").ExtensionData.Config.VspanSession stdout.strip is expected to cmp == ""
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDSwitch -Name "VDSwitch STIG 2").ExtensionData.Config.VspanSession stdout.strip is expected to cmp == ""</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000301</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000301</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000301</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must not override port group settings at the port level on distributed switches.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.
 
-Check with the documentation for the organization&#39;s specific switch. Using a reserved VLAN might result in a denial of service on the network.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
 					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+From the vSphere Client, go to "Networking".
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Review the port group VLAN tags and verify that they are not set to a reserved VLAN ID.
+Review the "Override port policies".
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VDPortgroup | select Name, VlanConfiguration
+(Get-VDPortgroup).ExtensionData.Config.Policy
 
-If any port group is configured with a reserved VLAN ID, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+If there are any distributed port groups that allow overridden port policies, this is a finding.
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Policies.
+Note: This does not apply to the "Block Ports" or "Configure reset at disconnect" policies.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-Click &quot;Edit&quot;.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Click the &quot;VLAN&quot; tab. Change the VLAN ID to an unreserved VLAN ID.
+Click "Edit".
 
-Click &quot;OK&quot;.
+Select advanced and update all port policies besides "Block Ports" to "disabled" and click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-VDPortgroup &quot;portgroup name&quot; | Set-VDVlanConfiguration -VlanId &quot;New VLAN#&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>7ee22b06-681f-425d-9a20-91aedc868eb0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in &quot;1001&quot;, &quot;1024&quot;, &quot;3968&quot;, &quot;4047&quot;, and &quot;4094&quot;
+$pgs = Get-VDPortgroup | Get-View
+ForEach($pg in $pgs){
+$spec = New-Object VMware.Vim.DVPortgroupConfigSpec
+$spec.configversion = $pg.Config.ConfigVersion
+$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy
+$spec.Policy.VlanOverrideAllowed = $False
+$spec.Policy.UplinkTeamingOverrideAllowed = $False
+$spec.Policy.SecurityPolicyOverrideAllowed = $False
+$spec.Policy.IpfixOverrideAllowed = $False
+$spec.Policy.BlockOverrideAllowed = $True
+$spec.Policy.ShapingOverrideAllowed = $False
+$spec.Policy.VendorConfigOverrideAllowed = $False
+$spec.Policy.TrafficFilterOverrideAllowed = $False
+$pg.ReconfigureDVPortgroup_Task($spec)
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000301' do\n  title 'The vCenter Server must not override port group settings at the port level on distributed switches.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Review the \\\"Override port policies\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy\n\n    If there are any distributed port groups that allow overridden port policies, this is a finding.\n\n    Note: This does not apply to the \\\"Block Ports\\\" or \\\"Configure reset at disconnect\\\" policies.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update all port policies besides \\\"Block Ports\\\" to \\\"disabled\\\" and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.VlanOverrideAllowed = $False\n    $spec.Policy.UplinkTeamingOverrideAllowed = $False\n    $spec.Policy.SecurityPolicyOverrideAllowed = $False\n    $spec.Policy.IpfixOverrideAllowed = $False\n    $spec.Policy.BlockOverrideAllowed = $True\n    $spec.Policy.ShapingOverrideAllowed = $False\n    $spec.Policy.VendorConfigOverrideAllowed = $False\n    $spec.Policy.TrafficFilterOverrideAllowed = $False\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000301'\n  tag rid: 'SV-VCSA-80-000301'\n  tag stig_id: 'VCSA-80-000301'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VlanOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.IpfixOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.MacManagementOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.ShapingOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.VendorConfigOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.LivePortMovingAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'False' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == "False"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in &quot;1001&quot;, &quot;1024&quot;, &quot;3968&quot;, &quot;4047&quot;, and &quot;4094&quot;
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == "False"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in &quot;1001&quot;, &quot;1024&quot;, &quot;3968&quot;, &quot;4047&quot;, and &quot;4094&quot;
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == "False"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.DefaultPortConfig.Vlan.VlanId stdout.strip is expected not to be in &quot;1001&quot;, &quot;1024&quot;, &quot;3968&quot;, &quot;4047&quot;, and &quot;4094&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000275</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000275</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000275</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must configure the &quot;vpxuser&quot; auto-password to be changed every 30 days.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By default, vCenter will change the &quot;vpxuser&quot; password automatically every 30 days. Ensure this setting meets site policies. If it does not, configure it to meet password aging policies.
-
-Note: It is very important the password aging policy is not shorter than the default interval that is set to automatically change the &quot;vpxuser&quot; password to preclude the possibility that vCenter might be locked out of an ESXi host.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
-
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
-
-Verify that &quot;VirtualCenter.VimPasswordExpirationInDays&quot; is set to &quot;30&quot;.
-
-or
-
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
-
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays
-
-If the &quot;VirtualCenter.VimPasswordExpirationInDays&quot; is set to a value other than &quot;30&quot; or does not exist, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
-
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
-
-Click &quot;Edit Settings&quot; and configure the &quot;VirtualCenter.VimPasswordExpirationInDays&quot; value to &quot;30&quot; or if the value does not exist create it by entering the values in the &quot;Key&quot; and &quot;Value&quot; fields and clicking &quot;Add&quot;.
-
-or
-
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
-
-If the setting already exists:
-
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays | Set-AdvancedSetting -Value 30
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp == "False"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp == "False"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000302</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000302</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000302</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must reset port configuration when virtual machines are disconnected.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.
 
-If the setting does not exist:
+If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
 
-New-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name VirtualCenter.VimPasswordExpirationInDays -Value 30</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>61cafcfb-95af-4dae-9223-b339b52ccf62</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name VirtualCenter.VimPasswordExpirationInDays | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;30&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000276</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000276</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000276</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must configure the &quot;vpxuser&quot; password to meet length policy.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The &quot;vpxuser&quot; password default length is 32 characters. Ensure this setting meets site policies; if not, configure to meet password length policies.
-
-Longer passwords make brute-force password attacks more difficult. The &quot;vpxuser&quot; password is added by vCenter, meaning no manual intervention is normally required. The &quot;vpxuser&quot; password length must never be modified to less than the default length of 32 characters.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From the vSphere Client, go to "Networking".
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Verify that &quot;config.vpxd.hostPasswordLength&quot; is set to &quot;32&quot;.
+Review the "Configure reset at disconnect" setting.
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.vpxd.hostPasswordLength and verify it is set to 32.
+(Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect
 
-If the &quot;config.vpxd.hostPasswordLength&quot; is set to a value other than &quot;32, this is a finding.
+If there are any distributed port groups with "Configure reset at disconnect" configured to "disabled" or "False", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to "Networking".
 
-If the setting does not exist, this is not a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
+Click "Edit".
 
-Click &quot;Edit Settings&quot; and configure the &quot;config.vpxd.hostPasswordLength&quot; value to &quot;32&quot;.
+Select advanced and update "Configure reset at disconnect" to be enabled and click "OK".
 
 or
 
 From a PowerCLI command prompt while connected to the vCenter server, run the following command:
 
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name config.vpxd.hostPasswordLength | Set-AdvancedSetting -Value 32</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>36945856-7e39-47dd-a4cc-3db4056f5a39</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name config.vpxd.hostPasswordLength | Select-Object -ExpandProperty Value stdout.strip is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000277</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000277</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000277</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter and the embedded Lifecycle Manager system must never have a direct route to the internet. Despite this, updates and patches sourced from VMware on the internet must be delivered in a timely manner.
-
-There are two methods to accomplish this: a proxy server and the Update Manager Download Service (UMDS). UMDS is an optional module for Lifecycle Manager that fetches upgrades for virtual appliances, patch metadata, patch binaries, and notifications that would not otherwise be available to an isolated Lifecycle Manager directly.
-
-Alternatively, a proxy for Lifecycle Manager can be configured to allow controlled, limited access to the public internet for the sole purpose of patch gathering. Either solution mitigates the risk of internet connectivity by limiting its scope and use.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Check the following conditions:
+$pgs = Get-VDPortgroup | Get-View
+ForEach($pg in $pgs){
+$spec = New-Object VMware.Vim.DVPortgroupConfigSpec
+$spec.configversion = $pg.Config.ConfigVersion
+$spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy
+$spec.Policy.PortConfigResetAtDisconnect = $True
+$pg.ReconfigureDVPortgroup_Task($spec)
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000302' do\n  title 'The vCenter Server must reset port configuration when virtual machines are disconnected.'\n  desc  \"\n    Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.\n\n    If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If distributed switches are not used, this is not applicable.\n\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Review the \\\"Configure reset at disconnect\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    (Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect\n\n    If there are any distributed port groups with \\\"Configure reset at disconnect\\\" configured to \\\"disabled\\\" or \\\"False\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to \\\"Networking\\\".\n\n    Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.\n\n    Click \\\"Edit\\\".\n\n    Select advanced and update \\\"Configure reset at disconnect\\\" to be enabled and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following command:\n\n    $pgs = Get-VDPortgroup | Get-View\n    ForEach($pg in $pgs){\n    $spec = New-Object VMware.Vim.DVPortgroupConfigSpec\n    $spec.configversion = $pg.Config.ConfigVersion\n    $spec.Policy = New-Object VMware.Vim.VMwareDVSPortgroupPolicy\n    $spec.Policy.PortConfigResetAtDisconnect = $True\n    $pg.ReconfigureDVPortgroup_Task($spec)\n    }\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000302'\n  tag rid: 'SV-VCSA-80-000302'\n  tag stig_id: 'VCSA-80-000302'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  command = 'Get-VDPortgroup | Select -ExpandProperty Name'\n  vdportgroups = powercli_command(command).stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if vdportgroups.empty?\n    describe '' do\n      skip 'No distributed port groups found to check.'\n    end\n  else\n    vdportgroups.each do |vdpg|\n      command = \"(Get-VDPortgroup -Name \\\"#{vdpg}\\\").ExtensionData.Config.Policy.PortConfigResetAtDisconnect\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'True' }\n      end\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 1-DVUplinks-40").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == "True"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 1").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == "True"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 2").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == "True"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VDSwitch STIG 2-DVUplinks-44").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == "True"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 3").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == "True"
+--------------------------------
+passed :: TEST PowerCLI Command: (Get-VDPortgroup -Name "VD PG 4").ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp == "True"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000303</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000303</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000303</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must disable Secure Shell (SSH) access.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.
 
-1. Lifecycle Manager must be configured to use the UMDS.
+vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.
+
+Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
+
+Select "Access" on the left navigation pane.
+
+If "SSH Login" is not "Deactivated", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.
+
+Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the "SystemConfiguration.BashShellAdministrator" group.
+
+Select "Access" on the left navigation pane.
+
+Click "Edit" then disable "Activate SSH Login" and click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000303' do\n  title 'The vCenter Server must disable Secure Shell (SSH) access.'\n  desc  \"\n    vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.\n\n    vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    If \\\"SSH Login\\\" is not \\\"Deactivated\\\", this is a finding.\n  \"\n  desc 'fix', \"\n    Open the Virtual Appliance Management Interface (VAMI) by navigating to https://&lt;vCenter server&gt;:5480.\n\n    Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the \\\"SystemConfiguration.BashShellAdministrator\\\" group.\n\n    Select \\\"Access\\\" on the left navigation pane.\n\n    Click \\\"Edit\\\" then disable \\\"Activate SSH Login\\\" and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000303'\n  tag rid: 'SV-VCSA-80-000303'\n  tag stig_id: 'VCSA-80-000303'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  describe powercli_command('Invoke-GetAccessSsh').stdout.strip do\n    it { should_not cmp 'true' }\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST True is expected not to cmp == "true" :: MESSAGE 
+expected: true
+     got: True
 
-OR
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000304</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VCSA-80-000304</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VCSA-80-000304</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The vCenter Server must enable data in transit encryption for vSAN.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.
 
-2. Lifecycle Manager must be configured to use a proxy server for access to VMware patch repositories.
+vSAN data-in-transit encryption has the following characteristics:
+-vSAN uses AES-256 bit encryption on data in transit.
+-Forward secrecy is enforced for vSAN data-in-transit encryption.
+-Traffic between data hosts and witness hosts is encrypted.
+-File service data traffic between the VDFS proxy and VDFS server is encrypted.
+-vSAN file services inter-host connections are encrypted.
+-vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.
 
-OR
+Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.
 
-3. Lifecycle Manager must disable internet patch repositories and any patches must be manually validated and imported as needed.
+vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
 
-Option 1:
+From the vSphere Client, go to Host and Clusters.
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
+Select the vCenter Server &gt;&gt; Select the cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
 
-Click the &quot;Change Download Source&quot; button.
+Review the "Data-in-transit encryption" status.
 
-Verify the &quot;Download patches from a UMDS shared repository&quot; radio button is selected and that a valid UMDS repository is supplied.
+or
 
-Click &quot;Cancel&quot;.
+From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
 
-If this is not set, this is a finding.
+$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system
+$vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name &lt;cluster name&gt;).ExtensionData.MoRef).DataInTransitEncryptionConfig
 
-Option 2:
+Repeat these steps for each vSAN enabled cluster in the environment.
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
+If "Data-In-Transit encryption" is not enabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
 
-Click the &quot;Change Download Source&quot; button.
+Select the vCenter Server &gt;&gt; Select the target cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
 
-Verify the &quot;Download patches directly from the internet&quot; radio button is selected.
+Click "Edit".
+
+Enable "Data-In-Transit encryption" and choose a rekey interval suitable for the environment then click "Apply".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VCSA-80-000304' do\n  title 'The vCenter Server must enable data in transit encryption for vSAN.'\n  desc  \"\n    Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.\n\n    vSAN data-in-transit encryption has the following characteristics:\n    -vSAN uses AES-256 bit encryption on data in transit.\n    -Forward secrecy is enforced for vSAN data-in-transit encryption.\n    -Traffic between data hosts and witness hosts is encrypted.\n    -File service data traffic between the VDFS proxy and VDFS server is encrypted.\n    -vSAN file services inter-host connections are encrypted.\n    -vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.\n\n    Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.\n\n    vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If no clusters are enabled for vSAN, this is not applicable.\n\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server &gt;&gt; Select the cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.\n\n    Review the \\\"Data-in-transit encryption\\\" status.\n\n    or\n\n    From a PowerCLI command prompt while connected to the vCenter server, run the following commands:\n\n    $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system\n    $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name &lt;cluster name&gt;).ExtensionData.MoRef).DataInTransitEncryptionConfig\n\n    Repeat these steps for each vSAN enabled cluster in the environment.\n\n    If \\\"Data-In-Transit encryption\\\" is not enabled, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, go to Host and Clusters.\n\n    Select the vCenter Server &gt;&gt; Select the target cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.\n\n    Click \\\"Edit\\\".\n\n    Enable \\\"Data-In-Transit encryption\\\" and choose a rekey interval suitable for the environment then click \\\"Apply\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-APP-000516'\n  tag gid: 'V-VCSA-80-000304'\n  tag rid: 'SV-VCSA-80-000304'\n  tag stig_id: 'VCSA-80-000304'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  # Get all clusters with vSAN enabled\n  clusters = powercli_command('Get-Cluster | Where-Object {$_.VsanEnabled -eq $true} | Sort-Object | Select-Object -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n\n  if !clusters.empty?\n    clusters.each do |cluster|\n      command = \"$vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name #{cluster}).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled\"\n      describe powercli_command(command) do\n        its('stdout.strip') { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No clusters with vSAN enabled found...skipping tests' do\n      skip 'No clusters with vSAN enabled found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 vCenter STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST PowerCLI Command: $vsanclusterconf = Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name cluster0).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled stdout.strip is expected to cmp == "true" :: MESSAGE 
+expected: true
+     got: 
 
-Click &quot;Cancel&quot;.
+(compared using `cmp` matcher)</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+		<iSTIG>
+			<STIG_INFO>
+				<SI_DATA>
+					<SID_NAME>version</SID_NAME>
+					<SID_DATA>1</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>classification</SID_NAME>
+					<SID_DATA>UNCLASSIFIED</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>customname</SID_NAME>
+					<SID_DATA>{"hdfSpecificData":{"copyright":"The Authors","maintainer":"The Authors","version":"1.0.1"}}</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>stigid</SID_NAME>
+					<SID_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>description</SID_NAME>
+					<SID_DATA>An InSpec Compliance Profile</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>filename</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>releaseinfo</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>title</SID_NAME>
+					<SID_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>uuid</SID_NAME>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>notice</SID_NAME>
+					<SID_DATA>Apache-2.0</SID_DATA>
+				</SI_DATA>
+				<SI_DATA>
+					<SID_NAME>source</SID_NAME>
+					<SID_DATA>STIG.DOD.MIL</SID_DATA>
+				</SI_DATA>
+			</STIG_INFO>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000189</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must have copy operations disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Navigate to the vCenter Server Management interface at https:&#x2F;&#x2F;&lt;vcenter dns&gt;:5480 &gt;&gt; Networking &gt;&gt; Proxy Settings.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Verify that &quot;HTTPS&quot; is &quot;Enabled&quot;.
+Verify the "isolation.tools.copy.disable" value is set to "true".
 
-Click the &quot;HTTPS&quot; row.
+or
 
-Verify the proxy server configuration is accurate.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-If this is not set, this is a finding.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.copy.disable
 
-Option 3:
+If the virtual machine advanced setting "isolation.tools.copy.disable" is not set to "true", this is a finding.
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Downloads.
+If the virtual machine advanced setting "isolation.tools.copy.disable" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Verify the &quot;Automatic downloads&quot; option is disabled.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
+Find the "isolation.tools.copy.disable" value and set it to "true".
 
-Verify any download sources are disabled.
+If the setting does not exist no action is needed.
 
-If this is not set, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Option 1:
+or
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Click the &quot;Change Download Source&quot; button.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000189' do\n  title 'Virtual machines (VMs) must have copy operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"isolation.tools.copy.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.copy.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"isolation.tools.copy.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.copy.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000189'\n  tag rid: 'SV-VMCH-80-000189'\n  tag stig_id: 'VMCH-80-000189'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.copy.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000191</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must have drag and drop operations disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Select the &quot;Download patches from a UMDS shared repository&quot; radio button and supply a valid UMDS repository.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Click &quot;Save&quot;.
+Verify the "isolation.tools.dnd.disable" value is set to "true".
 
-Option 2:
+or
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Setup.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Click the &quot;Change Download Source&quot; button.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.dnd.disable
 
-Select the &quot;Download patches directly from the internet&quot; radio button.
+If the virtual machine advanced setting "isolation.tools.dnd.disable" is not set to "true", this is a finding.
 
-Click &quot;Save&quot;.
+If the virtual machine advanced setting "isolation.tools.dnd.disable" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Navigate to the vCenter Server Management interface at https:&#x2F;&#x2F;&lt;vcenter dns&gt;:5480 &gt;&gt; Networking &gt;&gt; Proxy Settings.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Click &quot;Edit&quot;.
+Find the "isolation.tools.dnd.disable" value and set it to "true".
 
-Slide &quot;HTTPS&quot; to &quot;Enabled&quot;.
+If the setting does not exist no action is needed.
 
-Supply the appropriate proxy server configuration.
+or
 
-Click &quot;Save&quot;.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Option 3:
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000191' do\n  title 'Virtual machines (VMs) must have drag and drop operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"isolation.tools.dnd.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.dnd.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"isolation.tools.dnd.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000191'\n  tag rid: 'SV-VMCH-80-000191'\n  tag stig_id: 'VMCH-80-000191'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.dnd.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000192</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must have paste operations disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, go to Lifecycle Manager &gt;&gt; Settings &gt;&gt; Patch Downloads.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Click &quot;Edit&quot; and uncheck &quot;Download patches&quot;.
-
-Under &quot;Patch Setup&quot; select each download source and click Disable.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>097873e3-4559-4e50-ad5d-2bd4e93f152a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000278</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000278</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000278</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must use unique service accounts when applications connect to vCenter.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To not violate nonrepudiation (i.e., deny the authenticity of who is connecting to vCenter), when applications need to connect to vCenter they must use unique service accounts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Verify each external application that connects to vCenter has a unique service account dedicated to that application.
+Verify the "isolation.tools.paste.disable" value is set to "true".
 
-For example, there should be separate accounts for Log Insight, Operations Manager, or anything else that requires an account to access vCenter.
+or
 
-If any application shares a service account that is used to connect to vCenter, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>For applications sharing service accounts, create a new service account to assign to the application so that no application shares a service account with another.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-When standing up a new application that requires access to vCenter, always create a new service account prior to installation and grant only the permissions needed for that application.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>5b5efde7-616f-4f86-94a9-750ae95d3987</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000279</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Virtual machines might share virtual switches and virtual local area networks (VLAN) with the IP-based storage configurations.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.paste.disable
 
-IP-based storage includes vSAN, Internet Small Computer System Interface (iSCSI), and Network File System (NFS). This configuration might expose IP-based storage traffic to unauthorized virtual machine users. IP-based storage frequently is not encrypted. It can be viewed by anyone with access to this network.
+If the virtual machine advanced setting "isolation.tools.paste.disable" is not set to "true", this is a finding.
 
-To restrict unauthorized users from viewing the IP-based storage traffic, the IP-based storage network must be logically separated from the production traffic. Configuring the IP-based storage adaptors on separate VLANs or network segments from other VMkernels and virtual machines will limit unauthorized users from viewing the traffic.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If IP-based storage is not used, this is not applicable.
+If the virtual machine advanced setting "isolation.tools.paste.disable" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-IP-based storage (iSCSI, NFS, vSAN) VMkernel port groups must be in a dedicated VLAN that can be on a standard or distributed virtual switch that is logically separated from other traffic types.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-The check for this will be unique per environment.
+Find the "isolation.tools.paste.disable" value and set it to "true".
 
-To check a standard switch, do the following:
+If the setting does not exist no action is needed.
 
-From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; Virtual switches. Select a standard switch.
+or
 
-For each storage port group (iSCSI, NFS, vSAN), select the port group and note the VLAN ID associated with each port group.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Verify it is dedicated to that purpose and is logically separated from other traffic types.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000192' do\n  title 'Virtual machines (VMs) must have paste operations disabled.'\n  desc  'Copy and paste operations are disabled by default; however, explicitly disabling this feature will enable audit controls to verify this setting is correct. Copy, paste, drag and drop, or GUI copy/paste operations between the guest operating system and the remote console could provide the means for an attacker to compromise the VM.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"isolation.tools.paste.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.paste.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"isolation.tools.paste.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.paste.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000192'\n  tag rid: 'SV-VMCH-80-000192'\n  tag stig_id: 'VMCH-80-000192'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.paste.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000193</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must have virtual disk shrinking disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.
 
-To check a distributed switch, do the following,
+However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, go to &quot;Networking&quot;.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Select and expand a distributed switch.
+Verify the "isolation.tools.diskShrink.disable" value is set to "true".
 
-For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to the &quot;Summary&quot; tab.
+or
 
-Note the VLAN ID associated with each port group and verify it is dedicated to that purpose and is logically separated from other traffic types.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-If any IP-based storage networks are not isolated from other traffic types, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Configuration of an IP-based VMkernel will be unique to each environment.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable
 
-To configure VLANs and traffic types, do the following:
+If the virtual machine advanced setting "isolation.tools.diskShrink.disable" is not set to "true", this is a finding.
 
-Standard switch:
+If the virtual machine advanced setting "isolation.tools.diskShrink.disable" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; VMkernel adapters.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Select the Storage VMkernel (for any IP-based storage). Click &quot;Edit...&quot; and click the &quot;Port properties&quot; tab.
+Find the "isolation.tools.diskShrink.disable" value and set it to "true".
 
-Uncheck everything (unless vSAN).
+If the setting does not exist no action is needed.
 
-Click the &quot;IPv4&quot; settings or &quot;IPv6&quot; settings tab.
+or
 
-Enter the appropriate IP address and subnet information.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Click &quot;OK&quot;.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000193' do\n  title 'Virtual machines (VMs) must have virtual disk shrinking disabled.'\n  desc  \"\n    Shrinking a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to shrink is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskShrink.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskShrink.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskShrink.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000193'\n  tag rid: 'SV-VMCH-80-000193'\n  tag stig_id: 'VMCH-80-000193'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskShrink.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000194</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must have virtual disk wiping disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.
 
-From the vSphere Client, select the ESXi host and go to Configure &gt;&gt; Networking &gt;&gt; Virtual switches. Select a standard switch.
+However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-For each storage port group (iSCSI, NFS, vSAN), select the port group and click &quot;...&quot;. Click &quot;Edit Settings&quot;. On the &quot;Properties&quot; tab, enter the appropriate VLAN ID and click &quot;OK&quot;.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Distributed switch:
+Verify the "isolation.tools.diskWiper.disable" value is set to "true".
 
-From the vSphere Client, go to &quot;Networking&quot;.
+or
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Topology.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Select the Storage VMkernel (for any IP-based storage). Click &quot;...&quot; and click &quot;Edit Settings&quot;.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable
 
-On the &quot;Port properties&quot; tab, uncheck everything (unless vSAN).
+If the virtual machine advanced setting "isolation.tools.diskWiper.disable" is not set to "true", this is a finding.
 
-Click the &quot;IPv4&quot; settings or &quot;IPv6&quot; settings tab.
+If the virtual machine advanced setting "isolation.tools.diskWiper.disable" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Enter the appropriate IP address and subnet information.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Click &quot;OK&quot;.
+Find the "isolation.tools.diskWiper.disable" value and set it to "true".
 
-From the vSphere Client, go to &quot;Networking&quot;.
+If the setting does not exist no action is needed.
 
-Select and expand a distributed switch.
+or
 
-For each storage port group (iSCSI, NFS, vSAN), select the port group and navigate to Configure &gt;&gt; Settings &gt;&gt; Properties.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Click &quot;Edit&quot;.
-
-Click the &quot;VLAN&quot; tab.
-
-Enter the appropriate VLAN type and ID and click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d75a2325-40a1-431f-95fb-5fe7ce3298a3</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000280</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000358</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000280</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000280</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must be configured to send events to a central log server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter server generates volumes of security-relevant application-level events. Examples include logins, system reconfigurations, system degradation warnings, and more. To ensure these events are available for forensic analysis and correlation, they must be sent to the syslog and forwarded on to the configured Security Information and Event Management (SIEM) system and&#x2F;or central log server.
-
-The vCenter server sends events to syslog by default, but this configuration must be verified and maintained.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000194' do\n  title 'Virtual machines (VMs) must have virtual disk wiping disabled.'\n  desc  \"\n    Shrinking and wiping (erasing) a virtual disk reclaims unused space in it. If there is empty space in the disk, this process reduces the amount of space the virtual disk occupies on the host drive. Normal users and processes (those without root or administrator privileges) within virtual machines have the capability to invoke this procedure.\n\n    However, if this is done repeatedly, the virtual disk can become unavailable while this shrinking is being performed, effectively causing a denial of service. In most datacenter environments, disk shrinking is not done, so this feature must be disabled. Repeated disk shrinking can make a virtual disk unavailable. The capability to wipe (erase) is available to nonadministrative users operating within the VM's guest operating system.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"isolation.tools.diskWiper.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.tools.diskWiper.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"isolation.tools.diskWiper.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000194'\n  tag rid: 'SV-VMCH-80-000194'\n  tag stig_id: 'VMCH-80-000194'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.tools.diskWiper.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000195</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must limit console sharing.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.
+
+Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Verify that &quot;vpxd.event.syslog.enabled&quot; value is set to &quot;true&quot;.
+Verify the "RemoteDisplay.maxConnections" value is set to "1".
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name vpxd.event.syslog.enabled
+Get-VM "VM Name" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections
 
-If the &quot;vpxd.event.syslog.enabled&quot; value is not set to &quot;true&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+If the virtual machine advanced setting "RemoteDisplay.maxConnections" does not exist or is not set to "1", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Advanced Settings.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Click &quot;Edit Settings&quot; and configure the &quot;vpxd.event.syslog.enabled&quot; setting to &quot;true&quot;.
+Find the "RemoteDisplay.maxConnections" value and set it to "1".
+
+If the setting does not exist, add the Name and Value setting at the bottom of screen.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Get-AdvancedSetting -Entity &lt;vcenter server name&gt; -Name vpxd.event.syslog.enabled | Set-AdvancedSetting -Value true</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>fd6204cb-c776-4ae3-84cd-9a176cbfd1c4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-001851</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name vpxd.event.syslog.enabled | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000281</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000281</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000281</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vSAN Health Check is able to download the HCL from VMware to check compliance against the underlying vSAN Cluster hosts. To ensure the vCenter server is not directly downloading content from the internet, this functionality must be disabled. If this feature is necessary, an external proxy server must be configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
+Get-VM "VM Name" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000195' do\n  title 'Virtual machines (VMs) must limit console sharing.'\n  desc  \"\n    By default, more than one user at a time can connect to remote console sessions. When multiple sessions are activated, each terminal window receives a notification about the new session. If an administrator in the VM logs in using a VMware remote console during their session, a nonadministrator in the VM might connect to the console and observe the administrator's actions.\n\n    Also, this could result in an administrator losing console access to a VM. For example, if a jump box is being used for an open console session and the administrator loses connection to that box, the console session remains open. Allowing two console sessions permits debugging via a shared session. For the highest security, allow only one remote console session at a time.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"RemoteDisplay.maxConnections\\\" value is set to \\\"1\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections\n\n    If the virtual machine advanced setting \\\"RemoteDisplay.maxConnections\\\" does not exist or is not set to \\\"1\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"RemoteDisplay.maxConnections\\\" value and set it to \\\"1\\\".\n\n    If the setting does not exist, add the Name and Value setting at the bottom of screen.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Set-AdvancedSetting -Value 1\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000195'\n  tag rid: 'SV-VMCH-80-000195'\n  tag stig_id: 'VMCH-80-000195'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name RemoteDisplay.maxConnections | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp '1' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST VM: stig vm2 is expected to cmp == "1" :: MESSAGE 
+expected: 1
+     got: -1
 
-From the vSphere Client, go to Host and Clusters.
+(compared using `cmp` matcher)
 
-Select the vCenter Server &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Internet Connectivity.
+--------------------------------
+failed :: TEST VM: stigvm1 is expected to cmp == "1" :: MESSAGE 
+expected: 1
+     got: -1
 
-If the HCL internet download is not required, verify &quot;Status&quot; is &quot;Disabled&quot;.
+(compared using `cmp` matcher)
 
-If the &quot;Status&quot; is &quot;Enabled&quot;, this is a finding.
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == "1"
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == "1"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == "1"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000196</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.
 
-If the HCL internet download is required, verify &quot;Status&quot; is &quot;Enabled&quot; and a proxy host is configured.
+The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-If &quot;Status&quot; is &quot;Enabled&quot; and a proxy is not configured, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Select the vCenter Server &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Internet Connectivity.
+Verify the "tools.setinfo.sizeLimit" value is set to "1048576".
 
-Click &quot;Edit&quot;.
-
-If the HCL internet download is not required, ensure that &quot;Status&quot; is &quot;Disabled&quot;.
-
-If the HCL internet download is required, ensure that &quot;Status&quot; is &quot;Enabled&quot; and that a proxy host is appropriately configured.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>f723451a-8365-486d-b412-17e527f483d6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: $vsanhealthview &#x3D; Get-VsanView -Id VsanVcClusterHealthSystem-vsan-cluster-health-system; $vsanhealthview.VsanHealthQueryVsanProxyConfig().Host stdout.strip is expected not to cmp &#x3D;&#x3D; &quot;&quot;
+or
 
-expected: 
-     got: 
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000282</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000282</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000282</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must configure the vSAN Datastore name to a unique name.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>A vSAN Datastore name by default is &quot;vsanDatastore&quot;. If more than one vSAN cluster is present in vCenter, both datastores will have the same name by default, potentially leading to confusion and manually misplaced workloads.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
+Get-VM "VM Name" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit
 
-From the vSphere Client, go to Host and Clusters.
+If the virtual machine advanced setting "tools.setinfo.sizeLimit" is not set to "1048576", this is a finding.
 
-Select a vSAN Enabled Cluster &gt;&gt; Datastores.
+If the virtual machine advanced setting "tools.setinfo.sizeLimit" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Review the datastores and identify any datastores with &quot;vSAN&quot; as the datastore type.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-or
+Find the "tools.setinfo.sizeLimit" value and set it to "1048576".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+If the setting does not exist no action is needed.
 
-If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){
-Write-Host &quot;vSAN Enabled Cluster found&quot;
-Get-Cluster | where {$_.VsanEnabled} | Get-Datastore | where {$_.type -match &quot;vsan&quot;}
-}
-else{
-Write-Host &quot;vSAN is not enabled, this finding is not applicable.&quot;
-}
+or
 
-If vSAN is enabled and a datastore is named &quot;vsanDatastore&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Select a vSAN Enabled Cluster &gt;&gt; Datastores.
+Get-VM "VM Name" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000196' do\n  title 'Virtual machines (VMs) must limit informational messages from the virtual machine to the VMX file.'\n  desc  \"\n    The configuration file containing these name-value pairs is limited to a size of 1MB. If not limited, VMware tools in the guest operating system are capable of sending a large and continuous data stream to the host. This 1MB capacity should be sufficient for most cases, but this value can change if necessary.\n\n    The value can be increased if large amounts of custom information are being stored in the configuration file. The default limit is 1MB.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"tools.setinfo.sizeLimit\\\" value is set to \\\"1048576\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" is not set to \\\"1048576\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.setinfo.sizeLimit\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"tools.setinfo.sizeLimit\\\" value and set it to \\\"1048576\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Set-AdvancedSetting -Value 1048576\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000196'\n  tag rid: 'SV-VMCH-80-000196'\n  tag stig_id: 'VMCH-80-000196'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.setinfo.sizeLimit | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '1048576' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000197</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.
 
-Right-click on the datastore named &quot;vsanDatastore&quot; and select &quot;Rename&quot;.
+By default, a rogue user with nonadministrator privileges in a virtual machine can:
 
-Rename the datastore based on site-specific naming standards.
+1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.
+2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.
+3. Modify settings on a device.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click &quot;OK&quot;.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-or
+Verify the "isolation.device.connectable.disable" value is set to "true".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+or
 
-If($(Get-Cluster | where {$_.VsanEnabled} | Measure).Count -gt 0){
-Write-Host &quot;vSAN Enabled Cluster found&quot;
-$Clusters &#x3D; Get-Cluster | where {$_.VsanEnabled}
-Foreach ($clus in $clusters){
- $clus | Get-Datastore | where {$_.type -match &quot;vsan&quot;} | Set-Datastore -Name $(($clus.name) + &quot;_vSAN_Datastore&quot;)
-}
-}
-else{
-Write-Host &quot;vSAN is not enabled, this finding is not applicable.&quot;
-}</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c0efb453-203b-4ae5-ac82-21ccf12b69d5</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-is expected not to cmp &#x3D;&#x3D; &quot;vsanDatastore&quot;
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-expected: vsanDatastore
-     got: vsanDatastore
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.device.connectable.disable
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000283</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000283</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000283</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must disable Username&#x2F;Password and Windows Integrated Authentication.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>All forms of authentication other than Common Access Card (CAC) must be disabled. Password authentication can be temporarily reenabled for emergency access to the local Single Sign-On (SSO) accounts or Active Directory user&#x2F;pass accounts, but it must be disabled as soon as CAC authentication is functional.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If a federated identity provider is configured and used for an identity source, this is not applicable.
+If the virtual machine advanced setting "isolation.device.connectable.disable" is not set to "true", this is a finding.
 
-From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
+If the virtual machine advanced setting "isolation.device.connectable.disable" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Under &quot;Authentication method&quot;, examine the allowed methods.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-If &quot;Smart card authentication&quot; is not enabled and &quot;Password and windows session authentication&quot; is not disabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider &gt;&gt; Smart Card Authentication.
+Find the "isolation.device.connectable.disable" value and set it to "true".
 
-Next to &quot;Authentication method&quot;, click &quot;Edit&quot;.
+If the setting does not exist no action is needed.
 
-Select to radio button to &quot;Enable smart card authentication&quot;.
+or
 
-Click &quot;Save&quot;.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-To re-enable password authentication for troubleshooting purposes, run the following command on the vCenter Server Appliance:
+Get-VM "VM Name" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000197' do\n  title 'Virtual machines (VMs) must prevent unauthorized removal, connection and modification of devices.'\n  desc  \"\n    In a virtual machine, users and processes without root or administrator privileges can connect or disconnect devices, such as network adaptors and CD-ROM drives, and can modify device settings. Use the virtual machine settings editor or configuration editor to remove unneeded or unused hardware devices. To use the device again, prevent a user or running process in the virtual machine from connecting, disconnecting, or modifying a device from within the guest operating system.\n\n    By default, a rogue user with nonadministrator privileges in a virtual machine can:\n\n    1. Connect a disconnected CD-ROM drive and access sensitive information on the media left in the drive.\n    2. Disconnect a network adaptor to isolate the virtual machine from its network, which is a denial of service.\n    3. Modify settings on a device.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"isolation.device.connectable.disable\\\" value is set to \\\"true\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"isolation.device.connectable.disable\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"isolation.device.connectable.disable\\\" value and set it to \\\"true\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name isolation.device.connectable.disable | Set-AdvancedSetting -Value true\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000197'\n  tag rid: 'SV-VMCH-80-000197'\n  tag stig_id: 'VMCH-80-000197'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name isolation.device.connectable.disable | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000198</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must not be able to obtain host information from the hypervisor.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-# &#x2F;opt&#x2F;vmware&#x2F;bin&#x2F;sso-config.sh -set_authn_policy -pwdAuthn true -winAuthn false -certAuthn false -securIDAuthn false -t vsphere.local</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e00dbfdc-515c-423c-a4df-641f9b4f0fee</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: (Get-SsoAuthenticationPolicy).SmartCardAuthnEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-expected: true
-     got: False
+Verify the "tools.guestlib.enableHostInfo" value is set to "false".
 
-(compared using &#x60;cmp&#x60; matcher)
+or
 
---------------------------------
-failed
-PowerCLI Command: (Get-SsoAuthenticationPolicy).PasswordAuthnEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-expected: false
-     got: True
+Get-VM "VM Name" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo
 
-(compared using &#x60;cmp&#x60; matcher)
+If the virtual machine advanced setting "tools.guestlib.enableHostInfo" is not set to "false", this is a finding.
 
---------------------------------
-failed
-PowerCLI Command: (Get-SsoAuthenticationPolicy).WindowsAuthnEnabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;false&quot;
+If the virtual machine advanced setting "tools.guestlib.enableHostInfo" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-expected: false
-     got: True
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000284</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000284</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000284</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must restrict access to the default roles with cryptographic permissions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>In vSphere, the built-in &quot;Administrator&quot; role contains permission to perform cryptographic operations such as Key Management Server (KMS) functions and encrypting and decrypting virtual machine disks. This role must be reserved for cryptographic administrators where virtual machine encryption and&#x2F;or vSAN encryption is in use.
-
-A new built-in role called &quot;No Cryptography Administrator&quot; exists to provide all administrative permissions except cryptographic operations. Permissions must be restricted such that normal vSphere administrators are assigned the &quot;No Cryptography Administrator&quot; role or more restrictive.
-
-The &quot;Administrator&quot; role must be tightly controlled and must not be applied to administrators who will not be doing cryptographic work. Catastrophic data loss can result from poorly administered cryptography.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.
+Find the "tools.guestlib.enableHostInfo" value and set it to "false".
 
-From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+If the setting does not exist no action is needed.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
-
-Get-VIPermission | Where {$_.Role -eq &quot;Admin&quot; -or $_.Role -eq &quot;NoTrustedAdmin&quot; -or $_.Role -eq &quot;vCLSAdmin&quot; -or $_.Role -eq &quot;vSphereKubernetesManager&quot;} | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto
-
-If there are any users or groups assigned to the default roles with cryptographic permissions and are not explicitly designated to perform cryptographic operations, this is a finding.
-
-The built-in solution users assigned to the administrator role are NOT a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Move any accounts not explicitly designated for cryptographic operations, other than Solution Users, to other roles such as &quot;No Cryptography Administrator&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d624dfca-417f-4d63-8425-be764c200901</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-VSPHERE.LOCAL\Administrator is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
---------------------------------
-passed
-VSPHERE.LOCAL\Administrators is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
---------------------------------
-passed
-VSPHERE.LOCAL\Administrators is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
---------------------------------
-passed
-VSPHERE.LOCAL\vCLSAdmin is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
---------------------------------
-passed
-VSPHERE.LOCAL\Administrators is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
+Get-VM "VM Name" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000198' do\n  title 'Virtual machines (VMs) must not be able to obtain host information from the hypervisor.'\n  desc  'If enabled, a VM can obtain detailed information about the physical host. The default value for the parameter is FALSE. This setting should not be TRUE unless a particular VM requires this information for performance monitoring. An adversary could use this information to inform further attacks on the host.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"tools.guestlib.enableHostInfo\\\" value is set to \\\"false\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guestlib.enableHostInfo\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"tools.guestlib.enableHostInfo\\\" value and set it to \\\"false\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Set-AdvancedSetting -Value false\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000198'\n  tag rid: 'SV-VMCH-80-000198'\n  tag stig_id: 'VMCH-80-000198'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guestlib.enableHostInfo | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
 --------------------------------
-passed
-VSPHERE.LOCAL\vCLSAdmin is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
+passed :: TEST VM: stigvm1 is expected to be empty
 --------------------------------
-passed
-VSPHERE.LOCAL\Administrators is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
 --------------------------------
-passed
-VSPHERE.LOCAL\vCLSAdmin is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
 --------------------------------
-passed
-VSPHERE.LOCAL\Administrators is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;
---------------------------------
-passed
-VSPHERE.LOCAL\vCLSAdmin is expected to be in &quot;VSPHERE.LOCAL\\Administrator&quot;, &quot;VSPHERE.LOCAL\\Administrators&quot;, and &quot;VSPHERE.LOCAL\\vCLSAdmin&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000285</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000285</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000285</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must restrict access to cryptographic permissions.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>These permissions must be reserved for cryptographic administrators where virtual machine encryption and&#x2F;or vSAN encryption is in use. Catastrophic data loss can result from poorly administered cryptography.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>By default, there are four roles that contain cryptographic related permissions: Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager.
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000199</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must have shared salt values disabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option "sched.mem.pshare.salt".
+
+If this option is not present in the virtual machine's advanced settings, the value of the "vc.uuid" option is taken as the default value. Because the "vc.uuid" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Highlight each role and click the &#39;Privileges&quot; button in the right pane.
+Verify the "sched.mem.pshare.salt" setting does not exist.
 
-Verify that only the Administrator, No Trusted Infrastructure Administrator, vCLSAdmin, and vSphere Kubernetes Manager and any site-specific cryptographic roles have the following permissions:
+or
 
-Cryptographic Operations privileges
-Global.Diagnostics
-Host.Inventory.Add host to cluster
-Host.Inventory.Add standalone host
-Host.Local operations.Manage user groups
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-or
+Get-VM "VM Name" | Get-AdvancedSetting -Name sched.mem.pshare.salt
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+If the virtual machine advanced setting "sched.mem.pshare.salt" exists, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-$roles &#x3D; Get-VIRole
-ForEach($role in $roles){
-    $privileges &#x3D; $role.PrivilegeList
-    If($privileges -match &quot;Crypto*&quot; -or $privileges -match &quot;Global.Diagnostics&quot; -or $privileges -match &quot;Host.Inventory.Add*&quot; -or $privileges -match &quot;Host.Local operations.Manage user groups&quot;){
-    Write-Host &quot;$role has Cryptographic privileges&quot;
-    }
-}
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-If any role other than the four default roles contain the permissions listed above and is not authorized to perform cryptographic related operations, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+Delete the "sched.mem.pshare.salt" setting.
 
-Highlight the target custom role and click &quot;Edit&quot;.
+or
 
-Remove the following permissions from any custom role that is not authorized to perform cryptographic related operations:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Cryptographic Operations privileges
-Global.Diagnostics
-Host.Inventory.Add host to cluster
-Host.Inventory.Add standalone host
-Host.Local operations.Manage user groups</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>b39a59ee-44fb-466a-9699-a558252cf380</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-NoTrustedAdmin is expected to be in &quot;Admin&quot;, &quot;NoTrustedAdmin&quot;, &quot;vCLSAdmin&quot;, and &quot;vSphereKubernetesManager&quot;
+Get-VM "VM Name" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000199' do\n  title 'Virtual machines (VMs) must have shared salt values disabled.'\n  desc  \"\n    When salting is enabled (Mem.ShareForceSalting=1 or 2) to share a page between two virtual machines, both salt and the content of the page must be same. A salt value is a configurable advanced option for each virtual machine. The salt values can be specified manually in the virtual machine's advanced settings with the new option \\\"sched.mem.pshare.salt\\\".\n\n    If this option is not present in the virtual machine's advanced settings, the value of the \\\"vc.uuid\\\" option is taken as the default value. Because the \\\"vc.uuid\\\" is unique to each virtual machine, by default Transparent Page Sharing (TPS) happens only among the pages belonging to a particular virtual machine (Intra-VM).\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"sched.mem.pshare.salt\\\" setting does not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt\n\n    If the virtual machine advanced setting \\\"sched.mem.pshare.salt\\\" exists, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Delete the \\\"sched.mem.pshare.salt\\\" setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name sched.mem.pshare.salt | Remove-AdvancedSetting\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000199'\n  tag rid: 'SV-VMCH-80-000199'\n  tag stig_id: 'VMCH-80-000199'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name sched.mem.pshare.salt | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
 --------------------------------
-passed
-Admin is expected to be in &quot;Admin&quot;, &quot;NoTrustedAdmin&quot;, &quot;vCLSAdmin&quot;, and &quot;vSphereKubernetesManager&quot;
+passed :: TEST VM: stigvm1 is expected to be empty
 --------------------------------
-passed
-vSphereKubernetesManager is expected to be in &quot;Admin&quot;, &quot;NoTrustedAdmin&quot;, &quot;vCLSAdmin&quot;, and &quot;vSphereKubernetesManager&quot;
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
 --------------------------------
-passed
-vCLSAdmin is expected to be in &quot;Admin&quot;, &quot;NoTrustedAdmin&quot;, &quot;vCLSAdmin&quot;, and &quot;vSphereKubernetesManager&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000286</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000286</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000286</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must have Mutual Challenge Handshake Authentication Protocol (CHAP) configured for vSAN Internet Small Computer System Interface (iSCSI) targets.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>When enabled, vSphere performs bidirectional authentication of both the iSCSI target and host. When not authenticating both the iSCSI target and host, the potential exists for a man-in-the-middle attack in which an attacker might impersonate either side of the connection to steal data. Bidirectional authentication mitigates this risk.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN or if vSAN is enabled but iSCSI is not enabled, this is not applicable.
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000200</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must disable access through the "dvfilter" network Application Programming Interface (API).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>An attacker might compromise a VM by using the "dvFilter" API. Configure only VMs that need this access to use the API.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, go to Host and Clusters.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Select a vSAN Enabled Cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; iSCSI Target Service.
+Verify the settings with the format "ethernet*.filter*.name" do not exist.
 
-For each iSCSI target, review the value in the &quot;Authentication&quot; column.
+or
 
-If the Authentication method is not set to &quot;CHAP_Mutual&quot; for any iSCSI target, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Select a vSAN Enabled Cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; iSCSI Target Service.
+Get-VM "VM Name" | Get-AdvancedSetting -Name "ethernet*.filter*.name*"
 
-For each iSCSI target, select the item and click &quot;Edit&quot;.
-
-Change the &quot;Authentication&quot; field to &quot;Mutual CHAP&quot; and configure the incoming and outgoing users and secrets appropriately.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>9aa267e6-8616-4945-83e6-f6518685a27c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Applicable</STATUS>
-				<FINDING_DETAILS>skipped
-vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.
-vSAN iSCSI service not enabled on cluster: cluster0...this is not applicable.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000287</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000287</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000287</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The KEK for a vSAN encrypted datastore is generated by the Key Management Server (KMS) and serves as a wrapper and lock around the Disk Encryption Key (DEK). The DEK is generated by the host and is used to encrypt and decrypt the datastore. A shallow rekey is a procedure in which the KMS issues a new KEK to the ESXi host, which rewraps the DEK but does not change the DEK or any data on disk.
+If the virtual machine advanced setting "ethernet*.filter*.name" exists and dvfilters are not in use, this is a finding.
 
-This operation must be done on a regular, site-defined interval and can be viewed as similar in criticality to changing an administrative password. If the KMS is compromised, a standing operational procedure to rekey will put a time limit on the usefulness of any stolen KMS data.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If vSAN is not in use, this is not applicable.
+If the virtual machine advanced setting "ethernet*.filter*.name" exists and the value is not valid, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Interview the system administrator (SA) to determine that a procedure has been put in place to perform a shallow rekey of all vSAN encrypted datastores at regular, site-defined intervals.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-VMware recommends a 60-day rekey task, but this interval must be defined by the SA and the information system security officer (ISSO).
+Look for settings with the format "ethernet*.filter*.name".
 
-If vSAN encryption is not in use, this is not a finding.
+Ensure only required VMs use this setting.
 
-If vSAN encryption is in use and a regular rekey procedure is not in place, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If vSAN encryption is in use, ensure that a regular rekey procedure is in place.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e7ef6d54-d852-4814-96b3-2fa38ba6a946</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000288</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000288</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000288</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>LDAP is an industry standard protocol for querying directory services such as Active Directory. This protocol can operate in clear text or over a Secure Sockets Layer (SSL)&#x2F;Transport Layer Security (TLS) encrypted tunnel. To protect confidentiality of LDAP communications, secure LDAP (LDAPS) must be explicitly configured when adding an LDAP identity source in vSphere Single Sign-On (SSO).
-
-When configuring an identity source and supplying an SSL certificate, vCenter will enforce LDAPS. The server URLs do not need to be explicitly provided if an SSL certificate is uploaded.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If LDAP is not used as an identity provider, this is not applicable.
+or
 
-From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+
+Get-VM "VM Name" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting
+
+Note: Change the X and Y values to match the specific setting in the organization's environment.
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000200' do\n  title 'Virtual machines (VMs) must disable access through the \"dvfilter\" network Application Programming Interface (API).'\n  desc  'An attacker might compromise a VM by using the \"dvFilter\" API. Configure only VMs that need this access to use the API.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the settings with the format \\\"ethernet*.filter*.name\\\" do not exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name \\\"ethernet*.filter*.name*\\\"\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and dvfilters are not in use, this is a finding.\n\n    If the virtual machine advanced setting \\\"ethernet*.filter*.name\\\" exists and the value is not valid, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Look for settings with the format \\\"ethernet*.filter*.name\\\".\n\n    Ensure only required VMs use this setting.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting\n\n    Note: Change the X and Y values to match the specific setting in the organization's environment.\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000200'\n  tag rid: 'SV-VMCH-80-000200'\n  tag stig_id: 'VMCH-80-000200'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name ethernet*.filter* | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000201</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must be configured to lock when the last console connection is closed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click the &quot;Identity Sources&quot; tab.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; VMware Remote Console Options.
 
-For each identity source of type &quot;Active Directory over LDAP&quot;, if the &quot;Server URL&quot; does not indicate &quot;ldaps:&#x2F;&#x2F;&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Configuration &gt;&gt; Identity Provider.
+Verify the option "Lock the guest operating system when the last remote user disconnects" is checked.
 
-Click the &quot;Identity Sources&quot; tab.
-
-For each identity source of type &quot;Active Directory over LDAP&quot; where LDAPS is not configured, highlight the item and click &quot;Edit&quot;.
-
-Ensure the primary and secondary server URLs, if specified, are configured for &quot;ldaps:&#x2F;&#x2F;&quot;.
-
-At the bottom, click the &quot;Browse&quot; button, select the AD LDAP cert previously exported to your local computer, click &quot;Open&quot;, and &quot;Save&quot; to complete modifications.
-
-Note: With LDAPS, the server must be a specific domain controller and its specific certificate or the domain alias with a certificate that is valid for that URL.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>8b0e3262-010e-435b-9f87-3478a1bdae4e</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000290</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000290</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000290</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must limit membership to the &quot;SystemConfiguration.BashShellAdministrators&quot; Single Sign-On (SSO) group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter SSO integrates with PAM in the underlying Photon operating system so members of the &quot;SystemConfiguration.BashShellAdministrators&quot; SSO group can log on to the operating system without needing a separate account. However, even though unique SSO users log on, they are transparently using a group account named &quot;sso-user&quot; as far as Photon auditing is concerned. While the audit trail can still be traced back to the individual SSO user, it is a more involved process.
-
-To force accountability and nonrepudiation, the SSO group &quot;SystemConfiguration.BashShellAdministrators&quot; must be severely restricted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
+or
 
-Click the next page arrow until the &quot;SystemConfiguration.BashShellAdministrators&quot; group appears.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Click &quot;SystemConfiguration.BashShellAdministrators&quot;.
+Get-VM "VM Name" | Get-AdvancedSetting -Name tools.guest.desktop.autolock
 
-Review the members of the group and ensure that only authorized accounts are present.
+If the virtual machine advanced setting "tools.guest.desktop.autolock" is not set to "true", this is a finding.
 
-Note: By default the Administrator and a unique service account similar to &quot;vmware-applmgmtservice-714684a4-342f-4eff-a232-cdc21def00c2&quot; will be in the group and should not be removed.
+If the virtual machine advanced setting "tools.guest.desktop.autolock" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-If there are any accounts present as members of SystemConfiguration.BashShellAdministrators that are not authorized, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; VMware Remote Console Options.
 
-Click the next page arrow until the &quot;SystemConfiguration.BashShellAdministrators&quot; group appears.
+Check the box next to "Lock the guest operating system when the last remote user disconnects". Click "OK".
 
-Click &quot;SystemConfiguration.BashShellAdministrators&quot;.
+or
 
-Click the three vertical dots next to the name of each unauthorized account.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Select &quot;Remove Member&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>a976af54-08c7-4160-b4e8-a9d453d3ca13</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Administrator is expected to be in &quot;Administrator&quot; and &quot;vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d&quot;
+Get-VM "VM Name" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000201' do\n  title 'Virtual machines (VMs) must be configured to lock when the last console connection is closed.'\n  desc  'When accessing the VM console, the guest operating system must be locked when the last console user disconnects, limiting the possibility of session hijacking. This setting only applies to Windows-based VMs with VMware tools installed.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; VMware Remote Console Options.\n\n    Verify the option \\\"Lock the guest operating system when the last remote user disconnects\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" is not set to \\\"true\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"tools.guest.desktop.autolock\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; VMware Remote Console Options.\n\n    Check the box next to \\\"Lock the guest operating system when the last remote user disconnects\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Set-AdvancedSetting -Value true\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000201'\n  tag rid: 'SV-VMCH-80-000201'\n  tag stig_id: 'VMCH-80-000201'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name tools.guest.desktop.autolock | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'true' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
 --------------------------------
-passed
-vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d is expected to be in &quot;Administrator&quot; and &quot;vmware-applmgmtservice-7581d05c-eac0-4a70-b76c-f7b58b907e8d&quot;
+passed :: TEST VM: stigvm1 is expected to be empty
 --------------------------------
-passed
-Stderr should be empty if no groups found is expected to be empty
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == "true"
 --------------------------------
-passed
-No groups found in SystemConfiguration.BashShellAdministrators is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000291</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000291</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000291</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must limit membership to the &quot;TrustedAdmins&quot; Single Sign-On (SSO) group.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vSphere &quot;TrustedAdmins&quot; group grants additional rights to administer the vSphere Trust Authority feature.
-
-To force accountability and nonrepudiation, the SSO group &quot;TrustedAdmins&quot; must be severely restricted.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == "true"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == "true"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000202</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000202</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000202</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must disable 3D features when not required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click the next page arrow until the &quot;TrustedAdmins&quot; group appears.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.
 
-Click &quot;TrustedAdmins&quot;.
+Expand the "Video card" and verify the "Enable 3D Support" checkbox is unchecked.
 
-Review the members of the group and ensure that only authorized accounts are present.
+or
 
-Note: These accounts act as root on the Photon operating system and have the ability to severely damage vCenter, inadvertently or otherwise.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-If there are any accounts present as members of TrustedAdmins that are not authorized, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Users and Groups &gt;&gt; Groups.
+Get-VM "VM Name" | Get-AdvancedSetting -Name mks.enable3d
 
-Click the next page arrow until the &quot;TrustedAdmins&quot; group appears.
+If the virtual machine advanced setting "mks.enable3d" exists and is not set to "false", this is a finding.
 
-Click &quot;TrustedAdmins&quot;.
+If the virtual machine advanced setting "mks.enable3d" does not exist, this is not a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click the three vertical dots next to the name of each unauthorized account.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.
+
+Expand the "Video card" and uncheck the "Enable 3D Support" checkbox.
+
+Click "OK".
+
+or
+
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Select &quot;Remove Member&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0f2061f9-32be-4ca1-8a16-fa352bbad89a</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-Stderr should be empty if no users found is expected to be empty
+Get-VM "VM Name" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value "false"
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000202' do\n  title 'Virtual machines (VMs) must disable 3D features when not required.'\n  desc  'For performance reasons, it is recommended that 3D acceleration be disabled on virtual machines that do not require 3D functionality (e.g., most server workloads or desktops not using 3D applications).'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and verify the \\\"Enable 3D Support\\\" checkbox is unchecked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" exists and is not set to \\\"false\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"mks.enable3d\\\" does not exist, this is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings.\n\n    Expand the \\\"Video card\\\" and uncheck the \\\"Enable 3D Support\\\" checkbox.\n\n    Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name mks.enable3d | Set-AdvancedSetting -Value \\\"false\\\"\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000202'\n  tag rid: 'SV-VMCH-80-000202'\n  tag stig_id: 'VMCH-80-000202'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name mks.enable3d | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
 --------------------------------
-passed
-No users found in TrustedAdmins is expected to be empty
+passed :: TEST VM: stigvm1 is expected to be empty
 --------------------------------
-passed
-Stderr should be empty if no groups found is expected to be empty
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == "false"
 --------------------------------
-passed
-No groups found in TrustedAdmins is expected to be empty</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000292</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000292</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000292</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server configuration must be backed up on a regular basis.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter server is the control plane for the vSphere infrastructure and all the workloads it hosts. As such, vCenter is usually a highly critical system in its own right. Backups of vCenter can now be made at a data and configuration level versus traditional storage&#x2F;image-based backups. This reduces recovery time by letting the system administrator (SA) spin up a new vCenter while simultaneously importing the backed-up data.
-
-For sites that implement the Native Key Provider (NKP), introduced in 7.0 Update 2, regular vCenter backups are critical. In a recovery scenario where the virtual machine files are intact but vCenter was lost, the encrypted virtual machines will not be able to boot as their private keys were stored in vCenter after it was last backed up. When using the NKP, vCenter becomes critical to the virtual machine workloads and ceases to be just the control plane.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Option 1:
-
-If vCenter is backed up in a traditional manner, at the storage array level, interview the SA to determine configuration and schedule.
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == "false"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == "false"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000203</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must enable encryption for vMotion.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.
 
-Option 2:
+vSphere enables encrypted vMotion by default as "Opportunistic", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.
 
-For vCenter native backup functionality, open the Virtual Appliance Management Interface (VAMI) by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
+For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to "Required", vMotions to unsupported hosts will fail. This must be set to "Opportunistic" or "Required".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
 
-Select &quot;Backup&quot; on the left navigation pane.
+or
 
-On the resulting pane on the right, verify the &quot;Status&quot; is &quot;Enabled&quot;.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Click &quot;Status&quot; to expand the backup details.
+Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq "disabled")}
 
-If vCenter server backups are not configured and there is no other vCenter backup system, this is a finding.
+If the "Encrypted vMotion" setting does not have a value of "Opportunistic" or "Required", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-If the backup configuration is not set to a proper, reachable location or if the schedule is anything less frequent than &quot;Daily&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Option 1:
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
 
-Implement and document a VMware-supported storage&#x2F;image-based backup schedule.
+For "Encrypted vMotion" set the value to "Opportunistic" or "Required". Click "OK".
 
-Option 2:
+or
 
-To configure vCenter native backup functionality, open the VAMI by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
 
-Log in with local operating system administrative credentials or with an SSO account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
+$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
+$spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes
+$spec.MigrateEncryption = $true
+(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000203' do\n  title 'Virtual machines (VMs) must enable encryption for vMotion.'\n  desc  \"\n    vMotion migrations in vSphere 6.0 and earlier transferred working memory and CPU state information in clear text over the vMotion network. As of vSphere 6.5, this transfer can be transparently encrypted using 256-bit AES-GCM with negligible performance impact.\n\n    vSphere enables encrypted vMotion by default as \\\"Opportunistic\\\", meaning that encrypted channels are used where supported, but the operation will continue in plain text where encryption is not supported.\n\n    For example, when vMotioning between two hosts, encryption will always be used. However, because 6.0 and earlier releases do not support this feature, vMotion from a 7.0 host to a 6.0 host would be allowed but would not be encrypted. If the encryption is set to \\\"Required\\\", vMotions to unsupported hosts will fail. This must be set to \\\"Opportunistic\\\" or \\\"Required\\\".\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.MigrateEncryption -eq \\\"disabled\\\")}\n\n    If the \\\"Encrypted vMotion\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.\n\n    For \\\"Encrypted vMotion\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.MigrateEncryption = New-Object VMware.Vim.VirtualMachineConfigSpecEncryptedVMotionModes\n    $spec.MigrateEncryption = $true\n    (Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000203'\n  tag rid: 'SV-VMCH-80-000203'\n  tag stig_id: 'VMCH-80-000203'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['opportunistic', 'required']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.MigrateEncryption\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be in "opportunistic" and "required"
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be in "opportunistic" and "required"
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in "opportunistic" and "required"
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in "opportunistic" and "required"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in "opportunistic" and "required"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000204</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000204</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000204</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must enable encryption for Fault Tolerance.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.
 
-Select &quot;Backup&quot; on the left navigation pane.
+vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.
 
-On the resulting pane on the right, click &quot;Configure&quot; (or &quot;Edit&quot; for an existing configuration).
+When Fault Tolerance is turned on, FT encryption is set to "Opportunistic" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.
 
-Enter site-specific information for the backup job.
+For each virtual machine do the following:
 
-Ensure &quot;Schedule&quot; is set to &quot;Daily&quot;. Limiting the number of retained backups is recommended but not required.
-
-Click &quot;Create&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>3d872f43-3f06-4497-948b-b6257527fcd2</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-File based backups should be enabled. is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
 
-expected: true
-     got: 
+or
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000293</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000293</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000293</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must have task and event retention set to at least 30 days.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter tasks and events contain valuable historical actions, useful in troubleshooting availability issues and for incident forensics. While vCenter events are sent to central log servers in real time, it is important that administrators have quick access to this information when needed.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-vCenter retains 30 days of tasks and events by default, and this is sufficient for most purposes. The vCenter disk partitions are also sized with this in mind. Decreasing is not recommended for operational reasons, while increasing is not recommended unless guided by VMware support due to the partition sizing concerns.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne "ftEncryptionOpportunistic") -and ($_.ExtensionData.Config.FtEncryptionMode -ne "ftEncryptionRequired")}
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
+If the "Encrypted FT" setting does not have a value of "Opportunistic" or "Required", this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click to expand the &quot;Database&quot; section.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.
 
-Note the &quot;Task retention&quot; and &quot;Event retention&quot; values.
+For "Encrypted FT" set the value to "Opportunistic" or "Required". Click "OK".
 
-If either value is configured to less than &quot;30&quot; days, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+or
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; General.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
 
-Click &quot;Edit&quot;.
-
-On the &quot;Database&quot; tab, set the value for both &quot;Task retention&quot; and &quot;Event retention&quot; to &quot;30&quot; days (default) or greater, as required by your site.
-
-Click &quot;Save&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>d43f9a2e-8538-42bf-a9e3-0000144bbb00</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name event.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &gt;&#x3D; &quot;30&quot;
+$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
+$spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes
+$spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired
+(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000204' do\n  title 'Virtual machines (VMs) must enable encryption for Fault Tolerance.'\n  desc  \"\n    Fault Tolerance log traffic can be encrypted. This could contain sensitive data from the protected machine's memory or CPU instructions.\n\n    vSphere Fault Tolerance performs frequent checks between a primary VM and secondary VM so the secondary VM can quickly resume from the last successful checkpoint. The checkpoint contains the VM state that has been modified since the previous checkpoint.\n\n    When Fault Tolerance is turned on, FT encryption is set to \\\"Opportunistic\\\" by default, which means it enables encryption only if both the primary and secondary host are capable of encryption.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    If the Virtual Machine does not have Fault Tolerance enabled, this is not applicable.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionOpportunistic\\\") -and ($_.ExtensionData.Config.FtEncryptionMode -ne \\\"ftEncryptionRequired\\\")}\n\n    If the \\\"Encrypted FT\\\" setting does not have a value of \\\"Opportunistic\\\" or \\\"Required\\\", this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Encryption.\n\n    For \\\"Encrypted FT\\\" set the value to \\\"Opportunistic\\\" or \\\"Required\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.FTEncryption = New-Object VMware.Vim.VMware.Vim.VirtualMachineConfigSpecEncryptedFtModes\n    $spec.FT = ftEncryptionOpportunistic or ftEncryptionRequired\n    (Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000204'\n  tag rid: 'SV-VMCH-80-000204'\n  tag stig_id: 'VMCH-80-000204'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    list = ['ftEncryptionOpportunistic', 'ftEncryptionRequired']\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.FtEncryptionMode\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should be_in list }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be in "ftEncryptionOpportunistic" and "ftEncryptionRequired"
 --------------------------------
-passed
-PowerCLI Command: Get-AdvancedSetting -Entity $global:DefaultViServers.Name -Name task.maxAge | Select-Object -ExpandProperty Value stdout.strip is expected to cmp &gt;&#x3D; &quot;30&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000294</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000294</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000294</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server Native Key Provider must be backed up with a strong password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Native Key Provider feature was introduced in 7.0 U2 and acts as a key provider for encryption based capabilities such as encrypted virtual machines without requiring an external KMS solution.  When enabling this feature a backup must be taken which is a PKCS#12 formatted file and if no password is provided during the backup process this presents the opportunity for this to be used maliciously and compromise the environment.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If the vCenter Native Key Provider feature is not in use, this is not applicable.
+passed :: TEST VM: stigvm1 is expected to be in "ftEncryptionOpportunistic" and "ftEncryptionRequired"
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to be in "ftEncryptionOpportunistic" and "ftEncryptionRequired"
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to be in "ftEncryptionOpportunistic" and "ftEncryptionRequired"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to be in "ftEncryptionOpportunistic" and "ftEncryptionRequired"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000205</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must configure log size.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.
 
-Interview the system administrator and determine if a password was provided for any backups taken of the Native Key Provider.
+By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-If backups exist for the Native Key Provider that are not password protected, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Select a vCenter Server &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Key Providers.
+Verify the "log.rotateSize" value is set to "2048000".
 
-Select the Native Key Provider, click &quot;Back-up&quot;, and check the box &quot;Protect Native Key Provider data with password&quot;.
-
-Provide a strong password and click &quot;Back up key provider&quot;.
-
-Delete any previous backups that were not protected with a password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>21b01338-982a-4b38-9bcf-a4fac7f1232d</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000295</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000295</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000295</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must require authentication for published content libraries.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale. When publishing a content library it can be protected by requiring authentication for subscribers.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
+or
 
-Review the &quot;Password Protected&quot; column.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-If a content library is published and is not password protected, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
+Get-VM "VM Name" | Get-AdvancedSetting -Name log.rotateSize
 
-Select the target content library.
+If the virtual machine advanced setting "log.rotateSize" is not set to "2048000", this is a finding.
 
-Select &quot;Actions&quot; then &quot;Edit Settings&quot;.
-
-Click the checkbox to &quot;Enable user authentication for access to this content library&quot;.
-
-Enter and confirm a password for the content library. Click &quot;Ok&quot;.
-
-Note: Any subscribed content libraries will need to be updated to enable authentication and provide the password.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e33de32e-2e69-4a0c-9a86-39950cfd5646</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-Authentication should be enabled on Content Library: STIG Content Library [&quot;publish_info&quot;, &quot;authentication_method&quot;] is expected to cmp &#x3D;&#x3D; &quot;BASIC&quot;
+If the virtual machine advanced setting "log.rotateSize" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-expected: BASIC
-     got: NONE
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000296</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000296</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000296</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter server must enable the OVF security policy for content libraries.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>In the vSphere Client, you can create a local or a subscribed content library. By using content libraries, you can store and manage content in one vCenter Server instance. Alternatively, you can distribute content across vCenter Server instances to increase consistency and facilitate the deployment workloads at scale.
+Find the "log.rotateSize" value and set it to "2048000".
 
-You can protect the OVF items by applying default OVF security policy to a content library. The OVF security policy enforces strict validation on OVF items when you deploy or update the item, import items, or synchronize OVF and OVA templates. To make sure that the OVF and OVA templates are signed by a trusted certificate, you can add the OVF signing certificate from a trusted CA.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
+If the setting does not exist no action is needed.
 
-Review the &quot;Security Policy&quot; column.
+or
 
-If a content library does not have the &quot;OVF default policy&quot; enabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Content Libraries.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Select the target content library.
+Get-VM "VM Name" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000205' do\n  title 'Virtual machines (VMs) must configure log size.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, the size of these logs is unlimited, and they are only rotated on vMotion or power events. This can cause storage issues at scale for VMs that do not vMotion or power cycle often.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"log.rotateSize\\\" value is set to \\\"2048000\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" is not set to \\\"2048000\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.rotateSize\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"log.rotateSize\\\" value and set it to \\\"2048000\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.rotateSize | Set-AdvancedSetting -Value 2048000\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000205'\n  tag rid: 'SV-VMCH-80-000205'\n  tag stig_id: 'VMCH-80-000205'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.rotateSize | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '2048000' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == "2048000"
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == "2048000"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == "2048000"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000206</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000206</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000206</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must configure log retention.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.
 
-Select &quot;Actions&quot; then &quot;Edit Settings&quot;.
-
-Click the checkbox to &quot;Apply Security Policy&quot;. Click &quot;OK&quot;.
-
-Note: If you disable the security policy of a content library, you cannot reuse the existing OVF items.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>551280f4-2ead-457d-80b0-311d938561e6</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-OVF security policy should be enabled on Content Library: STIG Content Library [&quot;security_policy_id&quot;] is expected not to equal nil
-
-expected not #&lt;NilClass:8&gt; &#x3D;&gt; nil
-         got #&lt;NilClass:8&gt; &#x3D;&gt; nil
-
-Compared using equal?, which compares object identity.
-
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000298</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000298</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000298</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must separate authentication and authorization for administrators.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Many organizations do both authentication and authorization using a centralized directory service such as Active Directory. Attackers who compromise an identity source can often add themselves to authorization groups, and simply log into systems they should not otherwise have access to. Additionally, reliance on central identity systems means that the administrators of those systems are potentially infrastructure administrators, too, as they can add themselves to infrastructure access groups at will.
+By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-The use of local SSO groups for authorization helps prevent this avenue of attack by allowing the centralized identity source to still authenticate users but moving authorization into vCenter itself.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Roles.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-View the Administrator role and any other role providing administrative access to vCenter to verify the users and&#x2F;or groups assigned to it by clicking on &quot;Usage&quot;.
+Verify the "log.keepOld" value is set to "10".
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Get-VIPermission | Sort Role | Select Role,Principal,Entity,Propagate,IsGroup | FT -Auto
+Get-VM "VM Name" | Get-AdvancedSetting -Name log.keepOld
 
-If any user or group is directly assigned a role with administrative access to vCenter that is from an identity provider, this is a finding.
+If the virtual machine advanced setting "log.keepOld" is not set to "10", this is a finding.
 
-Note: Users and&#x2F;or groups assigned to roles should be from the &quot;VSPHERE.LOCAL&quot; identity source.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>To add groups from an identity provider to the local SSO Administrators group, as an example, do the following:
+If the virtual machine advanced setting "log.keepOld" does NOT exist, this is NOT a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, go to Administration &gt;&gt; Single Sign On &gt;&gt; Groups.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.
 
-Select the Administrators group and click &quot;Edit&quot;.
+Find the "log.keepOld" value and set it to "10".
 
-In the &quot;Add Members&quot; section, select the identity source and type the name of the target user&#x2F;group in the search bar.
+If the setting does not exist no action is needed.
 
-Select the target user&#x2F;group to add them and click &quot;Save&quot;.
+or
 
-Note: A new SSO group or groups can be created as needed and used to provide authorization to vCenter.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-To remove identity provider users&#x2F;groups from a role, do the following:
+Get-VM "VM Name" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10
+
+Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000206' do\n  title 'Virtual machines (VMs) must configure log retention.'\n  desc  \"\n    The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including but not limited to power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations, and machine clones.\n\n    By default, 10 of these logs are retained. This is normally sufficient for most environments, but this configuration must be verified and maintained.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Verify the \\\"log.keepOld\\\" value is set to \\\"10\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" is not set to \\\"10\\\", this is a finding.\n\n    If the virtual machine advanced setting \\\"log.keepOld\\\" does NOT exist, this is NOT a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; Advanced Parameters.\n\n    Find the \\\"log.keepOld\\\" value and set it to \\\"10\\\".\n\n    If the setting does not exist no action is needed.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-AdvancedSetting -Name log.keepOld | Set-AdvancedSetting -Value 10\n\n    Note: The VM must be powered off to configure the advanced settings through the vSphere Client. Therefore, it is recommended to configure these settings with PowerCLI as this can be done while the VM is powered on. Settings do not take effect via either method until the virtual machine is cold started, not rebooted.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000206'\n  tag rid: 'SV-VMCH-80-000206'\n  tag stig_id: 'VMCH-80-000206'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-AdvancedSetting -Name log.keepOld | Select-Object -ExpandProperty Value\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should cmp '10' }\n        end\n        describe \"VM: #{vm}\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to be empty
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to be empty
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == "10"
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == "10"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == "10"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000207</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must enable logging.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From the vSphere Client, go to Administration &gt;&gt; Access Control &gt;&gt; Global Permissions.
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Advanced.
 
-Select the offending user&#x2F;group and click &quot;Delete&quot;.
-
-Note: If permissions are assigned on a specific object, then the role must be updated where it is assigned (for example, at the cluster level).</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e4cdbc0e-61a3-480c-b506-db7b6e6d6a01</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Not_Reviewed</STATUS>
-				<FINDING_DETAILS>skipped
-This check is a manual or policy based check and must be reviewed manually.
-This check is a manual or policy based check and must be reviewed manually.</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000299</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000299</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000299</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must disable CDP&#x2F;LLDP on distributed switches.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vSphere Distributed Virtual Switch can participate in Cisco Discovery Protocol (CDP) or Link Layer Discovery Protocol (LLDP), as a listener, advertiser, or both. The information is sensitive, including IP addresses, system names, software versions, and more. It can be used by an adversary to gain a better understanding of your environment, and to impersonate devices. It is also transmitted unencrypted on the network, and as such the recommendation is to disable it.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+Ensure that the checkbox next to "Enable logging" is checked.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+or
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Review the &quot;Discovery Protocol&quot; configuration.
+Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne "True"}
 
-or
+If logging is not enabled, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Advanced.
 
-Get-VDSwitch | Select Name,LinkDiscoveryProtocolOperation
+Click the checkbox next to "Enable logging". Click "OK".
 
-If any distributed switch does not have &quot;Discovery Protocols&quot; disabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+or
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
 
-Click &quot;Edit&quot;.
+$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
+$spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo
+$spec.Flags.enableLogging = $true
+(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000207' do\n  title 'Virtual machines (VMs) must enable logging.'\n  desc  'The ESXi hypervisor maintains logs for each individual VM by default. These logs contain information including, but not limited to, power events, system failure information, tools status and activity, time sync, virtual hardware changes, vMotion migrations and machine clones. Due to the value these logs provide for the continued availability of each VM and potential security incidents, these logs must be enabled.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Advanced.\n\n    Ensure that the checkbox next to \\\"Enable logging\\\" is checked.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Flags.EnableLogging -ne \\\"True\\\"}\n\n    If logging is not enabled, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to Edit Settings &gt;&gt; VM Options &gt;&gt; Advanced.\n\n    Click the checkbox next to \\\"Enable logging\\\". Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.Flags = New-Object VMware.Vim.VirtualMachineFlagInfo\n    $spec.Flags.enableLogging = $true\n    (Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000207'\n  tag rid: 'SV-VMCH-80-000207'\n  tag stig_id: 'VMCH-80-000207'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Flags.EnableLogging\"\n      result = powercli_command(command).stdout.strip\n      describe \"VM: #{vm}\" do\n        subject { result }\n        it { should cmp 'true' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST VM: stig vm2 is expected to cmp == "true"
+--------------------------------
+passed :: TEST VM: stigvm1 is expected to cmp == "true"
+--------------------------------
+passed :: TEST VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c is expected to cmp == "true"
+--------------------------------
+passed :: TEST VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d is expected to cmp == "true"
+--------------------------------
+passed :: TEST VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 is expected to cmp == "true"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000208</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000208</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000208</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must not use independent, non-persistent disks.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.
 
-Select the advanced tab and update the &quot;Type&quot; under &quot;Discovery Protocol&quot; to disabled and click &quot;OK&quot;.
+There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-or
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Review the attached hard disks and verify they are not configured as independent nonpersistent disks.
 
-Get-VDSwitch -Name &quot;DSwitch&quot; | Set-VDSwitch -LinkDiscoveryProtocolOperation &quot;Disabled&quot;</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>dc79e3b9-10ca-4142-9791-f777f7e02595</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: Get-VDSwitch -Name &quot;VDSwitch STIG 1&quot; | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp &#x3D;&#x3D; &quot;Disabled&quot;
+or
 
-expected: Disabled
-     got: Listen
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-(compared using &#x60;cmp&#x60; matcher)
+Get-VM "VM Name" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize
 
---------------------------------
-failed
-PowerCLI Command: Get-VDSwitch -Name &quot;VDSwitch STIG 2&quot; | Select -ExpandProperty LinkDiscoveryProtocolOperation stdout.strip is expected to cmp &#x3D;&#x3D; &quot;Disabled&quot;
+If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-expected: Disabled
-     got: Listen
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000300</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must remove unauthorized port mirroring sessions on distributed switches.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vSphere Distributed Virtual Switch can enable port mirroring sessions allowing traffic to be mirrored from one source to a destination. If port mirroring is configured unknowingly this could allow an attacker to observe network traffic of virtual machines.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+Select the target hard disk and change the mode to persistent or uncheck Independent.
 
-From the vSphere Client, go to &quot;Networking&quot;.
+or
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Port Mirroring.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:
 
-Review any configured &quot;Port Mirroring&quot; sessions.
+Get-VM "VM Name" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+Get-VM "VM Name" | Get-HardDisk | Set-HardDisk -Persistence Persistent</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000208' do\n  title 'Virtual machines (VMs) must not use independent, non-persistent disks.'\n  desc  \"\n    The security issue with nonpersistent disk mode is that successful attackers, with a simple shutdown or reboot, might undo or remove any traces they were ever on the machine. To safeguard against this risk, production virtual machines should be set to use persistent disk mode; additionally, ensure activity within the VM is logged remotely on a separate server, such as a syslog server or equivalent Windows-based event collector. Without a persistent record of activity on a VM, administrators might never know whether they have been attacked or hacked.\n\n    There can be valid use cases for these types of disks, such as with an application presentation solution where read-only disks are desired, and such cases should be identified and documented.\n  \"\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the attached hard disks and verify they are not configured as independent nonpersistent disks.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Select Parent, Name, Filename, DiskType, Persistence | FT -AutoSize\n\n    If the virtual machine has attached disks that are in independent nonpersistent mode and are not documented, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the target hard disk and change the mode to persistent or uncheck Independent.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run one of the following commands:\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence IndependentPersistent\n\n    or\n\n    Get-VM \\\"VM Name\\\" | Get-HardDisk | Set-HardDisk -Persistence Persistent\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000208'\n  tag rid: 'SV-VMCH-80-000208'\n  tag stig_id: 'VMCH-80-000208'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-HardDisk | Select-Object -ExpandProperty Persistence\"\n      results = powercli_command(command)\n      results.stdout.split.each do |disk|\n        describe \"Checking the VM: #{vm} for Non-Persistent Hard Disks\" do\n          subject { disk }\n          it { should_not cmp 'IndependentNonPersistent' }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Checking the VM: stig vm2 for Non-Persistent Hard Disks is expected not to cmp == "IndependentNonPersistent"
+--------------------------------
+passed :: TEST Checking the VM: stigvm1 for Non-Persistent Hard Disks is expected not to cmp == "IndependentNonPersistent"
+--------------------------------
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Non-Persistent Hard Disks is expected not to cmp == "IndependentNonPersistent"
+--------------------------------
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Non-Persistent Hard Disks is expected not to cmp == "IndependentNonPersistent"
+--------------------------------
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Non-Persistent Hard Disks is expected not to cmp == "IndependentNonPersistent"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000209</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded floppy devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
 
-Get-VDSwitch | select Name,@{N&#x3D;&quot;Port Mirroring Sessions&quot;;E&#x3D;{$_.ExtensionData.Config.VspanSession.Name}}
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-If there are any unauthorized port mirroring sessions configured, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState
 
-Select a distributed switch &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Port Mirroring.
+If a virtual machine has a floppy drive connected, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
 
-Select the unauthorized &quot;Port Mirroring&quot; session and click &quot;Remove&quot;. Click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>c78821c4-e28a-4031-9b76-4c07f81c7a34</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 1&quot;).ExtensionData.Config.VspanSession stdout.strip is expected to cmp &#x3D;&#x3D; &quot;&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDSwitch -Name &quot;VDSwitch STIG 2&quot;).ExtensionData.Config.VspanSession stdout.strip is expected to cmp &#x3D;&#x3D; &quot;&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000301</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000301</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000301</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must not override port group settings at the port level on distributed switches.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.
+The VM must be powered off to remove a floppy drive.
 
-If there are cases where particular VMs require unique configurations then a different port group with the required configuration should be created instead of overriding port group settings.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-From the vSphere Client, go to &quot;Networking&quot;.
+Get-VM "VM Name" | Get-FloppyDrive | Remove-FloppyDrive</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000209' do\n  title 'Virtual machines (VMs) must remove unneeded floppy devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState\n\n    If a virtual machine has a floppy drive connected, this is a finding.\n  \"\n  desc 'fix', \"\n    Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a floppy drive.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-FloppyDrive | Remove-FloppyDrive\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000209'\n  tag rid: 'SV-VMCH-80-000209'\n  tag stig_id: 'VMCH-80-000209'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-FloppyDrive\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for Floppy drives\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Checking the VM: stig vm2 for Floppy drives is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: stigvm1 for Floppy drives is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for Floppy drives is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for Floppy drives is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for Floppy drives is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000210</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded CD/DVD devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
 
-Review the &quot;Override port policies&quot;.
+Review the VMs hardware and verify no CD/DVD drives are connected.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
-
-(Get-VDPortgroup).ExtensionData.Config.Policy
-
-If there are any distributed port groups that allow overridden port policies, this is a finding.
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-Note: This does not apply to the &quot;Block Ports&quot; or &quot;Configure reset at disconnect&quot; policies.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+If a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click &quot;Edit&quot;.
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
 
-Select advanced and update all port policies besides &quot;Block Ports&quot; to &quot;disabled&quot; and click &quot;OK&quot;.
+Select the CD/DVD drive and uncheck "Connected" and "Connect at power on" and remove any attached ISOs.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-$pgs &#x3D; Get-VDPortgroup | Get-View
-ForEach($pg in $pgs){
-$spec &#x3D; New-Object VMware.Vim.DVPortgroupConfigSpec
-$spec.configversion &#x3D; $pg.Config.ConfigVersion
-$spec.Policy &#x3D; New-Object VMware.Vim.VMwareDVSPortgroupPolicy
-$spec.Policy.VlanOverrideAllowed &#x3D; $False
-$spec.Policy.UplinkTeamingOverrideAllowed &#x3D; $False
-$spec.Policy.SecurityPolicyOverrideAllowed &#x3D; $False
-$spec.Policy.IpfixOverrideAllowed &#x3D; $False
-$spec.Policy.BlockOverrideAllowed &#x3D; $True
-$spec.Policy.ShapingOverrideAllowed &#x3D; $False
-$spec.Policy.VendorConfigOverrideAllowed &#x3D; $False
-$spec.Policy.TrafficFilterOverrideAllowed &#x3D; $False
-$pg.ReconfigureDVPortgroup_Task($spec)
-}</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>e41c3fe9-6574-43c1-b6fa-433bf85f1135</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+Get-VM "VM Name" | Get-CDDrive | Set-CDDrive -NoMedia</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000210' do\n  title 'Virtual machines (VMs) must remove unneeded CD/DVD devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no CD/DVD drives are connected.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Get-CDDrive | Where {$_.extensiondata.connectable.connected -eq $true} | Select Parent,Name\n\n    If a virtual machine has a CD/DVD drive connected other than temporarily, this is a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the CD/DVD drive and uncheck \\\"Connected\\\" and \\\"Connect at power on\\\" and remove any attached ISOs.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-CDDrive | Set-CDDrive -NoMedia\n  \"\n  impact 0.3\n  tag severity: 'low'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000210'\n  tag rid: 'SV-VMCH-80-000210'\n  tag stig_id: 'VMCH-80-000210'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}' | Get-CDDrive).ExtensionData.connectable.connected\"\n      result = powercli_command(command).stdout.strip\n      describe.one do\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should cmp 'false' }\n        end\n        describe \"Checking the VM: #{vm} for CD/DVD drives\" do\n          subject { result }\n          it { should be_empty }\n        end\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Checking the VM: stig vm2 for CD/DVD drives is expected to cmp == "false"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: stigvm1 for CD/DVD drives is expected to cmp == "false"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for CD/DVD drives is expected to be empty
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for CD/DVD drives is expected to be empty
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.VlanOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.UplinkTeamingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for CD/DVD drives is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000211</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded parallel devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
+
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+
+Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match "parallel"}
+
+If a virtual machine has a parallel device present, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.
+
+The VM must be powered off to remove a parallel device.
+
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
+
+$pport = (Get-VM -Name &lt;vmname&gt;).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match "Parallel"}
+$spec = New-Object VMware.Vim.VirtualMachineConfigSpec
+$spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec
+$spec.DeviceChange[-1].device = $pport
+$spec.DeviceChange[-1].operation = "remove"
+(Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000211' do\n  title 'Virtual machines (VMs) must remove unneeded parallel devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"parallel\\\"}\n\n    If a virtual machine has a parallel device present, this is a finding.\n  \"\n  desc 'fix', \"\n    Parallel devices are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI.\n\n    The VM must be powered off to remove a parallel device.\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    $pport = (Get-VM -Name &lt;vmname&gt;).ExtensionData.Config.Hardware.Device | Where {$_.DeviceInfo.Label -match \\\"Parallel\\\"}\n    $spec = New-Object VMware.Vim.VirtualMachineConfigSpec\n    $spec.DeviceChange += New-Object VMware.Vim.VirtualDeviceConfigSpec\n    $spec.DeviceChange[-1].device = $pport\n    $spec.DeviceChange[-1].operation = \\\"remove\\\"\n    (Get-VM -Name &lt;vmname&gt;).ExtensionData.ReconfigVM($spec)\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000211'\n  tag rid: 'SV-VMCH-80-000211'\n  tag stig_id: 'VMCH-80-000211'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for parallel devices\" do\n        subject { result }\n        it { should_not match 'Parallel' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Checking the VM: stig vm2 for parallel devices is expected not to match "Parallel"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.SecurityPolicyOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: stigvm1 for parallel devices is expected not to match "Parallel"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.IpfixOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for parallel devices is expected not to match "Parallel"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.MacManagementOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for parallel devices is expected not to match "Parallel"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.ShapingOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for parallel devices is expected not to match "Parallel"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000212</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000212</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000212</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded serial devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
+
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
+
+Review the VMs hardware and verify no serial devices exist.
+
+or
+
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+
+Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match "serial"}
+
+If a virtual machine has a serial device present, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>The VM must be powered off to remove a serial device.
+
+For each virtual machine do the following:
+
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
+
+Select the serial device, click the circled "X" to remove it, and click "OK".</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000212' do\n  title 'Virtual machines (VMs) must remove unneeded serial devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no serial devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"serial\\\"}\n\n    If a virtual machine has a serial device present, this is a finding.\n  \"\n  desc  'fix', \"\n    The VM must be powered off to remove a serial device.\n\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the serial device, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000212'\n  tag rid: 'SV-VMCH-80-000212'\n  tag stig_id: 'VMCH-80-000212'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for serial devices\" do\n        subject { result }\n        it { should_not match 'Serial' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Checking the VM: stig vm2 for serial devices is expected not to match "Serial"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.VendorConfigOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: stigvm1 for serial devices is expected not to match "Serial"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.LivePortMovingAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for serial devices is expected not to match "Serial"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.NetworkResourcePoolOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for serial devices is expected not to match "Serial"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.TrafficFilterOverrideAllowed stdout.strip is expected to cmp &#x3D;&#x3D; &quot;False&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000302</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000302</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000302</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must reset port configuration when virtual machines are disconnected.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Port-level configuration overrides are disabled by default. Once enabled, this allows for different security settings to be set from what is established at the Port Group level. If overrides are not monitored, anyone who gains access to a VM with a less secure VDS configuration could exploit that broader access.
-
-If any unknown or unauthorized per-port overrides exist and are not discarded when a virtual machine is disconnected from that port then a future virtual machine connected to that port may receive a less secure port.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If distributed switches are not used, this is not applicable.
-
-From the vSphere Client, go to &quot;Networking&quot;.
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for serial devices is expected not to match "Serial"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000213</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must remove unneeded USB devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
 
-Review the &quot;Configure reset at disconnect&quot; setting.
+Review the VMs hardware and verify no USB devices exist.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:
 
-(Get-VDPortgroup).ExtensionData.Config.Policy.PortConfigResetAtDisconnect
+Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match "usb"}
+Get-VM | Get-UsbDevice
 
-If there are any distributed port groups with &quot;Configure reset at disconnect&quot; configured to &quot;disabled&quot; or &quot;False&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to &quot;Networking&quot;.
+If a virtual machine has any USB devices or USB controllers present, this is a finding.
 
-Select a distributed switch &gt;&gt; Select a distributed port group &gt;&gt; Configure &gt;&gt; Settings &gt;&gt; Properties.
+If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Click &quot;Edit&quot;.
+From the vSphere Client, right-click the Virtual Machine and go to "Edit Settings".
 
-Select advanced and update &quot;Configure reset at disconnect&quot; to be enabled and click &quot;OK&quot;.
+Select the USB controller, click the circled "X" to remove it, and click "OK".
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following command:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
+
+Get-VM "VM Name" | Get-USBDevice | Remove-USBDevice
+
+Note:  This will not remove the USB controller, just any connected devices.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000213' do\n  title 'Virtual machines (VMs) must remove unneeded USB devices.'\n  desc  'Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Review the VMs hardware and verify no USB devices exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following commands:\n\n    Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match \\\"usb\\\"}\n    Get-VM | Get-UsbDevice\n\n    If a virtual machine has any USB devices or USB controllers present, this is a finding.\n\n    If USB smart card readers are used to pass smart cards through the VM console to a VM, the use of a USB controller and USB devices for that purpose is not a finding.\n  \"\n  desc  'fix', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, right-click the Virtual Machine and go to \\\"Edit Settings\\\".\n\n    Select the USB controller, click the circled \\\"X\\\" to remove it, and click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-USBDevice | Remove-USBDevice\n\n    Note:  This will not remove the USB controller, just any connected devices.\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000213'\n  tag rid: 'SV-VMCH-80-000213'\n  tag stig_id: 'VMCH-80-000213'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"(Get-VM -Name '#{vm}').ExtensionData.Config.Hardware.Device.DeviceInfo.label\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for USB devices\" do\n        subject { result }\n        it { should_not match 'USB' }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>Open</STATUS>
+				<FINDING_DETAILS>failed :: TEST Checking the VM: stig vm2 for USB devices is expected not to match "USB" :: MESSAGE expected "IDE 0\r\nIDE 1\r\nPS2 controller 0\r\nPCI controller 0\r\nSIO controller 0\r\nKeyboard \r\nPointing ...er \r\nSCSI controller 0\r\nSATA controller 0\r\nCD/DVD drive 1\r\nHard disk 1\r\nNetwork adapter 1" not to match "USB"
+Diff:
+@@ -1,15 +1,29 @@
+-USB
++IDE 0
++IDE 1
++PS2 controller 0
++PCI controller 0
++SIO controller 0
++Keyboard 
++Pointing device
++Video card 
++VMCI device
++USB xHCI controller 
++SCSI controller 0
++SATA controller 0
++CD/DVD drive 1
++Hard disk 1
++Network adapter 1
 
-$pgs &#x3D; Get-VDPortgroup | Get-View
-ForEach($pg in $pgs){
-$spec &#x3D; New-Object VMware.Vim.DVPortgroupConfigSpec
-$spec.configversion &#x3D; $pg.Config.ConfigVersion
-$spec.Policy &#x3D; New-Object VMware.Vim.VMwareDVSPortgroupPolicy
-$spec.Policy.PortConfigResetAtDisconnect &#x3D; $True
-$pg.ReconfigureDVPortgroup_Task($spec)
-}</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>eb7ef54f-2973-4c25-a56c-8d3eff6be2d4</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>NotAFinding</STATUS>
-				<FINDING_DETAILS>passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 1-DVUplinks-40&quot;).ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;
---------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 1&quot;).ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 2&quot;).ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;
+failed :: TEST Checking the VM: stigvm1 for USB devices is expected not to match "USB" :: MESSAGE expected "IDE 0\r\nIDE 1\r\nPS2 controller 0\r\nPCI controller 0\r\nSIO controller 0\r\nKeyboard \r\nPointing ...er \r\nSCSI controller 0\r\nSATA controller 0\r\nCD/DVD drive 1\r\nHard disk 1\r\nNetwork adapter 1" not to match "USB"
+Diff:
+@@ -1,15 +1,29 @@
+-USB
++IDE 0
++IDE 1
++PS2 controller 0
++PCI controller 0
++SIO controller 0
++Keyboard 
++Pointing device
++Video card 
++VMCI device
++USB xHCI controller 
++SCSI controller 0
++SATA controller 0
++CD/DVD drive 1
++Hard disk 1
++Network adapter 1
+
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VDSwitch STIG 2-DVUplinks-44&quot;).ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for USB devices is expected not to match "USB"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 3&quot;).ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for USB devices is expected not to match "USB"
 --------------------------------
-passed
-PowerCLI Command: (Get-VDPortgroup -Name &quot;VD PG 4&quot;).ExtensionData.Config.Policy.PortConfigResetAtDisconnect stdout.strip is expected to cmp &#x3D;&#x3D; &quot;True&quot;</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000303</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000303</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000303</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must disable Secure Shell (SSH) access.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vCenter Server is delivered as an appliance, and intended to be managed through the VAMI, vSphere Client, and APIs. SSH is a troubleshooting and support tool and should only be enabled when necessary.
-
-vCenter Server High Availability uses SSH to coordinate the replication and failover between the nodes. Use of this feature requires SSH to remain enabled.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
-
-Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
-
-Select &quot;Access&quot; on the left navigation pane.
-
-If &quot;SSH Login&quot; is not &quot;Deactivated&quot;, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Open the Virtual Appliance Management Interface (VAMI) by navigating to https:&#x2F;&#x2F;&lt;vCenter server&gt;:5480.
-
-Log in with local operating system administrative credentials or with a Single Sign-On (SSO) account that is a member of the &quot;SystemConfiguration.BashShellAdministrator&quot; group.
-
-Select &quot;Access&quot; on the left navigation pane.
-
-Click &quot;Edit&quot; then disable &quot;Activate SSH Login&quot; and click &quot;OK&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>68a5da38-6cbd-4f3a-83d1-c03a2449230c</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-True is expected not to cmp &#x3D;&#x3D; &quot;true&quot;
-
-expected: true
-     got: True
-
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-			<VULN>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>V-VCSA-80-000304</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SRG-APP-000516</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>SV-VCSA-80-000304</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>VCSA-80-000304</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>The vCenter Server must enable data in transit encryption for vSAN.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>Transit encryption must be enabled to prevent unauthorized disclosure information and to protect the confidentiality of organizational information.
-
-vSAN data-in-transit encryption has the following characteristics:
--vSAN uses AES-256 bit encryption on data in transit.
--Forward secrecy is enforced for vSAN data-in-transit encryption.
--Traffic between data hosts and witness hosts is encrypted.
--File service data traffic between the VDFS proxy and VDFS server is encrypted.
--vSAN file services inter-host connections are encrypted.
--vSAN uses symmetric keys that are generated dynamically and shared between hosts. Hosts dynamically generate an encryption key when they establish a connection, and they use the key to encrypt all traffic between the hosts. You do not need a key management server to perform data-in-transit encryption.
-
-Each host is authenticated when it joins the cluster, ensuring connections only to trusted hosts are allowed. When a host is removed from the cluster, it is authentication certificate is removed.
-
-vSAN data-in-transit encryption is a cluster-wide setting. When enabled, all data and metadata traffic is encrypted as it transits across hosts.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>If no clusters are enabled for vSAN, this is not applicable.
-
-From the vSphere Client, go to Host and Clusters.
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for USB devices is expected not to match "USB"</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+			<VULN>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Num</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000214</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>medium</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SRG-OS-000480-VMM-002000</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_ID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>SV-VMCH-80-000214</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Ver</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMCH-80-000214</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Rule_Title</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Virtual machines (VMs) must disable DirectPath I/O devices when not required.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Vuln_Discuss</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>IA_Controls</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>For each virtual machine do the following:
 
-Select the vCenter Server &gt;&gt; Select the cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
+From the vSphere Client, view the Summary tab.
 
-Review the &quot;Data-in-transit encryption&quot; status.
+Review the PCI devices section and verify none exist.
 
 or
 
-From a PowerCLI command prompt while connected to the vCenter server, run the following commands:
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-$vsanclusterconf &#x3D; Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system
-$vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name &lt;cluster name&gt;).ExtensionData.MoRef).DataInTransitEncryptionConfig
+Get-VM "VM Name" | Get-PassthroughDevice
 
-Repeat these steps for each vSAN enabled cluster in the environment.
+If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings &gt;&gt; Virtual Hardware tab.
 
-If &quot;Data-In-Transit encryption&quot; is not enabled, this is a finding.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Fix_Text</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>From the vSphere Client, go to Host and Clusters.
+Find the unexpected PCI device returned from the check.
 
-Select the vCenter Server &gt;&gt; Select the target cluster &gt;&gt; Configure &gt;&gt; vSAN &gt;&gt; Services &gt;&gt; Data Services.
+Hover the mouse over the device and click the circled "X" to remove the device. Click "OK".
 
-Click &quot;Edit&quot;.
-
-Enable &quot;Data-In-Transit encryption&quot; and choose a rekey interval suitable for the environment then click &quot;Apply&quot;.</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>vmware-vsphere-8.0-stig-baseline </ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>0</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>20e9609b-79fd-4a8d-a6b6-31ccccec7fc7</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>LEGACY_ID</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STIG_DATA>
-					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
-					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
-				</STIG_DATA>
-				<STATUS>Open</STATUS>
-				<FINDING_DETAILS>failed
-PowerCLI Command: $vsanclusterconf &#x3D; Get-VsanView -Id VsanVcClusterConfigSystem-vsan-cluster-config-system; $vsanclusterconf.VsanClusterGetConfig((Get-Cluster -Name cluster0).ExtensionData.MoRef).DataInTransitEncryptionConfig.Enabled stdout.strip is expected to cmp &#x3D;&#x3D; &quot;true&quot;
+or
 
-expected: true
-     got: 
+From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:
 
-(compared using &#x60;cmp&#x60; matcher)
-</FINDING_DETAILS>
-				<COMMENTS></COMMENTS>
-				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
-				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
-			</VULN>
-		</iSTIG>
-	</STIGS>
+Get-VM "VM Name" | Get-PassthroughDevice | Remove-PassthroughDevice</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Positives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>False_Negatives</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Documentable</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>false</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigations</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Potential_Impact</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Third_Party_Tools</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>{
+  "hdfSpecificData": {
+    "code": "control 'VMCH-80-000214' do\n  title 'Virtual machines (VMs) must disable DirectPath I/O devices when not required.'\n  desc  'VMDirectPath I/O (PCI passthrough) enables direct assignment of hardware PCI functions to VMs. This gives the VM access to the PCI functions with minimal intervention from the ESXi host. This is a powerful feature for legitimate applications such as virtualized storage appliances, backup appliances, dedicated graphics, etc., but it also allows a potential attacker highly privileged access to underlying hardware and the PCI bus.'\n  desc  'rationale', ''\n  desc  'check', \"\n    For each virtual machine do the following:\n\n    From the vSphere Client, view the Summary tab.\n\n    Review the PCI devices section and verify none exist.\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice\n\n    If the virtual machine has passthrough devices present, and the specific device returned is not approved, this is a finding.\n  \"\n  desc 'fix', \"\n    From the vSphere Client, select the Virtual Machine, right click and go to Edit Settings &gt;&gt; Virtual Hardware tab.\n\n    Find the unexpected PCI device returned from the check.\n\n    Hover the mouse over the device and click the circled \\\"X\\\" to remove the device. Click \\\"OK\\\".\n\n    or\n\n    From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:\n\n    Get-VM \\\"VM Name\\\" | Get-PassthroughDevice | Remove-PassthroughDevice\n  \"\n  impact 0.5\n  tag severity: 'medium'\n  tag gtitle: 'SRG-OS-000480-VMM-002000'\n  tag gid: 'V-VMCH-80-000214'\n  tag rid: 'SV-VMCH-80-000214'\n  tag stig_id: 'VMCH-80-000214'\n  tag cci: ['CCI-000366']\n  tag nist: ['CM-6 b']\n\n  vmName = input('vmName')\n  allvms = input('allvms')\n  vms = []\n\n  unless vmName.empty?\n    vms = powercli_command(\"Get-VM -Name #{vmName} | Sort-Object Name | Select -ExpandProperty Name\").stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n  unless allvms == false\n    vms = powercli_command('Get-VM | Sort-Object Name | Select -ExpandProperty Name').stdout.gsub(\"\\r\\n\", \"\\n\").split(\"\\n\")\n  end\n\n  if !vms.empty?\n    vms.each do |vm|\n      command = \"Get-VM -Name '#{vm}' | Get-PassthroughDevice\"\n      result = powercli_command(command).stdout.strip\n      describe \"Checking the VM: #{vm} for PCI passthrough devices\" do\n        subject { result }\n        it { should be_empty }\n      end\n    end\n  else\n    describe 'No VMs found!' do\n      skip 'No VMs found...skipping tests'\n    end\n  end\nend\n"
+  }
+}</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Mitigation_Control</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Responsibility</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Security_Override_Guidance</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Check_Content_Ref</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>M</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Weight</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>10.0</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>Class</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>Unclass</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIGRef</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>VMware vSphere 8.0 Virtual Machine STIG Readiness Guide :: Version 1</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>TargetKey</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>STIG_UUID</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA></ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STIG_DATA>
+					<VULN_ATTRIBUTE>CCI_REF</VULN_ATTRIBUTE>
+					<ATTRIBUTE_DATA>CCI-000366</ATTRIBUTE_DATA>
+				</STIG_DATA>
+				<STATUS>NotAFinding</STATUS>
+				<FINDING_DETAILS>passed :: TEST Checking the VM: stig vm2 for PCI passthrough devices is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: stigvm1 for PCI passthrough devices is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: vCLS-1446f2cc-b6b7-4778-84b7-f73f758dd46c for PCI passthrough devices is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: vCLS-28a51340-7070-4437-b4b1-a87b7480ac7d for PCI passthrough devices is expected to be empty
+--------------------------------
+passed :: TEST Checking the VM: vCLS-b680b5a0-5434-48a0-8420-82c95e5ab481 for PCI passthrough devices is expected to be empty</FINDING_DETAILS>
+				<COMMENTS></COMMENTS>
+				<SEVERITY_OVERRIDE></SEVERITY_OVERRIDE>
+				<SEVERITY_JUSTIFICATION></SEVERITY_JUSTIFICATION>
+			</VULN>
+		</iSTIG>
+	</STIGS>
 </CHECKLIST>
\ No newline at end of file
diff --git a/test/sample_data/dbprotect/dbprotect-check-hdf-withraw.json b/test/sample_data/dbprotect/dbprotect-check-hdf-withraw.json
index 230b4e01f..1c12a3019 100644
--- a/test/sample_data/dbprotect/dbprotect-check-hdf-withraw.json
+++ b/test/sample_data/dbprotect/dbprotect-check-hdf-withraw.json
@@ -1 +1,91126 @@
-{"platform":{"name":"Heimdall Tools","release":"2.6.50"},"version":"2.6.50","statistics":{},"profiles":[{"name":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","title":"Heimdal Test scan report generation","summary":"Organization : TEST ORGANIZATION (Local DBP server)\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 10.0.10.204, 1433, MSSQLSERVER ","supports":[],"attributes":[],"groups":[],"status":"loaded","controls":[{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Schema ownership","id":"2986","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2986\",\n  \"Check\": \"Schema ownership\",\n  \"Details\": \"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=AppDetective;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=DbPAnalytics;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=dbpdatawarehouse;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=dbpstaging;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=master;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=model;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=msdb;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=tempdb;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=AppDetective;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=DbPAnalytics;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=dbpdatawarehouse;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=dbpstaging;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=master;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=model;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=msdb;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=tempdb;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=AppDetective;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=DbPAnalytics;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=dbpdatawarehouse;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=dbpstaging;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=master;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=model;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=msdb;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=tempdb;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=AppDetective;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=DbPAnalytics;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=dbpdatawarehouse;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=dbpstaging;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=master;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=model;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=msdb;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=tempdb;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=AppDetective;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=DbPAnalytics;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=dbpdatawarehouse;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=dbpstaging;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=master;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=model;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=msdb;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=tempdb;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=AppDetective;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=DbPAnalytics;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=dbpdatawarehouse;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=dbpstaging;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=master;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=model;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=msdb;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=tempdb;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=AppDetective;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=DbPAnalytics;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=dbpdatawarehouse;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=dbpstaging;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=master;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=model;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=msdb;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=tempdb;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=AppDetective;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=DbPAnalytics;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=dbpdatawarehouse;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=dbpstaging;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=master;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=model;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=msdb;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=tempdb;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=AppDetective;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=DbPAnalytics;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=dbpdatawarehouse;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=dbpstaging;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=master;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=model;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=msdb;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=tempdb;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ssisadmin;Database=msdb;Owner name=db_ssisadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ssisltduser;Database=msdb;Owner name=db_ssisltduser","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ssisoperator;Database=msdb;Owner name=db_ssisoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=AppDetective;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=DbPAnalytics;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=dbpdatawarehouse;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=dbpstaging;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=master;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=model;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=msdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=tempdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=AppDetective;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=DbPAnalytics;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=dbpdatawarehouse;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=dbpstaging;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=master;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=model;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=msdb;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=tempdb;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=AppDetective;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=DbPAnalytics;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=dbpdatawarehouse;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=dbpstaging;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=master;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=model;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=msdb;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=tempdb;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=managed_backup;Database=msdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=smart_admin;Database=msdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=SQLAgentOperatorRole;Database=msdb;Owner name=SQLAgentOperatorRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=SQLAgentReaderRole;Database=msdb;Owner name=SQLAgentReaderRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=SQLAgentUserRole;Database=msdb;Owner name=SQLAgentUserRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=AppDetective;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=DbPAnalytics;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=dbpdatawarehouse;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=dbpstaging;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=master;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=model;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=msdb;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=tempdb;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=TargetServersRole;Database=msdb;Owner name=TargetServersRole","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Symmetric encryption keys","id":"2903","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2903\",\n  \"Check\": \"Symmetric encryption keys\",\n  \"Details\": \"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Availability of audited database","id":"2941","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2941\",\n  \"Check\": \"Availability of audited database\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Disable communication protocols that are not required","id":"2940","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2940\",\n  \"Check\": \"Disable communication protocols that are not required\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=Shared Memory","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=TCP/IP","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"List SQL logins - instance level and in contained databases","id":"2994","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2994\",\n  \"Check\": \"List SQL logins - instance level and in contained databases\",\n  \"Details\": \"Is Disabled=False;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Is Disabled=False;Login=sa","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Disabled=True;Login=##MS_PolicyEventProcessingLogin##","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Disabled=True;Login=##MS_PolicyTsqlExecutionLogin##","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS network port, protocol, and services (PPS) configuration","id":"2761","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2761\",\n  \"Check\": \"DBMS network port, protocol, and services (PPS) configuration\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=Shared Memory","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=TCP/IP","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP1:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP2:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP3:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP4:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP5:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP6:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP7:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IPAll:1433","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit is not set to shut down server on error","id":"2893","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2893\",\n  \"Check\": \"Audit is not set to shut down server on error\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Unused SQL Server services and software components should be removed","id":"2900","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2900\",\n  \"Check\": \"Unused SQL Server services and software components should be removed\",\n  \"Details\": \"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Software Component=SQL Server CEIP service","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Software Component=SQL Server FullText Search","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Browser Service enabled","id":"2841","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2841\",\n  \"Check\": \"Browser Service enabled\",\n  \"Details\": \"Check \\\"Browser Service enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Browser Service enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS services dedicated custom account","id":"2768","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2768\",\n  \"Check\": \"DBMS services dedicated custom account\",\n  \"Details\": \"Check \\\"DBMS services dedicated custom account\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"DBMS services dedicated custom account\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Server is synchronized with an official time server","id":"2946","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2946\",\n  \"Check\": \"Server is synchronized with an official time server\",\n  \"Details\": \"Check \\\"Server is synchronized with an official time server\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Server is synchronized with an official time server\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Instant File Initialization is enabled","id":"2987","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2987\",\n  \"Check\": \"Instant File Initialization is enabled\",\n  \"Details\": \"Check \\\"Instant File Initialization is enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Instant File Initialization is enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Members of local Administrators group","id":"2990","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2990\",\n  \"Check\": \"Members of local Administrators group\",\n  \"Details\": \"Check \\\"Members of local Administrators group\\\" execution failed: User credentials cannot be used for local connections .\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Members of local Administrators group\" execution failed: User credentials cannot be used for local connections .","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Protection of DBMS asymmetric encryption keys","id":"2801","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"System Table Permissions","id":"2830","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS audit record access","id":"2790","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on Data Root directory","id":"2919","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission on registry extended proc","id":"2555","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS software library permissions","id":"2771","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Default 'sa' account not present","id":"2814","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=sa","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS backup files access","id":"2865","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_15_031503_1017047.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_17_031505_6520841.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_18_031503_7109667.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_16_031502_7303082.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_17_031505_6364592.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CONTROL SERVER permission granted","id":"2877","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=EISO\\\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_jrose;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_srobbins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_trothschild;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\SVC-DBProtect;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Non-DBA accounts with DDL privileges","id":"2920","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Standard SQL Server authentication allowed","id":"2540","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Standard Login allowed.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Encryption of DBMS sensitive data in transit","id":"2759","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"ForceEncryption=False","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"The NT AUTHORITY\\SYSTEM account is used for administration","id":"2985","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged role assignments","id":"2819","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=EISO\\\\a_dbrown\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_dbrown","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_jrose","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_srobbins","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_trothschild","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\SQLAdmins","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\SVC-DBProtect","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT Service\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT SERVICE\\SQLWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT SERVICE\\Winmgmt","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Dedicated data file directories","id":"2770","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Remote access allowed","id":"2545","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Value in use=1;Name=remote access;Value=1","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of successful logins","id":"2569","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of failed logins","id":"2570","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Audit of failed logins is not performed by AUDIT","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"'sa' account has not been disabled","id":"2745","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Status=Enabled;Login=sa","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database job/batch queue reviewing","id":"2780","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"SQL Server job history record=DBBackups.FullBackup","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"SQL Server job history record=syspolicy_purge_history","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged action audit","id":"2826","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Value in use=1;Name=default trace enabled;Value=1","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CHECK_EXPIRATION option","id":"2880","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database not encrypted","id":"2897","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=AppDetective","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=DbPAnalytics","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=dbpdatawarehouse","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=dbpstaging","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit concurrent logons","id":"2935","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit unsuccessful attempts to execute privileged activities","id":"2936","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit privileged activities","id":"2937","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Generate audit records for important events","id":"2962","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Found no acceptable server audit specification.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Customer Feedback and Error Reporting","id":"2975","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"EnableErrorReporting=Enabled;CustomerFeedback=Enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Server audit startup","id":"2992","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=There are no server audits that automatically start during system start-up","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Use of an approved TLS version","id":"2995","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on error log folder","id":"2869","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Service pack not applied on time","id":"2888","desc":"Task : Audit; Check Category : Patchable Vulnerabilities","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission to configure Server Audit to audit at the server level","id":"2942","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2942\",\n  \"Check\": \"Permission to configure Server Audit to audit at the server level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission to configure Server Audit to audit at the database level","id":"2944","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2944\",\n  \"Check\": \"Permission to configure Server Audit to audit at the database level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server must protect against a user falsely repudiating","id":"2988","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2988\",\n  \"Check\": \"SQL Server must protect against a user falsely repudiating\",\n  \"Details\": \"Additional information=There are no server or database pricincipals mapped to remote computer accounts.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=There are no server or database pricincipals mapped to remote computer accounts.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Contained database user with password found","id":"2871","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2871\",\n  \"Check\": \"Contained database user with password found\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Logon Trigger Exists","id":"2901","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2901\",\n  \"Check\": \"Logon Trigger Exists\",\n  \"Details\": \"Additional information=No logon triggers found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=No logon triggers found.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Stored procedures and functions that utilize impersonation","id":"2984","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2984\",\n  \"Check\": \"Stored procedures and functions that utilize impersonation\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers","id":"2993","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2993\",\n  \"Check\": \"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database TRUSTWORTHY status","id":"2805","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2805\",\n  \"Check\": \"Database TRUSTWORTHY status\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations","id":"2934","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2934\",\n  \"Check\": \"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations\",\n  \"Details\": \"FIPS=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"FIPS=Enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS application object ownership","id":"2817","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2817\",\n  \"Check\": \"DBMS application object ownership\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"User-defined extended stored procedures","id":"2848","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2848\",\n  \"Check\": \"User-defined extended stored procedures\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit Retrieval of privileges/permissions (SQLAudit)","id":"2938","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2938\",\n  \"Check\": \"Audit Retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)","id":"2939","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2939\",\n  \"Check\": \"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Disable Filestream feature","id":"2945","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2945\",\n  \"Check\": \"Disable Filestream feature\",\n  \"Details\": \"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Temporal tables","id":"2989","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2989\",\n  \"Check\": \"Temporal tables\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Hide Instance option","id":"2883","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2883\",\n  \"Check\": \"Hide Instance option\",\n  \"Details\": \"Hide instance=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Hide instance=1","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"xp_cmdshell not removed/not disabled","id":"2553","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2553\",\n  \"Check\": \"xp_cmdshell not removed/not disabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Sample database not removed","id":"2622","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2622\",\n  \"Check\": \"Sample database not removed\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS dedicated software directory and partition","id":"2766","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2766\",\n  \"Check\": \"DBMS dedicated software directory and partition\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database Master Key: is_master_key_encrypted_by_server","id":"2782","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2782\",\n  \"Check\": \"Database Master Key: is_master_key_encrypted_by_server\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Symmetric Keys: allowed encryption algorithms","id":"2788","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2788\",\n  \"Check\": \"Symmetric Keys: allowed encryption algorithms\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CLR objects allowed","id":"2792","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2792\",\n  \"Check\": \"CLR objects allowed\",\n  \"Details\": \"Value in use=0;Name=clr enabled;Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value in use=0;Name=clr enabled;Value=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Named Pipes network protocol is enabled","id":"2807","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2807\",\n  \"Check\": \"Named Pipes network protocol is enabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"OLE automation procedures configuration","id":"2882","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2882\",\n  \"Check\": \"OLE automation procedures configuration\",\n  \"Details\": \"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CLR assembly permission set is not equal to SAFE","id":"2947","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2947\",\n  \"Check\": \"CLR assembly permission set is not equal to SAFE\",\n  \"Details\": \"Additional information=CLR support is not enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=CLR support is not enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Hadoop Connectivity feature must be disabled","id":"2977","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2977\",\n  \"Check\": \"Hadoop Connectivity feature must be disabled\",\n  \"Details\": \"Value=0;Name=hadoop connectivity;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=hadoop connectivity;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Replication XPs feature must be disabled","id":"2978","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2978\",\n  \"Check\": \"Replication XPs feature must be disabled\",\n  \"Details\": \"Value=0;Name=Replication XPs;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=Replication XPs;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"User Options feature must be disabled","id":"2979","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2979\",\n  \"Check\": \"User Options feature must be disabled\",\n  \"Details\": \"Value=0;Name=user options;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=user options;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"External Scripts Enabled feature must be disabled","id":"2980","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2980\",\n  \"Check\": \"External Scripts Enabled feature must be disabled\",\n  \"Details\": \"Value=0;Name=external scripts enabled;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=external scripts enabled;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Allow Polybase Export feature must be disabled","id":"2981","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2981\",\n  \"Check\": \"Allow Polybase Export feature must be disabled\",\n  \"Details\": \"Value=0;Name=allow polybase export;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=allow polybase export;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Remote Data Archive feature must be disabled","id":"2982","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2982\",\n  \"Check\": \"Remote Data Archive feature must be disabled\",\n  \"Details\": \"Value=0;Name=remote data archive;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=remote data archive;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Access to linked servers","id":"2983","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2983\",\n  \"Check\": \"Access to linked servers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on files","id":"2662","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2662\",\n  \"Check\": \"Permissions on files\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Use of credentials and proxies","id":"2991","desc":"Task : Audit; Check Category : Other","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Other\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2991\",\n  \"Check\": \"Use of credentials and proxies\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS Password Complexity","id":"2778","desc":"Task : Audit; Check Category : Weak Passwords","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2778\",\n  \"Check\": \"DBMS Password Complexity\",\n  \"Details\": \"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database Master Key: encryption password","id":"2786","desc":"Task : Audit; Check Category : Weak Passwords","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2786\",\n  \"Check\": \"Database Master Key: encryption password\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Common criteria compliance disabled","id":"2800","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2800\",\n  \"Check\": \"Common criteria compliance disabled\",\n  \"Details\": \"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server Service Broker endpoint encryption","id":"2973","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2973\",\n  \"Check\": \"SQL Server Service Broker endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Service Broker endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Check is not applicable to this server version. There are no Service Broker endpoints configured.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server Mirroring endpoint encryption","id":"2974","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2974\",\n  \"Check\": \"SQL Server Mirroring endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Mirroring endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Check is not applicable to this server version. There are no Mirroring endpoints configured.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server Usage and Error Reporting Auditing","id":"2976","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2976\",\n  \"Check\": \"SQL Server Usage and Error Reporting Auditing\",\n  \"Details\": \"Microsoft Analysis Services (OLAP) has not been found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Microsoft Analysis Services (OLAP) has not been found.","start_time":"Feb 18 2021 15:57"}]}],"sha256":"4e8cd51a220ef764426414641d4d386758aca62dceb554d0d1da1f437d4af25c"}],"passthrough":{"raw":{"data":[{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=AppDetective;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=DbPAnalytics;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=dbpdatawarehouse;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=dbpstaging;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=master;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=model;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=msdb;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_accessadmin;Database=tempdb;Owner name=db_accessadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=AppDetective;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=DbPAnalytics;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=dbpdatawarehouse;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=dbpstaging;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=master;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=model;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=msdb;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_backupoperator;Database=tempdb;Owner name=db_backupoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=AppDetective;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=DbPAnalytics;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=dbpdatawarehouse;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=dbpstaging;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=master;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=model;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=msdb;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datareader;Database=tempdb;Owner name=db_datareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=AppDetective;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=DbPAnalytics;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=dbpdatawarehouse;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=dbpstaging;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=master;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=model;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=msdb;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_datawriter;Database=tempdb;Owner name=db_datawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=AppDetective;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=DbPAnalytics;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=dbpdatawarehouse;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=dbpstaging;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=master;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=model;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=msdb;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ddladmin;Database=tempdb;Owner name=db_ddladmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=AppDetective;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=DbPAnalytics;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=dbpdatawarehouse;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=dbpstaging;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=master;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=model;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=msdb;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatareader;Database=tempdb;Owner name=db_denydatareader","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=AppDetective;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=DbPAnalytics;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=dbpdatawarehouse;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=dbpstaging;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=master;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=model;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=msdb;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_denydatawriter;Database=tempdb;Owner name=db_denydatawriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=AppDetective;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=DbPAnalytics;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=dbpdatawarehouse;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=dbpstaging;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=master;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=model;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=msdb;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_owner;Database=tempdb;Owner name=db_owner","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=AppDetective;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=DbPAnalytics;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=dbpdatawarehouse;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=dbpstaging;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=master;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=model;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=msdb;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_securityadmin;Database=tempdb;Owner name=db_securityadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ssisadmin;Database=msdb;Owner name=db_ssisadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ssisltduser;Database=msdb;Owner name=db_ssisltduser","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=db_ssisoperator;Database=msdb;Owner name=db_ssisoperator","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=AppDetective;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=DbPAnalytics;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=dbpdatawarehouse;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=dbpstaging;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=master;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=model;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=msdb;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=dbo;Database=tempdb;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=AppDetective;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=DbPAnalytics;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=dbpdatawarehouse;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=dbpstaging;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=master;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=model;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=msdb;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=guest;Database=tempdb;Owner name=guest","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=AppDetective;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=DbPAnalytics;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=dbpdatawarehouse;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=dbpstaging;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=master;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=model;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=msdb;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=INFORMATION_SCHEMA;Database=tempdb;Owner name=INFORMATION_SCHEMA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=managed_backup;Database=msdb;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=smart_admin;Database=msdb;Owner name=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=SQLAgentOperatorRole;Database=msdb;Owner name=SQLAgentOperatorRole","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=SQLAgentReaderRole;Database=msdb;Owner name=SQLAgentReaderRole","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=SQLAgentUserRole;Database=msdb;Owner name=SQLAgentUserRole","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=AppDetective;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=DbPAnalytics;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=dbpdatawarehouse;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=dbpstaging;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=master;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=model;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=msdb;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=sys;Database=tempdb;Owner name=sys","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2986","Check":"Schema ownership","Details":"Schema name=TargetServersRole;Database=msdb;Owner name=TargetServersRole","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2903","Check":"Symmetric encryption keys","Details":"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2941","Check":"Availability of audited database","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2940","Check":"Disable communication protocols that are not required","Details":"Protocol=Shared Memory","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2940","Check":"Disable communication protocols that are not required","Details":"Protocol=TCP/IP","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2994","Check":"List SQL logins - instance level and in contained databases","Details":"Is Disabled=False;Login=sa","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2994","Check":"List SQL logins - instance level and in contained databases","Details":"Is Disabled=True;Login=##MS_PolicyEventProcessingLogin##","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2994","Check":"List SQL logins - instance level and in contained databases","Details":"Is Disabled=True;Login=##MS_PolicyTsqlExecutionLogin##","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"Protocol=Shared Memory","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"Protocol=TCP/IP","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP1:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP2:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP3:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP4:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP5:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP6:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IP7:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2761","Check":"DBMS network port, protocol, and services (PPS) configuration","Details":"TCP Port=IPAll:1433","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2893","Check":"Audit is not set to shut down server on error","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2900","Check":"Unused SQL Server services and software components should be removed","Details":"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2900","Check":"Unused SQL Server services and software components should be removed","Details":"Software Component=SQL Server CEIP service","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Fact","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2900","Check":"Unused SQL Server services and software components should be removed","Details":"Software Component=SQL Server FullText Search","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Failed","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2841","Check":"Browser Service enabled","Details":"Check \"Browser Service enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Failed","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2768","Check":"DBMS services dedicated custom account","Details":"Check \"DBMS services dedicated custom account\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Failed","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2946","Check":"Server is synchronized with an official time server","Details":"Check \"Server is synchronized with an official time server\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Failed","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2987","Check":"Instant File Initialization is enabled","Details":"Check \"Instant File Initialization is enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Failed","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2990","Check":"Members of local Administrators group","Details":"Check \"Members of local Administrators group\" execution failed: User credentials cannot be used for local connections .","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2801","Check":"Protection of DBMS asymmetric encryption keys","Details":"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2801","Check":"Protection of DBMS asymmetric encryption keys","Details":"Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2555","Check":"Permission on registry extended proc","Details":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2555","Check":"Permission on registry extended proc","Details":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2814","Check":"Default 'sa' account not present","Details":"Account Name=sa","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_15_031503_1017047.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_16_031502_7459310.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_17_031505_6520841.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_18_031503_7109667.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_16_031502_7303082.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_17_031505_6208319.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_18_031503_6953315.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_16_031502_7459310.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_17_031505_6364592.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_18_031503_6953315.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=EISO\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=EISO\\a_jrose;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=EISO\\a_srobbins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=EISO\\a_trothschild;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=EISO\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=EISO\\SVC-DBProtect;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2540","Check":"Standard SQL Server authentication allowed","Details":"Additional information=Standard Login allowed.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2759","Check":"Encryption of DBMS sensitive data in transit","Details":"ForceEncryption=False","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2985","Check":"The NT AUTHORITY\\SYSTEM account is used for administration","Details":"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2985","Check":"The NT AUTHORITY\\SYSTEM account is used for administration","Details":"Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2985","Check":"The NT AUTHORITY\\SYSTEM account is used for administration","Details":"Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=EISO\\a_dbrown","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=EISO\\a_jrose","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=EISO\\a_srobbins","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=EISO\\a_trothschild","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=EISO\\SQLAdmins","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=EISO\\SVC-DBProtect","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT Service\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT SERVICE\\SQLWriter","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT SERVICE\\Winmgmt","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpstaging];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2545","Check":"Remote access allowed","Details":"Value in use=1;Name=remote access;Value=1","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2569","Check":"Auditing of successful logins","Details":"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2570","Check":"Auditing of failed logins","Details":"Additional information=Audit of failed logins is not performed by AUDIT","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2745","Check":"'sa' account has not been disabled","Details":"Status=Enabled;Login=sa","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2780","Check":"Database job/batch queue reviewing","Details":"SQL Server job history record=DBBackups.FullBackup","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2780","Check":"Database job/batch queue reviewing","Details":"SQL Server job history record=syspolicy_purge_history","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2826","Check":"DBMS privileged action audit","Details":"Value in use=1;Name=default trace enabled;Value=1","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2880","Check":"CHECK_EXPIRATION option","Details":"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2880","Check":"CHECK_EXPIRATION option","Details":"Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2880","Check":"CHECK_EXPIRATION option","Details":"Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=AppDetective","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=DbPAnalytics","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=dbpdatawarehouse","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=dbpstaging","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2935","Check":"Audit concurrent logons","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2936","Check":"Audit unsuccessful attempts to execute privileged activities","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2937","Check":"Audit privileged activities","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2962","Check":"Generate audit records for important events","Details":"Additional information=Found no acceptable server audit specification.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2975","Check":"Customer Feedback and Error Reporting","Details":"EnableErrorReporting=Enabled;CustomerFeedback=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2992","Check":"Server audit startup","Details":"Additional information=There are no server audits that automatically start during system start-up","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Finding","Check Category":"Patchable Vulnerabilities","Risk DV":"High","Check ID":"2888","Check":"Service pack not applied on time","Details":"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2942","Check":"Permission to configure Server Audit to audit at the server level","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2944","Check":"Permission to configure Server Audit to audit at the database level","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2988","Check":"SQL Server must protect against a user falsely repudiating","Details":"Additional information=There are no server or database pricincipals mapped to remote computer accounts.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2871","Check":"Contained database user with password found","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2901","Check":"Logon Trigger Exists","Details":"Additional information=No logon triggers found.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2984","Check":"Stored procedures and functions that utilize impersonation","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2993","Check":"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2805","Check":"Database TRUSTWORTHY status","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2934","Check":"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations","Details":"FIPS=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2817","Check":"DBMS application object ownership","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2848","Check":"User-defined extended stored procedures","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2938","Check":"Audit Retrieval of privileges/permissions (SQLAudit)","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2939","Check":"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2945","Check":"Disable Filestream feature","Details":"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2989","Check":"Temporal tables","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2883","Check":"Hide Instance option","Details":"Hide instance=1","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2553","Check":"xp_cmdshell not removed/not disabled","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2622","Check":"Sample database not removed","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2766","Check":"DBMS dedicated software directory and partition","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2782","Check":"Database Master Key: is_master_key_encrypted_by_server","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2788","Check":"Symmetric Keys: allowed encryption algorithms","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2792","Check":"CLR objects allowed","Details":"Value in use=0;Name=clr enabled;Value=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2807","Check":"Named Pipes network protocol is enabled","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2882","Check":"OLE automation procedures configuration","Details":"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2947","Check":"CLR assembly permission set is not equal to SAFE","Details":"Additional information=CLR support is not enabled","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2977","Check":"Hadoop Connectivity feature must be disabled","Details":"Value=0;Name=hadoop connectivity;Value in use=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2978","Check":"Replication XPs feature must be disabled","Details":"Value=0;Name=Replication XPs;Value in use=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2979","Check":"User Options feature must be disabled","Details":"Value=0;Name=user options;Value in use=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2980","Check":"External Scripts Enabled feature must be disabled","Details":"Value=0;Name=external scripts enabled;Value in use=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2981","Check":"Allow Polybase Export feature must be disabled","Details":"Value=0;Name=allow polybase export;Value in use=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2982","Check":"Remote Data Archive feature must be disabled","Details":"Value=0;Name=remote data archive;Value in use=0","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2983","Check":"Access to linked servers","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2662","Check":"Permissions on files","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Other","Risk DV":"Medium","Check ID":"2991","Check":"Use of credentials and proxies","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Weak Passwords","Risk DV":"Medium","Check ID":"2778","Check":"DBMS Password Complexity","Details":"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Not A Finding","Check Category":"Weak Passwords","Risk DV":"Medium","Check ID":"2786","Check":"Database Master Key: encryption password","Details":"None","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Skipped","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2800","Check":"Common criteria compliance disabled","Details":"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Skipped","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2973","Check":"SQL Server Service Broker endpoint encryption","Details":"Check is not applicable to this server version. There are no Service Broker endpoints configured.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Skipped","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2974","Check":"SQL Server Mirroring endpoint encryption","Details":"Check is not applicable to this server version. There are no Mirroring endpoints configured.","Date":"Feb 18 2021 15:57"},{"Organization":"TEST ORGANIZATION (Local DBP server)","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"CONDS181","IP Address, Port, Instance":"10.0.10.204, 1433, MSSQLSERVER","Job Name":"Heimdal Test scan report generation","Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Result Status":"Skipped","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2976","Check":"SQL Server Usage and Error Reporting Auditing","Details":"Microsoft Analysis Services (OLAP) has not been found.","Date":"Feb 18 2021 15:57"}]}}}
\ No newline at end of file
+{
+    "platform": {
+        "name": "Heimdall Tools",
+        "release": "2.6.50"
+    },
+    "version": "2.6.50",
+    "statistics": {},
+    "profiles": [
+        {
+            "name": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+            "title": "Heimdal Test scan report generation",
+            "summary": "Organization : TEST ORGANIZATION (Local DBP server)\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 10.0.10.204, 1433, MSSQLSERVER ",
+            "supports": [],
+            "attributes": [],
+            "groups": [],
+            "status": "loaded",
+            "controls": [
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Schema ownership",
+                    "id": "2986",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2986\",\n  \"Check\": \"Schema ownership\",\n  \"Details\": \"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=AppDetective;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=DbPAnalytics;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=dbpdatawarehouse;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=dbpstaging;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=master;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=model;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=msdb;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_accessadmin;Database=tempdb;Owner name=db_accessadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=AppDetective;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=DbPAnalytics;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=dbpdatawarehouse;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=dbpstaging;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=master;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=model;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=msdb;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_backupoperator;Database=tempdb;Owner name=db_backupoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=AppDetective;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=DbPAnalytics;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=dbpdatawarehouse;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=dbpstaging;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=master;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=model;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=msdb;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datareader;Database=tempdb;Owner name=db_datareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=AppDetective;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=DbPAnalytics;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=dbpdatawarehouse;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=dbpstaging;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=master;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=model;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=msdb;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_datawriter;Database=tempdb;Owner name=db_datawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=AppDetective;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=DbPAnalytics;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=dbpdatawarehouse;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=dbpstaging;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=master;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=model;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=msdb;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ddladmin;Database=tempdb;Owner name=db_ddladmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=AppDetective;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=DbPAnalytics;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=dbpdatawarehouse;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=dbpstaging;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=master;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=model;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=msdb;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatareader;Database=tempdb;Owner name=db_denydatareader",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=AppDetective;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=DbPAnalytics;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=dbpdatawarehouse;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=dbpstaging;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=master;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=model;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=msdb;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_denydatawriter;Database=tempdb;Owner name=db_denydatawriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=AppDetective;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=DbPAnalytics;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=dbpdatawarehouse;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=dbpstaging;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=master;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=model;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=msdb;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_owner;Database=tempdb;Owner name=db_owner",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=AppDetective;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=DbPAnalytics;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=dbpdatawarehouse;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=dbpstaging;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=master;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=model;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=msdb;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_securityadmin;Database=tempdb;Owner name=db_securityadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ssisadmin;Database=msdb;Owner name=db_ssisadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ssisltduser;Database=msdb;Owner name=db_ssisltduser",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=db_ssisoperator;Database=msdb;Owner name=db_ssisoperator",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=AppDetective;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=DbPAnalytics;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=dbpdatawarehouse;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=dbpstaging;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=master;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=model;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=msdb;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=dbo;Database=tempdb;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=AppDetective;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=DbPAnalytics;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=dbpdatawarehouse;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=dbpstaging;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=master;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=model;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=msdb;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=guest;Database=tempdb;Owner name=guest",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=AppDetective;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=DbPAnalytics;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=dbpdatawarehouse;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=dbpstaging;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=master;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=model;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=msdb;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=INFORMATION_SCHEMA;Database=tempdb;Owner name=INFORMATION_SCHEMA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=managed_backup;Database=msdb;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=smart_admin;Database=msdb;Owner name=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=SQLAgentOperatorRole;Database=msdb;Owner name=SQLAgentOperatorRole",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=SQLAgentReaderRole;Database=msdb;Owner name=SQLAgentReaderRole",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=SQLAgentUserRole;Database=msdb;Owner name=SQLAgentUserRole",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=AppDetective;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=DbPAnalytics;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=dbpdatawarehouse;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=dbpstaging;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=master;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=model;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=msdb;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=sys;Database=tempdb;Owner name=sys",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Schema name=TargetServersRole;Database=msdb;Owner name=TargetServersRole",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Symmetric encryption keys",
+                    "id": "2903",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2903\",\n  \"Check\": \"Symmetric encryption keys\",\n  \"Details\": \"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Availability of audited database",
+                    "id": "2941",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2941\",\n  \"Check\": \"Availability of audited database\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Additional information=No AUDIT was found",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Disable communication protocols that are not required",
+                    "id": "2940",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2940\",\n  \"Check\": \"Disable communication protocols that are not required\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Protocol=Shared Memory",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Protocol=TCP/IP",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "List SQL logins - instance level and in contained databases",
+                    "id": "2994",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2994\",\n  \"Check\": \"List SQL logins - instance level and in contained databases\",\n  \"Details\": \"Is Disabled=False;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Is Disabled=False;Login=sa",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Is Disabled=True;Login=##MS_PolicyEventProcessingLogin##",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Is Disabled=True;Login=##MS_PolicyTsqlExecutionLogin##",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS network port, protocol, and services (PPS) configuration",
+                    "id": "2761",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2761\",\n  \"Check\": \"DBMS network port, protocol, and services (PPS) configuration\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Protocol=Shared Memory",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Protocol=TCP/IP",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP1:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP2:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP3:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP4:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP5:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP6:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IP7:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "TCP Port=IPAll:1433",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Audit is not set to shut down server on error",
+                    "id": "2893",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2893\",\n  \"Check\": \"Audit is not set to shut down server on error\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Additional information=No AUDIT was found",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Unused SQL Server services and software components should be removed",
+                    "id": "2900",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2900\",\n  \"Check\": \"Unused SQL Server services and software components should be removed\",\n  \"Details\": \"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Software Component=SQL Server CEIP service",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Software Component=SQL Server FullText Search",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Browser Service enabled",
+                    "id": "2841",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.3,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2841\",\n  \"Check\": \"Browser Service enabled\",\n  \"Details\": \"Check \\\"Browser Service enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Check \"Browser Service enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                            "start_time": "Feb 18 2021 15:57",
+                            "backtrace": [
+                                "DB Protect Failed Check"
+                            ]
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS services dedicated custom account",
+                    "id": "2768",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2768\",\n  \"Check\": \"DBMS services dedicated custom account\",\n  \"Details\": \"Check \\\"DBMS services dedicated custom account\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Check \"DBMS services dedicated custom account\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                            "start_time": "Feb 18 2021 15:57",
+                            "backtrace": [
+                                "DB Protect Failed Check"
+                            ]
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Server is synchronized with an official time server",
+                    "id": "2946",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2946\",\n  \"Check\": \"Server is synchronized with an official time server\",\n  \"Details\": \"Check \\\"Server is synchronized with an official time server\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Check \"Server is synchronized with an official time server\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                            "start_time": "Feb 18 2021 15:57",
+                            "backtrace": [
+                                "DB Protect Failed Check"
+                            ]
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Instant File Initialization is enabled",
+                    "id": "2987",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2987\",\n  \"Check\": \"Instant File Initialization is enabled\",\n  \"Details\": \"Check \\\"Instant File Initialization is enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Check \"Instant File Initialization is enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                            "start_time": "Feb 18 2021 15:57",
+                            "backtrace": [
+                                "DB Protect Failed Check"
+                            ]
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Members of local Administrators group",
+                    "id": "2990",
+                    "desc": "Task : Audit; Check Category : Operating System Issues",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2990\",\n  \"Check\": \"Members of local Administrators group\",\n  \"Details\": \"Check \\\"Members of local Administrators group\\\" execution failed: User credentials cannot be used for local connections .\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Check \"Members of local Administrators group\" execution failed: User credentials cannot be used for local connections .",
+                            "start_time": "Feb 18 2021 15:57",
+                            "backtrace": [
+                                "DB Protect Failed Check"
+                            ]
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Protection of DBMS asymmetric encryption keys",
+                    "id": "2801",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "System Table Permissions",
+                    "id": "2830",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS audit record access",
+                    "id": "2790",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.3,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Permissions on Data Root directory",
+                    "id": "2919",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.3,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Permission on registry extended proc",
+                    "id": "2555",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS software library permissions",
+                    "id": "2771",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Default 'sa' account not present",
+                    "id": "2814",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Account Name=sa",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS backup files access",
+                    "id": "2865",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_15_031503_1017047.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_16_031502_7459310.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_17_031505_6520841.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_18_031503_7109667.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_16_031502_7303082.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_17_031505_6208319.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_18_031503_6953315.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_16_031502_7459310.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_17_031505_6364592.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_18_031503_6953315.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "CONTROL SERVER permission granted",
+                    "id": "2877",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=EISO\\\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=EISO\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=EISO\\a_jrose;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=EISO\\a_srobbins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=EISO\\a_trothschild;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=EISO\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=EISO\\SVC-DBProtect;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Non-DBA accounts with DDL privileges",
+                    "id": "2920",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Standard SQL Server authentication allowed",
+                    "id": "2540",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=Standard Login allowed.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Encryption of DBMS sensitive data in transit",
+                    "id": "2759",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "ForceEncryption=False",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "The NT AUTHORITY\\SYSTEM account is used for administration",
+                    "id": "2985",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS privileged role assignments",
+                    "id": "2819",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=EISO\\\\a_dbrown\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=EISO\\a_dbrown",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=EISO\\a_jrose",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=EISO\\a_srobbins",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=EISO\\a_trothschild",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=EISO\\SQLAdmins",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=EISO\\SVC-DBProtect",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=NT Service\\MSSQLSERVER",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=NT SERVICE\\SQLSERVERAGENT",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=NT SERVICE\\SQLWriter",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Username=NT SERVICE\\Winmgmt",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Dedicated data file directories",
+                    "id": "2770",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.3,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Remote access allowed",
+                    "id": "2545",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Value in use=1;Name=remote access;Value=1",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Auditing of successful logins",
+                    "id": "2569",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Auditing of failed logins",
+                    "id": "2570",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=Audit of failed logins is not performed by AUDIT",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "'sa' account has not been disabled",
+                    "id": "2745",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Status=Enabled;Login=sa",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Database job/batch queue reviewing",
+                    "id": "2780",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "SQL Server job history record=DBBackups.FullBackup",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "SQL Server job history record=syspolicy_purge_history",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS privileged action audit",
+                    "id": "2826",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Value in use=1;Name=default trace enabled;Value=1",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "CHECK_EXPIRATION option",
+                    "id": "2880",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Database not encrypted",
+                    "id": "2897",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Is Encrypted=false;Database=AppDetective",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Is Encrypted=false;Database=DbPAnalytics",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Is Encrypted=false;Database=dbpdatawarehouse",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Is Encrypted=false;Database=dbpstaging",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Audit concurrent logons",
+                    "id": "2935",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=No AUDIT was found",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Audit unsuccessful attempts to execute privileged activities",
+                    "id": "2936",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=No AUDIT was found",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Audit privileged activities",
+                    "id": "2937",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=No AUDIT was found",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Generate audit records for important events",
+                    "id": "2962",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=Found no acceptable server audit specification.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Customer Feedback and Error Reporting",
+                    "id": "2975",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "EnableErrorReporting=Enabled;CustomerFeedback=Enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Server audit startup",
+                    "id": "2992",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=There are no server audits that automatically start during system start-up",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Use of an approved TLS version",
+                    "id": "2995",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Permissions on error log folder",
+                    "id": "2869",
+                    "desc": "Task : Audit; Check Category : Operating System Issues",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute",
+                            "start_time": "Feb 18 2021 15:57"
+                        },
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Service pack not applied on time",
+                    "id": "2888",
+                    "desc": "Task : Audit; Check Category : Patchable Vulnerabilities",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "failed",
+                            "code_desc": "Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Permission to configure Server Audit to audit at the server level",
+                    "id": "2942",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2942\",\n  \"Check\": \"Permission to configure Server Audit to audit at the server level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Permission to configure Server Audit to audit at the database level",
+                    "id": "2944",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2944\",\n  \"Check\": \"Permission to configure Server Audit to audit at the database level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "SQL Server must protect against a user falsely repudiating",
+                    "id": "2988",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2988\",\n  \"Check\": \"SQL Server must protect against a user falsely repudiating\",\n  \"Details\": \"Additional information=There are no server or database pricincipals mapped to remote computer accounts.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Additional information=There are no server or database pricincipals mapped to remote computer accounts.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Contained database user with password found",
+                    "id": "2871",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2871\",\n  \"Check\": \"Contained database user with password found\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Logon Trigger Exists",
+                    "id": "2901",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2901\",\n  \"Check\": \"Logon Trigger Exists\",\n  \"Details\": \"Additional information=No logon triggers found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Additional information=No logon triggers found.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Stored procedures and functions that utilize impersonation",
+                    "id": "2984",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2984\",\n  \"Check\": \"Stored procedures and functions that utilize impersonation\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers",
+                    "id": "2993",
+                    "desc": "Task : Audit; Check Category : Improper Access Controls",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2993\",\n  \"Check\": \"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Database TRUSTWORTHY status",
+                    "id": "2805",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2805\",\n  \"Check\": \"Database TRUSTWORTHY status\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "SQL Server is not using FIPS validated cryptographic modules for cryptographic operations",
+                    "id": "2934",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.7,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2934\",\n  \"Check\": \"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations\",\n  \"Details\": \"FIPS=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "FIPS=Enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS application object ownership",
+                    "id": "2817",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2817\",\n  \"Check\": \"DBMS application object ownership\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "User-defined extended stored procedures",
+                    "id": "2848",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2848\",\n  \"Check\": \"User-defined extended stored procedures\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Audit Retrieval of privileges/permissions (SQLAudit)",
+                    "id": "2938",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2938\",\n  \"Check\": \"Audit Retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Audit unsuccessful retrieval of privileges/permissions (SQLAudit)",
+                    "id": "2939",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2939\",\n  \"Check\": \"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Disable Filestream feature",
+                    "id": "2945",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2945\",\n  \"Check\": \"Disable Filestream feature\",\n  \"Details\": \"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Temporal tables",
+                    "id": "2989",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2989\",\n  \"Check\": \"Temporal tables\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Hide Instance option",
+                    "id": "2883",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.3,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2883\",\n  \"Check\": \"Hide Instance option\",\n  \"Details\": \"Hide instance=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Hide instance=1",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "xp_cmdshell not removed/not disabled",
+                    "id": "2553",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2553\",\n  \"Check\": \"xp_cmdshell not removed/not disabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Sample database not removed",
+                    "id": "2622",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2622\",\n  \"Check\": \"Sample database not removed\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS dedicated software directory and partition",
+                    "id": "2766",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2766\",\n  \"Check\": \"DBMS dedicated software directory and partition\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Database Master Key: is_master_key_encrypted_by_server",
+                    "id": "2782",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2782\",\n  \"Check\": \"Database Master Key: is_master_key_encrypted_by_server\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Symmetric Keys: allowed encryption algorithms",
+                    "id": "2788",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2788\",\n  \"Check\": \"Symmetric Keys: allowed encryption algorithms\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "CLR objects allowed",
+                    "id": "2792",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2792\",\n  \"Check\": \"CLR objects allowed\",\n  \"Details\": \"Value in use=0;Name=clr enabled;Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value in use=0;Name=clr enabled;Value=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Named Pipes network protocol is enabled",
+                    "id": "2807",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2807\",\n  \"Check\": \"Named Pipes network protocol is enabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "OLE automation procedures configuration",
+                    "id": "2882",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2882\",\n  \"Check\": \"OLE automation procedures configuration\",\n  \"Details\": \"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "CLR assembly permission set is not equal to SAFE",
+                    "id": "2947",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2947\",\n  \"Check\": \"CLR assembly permission set is not equal to SAFE\",\n  \"Details\": \"Additional information=CLR support is not enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Additional information=CLR support is not enabled",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Hadoop Connectivity feature must be disabled",
+                    "id": "2977",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2977\",\n  \"Check\": \"Hadoop Connectivity feature must be disabled\",\n  \"Details\": \"Value=0;Name=hadoop connectivity;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0;Name=hadoop connectivity;Value in use=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Replication XPs feature must be disabled",
+                    "id": "2978",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2978\",\n  \"Check\": \"Replication XPs feature must be disabled\",\n  \"Details\": \"Value=0;Name=Replication XPs;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0;Name=Replication XPs;Value in use=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "User Options feature must be disabled",
+                    "id": "2979",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2979\",\n  \"Check\": \"User Options feature must be disabled\",\n  \"Details\": \"Value=0;Name=user options;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0;Name=user options;Value in use=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "External Scripts Enabled feature must be disabled",
+                    "id": "2980",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2980\",\n  \"Check\": \"External Scripts Enabled feature must be disabled\",\n  \"Details\": \"Value=0;Name=external scripts enabled;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0;Name=external scripts enabled;Value in use=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Allow Polybase Export feature must be disabled",
+                    "id": "2981",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2981\",\n  \"Check\": \"Allow Polybase Export feature must be disabled\",\n  \"Details\": \"Value=0;Name=allow polybase export;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0;Name=allow polybase export;Value in use=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Remote Data Archive feature must be disabled",
+                    "id": "2982",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2982\",\n  \"Check\": \"Remote Data Archive feature must be disabled\",\n  \"Details\": \"Value=0;Name=remote data archive;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Value=0;Name=remote data archive;Value in use=0",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Access to linked servers",
+                    "id": "2983",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2983\",\n  \"Check\": \"Access to linked servers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Permissions on files",
+                    "id": "2662",
+                    "desc": "Task : Audit; Check Category : Operating System Issues",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2662\",\n  \"Check\": \"Permissions on files\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Use of credentials and proxies",
+                    "id": "2991",
+                    "desc": "Task : Audit; Check Category : Other",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Other\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2991\",\n  \"Check\": \"Use of credentials and proxies\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "DBMS Password Complexity",
+                    "id": "2778",
+                    "desc": "Task : Audit; Check Category : Weak Passwords",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2778\",\n  \"Check\": \"DBMS Password Complexity\",\n  \"Details\": \"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Database Master Key: encryption password",
+                    "id": "2786",
+                    "desc": "Task : Audit; Check Category : Weak Passwords",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2786\",\n  \"Check\": \"Database Master Key: encryption password\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "passed",
+                            "code_desc": "None",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "Common criteria compliance disabled",
+                    "id": "2800",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2800\",\n  \"Check\": \"Common criteria compliance disabled\",\n  \"Details\": \"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "SQL Server Service Broker endpoint encryption",
+                    "id": "2973",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2973\",\n  \"Check\": \"SQL Server Service Broker endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Service Broker endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Check is not applicable to this server version. There are no Service Broker endpoints configured.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "SQL Server Mirroring endpoint encryption",
+                    "id": "2974",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2974\",\n  \"Check\": \"SQL Server Mirroring endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Mirroring endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Check is not applicable to this server version. There are no Mirroring endpoints configured.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                },
+                {
+                    "tags": {
+                        "nist": [
+                            "SA-11",
+                            "RA-5"
+                        ],
+                        "cci": [
+                            "CCI-003173",
+                            "CCI-001643"
+                        ]
+                    },
+                    "refs": [],
+                    "source_location": {},
+                    "title": "SQL Server Usage and Error Reporting Auditing",
+                    "id": "2976",
+                    "desc": "Task : Audit; Check Category : Misconfigurations",
+                    "impact": 0.5,
+                    "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2976\",\n  \"Check\": \"SQL Server Usage and Error Reporting Auditing\",\n  \"Details\": \"Microsoft Analysis Services (OLAP) has not been found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+                    "results": [
+                        {
+                            "arrayTransformer": {},
+                            "status": "skipped",
+                            "code_desc": "Microsoft Analysis Services (OLAP) has not been found.",
+                            "start_time": "Feb 18 2021 15:57"
+                        }
+                    ]
+                }
+            ],
+            "sha256": "4e8cd51a220ef764426414641d4d386758aca62dceb554d0d1da1f437d4af25c"
+        }
+    ],
+    "passthrough": {
+        "raw": {
+            "data": [
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=AppDetective;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=DbPAnalytics;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=dbpdatawarehouse;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=dbpstaging;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=master;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=model;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=msdb;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_accessadmin;Database=tempdb;Owner name=db_accessadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=AppDetective;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=DbPAnalytics;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=dbpdatawarehouse;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=dbpstaging;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=master;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=model;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=msdb;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_backupoperator;Database=tempdb;Owner name=db_backupoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=AppDetective;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=DbPAnalytics;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=dbpdatawarehouse;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=dbpstaging;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=master;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=model;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=msdb;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datareader;Database=tempdb;Owner name=db_datareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=AppDetective;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=DbPAnalytics;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=dbpdatawarehouse;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=dbpstaging;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=master;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=model;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=msdb;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_datawriter;Database=tempdb;Owner name=db_datawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=AppDetective;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=DbPAnalytics;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=dbpdatawarehouse;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=dbpstaging;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=master;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=model;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=msdb;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ddladmin;Database=tempdb;Owner name=db_ddladmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=AppDetective;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=DbPAnalytics;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=dbpdatawarehouse;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=dbpstaging;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=master;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=model;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=msdb;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatareader;Database=tempdb;Owner name=db_denydatareader",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=AppDetective;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=DbPAnalytics;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=dbpdatawarehouse;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=dbpstaging;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=master;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=model;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=msdb;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_denydatawriter;Database=tempdb;Owner name=db_denydatawriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=AppDetective;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=DbPAnalytics;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=dbpdatawarehouse;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=dbpstaging;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=master;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=model;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=msdb;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_owner;Database=tempdb;Owner name=db_owner",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=AppDetective;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=DbPAnalytics;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=dbpdatawarehouse;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=dbpstaging;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=master;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=model;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=msdb;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_securityadmin;Database=tempdb;Owner name=db_securityadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ssisadmin;Database=msdb;Owner name=db_ssisadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ssisltduser;Database=msdb;Owner name=db_ssisltduser",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=db_ssisoperator;Database=msdb;Owner name=db_ssisoperator",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=AppDetective;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=DbPAnalytics;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=dbpdatawarehouse;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=dbpstaging;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=master;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=model;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=msdb;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=dbo;Database=tempdb;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=AppDetective;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=DbPAnalytics;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=dbpdatawarehouse;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=dbpstaging;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=master;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=model;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=msdb;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=guest;Database=tempdb;Owner name=guest",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=AppDetective;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=DbPAnalytics;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=dbpdatawarehouse;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=dbpstaging;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=master;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=model;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=msdb;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=INFORMATION_SCHEMA;Database=tempdb;Owner name=INFORMATION_SCHEMA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=managed_backup;Database=msdb;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=smart_admin;Database=msdb;Owner name=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=SQLAgentOperatorRole;Database=msdb;Owner name=SQLAgentOperatorRole",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=SQLAgentReaderRole;Database=msdb;Owner name=SQLAgentReaderRole",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=SQLAgentUserRole;Database=msdb;Owner name=SQLAgentUserRole",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=AppDetective;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=DbPAnalytics;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=dbpdatawarehouse;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=dbpstaging;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=master;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=model;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=msdb;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=sys;Database=tempdb;Owner name=sys",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2986",
+                    "Check": "Schema ownership",
+                    "Details": "Schema name=TargetServersRole;Database=msdb;Owner name=TargetServersRole",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2903",
+                    "Check": "Symmetric encryption keys",
+                    "Details": "Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2941",
+                    "Check": "Availability of audited database",
+                    "Details": "Additional information=No AUDIT was found",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2940",
+                    "Check": "Disable communication protocols that are not required",
+                    "Details": "Protocol=Shared Memory",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2940",
+                    "Check": "Disable communication protocols that are not required",
+                    "Details": "Protocol=TCP/IP",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2994",
+                    "Check": "List SQL logins - instance level and in contained databases",
+                    "Details": "Is Disabled=False;Login=sa",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2994",
+                    "Check": "List SQL logins - instance level and in contained databases",
+                    "Details": "Is Disabled=True;Login=##MS_PolicyEventProcessingLogin##",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2994",
+                    "Check": "List SQL logins - instance level and in contained databases",
+                    "Details": "Is Disabled=True;Login=##MS_PolicyTsqlExecutionLogin##",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "Protocol=Shared Memory",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "Protocol=TCP/IP",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP1:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP2:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP3:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP4:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP5:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP6:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IP7:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2761",
+                    "Check": "DBMS network port, protocol, and services (PPS) configuration",
+                    "Details": "TCP Port=IPAll:1433",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2893",
+                    "Check": "Audit is not set to shut down server on error",
+                    "Details": "Additional information=No AUDIT was found",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2900",
+                    "Check": "Unused SQL Server services and software components should be removed",
+                    "Details": "Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2900",
+                    "Check": "Unused SQL Server services and software components should be removed",
+                    "Details": "Software Component=SQL Server CEIP service",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Fact",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2900",
+                    "Check": "Unused SQL Server services and software components should be removed",
+                    "Details": "Software Component=SQL Server FullText Search",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Failed",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2841",
+                    "Check": "Browser Service enabled",
+                    "Details": "Check \"Browser Service enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Failed",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2768",
+                    "Check": "DBMS services dedicated custom account",
+                    "Details": "Check \"DBMS services dedicated custom account\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Failed",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2946",
+                    "Check": "Server is synchronized with an official time server",
+                    "Details": "Check \"Server is synchronized with an official time server\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Failed",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2987",
+                    "Check": "Instant File Initialization is enabled",
+                    "Details": "Check \"Instant File Initialization is enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Failed",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2990",
+                    "Check": "Members of local Administrators group",
+                    "Details": "Check \"Members of local Administrators group\" execution failed: User credentials cannot be used for local connections .",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2801",
+                    "Check": "Protection of DBMS asymmetric encryption keys",
+                    "Details": "Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2801",
+                    "Check": "Protection of DBMS asymmetric encryption keys",
+                    "Details": "Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2830",
+                    "Check": "System Table Permissions",
+                    "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2790",
+                    "Check": "DBMS audit record access",
+                    "Details": "Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Low",
+                    "Check ID": "2919",
+                    "Check": "Permissions on Data Root directory",
+                    "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2555",
+                    "Check": "Permission on registry extended proc",
+                    "Details": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2555",
+                    "Check": "Permission on registry extended proc",
+                    "Details": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2771",
+                    "Check": "DBMS software library permissions",
+                    "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2814",
+                    "Check": "Default 'sa' account not present",
+                    "Details": "Account Name=sa",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_15_031503_1017047.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_16_031502_7459310.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_17_031505_6520841.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_18_031503_7109667.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_16_031502_7303082.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_17_031505_6208319.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_18_031503_6953315.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_16_031502_7459310.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_17_031505_6364592.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_18_031503_6953315.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2865",
+                    "Check": "DBMS backup files access",
+                    "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=EISO\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=EISO\\a_jrose;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=EISO\\a_srobbins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=EISO\\a_trothschild;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=EISO\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=EISO\\SVC-DBProtect;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2877",
+                    "Check": "CONTROL SERVER permission granted",
+                    "Details": "Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2920",
+                    "Check": "Non-DBA accounts with DDL privileges",
+                    "Details": "Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2540",
+                    "Check": "Standard SQL Server authentication allowed",
+                    "Details": "Additional information=Standard Login allowed.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2759",
+                    "Check": "Encryption of DBMS sensitive data in transit",
+                    "Details": "ForceEncryption=False",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2985",
+                    "Check": "The NT AUTHORITY\\SYSTEM account is used for administration",
+                    "Details": "Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2985",
+                    "Check": "The NT AUTHORITY\\SYSTEM account is used for administration",
+                    "Details": "Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2985",
+                    "Check": "The NT AUTHORITY\\SYSTEM account is used for administration",
+                    "Details": "Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=EISO\\a_dbrown",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=EISO\\a_jrose",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=EISO\\a_srobbins",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=EISO\\a_trothschild",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=EISO\\SQLAdmins",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=EISO\\SVC-DBProtect",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=NT Service\\MSSQLSERVER",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=NT SERVICE\\SQLSERVERAGENT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=NT SERVICE\\SQLWriter",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2819",
+                    "Check": "DBMS privileged role assignments",
+                    "Details": "Username=NT SERVICE\\Winmgmt",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\LOGS",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2770",
+                    "Check": "Dedicated data file directories",
+                    "Details": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2545",
+                    "Check": "Remote access allowed",
+                    "Details": "Value in use=1;Name=remote access;Value=1",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2569",
+                    "Check": "Auditing of successful logins",
+                    "Details": "Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2570",
+                    "Check": "Auditing of failed logins",
+                    "Details": "Additional information=Audit of failed logins is not performed by AUDIT",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2745",
+                    "Check": "'sa' account has not been disabled",
+                    "Details": "Status=Enabled;Login=sa",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2780",
+                    "Check": "Database job/batch queue reviewing",
+                    "Details": "SQL Server job history record=DBBackups.FullBackup",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2780",
+                    "Check": "Database job/batch queue reviewing",
+                    "Details": "SQL Server job history record=syspolicy_purge_history",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2826",
+                    "Check": "DBMS privileged action audit",
+                    "Details": "Value in use=1;Name=default trace enabled;Value=1",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2880",
+                    "Check": "CHECK_EXPIRATION option",
+                    "Details": "Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2880",
+                    "Check": "CHECK_EXPIRATION option",
+                    "Details": "Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2880",
+                    "Check": "CHECK_EXPIRATION option",
+                    "Details": "Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2897",
+                    "Check": "Database not encrypted",
+                    "Details": "Is Encrypted=false;Database=AppDetective",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2897",
+                    "Check": "Database not encrypted",
+                    "Details": "Is Encrypted=false;Database=DbPAnalytics",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2897",
+                    "Check": "Database not encrypted",
+                    "Details": "Is Encrypted=false;Database=dbpdatawarehouse",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2897",
+                    "Check": "Database not encrypted",
+                    "Details": "Is Encrypted=false;Database=dbpstaging",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2935",
+                    "Check": "Audit concurrent logons",
+                    "Details": "Additional information=No AUDIT was found",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2936",
+                    "Check": "Audit unsuccessful attempts to execute privileged activities",
+                    "Details": "Additional information=No AUDIT was found",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2937",
+                    "Check": "Audit privileged activities",
+                    "Details": "Additional information=No AUDIT was found",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2962",
+                    "Check": "Generate audit records for important events",
+                    "Details": "Additional information=Found no acceptable server audit specification.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2975",
+                    "Check": "Customer Feedback and Error Reporting",
+                    "Details": "EnableErrorReporting=Enabled;CustomerFeedback=Enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2992",
+                    "Check": "Server audit startup",
+                    "Details": "Additional information=There are no server audits that automatically start during system start-up",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2995",
+                    "Check": "Use of an approved TLS version",
+                    "Details": "Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2869",
+                    "Check": "Permissions on error log folder",
+                    "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Finding",
+                    "Check Category": "Patchable Vulnerabilities",
+                    "Risk DV": "High",
+                    "Check ID": "2888",
+                    "Check": "Service pack not applied on time",
+                    "Details": "Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2942",
+                    "Check": "Permission to configure Server Audit to audit at the server level",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2944",
+                    "Check": "Permission to configure Server Audit to audit at the database level",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Informational",
+                    "Check ID": "2988",
+                    "Check": "SQL Server must protect against a user falsely repudiating",
+                    "Details": "Additional information=There are no server or database pricincipals mapped to remote computer accounts.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2871",
+                    "Check": "Contained database user with password found",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2901",
+                    "Check": "Logon Trigger Exists",
+                    "Details": "Additional information=No logon triggers found.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2984",
+                    "Check": "Stored procedures and functions that utilize impersonation",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Improper Access Controls",
+                    "Risk DV": "Medium",
+                    "Check ID": "2993",
+                    "Check": "SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2805",
+                    "Check": "Database TRUSTWORTHY status",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "High",
+                    "Check ID": "2934",
+                    "Check": "SQL Server is not using FIPS validated cryptographic modules for cryptographic operations",
+                    "Details": "FIPS=Enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2817",
+                    "Check": "DBMS application object ownership",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2848",
+                    "Check": "User-defined extended stored procedures",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2938",
+                    "Check": "Audit Retrieval of privileges/permissions (SQLAudit)",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2939",
+                    "Check": "Audit unsuccessful retrieval of privileges/permissions (SQLAudit)",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2945",
+                    "Check": "Disable Filestream feature",
+                    "Details": "Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Informational",
+                    "Check ID": "2989",
+                    "Check": "Temporal tables",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Low",
+                    "Check ID": "2883",
+                    "Check": "Hide Instance option",
+                    "Details": "Hide instance=1",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2553",
+                    "Check": "xp_cmdshell not removed/not disabled",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2622",
+                    "Check": "Sample database not removed",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2766",
+                    "Check": "DBMS dedicated software directory and partition",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2782",
+                    "Check": "Database Master Key: is_master_key_encrypted_by_server",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2788",
+                    "Check": "Symmetric Keys: allowed encryption algorithms",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2792",
+                    "Check": "CLR objects allowed",
+                    "Details": "Value in use=0;Name=clr enabled;Value=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2807",
+                    "Check": "Named Pipes network protocol is enabled",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2882",
+                    "Check": "OLE automation procedures configuration",
+                    "Details": "Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2947",
+                    "Check": "CLR assembly permission set is not equal to SAFE",
+                    "Details": "Additional information=CLR support is not enabled",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2977",
+                    "Check": "Hadoop Connectivity feature must be disabled",
+                    "Details": "Value=0;Name=hadoop connectivity;Value in use=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2978",
+                    "Check": "Replication XPs feature must be disabled",
+                    "Details": "Value=0;Name=Replication XPs;Value in use=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2979",
+                    "Check": "User Options feature must be disabled",
+                    "Details": "Value=0;Name=user options;Value in use=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2980",
+                    "Check": "External Scripts Enabled feature must be disabled",
+                    "Details": "Value=0;Name=external scripts enabled;Value in use=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2981",
+                    "Check": "Allow Polybase Export feature must be disabled",
+                    "Details": "Value=0;Name=allow polybase export;Value in use=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2982",
+                    "Check": "Remote Data Archive feature must be disabled",
+                    "Details": "Value=0;Name=remote data archive;Value in use=0",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2983",
+                    "Check": "Access to linked servers",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Operating System Issues",
+                    "Risk DV": "Medium",
+                    "Check ID": "2662",
+                    "Check": "Permissions on files",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Other",
+                    "Risk DV": "Medium",
+                    "Check ID": "2991",
+                    "Check": "Use of credentials and proxies",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Weak Passwords",
+                    "Risk DV": "Medium",
+                    "Check ID": "2778",
+                    "Check": "DBMS Password Complexity",
+                    "Details": "Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Not A Finding",
+                    "Check Category": "Weak Passwords",
+                    "Risk DV": "Medium",
+                    "Check ID": "2786",
+                    "Check": "Database Master Key: encryption password",
+                    "Details": "None",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Skipped",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2800",
+                    "Check": "Common criteria compliance disabled",
+                    "Details": "Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Skipped",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2973",
+                    "Check": "SQL Server Service Broker endpoint encryption",
+                    "Details": "Check is not applicable to this server version. There are no Service Broker endpoints configured.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Skipped",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2974",
+                    "Check": "SQL Server Mirroring endpoint encryption",
+                    "Details": "Check is not applicable to this server version. There are no Mirroring endpoints configured.",
+                    "Date": "Feb 18 2021 15:57"
+                },
+                {
+                    "Organization": "TEST ORGANIZATION (Local DBP server)",
+                    "Task": "Audit",
+                    "Asset Type": "Microsoft SQL Server",
+                    "Asset": "CONDS181",
+                    "IP Address, Port, Instance": "10.0.10.204, 1433, MSSQLSERVER",
+                    "Job Name": "Heimdal Test scan report generation",
+                    "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+                    "Result Status": "Skipped",
+                    "Check Category": "Misconfigurations",
+                    "Risk DV": "Medium",
+                    "Check ID": "2976",
+                    "Check": "SQL Server Usage and Error Reporting Auditing",
+                    "Details": "Microsoft Analysis Services (OLAP) has not been found.",
+                    "Date": "Feb 18 2021 15:57"
+                }
+            ]
+        }
+    }
+}
\ No newline at end of file
diff --git a/test/sample_data/dbprotect/dbprotect-check-hdf.json b/test/sample_data/dbprotect/dbprotect-check-hdf.json
index 1eb51b3cc..c0dfaf941 100644
--- a/test/sample_data/dbprotect/dbprotect-check-hdf.json
+++ b/test/sample_data/dbprotect/dbprotect-check-hdf.json
@@ -1 +1,26177 @@
-{"platform":{"name":"Heimdall Tools","release":"2.6.50"},"version":"2.6.50","statistics":{},"profiles":[{"name":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","title":"Heimdal Test scan report generation","summary":"Organization : TEST ORGANIZATION (Local DBP server)\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 10.0.10.204, 1433, MSSQLSERVER ","supports":[],"attributes":[],"groups":[],"status":"loaded","controls":[{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Schema ownership","id":"2986","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2986\",\n  \"Check\": \"Schema ownership\",\n  \"Details\": \"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=AppDetective;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=DbPAnalytics;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=dbpdatawarehouse;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=dbpstaging;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=master;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=model;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=msdb;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_accessadmin;Database=tempdb;Owner name=db_accessadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=AppDetective;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=DbPAnalytics;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=dbpdatawarehouse;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=dbpstaging;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=master;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=model;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=msdb;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_backupoperator;Database=tempdb;Owner name=db_backupoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=AppDetective;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=DbPAnalytics;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=dbpdatawarehouse;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=dbpstaging;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=master;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=model;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=msdb;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datareader;Database=tempdb;Owner name=db_datareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=AppDetective;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=DbPAnalytics;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=dbpdatawarehouse;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=dbpstaging;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=master;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=model;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=msdb;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_datawriter;Database=tempdb;Owner name=db_datawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=AppDetective;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=DbPAnalytics;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=dbpdatawarehouse;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=dbpstaging;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=master;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=model;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=msdb;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ddladmin;Database=tempdb;Owner name=db_ddladmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=AppDetective;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=DbPAnalytics;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=dbpdatawarehouse;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=dbpstaging;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=master;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=model;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=msdb;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatareader;Database=tempdb;Owner name=db_denydatareader","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=AppDetective;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=DbPAnalytics;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=dbpdatawarehouse;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=dbpstaging;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=master;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=model;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=msdb;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_denydatawriter;Database=tempdb;Owner name=db_denydatawriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=AppDetective;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=DbPAnalytics;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=dbpdatawarehouse;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=dbpstaging;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=master;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=model;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=msdb;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_owner;Database=tempdb;Owner name=db_owner","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=AppDetective;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=DbPAnalytics;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=dbpdatawarehouse;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=dbpstaging;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=master;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=model;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=msdb;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_securityadmin;Database=tempdb;Owner name=db_securityadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ssisadmin;Database=msdb;Owner name=db_ssisadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ssisltduser;Database=msdb;Owner name=db_ssisltduser","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=db_ssisoperator;Database=msdb;Owner name=db_ssisoperator","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=AppDetective;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=DbPAnalytics;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=dbpdatawarehouse;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=dbpstaging;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=master;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=model;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=msdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=dbo;Database=tempdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=AppDetective;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=DbPAnalytics;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=dbpdatawarehouse;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=dbpstaging;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=master;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=model;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=msdb;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=guest;Database=tempdb;Owner name=guest","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=AppDetective;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=DbPAnalytics;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=dbpdatawarehouse;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=dbpstaging;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=master;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=model;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=msdb;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=INFORMATION_SCHEMA;Database=tempdb;Owner name=INFORMATION_SCHEMA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=managed_backup;Database=msdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=smart_admin;Database=msdb;Owner name=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=SQLAgentOperatorRole;Database=msdb;Owner name=SQLAgentOperatorRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=SQLAgentReaderRole;Database=msdb;Owner name=SQLAgentReaderRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=SQLAgentUserRole;Database=msdb;Owner name=SQLAgentUserRole","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=AppDetective;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=DbPAnalytics;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=dbpdatawarehouse;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=dbpstaging;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=master;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=model;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=msdb;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=sys;Database=tempdb;Owner name=sys","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Schema name=TargetServersRole;Database=msdb;Owner name=TargetServersRole","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Symmetric encryption keys","id":"2903","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2903\",\n  \"Check\": \"Symmetric encryption keys\",\n  \"Details\": \"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Availability of audited database","id":"2941","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2941\",\n  \"Check\": \"Availability of audited database\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Disable communication protocols that are not required","id":"2940","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2940\",\n  \"Check\": \"Disable communication protocols that are not required\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=Shared Memory","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=TCP/IP","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"List SQL logins - instance level and in contained databases","id":"2994","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2994\",\n  \"Check\": \"List SQL logins - instance level and in contained databases\",\n  \"Details\": \"Is Disabled=False;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Is Disabled=False;Login=sa","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Disabled=True;Login=##MS_PolicyEventProcessingLogin##","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Disabled=True;Login=##MS_PolicyTsqlExecutionLogin##","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS network port, protocol, and services (PPS) configuration","id":"2761","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2761\",\n  \"Check\": \"DBMS network port, protocol, and services (PPS) configuration\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=Shared Memory","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Protocol=TCP/IP","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP1:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP2:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP3:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP4:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP5:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP6:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IP7:1433","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"TCP Port=IPAll:1433","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit is not set to shut down server on error","id":"2893","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2893\",\n  \"Check\": \"Audit is not set to shut down server on error\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Unused SQL Server services and software components should be removed","id":"2900","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2900\",\n  \"Check\": \"Unused SQL Server services and software components should be removed\",\n  \"Details\": \"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Software Component=SQL Server CEIP service","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"skipped","code_desc":"Software Component=SQL Server FullText Search","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Browser Service enabled","id":"2841","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2841\",\n  \"Check\": \"Browser Service enabled\",\n  \"Details\": \"Check \\\"Browser Service enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Browser Service enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS services dedicated custom account","id":"2768","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2768\",\n  \"Check\": \"DBMS services dedicated custom account\",\n  \"Details\": \"Check \\\"DBMS services dedicated custom account\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"DBMS services dedicated custom account\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Server is synchronized with an official time server","id":"2946","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2946\",\n  \"Check\": \"Server is synchronized with an official time server\",\n  \"Details\": \"Check \\\"Server is synchronized with an official time server\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Server is synchronized with an official time server\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Instant File Initialization is enabled","id":"2987","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2987\",\n  \"Check\": \"Instant File Initialization is enabled\",\n  \"Details\": \"Check \\\"Instant File Initialization is enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Instant File Initialization is enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Members of local Administrators group","id":"2990","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2990\",\n  \"Check\": \"Members of local Administrators group\",\n  \"Details\": \"Check \\\"Members of local Administrators group\\\" execution failed: User credentials cannot be used for local connections .\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Check \"Members of local Administrators group\" execution failed: User credentials cannot be used for local connections .","start_time":"Feb 18 2021 15:57","backtrace":["DB Protect Failed Check"]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Protection of DBMS asymmetric encryption keys","id":"2801","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"System Table Permissions","id":"2830","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS audit record access","id":"2790","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on Data Root directory","id":"2919","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission on registry extended proc","id":"2555","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS software library permissions","id":"2771","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Default 'sa' account not present","id":"2814","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Account Name=sa","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS backup files access","id":"2865","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_15_031503_1017047.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_17_031505_6520841.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_18_031503_7109667.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_16_031502_7303082.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_17_031505_6364592.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CONTROL SERVER permission granted","id":"2877","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=EISO\\\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_jrose;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_srobbins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\a_trothschild;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=EISO\\SVC-DBProtect;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Non-DBA accounts with DDL privileges","id":"2920","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Standard SQL Server authentication allowed","id":"2540","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Standard Login allowed.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Encryption of DBMS sensitive data in transit","id":"2759","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"ForceEncryption=False","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"The NT AUTHORITY\\SYSTEM account is used for administration","id":"2985","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged role assignments","id":"2819","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=EISO\\\\a_dbrown\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_dbrown","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_jrose","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_srobbins","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\a_trothschild","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\SQLAdmins","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=EISO\\SVC-DBProtect","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT Service\\MSSQLSERVER","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT SERVICE\\SQLWriter","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Username=NT SERVICE\\Winmgmt","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Dedicated data file directories","id":"2770","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpstaging];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Remote access allowed","id":"2545","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Value in use=1;Name=remote access;Value=1","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of successful logins","id":"2569","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of failed logins","id":"2570","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Audit of failed logins is not performed by AUDIT","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"'sa' account has not been disabled","id":"2745","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Status=Enabled;Login=sa","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database job/batch queue reviewing","id":"2780","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"SQL Server job history record=DBBackups.FullBackup","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"SQL Server job history record=syspolicy_purge_history","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged action audit","id":"2826","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Value in use=1;Name=default trace enabled;Value=1","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CHECK_EXPIRATION option","id":"2880","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database not encrypted","id":"2897","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=AppDetective","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=DbPAnalytics","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=dbpdatawarehouse","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Is Encrypted=false;Database=dbpstaging","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit concurrent logons","id":"2935","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit unsuccessful attempts to execute privileged activities","id":"2936","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit privileged activities","id":"2937","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Generate audit records for important events","id":"2962","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=Found no acceptable server audit specification.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Customer Feedback and Error Reporting","id":"2975","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"EnableErrorReporting=Enabled;CustomerFeedback=Enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Server audit startup","id":"2992","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=There are no server audits that automatically start during system start-up","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Use of an approved TLS version","id":"2995","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on error log folder","id":"2869","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57"},{"arrayTransformer":{},"status":"failed","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Service pack not applied on time","id":"2888","desc":"Task : Audit; Check Category : Patchable Vulnerabilities","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"failed","code_desc":"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission to configure Server Audit to audit at the server level","id":"2942","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2942\",\n  \"Check\": \"Permission to configure Server Audit to audit at the server level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission to configure Server Audit to audit at the database level","id":"2944","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2944\",\n  \"Check\": \"Permission to configure Server Audit to audit at the database level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server must protect against a user falsely repudiating","id":"2988","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2988\",\n  \"Check\": \"SQL Server must protect against a user falsely repudiating\",\n  \"Details\": \"Additional information=There are no server or database pricincipals mapped to remote computer accounts.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=There are no server or database pricincipals mapped to remote computer accounts.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Contained database user with password found","id":"2871","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2871\",\n  \"Check\": \"Contained database user with password found\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Logon Trigger Exists","id":"2901","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2901\",\n  \"Check\": \"Logon Trigger Exists\",\n  \"Details\": \"Additional information=No logon triggers found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=No logon triggers found.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Stored procedures and functions that utilize impersonation","id":"2984","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2984\",\n  \"Check\": \"Stored procedures and functions that utilize impersonation\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers","id":"2993","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2993\",\n  \"Check\": \"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database TRUSTWORTHY status","id":"2805","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2805\",\n  \"Check\": \"Database TRUSTWORTHY status\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations","id":"2934","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2934\",\n  \"Check\": \"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations\",\n  \"Details\": \"FIPS=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"FIPS=Enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS application object ownership","id":"2817","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2817\",\n  \"Check\": \"DBMS application object ownership\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"User-defined extended stored procedures","id":"2848","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2848\",\n  \"Check\": \"User-defined extended stored procedures\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit Retrieval of privileges/permissions (SQLAudit)","id":"2938","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2938\",\n  \"Check\": \"Audit Retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)","id":"2939","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2939\",\n  \"Check\": \"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Disable Filestream feature","id":"2945","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2945\",\n  \"Check\": \"Disable Filestream feature\",\n  \"Details\": \"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Temporal tables","id":"2989","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2989\",\n  \"Check\": \"Temporal tables\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Hide Instance option","id":"2883","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2883\",\n  \"Check\": \"Hide Instance option\",\n  \"Details\": \"Hide instance=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Hide instance=1","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"xp_cmdshell not removed/not disabled","id":"2553","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2553\",\n  \"Check\": \"xp_cmdshell not removed/not disabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Sample database not removed","id":"2622","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2622\",\n  \"Check\": \"Sample database not removed\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS dedicated software directory and partition","id":"2766","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2766\",\n  \"Check\": \"DBMS dedicated software directory and partition\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database Master Key: is_master_key_encrypted_by_server","id":"2782","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2782\",\n  \"Check\": \"Database Master Key: is_master_key_encrypted_by_server\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Symmetric Keys: allowed encryption algorithms","id":"2788","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2788\",\n  \"Check\": \"Symmetric Keys: allowed encryption algorithms\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CLR objects allowed","id":"2792","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2792\",\n  \"Check\": \"CLR objects allowed\",\n  \"Details\": \"Value in use=0;Name=clr enabled;Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value in use=0;Name=clr enabled;Value=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Named Pipes network protocol is enabled","id":"2807","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2807\",\n  \"Check\": \"Named Pipes network protocol is enabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"OLE automation procedures configuration","id":"2882","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2882\",\n  \"Check\": \"OLE automation procedures configuration\",\n  \"Details\": \"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CLR assembly permission set is not equal to SAFE","id":"2947","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2947\",\n  \"Check\": \"CLR assembly permission set is not equal to SAFE\",\n  \"Details\": \"Additional information=CLR support is not enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=CLR support is not enabled","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Hadoop Connectivity feature must be disabled","id":"2977","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2977\",\n  \"Check\": \"Hadoop Connectivity feature must be disabled\",\n  \"Details\": \"Value=0;Name=hadoop connectivity;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=hadoop connectivity;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Replication XPs feature must be disabled","id":"2978","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2978\",\n  \"Check\": \"Replication XPs feature must be disabled\",\n  \"Details\": \"Value=0;Name=Replication XPs;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=Replication XPs;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"User Options feature must be disabled","id":"2979","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2979\",\n  \"Check\": \"User Options feature must be disabled\",\n  \"Details\": \"Value=0;Name=user options;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=user options;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"External Scripts Enabled feature must be disabled","id":"2980","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2980\",\n  \"Check\": \"External Scripts Enabled feature must be disabled\",\n  \"Details\": \"Value=0;Name=external scripts enabled;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=external scripts enabled;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Allow Polybase Export feature must be disabled","id":"2981","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2981\",\n  \"Check\": \"Allow Polybase Export feature must be disabled\",\n  \"Details\": \"Value=0;Name=allow polybase export;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=allow polybase export;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Remote Data Archive feature must be disabled","id":"2982","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2982\",\n  \"Check\": \"Remote Data Archive feature must be disabled\",\n  \"Details\": \"Value=0;Name=remote data archive;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Value=0;Name=remote data archive;Value in use=0","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Access to linked servers","id":"2983","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2983\",\n  \"Check\": \"Access to linked servers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on files","id":"2662","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2662\",\n  \"Check\": \"Permissions on files\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Use of credentials and proxies","id":"2991","desc":"Task : Audit; Check Category : Other","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Other\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2991\",\n  \"Check\": \"Use of credentials and proxies\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS Password Complexity","id":"2778","desc":"Task : Audit; Check Category : Weak Passwords","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2778\",\n  \"Check\": \"DBMS Password Complexity\",\n  \"Details\": \"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database Master Key: encryption password","id":"2786","desc":"Task : Audit; Check Category : Weak Passwords","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2786\",\n  \"Check\": \"Database Master Key: encryption password\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"passed","code_desc":"None","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Common criteria compliance disabled","id":"2800","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2800\",\n  \"Check\": \"Common criteria compliance disabled\",\n  \"Details\": \"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server Service Broker endpoint encryption","id":"2973","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2973\",\n  \"Check\": \"SQL Server Service Broker endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Service Broker endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Check is not applicable to this server version. There are no Service Broker endpoints configured.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server Mirroring endpoint encryption","id":"2974","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2974\",\n  \"Check\": \"SQL Server Mirroring endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Mirroring endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Check is not applicable to this server version. There are no Mirroring endpoints configured.","start_time":"Feb 18 2021 15:57"}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"SQL Server Usage and Error Reporting Auditing","id":"2976","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2976\",\n  \"Check\": \"SQL Server Usage and Error Reporting Auditing\",\n  \"Details\": \"Microsoft Analysis Services (OLAP) has not been found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Microsoft Analysis Services (OLAP) has not been found.","start_time":"Feb 18 2021 15:57"}]}],"sha256":"4e8cd51a220ef764426414641d4d386758aca62dceb554d0d1da1f437d4af25c"}],"passthrough":{}}
\ No newline at end of file
+{
+  "platform": {
+    "name": "Heimdall Tools",
+    "release": "2.6.50"
+  },
+  "version": "2.6.50",
+  "statistics": {},
+  "profiles": [
+    {
+      "name": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+      "title": "Heimdal Test scan report generation",
+      "summary": "Organization : TEST ORGANIZATION (Local DBP server)\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 10.0.10.204, 1433, MSSQLSERVER ",
+      "supports": [],
+      "attributes": [],
+      "groups": [],
+      "status": "loaded",
+      "controls": [
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Schema ownership",
+          "id": "2986",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2986\",\n  \"Check\": \"Schema ownership\",\n  \"Details\": \"Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=DatabaseMailUserRole;Database=msdb;Owner name=DatabaseMailUserRole",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=AppDetective;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=DbPAnalytics;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=dbpdatawarehouse;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=dbpstaging;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=master;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=model;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=msdb;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_accessadmin;Database=tempdb;Owner name=db_accessadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=AppDetective;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=DbPAnalytics;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=dbpdatawarehouse;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=dbpstaging;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=master;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=model;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=msdb;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_backupoperator;Database=tempdb;Owner name=db_backupoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=AppDetective;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=DbPAnalytics;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=dbpdatawarehouse;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=dbpstaging;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=master;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=model;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=msdb;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datareader;Database=tempdb;Owner name=db_datareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=AppDetective;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=DbPAnalytics;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=dbpdatawarehouse;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=dbpstaging;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=master;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=model;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=msdb;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_datawriter;Database=tempdb;Owner name=db_datawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=AppDetective;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=DbPAnalytics;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=dbpdatawarehouse;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=dbpstaging;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=master;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=model;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=msdb;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ddladmin;Database=tempdb;Owner name=db_ddladmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=AppDetective;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=DbPAnalytics;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=dbpdatawarehouse;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=dbpstaging;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=master;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=model;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=msdb;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatareader;Database=tempdb;Owner name=db_denydatareader",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=AppDetective;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=DbPAnalytics;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=dbpdatawarehouse;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=dbpstaging;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=master;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=model;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=msdb;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_denydatawriter;Database=tempdb;Owner name=db_denydatawriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=AppDetective;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=DbPAnalytics;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=dbpdatawarehouse;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=dbpstaging;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=master;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=model;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=msdb;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_owner;Database=tempdb;Owner name=db_owner",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=AppDetective;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=DbPAnalytics;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=dbpdatawarehouse;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=dbpstaging;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=master;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=model;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=msdb;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_securityadmin;Database=tempdb;Owner name=db_securityadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ssisadmin;Database=msdb;Owner name=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ssisltduser;Database=msdb;Owner name=db_ssisltduser",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=db_ssisoperator;Database=msdb;Owner name=db_ssisoperator",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=AppDetective;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=DbPAnalytics;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=dbpdatawarehouse;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=dbpstaging;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=master;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=model;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=msdb;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=dbo;Database=tempdb;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=AppDetective;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=DbPAnalytics;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=dbpdatawarehouse;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=dbpstaging;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=master;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=model;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=msdb;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=guest;Database=tempdb;Owner name=guest",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=AppDetective;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=DbPAnalytics;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=dbpdatawarehouse;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=dbpstaging;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=master;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=model;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=msdb;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=INFORMATION_SCHEMA;Database=tempdb;Owner name=INFORMATION_SCHEMA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=managed_backup;Database=msdb;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=smart_admin;Database=msdb;Owner name=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=SQLAgentOperatorRole;Database=msdb;Owner name=SQLAgentOperatorRole",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=SQLAgentReaderRole;Database=msdb;Owner name=SQLAgentReaderRole",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=SQLAgentUserRole;Database=msdb;Owner name=SQLAgentUserRole",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=AppDetective;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=DbPAnalytics;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=dbpdatawarehouse;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=dbpstaging;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=master;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=model;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=msdb;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=sys;Database=tempdb;Owner name=sys",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Schema name=TargetServersRole;Database=msdb;Owner name=TargetServersRole",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Symmetric encryption keys",
+          "id": "2903",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2903\",\n  \"Check\": \"Symmetric encryption keys\",\n  \"Details\": \"Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Key=##MS_ServiceMasterKey##;Database=master;Algorithm=AES_256",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Availability of audited database",
+          "id": "2941",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2941\",\n  \"Check\": \"Availability of audited database\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Disable communication protocols that are not required",
+          "id": "2940",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2940\",\n  \"Check\": \"Disable communication protocols that are not required\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Protocol=Shared Memory",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Protocol=TCP/IP",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "List SQL logins - instance level and in contained databases",
+          "id": "2994",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2994\",\n  \"Check\": \"List SQL logins - instance level and in contained databases\",\n  \"Details\": \"Is Disabled=False;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Disabled=False;Login=sa",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Disabled=True;Login=##MS_PolicyEventProcessingLogin##",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Disabled=True;Login=##MS_PolicyTsqlExecutionLogin##",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS network port, protocol, and services (PPS) configuration",
+          "id": "2761",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2761\",\n  \"Check\": \"DBMS network port, protocol, and services (PPS) configuration\",\n  \"Details\": \"Protocol=Shared Memory\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Protocol=Shared Memory",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Protocol=TCP/IP",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP1:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP2:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP3:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP4:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP5:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP6:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IP7:1433",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "TCP Port=IPAll:1433",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit is not set to shut down server on error",
+          "id": "2893",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2893\",\n  \"Check\": \"Audit is not set to shut down server on error\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Unused SQL Server services and software components should be removed",
+          "id": "2900",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Fact\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2900\",\n  \"Check\": \"Unused SQL Server services and software components should be removed\",\n  \"Details\": \"Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional Information=Check manually;Software Component=Microsoft SQL Server Data Tools",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Software Component=SQL Server CEIP service",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Software Component=SQL Server FullText Search",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Browser Service enabled",
+          "id": "2841",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2841\",\n  \"Check\": \"Browser Service enabled\",\n  \"Details\": \"Check \\\"Browser Service enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Check \"Browser Service enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": [
+                "DB Protect Failed Check"
+              ]
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS services dedicated custom account",
+          "id": "2768",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2768\",\n  \"Check\": \"DBMS services dedicated custom account\",\n  \"Details\": \"Check \\\"DBMS services dedicated custom account\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Check \"DBMS services dedicated custom account\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": [
+                "DB Protect Failed Check"
+              ]
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Server is synchronized with an official time server",
+          "id": "2946",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2946\",\n  \"Check\": \"Server is synchronized with an official time server\",\n  \"Details\": \"Check \\\"Server is synchronized with an official time server\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Check \"Server is synchronized with an official time server\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": [
+                "DB Protect Failed Check"
+              ]
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Instant File Initialization is enabled",
+          "id": "2987",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2987\",\n  \"Check\": \"Instant File Initialization is enabled\",\n  \"Details\": \"Check \\\"Instant File Initialization is enabled\\\" execution failed since we are unable to get the required data: \\nUser credentials cannot be used for local connections\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Check \"Instant File Initialization is enabled\" execution failed since we are unable to get the required data: \nUser credentials cannot be used for local connections",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": [
+                "DB Protect Failed Check"
+              ]
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Members of local Administrators group",
+          "id": "2990",
+          "desc": "Task : Audit; Check Category : Operating System Issues",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Failed\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2990\",\n  \"Check\": \"Members of local Administrators group\",\n  \"Details\": \"Check \\\"Members of local Administrators group\\\" execution failed: User credentials cannot be used for local connections .\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Check \"Members of local Administrators group\" execution failed: User credentials cannot be used for local connections .",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": [
+                "DB Protect Failed Check"
+              ]
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Protection of DBMS asymmetric encryption keys",
+          "id": "2801",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "System Table Permissions",
+          "id": "2830",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=DbPAnalytics;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpdatawarehouse;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=dbpstaging;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS audit record access",
+          "id": "2790",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpdatawarehouse_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpstaging_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on Data Root directory",
+          "id": "2919",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\DbPAnalytics.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpdatawarehouse.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dbpstaging.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permission on registry extended proc",
+          "id": "2555",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS software library permissions",
+          "id": "2771",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Default 'sa' account not present",
+          "id": "2814",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Account Name=sa",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS backup files access",
+          "id": "2865",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_15_031503_1017047.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_16_031502_7459310.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_17_031505_6520841.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\DbPAnalytics_backup_2021_02_18_031503_7109667.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_16_031502_7303082.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_17_031505_6208319.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpdatawarehouse_backup_2021_02_18_031503_6953315.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_16_031502_7459310.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_17_031505_6364592.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dbpstaging_backup_2021_02_18_031503_6953315.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CONTROL SERVER permission granted",
+          "id": "2877",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=EISO\\\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=EISO\\a_dbrown;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=EISO\\a_jrose;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=EISO\\a_srobbins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=EISO\\a_trothschild;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=EISO\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=EISO\\SVC-DBProtect;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Non-DBA accounts with DDL privileges",
+          "id": "2920",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Standard SQL Server authentication allowed",
+          "id": "2540",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=Standard Login allowed.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Encryption of DBMS sensitive data in transit",
+          "id": "2759",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "ForceEncryption=False",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "The NT AUTHORITY\\SYSTEM account is used for administration",
+          "id": "2985",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS privileged role assignments",
+          "id": "2819",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=EISO\\\\a_dbrown\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=EISO\\a_dbrown",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=EISO\\a_jrose",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=EISO\\a_srobbins",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=EISO\\a_trothschild",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=EISO\\SQLAdmins",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=EISO\\SVC-DBProtect",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=NT Service\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=NT SERVICE\\SQLWriter",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Username=NT SERVICE\\Winmgmt",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Dedicated data file directories",
+          "id": "2770",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[DbPAnalytics];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpdatawarehouse];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dbpstaging];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[DbPAnalytics];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpdatawarehouse];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dbpstaging];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[DbPAnalytics];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpdatawarehouse];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[DbPAnalytics];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dbpstaging];Database 1=[dbpdatawarehouse];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Remote access allowed",
+          "id": "2545",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Value in use=1;Name=remote access;Value=1",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Auditing of successful logins",
+          "id": "2569",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Auditing of failed logins",
+          "id": "2570",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=Audit of failed logins is not performed by AUDIT",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "'sa' account has not been disabled",
+          "id": "2745",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Status=Enabled;Login=sa",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database job/batch queue reviewing",
+          "id": "2780",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "SQL Server job history record=DBBackups.FullBackup",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "SQL Server job history record=syspolicy_purge_history",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS privileged action audit",
+          "id": "2826",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Value in use=1;Name=default trace enabled;Value=1",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CHECK_EXPIRATION option",
+          "id": "2880",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database not encrypted",
+          "id": "2897",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Is Encrypted=false;Database=AppDetective",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Is Encrypted=false;Database=DbPAnalytics",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Is Encrypted=false;Database=dbpdatawarehouse",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Is Encrypted=false;Database=dbpstaging",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit concurrent logons",
+          "id": "2935",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit unsuccessful attempts to execute privileged activities",
+          "id": "2936",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit privileged activities",
+          "id": "2937",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Generate audit records for important events",
+          "id": "2962",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=Found no acceptable server audit specification.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Customer Feedback and Error Reporting",
+          "id": "2975",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "EnableErrorReporting=Enabled;CustomerFeedback=Enabled",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Server audit startup",
+          "id": "2992",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=There are no server audits that automatically start during system start-up",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Use of an approved TLS version",
+          "id": "2995",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on error log folder",
+          "id": "2869",
+          "desc": "Task : Audit; Check Category : Operating System Issues",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57"
+            },
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Service pack not applied on time",
+          "id": "2888",
+          "desc": "Task : Audit; Check Category : Patchable Vulnerabilities",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Finding\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "failed",
+              "code_desc": "Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permission to configure Server Audit to audit at the server level",
+          "id": "2942",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2942\",\n  \"Check\": \"Permission to configure Server Audit to audit at the server level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permission to configure Server Audit to audit at the database level",
+          "id": "2944",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2944\",\n  \"Check\": \"Permission to configure Server Audit to audit at the database level\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "SQL Server must protect against a user falsely repudiating",
+          "id": "2988",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2988\",\n  \"Check\": \"SQL Server must protect against a user falsely repudiating\",\n  \"Details\": \"Additional information=There are no server or database pricincipals mapped to remote computer accounts.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Additional information=There are no server or database pricincipals mapped to remote computer accounts.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Contained database user with password found",
+          "id": "2871",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2871\",\n  \"Check\": \"Contained database user with password found\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Logon Trigger Exists",
+          "id": "2901",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2901\",\n  \"Check\": \"Logon Trigger Exists\",\n  \"Details\": \"Additional information=No logon triggers found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Additional information=No logon triggers found.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Stored procedures and functions that utilize impersonation",
+          "id": "2984",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2984\",\n  \"Check\": \"Stored procedures and functions that utilize impersonation\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers",
+          "id": "2993",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2993\",\n  \"Check\": \"SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database TRUSTWORTHY status",
+          "id": "2805",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2805\",\n  \"Check\": \"Database TRUSTWORTHY status\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "SQL Server is not using FIPS validated cryptographic modules for cryptographic operations",
+          "id": "2934",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2934\",\n  \"Check\": \"SQL Server is not using FIPS validated cryptographic modules for cryptographic operations\",\n  \"Details\": \"FIPS=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "FIPS=Enabled",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS application object ownership",
+          "id": "2817",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2817\",\n  \"Check\": \"DBMS application object ownership\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "User-defined extended stored procedures",
+          "id": "2848",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2848\",\n  \"Check\": \"User-defined extended stored procedures\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit Retrieval of privileges/permissions (SQLAudit)",
+          "id": "2938",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2938\",\n  \"Check\": \"Audit Retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit unsuccessful retrieval of privileges/permissions (SQLAudit)",
+          "id": "2939",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2939\",\n  \"Check\": \"Audit unsuccessful retrieval of privileges/permissions (SQLAudit)\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Disable Filestream feature",
+          "id": "2945",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2945\",\n  \"Check\": \"Disable Filestream feature\",\n  \"Details\": \"Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0 (Disables Filestream support for this instance.);Name=filestream access level;Value in use=0 (Disables Filestream support for this instance.)",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Temporal tables",
+          "id": "2989",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2989\",\n  \"Check\": \"Temporal tables\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Hide Instance option",
+          "id": "2883",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2883\",\n  \"Check\": \"Hide Instance option\",\n  \"Details\": \"Hide instance=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Hide instance=1",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "xp_cmdshell not removed/not disabled",
+          "id": "2553",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2553\",\n  \"Check\": \"xp_cmdshell not removed/not disabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Sample database not removed",
+          "id": "2622",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2622\",\n  \"Check\": \"Sample database not removed\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS dedicated software directory and partition",
+          "id": "2766",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2766\",\n  \"Check\": \"DBMS dedicated software directory and partition\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database Master Key: is_master_key_encrypted_by_server",
+          "id": "2782",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2782\",\n  \"Check\": \"Database Master Key: is_master_key_encrypted_by_server\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Symmetric Keys: allowed encryption algorithms",
+          "id": "2788",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2788\",\n  \"Check\": \"Symmetric Keys: allowed encryption algorithms\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CLR objects allowed",
+          "id": "2792",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2792\",\n  \"Check\": \"CLR objects allowed\",\n  \"Details\": \"Value in use=0;Name=clr enabled;Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value in use=0;Name=clr enabled;Value=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Named Pipes network protocol is enabled",
+          "id": "2807",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2807\",\n  \"Check\": \"Named Pipes network protocol is enabled\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "OLE automation procedures configuration",
+          "id": "2882",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2882\",\n  \"Check\": \"OLE automation procedures configuration\",\n  \"Details\": \"Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Run Value=0;Parameter Name=Ole Automation Procedures;Configuration Value=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CLR assembly permission set is not equal to SAFE",
+          "id": "2947",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2947\",\n  \"Check\": \"CLR assembly permission set is not equal to SAFE\",\n  \"Details\": \"Additional information=CLR support is not enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Additional information=CLR support is not enabled",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Hadoop Connectivity feature must be disabled",
+          "id": "2977",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2977\",\n  \"Check\": \"Hadoop Connectivity feature must be disabled\",\n  \"Details\": \"Value=0;Name=hadoop connectivity;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0;Name=hadoop connectivity;Value in use=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Replication XPs feature must be disabled",
+          "id": "2978",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2978\",\n  \"Check\": \"Replication XPs feature must be disabled\",\n  \"Details\": \"Value=0;Name=Replication XPs;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0;Name=Replication XPs;Value in use=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "User Options feature must be disabled",
+          "id": "2979",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2979\",\n  \"Check\": \"User Options feature must be disabled\",\n  \"Details\": \"Value=0;Name=user options;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0;Name=user options;Value in use=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "External Scripts Enabled feature must be disabled",
+          "id": "2980",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2980\",\n  \"Check\": \"External Scripts Enabled feature must be disabled\",\n  \"Details\": \"Value=0;Name=external scripts enabled;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0;Name=external scripts enabled;Value in use=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Allow Polybase Export feature must be disabled",
+          "id": "2981",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2981\",\n  \"Check\": \"Allow Polybase Export feature must be disabled\",\n  \"Details\": \"Value=0;Name=allow polybase export;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0;Name=allow polybase export;Value in use=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Remote Data Archive feature must be disabled",
+          "id": "2982",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2982\",\n  \"Check\": \"Remote Data Archive feature must be disabled\",\n  \"Details\": \"Value=0;Name=remote data archive;Value in use=0\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Value=0;Name=remote data archive;Value in use=0",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Access to linked servers",
+          "id": "2983",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2983\",\n  \"Check\": \"Access to linked servers\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on files",
+          "id": "2662",
+          "desc": "Task : Audit; Check Category : Operating System Issues",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2662\",\n  \"Check\": \"Permissions on files\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Use of credentials and proxies",
+          "id": "2991",
+          "desc": "Task : Audit; Check Category : Other",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Other\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2991\",\n  \"Check\": \"Use of credentials and proxies\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS Password Complexity",
+          "id": "2778",
+          "desc": "Task : Audit; Check Category : Weak Passwords",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2778\",\n  \"Check\": \"DBMS Password Complexity\",\n  \"Details\": \"Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "Additional information=The operating system version is older than Windows Server 2003 - password policies cannot be enforced.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database Master Key: encryption password",
+          "id": "2786",
+          "desc": "Task : Audit; Check Category : Weak Passwords",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Not A Finding\",\n  \"Check Category\": \"Weak Passwords\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2786\",\n  \"Check\": \"Database Master Key: encryption password\",\n  \"Details\": \"None\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "passed",
+              "code_desc": "None",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Common criteria compliance disabled",
+          "id": "2800",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2800\",\n  \"Check\": \"Common criteria compliance disabled\",\n  \"Details\": \"Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Check is not applicable to this server version. Does not apply to Microsoft SQL Server Standard Edition (64-bit).",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "SQL Server Service Broker endpoint encryption",
+          "id": "2973",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2973\",\n  \"Check\": \"SQL Server Service Broker endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Service Broker endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Check is not applicable to this server version. There are no Service Broker endpoints configured.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "SQL Server Mirroring endpoint encryption",
+          "id": "2974",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2974\",\n  \"Check\": \"SQL Server Mirroring endpoint encryption\",\n  \"Details\": \"Check is not applicable to this server version. There are no Mirroring endpoints configured.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Check is not applicable to this server version. There are no Mirroring endpoints configured.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "SQL Server Usage and Error Reporting Auditing",
+          "id": "2976",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"TEST ORGANIZATION (Local DBP server)\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"CONDS181\",\n  \"IP Address, Port, Instance\": \"10.0.10.204, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Heimdal Test scan report generation\",\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Result Status\": \"Skipped\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2976\",\n  \"Check\": \"SQL Server Usage and Error Reporting Auditing\",\n  \"Details\": \"Microsoft Analysis Services (OLAP) has not been found.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Microsoft Analysis Services (OLAP) has not been found.",
+              "start_time": "Feb 18 2021 15:57"
+            }
+          ]
+        }
+      ],
+      "sha256": "4e8cd51a220ef764426414641d4d386758aca62dceb554d0d1da1f437d4af25c"
+    }
+  ],
+  "passthrough": {}
+}
\ No newline at end of file
diff --git a/test/sample_data/dbprotect/dbprotect-findings-hdf-withraw.json b/test/sample_data/dbprotect/dbprotect-findings-hdf-withraw.json
index 154c96394..d0558a31c 100644
--- a/test/sample_data/dbprotect/dbprotect-findings-hdf-withraw.json
+++ b/test/sample_data/dbprotect/dbprotect-findings-hdf-withraw.json
@@ -1 +1,101554 @@
-{"platform":{"name":"Heimdall Tools","release":"2.6.50"},"version":"2.6.50","statistics":{},"profiles":[{"name":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","title":"Sample scan report generation","summary":"Organization : Sample Organization Server\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 192.168.1.200, 1433, MSSQLSERVER ","supports":[],"attributes":[],"groups":[],"status":"loaded","controls":[{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Protection of DBMS asymmetric encryption keys","id":"2801","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"System Table Permissions","id":"2830","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS audit record access","id":"2790","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dw_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dw_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\stg_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\stg_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on Data Root directory","id":"2919","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission on registry extended proc","id":"2555","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS software library permissions","id":"2771","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Default 'sa' account not present","id":"2814","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=sa","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS backup files access","id":"2865","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_15_031503_1017047.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_17_031505_6520841.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_18_031503_7109667.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_16_031502_7303082.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_17_031505_6364592.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CONTROL SERVER permission granted","id":"2877","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=ORG\\\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user2;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user3;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user4;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\svc1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Non-DBA accounts with DDL privileges","id":"2920","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Standard SQL Server authentication allowed","id":"2540","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Standard Login allowed.","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Encryption of DBMS sensitive data in transit","id":"2759","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"ForceEncryption=False","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"The NT AUTHORITY\\SYSTEM account is used for administration","id":"2985","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged role assignments","id":"2819","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=ORG\\\\user1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user1","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user2","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user3","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user4","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\SQLAdmins","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\svc1","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT Service\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT SERVICE\\SQLWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT SERVICE\\Winmgmt","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Dedicated data file directories","id":"2770","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Remote access allowed","id":"2545","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Value in use=1;Name=remote access;Value=1","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of successful logins","id":"2569","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of failed logins","id":"2570","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Audit of failed logins is not performed by AUDIT","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"'sa' account has not been disabled","id":"2745","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Enabled;Login=sa","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database job/batch queue reviewing","id":"2780","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"SQL Server job history record=DBBackups.FullBackup","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"SQL Server job history record=syspolicy_purge_history","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged action audit","id":"2826","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Value in use=1;Name=default trace enabled;Value=1","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CHECK_EXPIRATION option","id":"2880","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database not encrypted","id":"2897","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=AppDetective","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=da","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=dw","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=stg","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit concurrent logons","id":"2935","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit unsuccessful attempts to execute privileged activities","id":"2936","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit privileged activities","id":"2937","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Generate audit records for important events","id":"2962","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Found no acceptable server audit specification.","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Customer Feedback and Error Reporting","id":"2975","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"EnableErrorReporting=Enabled;CustomerFeedback=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Server audit startup","id":"2992","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=There are no server audits that automatically start during system start-up","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Use of an approved TLS version","id":"2995","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on error log folder","id":"2869","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Service pack not applied on time","id":"2888","desc":"Task : Audit; Check Category : Patchable Vulnerabilities","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2","start_time":"Feb 18 2021 15:57","backtrace":[]}]}],"sha256":"815246a7648d6c2874d50dd8100d8689fbb18094dee50d82fcb94465ce4db422"}],"passthrough":{"raw":{"data":[{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2801","Check":"Protection of DBMS asymmetric encryption keys","Details":"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2801","Check":"Protection of DBMS asymmetric encryption keys","Details":"Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Informational","Check ID":"2830","Check":"System Table Permissions","Details":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dw_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\dw_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\stg_log.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\logs\\stg_log.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2790","Check":"DBMS audit record access","Details":"Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Low","Check ID":"2919","Check":"Permissions on Data Root directory","Details":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2555","Check":"Permission on registry extended proc","Details":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2555","Check":"Permission on registry extended proc","Details":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2771","Check":"DBMS software library permissions","Details":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2814","Check":"Default 'sa' account not present","Details":"Account Name=sa","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_15_031503_1017047.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_16_031502_7459310.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_17_031505_6520841.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_18_031503_7109667.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_16_031502_7303082.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_17_031505_6208319.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_18_031503_6953315.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_16_031502_7459310.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_17_031505_6364592.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_18_031503_6953315.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2865","Check":"DBMS backup files access","Details":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=ORG\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=ORG\\user2;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=ORG\\user3;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=ORG\\user4;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=ORG\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=ORG\\svc1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2877","Check":"CONTROL SERVER permission granted","Details":"Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Improper Access Controls","Risk DV":"Medium","Check ID":"2920","Check":"Non-DBA accounts with DDL privileges","Details":"Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2540","Check":"Standard SQL Server authentication allowed","Details":"Additional information=Standard Login allowed.","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2759","Check":"Encryption of DBMS sensitive data in transit","Details":"ForceEncryption=False","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2985","Check":"The NT AUTHORITY\\SYSTEM account is used for administration","Details":"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2985","Check":"The NT AUTHORITY\\SYSTEM account is used for administration","Details":"Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"High","Check ID":"2985","Check":"The NT AUTHORITY\\SYSTEM account is used for administration","Details":"Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=ORG\\user1","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=ORG\\user2","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=ORG\\user3","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=ORG\\user4","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=ORG\\SQLAdmins","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=ORG\\svc1","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT Service\\MSSQLSERVER","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT SERVICE\\SQLSERVERAGENT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT SERVICE\\SQLWriter","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Informational","Check ID":"2819","Check":"DBMS privileged role assignments","Details":"Username=NT SERVICE\\Winmgmt","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[da];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dw];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[stg];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\LOGS","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Low","Check ID":"2770","Check":"Dedicated data file directories","Details":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2545","Check":"Remote access allowed","Details":"Value in use=1;Name=remote access;Value=1","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2569","Check":"Auditing of successful logins","Details":"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2570","Check":"Auditing of failed logins","Details":"Additional information=Audit of failed logins is not performed by AUDIT","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2745","Check":"'sa' account has not been disabled","Details":"Status=Enabled;Login=sa","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2780","Check":"Database job/batch queue reviewing","Details":"SQL Server job history record=DBBackups.FullBackup","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2780","Check":"Database job/batch queue reviewing","Details":"SQL Server job history record=syspolicy_purge_history","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2826","Check":"DBMS privileged action audit","Details":"Value in use=1;Name=default trace enabled;Value=1","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2880","Check":"CHECK_EXPIRATION option","Details":"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2880","Check":"CHECK_EXPIRATION option","Details":"Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2880","Check":"CHECK_EXPIRATION option","Details":"Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=AppDetective","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=da","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=dw","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2897","Check":"Database not encrypted","Details":"Is Encrypted=false;Database=stg","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2935","Check":"Audit concurrent logons","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2936","Check":"Audit unsuccessful attempts to execute privileged activities","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2937","Check":"Audit privileged activities","Details":"Additional information=No AUDIT was found","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2962","Check":"Generate audit records for important events","Details":"Additional information=Found no acceptable server audit specification.","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2975","Check":"Customer Feedback and Error Reporting","Details":"EnableErrorReporting=Enabled;CustomerFeedback=Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2992","Check":"Server audit startup","Details":"Additional information=There are no server audits that automatically start during system start-up","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Misconfigurations","Risk DV":"Medium","Check ID":"2995","Check":"Use of an approved TLS version","Details":"Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Operating System Issues","Risk DV":"Medium","Check ID":"2869","Check":"Permissions on error log folder","Details":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write","Date":"Feb 18 2021 15:57"},{"Organization":"Sample Organization Server","Task":"Audit","Asset Type":"Microsoft SQL Server","Asset":"HOST1","IP Address, Port, Instance":"192.168.1.200, 1433, MSSQLSERVER","Job Name":"Sample scan report generation","Start Date":"2021-02-18 15:55","End Date":{"nil":"true"},"Policy":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","Check Category":"Patchable Vulnerabilities","Risk DV":"High","Check ID":"2888","Check":"Service pack not applied on time","Details":"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2","Date":"Feb 18 2021 15:57"}]}}}
\ No newline at end of file
+{
+  "platform": {
+    "name": "Heimdall Tools",
+    "release": "2.6.50"
+  },
+  "version": "2.6.50",
+  "statistics": {},
+  "profiles": [
+    {
+      "name": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+      "title": "Sample scan report generation",
+      "summary": "Organization : Sample Organization Server\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 192.168.1.200, 1433, MSSQLSERVER ",
+      "supports": [],
+      "attributes": [],
+      "groups": [],
+      "status": "loaded",
+      "controls": [
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Protection of DBMS asymmetric encryption keys",
+          "id": "2801",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "System Table Permissions",
+          "id": "2830",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS audit record access",
+          "id": "2790",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dw_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dw_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\stg_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\stg_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on Data Root directory",
+          "id": "2919",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permission on registry extended proc",
+          "id": "2555",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS software library permissions",
+          "id": "2771",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Default 'sa' account not present",
+          "id": "2814",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=sa",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS backup files access",
+          "id": "2865",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_15_031503_1017047.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_16_031502_7459310.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_17_031505_6520841.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_18_031503_7109667.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_16_031502_7303082.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_17_031505_6208319.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_18_031503_6953315.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_16_031502_7459310.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_17_031505_6364592.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_18_031503_6953315.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CONTROL SERVER permission granted",
+          "id": "2877",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=ORG\\\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user2;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user3;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user4;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\svc1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Non-DBA accounts with DDL privileges",
+          "id": "2920",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Standard SQL Server authentication allowed",
+          "id": "2540",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Standard Login allowed.",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Encryption of DBMS sensitive data in transit",
+          "id": "2759",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "ForceEncryption=False",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "The NT AUTHORITY\\SYSTEM account is used for administration",
+          "id": "2985",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS privileged role assignments",
+          "id": "2819",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=ORG\\\\user1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user2",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user3",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user4",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\SQLAdmins",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\svc1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT Service\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT SERVICE\\SQLWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT SERVICE\\Winmgmt",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Dedicated data file directories",
+          "id": "2770",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Remote access allowed",
+          "id": "2545",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Value in use=1;Name=remote access;Value=1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Auditing of successful logins",
+          "id": "2569",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Auditing of failed logins",
+          "id": "2570",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Audit of failed logins is not performed by AUDIT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "'sa' account has not been disabled",
+          "id": "2745",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Enabled;Login=sa",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database job/batch queue reviewing",
+          "id": "2780",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "SQL Server job history record=DBBackups.FullBackup",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "SQL Server job history record=syspolicy_purge_history",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS privileged action audit",
+          "id": "2826",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Value in use=1;Name=default trace enabled;Value=1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CHECK_EXPIRATION option",
+          "id": "2880",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database not encrypted",
+          "id": "2897",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=AppDetective",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=da",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=dw",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=stg",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit concurrent logons",
+          "id": "2935",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit unsuccessful attempts to execute privileged activities",
+          "id": "2936",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit privileged activities",
+          "id": "2937",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Generate audit records for important events",
+          "id": "2962",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Found no acceptable server audit specification.",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Customer Feedback and Error Reporting",
+          "id": "2975",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "EnableErrorReporting=Enabled;CustomerFeedback=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Server audit startup",
+          "id": "2992",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=There are no server audits that automatically start during system start-up",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Use of an approved TLS version",
+          "id": "2995",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on error log folder",
+          "id": "2869",
+          "desc": "Task : Audit; Check Category : Operating System Issues",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Service pack not applied on time",
+          "id": "2888",
+          "desc": "Task : Audit; Check Category : Patchable Vulnerabilities",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        }
+      ],
+      "sha256": "815246a7648d6c2874d50dd8100d8689fbb18094dee50d82fcb94465ce4db422"
+    }
+  ],
+  "passthrough": {
+    "raw": {
+      "data": [
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2801",
+          "Check": "Protection of DBMS asymmetric encryption keys",
+          "Details": "Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2801",
+          "Check": "Protection of DBMS asymmetric encryption keys",
+          "Details": "Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Informational",
+          "Check ID": "2830",
+          "Check": "System Table Permissions",
+          "Details": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\dw_log.ldf;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\dw_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\stg_log.ldf;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\logs\\stg_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2790",
+          "Check": "DBMS audit record access",
+          "Details": "Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Low",
+          "Check ID": "2919",
+          "Check": "Permissions on Data Root directory",
+          "Details": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2555",
+          "Check": "Permission on registry extended proc",
+          "Details": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2555",
+          "Check": "Permission on registry extended proc",
+          "Details": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2771",
+          "Check": "DBMS software library permissions",
+          "Details": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2814",
+          "Check": "Default 'sa' account not present",
+          "Details": "Account Name=sa",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_15_031503_1017047.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_16_031502_7459310.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_17_031505_6520841.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_18_031503_7109667.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_16_031502_7303082.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_17_031505_6208319.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_18_031503_6953315.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_16_031502_7459310.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_17_031505_6364592.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_18_031503_6953315.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2865",
+          "Check": "DBMS backup files access",
+          "Details": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=ORG\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=ORG\\user2;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=ORG\\user3;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=ORG\\user4;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=ORG\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=ORG\\svc1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2877",
+          "Check": "CONTROL SERVER permission granted",
+          "Details": "Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Improper Access Controls",
+          "Risk DV": "Medium",
+          "Check ID": "2920",
+          "Check": "Non-DBA accounts with DDL privileges",
+          "Details": "Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "High",
+          "Check ID": "2540",
+          "Check": "Standard SQL Server authentication allowed",
+          "Details": "Additional information=Standard Login allowed.",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "High",
+          "Check ID": "2759",
+          "Check": "Encryption of DBMS sensitive data in transit",
+          "Details": "ForceEncryption=False",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "High",
+          "Check ID": "2985",
+          "Check": "The NT AUTHORITY\\SYSTEM account is used for administration",
+          "Details": "Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "High",
+          "Check ID": "2985",
+          "Check": "The NT AUTHORITY\\SYSTEM account is used for administration",
+          "Details": "Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "High",
+          "Check ID": "2985",
+          "Check": "The NT AUTHORITY\\SYSTEM account is used for administration",
+          "Details": "Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=ORG\\user1",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=ORG\\user2",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=ORG\\user3",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=ORG\\user4",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=ORG\\SQLAdmins",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=ORG\\svc1",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=NT Service\\MSSQLSERVER",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=NT SERVICE\\SQLSERVERAGENT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=NT SERVICE\\SQLWriter",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Informational",
+          "Check ID": "2819",
+          "Check": "DBMS privileged role assignments",
+          "Details": "Username=NT SERVICE\\Winmgmt",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[da];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dw];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[stg];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\LOGS",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Low",
+          "Check ID": "2770",
+          "Check": "Dedicated data file directories",
+          "Details": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2545",
+          "Check": "Remote access allowed",
+          "Details": "Value in use=1;Name=remote access;Value=1",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2569",
+          "Check": "Auditing of successful logins",
+          "Details": "Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2570",
+          "Check": "Auditing of failed logins",
+          "Details": "Additional information=Audit of failed logins is not performed by AUDIT",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2745",
+          "Check": "'sa' account has not been disabled",
+          "Details": "Status=Enabled;Login=sa",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2780",
+          "Check": "Database job/batch queue reviewing",
+          "Details": "SQL Server job history record=DBBackups.FullBackup",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2780",
+          "Check": "Database job/batch queue reviewing",
+          "Details": "SQL Server job history record=syspolicy_purge_history",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2826",
+          "Check": "DBMS privileged action audit",
+          "Details": "Value in use=1;Name=default trace enabled;Value=1",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2880",
+          "Check": "CHECK_EXPIRATION option",
+          "Details": "Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2880",
+          "Check": "CHECK_EXPIRATION option",
+          "Details": "Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2880",
+          "Check": "CHECK_EXPIRATION option",
+          "Details": "Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2897",
+          "Check": "Database not encrypted",
+          "Details": "Is Encrypted=false;Database=AppDetective",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2897",
+          "Check": "Database not encrypted",
+          "Details": "Is Encrypted=false;Database=da",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2897",
+          "Check": "Database not encrypted",
+          "Details": "Is Encrypted=false;Database=dw",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2897",
+          "Check": "Database not encrypted",
+          "Details": "Is Encrypted=false;Database=stg",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2935",
+          "Check": "Audit concurrent logons",
+          "Details": "Additional information=No AUDIT was found",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2936",
+          "Check": "Audit unsuccessful attempts to execute privileged activities",
+          "Details": "Additional information=No AUDIT was found",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2937",
+          "Check": "Audit privileged activities",
+          "Details": "Additional information=No AUDIT was found",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2962",
+          "Check": "Generate audit records for important events",
+          "Details": "Additional information=Found no acceptable server audit specification.",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2975",
+          "Check": "Customer Feedback and Error Reporting",
+          "Details": "EnableErrorReporting=Enabled;CustomerFeedback=Enabled",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2992",
+          "Check": "Server audit startup",
+          "Details": "Additional information=There are no server audits that automatically start during system start-up",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Misconfigurations",
+          "Risk DV": "Medium",
+          "Check ID": "2995",
+          "Check": "Use of an approved TLS version",
+          "Details": "Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Operating System Issues",
+          "Risk DV": "Medium",
+          "Check ID": "2869",
+          "Check": "Permissions on error log folder",
+          "Details": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write",
+          "Date": "Feb 18 2021 15:57"
+        },
+        {
+          "Organization": "Sample Organization Server",
+          "Task": "Audit",
+          "Asset Type": "Microsoft SQL Server",
+          "Asset": "HOST1",
+          "IP Address, Port, Instance": "192.168.1.200, 1433, MSSQLSERVER",
+          "Job Name": "Sample scan report generation",
+          "Start Date": "2021-02-18 15:55",
+          "End Date": {
+            "nil": "true"
+          },
+          "Policy": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+          "Check Category": "Patchable Vulnerabilities",
+          "Risk DV": "High",
+          "Check ID": "2888",
+          "Check": "Service pack not applied on time",
+          "Details": "Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2",
+          "Date": "Feb 18 2021 15:57"
+        }
+      ]
+    }
+  }
+}
\ No newline at end of file
diff --git a/test/sample_data/dbprotect/dbprotect-findings-hdf.json b/test/sample_data/dbprotect/dbprotect-findings-hdf.json
index 08deda1bd..2191cc071 100644
--- a/test/sample_data/dbprotect/dbprotect-findings-hdf.json
+++ b/test/sample_data/dbprotect/dbprotect-findings-hdf.json
@@ -1 +1,27848 @@
-{"platform":{"name":"Heimdall Tools","release":"2.6.50"},"version":"2.6.50","statistics":{},"profiles":[{"name":"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)","title":"Sample scan report generation","summary":"Organization : Sample Organization Server\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 192.168.1.200, 1433, MSSQLSERVER ","supports":[],"attributes":[],"groups":[],"status":"loaded","controls":[{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Protection of DBMS asymmetric encryption keys","id":"2801","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"System Table Permissions","id":"2830","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS audit record access","id":"2790","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dw_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\dw_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\stg_log.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\logs\\stg_log.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on Data Root directory","id":"2919","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.3,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permission on registry extended proc","id":"2555","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS software library permissions","id":"2771","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Default 'sa' account not present","id":"2814","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Account Name=sa","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS backup files access","id":"2865","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_15_031503_1017047.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_17_031505_6520841.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_18_031503_7109667.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_16_031502_7303082.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_17_031505_6208319.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_16_031502_7459310.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_17_031505_6364592.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_18_031503_6953315.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CONTROL SERVER permission granted","id":"2877","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=ORG\\\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user2;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user3;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\user4;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=ORG\\svc1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Non-DBA accounts with DDL privileges","id":"2920","desc":"Task : Audit; Check Category : Improper Access Controls","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Standard SQL Server authentication allowed","id":"2540","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Standard Login allowed.","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Encryption of DBMS sensitive data in transit","id":"2759","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"ForceEncryption=False","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"The NT AUTHORITY\\SYSTEM account is used for administration","id":"2985","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged role assignments","id":"2819","desc":"Task : Audit; Check Category : Misconfigurations","impact":0,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=ORG\\\\user1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user1","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user2","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user3","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\user4","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\SQLAdmins","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=ORG\\svc1","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT Service\\MSSQLSERVER","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT SERVICE\\SQLSERVERAGENT","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT SERVICE\\SQLWriter","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Username=NT SERVICE\\Winmgmt","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Dedicated data file directories","id":"2770","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.3,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[da];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[dw];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[stg];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[da];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dw];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[stg];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\LOGS","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Remote access allowed","id":"2545","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Value in use=1;Name=remote access;Value=1","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of successful logins","id":"2569","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Auditing of failed logins","id":"2570","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Audit of failed logins is not performed by AUDIT","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"'sa' account has not been disabled","id":"2745","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Enabled;Login=sa","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database job/batch queue reviewing","id":"2780","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"SQL Server job history record=DBBackups.FullBackup","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"SQL Server job history record=syspolicy_purge_history","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"DBMS privileged action audit","id":"2826","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Value in use=1;Name=default trace enabled;Value=1","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"CHECK_EXPIRATION option","id":"2880","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Database not encrypted","id":"2897","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=AppDetective","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=da","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=dw","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Is Encrypted=false;Database=stg","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit concurrent logons","id":"2935","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit unsuccessful attempts to execute privileged activities","id":"2936","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Audit privileged activities","id":"2937","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=No AUDIT was found","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Generate audit records for important events","id":"2962","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=Found no acceptable server audit specification.","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Customer Feedback and Error Reporting","id":"2975","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"EnableErrorReporting=Enabled;CustomerFeedback=Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Server audit startup","id":"2992","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=There are no server audits that automatically start during system start-up","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Use of an approved TLS version","id":"2995","desc":"Task : Audit; Check Category : Misconfigurations","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Permissions on error log folder","id":"2869","desc":"Task : Audit; Check Category : Operating System Issues","impact":0.5,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute","start_time":"Feb 18 2021 15:57","backtrace":[]},{"arrayTransformer":{},"status":"skipped","code_desc":"Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write","start_time":"Feb 18 2021 15:57","backtrace":[]}]},{"tags":{"nist":["SA-11","RA-5"],"cci":["CCI-003173","CCI-001643"]},"refs":[],"source_location":{},"title":"Service pack not applied on time","id":"2888","desc":"Task : Audit; Check Category : Patchable Vulnerabilities","impact":0.7,"code":"{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}","results":[{"arrayTransformer":{},"status":"skipped","code_desc":"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2","start_time":"Feb 18 2021 15:57","backtrace":[]}]}],"sha256":"815246a7648d6c2874d50dd8100d8689fbb18094dee50d82fcb94465ce4db422"}],"passthrough":{}}
\ No newline at end of file
+{
+  "platform": {
+    "name": "Heimdall Tools",
+    "release": "2.6.50"
+  },
+  "version": "2.6.50",
+  "statistics": {},
+  "profiles": [
+    {
+      "name": "DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)",
+      "title": "Sample scan report generation",
+      "summary": "Organization : Sample Organization Server\nAsset : undefined\nAsset Type : Microsoft SQL Server\nIP Address, Port, Instance : Microsoft SQL Server\nIP Address, Port, Instance : 192.168.1.200, 1433, MSSQLSERVER ",
+      "supports": [],
+      "attributes": [],
+      "groups": [],
+      "status": "loaded",
+      "controls": [
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Protection of DBMS asymmetric encryption keys",
+          "id": "2801",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2801\",\n  \"Check\": \"Protection of DBMS asymmetric encryption keys\",\n  \"Details\": \"Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Key=MS_SQLEnableSystemAssemblyLoadingKey;Private key encryption type=NO_PRIVATE_KEY;Database containing key=master",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Owner of the key=sa;Is SYSADMIN=Yes;Key=MS_SQLEnableSystemAssemblyLoadingKey;Database containing key=master",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "System Table Permissions",
+          "id": "2830",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2830\",\n  \"Check\": \"System Table Permissions\",\n  \"Details\": \"Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=REFERENCES;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisadmin;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisltduser;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=db_ssisoperator;State=GRANT;Database=msdb;Object Name=sysssislog;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=AppDetective;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=da;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=dw;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=stg;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_databases_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listener_ip_addresses;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_group_listeners;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_groups_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_read_only_routing_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=availability_replicas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=backup_devices;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_DOMAIN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=COLUMN_PRIVILEGES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=CONSTRAINT_TABLE_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=cryptographic_providers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_filestream_options;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_mirroring_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_query_store_options;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_recovery_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_audit_class_type_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_activated_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_forwarded_messages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_broker_queue_monitors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_errors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cdc_log_scan_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_appdomains;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_loaded_assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_clr_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_column_store_object_pool;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_cryptographic_provider_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_database_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_operational_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_file_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_fts_index_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_index_usage_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_log_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_auto_page_repair;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_mirroring_past_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_group_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_missing_index_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_partition_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_persisted_sku_features;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_migration_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_rda_schema_update_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_script_level;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_session_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_task_space_usage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_uncontained_entities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_checkpoint_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_gc_cycle_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_hash_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_memory_consumers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_nonclustered_index_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_object_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_table_memory_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_db_xtp_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_background_job_queue_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_cached_plans;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_errors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_node_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_compute_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_connections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_request_steps;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_distributed_sql_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_dms_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_operations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_external_work;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_function_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_procedure_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_memory_grants;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_optimizer_memory_gateways;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_parallel_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_profiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_resource_semaphores;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_query_transformation_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_session_wait_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_trigger_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_exec_valid_use_hints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_execution_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_external_script_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_handles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_file_io_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_filestream_non_transacted_handles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_active_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_fdhosts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_index_population;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_buffers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_memory_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_outstanding_batches;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_population_ranges;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_fts_semantic_similarity_population;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_auto_page_repair;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_automatic_seeding;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_group_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_cluster_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_availability_replica_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_cluster_networks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_cluster_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_database_replica_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_instance_node_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_name_id_map;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_hadr_physical_seeding_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_backup_tapes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_shared_drives;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_cluster_valid_path_names;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_io_pending_io_requests;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_hashentries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_logpool_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_descriptors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_buffer_pool_extension_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_child_instances;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_cluster_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatcher_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_dispatchers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_hosts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_latch_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_loaded_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_allocations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_broker_clerks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_brokers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_clock_hands;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_counters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_entries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_cache_hash_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_clerks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_node_access_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_memory_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_nodes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_performance_counters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_process_memory;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_ring_buffers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_schedulers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_server_diagnostics_log_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_spinlock_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_stacks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sublatches;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_sys_memory;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_threads;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_virtual_address_dump;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_wait_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_waiting_tasks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_windows_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_worker_local_storage;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_os_workers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_qn_subscriptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_articles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_tranhash;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_repl_traninfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pool_volumes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_audit_status;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_memory_dumps;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_registry;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_server_services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tcp_listener_states;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_snapshot_database_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_active_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_commit_table;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_snapshot;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_current_transaction;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_database_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_recovery_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_enlistments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_global_transactions_log;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_locks;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_session_transactions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_top_version_generators;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_transactions_snapshot;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_tran_version_store;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_map_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_object_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_packages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_event_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_object_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_session_targets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xe_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_queue_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_gc_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_system_memory_consumers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_threads;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_recent_rows;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=dm_xtp_transaction_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAIN_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=DOMAINS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoint_webmethods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notification_event_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_document_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_languages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_language_statistics_database;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_semantic_languages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=fulltext_system_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=http_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=KEY_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=linked_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=login_token;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=master_key_passwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=messages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=openkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=REFERENTIAL_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_external_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pool_affinity;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_resource_pools;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=resource_governor_workload_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINE_COLUMNS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=ROUTINES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=SCHEMATA;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=securable_classes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_audits;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_actions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_fields;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_session_targets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_event_sessions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_file_audits;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principal_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=server_triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=servers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_broker_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=soap_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spatial_reference_systems;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_db;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_dev;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_fallback_usg;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=spt_monitor;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_logins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscacheobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscharsets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconfigures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscurconfigs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorcolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursorrefs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursors;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syscursortables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdatabases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysdevices;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslanguages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslockinfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syslogins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysmessages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysoledbusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysopentapes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysperfinfo;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprocesses;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysremotelogins;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysservers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_components_surface_area_configuration;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_CONSTRAINTS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=TABLE_PRIVILEGES;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=tcp_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_categories;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_event_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trace_subclass_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=traces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_event_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=user_token;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=via_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_COLUMN_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEW_TABLE_USAGE;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=VIEWS;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=master;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=model;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupfile;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediafamily;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupmediaset;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=backupset;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=dm_hadr_automatic_seeding_history;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=logmarkhistory;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefile;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorefilegroup;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=restorehistory;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=suspect_pages;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=msdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=all_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=allocation_units;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assemblies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_references;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=assembly_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=asymmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=certificates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=change_tracking_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=check_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_key_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_encryption_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_master_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_dictionaries;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_row_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_store_segments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=column_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=computed_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_endpoints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=conversation_priorities;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=crypt_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specification_details;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_audit_specifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_files;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_permissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_principals;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_role_members;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_configurations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=database_scoped_credentials;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=default_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=destination_data_spaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=dm_db_column_store_row_group_physical_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=event_notifications;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=extended_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_data_sources;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_file_formats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=external_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetable_system_defined_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=filetables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_key_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=foreign_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_catalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_catalog_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_index_fragments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stoplists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=fulltext_stopwords;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=function_order_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=hash_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=identity_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=index_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=internal_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_constraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=key_encryptions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=masked_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=memory_optimized_tables_internal_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=message_type_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=module_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedure_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=numbered_procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_type_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameter_xml_schema_collection_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_functions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_range_values;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partition_schemes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=partitions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=periods;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=plan_guides;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=procedures;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_context_settings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_plan;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_query_text;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=query_store_runtime_stats_interval;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_properties;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=registered_search_property_lists;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_databases;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_data_archive_tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=remote_service_bindings;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=routes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=schemas;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_policies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=security_predicates;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=selective_xml_index_paths;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sequences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_message_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contract_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_contracts;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_message_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queue_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=service_queues;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=services;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_index_tessellations;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=spatial_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_dependencies;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=stats_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=symmetric_keys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=synonyms;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscolumns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syscomments;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysconstraints;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysdepends;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfilegroups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfiles;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysforeignkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysfulltextcatalogs;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysindexkeys;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysmembers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysobjects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=syspermissions;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysprotects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysreferences;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_columns;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_objects;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_parameters;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_sql_modules;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=system_views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=systypes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=sysusers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=table_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=tables;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=time_zone_info;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=transmission_queue;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=trigger_events;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=triggers;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=type_assembly_usages;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=views;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_indexes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_attributes;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_collections;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_component_placements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_components;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_elements;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_facets;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_model_groups;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_types;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcard_namespaces;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=public;State=GRANT;Database=tempdb;Object Name=xml_schema_wildcards;Permission=SELECT;Object Type=View",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysalerts;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysnotifications;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentOperatorRole;State=GRANT;Database=msdb;Object Name=sysoperators;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=SQLAgentUserRole;State=GRANT;Database=msdb;Object Name=syscategories;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysdownloadlist;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobs;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysjobservers;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=sysproxies;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=syssubsystems;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=TargetServersRole;State=GRANT;Database=msdb;Object Name=systargetservers;Permission=UPDATE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_dac_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_aggregated_mi_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_configuration_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_file_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_dac_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_health_policies_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_managed_instances_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_database_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_file_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_mi_volume_space_health_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_check_conditions_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_policy_target_conditions_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityCMRReader;State=GRANT;Database=msdb;Object Name=sysutility_ucp_processing_state_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_configuration_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_objects_to_collect_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_properties_to_collect_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRReader;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=SELECT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_cpu_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_dac_execution_statistics_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_session_statistics_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_smo_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=DELETE;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=UtilityIMRWriter;State=GRANT;Database=msdb;Object Name=sysutility_mi_volumes_stage_internal;Permission=INSERT;Object Type=Table",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS audit record access",
+          "id": "2790",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2790\",\n  \"Check\": \"DBMS audit record access\",\n  \"Details\": \"Log path=e:\\\\mssql\\\\data\\\\mssql13.mssqlserver\\\\mssql\\\\data\\\\mastlog.ldf;Username=NT SERVICE\\\\MSSQLSERVER\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\mastlog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\modellog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\data\\mssql13.mssqlserver\\mssql\\data\\msdblog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200213031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200214031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200215031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200216031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200217031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200218031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200219031503.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200226031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200227031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200228031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200229031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200301031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200302031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200303031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200304031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200305031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200306031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200307031514.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200308031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200309031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200310031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200311031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200312031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200313031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200314031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200315031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200316031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200317031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200318031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200319031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200320031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200321031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200322031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200323031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200324031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200325031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200326031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200327031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200328031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200329031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200330031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200331031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200401031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200402031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200403031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200404031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200405031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200406031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200407031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200408031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200409031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200410031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200411031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200412031519.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200413031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200414031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200415031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200416031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200417031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200418031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200419031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200420031515.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200421031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200422031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200423031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200424031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200425031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200426031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200427031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200428031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200429031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200430031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200501031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200502031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200503031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200504031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200505031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200506031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200507031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200508031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200509031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200510031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200511031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200512031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200513031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200514031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200515031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200516031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200517031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200518031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200519031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200520031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200521031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200522031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200523031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200524031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200525031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200526031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200527031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200528031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200529031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200530031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200531031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200601031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200602031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200603031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200604031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200605031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200606031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200607031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200608031504.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200609031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200610031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200611031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200612031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200613031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200614031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200615031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200616031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200617031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200618031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200619031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200620031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200621031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200622031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200623031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200624031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200625031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200626031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200627031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200628031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200629031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200630031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200701031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200702031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200703031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200704031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200705031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200706031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200707031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200708031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200709031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200710031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200711031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200712031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200713031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200714031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200715031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200716031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200717031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200718031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200719031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200720031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200721031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200722031518.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200723031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200724031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200725031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200726031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200727031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200728031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200729031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200730031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200731031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200801031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200802031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200803031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200804031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200805031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200806031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200807031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200808031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200809031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200810031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200811031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200812031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200813031510.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200814031511.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200815031509.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200816031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200817031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200818031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200819031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200820031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200821031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200822031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200823031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200824031517.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200825031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200826031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200827031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200828031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200829031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200830031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200831031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200901031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200902031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200903031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200904031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200905031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200906031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200907031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200908031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200909031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200910031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200911031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200912031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200913031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200914031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200915031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200916031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200917031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200918031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200919031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200920031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200921031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200922031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200923031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200924031505.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200925031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200926031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200927031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200928031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200929031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20200930031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201001031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201002031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201003031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201004031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201005031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201006031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201007031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201008031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201009031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201010031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201011031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201012031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201013031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201014031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201015031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201016031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201017031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201018031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201019031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201020031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201021031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201022031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201023031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201024031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201025031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201026031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201027031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201028031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201029031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201030031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201031031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201101031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201102031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201105031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201106031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201111031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201113031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201114031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201116031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201117031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201118031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201119031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201120031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201121031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201122031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201123031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201124031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201128031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201130031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201201031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201202031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201203031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201204031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201205031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201206031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201208031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201209031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201210031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201211031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201212031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201214031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201216031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201217031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201218031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201219031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201220031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201221031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201222031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201223031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201224031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201225031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201226031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201227031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201228031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201229031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201230031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20201231031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210101031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210102031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210103031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210104031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210105031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210106031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210107031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210108031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210109031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210110031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210111031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210112031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210113031525.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210114031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210115031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210116031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210117031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210118031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210119031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210120031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210121031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210122031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210123031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210124031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210125031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210126031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210127031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210128031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210129031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210130031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210131031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210201031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210202031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210203031506.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210204031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210205031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210206031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210207031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210208031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210209031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210210031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210211031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210212031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210213031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210214031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210215031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210216031507.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210217031651.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\DBBackups_FullBackup_20210218031508.txt;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.10;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.11;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.12;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132270398004000000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132299146167170000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317183151930000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132317287140360000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132341469685950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365674971460000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132365763412820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132395921161960000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132420094812830000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444305882910000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444307199030000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444308828720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132444384446160000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132474589695820000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498775646990000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132498785058500000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132522981472630000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553197421790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553281393790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\HkEngineEventFile_0_132553296089790000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_56.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_57.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_58.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_59.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\log_60.trc;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553197451950000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553281415350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents__0_132553296115730000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.1;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.2;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.3;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.4;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.5;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.6;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.7;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.8;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.9;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\SQLAGENT.OUT;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132578269717300000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132579197377350000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132580048231600000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\system_health_0_132581047896870000.xel;Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\appdetective_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dbpanalytics_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dw_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\dw_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\stg_log.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\logs\\stg_log.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=\\OWNER RIGHTS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Log path=e:\\mssql\\temp\\templog.ldf;Username=NT SERVICE\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Object=dm_exec_sessions;Database=[master];Granted To=public;Permission=SELECT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Object=sysprotects;Database=[master];Granted To=public;Permission=SELECT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on Data Root directory",
+          "id": "2919",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2919\",\n  \"Check\": \"Permissions on Data Root directory\",\n  \"Details\": \"Account Name=\\\\OWNER RIGHTS;Directory or File name=E:\\\\MSSQL\\\\DATA\\\\AppDetective.mdf;Permission=FullControl\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=\\OWNER RIGHTS;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLFDLauncher;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\AppDetective.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\da.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\dw.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\stg.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\master.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\mastlog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\model.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\modellog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificate813142D0-14F4-4386-BD85-FAA6B4D549AC.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MS_AgentSigningCertificateC523C343-7FEE-4172-865E-53BD9EBADAC6.cer;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBData.mdf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA\\MSDBLog.ldf;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsara.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsben.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsbgr.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscat.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tschs.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscht.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tscze.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsdeu.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tseng.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsenu.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsesn.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsfra.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsglobal.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsgrk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsguj.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsheb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshin.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tshrv.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsind.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsisl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsita.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsjpn.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tskor.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslth.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tslvi.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmal.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmar.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsmsl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnld.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsnor.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tspan.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsplk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsptg.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrom.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsrus.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssky.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsslv.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrb.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssrl.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tssve.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstam.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstel.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstha.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tstrk.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsukr.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsurd.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\FTData\\tsvit.xml;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_56.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_57.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_58.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_59.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\log_60.trc;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\MSSQLSERVER;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200213031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200214031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200215031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200216031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200217031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200218031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200219031503.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200226031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200227031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200228031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200229031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200301031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200302031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200303031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200304031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200305031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200306031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200307031514.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200308031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200309031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200310031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200311031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200312031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200313031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200314031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200315031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200316031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200317031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200318031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200319031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200320031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200321031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200322031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200323031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200324031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200325031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200326031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200327031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200328031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200329031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200330031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200331031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200401031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200402031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200403031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200404031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200405031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200406031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200407031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200408031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200409031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200410031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200411031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200412031519.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200413031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200414031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200415031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200416031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200417031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200418031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200419031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200420031515.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200421031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200422031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200423031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200424031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200425031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200426031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200427031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200428031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200429031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200430031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200501031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200502031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200503031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200504031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200505031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200506031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200507031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200508031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200509031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200510031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200511031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200512031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200513031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200514031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200515031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200516031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200517031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200518031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200519031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200520031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200521031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200522031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200523031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200524031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200525031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200526031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200527031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200528031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200529031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200530031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200531031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200601031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200602031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200603031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200604031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200605031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200606031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200607031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200608031504.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200609031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200610031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200611031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200612031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200613031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200614031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200615031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200616031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200617031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200618031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200619031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200620031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200621031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200622031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200623031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200624031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200625031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200626031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200627031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200628031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200629031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200630031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200701031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200702031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200703031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200704031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200705031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200706031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200707031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200708031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200709031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200710031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200711031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200712031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200713031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200714031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200715031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200716031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200717031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200718031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200719031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200720031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200721031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200722031518.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200723031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200724031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200725031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200726031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200727031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200728031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200729031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200730031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200731031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200801031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200802031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200803031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200804031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200805031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200806031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200807031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200808031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200809031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200810031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200811031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200812031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200813031510.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200814031511.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200815031509.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200816031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200817031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200818031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200819031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200820031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200821031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200822031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200823031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200824031517.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200825031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200826031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200827031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200828031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200829031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200830031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200831031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200901031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200902031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200903031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200904031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200905031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200906031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200907031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200908031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200909031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200910031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200911031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200912031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200913031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200914031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200915031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200916031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200917031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200918031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200919031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200920031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200921031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200922031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200923031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200924031505.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200925031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200926031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200927031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200928031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200929031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20200930031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201001031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201002031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201003031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201004031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201005031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201006031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201007031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201008031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201009031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201010031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201011031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201012031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201013031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201014031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201015031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201016031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201017031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201018031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201019031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201020031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201021031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201022031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201023031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201024031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201025031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201026031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201027031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201028031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201029031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201030031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201031031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201101031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201102031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201105031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201106031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201111031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201113031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201114031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201116031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201117031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201118031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201119031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201120031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201121031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201122031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201123031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201124031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201128031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201130031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201201031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201202031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201203031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201204031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201205031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201206031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201208031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201209031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201210031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201211031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201212031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201214031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201216031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201217031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201218031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201219031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201220031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201221031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201222031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201223031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201224031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201225031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201226031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201227031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201228031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201229031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201230031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20201231031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210101031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210102031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210103031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210104031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210105031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210106031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210107031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210108031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210109031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210110031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210111031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210112031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210113031525.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210114031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210115031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210116031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210117031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210118031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210119031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210120031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210121031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210122031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210123031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210124031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210125031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210126031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210127031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210128031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210129031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210130031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210131031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210201031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210202031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210203031506.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210204031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210205031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210206031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210207031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210208031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210209031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210210031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210211031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210212031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210213031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210214031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210215031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210216031507.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210217031651.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\DBBackups_FullBackup_20210218031508.txt;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.10;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.11;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.12;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132270398004000000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132299146167170000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317183151930000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132317287140360000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132341469685950000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365674971460000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132365763412820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132395921161960000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132420094812830000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444305882910000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444307199030000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444308828720000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132444384446160000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132474589695820000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498775646990000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132498785058500000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132522981472630000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553197421790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553281393790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\HkEngineEventFile_0_132553296089790000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553197451950000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553281415350000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents__0_132553296115730000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553197528510000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553281424720000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\ManagedBackupEvents_Backup_0_132553296134010000.xel;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.1;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.2;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.3;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.4;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.5;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.6;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.7;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.8;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.9;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\SQLAGENT.OUT;Permission=FullControl",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132578269717300000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132579197377350000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132580048231600000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=NT SERVICE\\SQLSERVERAGENT;Directory or File name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\Log\\system_health_0_132581047896870000.xel;Permission=DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permission on registry extended proc",
+          "id": "2555",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2555\",\n  \"Check\": \"Permission on registry extended proc\",\n  \"Details\": \"Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_instance_regread;Granted By=dbo",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=public;Database=master;Type=DATABASE_ROLE;Extended Stored Procedure=xp_regread;Granted By=dbo",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS software library permissions",
+          "id": "2771",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2771\",\n  \"Check\": \"DBMS software library permissions\",\n  \"Details\": \"File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\\\Program Files\\\\Microsoft SQL Server\\\\130\\\\shared\\\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\\\Users\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=CreateFiles, AppendData, Read, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared\\Errordumps;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\KeyFile;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\Setup Bootstrap;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\80\\tools;Access Control Type=Allow;Username=APPLICATION PACKAGE AUTHORITY\\ALL RESTRICTED APPLICATION PACKAGES",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\dts\\binn;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\sdk;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-32-545;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\MSSQL13.MSSQLSERVER\\MSSQL\\Install;Access Control Type=Allow;Username=BUILTIN\\Users",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\com;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "File Permissions Found=ReadAndExecute, Synchronize;User SID=S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582;Directory or File name=C:\\Program Files\\Microsoft SQL Server\\130\\shared;Access Control Type=Allow;Username=NT SERVICE\\MSSQLFDLauncher",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Default 'sa' account not present",
+          "id": "2814",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2814\",\n  \"Check\": \"Default 'sa' account not present\",\n  \"Details\": \"Account Name=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Account Name=sa",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS backup files access",
+          "id": "2865",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2865\",\n  \"Check\": \"DBMS backup files access\",\n  \"Details\": \"Allowed=NT SERVICE\\\\MSSQLSERVER;File path=E:\\\\MSSQL\\\\BACKUP\\\\AppDetective_backup_2021_02_16_031502_7146827.bak\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_16_031502_7146827.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_17_031505_6208319.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\AppDetective_backup_2021_02_18_031503_6796931.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_15_031503_1017047.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_16_031502_7459310.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_17_031505_6520841.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\da_backup_2021_02_18_031503_7109667.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_16_031502_7303082.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_17_031505_6208319.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\dw_backup_2021_02_18_031503_6953315.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_16_031502_7459310.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_17_031505_6364592.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\stg_backup_2021_02_18_031503_6953315.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_16_031502_6521743.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_17_031505_5427005.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\master_backup_2021_02_18_031503_6172001.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_16_031502_6990517.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_17_031505_5895757.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\model_backup_2021_02_18_031503_6484425.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_16_031502_6990517.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_17_031505_6052109.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Allowed=NT SERVICE\\MSSQLSERVER;File path=E:\\MSSQL\\BACKUP\\msdb_backup_2021_02_18_031503_6640718.bak",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CONTROL SERVER permission granted",
+          "id": "2877",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2877\",\n  \"Check\": \"CONTROL SERVER permission granted\",\n  \"Details\": \"Granted To=ORG\\\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user2;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user3;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\user4;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\SQLAdmins;Permission=CONTROL SERVER;Grantee Type=WINDOWS_GROUP;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=ORG\\svc1;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT Service\\MSSQLSERVER;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT SERVICE\\SQLSERVERAGENT;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT SERVICE\\SQLWriter;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Granted To=NT SERVICE\\Winmgmt;Permission=CONTROL SERVER;Grantee Type=WINDOWS_LOGIN;Granted through role=sysadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Non-DBA accounts with DDL privileges",
+          "id": "2920",
+          "desc": "Task : Audit; Check Category : Improper Access Controls",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Improper Access Controls\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2920\",\n  \"Check\": \"Non-DBA accounts with DDL privileges\",\n  \"Details\": \"Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_cpu_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_dac_execution_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_session_statistics_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_smo_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=DELETE;Schema Name=dbo;Object Name=sysutility_mi_volumes_stage_internal;Granted By=dbo;Granted To=UtilityIMRWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Database=msdb;Class=USER_TABLE;Permission=UPDATE;Schema Name=dbo;Object Name=sysssislog;Granted By=dbo;Granted To=db_ssisadmin",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Standard SQL Server authentication allowed",
+          "id": "2540",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2540\",\n  \"Check\": \"Standard SQL Server authentication allowed\",\n  \"Details\": \"Additional information=Standard Login allowed.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Standard Login allowed.",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Encryption of DBMS sensitive data in transit",
+          "id": "2759",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2759\",\n  \"Check\": \"Encryption of DBMS sensitive data in transit\",\n  \"Details\": \"ForceEncryption=False\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "ForceEncryption=False",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "The NT AUTHORITY\\SYSTEM account is used for administration",
+          "id": "2985",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2985\",\n  \"Check\": \"The NT AUTHORITY\\\\SYSTEM account is used for administration\",\n  \"Details\": \"Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\\\SYSTEM\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Permission=ALTER ANY AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Permission=CREATE AVAILABILITY GROUP;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Permission=VIEW SERVER STATE;User=NT AUTHORITY\\SYSTEM",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS privileged role assignments",
+          "id": "2819",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Informational\",\n  \"Check ID\": \"2819\",\n  \"Check\": \"DBMS privileged role assignments\",\n  \"Details\": \"Username=ORG\\\\user1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user2",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user3",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\user4",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\SQLAdmins",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=ORG\\svc1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT Service\\MSSQLSERVER",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT SERVICE\\SQLSERVERAGENT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT SERVICE\\SQLWriter",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Username=NT SERVICE\\Winmgmt",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Dedicated data file directories",
+          "id": "2770",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.3,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Low\",\n  \"Check ID\": \"2770\",\n  \"Check\": \"Dedicated data file directories\",\n  \"Details\": \"Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[AppDetective];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[da];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[dw];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[stg];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[master];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[model];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[msdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[AppDetective];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[da];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[dw];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[stg];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[master];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[model];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[msdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data partition (Database 2)=E:;Database 2=[tempdb];Database 1=[tempdb];Log partition (Database 1)=E:",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[master];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[model];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[master];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Data path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[model];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database 2=[msdb];Database 1=[msdb];Log path (Database 1)=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[da];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[dw];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[AppDetective];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[da];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\LOGS;Database 2=[stg];Database 1=[dw];Data path (Database 1)=E:\\MSSQL\\LOGS",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path (Database 2)=E:\\MSSQL\\TEMP;Database 2=[tempdb];Database 1=[tempdb];Log path (Database 1)=E:\\MSSQL\\TEMP",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[model]",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Master data path=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\DATA;Database=[msdb]",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Remote access allowed",
+          "id": "2545",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2545\",\n  \"Check\": \"Remote access allowed\",\n  \"Details\": \"Value in use=1;Name=remote access;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Value in use=1;Name=remote access;Value=1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Auditing of successful logins",
+          "id": "2569",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2569\",\n  \"Check\": \"Auditing of successful logins\",\n  \"Details\": \"Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Audit of successful logins is not performed by ERROR LOG or AUDIT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Auditing of failed logins",
+          "id": "2570",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2570\",\n  \"Check\": \"Auditing of failed logins\",\n  \"Details\": \"Additional information=Audit of failed logins is not performed by AUDIT\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Audit of failed logins is not performed by AUDIT",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "'sa' account has not been disabled",
+          "id": "2745",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2745\",\n  \"Check\": \"'sa' account has not been disabled\",\n  \"Details\": \"Status=Enabled;Login=sa\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Enabled;Login=sa",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database job/batch queue reviewing",
+          "id": "2780",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2780\",\n  \"Check\": \"Database job/batch queue reviewing\",\n  \"Details\": \"SQL Server job history record=DBBackups.FullBackup\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "SQL Server job history record=DBBackups.FullBackup",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "SQL Server job history record=syspolicy_purge_history",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "DBMS privileged action audit",
+          "id": "2826",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2826\",\n  \"Check\": \"DBMS privileged action audit\",\n  \"Details\": \"Value in use=1;Name=default trace enabled;Value=1\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Value in use=1;Name=default trace enabled;Value=1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "CHECK_EXPIRATION option",
+          "id": "2880",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2880\",\n  \"Check\": \"CHECK_EXPIRATION option\",\n  \"Details\": \"Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Disabled;Login=##MS_PolicyEventProcessingLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Disabled;Login=##MS_PolicyTsqlExecutionLogin##;Password expiration checked=Disabled;Is SYSADMIN=No;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Status=Enabled;Login=sa;Password expiration checked=Disabled;Is SYSADMIN=Yes;Password policy checked=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Database not encrypted",
+          "id": "2897",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2897\",\n  \"Check\": \"Database not encrypted\",\n  \"Details\": \"Is Encrypted=false;Database=AppDetective\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=AppDetective",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=da",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=dw",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Is Encrypted=false;Database=stg",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit concurrent logons",
+          "id": "2935",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2935\",\n  \"Check\": \"Audit concurrent logons\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit unsuccessful attempts to execute privileged activities",
+          "id": "2936",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2936\",\n  \"Check\": \"Audit unsuccessful attempts to execute privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Audit privileged activities",
+          "id": "2937",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2937\",\n  \"Check\": \"Audit privileged activities\",\n  \"Details\": \"Additional information=No AUDIT was found\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=No AUDIT was found",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Generate audit records for important events",
+          "id": "2962",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2962\",\n  \"Check\": \"Generate audit records for important events\",\n  \"Details\": \"Additional information=Found no acceptable server audit specification.\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=Found no acceptable server audit specification.",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Customer Feedback and Error Reporting",
+          "id": "2975",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2975\",\n  \"Check\": \"Customer Feedback and Error Reporting\",\n  \"Details\": \"EnableErrorReporting=Enabled;CustomerFeedback=Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "EnableErrorReporting=Enabled;CustomerFeedback=Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Server audit startup",
+          "id": "2992",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2992\",\n  \"Check\": \"Server audit startup\",\n  \"Details\": \"Additional information=There are no server audits that automatically start during system start-up\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=There are no server audits that automatically start during system start-up",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Use of an approved TLS version",
+          "id": "2995",
+          "desc": "Task : Audit; Check Category : Misconfigurations",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Misconfigurations\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2995\",\n  \"Check\": \"Use of an approved TLS version\",\n  \"Details\": \"Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 2.0\\\\Client\\\\Enabled\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 2.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Client\\Enabled",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 2.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 2.0\\Server\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 3.0 for Client is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Client\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=SSL 3.0 for Server is not disabled;Missing registry key=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\SSL 3.0\\Server\\DisabledByDefault",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=TLS 1.0 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.0",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=TLS 1.1 is not disabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.1",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Additional information=TLS 1.2 is not enabled;Missing registry path=HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\Protocols\\TLS 1.2",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Permissions on error log folder",
+          "id": "2869",
+          "desc": "Task : Audit; Check Category : Operating System Issues",
+          "impact": 0.5,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Operating System Issues\",\n  \"Risk DV\": \"Medium\",\n  \"Check ID\": \"2869\",\n  \"Check\": \"Permissions on error log folder\",\n  \"Details\": \"Grantee=NT SERVICE\\\\MSSQLFDLauncher;File Name=E:\\\\MSSQL\\\\DATA\\\\MSSQL13.MSSQLSERVER\\\\MSSQL\\\\LOG\\\\;Permission=CreateFiles\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=CreateFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadData",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLFDLauncher;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ChangePermissions",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Modify",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\MSSQLSERVER;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=TakeOwnership",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.1;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.2;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.3;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.4;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.5;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.6;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.7;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.8;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG.9;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\ERRORLOG;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.1;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.2;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.3;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.4;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.5;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG.6;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=DeleteSubdirectoriesAndFiles",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=ReadAndExecute",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            },
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Grantee=NT SERVICE\\SQLSERVERAGENT;File Name=E:\\MSSQL\\DATA\\MSSQL13.MSSQLSERVER\\MSSQL\\LOG\\FDLAUNCHERRORLOG;Permission=Write",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        },
+        {
+          "tags": {
+            "nist": [
+              "SA-11",
+              "RA-5"
+            ],
+            "cci": [
+              "CCI-003173",
+              "CCI-001643"
+            ]
+          },
+          "refs": [],
+          "source_location": {},
+          "title": "Service pack not applied on time",
+          "id": "2888",
+          "desc": "Task : Audit; Check Category : Patchable Vulnerabilities",
+          "impact": 0.7,
+          "code": "{\n  \"Organization\": \"Sample Organization Server\",\n  \"Task\": \"Audit\",\n  \"Asset Type\": \"Microsoft SQL Server\",\n  \"Asset\": \"HOST1\",\n  \"IP Address, Port, Instance\": \"192.168.1.200, 1433, MSSQLSERVER\",\n  \"Job Name\": \"Sample scan report generation\",\n  \"Start Date\": \"2021-02-18 15:55\",\n  \"End Date\": {\n    \"nil\": \"true\"\n  },\n  \"Policy\": \"DISA-STIG SQL Server 2016 V2R1-1 Audit (Built-In)\",\n  \"Check Category\": \"Patchable Vulnerabilities\",\n  \"Risk DV\": \"High\",\n  \"Check ID\": \"2888\",\n  \"Check\": \"Service pack not applied on time\",\n  \"Details\": \"Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2\",\n  \"Date\": \"Feb 18 2021 15:57\"\n}",
+          "results": [
+            {
+              "arrayTransformer": {},
+              "status": "skipped",
+              "code_desc": "Installed Service pack=1;Days allowed for service pack installation=90;Database Version=13.0.4604.0;Days passed from installed service pack release=1555;Days passed from needed service pack release=1031;Service pack to install=2",
+              "start_time": "Feb 18 2021 15:57",
+              "backtrace": []
+            }
+          ]
+        }
+      ],
+      "sha256": "815246a7648d6c2874d50dd8100d8689fbb18094dee50d82fcb94465ce4db422"
+    }
+  ],
+  "passthrough": {}
+}
\ No newline at end of file
diff --git a/test/sample_data/thresholds/red_hat_good.counts.good.yml b/test/sample_data/thresholds/red_hat_good.counts.good.yml
index 4ea63a7ef..891f0d7fb 100644
--- a/test/sample_data/thresholds/red_hat_good.counts.good.yml
+++ b/test/sample_data/thresholds/red_hat_good.counts.good.yml
@@ -45,6 +45,14 @@ error:
   total:
     max: 1
 no_impact:
+  critical:
+    max: 0
+  high:
+    max: 0
+  medium:
+    max: 0
+  low:
+    max: 0
   none:
     max: 24
   total:
diff --git a/test/sample_data/thresholds/rhel-8_hardened.counts.bad.noimpactHigh.yml b/test/sample_data/thresholds/rhel-8_hardened.counts.bad.noimpactHigh.yml
new file mode 100644
index 000000000..bc8311bed
--- /dev/null
+++ b/test/sample_data/thresholds/rhel-8_hardened.counts.bad.noimpactHigh.yml
@@ -0,0 +1,59 @@
+compliance:
+  max: 66
+passed:
+  critical:
+    max: 0
+  high:
+    max: 11
+  medium:
+    max: 208
+  low:
+    max: 8
+  total:
+    min: 227
+failed:
+  critical:
+    max: 0
+  high:
+    max: 6
+  medium:
+    max: 87
+  low:
+    max: 19
+  total:
+    max: 112
+skipped:
+  critical:
+    max: 0
+  high:
+    max: 1
+  medium:
+    max: 1
+  low:
+    max: 1
+  total:
+    max: 3
+error:
+  critical:
+    max: 0
+  high:
+    max: 0
+  medium:
+    max: 0
+  low:
+    max: 0
+  total:
+    max: 0
+no_impact:
+  critical:
+    max: 0
+  high:
+    max: 2 # Expect to cause failure 
+  medium:
+    max: 30
+  low:
+    max: 0
+  none:
+    max: 1
+  total:
+    max: 33
diff --git a/test/sample_data/thresholds/rhel-8_hardened.counts.good.exact.yml b/test/sample_data/thresholds/rhel-8_hardened.counts.good.exact.yml
new file mode 100644
index 000000000..5f3fde579
--- /dev/null
+++ b/test/sample_data/thresholds/rhel-8_hardened.counts.good.exact.yml
@@ -0,0 +1,81 @@
+compliance:
+  min: 66
+  max: 66
+passed:
+  critical:
+    min: 0
+    max: 0
+  high:
+    min: 11
+    max: 11
+  medium:
+    min: 208
+    max: 208
+  low:
+    min: 8
+    max: 8
+  total:
+    min: 227
+failed:
+  critical:
+    min: 0
+    max: 0
+  high:
+    min: 6
+    max: 6
+  medium:
+    min: 87
+    max: 87
+  low:
+    min: 19
+    max: 19
+  total:
+    max: 112
+skipped:
+  critical:
+    min: 0
+    max: 0
+  high:
+    min: 1
+    max: 1
+  medium:
+    min: 1
+    max: 1
+  low:
+    min: 1
+    max: 1
+  total:
+    max: 3
+error:
+  critical:
+    min: 0
+    max: 0
+  high:
+    min: 0
+    max: 0
+  medium:
+    min: 0
+    max: 0
+  low:
+    min: 0
+    max: 0
+  total:
+    max: 0
+no_impact:
+  critical:
+    min: 0
+    max: 0
+  high:
+    min: 3
+    max: 3
+  medium:
+    min: 30
+    max: 30
+  low:
+    min: 0
+    max: 0
+  none:
+    min: 0
+    max: 0
+  total:
+    max: 33
diff --git a/test/sample_data/utils/ohdf/calculations/calculateSeverityCounts.sample b/test/sample_data/utils/ohdf/calculations/calculateSeverityCounts.sample
index f7ee8db9e..d5b5f0e7f 100644
--- a/test/sample_data/utils/ohdf/calculations/calculateSeverityCounts.sample
+++ b/test/sample_data/utils/ohdf/calculations/calculateSeverityCounts.sample
@@ -24,6 +24,10 @@
     "low": 0
   },
   "no_impact": {
-    "none": 33
+    "critical": 0,
+    "high": 3,
+    "medium": 30,
+    "low": 0,
+    "none": 0
   }
 }
diff --git a/test/sample_data/utils/ohdf/calculations/calculateSummariesForExecJSONs.sample b/test/sample_data/utils/ohdf/calculations/calculateSummariesForExecJSONs.sample
index f5dad7c0c..c7efc727c 100644
--- a/test/sample_data/utils/ohdf/calculations/calculateSummariesForExecJSONs.sample
+++ b/test/sample_data/utils/ohdf/calculations/calculateSummariesForExecJSONs.sample
@@ -1 +1,42 @@
-{"redhat-enterprise-linux-8-stig-baseline":[{"passed":{"critical":0,"high":11,"medium":208,"low":8,"total":227},"failed":{"critical":0,"high":6,"medium":87,"low":19,"total":112},"skipped":{"critical":0,"high":1,"medium":1,"low":1,"total":3},"error":{"critical":0,"high":0,"medium":0,"low":0,"total":0},"no_impact":{"none":33,"total":33}}]}
+{
+  "redhat-enterprise-linux-8-stig-baseline": [
+    {
+      "passed": {
+        "critical": 0,
+        "high": 11,
+        "medium": 208,
+        "low": 8,
+        "total": 227
+      },
+      "failed": {
+        "critical": 0,
+        "high": 6,
+        "medium": 87,
+        "low": 19,
+        "total": 112
+      },
+      "skipped": {
+        "critical": 0,
+        "high": 1,
+        "medium": 1,
+        "low": 1,
+        "total": 3
+      },
+      "error": {
+        "critical": 0,
+        "high": 0,
+        "medium": 0,
+        "low": 0,
+        "total": 0
+      },
+      "no_impact": {
+        "critical": 0,
+        "high": 3,
+        "medium": 30,
+        "low": 0,
+        "none": 0,
+        "total": 33
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/test/sample_data/utils/ohdf/calculations/calculateTotalCounts.sample b/test/sample_data/utils/ohdf/calculations/calculateTotalCounts.sample
index e59be538d..8c09c1ef5 100644
--- a/test/sample_data/utils/ohdf/calculations/calculateTotalCounts.sample
+++ b/test/sample_data/utils/ohdf/calculations/calculateTotalCounts.sample
@@ -29,7 +29,11 @@
       "total": 0
     },
     "no_impact": {
-      "none": 33,
+      "critical": 0,
+      "high": 3,
+      "medium": 30,
+      "low": 0,
+      "none": 0,
       "total": 33
     }
   }
diff --git a/test/sample_data/utils/ohdf/calculations/calculateTotalCountsForSummaries.sample b/test/sample_data/utils/ohdf/calculations/calculateTotalCountsForSummaries.sample
index 4c4fcc93b..399c7a903 100644
--- a/test/sample_data/utils/ohdf/calculations/calculateTotalCountsForSummaries.sample
+++ b/test/sample_data/utils/ohdf/calculations/calculateTotalCountsForSummaries.sample
@@ -1 +1,40 @@
-{"redhat-enterprise-linux-8-stig-baseline":{"passed":{"critical":0,"high":11,"medium":208,"low":8,"total":227},"failed":{"critical":0,"high":6,"medium":87,"low":19,"total":112},"skipped":{"critical":0,"high":1,"medium":1,"low":1,"total":3},"error":{"critical":0,"high":0,"medium":0,"low":0,"total":0},"no_impact":{"none":33,"total":33}}}
+{
+  "redhat-enterprise-linux-8-stig-baseline": {
+    "passed": {
+      "critical": 0,
+      "high": 11,
+      "medium": 208,
+      "low": 8,
+      "total": 227
+    },
+    "failed": {
+      "critical": 0,
+      "high": 6,
+      "medium": 87,
+      "low": 19,
+      "total": 112
+    },
+    "skipped": {
+      "critical": 0,
+      "high": 1,
+      "medium": 1,
+      "low": 1,
+      "total": 3
+    },
+    "error": {
+      "critical": 0,
+      "high": 0,
+      "medium": 0,
+      "low": 0,
+      "total": 0
+    },
+    "no_impact": {
+      "critical": 0,
+      "high": 3,
+      "medium": 30,
+      "low": 0,
+      "none": 0,
+      "total": 33
+    }
+  }
+}
\ No newline at end of file